omboFix 14-07-25.01 - Joann 25/07/2014 22:34:55.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8094.5958 [GMT -4:00]
Running from: c:\users\Joann\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Downloads\7z920(1).exe
c:\users\Downloads\7z920.exe
c:\users\Downloads\Cancel.dll
c:\users\Downloads\CF_UNINST.EXE
c:\users\Downloads\ComboFix.exe
c:\users\Downloads\Final_Fantasy_XI_Seekers_of_Adoulin_Setup.exe
c:\users\Downloads\HORTICULTURE PROGRAM 2012-2013 .pdf
c:\users\Downloads\SecurityCheck(1).exe
c:\users\Downloads\SecurityCheck(2).exe
c:\users\Downloads\SecurityCheck.exe
c:\users\Downloads\SiteBuilderSetup(1).exe
c:\users\Downloads\SiteBuilderSetup(2).exe
c:\users\Downloads\SiteBuilderSetup(3).exe
c:\users\Downloads\SiteBuilderSetup(4).exe
c:\users\Downloads\SiteBuilderSetup(5).exe
c:\users\Downloads\SiteBuilderSetup(6).exe
c:\users\Downloads\SiteBuilderSetup(7).exe
c:\users\Downloads\SiteBuilderSetup.exe
c:\users\Downloads\upd-PCL6-X64-5_2_6_9321.exe
c:\users\Downloads\upd-PS-X64-5_2_6_9321.exe
c:\users\Downloads\Windower-3.431.exe
c:\users\Downloads\winrar-x64-50b8(1).exe
c:\users\Downloads\winrar-x64-50b8.exe
c:\users\Downloads\wrar50b8.exe
c:\users\Joann Resume stuff\~WRL0022.tmp
c:\users\Joann Resume stuff\~WRL0026.tmp
c:\users\Joann Resume stuff\~WRL0087.tmp
c:\users\Joann Resume stuff\~WRL0121.tmp
c:\users\Joann Resume stuff\~WRL0143.tmp
c:\users\Joann Resume stuff\~WRL0193.tmp
c:\users\Joann Resume stuff\~WRL0483.tmp
c:\users\Joann Resume stuff\~WRL0637.tmp
c:\users\Joann Resume stuff\~WRL0663.tmp
c:\users\Joann Resume stuff\~WRL0781.tmp
c:\users\Joann Resume stuff\~WRL0978.tmp
c:\users\Joann Resume stuff\~WRL1049.tmp
c:\users\Joann Resume stuff\~WRL1064.tmp
c:\users\Joann Resume stuff\~WRL1073.tmp
c:\users\Joann Resume stuff\~WRL1138.tmp
c:\users\Joann Resume stuff\~WRL1209.tmp
c:\users\Joann Resume stuff\~WRL1329.tmp
c:\users\Joann Resume stuff\~WRL1403.tmp
c:\users\Joann Resume stuff\~WRL1496.tmp
c:\users\Joann Resume stuff\~WRL1526.tmp
c:\users\Joann Resume stuff\~WRL1569.tmp
c:\users\Joann Resume stuff\~WRL1572.tmp
c:\users\Joann Resume stuff\~WRL1583.tmp
c:\users\Joann Resume stuff\~WRL1584.tmp
c:\users\Joann Resume stuff\~WRL1589.tmp
c:\users\Joann Resume stuff\~WRL1711.tmp
c:\users\Joann Resume stuff\~WRL1912.tmp
c:\users\Joann Resume stuff\~WRL2182.tmp
c:\users\Joann Resume stuff\~WRL2212.tmp
c:\users\Joann Resume stuff\~WRL2217.tmp
c:\users\Joann Resume stuff\~WRL2429.tmp
c:\users\Joann Resume stuff\~WRL2581.tmp
c:\users\Joann Resume stuff\~WRL2704.tmp
c:\users\Joann Resume stuff\~WRL2738.tmp
c:\users\Joann Resume stuff\~WRL2789.tmp
c:\users\Joann Resume stuff\~WRL2804.tmp
c:\users\Joann Resume stuff\~WRL2826.tmp
c:\users\Joann Resume stuff\~WRL3101.tmp
c:\users\Joann Resume stuff\~WRL3342.tmp
c:\users\Joann Resume stuff\~WRL3374.tmp
c:\users\Joann Resume stuff\~WRL3452.tmp
c:\users\Joann Resume stuff\~WRL3510.tmp
c:\users\Joann Resume stuff\~WRL3523.tmp
c:\users\Joann Resume stuff\~WRL3597.tmp
c:\users\Joann Resume stuff\~WRL3711.tmp
c:\users\Joann Resume stuff\~WRL3813.tmp
c:\users\Joann Resume stuff\~WRL3827.tmp
c:\users\Joann Resume stuff\~WRL3865.tmp
c:\users\Joann Resume stuff\~WRL3870.tmp
c:\users\Joann Resume stuff\~WRL3966.tmp
c:\users\Joann Resume stuff\~WRL4076.tmp
c:\users\Joann\AppData\Local\Microsoft\Windows\Temporary Internet Files\a25ec79e-5943-49ed-827c-90cb8f098a80.jpg
c:\windows\Fonts\1234
.
.
