Trojaner-Board - snap.do

Code:
ComboFix 13-06-08.01 - *** 08.06.2013  18:21:42.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1031.18.4078.1738 [GMT 2:00]

Running from: c:\users\***.L775-125\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 * Created a new restore point

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Common Files\icon1.ico

c:\program files (x86)\Proxomitron\Proxomitron.exe

c:\users\***.L775-125\AppData\Roaming\Microsoft\~DFK9b4fc.tmp

c:\users\***.L775-125\AppData\Roaming\Microsoft\1eaadjc.dll

c:\users\***.L775-125\AppData\Roaming\Microsoft\bass.dll

c:\users\***.L775-125\AppData\Roaming\Microsoft\kfgresk.dll

c:\users\***.L775-125\AppData\Roaming\Microsoft\mjcriu.dll

c:\users\***.L775-125\AppData\Roaming\Microsoft\peaadje.dll

c:\users\***.L775-125\AppData\Roaming\Microsoft\qwadjb.dll

c:\users\***.L775-125\AppData\Roaming\Microsoft\rsaadjd.dll

c:\users\***.L775-125\AppData\Roaming\yuvcodecs-1.3.exe

c:\windows\systen32

c:\windows\SysWow64\frapsvid.dll

.

.

(((((((((((((((((((((((((   Files Created from 2013-05-08 to 2013-06-08  )))))))))))))))))))))))))))))))

.

.

2013-06-08 15:03 . 2013-05-13 06:37        9460464        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4A81A055-E467-4F48-B193-14CA4C82E379}\mpengine.dll

2013-06-08 14:47 . 2007-10-22 16:02        119296        ----a-w-        c:\windows\SysWow64\huffyuv_mt.dll

2013-06-08 11:55 . 2000-08-24 00:00        33280        ----a-w-        c:\windows\system32\HUFFYUV.DLL

2013-06-07 12:16 . 2013-05-13 06:37        9460464        ----a-w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-06-05 17:27 . 2013-06-05 17:28        --------        d-----w-        c:\users\Standardbenutzer\AppData\Roaming\XMedia Recode

2013-06-05 17:06 . 2013-06-05 17:06        --------        d-----w-        c:\program files (x86)\XMedia Recode

2013-06-04 16:48 . 2013-06-04 17:20        --------        d-----w-        c:\users\Standardbenutzer\AppData\Roaming\avidemux

2013-05-25 15:08 . 2013-05-25 15:08        290816        ------w-        c:\windows\Setup1.exe

2013-05-25 15:08 . 2013-05-25 15:08        74752        ----a-w-        c:\windows\ST6UNST.EXE

2013-05-25 11:43 . 2013-05-25 11:43        --------        d-----w-        c:\program files (x86)\Hamster Soft

2013-05-25 05:45 . 2013-05-11 22:27        262552        ----a-w-        c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll

2013-05-22 16:30 . 2013-05-22 16:29        964552        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{06E840A2-00AF-45A2-AF5F-E0F917FC391B}\gapaengine.dll

2013-05-18 09:36 . 2013-05-18 09:36        --------        d-----w-        c:\program files (x86)\Xiph.Org

2013-05-18 09:18 . 2013-05-18 09:18        --------        d-----w-        c:\program files (x86)\Common Files\Java

2013-05-18 09:16 . 2013-04-04 03:35        95648        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-05-15 12:58 . 2013-05-15 12:58        9195912        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe

2013-05-15 07:06 . 2013-04-05 04:43        2706432        ----a-w-        c:\windows\system32\mshtml.tlb

2013-05-15 07:06 . 2013-04-05 04:29        2706432        ----a-w-        c:\windows\SysWow64\mshtml.tlb

2013-05-15 07:06 . 2013-04-05 06:52        51712        ----a-w-        c:\windows\system32\ie4uinit.exe

2013-05-15 07:06 . 2013-04-05 06:51        278528        ----a-w-        c:\program files\Internet Explorer\sqmapi.dll

