Publicité
Publicité
Format du document : text/plain
Prévisualisation
ComboFix 15-08-20.01 - Yasser 08/21/2015 20:02:00.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1256.213.1033.18.1942.970 [GMT 1:00]
Running from: c:\users\Yasser\Desktop\ComboFix.exe
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: Pare-feu personnel d'ESET *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2015-07-21 to 2015-08-21 )))))))))))))))))))))))))))))))
.
.
2015-08-21 19:10 . 2015-08-21 19:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-21 18:36 . 2015-08-21 18:36 -------- d-----w- c:\windows\LastGood
2015-08-21 18:36 . 2015-08-21 18:36 144 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-21 18:31 . 2015-03-19 17:40 177320 ----a-w- c:\windows\system32\SynTPCo20.dll
2015-08-21 18:31 . 2015-03-19 17:40 205992 ----a-w- c:\windows\system32\SynTPAPI.dll
2015-08-21 18:31 . 2015-03-19 17:39 434856 ----a-w- c:\windows\system32\drivers\SynTP.sys
2015-08-21 18:31 . 2015-03-19 17:40 409256 ----a-w- c:\windows\system32\SynCOM.dll
2015-08-21 18:31 . 2015-03-19 17:39 25256 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2015-08-21 18:31 . 2015-08-21 18:36 -------- d-----w- c:\programdata\Synaptics
2015-08-21 18:31 . 2015-08-21 18:31 -------- d-----w- C:\swsetup
2015-08-21 17:02 . 2012-05-24 12:39 8192 ----a-w- c:\windows\system32\drivers\rt2860.bin
2015-08-21 17:02 . 2012-05-24 12:39 4096 ----a-w- c:\windows\system32\drivers\rt3290.bin
2015-08-21 17:02 . 2012-05-24 12:39 4096 ----a-w- c:\windows\system32\drivers\3290PCI4KB.bin
2015-08-21 17:02 . 2015-02-10 19:49 2097296 ----a-w- c:\windows\system32\drivers\netr28.sys
2015-08-21 17:02 . 2014-06-10 09:39 241296 ----a-w- c:\windows\system32\RaCoInst.dll
2015-08-21 17:02 . 2015-02-06 17:55 386928 ----a-w- c:\windows\system32\drivers\FW7650.bin
2015-08-21 17:02 . 2015-08-21 17:02 -------- d-----w- c:\programdata\Ralink Driver
2015-08-21 16:19 . 2015-08-21 16:19 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1BA8EFDD-45A2-4846-B0AC-9E60A2CF6807}\offreg.1732.dll
2015-08-21 15:35 . 2015-08-21 15:35 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-08-21 15:30 . 2015-08-21 15:30 931528 ----a-w- c:\windows\system32\drivers\rtbth.sys
2015-08-21 15:30 . 2015-08-21 15:30 40958 ----a-w- c:\windows\system32\drivers\rt3298.bin
2015-08-21 15:28 . 2015-08-21 15:28 368912 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2015-08-21 15:27 . 2015-08-21 15:27 85616 ----a-w- c:\windows\system32\RtNicProp32.dll
2015-08-21 15:27 . 2015-08-21 15:27 731904 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
2015-08-21 15:26 . 2015-08-21 15:26 -------- d-----w- c:\program files\Synaptics
2015-08-21 15:26 . 2015-08-21 15:26 1629040 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2015-08-21 15:26 . 2015-08-21 15:24 60416 ----a-w- c:\windows\system32\OpenCL.DLL
2015-08-21 15:26 . 2015-08-21 15:26 -------- d-----w- c:\program files\Common Files\Intel
2015-08-21 15:22 . 2015-08-21 15:22 2637528 ----a-w- c:\windows\system32\RTSndMgr.cpl
2015-08-21 15:22 . 2015-08-21 15:22 3535576 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2015-08-21 15:22 . 2015-08-21 15:22 2630872 ----a-w- c:\windows\system32\RtkPgExt.dll
2015-08-21 15:22 . 2015-08-21 15:22 1708760 ----a-w- c:\windows\system32\RtkCoInstII.dll
2015-08-21 15:22 . 2015-08-21 15:22 2394328 ----a-w- c:\windows\system32\RtkApoApi.dll
2015-08-21 15:22 . 2015-08-21 15:22 35222128 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT
2015-08-21 15:22 . 2015-08-21 15:22 2585816 ----a-w- c:\windows\system32\RltkAPO.dll
2015-08-21 15:21 . 2015-08-21 15:21 1490960 ----a-w- c:\windows\system32\CX32APO.dll
2015-08-21 14:54 . 2015-08-21 14:54 23840 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2015-08-21 08:03 . 2015-07-31 09:37 9234960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1BA8EFDD-45A2-4846-B0AC-9E60A2CF6807}\mpengine.dll
2015-08-21 07:56 . 2015-08-21 08:05 -------- d-----w- c:\program files\CCleaner
