Combo Fix

ComboFix 15-04-16.01 - GNA 16/04/2015 14:35:32.4.
4 - x64
Microsoft Windows 7 Home Basic 6.1.7601.1.1252.91.1033.18.2990.1284 [GMT 5.5:30]
Running from: c:\users\GNA\Desktop\Navodaya\ComboFix.exe
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other
Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
c:\programdata\ntuser.pol
.
.
((((((((((((((((((((((((( Files Created from 2015-03-16 to 2015-04-
16 )))))))))))))))))))))))))))))))
.
.
2015-04-16 09:23 . 2015-04-16 09:23 -------- d-----w-
c:\users\Public\AppData\Local\temp
2015-04-16 09:23 . 2015-04-16 09:23 -------- d-----w-
c:\users\DefaultAppPool\AppData\Local\temp
2015-04-16 09:23 . 2015-04-16 09:23 -------- d-----w-
c:\users\Default\AppData\Local\temp
2015-04-16 09:23 . 2015-04-16 09:23 -------- d-----w-
c:\users\Administrator\AppData\Local\temp
2015-04-16 09:23 . 2015-04-16 09:23 -------- d-----w-
c:\users\Administrator.GNA-VAIO\AppData\Local\temp
2015-04-16 02:32 . 2015-04-16 02:32 -------- d-----w-
c:\windows\system32\appraiser
2015-04-15 17:52 . 2015-04-15 17:52 311808 ----a-w-
c:\windows\SysWow64\gdi32.dll
2015-04-15 17:52 . 2015-03-05 05:12 404480 ----a-w-
c:\windows\system32\gdi32.dll
2015-04-15 17:41 . 2015-04-15 17:41 79360 ----a-w-
c:\windows\system32\clfsw32.dll
2015-04-15 17:41 . 2015-04-15 17:41 58880 ----a-w-
c:\windows\SysWow64\clfsw32.dll
2015-04-15 17:41 . 2015-04-15 17:41 367552 ----a-w-
c:\windows\system32\clfs.sys
2015-04-15 17:36 . 2015-04-15 17:36 2048 ----a-w-
c:\windows\SysWow64\msxml3r.dll
2015-04-15 17:36 . 2015-04-15 17:36 2048 ----a-w-
c:\windows\system32\msxml3r.dll
2015-04-15 17:36 . 2015-04-15 17:36 1882624 ----a-w-
c:\windows\system32\msxml3.dll
2015-04-15 17:36 . 2015-04-15 17:36 1237504 ----a-w-
c:\windows\SysWow64\msxml3.dll
2015-04-15 17:29 . 2015-04-15 17:29 754688 ----a-w-
c:\windows\system32\drivers\http.sys
2015-04-15 16:03 . 2015-04-16 08:59 -------- d-----w- C:\VTRoot
2015-04-15 15:28 . 2015-04-15 15:33 24296 ----a-w-
c:\windows\system32\certsentry.exe
2015-04-15 13:18 . 2015-04-15 13:18 -------- d-----w- c:\program files\Serif
2015-04-15 13:04 . 2015-04-15 18:47 -------- d-----w- c:\programdata\
{011b17b2-1508-1f60-011b-b17b21505ec8}
2015-04-15 13:03 . 2015-04-15 13:03 -------- d-----w- c:\programdata\
{b84aaa15-2d53-1e61-b84a-aaa152d5a854}
2015-04-15 12:35 . 2015-04-15 13:23 -------- d-----w- c:\programdata\
{4983b272-068e-21b6-4983-3b272068c9c8}
2015-04-15 12:35 . 2015-04-15 12:35 -------- d-----w- c:\programdata\
{2887281c-b8ae-6a9f-2887-7281cb8aa072}
2015-04-15 11:55 . 2015-04-15 11:55 -------- d-----w-
c:\users\GNA\AppData\Roaming\Ulead Systems
2015-04-15 11:55 . 2015-04-15 11:55 -------- d-----w-
c:\users\GNA\AppData\Local\Corel PaintShop Pro
2015-04-15 11:54 . 2015-04-15 11:54 -------- d-----w- c:\program files\Corel
2015-04-14 18:08 . 2015-04-14 18:08 -------- d-----w- C:\TTD
2015-04-13 17:38 . 2015-04-13 17:38 -------- d-----w-
c:\users\GNA\AppData\Roaming\Microsys
2015-04-13 17:38 . 2015-04-13 17:38 -------- d-----w- c:\program files
(x86)\Microsys
2015-04-13 17:30 . 2015-04-13 17:30 -------- d-----w- C:\valmind Website2
2015-04-13 17:12 . 2015-04-13 17:12 -------- d-----w- C:\Internet
2015-04-13 17:11 . 2015-04-13 17:11 -------- d-----w- C:\install
