API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 21st, 2017
110
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 23.70 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 11-07-05.03 - Owner 07/05/2011 21:03:17.1.2 - x86
  2. Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2812.1171 [GMT -4:00]
  3. Running from: c:\users\Owner\Desktop\ComboFix.exe
  4. SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  5. .
  6. [i] ADS - system32: deleted 12 bytes in 1 streams. [/i]
  7. .
  8. ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
  9. .
  10. .
  11. c:\program files\UNWISE.EXE
  12. c:\users\Owner\AppData\Roaming\Dyyno
  13. c:\users\Owner\AppData\Roaming\Dyyno\dyyno.xml
  14. c:\users\Owner\AppData\Roaming\Owner3SQLite3.dll
  15. c:\users\Owner\AppData\Roaming\Ownerlog.dat
  16. c:\users\Owner\AppData\Roaming\ubot
  17. c:\users\Owner\AppData\Roaming\Windows
  18. c:\windows\system32\Thumbs.db
  19. c:\windows\XSxS
  20. .
  21. .
  22. ((((((((((((((((((((((((( Files Created from 2011-06-06 to 2011-07-06 )))))))))))))))))))))))))))))))
  23. .
  24. .
  25. 2011-07-06 01:18 . 2011-07-06 01:18 -------- d-----w- c:\users\Mcx1-OWNER-PC\AppData\Local\temp
  26. 2011-07-06 01:18 . 2011-07-06 01:18 -------- d-----w- c:\users\Default\AppData\Local\temp
  27. 2011-07-06 00:12 . 2011-07-06 00:12 54016 ----a-w- c:\windows\system32\drivers\ciai.sys
  28. 2011-07-05 17:42 . 2011-05-29 13:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
  29. 2011-07-05 17:42 . 2011-07-05 17:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
  30. 2011-07-05 17:42 . 2011-05-29 13:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
  31. 2011-07-05 14:51 . 2011-07-05 14:51 -------- d-----w- c:\programdata\FLEXnet
  32. 2011-07-05 14:44 . 2011-07-05 14:44 -------- d-----w- c:\program files\Adobe Media Player
  33. 2011-07-05 14:35 . 2011-07-05 14:35 -------- d-----w- c:\program files\Common Files\Macrovision Shared
  34. 2011-07-05 12:23 . 2011-07-05 12:23 -------- d-----w- c:\users\Owner\AppData\Local\{C44893CC-CF3E-43B8-9B36-9D98C42AB7EC}
  35. 2011-07-05 03:17 . 2011-07-05 16:06 -------- d-----w- c:\program files\proXPN
  36. 2011-07-04 16:48 . 2011-07-04 16:48 -------- d-----w- c:\users\Owner\AppData\Local\{8772FFA2-E05A-4F83-8DC5-926D238159F3}
  37. 2011-07-03 03:30 . 2011-07-03 03:30 -------- d-----w- c:\users\Owner\AppData\Local\{59D87A4A-7C33-4B6A-80A2-BB0EB9FCC1E2}
  38. 2011-07-02 15:06 . 2011-07-02 15:06 -------- d-----w- c:\users\Owner\AppData\Local\{37E6660C-5819-4BB6-9CB4-92932D64D25A}
  39. 2011-07-02 00:15 . 2011-07-02 00:16 -------- d-----w- c:\program files\Virtual Audio Cable
  40. 2011-07-02 00:15 . 2011-07-02 00:15 50728 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys
  41. 2011-07-01 17:20 . 2011-07-01 17:20 -------- d-----w- c:\users\Owner\AppData\Local\{8153F338-B488-4F7C-B280-14EA4DF6FD3C}
  42. 2011-07-01 04:54 . 2011-07-01 04:54 -------- d-----w- c:\users\Owner\AppData\Local\{A8876D9F-6B82-43D9-8ED8-F56C7981675C}
  43. 2011-06-30 21:42 . 2011-06-30 21:42 -------- d-----w- c:\program files\SplitMediaLabs
  44. 2011-06-30 18:28 . 2011-06-30 18:31 -------- d-----w- c:\users\Owner\AppData\Roaming\Notepad++
