Scribd
Upload
171 views17 pages

Combo Fix

The ComboFix log file documents the removal of various files and folders from the system between March 16th and April 16th. It also lists files created during that period, including temporary folders and updated system files. The Find3M report shows various Adobe, Intel, Realtek, and Windows files with recent last modified dates. In summary, the log captures system cleanup activities and updates over the past month.

Uploaded by

Tech-savvy Girisha
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
171 views17 pages

Combo Fix

The ComboFix log file documents the removal of various files and folders from the system between March 16th and April 16th. It also lists files created during that period, including temporary folders and updated system files. The Find3M report shows various Adobe, Intel, Realtek, and Windows files with recent last modified dates. In summary, the log captures system cleanup activities and updates over the past month.

Uploaded by

Tech-savvy Girisha
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 17

ComboFix 15-04-16.01 - GNA 16/04/2015 14:35:32.4.

4 - x64
Microsoft Windows 7 Home Basic 6.1.7601.1.1252.91.1033.18.2990.1284 [GMT 5.5:30]
Running from: c:\users\GNA\Desktop\Navodaya\ComboFix.exe
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other
Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
c:\programdata\ntuser.pol
.
.
((((((((((((((((((((((((( Files Created from 2015-03-16 to 2015-04-
16 )))))))))))))))))))))))))))))))
.
.
2015-04-16 09:23 . 2015-04-16 09:23 -------- d-----w-
c:\users\Public\AppData\Local\temp
2015-04-16 09:23 . 2015-04-16 09:23 -------- d-----w-
c:\users\DefaultAppPool\AppData\Local\temp
2015-04-16 09:23 . 2015-04-16 09:23 -------- d-----w-
c:\users\Default\AppData\Local\temp
2015-04-16 09:23 . 2015-04-16 09:23 -------- d-----w-
c:\users\Administrator\AppData\Local\temp
2015-04-16 09:23 . 2015-04-16 09:23 -------- d-----w-
c:\users\Administrator.GNA-VAIO\AppData\Local\temp
2015-04-16 02:32 . 2015-04-16 02:32 -------- d-----w-
c:\windows\system32\appraiser
2015-04-15 17:52 . 2015-04-15 17:52 311808 ----a-w-
c:\windows\SysWow64\gdi32.dll
2015-04-15 17:52 . 2015-03-05 05:12 404480 ----a-w-
c:\windows\system32\gdi32.dll
2015-04-15 17:41 . 2015-04-15 17:41 79360 ----a-w-
c:\windows\system32\clfsw32.dll
2015-04-15 17:41 . 2015-04-15 17:41 58880 ----a-w-
c:\windows\SysWow64\clfsw32.dll
2015-04-15 17:41 . 2015-04-15 17:41 367552 ----a-w-
c:\windows\system32\clfs.sys
2015-04-15 17:36 . 2015-04-15 17:36 2048 ----a-w-
c:\windows\SysWow64\msxml3r.dll
2015-04-15 17:36 . 2015-04-15 17:36 2048 ----a-w-
c:\windows\system32\msxml3r.dll
2015-04-15 17:36 . 2015-04-15 17:36 1882624 ----a-w-
c:\windows\system32\msxml3.dll
2015-04-15 17:36 . 2015-04-15 17:36 1237504 ----a-w-
c:\windows\SysWow64\msxml3.dll
2015-04-15 17:29 . 2015-04-15 17:29 754688 ----a-w-
c:\windows\system32\drivers\http.sys
2015-04-15 16:03 . 2015-04-16 08:59 -------- d-----w- C:\VTRoot
2015-04-15 15:28 . 2015-04-15 15:33 24296 ----a-w-
c:\windows\system32\certsentry.exe
2015-04-15 13:18 . 2015-04-15 13:18 -------- d-----w- c:\program files\Serif
2015-04-15 13:04 . 2015-04-15 18:47 -------- d-----w- c:\programdata\
{011b17b2-1508-1f60-011b-b17b21505ec8}
2015-04-15 13:03 . 2015-04-15 13:03 -------- d-----w- c:\programdata\
{b84aaa15-2d53-1e61-b84a-aaa152d5a854}
2015-04-15 12:35 . 2015-04-15 13:23 -------- d-----w- c:\programdata\
{4983b272-068e-21b6-4983-3b272068c9c8}