(x86)\Offline Downloader
2015-04-10 18:46 . 2015-04-10 18:46 -------- d-----w-
c:\users\GNA\AppData\Roaming\com.adobe.WidgetBrowser
2015-04-10 18:05 . 2015-04-10 18:47 -------- d-----w-
c:\programdata\regid.1986-12.com.adobe
(x86)\Common Files\Adobe AIR
2015-04-10 17:45 . 2015-04-10 17:46 -------- d-----w- C:\Dreamweaver_12_LS6
2015-04-06 16:37 . 2015-04-06 16:38 -------- d-----w-
c:\programdata\Blumentals
(x86)\HTMLPad 2015
2015-04-06 16:37 . 2015-04-06 16:37 -------- d-----w-
c:\users\GNA\AppData\Roaming\Blumentals
2015-04-04 06:11 . 2015-04-04 06:11 -------- d-s---w- c:\windows\system32\GWX
2015-04-04 06:11 . 2015-04-04 06:11 -------- d-s---w- c:\windows\SysWow64\GWX
(x86)\Xara
(x86)\NetObjects
2015-03-31 16:18 . 2014-05-28 05:19 28672 ----a-w- c:\windows\SysWow64\nnr.dll
2015-03-31 16:01 . 2015-03-31 16:02 -------- d-----w- C:\Valmind_Web Design
2015-03-31 16:01 . 2015-03-31 16:01 -------- d-----w- C:\Nouveau dossier
2015-03-31 15:54 . 2015-03-31 15:54 -------- d-----w-
c:\users\GNA\AppData\Roaming\openElement
2015-03-31 15:54 . 2015-03-31 15:54 -------- d-sh--w-
c:\windows\SysWow64\AI_RecycleBin
2015-03-31 15:52 . 2015-03-31 15:52 -------- d-----w-
c:\users\GNA\AppData\Local\Element Technologie
2015-03-31 15:52 . 2015-03-31 15:52 -------- d-----w- c:\programdata\Element
Technologie
(x86)\openElement
2015-03-31 07:55 . 2015-03-31 07:55 -------- d-----w- c:\users\GNA\Tracing
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M
Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-15 15:33 . 2014-05-02 16:45 27400 ----a-w-
c:\windows\system32\certsentry.dll
2015-04-15 15:33 . 2014-05-02 16:45 24328 ----a-w-
c:\windows\SysWow64\certsentry.dll
2015-04-08 10:27 . 2013-03-18 15:32 778928 ----a-w-
c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-08 10:27 . 2013-03-18 15:32 142512 ----a-w-
c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-31 17:16 . 2002-02-01 20:32 120200 ----a-w-
c:\windows\SysWow64\DLLDEV32i.dll
2015-03-17 04:56 . 2015-04-15 20:08 44032 ----a-w-
c:\windows\apppatch\acwow64.dll
2015-03-11 16:54 . 2013-03-15 21:34 122905848 ----a-w-
c:\windows\system32\MRT.exe
2015-03-11 09:25 . 2015-03-11 09:25 4044800 ----a-w-
c:\windows\system32\drivers\athrx.sys
2015-03-11 09:24 . 2015-03-11 09:24 1795952 ----a-w-
c:\windows\system32\WdfCoInstaller01011.dll
2015-03-11 09:24 . 2015-03-11 09:24 34544 ----a-w-
c:\windows\system32\drivers\Smb_driver_Intel.sys
2015-03-11 09:14 . 2015-03-11 09:14 3746408 ----a-w-
c:\windows\system32\RtkHDM64.dll
2015-03-11 09:14 . 2015-03-11 09:14 97624 ----a-w-
c:\windows\system32\RTEEL64H.dll
2015-03-11 09:14 . 2015-03-11 09:14 92264 ----a-w-
c:\windows\system32\RHCoInst64.dll
2015-03-11 09:14 . 2015-03-11 09:14 78680 ----a-w-
c:\windows\system32\RTEEG64H.dll
2015-03-11 09:14 . 2015-03-11 09:14 372056 ----a-w-
c:\windows\system32\RTEEP64H.dll
2015-03-11 09:14 . 2015-03-11 09:14 310104 ----a-w-
c:\windows\system32\RH3DHT64.dll
2015-03-11 09:14 . 2015-03-11 09:14 310104 ----a-w-
c:\windows\system32\RH3DAA64.dll
2015-03-11 09:14 . 2015-03-11 09:14 2526824 ----a-w-
c:\windows\system32\RHDMEx64.dll
2015-03-11 09:14 . 2015-03-11 09:14 237968 ----a-w-
c:\windows\system32\drivers\RtHDMIVX.sys
2015-03-11 09:14 . 2015-03-11 09:14 204120 ----a-w-