  45. 2011-06-30 18:28 . 2011-06-30 18:28 -------- d-----w- c:\program files\Notepad++
  46. 2011-06-30 16:53 . 2011-06-30 16:54 -------- d-----w- c:\users\Owner\AppData\Local\{308469EB-F63C-4F8C-A8C8-D2235B1DC4B2}
  47. 2011-06-29 19:01 . 2011-06-29 19:12 -------- d-----w- c:\users\Owner\AppData\Roaming\FileZilla
  48. 2011-06-29 19:01 . 2011-06-29 19:01 -------- d-----w- c:\program files\FileZilla FTP Client
  49. 2011-06-29 16:55 . 2011-05-24 10:35 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
  50. 2011-06-29 16:55 . 2011-05-04 04:52 1401856 ----a-w- c:\windows\system32\mssrch.dll
  51. 2011-06-29 16:55 . 2011-05-04 04:53 1553920 ----a-w- c:\windows\system32\tquery.dll
  52. 2011-06-29 16:54 . 2011-05-04 04:52 428032 ----a-w- c:\windows\system32\SearchIndexer.exe
  53. 2011-06-29 16:54 . 2011-05-04 04:52 666624 ----a-w- c:\windows\system32\mssvp.dll
  54. 2011-06-29 16:54 . 2011-05-04 04:52 337408 ----a-w- c:\windows\system32\mssph.dll
  55. 2011-06-29 16:54 . 2011-05-04 04:52 197120 ----a-w- c:\windows\system32\mssphtb.dll
  56. 2011-06-29 16:54 . 2011-05-04 04:52 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe
  57. 2011-06-29 16:54 . 2011-05-04 04:52 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe
  58. 2011-06-29 16:54 . 2011-05-04 04:52 59392 ----a-w- c:\windows\system32\msscntrs.dll
  59. 2011-06-29 16:40 . 2011-06-29 16:40 -------- d-----w- c:\users\Owner\AppData\Local\{E891E43C-809A-4172-9000-90CA3B930491}
  60. 2011-06-28 20:06 . 2011-06-28 20:07 -------- d-----w- c:\users\Owner\AppData\Local\{AAA66FDE-D8AB-4F1C-9D17-DF5A3912A135}
  61. 2011-06-28 04:30 . 2011-06-28 04:30 -------- d-----w- c:\users\Owner\AppData\Local\{E08A62F5-BD29-4A09-A5DD-33092FA2AAA3}
  62. 2011-06-27 15:56 . 2011-06-27 15:56 -------- d-----w- c:\users\Owner\AppData\Local\{840EAE5D-4FE5-42F5-82ED-D5B7F90DD2E5}
  63. 2011-06-26 23:40 . 2011-06-26 23:40 -------- d-----w- c:\users\Owner\AppData\Local\{919F0A96-723A-4839-8516-F663A438D11C}
  64. 2011-06-26 11:24 . 2011-06-26 11:24 -------- d-----w- c:\users\Owner\AppData\Local\{86807915-756E-47A5-9A47-E4FD743F7B09}
  65. 2011-06-25 22:05 . 2011-06-25 22:06 -------- d-----w- c:\users\Owner\AppData\Local\{D3A376DA-503E-4D56-B739-BD9DD0930F29}
  66. 2011-06-24 20:58 . 2011-06-24 20:58 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
  67. 2011-06-24 15:47 . 2011-06-24 15:47 -------- d-----w- c:\users\Owner\AppData\Local\{B4975B9B-C51C-45E0-9AE2-609BE37D22E1}
  68. 2011-06-24 03:42 . 2011-06-24 03:42 -------- d-----w- c:\users\Owner\AppData\Local\{55E60AB8-5B8A-4D25-84FD-A6BA2F8794F8}
  69. 2011-06-23 14:31 . 2011-06-23 14:31 -------- d-----w- c:\users\Owner\AppData\Local\{45828C5C-F069-4167-8F7A-F34FB081B6CB}
  70. 2011-06-23 02:30 . 2011-06-23 02:31 -------- d-----w- c:\users\Owner\AppData\Local\{3E21A798-1214-45AE-8CBC-616CAF72205C}
  71. 2011-06-22 14:30 . 2011-06-22 14:30 -------- d-----w- c:\users\Owner\AppData\Local\{0501DF14-EE96-4E53-B08A-82BA92911945}
  72. 2011-06-22 01:59 . 2011-06-22 02:00 -------- d-----w- c:\users\Owner\AppData\Local\{02F11C08-6472-4102-BF04-19BB6E77114E}