2013-05-15 07:06 . 2013-04-05 06:50        526336        ----a-w-        c:\windows\system32\ieui.dll

2013-05-15 07:06 . 2013-04-05 05:27        217600        ----a-w-        c:\program files (x86)\Internet Explorer\sqmapi.dll

2013-05-15 07:06 . 2013-04-05 05:26        257536        ----a-w-        c:\program files (x86)\Internet Explorer\ieproxy.dll

2013-05-15 01:29 . 2013-04-10 06:01        983400        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys

2013-05-15 01:29 . 2013-04-10 06:01        265064        ----a-w-        c:\windows\system32\drivers\dxgmms1.sys

2013-05-15 01:29 . 2011-02-03 11:25        144384        ----a-w-        c:\windows\system32\cdd.dll

2013-05-15 01:29 . 2013-04-10 03:30        3153920        ----a-w-        c:\windows\system32\win32k.sys

2013-05-15 01:29 . 2013-03-19 05:53        230400        ----a-w-        c:\windows\system32\wwansvc.dll

2013-05-15 01:29 . 2013-03-19 05:53        48640        ----a-w-        c:\windows\system32\wwanprotdim.dll

2013-05-15 01:28 . 2013-02-27 05:52        14172672        ----a-w-        c:\windows\system32\shell32.dll

2013-05-15 01:28 . 2013-02-27 05:52        197120        ----a-w-        c:\windows\system32\shdocvw.dll

2013-05-15 01:28 . 2013-02-27 05:48        1930752        ----a-w-        c:\windows\system32\authui.dll

2013-05-15 01:28 . 2013-02-27 06:02        111448        ----a-w-        c:\windows\system32\consent.exe

2013-05-15 01:28 . 2013-02-27 05:47        70144        ----a-w-        c:\windows\system32\appinfo.dll

2013-05-15 01:28 . 2013-02-27 04:49        1796096        ----a-w-        c:\windows\SysWow64\authui.dll

2013-05-10 07:57 . 2013-05-10 07:57        187456        ----a-w-        c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-15 12:58 . 2012-08-22 15:25        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-15 12:58 . 2012-08-22 15:25        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2013-05-15 07:11 . 2011-08-28 10:09        75016696        ----a-w-        c:\windows\system32\MRT.exe

2013-05-02 15:29 . 2010-11-21 03:27        278800        ------w-        c:\windows\system32\MpSigStub.exe

2013-04-23 17:26 . 2012-07-04 16:24        905296        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll

2013-04-13 05:49 . 2013-05-15 01:29        135168        ----a-w-        c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49 . 2013-05-15 01:29        350208        ----a-w-        c:\windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49 . 2013-05-15 01:29        308736        ----a-w-        c:\windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49 . 2013-05-15 01:29        111104        ----a-w-        c:\windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45 . 2013-05-15 01:29        474624        ----a-w-        c:\windows\apppatch\AcSpecfc.dll

2013-04-13 04:45 . 2013-05-15 01:29        2176512        ----a-w-        c:\windows\apppatch\AcGenral.dll

2013-04-12 14:45 . 2013-04-23 17:21        1656680        ----a-w-        c:\windows\system32\drivers\ntfs.sys

2013-04-02 14:09 . 2013-04-02 14:09        4550656        ----a-w-        c:\windows\SysWow64\GPhotos.scr

2013-03-29 11:45 . 2012-07-05 17:27        861088        ----a-w-        c:\windows\SysWow64\npdeployJava1.dll

2013-03-29 11:45 . 2011-03-07 15:05        782240        ----a-w-        c:\windows\SysWow64\deployJava1.dll

2013-03-22 02:02 . 2013-03-22 02:02        1054720        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe

2013-03-22 02:02 . 2013-03-22 02:02        719360        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll

2013-03-22 02:02 . 2013-03-22 02:02        523264        ----a-w-        c:\windows\SysWow64\vbscript.dll

2013-03-22 02:02 . 2013-03-22 02:02        38400        ----a-w-        c:\windows\SysWow64\imgutil.dll

2013-03-22 02:02 . 2013-03-22 02:02        226304        ----a-w-        c:\windows\system32\elshyph.dll

2013-03-22 02:02 . 2013-03-22 02:02        185344        ----a-w-        c:\windows\SysWow64\elshyph.dll

2013-03-22 02:02 . 2013-03-22 02:02        158720        ----a-w-        c:\windows\SysWow64\msls31.dll

2013-03-22 02:02 . 2013-03-22 02:02        150528        ----a-w-        c:\windows\SysWow64\iexpress.exe

2013-03-22 02:02 . 2013-03-22 02:02        138752        ----a-w-        c:\windows\SysWow64\wextract.exe

2013-03-22 02:02 . 2013-03-22 02:02        137216        ----a-w-        c:\windows\SysWow64\ieUnatt.exe

2013-03-22 02:02 . 2013-03-22 02:02        12800        ----a-w-        c:\windows\SysWow64\mshta.exe

2013-03-22 02:02 . 2013-03-22 02:02        110592        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll

2013-03-22 02:02 . 2013-03-22 02:02        73728        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe

2013-03-22 02:02 . 2013-03-22 02:02        61952        ----a-w-        c:\windows\SysWow64\tdc.ocx

2013-03-22 02:02 . 2013-03-22 02:02        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll

2013-03-22 02:02 . 2013-03-22 02:02        361984        ----a-w-        c:\windows\SysWow64\html.iec

2013-03-22 02:02 . 2013-03-22 02:02        23040        ----a-w-        c:\windows\SysWow64\licmgr10.dll

2013-03-22 02:02 . 2013-03-22 02:02        216064        ----a-w-        c:\windows\system32\msls31.dll

2013-03-22 02:02 . 2013-03-22 02:02        197120        ----a-w-        c:\windows\system32\msrating.dll

2013-03-22 02:02 . 2013-03-22 02:02        1441280        ----a-w-        c:\windows\SysWow64\inetcpl.cpl

2013-03-22 02:02 . 2013-03-22 02:02        97280        ----a-w-        c:\windows\system32\mshtmled.dll

2013-03-22 02:02 . 2013-03-22 02:02        905728        ----a-w-        c:\windows\system32\mshtmlmedia.dll

2013-03-22 02:02 . 2013-03-22 02:02        81408        ----a-w-        c:\windows\system32\icardie.dll

2013-03-22 02:02 . 2013-03-22 02:02        762368        ----a-w-        c:\windows\system32\ieapfltr.dll

2013-03-22 02:02 . 2013-03-22 02:02        62976        ----a-w-        c:\windows\system32\pngfilt.dll

2013-03-22 02:02 . 2013-03-22 02:02        599552        ----a-w-        c:\windows\system32\vbscript.dll

2013-03-22 02:02 . 2013-03-22 02:02        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll

2013-03-22 02:02 . 2013-03-22 02:02        51200        ----a-w-        c:\windows\system32\imgutil.dll

2013-03-22 02:02 . 2013-03-22 02:02        452096        ----a-w-        c:\windows\system32\dxtmsft.dll

2013-03-22 02:02 . 2013-03-22 02:02        441856        ----a-w-        c:\windows\system32\html.iec

2013-03-22 02:02 . 2013-03-22 02:02        281600        ----a-w-        c:\windows\system32\dxtrans.dll

2013-03-22 02:02 . 2013-03-22 02:02        27648        ----a-w-        c:\windows\system32\licmgr10.dll

2013-03-22 02:02 . 2013-03-22 02:02        270848        ----a-w-        c:\windows\system32\iedkcs32.dll

