If you can't read please download the document
Combo Fix New Ideas
Embed Size (px)
344 x 292
429 x 357
514 x 422
599 x 487
DESCRIPTION
Fast and intelligent as the LIVE is. groud palisca historia de la musica groud palisca historia de la musica bgroud palisca historia de la musica groud palisca historia de la musica
Citation preview
ComboFix 14-09-22.01 - Carmen 24/09/2014 14:48:02.1.2 -
x86Microsoft Windows 7 Starter 6.1.7601.1.1252.34.3082.18.1015.120
[GMT 2:00]Running from:
c:\users\Carmen\Desktop\pack-Antivirus\ComboFix.exeSP: Windows
Defender *Enabled/Outdated*
{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..(((((((((((((((((((((((((((((((((((((((
Other Deletions
)))))))))))))))))))))))))))))))))))))))))))))))))..c:\program
files\HP\HPBTWD.exe..((((((((((((((((((((((((( Files Created from
2014-08-24 to 2014-09-24
)))))))))))))))))))))))))))))))..2014-09-24 13:05 . 2014-09-24
13:05 -------- d-----w-
c:\users\Default\AppData\Local\temp2014-09-24 12:22 . 2014-09-24
12:26 -------- d-----w- C:\AdwCleaner2014-09-24 12:12 . 2014-09-24
12:42 56200 ----a-w- c:\programdata\Microsoft\Windows
Defender\Definition
Updates\{D2C9122D-A4E8-4213-A1ED-1954B2DAB52F}\offreg.dll2014-09-24
11:45 . 2014-09-24 11:49 110296 ----a-w-
c:\windows\system32\drivers\MBAMSwissArmy.sys2014-09-24 11:44 .
2014-09-24 11:48 -------- d-----w- c:\program files\Malwarebytes
Anti-Malware2014-09-24 11:44 . 2014-09-24 11:44 -------- d-----w-
c:\programdata\Malwarebytes2014-09-24 11:44 . 2014-05-12 05:26
51928 ----a-w- c:\windows\system32\drivers\mwac.sys2014-09-24 11:44
. 2014-05-12 05:25 74456 ----a-w-
c:\windows\system32\drivers\mbamchameleon.sys2014-09-24 11:44 .
2014-05-12 05:25 23256 ----a-w-
c:\windows\system32\drivers\mbam.sys2014-09-24 11:29 . 2014-09-24
11:30 -------- d-----w- C:\UpdateChromeLinksLogs2014-09-24 11:29 .
2014-09-24 11:29 1700352 ----a-w-
c:\windows\system32\gdiplus.dll2014-09-24 11:29 . 2014-09-24 11:29
1060864 ----a-w- c:\windows\system32\mfc71.dll2014-09-22 17:09 .
2014-09-22 17:09 -------- d-----w-
c:\users\Carmen\AppData\Roaming\MAGIX2014-09-22 17:09 . 2014-09-22
17:09 -------- d-----w- c:\programdata\MAGIX2014-09-22 17:08 .
2014-04-14 07:07 120200 ----a-w-
c:\windows\system32\DLLDEV32i.dll2014-09-22 17:08 . 2014-09-22
17:08 -------- d-----w-
c:\users\Carmen\AppData\Local\Programs2014-09-22 16:36 . 2014-09-22
16:36 -------- d-----w- c:\program files\iPod2014-09-22 16:36 .
2014-09-22 16:37 -------- d-----w-
c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E12014-09-22 16:18
. 2014-09-22 16:18 -------- d-----w-
c:\users\Carmen\AppData\Local\Opera Software2014-09-22 16:18 .
2014-09-22 16:18 -------- d-----w-
c:\users\Carmen\AppData\Roaming\Opera Software2014-09-22 16:17 .