  73. 2011-06-21 13:59 . 2011-06-21 13:59 -------- d-----w- c:\users\Owner\AppData\Local\{7B782FF1-FD5D-45BC-A955-6AD64DACAAA6}
  74. 2011-06-20 15:02 . 2011-06-20 15:02 -------- d-----w- c:\users\Owner\AppData\Local\{EF41FDD6-B95D-43D5-A2F9-82DFC2360CB3}
  75. 2011-06-20 03:02 . 2011-06-20 03:02 -------- d-----w- c:\users\Owner\AppData\Local\{47E2B234-38B4-49B3-90C1-4A8CC9B64080}
  76. 2011-06-19 15:02 . 2011-06-19 15:02 -------- d-----w- c:\users\Owner\AppData\Local\{9A8CACA8-5F43-4734-9C9F-80A488910C9C}
  77. 2011-06-19 01:08 . 2011-06-19 01:08 -------- d-----w- c:\users\Owner\AppData\Local\{F40F5211-9689-4D90-BBB0-D5A7C6118991}
  78. 2011-06-18 16:03 . 2011-06-18 16:03 -------- d-----r- c:\program files\Skype
  79. 2011-06-18 13:08 . 2011-06-18 13:08 -------- d-----w- c:\users\Owner\AppData\Local\{9369E2DB-DD89-4C9A-98EA-CDA66C8D1473}
  80. 2011-06-17 22:42 . 2011-06-17 22:42 -------- d-----w- c:\users\Owner\AppData\Local\{6232CE55-A489-42C3-B246-409EA73DA0D0}
  81. 2011-06-16 15:32 . 2011-06-16 15:32 -------- d-----w- c:\users\Owner\AppData\Local\{EBCDA3E7-D14B-45D1-9365-151AB6C19170}
  82. 2011-06-16 13:34 . 2011-06-16 13:34 -------- d-----w- c:\program files\iPod
  83. 2011-06-16 12:50 . 2011-04-29 02:57 311296 ----a-w- c:\windows\system32\drivers\srv.sys
  84. 2011-06-16 12:50 . 2011-04-29 02:57 309760 ----a-w- c:\windows\system32\drivers\srv2.sys
  85. 2011-06-16 12:50 . 2011-04-29 02:57 114176 ----a-w- c:\windows\system32\drivers\srvnet.sys
  86. 2011-06-16 12:50 . 2011-04-25 04:56 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
  87. 2011-06-16 12:50 . 2011-04-25 02:35 338944 ----a-w- c:\windows\system32\drivers\afd.sys
  88. 2011-06-16 12:50 . 2010-12-18 05:31 571904 ----a-w- c:\windows\system32\oleaut32.dll
  89. 2011-06-16 12:50 . 2011-04-27 02:33 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
  90. 2011-06-16 12:50 . 2011-05-03 04:50 740864 ----a-w- c:\windows\system32\inetcomm.dll
  91. 2011-06-16 12:50 . 2011-01-17 05:38 161792 ----a-w- c:\windows\system32\d3d10_1.dll
  92. 2011-06-16 12:50 . 2011-04-29 05:08 759296 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
  93. 2011-06-15 15:45 . 2011-06-15 15:45 -------- d-----w- c:\users\Owner\AppData\Local\{C0C9E43C-C07C-4C06-9FD1-BA7DFED054B5}
  94. 2011-06-15 02:47 . 2011-06-15 02:47 -------- d-----w- c:\users\Owner\AppData\Local\{A16CF59D-839C-45FF-A0AC-5827A17C49C0}
  95. 2011-06-14 13:11 . 2011-06-30 23:58 -------- d-----w- c:\program files\HmelyoffLabs
  96. 2011-06-14 09:29 . 2011-06-14 09:29 -------- d-----w- c:\users\Owner\AppData\Local\{5E26612D-70E6-4459-94C9-B0C62FC7EA64}
  97. 2011-06-13 16:57 . 2011-06-13 16:58 -------- d-----w- c:\users\Owner\AppData\Local\{057148D9-2A87-427A-A6B2-1AE7533FEA9A}
  98. 2011-06-13 04:34 . 2011-06-13 04:34 -------- d-----w- c:\users\Owner\AppData\Local\{118A13D5-E45A-41C9-B1F3-D4F07731034C}
  99. 2011-06-12 16:34 . 2011-06-12 16:34 -------- d-----w- c:\users\Owner\AppData\Local\{8D662B82-4FEA-4D19-8CD6-AFADC55A08C0}
  100. 2011-06-12 16:32 . 2011-06-12 16:32 -------- d-----w- c:\users\Owner\AppData\Local\{EEAE2FB6-B730-47DC-8354-B389E7933586}
  101. 2011-06-11 21:25 . 2011-06-11 21:25 -------- d-----w- c:\programdata\{503C37A9-D7FC-4D65-B7D0-55886F41E2BA}