((((((((((((((((((((((((( Files Created from 2014-06-26 to 2014-07-26 )))))))))))))))))))))))))))))))
.
.
2014-07-26 02:43 . 2014-07-26 02:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-07-26 01:25 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F3D0985B-E843-462B-84DC-57CCB54B0629}\mpengine.dll
2014-07-24 22:55 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-07-24 19:38 . 2014-07-24 19:38 -------- d-----w- c:\program files (x86)\ESET
2014-07-24 19:29 . 2014-07-24 19:29 -------- d-----w- c:\program files\Microsoft Silverlight
2014-07-24 19:29 . 2014-07-24 19:29 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-07-24 05:03 . 2014-07-24 05:03 128728 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-24 05:03 . 2014-07-24 05:03 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-21 13:13 . 2014-07-13 21:56 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-07-21 13:13 . 2014-07-13 21:56 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D93A7757-8D9E-4F8F-B5CC-59F723D8506F}\gapaengine.dll
2014-07-21 05:31 . 2014-07-21 05:31 -------- d-----w- c:\users\Joann\AppData\Local\Stitch Works Software
2014-07-21 05:31 . 2014-07-21 05:31 -------- d-----w- c:\program files (x86)\Crochet Charts
2014-07-21 01:26 . 2014-07-21 01:26 -------- d-----w- c:\program files (x86)\Intwined Studio
2014-07-15 21:47 . 2014-07-15 21:47 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-07-15 21:47 . 2014-07-10 00:03 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-13 21:53 . 2014-07-13 21:53 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2014-07-13 21:53 . 2014-07-13 21:53 -------- d-----w- c:\program files\Microsoft Security Client
2014-07-13 11:06 . 2014-06-17 06:57 10779000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EA353525-BB48-4AAD-95EE-AC46B8E1D199}\mpengine.dll
2014-07-13 03:35 . 2014-05-08 09:32 3178496 ----a-w- c:\windows\system32\rdpcorets.dll
2014-07-13 03:35 . 2014-05-08 09:32 16384 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2014-07-13 03:35 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-07-13 03:35 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-07-12 18:15 . 2014-07-24 05:16 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-07-12 17:56 . 2014-07-12 17:56 -------- d-----w- c:\windows\Sun
2014-07-12 17:25 . 2014-07-12 17:25 -------- d-----w- c:\windows\ERUNT
2014-07-12 17:06 . 2013-09-25 02:23 1030144 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-07-12 17:06 . 2013-09-25 01:57 792576 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-07-12 17:06 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2014-07-12 17:06 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-07-12 10:36 . 2014-07-21 05:25 -------- d-----w- c:\users\Joann\AppData\Roaming\Favor Software
2014-07-12 07:01 . 2014-07-12 07:01 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2014-07-12 05:22 . 2014-07-12 06:51 -------- d-----w- c:\users\Administrator
2014-07-12 04:41 . 2014-07-12 04:41 -------- d-----w- c:\users\Joann\AppData\Local\Apps
2014-07-12 02:48 . 2014-07-12 02:48 -------- d-sh--w- c:\users\Joann\AppData\Local\EmieUserList
2014-07-12 02:48 . 2014-07-12 02:48 -------- d-sh--w- c:\users\Joann\AppData\Local\EmieSiteList
2014-07-12 02:29 . 2001-11-05 13:30 165376 ----a-w- c:\windows\UNWISE.EXE
2014-07-12 02:14 . 2010-11-20 09:03 3584 ----a-w- c:\windows\system32\drivers\en-US\vpchbus.sys.mui
2014-07-11 01:30 . 2010-08-30 12:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-07-04 17:08 . 2014-07-04 17:08 -------- d-----w- c:\users\Joann\Mike Long