2013-03-22 02:02 . 2013-03-22 02:02        247296        ----a-w-        c:\windows\system32\webcheck.dll

2013-03-22 02:02 . 2013-03-22 02:02        235008        ----a-w-        c:\windows\system32\url.dll

2013-03-22 02:02 . 2013-03-22 02:02        173568        ----a-w-        c:\windows\system32\ieUnatt.exe

2013-03-22 02:02 . 2013-03-22 02:02        167424        ----a-w-        c:\windows\system32\iexpress.exe

2013-03-22 02:02 . 2013-03-22 02:02        1509376        ----a-w-        c:\windows\system32\inetcpl.cpl

2013-03-22 02:02 . 2013-03-22 02:02        149504        ----a-w-        c:\windows\system32\occache.dll

2013-03-22 02:02 . 2013-03-22 02:02        144896        ----a-w-        c:\windows\system32\wextract.exe

2013-03-22 02:02 . 2013-03-22 02:02        1400416        ----a-w-        c:\windows\system32\ieapfltr.dat

2013-03-22 02:02 . 2013-03-22 02:02        13824        ----a-w-        c:\windows\system32\mshta.exe

2013-03-22 02:02 . 2013-03-22 02:02        136192        ----a-w-        c:\windows\system32\iepeers.dll

2013-03-22 02:02 . 2013-03-22 02:02        135680        ----a-w-        c:\windows\system32\IEAdvpack.dll

2013-03-22 02:02 . 2013-03-22 02:02        12800        ----a-w-        c:\windows\system32\msfeedssync.exe

2013-03-22 02:02 . 2013-03-22 02:02        102912        ----a-w-        c:\windows\system32\inseng.dll

2013-03-22 02:02 . 2013-03-22 02:02        92160        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe

2013-03-22 02:02 . 2013-03-22 02:02        77312        ----a-w-        c:\windows\system32\tdc.ocx

2013-03-22 02:02 . 2013-03-22 02:02        48640        ----a-w-        c:\windows\system32\mshtmler.dll

2013-03-19 06:04 . 2013-04-10 17:56        5550424        ----a-w-        c:\windows\system32\ntoskrnl.exe

2013-03-19 05:46 . 2013-04-10 17:56        43520        ----a-w-        c:\windows\system32\csrsrv.dll

2013-03-19 05:04 . 2013-04-10 17:56        3968856        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04 . 2013-04-10 17:56        3913560        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47 . 2013-04-10 17:56        6656        ----a-w-        c:\windows\SysWow64\apisetschema.dll

2013-03-19 03:06 . 2013-04-10 17:56        112640        ----a-w-        c:\windows\system32\smss.exe

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-02-18 845176]

"DeskDriveStartup"="c:\program files\Blue Onion Software\DeskDrive\DeskDrive.exe" [2012-02-08 66048]

"ccleaner"="c:\program files\CCleaner\CCleaner64.exe" [2013-05-24 6154008]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2013-05-10 37960]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736]

"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2011-02-23 371200]

"NSU_agent"="c:\program files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2012-02-28 190768]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-02-18 845176]

.

c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

FreeSnap.lnk - c:\windows\Installer\{7597308C-76AE-4956-9B1F-178371472EC6}\_3140101354E6656315A18E.exe [2012-8-17 1078]

Proxomitron.lnk - c:\program files (x86)\Proxomitron\Proxomitron.exe [N/A]

TomPad.lnk - c:\windows\Installer\{A75BA2C2-7769-4AF5-9E70-80D940FD9B55}\_4ae13d6c.exe [2011-8-28 766]

.

c:\users\***.L775-125\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

BGInfo.lnk - c:\program files (x86)\Bginfo\Bginfo.exe [2009-9-30 844648]

FreeSnap.lnk - c:\windows\Installer\{7597308C-76AE-4956-9B1F-178371472EC6}\_5D1C244272446E50A9B2C5.exe [2012-8-17 1078]