  102. 2011-06-11 21:25 . 2011-06-11 21:25 -------- d-----w- c:\program files\LiveZilla
  103. 2011-06-11 20:58 . 2011-06-11 20:58 -------- d-----w- c:\users\Owner\AppData\Local\{930273C3-103D-4240-A81C-5687920939F5}
  104. 2011-06-10 18:28 . 2011-06-10 18:28 -------- d-----w- c:\users\Owner\AppData\Local\{3753D145-F47F-4A47-8E1B-B3ED2191A8C8}
  105. 2011-06-10 05:43 . 2011-06-10 05:43 -------- d-----w- c:\users\Owner\AppData\Local\{BB41D1CF-F9E6-416B-8DC6-454DA1505236}
  106. 2011-06-09 17:42 . 2011-06-09 17:43 -------- d-----w- c:\users\Owner\AppData\Local\{EE922157-3AEE-4A9B-8F2E-FF0CB3D3CA25}
  107. 2011-06-09 05:42 . 2011-06-09 05:42 -------- d-----w- c:\users\Owner\AppData\Local\{725816B2-FED7-4857-8B64-9CE44533D75D}
  108. 2011-06-08 19:54 . 2011-06-08 20:07 -------- d-----w- c:\users\Owner\Adobe Dreamweaver CS5.5
  109. 2011-06-08 17:42 . 2011-06-08 17:42 -------- d-----w- c:\users\Owner\AppData\Local\{D56F9C07-E0F2-4325-9C9D-69A9954CABF1}
  110. 2011-06-08 01:37 . 2011-06-08 01:37 -------- d-----w- c:\users\Owner\AppData\Local\{339CAC71-BAEC-4164-BF4D-64D458F54978}
  111. 2011-06-07 12:44 . 2011-06-07 12:44 26112 ----a-w- c:\windows\system32\drivers\tap0901.sys
  112. 2011-06-07 05:17 . 2011-06-07 05:17 -------- d-----w- c:\users\Owner\AppData\Local\{8176926D-B9BF-4610-9637-54843A7D17E9}
  113. 2011-06-06 16:59 . 2011-06-06 16:59 -------- d-----w- c:\users\Owner\AppData\Local\{6FB7FA6E-D8AB-4934-B910-E87DC40FBC28}
  114. .
  115. .
  116. .
  117. (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
  118. .
  119. 2011-05-10 12:06 . 2011-05-10 12:06 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll
  120. 2011-05-10 12:06 . 2011-05-10 12:06 42496 ----a-w- c:\windows\system32\drivers\usbaapl.sys
  121. 2011-04-22 19:36 . 2011-05-25 04:53 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys
  122. 2011-04-11 07:04 . 2011-05-13 14:01 7071056 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{034053BE-6620-4B0F-9674-818A70BDBACF}\mpengine.dll
  123. 2011-04-09 06:13 . 2011-05-11 13:07 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe
  124. 2011-04-09 06:13 . 2011-05-11 13:07 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe
  125. 2011-04-09 05:56 . 2011-05-19 03:03 123904 ----a-w- c:\windows\system32\poqexec.exe
  126. .
  127. .
  128. ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
  129. .
  130. .
  131. *Note* empty entries & legit default entries are not shown
  132. REGEDIT4
  133. .
  134. [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
  135. 2010-12-09 17:51 3911776 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
  136. .
  137. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  138. "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-12-09 3911776]
  139. .
  140. [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
  141. .
  142. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  143. "MyTOSHIBA"="c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe" [2009-08-06 264048]
  144. "RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
  145. "BitTorrent"="c:\program files\BitTorrent\BitTorrent.exe" [2011-06-02 1820528]
  146. .