c:\windows\system32\RTEED64H.dll
2015-03-11 09:14 . 2015-03-11 09:13 7163744 ----a-w-
c:\windows\system32\R4EEP64H.dll
2015-03-11 09:13 . 2015-03-11 09:13 74592 ----a-w-
c:\windows\system32\R4EEG64H.dll
2015-03-11 09:13 . 2015-03-11 09:13 433504 ----a-w-
c:\windows\system32\R4EED64H.dll
2015-03-11 09:13 . 2015-03-11 09:13 141152 ----a-w-
c:\windows\system32\R4EEL64H.dll
2015-03-11 09:13 . 2015-03-11 09:13 123744 ----a-w-
c:\windows\system32\R4EEA64H.dll
2015-02-26 03:25 . 2015-03-11 13:50 3204096 ----a-w-
c:\windows\system32\win32k.sys
2015-02-24 03:15 . 2015-03-11 13:50 389800 ----a-w-
c:\windows\system32\iedkcs32.dll
2015-02-21 01:16 . 2015-03-11 13:49 25021440 ----a-w-
c:\windows\system32\mshtml.dll
2015-02-20 23:58 . 2015-03-11 13:49 92160 ----a-w-
c:\windows\system32\mshtmled.dll
2015-02-20 04:41 . 2015-03-11 14:34 41984 ----a-w- c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 14:34 100864 ----a-w-
c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 14:34 14336 ----a-w-
c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 14:34 46080 ----a-w-
c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 14:34 70656 ----a-w-
c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 14:34 10240 ----a-w-
c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 14:34 34304 ----a-w-
c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 14:34 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 14:34 372224 ----a-w-
c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 14:34 299008 ----a-w-
c:\windows\SysWow64\atmfd.dll
2015-02-20 03:06 . 2015-03-11 13:50 2724864 ----a-w-
c:\windows\system32\mshtml.tlb
2015-02-20 03:05 . 2015-03-11 13:50 4096 ----a-w-
c:\windows\system32\ieetwcollectorres.dll
2015-02-20 02:50 . 2015-03-11 13:49 66560 ----a-w-
c:\windows\system32\iesetup.dll
2015-02-20 02:49 . 2015-03-11 13:50 48640 ----a-w-
c:\windows\system32\ieetwproxystub.dll
2015-02-20 02:49 . 2015-03-11 13:49 584192 ----a-w-
c:\windows\system32\vbscript.dll
2015-02-20 02:48 . 2015-03-11 13:49 2886144 ----a-w-
c:\windows\system32\iertutil.dll
2015-02-20 02:47 . 2015-03-11 13:49 88064 ----a-w-
c:\windows\system32\MshtmlDac.dll
2015-02-20 02:41 . 2015-03-11 13:49 54784 ----a-w-
c:\windows\system32\jsproxy.dll
2015-02-20 02:40 . 2015-03-11 13:50 34304 ----a-w-
c:\windows\system32\iernonce.dll
2015-02-20 02:36 . 2015-03-11 13:49 633856 ----a-w-
c:\windows\system32\ieui.dll
2015-02-20 02:35 . 2015-03-11 13:49 144384 ----a-w-
c:\windows\system32\ieUnatt.exe
2015-02-20 02:35 . 2015-03-11 13:50 114688 ----a-w-
c:\windows\system32\ieetwcollector.exe
2015-02-20 02:34 . 2015-03-11 13:49 814080 ----a-w-
c:\windows\system32\jscript9diag.dll
2015-02-20 02:32 . 2015-03-11 13:49 6035456 ----a-w-
c:\windows\system32\jscript9.dll
2015-02-20 02:26 . 2015-03-11 13:50 968704 ----a-w-
c:\windows\system32\MsSpellCheckingFacility.exe
2015-02-20 02:22 . 2015-03-11 13:50 2724864 ----a-w-
c:\windows\SysWow64\mshtml.tlb
2015-02-20 02:22 . 2015-03-11 13:49 490496 ----a-w-
c:\windows\system32\dxtmsft.dll
2015-02-20 02:13 . 2015-03-11 13:50 77824 ----a-w-
c:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-20 02:09 . 2015-03-11 13:49 503296 ----a-w-
c:\windows\SysWow64\vbscript.dll