2015-08-21 07:41 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2015-08-21 07:39 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\explorer.exe
2015-08-21 07:30 . 2015-08-21 14:37 98520 ----a-w- c:\windows\system32\drivers\1CAB0946.sys
2015-08-20 20:46 . 2014-03-09 21:47 99480 ----a-w- c:\windows\system32\infocardapi.dll
2015-08-20 20:46 . 2014-06-30 22:14 8856 ----a-w- c:\windows\system32\icardres.dll
2015-08-20 20:46 . 2014-03-09 21:47 619672 ----a-w- c:\windows\system32\icardagt.exe
2015-08-20 20:46 . 2014-06-06 06:16 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2015-08-20 20:34 . 2015-08-20 20:34 -------- d-----w- c:\program files\Internet Download Manager
2015-08-20 14:47 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys
2015-08-20 14:47 . 2014-12-08 02:46 308224 ----a-w- c:\windows\system32\scesrv.dll
2015-08-20 14:47 . 2015-04-24 17:56 530432 ----a-w- c:\windows\system32\comctl32.dll
2015-08-20 13:56 . 2015-08-20 13:56 -------- d-s---w- c:\windows\system32\CompatTel
2015-08-20 13:56 . 2015-08-20 13:56 -------- d-----w- c:\windows\system32\appraiser
2015-08-20 12:08 . 2015-08-20 12:13 -------- d-----w- c:\windows\system32\MRT
2015-08-20 11:55 . 2015-08-20 08:31 2362688 ----a-w- c:\windows\system32\SNU.dll
2015-08-20 11:55 . 2015-08-20 11:55 -------- d-----w- c:\programdata\2BrightSparks
2015-08-20 11:55 . 2015-08-20 11:55 -------- d-----w- c:\program files\2BrightSparks
2015-08-20 11:36 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2015-08-20 11:36 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2015-08-20 11:36 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2015-08-20 11:36 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2015-08-20 11:36 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2015-08-20 11:36 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2015-08-20 11:36 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2015-08-20 11:18 . 2015-08-20 11:18 -------- d-----w- c:\users\Public\Foxit Software
2015-08-20 11:12 . 2015-08-20 11:12 -------- d-----w- c:\program files\Microsoft.NET
2015-08-20 11:12 . 2015-08-20 11:12 -------- d-----w- c:\windows\Migration
2015-08-20 11:07 . 2015-06-23 12:27 246952 ------w- c:\windows\system32\MpSigStub.exe
2015-08-20 11:04 . 2015-08-20 11:04 -------- d-----w- c:\program files\Foxit Software
2015-08-20 10:53 . 2015-07-30 13:13 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-20 10:52 . 2015-01-09 02:48 76800 ----a-w- c:\windows\system32\wdi.dll
2015-08-20 10:52 . 2015-01-09 02:48 635904 ----a-w- c:\windows\system32\perftrack.dll
2015-08-20 10:52 . 2015-01-09 02:48 27136 ----a-w- c:\windows\system32\powertracker.dll
2015-08-20 10:41 . 2015-07-15 02:55 44032 ----a-w- c:\windows\system32\basesrv.dll
2015-08-20 10:39 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2015-08-20 10:37 . 2015-07-15 17:59 3989952 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-08-20 10:36 . 2014-03-04 09:17 538112 ----a-w- c:\windows\system32\objsel.dll
2015-08-20 10:36 . 2014-03-04 09:17 35328 ----a-w- c:\windows\system32\wincredprovider.dll
2015-08-20 10:36 . 2014-03-04 09:17 47616 ----a-w- c:\windows\system32\dpapiprovider.dll
2015-08-20 10:36 . 2014-03-04 09:17 36864 ----a-w- c:\windows\system32\dimsroam.dll
2015-08-20 10:36 . 2014-03-04 09:17 51200 ----a-w- c:\windows\system32\cngprovider.dll
2015-08-20 10:36 . 2014-03-04 09:17 48128 ----a-w- c:\windows\system32\capiprovider.dll
2015-08-20 10:36 . 2014-03-04 09:17 49664 ----a-w- c:\windows\system32\adprovider.dll
2015-08-20 10:36 . 2014-06-18 22:23 81560 ----a-w- c:\windows\system32\mscories.dll
2015-08-20 10:36 . 2014-06-18 22:23 156824 ----a-w- c:\windows\system32\mscorier.dll
2015-08-20 10:36 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\system32\dfshim.dll
2015-08-20 10:36 . 2015-07-10 17:34 3221504 ----a-w- c:\windows\system32\mstscax.dll
2015-08-20 10:36 . 2015-07-10 17:34 36864 ----a-w- c:\windows\system32\tsgqec.dll
2015-08-20 10:36 . 2015-07-10 17:33 131584 ----a-w- c:\windows\system32\aaclient.dll