  147. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  148. "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-30 98304]
  149. "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-21 1545512]
  150. "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-08-21 476512]
  151. "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-07-28 460088]
  152. "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-08-05 738616]
  153. "ToshibaServiceStation"="c:\program files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2009-08-17 1294136]
  154. "TosWaitSrv"="c:\program files\TOSHIBA\TPHM\TosWaitSrv.exe" [2009-08-07 611672]
  155. "Teco"="c:\program files\TOSHIBA\TECO\Teco.exe" [2009-08-11 1324384]
  156. "USB2Check"="c:\windows\system32\PCLECoInst.dll" [2007-02-20 81920]
  157. "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 1797008]
  158. "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-09-17 611672]
  159. "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
  160. "AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
  161. "LiveZilla"="c:\program files\LiveZilla\LiveZilla.exe" [2011-03-17 7030272]
  162. "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]
  163. "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
  164. "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
  165. "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-29 1047656]
  166. .
  167. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
  168. "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
  169. .
  170. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  171. "ConsentPromptBehaviorAdmin"= 0 (0x0)
  172. "ConsentPromptBehaviorUser"= 3 (0x3)
  173. "EnableLUA"= 0 (0x0)
  174. "EnableUIADesktopToggle"= 0 (0x0)
  175. .
  176. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  177. Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
  178. .
  179. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackupReminder]
  180. 2009-07-16 19:04 529256 ----a-w- c:\program files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe
  181. .
  182. [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TosSENotify]
  183. 2009-09-17 20:37 611672 ----a-w- c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
  184. .
  185. [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
  186. "Google Update"="c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
  187. .
  188. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
  189. "USBToolTip"="c:\program files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe"
  190. "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
  191. "ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
  192. "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
  193. .
  194. R1 MpKsl009a9a6e;MpKsl009a9a6e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E505923E-DA1A-4F03-A90B-4AC579C02215}\MpKsl009a9a6e.sys [x]
  195. R1 MpKsl0311c7b7;MpKsl0311c7b7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F0672340-3045-40A2-8068-E67A56686EBD}\MpKsl0311c7b7.sys [x]
  196. R1 MpKsl06ba7738;MpKsl06ba7738;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C893A02F-8B93-4B64-BB73-8D2C63AF3BD5}\MpKsl06ba7738.sys [x]
  197. R1 MpKsl415c0fc2;MpKsl415c0fc2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F265A5F9-5DAE-41FA-805D-74571FF1D547}\MpKsl415c0fc2.sys [x]
  198. R1 MpKsl70278839;MpKsl70278839;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7EA833B6-24DD-4F17-AB33-0E7FA9DD1A27}\MpKsl70278839.sys [x]
  199. R1 MpKsl7228cd5e;MpKsl7228cd5e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F0672340-3045-40A2-8068-E67A56686EBD}\MpKsl7228cd5e.sys [x]
  200. R1 MpKsl8764d2a8;MpKsl8764d2a8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CF16848E-E049-47A6-B274-7AC1FDB847C1}\MpKsl8764d2a8.sys [x]
  201. R1 MpKsl89330873;MpKsl89330873;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F0672340-3045-40A2-8068-E67A56686EBD}\MpKsl89330873.sys [x]
  202. R1 MpKslfb45078f;MpKslfb45078f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7EA833B6-24DD-4F17-AB33-0E7FA9DD1A27}\MpKslfb45078f.sys [x]
  203. R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  204. R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [2010-04-01 19560]
  205. R3 hcwhdpvr;Hauppauge HD PVR Capture Device;c:\windows\system32\DRIVERS\hcwhdpvr.sys [2010-06-23 157568]
  206. R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
  207. R3 PinnacleMarvinAVS;Pinnacle AVStream Service for MovieBox Deluxe, 500-USB and 700-USB;c:\windows\system32\DRIVERS\MarvinAVS.sys [2007-05-09 434176]
  208. R3 PsSdk41;PsSdk41;c:\windows\system32\Drivers\pssdk41.sys [2010-12-20 36928]
  209. R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-08-06 171520]
  210. R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
  211. R3 TMachInfo;TMachInfo;c:\program files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-08-17 51512]
  212. R3 TsVlb;TsVlb;c:\windows\system32\DRIVERS\tsvlb.sys [2010-04-21 20072]
  213. R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-04 1343400]
  214. R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
  215. S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [2009-02-19 127744]
  216. S1 TsVp;TsVp;c:\windows\system32\DRIVERS\tsvp.sys [2010-06-15 27752]
  217. S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
  218. S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-30 176128]
  219. S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [2009-08-11 185712]
  220. S2 ConfigFree Service;ConfigFree Service;c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-11 46448]
  221. S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
  222. S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
  223. S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088]
  224. S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [2010-04-24 483688]
  225. S2 TeamViewer6;TeamViewer 6;c:\program files\TeamViewer\Version6\TeamViewer_Service.exe [2010-11-30 2222376]
  226. S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-11 185712]
  227. S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 12920]
  228. S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2010-07-01 44432]
  229. S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys [2011-07-02 50728]
  230. S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2009-07-07 7680]
  231. S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-05-29 22712]
  232. S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-11-05 230912]
  233. S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2010-04-24 550760]
  234. S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2010-04-24 195944]
  235. S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2010-04-24 21864]
  236. S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2010-04-24 19304]
  237. S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [2010-04-24 209768]
  238. S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-09-17 111960]
  239. S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-07 685424]
  240. S3 TSCOMM;CommStudio Virtual Adapter by TamoSoft;c:\windows\system32\DRIVERS\tscomm.sys [2010-04-29 41576]
  241. .