2014-09-22 16:23 -------- d-----w- c:\program files\Opera2014-09-06
15:02 . 2014-09-06 15:02 -------- d-----w- c:\program files\Common
Files\Java2014-09-06 15:01 . 2014-09-06 15:01 96680 ----a-w-
c:\windows\system32\WindowsAccessBridge.dll...((((((((((((((((((((((((((((((((((((((((
Find3M Report
)))))))))))))))))))))))))))))))))))))))))))))))))))).2014-09-24
12:30 . 2011-08-28 19:09 23256 ----a-w-
c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll..(((((((((((((((((((((((((((((((((((((
Reg Loading Points
))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty
entries & legit default entries are not shown
REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"swg"="c:\program
files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
[2009-12-11 39408]"ares"="c:\program files\Ares\Ares.exe"
[2014-03-28 2758656]"Skype"="c:\program
files\Skype\Phone\Skype.exe" [2013-06-21
19875432].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"SynTPEnh"="c:\program
files\Synaptics\SynTP\SynTPEnh.exe" [2009-06-12
1533224]"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe"
[2009-06-29 458844]"UpdatePRCShortCut"="c:\program
files\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe"
[2009-05-19 222504]"Adobe Reader Speed Launcher"="c:\program
files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]"HP
Software Update"="c:\program files\Hp\HP Software
Update\HPWuSchd2.exe" [2008-12-08
54576]"WirelessAssistant"="c:\program files\Hewlett-Packard\HP
Wireless Assistant\HPWAMain.exe" [2009-07-23
498744]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23
141848]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23
173592]"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23
150552]"APSDaemon"="c:\program files\Common Files\Apple\Apple
Application Support\APSDaemon.exe" [2014-07-31 43816]"Adobe
ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
[2013-04-04 958576]"QuickTime Task"="c:\program
files\QuickTime\QTTask.exe" [2014-01-17
421888]"SunJavaUpdateSched"="c:\program files\Common
Files\Java\Java Update\jusched.exe" [2014-07-25
256896]"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
[2014-09-01
152392].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]"NCPluginUpdater"="c:\program
files\Hewlett-Packard\HP Health
Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-06-24
21720].c:\users\Carmen\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup\OpenOffice.org 3.2.lnk - c:\program
files\OpenOffice.org 3\program\quickstart.exe [2010-5-20
1195008].c:\programdata\Microsoft\Windows\Start
Menu\Programs\Startup\Bluetooth.lnk - c:\program
files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-30
795936]Stardock MyColors.lnk - c:\program
files\Stardock\MyColors\SDDelayedLaunch.exe "Stardock MyColors"
HPTord "c:\program files\Stardock\MyColors\ThemeMgr.exe" [2009-6-9
8960].c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Startup\IconPackager.lnk - c:\program
files\Stardock\MyColors\IconPackager.exe [2009-7-24
1389944].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"=
0 (0x0)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableLUA"= 0
(0x0)"EnableUIADesktopToggle"= 0 (0x0)"PromptOnSecureDesktop"= 0
(0x0).[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]"WallpaperStyle"=
2.R2 SkypeUpdate;Skype Updater;c:\program
files\Skype\Updater\Updater.exe [2013-06-21 162408]R3
ewusbnet;HUAWEI USB-NDIS
miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2010-04-07
204800]R3 Huawei;HUAWEI Mobile Connect - USB Smart Card
Reader;c:\windows\system32\DRIVERS\ewdcsc.sys [2010-01-18 27136]R3
hwusbfake;Huawei DataCard USB
Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [x]R3
massfilter;Mass Storage Filter
Driver;c:\windows\system32\drivers\massfilter.sys [2009-12-28
10240]R3 massfilter_hs;USB Mass Storage Filter
Driver;c:\windows\system32\drivers\massfilter_hs.sys [2009-02-03
9728]R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card
Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24
167424]R3 RtsUIR;Realtek IR
Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]R3
SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS
[2009-07-13 207360]R3
SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS
[2009-07-13 980992]R3
SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS
[2009-07-13 661504]R3
TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys
[2010-11-20 52224]R3 USBZTECCID;ZTE USB Smartcard
Driver;c:\windows\system32\DRIVERS\ZTEusbccid.sys [2010-02-22
14336]R3 ZTEusbMB;ZTE NMEAExt2
Port;c:\windows\system32\DRIVERS\ZTEusbnmeaext2.sys [2010-02-22
105856]R3 ZTEusbnet;ZTE USB-NDIS
miniport;c:\windows\system32\DRIVERS\ZTEusbnet.sys [2010-02-10
186368]R4 wlcrasvc;Windows Live Mesh remote connections
service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22
51040]S1 DVMIO;DVMIO;c:\splash.sys\config\dvmio.sys [2009-07-27
16984]S1 tidnet;TID NDIS Protocol
Driver;c:\windows\system32\DRIVERS\tidnet.sys [2006-07-12 19200]S2
AESTFilters;Andrea ST Filters
Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_ee8b9ab8d1b9a68e\aestsrv.exe
[2009-03-02 81920]S2 DvmMDES;DeviceVM Meta Data Export
Service;c:\splash.sys\config\DVMExportService.exe [2009-07-08
323584]S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program
files\Movistar\Escritorio Movistar\ImpWiFiSvc.exe [2010-09-29
200624]S3 btwl2cap;Bluetooth L2CAP
Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07
29472]S3
huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys
[2010-04-09 63616]S3 L1C;NDIS Miniport Driver for Atheros
AR8131/AR8132 PCI-E Ethernet Controller (NDIS
6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-04-28
50688]..[HKEY_LOCAL_MACHINE\software\microsoft\windows
nt\currentversion\svchost]LocalServiceAndNoImpersonation
REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub
AppIDSvc QWAVE
wcncsvc.[HKEY_LOCAL_MACHINE\software\microsoft\active
setup\installed
components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2014-09-23 03:19
1096520 ----a-w- c:\program
files\Google\Chrome\Application\37.0.2062.120\Installer\chrmstp.exe.Contents
of the 'Scheduled Tasks' folder.2014-09-24
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program
files\Google\Update\GoogleUpdate.exe [2010-02-23 22:28].2014-09-24
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program
files\Google\Update\GoogleUpdate.exe [2010-02-23 22:28]..-------
Supplementary Scan -------.uStart Page =
hxxp://www.google.commStart Page =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=es_ES&c=94&bd=Pavilion&pf=cnnbuInternet
Settings,ProxyOverride = *.localIE: Enviar imagen al dispositivo
&Bluetooth... - c:\program files\WIDCOMM\Bluetooth
Software\btsendto_ie_ctx.htmIE: Enviar pgina al dispositivo
&Bluetooth... - c:\program files\WIDCOMM\Bluetooth
Software\btsendto_ie.htmTCP:
Interfaces\{6128A64B-D9F4-44E4-A104-24D0A80DEBDD}: NameServer =
8.8.8.8FF - ProfilePath -
c:\users\Carmen\AppData\Roaming\Mozilla\Firefox\Profiles\q0pevux0.default\FF
- prefs.js: browser.search.selectedEngine - StartWebFF - prefs.js:
browser.startup.homepage - FF - prefs.js:
browser.search.selectedEngine - .- - - - ORPHANS REMOVED - - -
-.URLSearchHooks-{0974848a-b5bc-49f2-9778-307742b4a55d} - (no
file)Toolbar-10 - (no
file)Toolbar-!{41524553-5350-2D53-4154-7A786E7484D7} - (no
file)WebBrowser-{0974848A-B5BC-49F2-9778-307742B4A55D} - (no
file)WebBrowser-{41524553-5350-2D53-4154-7A786E7484D7} - (no
file)HKLM-Run-HP BTW Detect Program - c:\program
files\HP\HPBTWD.exe...--------------------- LOCKED REGISTRY KEYS
---------------------.[HKEY_USERS\S-1-5-21-848733617-3078846203-1664778447-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]@Denied:
(2)
(LocalSystem)"Progid"="WindowsLiveMail.Email.1".[HKEY_USERS\S-1-5-21-848733617-3078846203-1664778447-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]@Denied:
(2)
(LocalSystem)"Progid"="WindowsLiveMail.VCard.1".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied:
(A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5)
(S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]@Denied:
(A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5)
(S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied:
(Full) (Everyone).Completion time: 2014-09-24
15:11:18ComboFix-quarantined-files.txt 2014-09-24 13:11.Pre-Run:
198.408.409.088 bytes libresPost-Run: 198.091.292.672 bytes
libres.- - End Of File - -
C5218829E5117BE95336C1AE4460526D05A5220EA629EC4A545AA240DD02CB0D
LOAD MORE