2015-08-20 10:34 . 2015-07-28 20:00 635904 ----a-w- c:\windows\system32\invagent.dll
2015-08-20 10:32 . 2015-07-30 17:57 812032 ----a-w- c:\windows\system32\FntCache.dll
2015-08-20 10:32 . 2015-07-30 16:52 2384384 ----a-w- c:\windows\system32\win32k.sys
2015-08-20 10:32 . 2015-07-30 16:49 299520 ----a-w- c:\windows\system32\atmfd.dll
2015-08-20 10:32 . 2015-07-30 17:57 1081856 ----a-w- c:\windows\system32\DWrite.dll
2015-08-20 10:32 . 2015-07-30 17:57 1171456 ----a-w- c:\windows\system32\d3d10warp.dll
2015-08-20 10:32 . 2015-07-30 17:57 26624 ----a-w- c:\windows\system32\lpk.dll
2015-08-20 10:32 . 2015-07-30 17:57 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-08-20 10:32 . 2015-07-30 17:57 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-08-20 10:32 . 2015-07-30 17:57 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-08-20 10:31 . 2014-06-18 01:52 868864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2015-08-20 10:31 . 2014-06-18 01:52 399360 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2015-08-20 10:31 . 2014-06-18 01:52 348672 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tiptsf.dll
2015-08-20 10:31 . 2014-06-18 01:52 104448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
2015-08-20 10:31 . 2014-06-18 01:51 181760 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TabTip.exe
2015-08-20 10:31 . 2014-06-18 01:51 646144 ----a-w- c:\windows\system32\osk.exe
2015-08-20 10:31 . 2014-06-18 01:50 544768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipRes.dll
2015-08-20 10:29 . 2014-08-01 11:35 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2015-08-20 10:29 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2015-08-20 10:29 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2015-08-20 10:29 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2015-08-20 10:29 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2015-08-20 10:29 . 2015-06-15 21:43 2364416 ----a-w- c:\windows\system32\msi.dll
2015-08-20 10:29 . 2015-06-15 21:47 101824 ----a-w- c:\windows\system32\consent.exe
2015-08-20 10:29 . 2015-06-15 21:43 337408 ----a-w- c:\windows\system32\msihnd.dll
2015-08-20 10:29 . 2015-06-15 21:43 1805824 ----a-w- c:\windows\system32\authui.dll
2015-08-20 10:29 . 2015-06-15 21:43 47104 ----a-w- c:\windows\system32\appinfo.dll
2015-08-20 10:29 . 2015-06-15 21:42 73216 ----a-w- c:\windows\system32\msiexec.exe
2015-08-20 10:29 . 2015-06-15 21:37 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-08-20 10:27 . 2013-10-04 01:58 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2015-08-20 10:26 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\system32\wpdshext.dll
2015-08-20 10:26 . 2014-06-06 09:44 509440 ----a-w- c:\windows\system32\qedit.dll
2015-08-20 10:26 . 2013-10-12 02:04 121856 ----a-w- c:\windows\system32\wshom.ocx
2015-08-20 10:26 . 2013-10-12 02:03 163840 ----a-w- c:\windows\system32\scrrun.dll
2015-08-20 10:26 . 2013-10-12 01:15 141824 ----a-w- c:\windows\system32\wscript.exe
2015-08-20 10:26 . 2013-10-12 01:15 126976 ----a-w- c:\windows\system32\cscript.exe
2015-08-20 10:26 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-15 17:43 . 2015-08-20 10:37 2560 ----a-w- c:\windows\system32\drivers\en-US\mountmgr.sys.mui
2015-07-14 14:29 . 2015-07-14 14:29 60552 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2015-07-14 14:29 . 2015-07-14 14:29 46656 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2015-07-14 14:29 . 2015-07-14 14:29 202704 ----a-w- c:\windows\system32\drivers\eamonm.sys
2015-07-14 14:29 . 2015-07-14 14:29 185176 ----a-w- c:\windows\system32\drivers\epfw.sys