  242. .
  243. --- Other Services/Drivers In Memory ---
  244. .
  245. *NewlyCreated* - ADFS
  246. *NewlyCreated* - MBAMPROTECTOR
  247. .
  248. [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{01250B8F-D947-4F8A-9408-FE8E3EE2EC92}]
  249. 2009-08-06 16:15 264048 ----a-w- c:\program files\TOSHIBA\My Toshiba\MyToshiba.exe
  250. .
  251. Contents of the 'Scheduled Tasks' folder
  252. .
  253. 2011-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2404385219-667084173-3025111071-1000Core.job
  254. - c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-06 19:00]
  255. .
  256. 2011-07-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2404385219-667084173-3025111071-1000UA.job
  257. - c:\users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-06 19:00]
  258. .
  259. .
  260. ------- Supplementary Scan -------
  261. .
  262. uInternet Settings,ProxyOverride = *.local
  263. TCP: DhcpNameServer = 192.168.1.1
  264. FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\8yuq713c.default\
  265. FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2737658&SearchSource=13
  266. FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2737658&q=
  267. FF - prefs.js: network.proxy.http - 127.0.0.1
  268. FF - prefs.js: network.proxy.http_port - 50370
  269. FF - prefs.js: network.proxy.type - 0
  270. FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.ytff.general.dontshowhpoffer, true
  271. .
  272. - - - - ORPHANS REMOVED - - - -
  273. .
  274. URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
  275. URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
  276. Toolbar-Locked - (no file)
  277. Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
  278. WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
  279. WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
  280. HKCU-Run-AdobeBridge - (no file)
  281. .
  282. .
  283. .
  284. --------------------- LOCKED REGISTRY KEYS ---------------------
  285. .
  286. [HKEY_USERS\S-1-5-21-2404385219-667084173-3025111071-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
  287. @Denied: (2) (LocalSystem)
  288. "Progid"="WindowsLiveMail.Email.1"
  289. .
  290. [HKEY_USERS\S-1-5-21-2404385219-667084173-3025111071-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
  291. @Denied: (2) (LocalSystem)
  292. "Progid"="WindowsLiveMail.VCard.1"
  293. .
  294. [HKEY_USERS\S-1-5-21-2404385219-667084173-3025111071-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6165A41A-8C84-C20D-D70C-FF2DF181FDF7}*]
  295. "hacmhapmdbocbdkm"=hex:63,62,6e,65,68,6c,70,6e,66,6f,6e,61,70,66,61,63,66,62,
  296. 64,61,63,6f,6e,6d,6e,6f,64,6d,6a,6f,6f,6f,66,67,68,6b,6f,67,00,00
  297. "iaambbckfimpeedakd"=hex:63,62,6e,65,68,6c,70,6e,66,6f,6e,61,70,66,61,63,66,62,
  298. 64,61,63,6f,6e,6d,6e,6f,64,6d,6a,6f,6f,6f,66,67,68,6b,6f,67,00,00
  299. .
  300. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  301. @Denied: (A) (Users)
  302. @Denied: (A) (Everyone)
  303. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  304. "BlindDial"=dword:00000000
  305. .
  306. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  307. @Denied: (Full) (Everyone)
  308. .
  309. Completion time: 2011-07-05 21:47:42
  310. ComboFix-quarantined-files.txt 2011-07-06 01:47
  311. .
  312. Pre-Run: 177,321,103,360 bytes free
  313. Post-Run: 178,113,359,872 bytes free
  314. .
  315. - - End Of File - - 5AB57113777D38EE9554209BE8BEFDAD
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!