2014-07-01 00:43 . 2014-07-01 00:47 -------- d-----w- c:\users\Joann\motivational stuff
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-10 07:01 . 2013-11-01 13:32 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-07-09 00:34 . 2013-12-31 04:15 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 00:34 . 2013-12-31 04:15 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-24 18:32 . 2014-05-24 18:33 45056 ----a-w- c:\windows\SysWow64\HSSICore.dll
2014-05-24 18:32 . 2014-05-24 18:33 40960 ----a-w- c:\windows\SysWow64\HS_live.ocx
2014-05-24 18:32 . 2014-05-24 18:33 184320 ----a-w- c:\windows\SysWow64\OESICore.dll
2014-05-24 18:31 . 2014-05-24 18:32 98136 ----a-w- c:\windows\gzip.exe
2014-04-28 15:35 . 2014-04-28 15:46 1164489 ----a-w- c:\windows\unins000.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Officejet Pro 8600 (NET)"="c:\program files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" [2012-10-17 2573416]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21444224]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-29 642656]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"ComodoFSChrome"="c:\program files (x86)\AdTrustMedia\PrivDog\FinalizeSetup.exe" [2013-10-01 4457640]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-09 256896]
.
c:\users\Joann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk - c:\windows\system32\RunDll32.exe "c:\program files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN334BWGX705KC;CONNECTION=NW;MONITOR=1; [2009-7-13 45568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoStartMenuNetworkPlaces"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys;c:\windows\SYSNATIVE\DRIVERS\ivusb.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 PSI_SVC_2_x64;Protexis Licensing V2 x64;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe;c:\program files\Common Files\Protexis\License Service\PsiService_2.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-18 17:04 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-07-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-31 00:34]
.
2014-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-01 03:54]
.
2014-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-01 03:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-08-07 6827664]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-08-06 1215632]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page =
hxxp://ca.yahoo.com?fr=fp-comodomLocal Page = c:\windows\SysWOW64\blank.htm
IE: {{2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - c:\program files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{6F95E902-4BA3-45BD-B260-9B06B6E99D2A}: NameServer = 156.154.70.22,156.154.71.22
Handler: intu-tt2013 - {9FF5EC07-1645-43BF-828F-C73CFA7BC1AF} - c:\program files (x86)\TurboTax 2013\ic2013pp.dll
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-
- (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-ESET Online Scanner - c:\program files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
AddRemove-Video Downloader_is1 - c:\program files (x86)\Video Downloader\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-07-25 22:45:07
ComboFix-quarantined-files.txt 2014-07-26 02:45
.
Pre-Run: 892,943,130,624 bytes free
Post-Run: 896,289,869,824 bytes free
.
- - End Of File - - C4E5D7AF5B1727BAA82DB3F51E9C05F0
A36C5E4F47E84449FF07ED3517B43A31