2015-02-20 02:08 . 2015-03-11 13:50 62464 ----a-w-
c:\windows\SysWow64\iesetup.dll
2015-02-20 02:08 . 2015-03-11 13:49 199680 ----a-w-
c:\windows\system32\msrating.dll
2015-02-20 02:08 . 2015-03-11 13:50 47616 ----a-w-
c:\windows\SysWow64\ieetwproxystub.dll
2015-02-20 02:06 . 2015-03-11 13:50 64000 ----a-w-
c:\windows\SysWow64\MshtmlDac.dll
2015-02-20 02:05 . 2015-03-11 13:50 316928 ----a-w-
c:\windows\system32\dxtrans.dll
2015-02-20 01:56 . 2015-03-11 13:50 115712 ----a-w-
c:\windows\SysWow64\ieUnatt.exe
2015-02-20 01:56 . 2015-03-11 13:50 620032 ----a-w-
c:\windows\SysWow64\jscript9diag.dll
2015-02-20 01:49 . 2015-03-11 13:50 718848 ----a-w-
c:\windows\system32\ie4uinit.exe
2015-02-20 01:49 . 2015-03-11 13:50 801280 ----a-w-
c:\windows\system32\msfeeds.dll
2015-02-20 01:47 . 2015-03-11 13:49 1359360 ----a-w-
c:\windows\system32\mshtmlmedia.dll
2015-02-20 01:46 . 2015-03-11 13:49 2125824 ----a-w-
c:\windows\system32\inetcpl.cpl
2015-02-20 01:43 . 2015-03-11 13:49 14398976 ----a-w-
c:\windows\system32\ieframe.dll
2015-02-20 01:41 . 2015-03-11 13:50 60416 ----a-w-
c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2015-02-20 01:30 . 2015-03-11 13:49 4300288 ----a-w-
c:\windows\SysWow64\jscript9.dll
2015-02-20 01:28 . 2015-03-11 13:49 2358784 ----a-w-
c:\windows\system32\wininet.dll
2015-02-20 01:24 . 2015-03-11 13:50 2052608 ----a-w-
c:\windows\SysWow64\inetcpl.cpl
2015-02-20 01:23 . 2015-03-11 13:49 1155072 ----a-w-
c:\windows\SysWow64\mshtmlmedia.dll
2015-02-20 01:16 . 2015-03-11 13:50 1548288 ----a-w-
c:\windows\system32\urlmon.dll
2015-02-20 01:03 . 2015-03-11 13:49 800768 ----a-w-
c:\windows\system32\ieapfltr.dll
2015-02-20 01:01 . 2015-03-11 13:49 1888256 ----a-w-
c:\windows\SysWow64\wininet.dll
2015-02-17 10:00 . 2015-02-17 10:00 1691808 ----a-w-
c:\windows\system32\FM20.DLL
2015-02-13 05:22 . 2015-03-11 14:14 14177280 ----a-w-
c:\windows\system32\shell32.dll
2015-02-04 03:16 . 2015-03-11 13:45 465920 ----a-w-
c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-11 13:45 417792 ----a-w-
c:\windows\SysWow64\WMPhoto.dll
2015-02-03 03:34 . 2015-03-11 14:29 693176 ----a-w-
c:\windows\system32\winload.efi
2015-02-03 03:34 . 2015-03-11 14:29 94656 ----a-w-
c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:33 . 2015-03-11 14:29 616360 ----a-w-
c:\windows\system32\winresume.efi
2015-02-03 03:31 . 2015-03-11 14:29 14632960 ----a-w-
c:\windows\system32\wmp.dll
2015-02-03 03:31 . 2015-03-11 14:29 782848 ----a-w-
c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:31 . 2015-03-11 14:29 229376 ----a-w-
c:\windows\system32\wintrust.dll
2015-02-03 03:31 . 2015-03-11 13:50 1424896 ----a-w-
c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:31 . 2015-03-11 14:19 215552 ----a-w-
c:\windows\system32\ubpm.dll
2015-02-03 03:31 . 2015-03-11 14:29 5120 ----a-w- c:\windows\system32\msdxm.ocx
2015-02-03 03:31 . 2015-03-11 14:29 5120 ----a-w-
c:\windows\system32\dxmasf.dll
2015-02-03 03:31 . 2015-03-11 14:29 63488 ----a-w-
c:\windows\system32\setbcdlocale.dll
2015-02-03 03:31 . 2015-03-11 14:29 1574400 ----a-w-
c:\windows\system32\quartz.dll
2015-02-03 03:31 . 2015-03-11 14:29 500224 ----a-w-
c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:31 . 2015-03-11 14:29 371712 ----a-w-