2015-04-15 12:35 . 2015-04-15 12:35 -------- d-----w- c:\programdata\
{2887281c-b8ae-6a9f-2887-7281cb8aa072}
2015-04-15 11:55 . 2015-04-15 11:55 -------- d-----w-
c:\users\GNA\AppData\Roaming\Ulead Systems
2015-04-15 11:55 . 2015-04-15 11:55 -------- d-----w-
c:\users\GNA\AppData\Local\Corel PaintShop Pro
2015-04-15 11:54 . 2015-04-15 11:54 -------- d-----w- c:\program files\Corel
2015-04-14 18:08 . 2015-04-14 18:08 -------- d-----w- C:\TTD
2015-04-13 17:38 . 2015-04-13 17:38 -------- d-----w-
c:\users\GNA\AppData\Roaming\Microsys
2015-04-13 17:38 . 2015-04-13 17:38 -------- d-----w- c:\program files
(x86)\Microsys
2015-04-13 17:30 . 2015-04-13 17:30 -------- d-----w- C:\valmind Website2
2015-04-13 17:12 . 2015-04-13 17:12 -------- d-----w- C:\Internet
2015-04-13 17:11 . 2015-04-13 17:11 -------- d-----w- C:\install
2015-04-13 17:11 . 2015-04-13 18:02 -------- d-----w- c:\program files
(x86)\Offline Downloader
2015-04-10 18:46 . 2015-04-10 18:46 -------- d-----w-
c:\users\GNA\AppData\Roaming\com.adobe.WidgetBrowser
2015-04-10 18:05 . 2015-04-10 18:47 -------- d-----w-
c:\programdata\regid.1986-12.com.adobe
2015-04-10 17:50 . 2015-04-10 17:51 -------- d-----w- c:\program files
(x86)\Common Files\Adobe AIR
2015-04-10 17:45 . 2015-04-10 17:46 -------- d-----w- C:\Dreamweaver_12_LS6
2015-04-06 16:37 . 2015-04-06 16:38 -------- d-----w-
c:\programdata\Blumentals
2015-04-06 16:37 . 2015-04-06 16:38 -------- d-----w- c:\program files
(x86)\HTMLPad 2015
2015-04-06 16:37 . 2015-04-06 16:37 -------- d-----w-
c:\users\GNA\AppData\Roaming\Blumentals
2015-04-04 06:11 . 2015-04-04 06:11 -------- d-s---w- c:\windows\system32\GWX
2015-04-04 06:11 . 2015-04-04 06:11 -------- d-s---w- c:\windows\SysWow64\GWX
2015-03-31 17:16 . 2015-03-31 17:16 -------- d-----w- c:\program files
(x86)\Xara
2015-03-31 16:18 . 2015-03-31 16:18 -------- d-----w- c:\program files
(x86)\NetObjects
2015-03-31 16:18 . 2014-05-28 05:19 28672 ----a-w- c:\windows\SysWow64\nnr.dll
2015-03-31 16:01 . 2015-03-31 16:02 -------- d-----w- C:\Valmind_Web Design
2015-03-31 16:01 . 2015-03-31 16:01 -------- d-----w- C:\Nouveau dossier
2015-03-31 15:54 . 2015-03-31 15:54 -------- d-----w-
c:\users\GNA\AppData\Roaming\openElement
2015-03-31 15:54 . 2015-03-31 15:54 -------- d-sh--w-
c:\windows\SysWow64\AI_RecycleBin
2015-03-31 15:52 . 2015-03-31 15:52 -------- d-----w-
c:\users\GNA\AppData\Local\Element Technologie
2015-03-31 15:52 . 2015-03-31 15:52 -------- d-----w- c:\programdata\Element
Technologie
2015-03-31 15:52 . 2015-03-31 15:52 -------- d-----w- c:\program files
(x86)\openElement
2015-03-31 07:55 . 2015-03-31 07:55 -------- d-----w- c:\users\GNA\Tracing
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M
Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-15 15:33 . 2014-05-02 16:45 27400 ----a-w-
c:\windows\system32\certsentry.dll
2015-04-15 15:33 . 2014-05-02 16:45 24328 ----a-w-
c:\windows\SysWow64\certsentry.dll
2015-04-08 10:27 . 2013-03-18 15:32 778928 ----a-w-
c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-08 10:27 . 2013-03-18 15:32 142512 ----a-w-
c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-31 17:16 . 2002-02-01 20:32 120200 ----a-w-
c:\windows\SysWow64\DLLDEV32i.dll
2015-03-17 04:56 . 2015-04-15 20:08 44032 ----a-w-
c:\windows\apppatch\acwow64.dll
2015-03-11 16:54 . 2013-03-15 21:34 122905848 ----a-w-
c:\windows\system32\MRT.exe
2015-03-11 09:25 . 2015-03-11 09:25 4044800 ----a-w-
c:\windows\system32\drivers\athrx.sys
2015-03-11 09:24 . 2015-03-11 09:24 1795952 ----a-w-