Proxomitron.lnk - c:\program files (x86)\Proxomitron\Proxomitron.exe [N/A]

TomPad.lnk - c:\windows\Installer\{A75BA2C2-7769-4AF5-9E70-80D940FD9B55}\_4ae13d6c.exe [2011-8-28 766]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

LoopBe1 Monitor.lnk - c:\program files (x86)\nerds.de\LoopBe1\loopBeMon.exe [2011-4-9 273024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer4"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 cpuz134;cpuz134;c:\users\STEFAN~1.L77\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\STEFAN~1.L77\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]

R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]

R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]

R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsucx64.sys [x]

R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

R3 synusb64;eLicenser;c:\windows\system32\DRIVERS\synusb64.sys;c:\windows\SYSNATIVE\DRIVERS\synusb64.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

S0 BMLoad;Bytemobile Boot Time Load Driver;c:\windows\system32\drivers\BMLoad.sys;c:\windows\SYSNATIVE\drivers\BMLoad.sys [x]

S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]

S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]

S2 GFNEXSrv;GFNEX Service;c:\ubios\GFNEXSrv.exe;c:\ubios\GFNEXSrv.exe [x]

S2 MCSWASVR;Mediencenter Service;c:\program files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe;c:\program files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]

S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]

S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]

S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]

S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]

S3 RDID1016;SD-90;c:\windows\system32\Drivers\rdwm1016.sys;c:\windows\SYSNATIVE\Drivers\rdwm1016.sys [x]

S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]

S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]

S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]

S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 94652922

*NewlyCreated* - KWDYAPOD

*Deregistered* - 94652922

*Deregistered* - kwdyapod

.

Contents of the 'Scheduled Tasks' folder

.

2013-06-08 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-22 12:58]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy2]

@="{747E722C-CB46-4a9d-BDFE-192AAD5099B1}"

[HKEY_CLASSES_ROOT\CLSID\{747E722C-CB46-4a9d-BDFE-192AAD5099B1}]

2013-01-23 14:12        6376776        ----a-w-        c:\program files\MozyHome\mozyshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\mozy3]

@="{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}"

[HKEY_CLASSES_ROOT\CLSID\{EE6F5A00-7898-40f7-AB77-51FF9D6DEB20}]

2013-01-23 14:12        6376776        ----a-w-        c:\program files\MozyHome\mozyshell.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2011-02-10 1546720]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-12 11775592]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-10 2186856]

"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-12-08 710040]

"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]

"{73526E5A-FD53-4BE7-B5E2-D3C89D7413DC}"= "c:\windows\W7FBC\dll.dll" [2011-09-01 211968]

"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uSearchAssistant = hxxp://www.google.com

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: {{C7883BD1-C06B-4f9e-BA96-0D8C5DE373D9} - c:\program files (x86)\Xmlbar\Video Joiner\FlvJoiner(xmlbar).exe

TCP: DhcpNameServer = 192.168.2.1 192.168.2.1

FF - ProfilePath - c:\users\***.L775-125\AppData\Roaming\Mozilla\Firefox\Profiles\edc3fq22.default\

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: keyword.URL - hxxp://feed.snap.do/?publisher=SnapdoEMonYB&dpid=SnapdoEMonYB&co=DE&userid=626efacc-2939-4b20-b0d8-7944bc1b6208&searchtype=ds&installDate=18/05/2013&q=

FF - prefs.js: network.proxy.ftp - 127.0.0.1

FF - prefs.js: network.proxy.ftp_port - 8080

FF - prefs.js: network.proxy.http - 127.0.0.1

FF - prefs.js: network.proxy.http_port - 8080

FF - prefs.js: network.proxy.socks - 127.0.0.1

FF - prefs.js: network.proxy.socks_port - 8080

FF - prefs.js: network.proxy.ssl - 127.0.0.1

FF - prefs.js: network.proxy.ssl_port - 8080

FF - prefs.js: network.proxy.type - 1

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe

HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE

HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe

HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe

HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe

AddRemove-HelixYUVCodecs - c:\windows\system32\uninstHelixYUV.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"cd042efbbd7f7af1647644e76e06692b"=hex:c8,28,51,af,b0,29,a3,98,a3,1e,33,79,33,