c:\windows\system32\qdvd.dll
2015-02-03 03:31 . 2015-03-11 14:29 188416 ----a-w-
c:\windows\system32\pcasvc.dll
2015-02-03 03:31 . 2015-03-11 14:29 37376 ----a-w- c:\windows\system32\pcadm.dll
2015-02-03 03:31 . 2015-03-11 14:29 9728 ----a-w- c:\windows\system32\spwmp.dll
2015-02-03 03:31 . 2015-03-11 14:29 641024 ----a-w-
c:\windows\system32\msscp.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading
Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9D974C8C-6D92-
44FB-BEAF-B45A1C0CF17F}]
2014-02-25 05:02 464720 ----a-w- c:\program files (x86)\IObit\IObit
Malware Fighter\adsremoval\IE\Adblock.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D5974A72-C81C-
4DC3-BE77-A8A7BBC8864E}]
2013-09-14 09:10 432232 ----a-w- c:\program files
(x86)\DAP\LinkVerifier.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\
shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-01-21 09:35 1729744 ----a-w-
c:\progra~2\MICROS~4\Office15\GROOVEEX.DLL
.
shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-01-21 09:35 1729744 ----a-w-
.
shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-01-21 09:35 1729744 ----a-w-
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_62226401DE70903AD4C9E987C18F986F"="c:\program files
(x86)\Google\Chrome\Application\chrome.exe" [2015-03-30 809288]
"uTorrent"="c:\users\GNA\AppData\Roaming\uTorrent\uTorrent.exe" [2015-03-26
1442384]
"SanDiskSecureAccess_Manager.exe"="c:\users\GNA\AppData\Roaming\SanDisk\SanDiskSecu
reAccess_Manager.exe" [2011-06-29 27311232]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-02-26 31346784]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common
Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
"DownloadAccelerator"="c:\program files (x86)\DAP\DAP.EXE" [2013-09-14 3865232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"OliveVme102Service"="c:\program files (x86)\TATA Photon
Plus\Olive\VME102\Drivers\OliveNService.exe" [2011-04-14 121344]
"TATA Photon Plus Dialer"="c:\program files (x86)\TATA Photon
Plus\Olive\VME102\TTSL Olive VME102 Dialer Ver 2.0.0" [BU]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="c:\program files (x86)\IObit\Advanced SystemCare
7\ASCTray.exe" [2014-02-11 2288928]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows
nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-02 06:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows
nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\lavasoft\ad-
aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys;c:\program
files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN
v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\wind
ows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files
(x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe
[x]
R3 btusbflt;Bluetooth USB
Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbf
lt.sys [x]
R3 btwl2cap;Bluetooth L2CAP
Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2
cap.sys [x]
R3 ggflt;SOMC USB Flash Driver
Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys
[x]
R3 ggsomc;SOMC USB Flash
Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.s
ys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector
Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.