c:\windows\system32\WdfCoInstaller01011.dll
2015-03-11 09:24 . 2015-03-11 09:24 34544 ----a-w-
c:\windows\system32\drivers\Smb_driver_Intel.sys
2015-03-11 09:14 . 2015-03-11 09:14 3746408 ----a-w-
c:\windows\system32\RtkHDM64.dll
2015-03-11 09:14 . 2015-03-11 09:14 97624 ----a-w-
c:\windows\system32\RTEEL64H.dll
2015-03-11 09:14 . 2015-03-11 09:14 92264 ----a-w-
c:\windows\system32\RHCoInst64.dll
2015-03-11 09:14 . 2015-03-11 09:14 78680 ----a-w-
c:\windows\system32\RTEEG64H.dll
2015-03-11 09:14 . 2015-03-11 09:14 372056 ----a-w-
c:\windows\system32\RTEEP64H.dll
2015-03-11 09:14 . 2015-03-11 09:14 310104 ----a-w-
c:\windows\system32\RH3DHT64.dll
2015-03-11 09:14 . 2015-03-11 09:14 310104 ----a-w-
c:\windows\system32\RH3DAA64.dll
2015-03-11 09:14 . 2015-03-11 09:14 2526824 ----a-w-
c:\windows\system32\RHDMEx64.dll
2015-03-11 09:14 . 2015-03-11 09:14 237968 ----a-w-
c:\windows\system32\drivers\RtHDMIVX.sys
2015-03-11 09:14 . 2015-03-11 09:14 204120 ----a-w-
c:\windows\system32\RTEED64H.dll
2015-03-11 09:14 . 2015-03-11 09:13 7163744 ----a-w-
c:\windows\system32\R4EEP64H.dll
2015-03-11 09:13 . 2015-03-11 09:13 74592 ----a-w-
c:\windows\system32\R4EEG64H.dll
2015-03-11 09:13 . 2015-03-11 09:13 433504 ----a-w-
c:\windows\system32\R4EED64H.dll
2015-03-11 09:13 . 2015-03-11 09:13 141152 ----a-w-
c:\windows\system32\R4EEL64H.dll
2015-03-11 09:13 . 2015-03-11 09:13 123744 ----a-w-
c:\windows\system32\R4EEA64H.dll
2015-02-26 03:25 . 2015-03-11 13:50 3204096 ----a-w-
c:\windows\system32\win32k.sys
2015-02-24 03:15 . 2015-03-11 13:50 389800 ----a-w-
c:\windows\system32\iedkcs32.dll
2015-02-21 01:16 . 2015-03-11 13:49 25021440 ----a-w-
c:\windows\system32\mshtml.dll
2015-02-20 23:58 . 2015-03-11 13:49 92160 ----a-w-
c:\windows\system32\mshtmled.dll
2015-02-20 04:41 . 2015-03-11 14:34 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 14:34 100864 ----a-w-
c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 14:34 14336 ----a-w-
c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 14:34 46080 ----a-w-
c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 14:34 70656 ----a-w-
c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 14:34 10240 ----a-w-
c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 14:34 34304 ----a-w-
c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 14:34 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 14:34 372224 ----a-w-
c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 14:34 299008 ----a-w-
c:\windows\SysWow64\atmfd.dll
2015-02-20 03:06 . 2015-03-11 13:50 2724864 ----a-w-
c:\windows\system32\mshtml.tlb
2015-02-20 03:05 . 2015-03-11 13:50 4096 ----a-w-
c:\windows\system32\ieetwcollectorres.dll
2015-02-20 02:50 . 2015-03-11 13:49 66560 ----a-w-
c:\windows\system32\iesetup.dll
2015-02-20 02:49 . 2015-03-11 13:50 48640 ----a-w-
c:\windows\system32\ieetwproxystub.dll
2015-02-20 02:49 . 2015-03-11 13:49 584192 ----a-w-
c:\windows\system32\vbscript.dll
2015-02-20 02:48 . 2015-03-11 13:49 2886144 ----a-w-
c:\windows\system32\iertutil.dll
2015-02-20 02:47 . 2015-03-11 13:49 88064 ----a-w-
c:\windows\system32\MshtmlDac.dll
2015-02-20 02:41 . 2015-03-11 13:49 54784 ----a-w-
c:\windows\system32\jsproxy.dll
2015-02-20 02:40 . 2015-03-11 13:50 34304 ----a-w-
c:\windows\system32\iernonce.dll
2015-02-20 02:36 . 2015-03-11 13:49 633856 ----a-w-
c:\windows\system32\ieui.dll
2015-02-20 02:35 . 2015-03-11 13:49 144384 ----a-w-
c:\windows\system32\ieUnatt.exe
2015-02-20 02:35 . 2015-03-11 13:50 114688 ----a-w-
c:\windows\system32\ieetwcollector.exe