   7d,10,81,e2,63,26,f1,3f,c8,ff,68,5e,fc,e7,25,67,51,fc,27,e2,63,26,f1,3f,c8,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"bca643cdc5c2726b20d2ecedcc62c59b"=hex:46,47,15,b0,92,4b,c7,ef,5f,f7,2f,66,9f,

   e1,c5,1b,6a,9c,d6,61,af,45,84,18,49,50,19,4e,fd,53,70,fe,6a,9c,d6,61,af,45,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,bb,bf,90,14,23,

   9f,bb,e8,ff,7c,85,e0,43,d4,0e,fe,11,0f,23,c5,c5,4b,9b,21,ff,7c,85,e0,43,d4,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"2582ae41fb52324423be06337561aa48"=hex:3e,1e,9e,e0,57,5a,93,61,53,0b,34,07,e8,

   ab,19,b5,86,8c,21,01,be,91,eb,e7,a7,b2,cd,37,0c,c8,bf,54,86,8c,21,01,be,91,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,20,b9,3d,ab,e3,

   ad,8f,48,f5,1d,4d,73,a8,13,5c,05,48,cd,15,00,04,06,d9,c1,f5,1d,4d,73,a8,13,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,4d,d8,09,99,4d,

   28,7e,1d,df,20,58,62,78,6b,cf,c8,f3,11,7a,05,db,20,7d,ed,df,20,58,62,78,6b,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"4d370831d2c43cd13623e232fed27b7b"=hex:31,77,e1,ba,b1,f8,68,02,f6,28,40,48,23,

   0f,1b,6e,fb,a7,78,e6,12,2f,9a,ea,54,b7,0c,f9,ac,dd,3b,fc,fb,a7,78,e6,12,2f,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"1d68fe701cdea33e477eb204b76f993d"=hex:83,6c,56,8b,a0,85,96,ab,c0,06,5a,21,03,

   fc,c7,75,01,3a,48,fc,e8,04,4a,f1,55,1f,a7,46,9a,8e,93,35,01,3a,48,fc,e8,04,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,63,f5,fa,15,43,

   32,a8,fc,f6,0f,4e,58,98,5b,89,c9,95,c1,a7,c5,3c,db,aa,71,f6,0f,4e,58,98,5b,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"f5f62a6129303efb32fbe080bb27835b"=hex:37,a4,aa,c3,a6,15,56,0a,38,df,c2,92,e8,

   02,c4,31,3d,ce,ea,26,2d,45,aa,78,29,4b,81,fd,4f,99,01,65,3d,ce,ea,26,2d,45,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:e3,0e,66,d5,eb,bc,2f,6b,7c,e0,b1,46,99,

   6a,84,ac,2a,b7,cc,b5,b9,7f,41,e7,c0,8c,7b,0e,9b,dd,87,8b,2a,b7,cc,b5,b9,7f,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\Windows\\SysWow64\\OLE32.DLL"

"8a8aec57dd6508a385616fbc86791ec2"=hex:6c,43,2d,1e,aa,22,2f,9c,27,ec,b5,60,0b,

   d5,69,81,6c,43,2d,1e,aa,22,2f,9c,6e,f3,28,3f,cc,eb,a3,bf,6c,43,2d,1e,aa,22,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-06-08  18:29:32

ComboFix-quarantined-files.txt  2013-06-08 16:29

.

Pre-Run: 11 Verzeichnis(se), 63.026.868.224 Bytes frei

Post-Run: 14 Verzeichnis(se), 62.557.921.280 Bytes frei

.

- - End Of File - - 51B154C2FDD173E58CC4138FA13934CA