exe [x]
R3
Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impc
d.sys [x]
R3 IntcDAud;Intel(R) Display
Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAu
d.sys [x]
R3 massfilter;ZTE Mass Storage Filter
Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\mass
filter.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet
Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\neta
apl64.sys [x]
R3 Oliveusbser;Olive USB Device for Legacy Serial
Communication;c:\windows\system32\DRIVERS\Oliveusbser.sys;c:\windows\SYSNATIVE\DRIV
ERS\Oliveusbser.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft
Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source
Engine\OSE.EXE [x]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware
Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware
Fighter\drivers\win7_amd64\regfilter.sys [x]
R3 SBUpdd;SpeedBit UpdateD;c:\program files\Common
Files\SpeedBit\SBUpdate\sbw.sys;c:\program files\Common
Files\SpeedBit\SBUpdate\sbw.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC
Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC
Companion\PCCService.exe [x]
R3
TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\dri
vers\tsusbflt.sys [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware
Fighter\drivers\win7_amd64\UrlFilter.sys;c:\program files (x86)\IObit\IObit Malware
Fighter\drivers\win7_amd64\UrlFilter.sys [x]
R3 USBAAPL64;Apple Mobile USB
Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaa
pl64.sys [x]
R3 ZTEusbvoice;ZTE VoUSB
Port;c:\windows\system32\DRIVERS\ZTEusbvoice.sys;c:\windows\SYSNATIVE\DRIVERS\ZTEus
bvoice.sys [x]
R4 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files
(x86)\IObit\Advanced SystemCare 7\ASCService.exe;c:\program files
(x86)\IObit\Advanced SystemCare 7\ASCService.exe [x]
R4 AMD External Events Utility;AMD External Events
Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R4 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common
Files\COMODO\launcher_service.exe;c:\program files (x86)\Common
Files\COMODO\launcher_service.exe [x]
R4 COSService.exe;COMODO Online Storage Service;c:\program
files\COMODO\COMMON\COSService.exe;c:\program files\COMODO\COMMON\COSService.exe
[x]
R4 DragonUpdater;COMODO Dragon Update Service;c:\program files
(x86)\Comodo\Dragon\dragon_updater.exe;c:\program files
(x86)\Comodo\Dragon\dragon_updater.exe [x]
R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware
Fighter\Drivers\win7_amd64\FileMonitor.sys;c:\program files (x86)\IObit\IObit
Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [x]
R4 FreeAgentGoFlex Service;Seagate Drive Settings Service;c:\program files
(x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe;c:\program files
(x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe [x]
R4 Freemake Improver;Freemake
Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\p
rogramdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R4 GeekBuddyRSP;GeekBuddyRSP Server;c:\program files (x86)\Common
Files\COMODO\GeekBuddyRSP.exe;c:\program files (x86)\Common
Files\COMODO\GeekBuddyRSP.exe [x]
R4 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files
(x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files
(x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R4 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware
Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
[x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files
(x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files
(x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R4 nsmService;NSM Service;c:\program files
(x86)\NetSetMan\nsmservice.exe;c:\program files (x86)\NetSetMan\nsmservice.exe [x]
R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files
(x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files
(x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
R4 Quick Config Service;Quick Config Service;c:\program files (x86)\Quick
Config\QCService.exe;c:\program files (x86)\Quick Config\QCService.exe [x]
R4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver
Service;c:\program files
(x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files
(x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
R4 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files
(x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe;c:\program files
(x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [x]
R4 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital
Home 10\RoxioUpnpService10.exe;c:\program files (x86)\Roxio\Digital Home
10\RoxioUpnpService10.exe [x]
R4 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO
Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
R4 SBUpd;SpeedBit Update;c:\program files\Common
Files\SpeedBit\SBUpdate\sbu.exe;c:\program files\Common
Files\SpeedBit\SBUpdate\sbu.exe [x]
R4 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common
Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony
Shared\SOHLib\SOHCImp.exe [x]
R4 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common
Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony
Shared\SOHLib\SOHDms.exe [x]
R4 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony
Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony
Shared\SOHLib\SOHDs.exe [x]
R4 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony
Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common
Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R4 SynchronizationService.exe;COMODO BackUp Service;c:\program
files\COMODO\COMMON\SynchronizationService.exe;c:\program
files\COMODO\COMMON\SynchronizationService.exe [x]
R4 TeamViewer9;TeamViewer 9;c:\program files
(x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files
(x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