2015-02-20 02:34 . 2015-03-11 13:49 814080 ----a-w-
c:\windows\system32\jscript9diag.dll
2015-02-20 02:32 . 2015-03-11 13:49 6035456 ----a-w-
c:\windows\system32\jscript9.dll
2015-02-20 02:26 . 2015-03-11 13:50 968704 ----a-w-
c:\windows\system32\MsSpellCheckingFacility.exe
2015-02-20 02:22 . 2015-03-11 13:50 2724864 ----a-w-
c:\windows\SysWow64\mshtml.tlb
2015-02-20 02:22 . 2015-03-11 13:49 490496 ----a-w-
c:\windows\system32\dxtmsft.dll
2015-02-20 02:13 . 2015-03-11 13:50 77824 ----a-w-
c:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-20 02:09 . 2015-03-11 13:49 503296 ----a-w-
c:\windows\SysWow64\vbscript.dll
2015-02-20 02:08 . 2015-03-11 13:50 62464 ----a-w-
c:\windows\SysWow64\iesetup.dll
2015-02-20 02:08 . 2015-03-11 13:49 199680 ----a-w-
c:\windows\system32\msrating.dll
2015-02-20 02:08 . 2015-03-11 13:50 47616 ----a-w-
c:\windows\SysWow64\ieetwproxystub.dll
2015-02-20 02:06 . 2015-03-11 13:50 64000 ----a-w-
c:\windows\SysWow64\MshtmlDac.dll
2015-02-20 02:05 . 2015-03-11 13:50 316928 ----a-w-
c:\windows\system32\dxtrans.dll
2015-02-20 01:56 . 2015-03-11 13:50 115712 ----a-w-
c:\windows\SysWow64\ieUnatt.exe
2015-02-20 01:56 . 2015-03-11 13:50 620032 ----a-w-
c:\windows\SysWow64\jscript9diag.dll
2015-02-20 01:49 . 2015-03-11 13:50 718848 ----a-w-
c:\windows\system32\ie4uinit.exe
2015-02-20 01:49 . 2015-03-11 13:50 801280 ----a-w-
c:\windows\system32\msfeeds.dll
2015-02-20 01:47 . 2015-03-11 13:49 1359360 ----a-w-
c:\windows\system32\mshtmlmedia.dll
2015-02-20 01:46 . 2015-03-11 13:49 2125824 ----a-w-
c:\windows\system32\inetcpl.cpl
2015-02-20 01:43 . 2015-03-11 13:49 14398976 ----a-w-
c:\windows\system32\ieframe.dll
2015-02-20 01:41 . 2015-03-11 13:50 60416 ----a-w-
c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-02-20 01:30 . 2015-03-11 13:49 4300288 ----a-w-
c:\windows\SysWow64\jscript9.dll
2015-02-20 01:28 . 2015-03-11 13:49 2358784 ----a-w-
c:\windows\system32\wininet.dll
2015-02-20 01:24 . 2015-03-11 13:50 2052608 ----a-w-
c:\windows\SysWow64\inetcpl.cpl
2015-02-20 01:23 . 2015-03-11 13:49 1155072 ----a-w-
c:\windows\SysWow64\mshtmlmedia.dll
2015-02-20 01:16 . 2015-03-11 13:50 1548288 ----a-w-
c:\windows\system32\urlmon.dll
2015-02-20 01:03 . 2015-03-11 13:49 800768 ----a-w-
c:\windows\system32\ieapfltr.dll
2015-02-20 01:01 . 2015-03-11 13:49 1888256 ----a-w-
c:\windows\SysWow64\wininet.dll
2015-02-17 10:00 . 2015-02-17 10:00 1691808 ----a-w-
c:\windows\system32\FM20.DLL
2015-02-13 05:22 . 2015-03-11 14:14 14177280 ----a-w-
c:\windows\system32\shell32.dll
2015-02-04 03:16 . 2015-03-11 13:45 465920 ----a-w-
c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-11 13:45 417792 ----a-w-
c:\windows\SysWow64\WMPhoto.dll
2015-02-03 03:34 . 2015-03-11 14:29 693176 ----a-w-
c:\windows\system32\winload.efi
2015-02-03 03:34 . 2015-03-11 14:29 94656 ----a-w-
c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:33 . 2015-03-11 14:29 616360 ----a-w-
c:\windows\system32\winresume.efi
2015-02-03 03:31 . 2015-03-11 14:29 14632960 ----a-w-
c:\windows\system32\wmp.dll
2015-02-03 03:31 . 2015-03-11 14:29 782848 ----a-w-
c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:31 . 2015-03-11 14:29 229376 ----a-w-
c:\windows\system32\wintrust.dll
2015-02-03 03:31 . 2015-03-11 13:50 1424896 ----a-w-
c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:31 . 2015-03-11 14:19 215552 ----a-w-
c:\windows\system32\ubpm.dll
2015-02-03 03:31 . 2015-03-11 14:29 5120 ----a-w- c:\windows\system32\msdxm.ocx
