Scribd
Upload
254 views3 pages

Test

This document summarizes files and programs installed on a Windows 7 system between May 20 and June 20, 2019. It lists recently installed applications like Skype and Chrome, running programs in the startup folder, drivers loaded by ComboFix, and malware programs found and removed by Malwarebytes.

Uploaded by

adel Mike
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
254 views3 pages

Test

This document summarizes files and programs installed on a Windows 7 system between May 20 and June 20, 2019. It lists recently installed applications like Skype and Chrome, running programs in the startup folder, drivers loaded by ComboFix, and malware programs found and removed by Malwarebytes.

Uploaded by

adel Mike
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

ComboFix 18-08-08.01 - Marian 06/19/2019 20:18:01.15.

4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.1910.366 [GMT -4:00]
Running from: d:\new folder (6)\ComboFix.exe
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2019-05-20 to 2019-06-
20 )))))))))))))))))))))))))))))))
.
.
appdata\local\chromium\application\chrome.exe" [2017-01-20 828416]
"Skype for Desktop"="c:\program files\Microsoft\Skype for Desktop\Skype.exe" [2018-
08-09 49762136]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-04-23 1725736]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-03-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-03-05 175640]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-03-05 167960]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2019-06-07
226184]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
[2006-10-27 31016]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2013-
05-30 96056]
"StatusAlerts"="c:\program files\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2014-02-
12 330040]
"Wondershare Helper Compact.exe"="c:\program files\Common
Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [BU]
.
c:\users\Marian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft
Office\Office12\ONENOTEM.EXE /tsr [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
R3 athur;Atheros AR9271 Wireless Network Adapter
Service;c:\windows\system32\DRIVERS\athur.sys [2013-06-28 1570304]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 ESLoadService;ESLoadService;c:\program files\EaseUS\EaseUS
MobiMover\bin\ESLoadService.exe [x]
R3 GoogleChromeElevationService;Google Chrome Elevation Service;c:\program
files\Google\Chrome\Application\75.0.3770.100\elevation_service.exe [2019-06-18
954352]
R3 netr28;Ralink 802.11n Wireless Driver for Windows
Vista;c:\windows\system32\DRIVERS\netr28.sys [2009-07-13 530944]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB
Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 WatAdminSvc;Windows Activation Technologies
Service;c:\windows\system32\Wat\WatAdminSvc.exe [2018-08-21 1343400]
R3 WsDrvInst;Wondershare Driver Install Service;c:\program
files\Wondershare\MobileTrans\DriverInstall.exe [x]
S0 aswArDisk;aswArDisk;c:\windows\system32\drivers\aswArDisk.sys [2019-06-07 34488]
S0 aswbidsh;aswbidsh;c:\windows\system32\drivers\aswbidsh.sys [2019-06-07 171520]
S0 aswbuniv;aswbuniv;c:\windows\system32\drivers\aswbuniv.sys [2019-06-07 56296]
S0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2019-06-07 72800]
S0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2019-06-07 312248]
S0 MBAMSwissArmy;MBAMSwissArmy;c:\windows\System32\Drivers\mbamswissarmy.sys [2019-
06-19 241760]
S1 aswArPot;aswArPot;c:\windows\system32\drivers\aswArPot.sys [2019-06-07 173232]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdriver.sys [2019-
06-07 225608]
S1 aswHdsKe;aswHdsKe;c:\windows\system32\drivers\aswHdsKe.sys [2019-06-07 214736]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2019-06-07 40688]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2019-06-07 783024]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2019-06-07 403680]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2019-06-07
139352]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2019-06-18 167360]
S2 HP LaserJet Service;HP LaserJet Service;c:\program
files\HP\HPLaserJetService\HPLaserJetService.exe [2014-06-25 176128]
S2 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-
Malware\mbamservice.exe [2019-02-01 5247944]
S2 WsAppService;Wondershare Application Framework Service;c:\program
files\Wondershare\WAF\2.3.1.204\WsAppService.exe [2016-11-16 437392]
S3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\aswidsagent.exe
[2019-06-07 5584416]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-
03-05 232960]
S3 netr28u;RT2870 USB Extensible Wireless LAN Card
Driver;c:\windows\system32\DRIVERS\netr28u.sys [2015-09-09 1703568]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-
07-13 139776]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-
D564-463c-AFF1-A69D9E530F96}]
2019-06-19 21:40 1947632 ----a-w- c:\program
files\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2018-12-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-21
17:10]
.
.
------- Supplementary Scan -------
.
uStart Page = www.google.com
mStart Page = www.google.com
IE: E&xport to Microsoft Excel - c:\program files\Microsoft
Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft
Office\Root\Office16\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.107.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2396)
c:\windows\system32\CSCAPI.dll
.
Completion time: 2019-06-19 20:27:37
ComboFix-quarantined-files.txt 2019-06-20 00:27
ComboFix2.txt 2019-06-17 03:13
ComboFix3.txt 2019-01-27 04:41
ComboFix4.txt 2019-01-04 21:31
ComboFix5.txt 2019-06-20 00:16
.
Pre-Run: 22,820,069,376 bytes free
Post-Run: 22,753,726,464 bytes free
.
- - End Of File - - A0B83A3A35F14E111FC3C0D3F793E3E3
A36C5E4F47E84449FF07ED3517B43A31

You might also like