R4 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects
2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects
2\uCamMonitor.exe [x]
R4 UNS;Intel(R) Management & Security Application User Notification
Service;c:\program files (x86)\Intel\Intel(R) Management Engine
Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine
Components\UNS\UNS.exe [x]
R4 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power
Management\SPMService.exe;c:\program files\Sony\VAIO Power
Management\SPMService.exe [x]
R4 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony
Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common
Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program
files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program
files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program
files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program
files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common
Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony
Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R4 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program
files\Sony\VAIO Care\VCService.exe [x]
R4 VSNService;VSNService;c:\program files\Sony\VAIO Smart
Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
R4 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe;c:\program
files\Sony\VAIO Update 5\VUAgent.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows
Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 bdisk;Comodo Disk Raw Access
Filter;c:\windows\system32\DRIVERS\bdisk.sys;c:\windows\SYSNATIVE\DRIVERS\bdisk.sys
[x]
S0
CBUFS;CBUFS;c:\windows\system32\DRIVERS\CBUFS.sys;c:\windows\SYSNATIVE\DRIVERS\CBUF
S.sys [x]
S0 cbvd;Comodo Backup Virtual
Disk;c:\windows\system32\DRIVERS\cbvd.sys;c:\windows\SYSNATIVE\DRIVERS\cbvd.sys [x]
S0
PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Dri
vers\PxHlpa64.sys [x]
S0
Reparse;Reparse;c:\windows\system32\DRIVERS\CBReparse.sys;c:\windows\SYSNATIVE\DRIV
ERS\CBReparse.sys [x]
S0
SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.s
ys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S1
CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys;c:\windows\SYSNATIVE\DRIVERS\CFRM
D.sys [x]
S1 HMD;COMODO livePCsupport Hardware Monitor
Driver;c:\windows\system32\DRIVERS\hmd.sys;c:\windows\SYSNATIVE\DRIVERS\hmd.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel
Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO
64A.SYS [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files
(x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files
(x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files
(x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files
(x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 ChromodoUpdater;COMODO Chromodo Update Service;c:\program files
(x86)\Comodo\Chromodo\chromodo_updater.exe;c:\program files
(x86)\Comodo\Chromodo\chromodo_updater.exe [x]
S2
rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\driv
ers\rimssne64.sys [x]
S2
risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\dr
ivers\risdsne64.sys [x]
S2 SADP_NPF;Sadp Driver
(SADP_NPF);c:\windows\SysWOW64\drivers\sadp_npf64.sys;c:\windows\SysWOW64\drivers\s
adp_npf64.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual
Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVER
S\ArcSoftKsUFilter.sys [x]
S3 HECIx64;Intel(R) Management Engine
Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECI
x64.sys [x]
S3 SFEP;Sony Firmware Extension
Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys
[x]
S3
SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATI
VE\DRIVERS\Smb_driver_Intel.sys [x]
S3 vdbus;Virtual Disk Bus
Enumerator;c:\windows\system32\DRIVERS\vdbus.sys;c:\windows\SYSNATIVE\DRIVERS\vdbus
.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet
Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk6
2x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows
nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed
components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-02 12:43 1061704 ----a-w- c:\program files
(x86)\Google\Chrome\Application\41.0.2272.118\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-04-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-18
10:27]
.
2015-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-01 11:14]
.
2015-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-02-01 11:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-
E2E7EF20C814}]
2014-04-16 05:03 2471744 ----a-w- c:\program files (x86)\IObit\IObit
Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconove
rlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-01-21 09:31 2334928 ----a-w-
.
rlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-01-21 09:31 2334928 ----a-w-
.
rlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-01-21 09:31 2334928 ----a-w-
.
rlayidentifiers\COSDriveIconOverlay]
@="{5FDACB62-6B7B-4116-9403-C5E0D3852A57}"
[HKEY_CLASSES_ROOT\CLSID\{5FDACB62-6B7B-4116-9403-C5E0D3852A57}]
2014-05-01 07:47 7203520 ----a-w- c:\program
files\COMODO\COMMON\ShellExtension.dll
.
rlayidentifiers\COSSyncItemInSyncIconOverlay]
@="{68F287EF-DA6D-4595-AF52-90FF6CE52AFE}"
[HKEY_CLASSES_ROOT\CLSID\{68F287EF-DA6D-4595-AF52-90FF6CE52AFE}]
2014-05-01 07:47 7203520 ----a-w- c:\program
.
rlayidentifiers\COSSyncItemModifiedIconOverlay]
@="{AE67D273-7253-4236-B55E-D40055B305D6}"
[HKEY_CLASSES_ROOT\CLSID\{AE67D273-7253-4236-B55E-D40055B305D6}]
2014-05-01 07:47 7203520 ----a-w- c:\program
.
rlayidentifiers\COSSyncItemNewIconOverlay]
@="{022F23E9-DA0F-4A86-A728-CAF6150C0B63}"
[HKEY_CLASSES_ROOT\CLSID\{022F23E9-DA0F-4A86-A728-CAF6150C0B63}]
2014-05-01 07:47 7203520 ----a-w- c:\program
.