2015-02-03 03:31 . 2015-03-11 14:29 5120 ----a-w-
c:\windows\system32\dxmasf.dll
2015-02-03 03:31 . 2015-03-11 14:29 63488 ----a-w-
c:\windows\system32\setbcdlocale.dll
2015-02-03 03:31 . 2015-03-11 14:29 1574400 ----a-w-
c:\windows\system32\quartz.dll
2015-02-03 03:31 . 2015-03-11 14:29 500224 ----a-w-
c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:31 . 2015-03-11 14:29 371712 ----a-w-
c:\windows\system32\qdvd.dll
2015-02-03 03:31 . 2015-03-11 14:29 188416 ----a-w-
c:\windows\system32\pcasvc.dll
2015-02-03 03:31 . 2015-03-11 14:29 37376 ----a-w- c:\windows\system32\pcadm.dll
2015-02-03 03:31 . 2015-03-11 14:29 9728 ----a-w- c:\windows\system32\spwmp.dll
2015-02-03 03:31 . 2015-03-11 14:29 641024 ----a-w-
c:\windows\system32\msscp.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading
Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9D974C8C-6D92-
44FB-BEAF-B45A1C0CF17F}]
2014-02-25 05:02 464720 ----a-w- c:\program files (x86)\IObit\IObit
Malware Fighter\adsremoval\IE\Adblock.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D5974A72-C81C-
4DC3-BE77-A8A7BBC8864E}]
2013-09-14 09:10 432232 ----a-w- c:\program files
(x86)\DAP\LinkVerifier.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-01-21 09:35 1729744 ----a-w-
c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-01-21 09:35 1729744 ----a-w-
c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-01-21 09:35 1729744 ----a-w-
c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_62226401DE70903AD4C9E987C18F986F"="c:\program files
(x86)\Google\Chrome\Application\chrome.exe" [2015-03-30 809288]
"uTorrent"="c:\users\GNA\AppData\Roaming\uTorrent\uTorrent.exe" [2015-03-26
1442384]
"SanDiskSecureAccess_Manager.exe"="c:\users\GNA\AppData\Roaming\SanDisk\SanDiskSecu
reAccess_Manager.exe" [2011-06-29 27311232]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-02-26 31346784]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common
Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"DownloadAccelerator"="c:\program files (x86)\DAP\DAP.EXE" [2013-09-14 3865232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"OliveVme102Service"="c:\program files (x86)\TATA Photon
Plus\Olive\VME102\Drivers\OliveNService.exe" [2011-04-14 121344]
"TATA Photon Plus Dialer"="c:\program files (x86)\TATA Photon
Plus\Olive\VME102\TTSL Olive VME102 Dialer Ver 2.0.0" [BU]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="c:\program files (x86)\IObit\Advanced SystemCare
7\ASCTray.exe" [2014-02-11 2288928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows
nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-02 06:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows
nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\lavasoft\ad-
aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys;c:\program
files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN
v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\wind
ows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files
(x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe
[x]
R3 btusbflt;Bluetooth USB
Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbf
lt.sys [x]
R3 btwl2cap;Bluetooth L2CAP
Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2
cap.sys [x]
R3 ggflt;SOMC USB Flash Driver
Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys
[x]
R3 ggsomc;SOMC USB Flash
Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.s
ys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector
Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.
exe [x]
R3
Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impc
d.sys [x]
R3 IntcDAud;Intel(R) Display
Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAu
d.sys [x]
R3 massfilter;ZTE Mass Storage Filter
Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\mass
filter.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet
Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\neta
apl64.sys [x]
R3 Oliveusbser;Olive USB Device for Legacy Serial
Communication;c:\windows\system32\DRIVERS\Oliveusbser.sys;c:\windows\SYSNATIVE\DRIV
ERS\Oliveusbser.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft
Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source
Engine\OSE.EXE [x]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware
Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware
Fighter\drivers\win7_amd64\regfilter.sys [x]
R3 SBUpdd;SpeedBit UpdateD;c:\program files\Common
Files\SpeedBit\SBUpdate\sbw.sys;c:\program files\Common
Files\SpeedBit\SBUpdate\sbw.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC
Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC
Companion\PCCService.exe [x]
R3
TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\dri
vers\tsusbflt.sys [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware
Fighter\drivers\win7_amd64\UrlFilter.sys;c:\program files (x86)\IObit\IObit Malware
Fighter\drivers\win7_amd64\UrlFilter.sys [x]
R3 USBAAPL64;Apple Mobile USB
Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaa
pl64.sys [x]
R3 ZTEusbvoice;ZTE VoUSB
Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys;c:\windows\SYSNATIVE\DRIVERS\ZTEus
bvoice.sys [x]
R4 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files
(x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files
(x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]
R4 AMD External Events Utility;AMD External Events
Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common
Files\COMODO\launcher_service.exe;c:\program files (x86)\Common
Files\COMODO\launcher_service.exe [x]
R4 COSService.exe;COMODO Online Storage Service;c:\program
files\COMODO\COMMON\COSService.exe;c:\program files\COMODO\COMMON\COSService.exe
[x]
R4 DragonUpdater;COMODO Dragon Update Service;c:\program files
(x86)\Comodo\Dragon\dragon_updater.exe;c:\program files
(x86)\Comodo\Dragon\dragon_updater.exe [x]
R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware
Fighter\Drivers\win7_amd64\FileMonitor.sys;c:\program files (x86)\IObit\IObit
Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [x]
R4 FreeAgentGoFlex Service;Seagate Drive Settings Service;c:\program files
(x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe;c:\program files
(x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe [x]
R4 Freemake Improver;Freemake
Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\p
rogramdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R4 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common
Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common
Files\COMODO\GeekBuddyRSP.exe [x]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files
(x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files
(x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R4 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware
Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
[x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files
(x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files
(x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R4 nsmService;NSM Service;c:\program files
(x86)\NetSetMan\nsmservice.exe;c:\program files (x86)\NetSetMan\nsmservice.exe [x]
R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files
(x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files
(x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
R4 Quick Config Service;Quick Config Service;c:\program files (x86)\Quick
Config\QCService.exe;c:\program files (x86)\Quick Config\QCService.exe [x]
R4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver
Service;c:\program files
(x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files
(x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
R4 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files
(x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe;c:\program files
(x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [x]
R4 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital
Home 10\RoxioUpnpService10.exe;c:\program files (x86)\Roxio\Digital Home
10\RoxioUpnpService10.exe [x]
R4 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO
Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
R4 SBUpd;SpeedBit Update;c:\program files\Common
Files\SpeedBit\SBUpdate\sbu.exe;c:\program files\Common
Files\SpeedBit\SBUpdate\sbu.exe [x]
R4 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common
Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony
Shared\SOHLib\SOHCImp.exe [x]
R4 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common
Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony
Shared\SOHLib\SOHDms.exe [x]
R4 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony
Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony
Shared\SOHLib\SOHDs.exe [x]
R4 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony
Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common
Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R4 SynchronizationService.exe;COMODO BackUp Service;c:\program
files\COMODO\COMMON\SynchronizationService.exe;c:\program
files\COMODO\COMMON\SynchronizationService.exe [x]
R4 TeamViewer9;TeamViewer 9;c:\program files
(x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files
(x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
R4 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects
2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects
2\uCamMonitor.exe [x]
R4 UNS;Intel(R) Management & Security Application User Notification
Service;c:\program files (x86)\Intel\Intel(R) Management Engine
Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine
Components\UNS\UNS.exe [x]
R4 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power
Management\SPMService.exe;c:\program files\Sony\VAIO Power
Management\SPMService.exe [x]
R4 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony
Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common
Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program
files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program
files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program
files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program
files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common
Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony
Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R4 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program
files\Sony\VAIO Care\VCService.exe [x]
R4 VSNService;VSNService;c:\program files\Sony\VAIO Smart
Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
R4 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe;c:\program
files\Sony\VAIO Update 5\VUAgent.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows
Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 bdisk;Comodo Disk Raw Access
Filter;c:\windows\system32\DRIVERS\bdisk.sys;c:\windows\SYSNATIVE\DRIVERS\bdisk.sys
[x]
S0
CBUFS;CBUFS;c:\windows\system32\DRIVERS\CBUFS.sys;c:\windows\SYSNATIVE\DRIVERS\CBUF
S.sys [x]
S0 cbvd;Comodo Backup Virtual
Disk;c:\windows\system32\DRIVERS\cbvd.sys;c:\windows\SYSNATIVE\DRIVERS\cbvd.sys [x]
S0
PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Dri
vers\PxHlpa64.sys [x]
S0
Reparse;Reparse;c:\windows\system32\DRIVERS\CBReparse.sys;c:\windows\SYSNATIVE\DRIV
ERS\CBReparse.sys [x]
S0
SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.s
ys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1
CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRM
D.sys [x]
S1 HMD;COMODO livePCsupport Hardware Monitor
Driver;c:\windows\system32\DRIVERS\hmd.sys;c:\windows\SYSNATIVE\DRIVERS\hmd.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel
Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO
64A.SYS [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files
(x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files
(x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files
(x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files
(x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 ChromodoUpdater;COMODO Chromodo Update Service;c:\program files
(x86)\Comodo\Chromodo\chromodo_updater.exe;c:\program files
(x86)\Comodo\Chromodo\chromodo_updater.exe [x]
S2
rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\driv
ers\rimssne64.sys [x]
S2
risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\dr
ivers\risdsne64.sys [x]
S2 SADP_NPF;Sadp Driver
(SADP_NPF);c:\windows\SysWOW64\drivers\sadp_npf64.sys;c:\windows\SysWOW64\drivers\s
adp_npf64.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual
Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVER
S\ArcSoftKsUFilter.sys [x]
S3 HECIx64;Intel(R) Management Engine
Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECI
x64.sys [x]
S3 SFEP;Sony Firmware Extension
Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys
[x]
S3
SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATI
VE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vdbus;Virtual Disk Bus
Enumerator;c:\windows\system32\DRIVERS\vdbus.sys;c:\windows\SYSNATIVE\DRIVERS\vdbus
.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet
Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk6
2x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows
nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed
components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-02 12:43 1061704 ----a-w- c:\program files
(x86)\Google\Chrome\Application\41.0.2272.118\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-04-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-18
10:27]
.
2015-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-01 11:14]
.