rlayidentifiers\COSSyncItemUnsynchronizedIconOverlay]
@="{4D7EE7CF-E7A1-45FE-8F80-3A37574918D7}"
[HKEY_CLASSES_ROOT\CLSID\{4D7EE7CF-E7A1-45FE-8F80-3A37574918D7}]
2014-05-01 07:47 7203520 ----a-w- c:\program
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://in.yahoo.com?fr=fp-comodo
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth
Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth
Software\btsendto_ie.htm
Trusted Zone: google.co.in\www
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{1EFB8A60-ADE3-4852-AA62-C8616E1EABDA}\84F4D454: NameServer =
156.154.70.22,156.154.71.22
TCP: Interfaces\{927587AB-1894-493E-8E72-6063314BF69A}: NameServer =
192.168.1.1,8.8.8.8
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files
(x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program
files (x86)\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\program
files (x86)\DAP\dapie.dll
DPF: {108D3206-846A-4A93-BACB-F0572D043ED7} -
hxxp://nageshv5007.dyndns.org/webrec.cab
DPF: {9AA03FEC-6582-48B1-BC62-821D4A7B9461} -
hxxp://bvraghu.securusddns.com:88/N9DvrOcx.cab?V1163
DPF: {CAFCF48D-8E34-4490-8154-026191D73924} -
hxxp://192.168.0.10/codebase/NetVideoActiveX_V23.cab
DPF: {EDD8DF0B-A160-45DF-A26E-67C390A57B18} -
hxxp://devon.cpplusddns.com/webrec.cab
DPF: {F3D4C08D-3616-43F0-9E29-44C749B0664B} - hxxp://192.168.1.249:84/JpegInst.cab
FF - ProfilePath -
c:\users\GNA\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\
FF - prefs.js: keyword.URL - hxxp://in.search.yahoo.com/search?fr=ytff-comodo&p=
FF - prefs.js: browser.startup.homepage - hxxp://in.yahoo.com?fr=fp-comodo
FF - prefs.js: browser.search.selectedEngine - Yahoo
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-ExpressBurn - c:\program files (x86)\NCH
Software\ExpressBurn\expressburn.exe
AddRemove-MARG_is1 - d:\marg\unins000.exe
AddRemove-ominent - c:\program files (x86)\weDownload
Ltd\ominent\1.8.26.12\uninstall.exe
AddRemove-PhotoStage - c:\program files (x86)\NCH
Software\PhotoStage\photostage.exe
AddRemove-Prism - c:\program files (x86)\NCH Software\Prism\prism.exe
AddRemove-VideoPad - c:\program files (x86)\NCH Software\VideoPad\videopad.exe
AddRemove-WavePad - c:\program files (x86)\NCH Software\WavePad\wavepad.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO
Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/proc
interval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor
Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network
Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor
Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle
Time:1\" \"/expandcounter=\Processor(*)\% C1
Time:1\" \"/expandcounter=\Processor(*)\% Processor
Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_
ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-
D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe"
.
D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-
A108237013BD}]
@="IFlashBroker6"
.
A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-
D2C18CA0866F}]
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_
ActiveX.exe,-101"
.
D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe"
.
D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-
444553540000}]
@="Shockwave Flash Object"
.
444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
444553540000}\MiscStatus]
@="0"
.
444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
444553540000}\Version]
@="1.0"
.
444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-
444553540000}]
@="Macromedia Flash Factory Object"
.
444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
444553540000}\Version]
@="1.0"
.
444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-
8F48-A108237013BD}]
@="IFlashBroker6"
.
8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\
{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft
Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema
Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments
/2003\0]
"Key"="http://schemas.microsoft.com/office/smartdocuments/2003"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema
Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments
/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias]
"0"="Microsoft Actions Pane 3"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-
08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-04-16 14:58:17
ComboFix-quarantined-files.txt 2015-04-16 09:28
ComboFix2.txt 2014-09-27 04:06
ComboFix3.txt 2014-05-04 15:34
ComboFix4.txt 2014-04-08 16:11
.
Pre-Run: 53,103,071,232 bytes free
Post-Run: 59,772,805,120 bytes free
.
- - End Of File - - 83C7635BC0A1EABBD800DC1D56685890

Combo Fix

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Combo Fix

Uploaded by

Copyright:

Available Formats

ComboFix 15-04-16.01 - GNA 16/04/2015 14:35:32.4.

You might also like