2015-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-01 11:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-
E2E7EF20C814}]
2014-04-16 05:03 2471744 ----a-w- c:\program files (x86)\IObit\IObit
Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-01-21 09:31 2334928 ----a-w-
c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-01-21 09:31 2334928 ----a-w-
c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-01-21 09:31 2334928 ----a-w-
c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\COSDriveIconOverlay]
@="{5FDACB62-6B7B-4116-9403-C5E0D3852A57}"
[HKEY_CLASSES_ROOT\CLSID\{5FDACB62-6B7B-4116-9403-C5E0D3852A57}]
2014-05-01 07:47 7203520 ----a-w- c:\program
files\COMODO\COMMON\ShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\COSSyncItemInSyncIconOverlay]
@="{68F287EF-DA6D-4595-AF52-90FF6CE52AFE}"
[HKEY_CLASSES_ROOT\CLSID\{68F287EF-DA6D-4595-AF52-90FF6CE52AFE}]
2014-05-01 07:47 7203520 ----a-w- c:\program
files\COMODO\COMMON\ShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\COSSyncItemModifiedIconOverlay]
@="{AE67D273-7253-4236-B55E-D40055B305D6}"
[HKEY_CLASSES_ROOT\CLSID\{AE67D273-7253-4236-B55E-D40055B305D6}]
2014-05-01 07:47 7203520 ----a-w- c:\program
files\COMODO\COMMON\ShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\COSSyncItemNewIconOverlay]
@="{022F23E9-DA0F-4A86-A728-CAF6150C0B63}"
[HKEY_CLASSES_ROOT\CLSID\{022F23E9-DA0F-4A86-A728-CAF6150C0B63}]
2014-05-01 07:47 7203520 ----a-w- c:\program
files\COMODO\COMMON\ShellExtension.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\COSSyncItemUnsynchronizedIconOverlay]
@="{4D7EE7CF-E7A1-45FE-8F80-3A37574918D7}"
[HKEY_CLASSES_ROOT\CLSID\{4D7EE7CF-E7A1-45FE-8F80-3A37574918D7}]
2014-05-01 07:47 7203520 ----a-w- c:\program
files\COMODO\COMMON\ShellExtension.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://in.yahoo.com?fr=fp-comodo
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth
Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth
Software\btsendto_ie.htm
Trusted Zone: google.co.in\www
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}\84F4D454: NameServer =
156.154.70.22,156.154.71.22
TCP: Interfaces\{927587AB-1894-493E-8E72-6063314BF69A}: NameServer =
192.168.1.1,8.8.8.8
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files
(x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program
files (x86)\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program
files (x86)\DAP\dapie.dll
DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} -
hxxp://nageshv5007.dyndns.org/webrec.cab
DPF: {9AA03FEC-6582-48B1-BC62-821D4A7B9461} -
hxxp://bvraghu.securusddns.com:88/N9DvrOcx.cab?V1163
DPF: {CAFCF48D-8E34-4490-8154-026191D73924} -
hxxp://192.168.0.10/codebase/NetVideoActiveX_V23.cab
DPF: {EDD8DF0B-A160-45DF-A26E-67C390A57B18} -
hxxp://devon.cpplusddns.com/webrec.cab
DPF: {F3D4C08D-3616-43F0-9E29-44C749B0664B} - hxxp://192.168.1.249:84/JpegInst.cab
FF - ProfilePath -
c:\users\GNA\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\
FF - prefs.js: keyword.URL - hxxp://in.search.yahoo.com/search?fr=ytff-comodo&p=
FF - prefs.js: browser.startup.homepage - hxxp://in.yahoo.com?fr=fp-comodo
FF - prefs.js: browser.search.selectedEngine - Yahoo
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-ExpressBurn - c:\program files (x86)\NCH
Software\ExpressBurn\expressburn.exe
AddRemove-MARG_is1 - d:\marg\unins000.exe
AddRemove-ominent - c:\program files (x86)\weDownload
Ltd\ominent\1.8.26.12\uninstall.exe
AddRemove-PhotoStage - c:\program files (x86)\NCH
Software\PhotoStage\photostage.exe
AddRemove-Prism - c:\program files (x86)\NCH Software\Prism\prism.exe
AddRemove-VideoPad - c:\program files (x86)\NCH Software\VideoPad\videopad.exe
AddRemove-WavePad - c:\program files (x86)\NCH Software\WavePad\wavepad.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO
Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/proc
interval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor
Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network
Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor
Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle
Time:1\" \"/expandcounter=\Processor(*)\% C1
Time:1\" \"/expandcounter=\Processor(*)\% C2
Time:1\" \"/expandcounter=\Processor(*)\% C3
Time:1\" \"/expandcounter=\Processor(*)\% Processor
Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_
ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-
D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-
D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-
D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-
A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-
A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-
A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-
D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_
ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-
D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-
D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-
D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-
8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-
8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-
8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\
{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft
Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema
Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments
/2003\0]
"Key"="http://schemas.microsoft.com/office/smartdocuments/2003"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema
Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments
/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias]
"0"="Microsoft Actions Pane 3"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-04-16 14:58:17
ComboFix-quarantined-files.txt 2015-04-16 09:28
ComboFix2.txt 2014-09-27 04:06
ComboFix3.txt 2014-05-04 15:34
ComboFix4.txt 2014-04-08 16:11
.
Pre-Run: 53,103,071,232 bytes free
Post-Run: 59,772,805,120 bytes free
.
- - End Of File - - 83C7635BC0A1EABBD800DC1D56685890

You might also like