2015-07-14 14:29 . 2015-07-14 14:29 144536 ----a-w- c:\windows\system32\drivers\ehdrv.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2015-08-14 10:52 23520 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2015-08-15 3907152]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-06-01 6405912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2015-07-08 5089480]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI.exe" [2015-08-21 7540440]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RtHDVBg.exe" [2015-08-21 1015512]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2015-03-19 2491560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-06-11 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2015-07-14 60552]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2015-07-14 202704]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2015-07-14 144536]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2015-07-14 46656]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2015-08-21 23840]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.EXE [2009-11-17 87968]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2015-07-08 1353720]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-15 1833104]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2015-06-12 123968]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe [2015-08-21 274024]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService.exe [2015-08-21 255192]
S2 SynTPEnhService;SynTPEnh Caller Service;c:\program files\Synaptics\SynTP\SynTPEnhService.exe [2015-03-19 192168]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2015-08-21 368912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-06-18 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-08-21 98520]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-06-18 51928]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2015-02-10 2097296]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys [2015-08-21 230616]
S3 rtbth;RTBTH Bluetooth Device Driver;c:\windows\system32\DRIVERS\rtbth.sys [2015-08-21 931528]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2015-08-21 731904]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-03-19 25256]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
FF - ProfilePath - c:\users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\235zpzof.default\
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-08-21 20:13:46
ComboFix-quarantined-files.txt 2015-08-21 19:13
.
Pre-Run: 36,547,284,992 bytes free
Post-Run: 36,255,559,680 bytes free
.
- - End Of File - - BF579E953C6AB8C111D0C5AA21C6DCE0
A36C5E4F47E84449FF07ED3517B43A31
Microsoft Windows 7 Ultimate 6.1.7601.1.1256.213.1033.18.1942.970 [GMT 1:00]
Running from: c:\users\Yasser\Desktop\ComboFix.exe
AV: ESET Smart Security 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: Pare-feu personnel d'ESET *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2015-07-21 to 2015-08-21 )))))))))))))))))))))))))))))))
.
.
2015-08-21 19:10 . 2015-08-21 19:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-21 18:36 . 2015-08-21 18:36 -------- d-----w- c:\windows\LastGood
2015-08-21 18:36 . 2015-08-21 18:36 144 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-21 18:31 . 2015-03-19 17:40 177320 ----a-w- c:\windows\system32\SynTPCo20.dll
2015-08-21 18:31 . 2015-03-19 17:40 205992 ----a-w- c:\windows\system32\SynTPAPI.dll
2015-08-21 18:31 . 2015-03-19 17:39 434856 ----a-w- c:\windows\system32\drivers\SynTP.sys
2015-08-21 18:31 . 2015-03-19 17:40 409256 ----a-w- c:\windows\system32\SynCOM.dll
2015-08-21 18:31 . 2015-03-19 17:39 25256 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2015-08-21 18:31 . 2015-08-21 18:36 -------- d-----w- c:\programdata\Synaptics
2015-08-21 18:31 . 2015-08-21 18:31 -------- d-----w- C:\swsetup
2015-08-21 17:02 . 2012-05-24 12:39 8192 ----a-w- c:\windows\system32\drivers\rt2860.bin
2015-08-21 17:02 . 2012-05-24 12:39 4096 ----a-w- c:\windows\system32\drivers\rt3290.bin
2015-08-21 17:02 . 2012-05-24 12:39 4096 ----a-w- c:\windows\system32\drivers\3290PCI4KB.bin
2015-08-21 17:02 . 2015-02-10 19:49 2097296 ----a-w- c:\windows\system32\drivers\netr28.sys
2015-08-21 17:02 . 2014-06-10 09:39 241296 ----a-w- c:\windows\system32\RaCoInst.dll
2015-08-21 17:02 . 2015-02-06 17:55 386928 ----a-w- c:\windows\system32\drivers\FW7650.bin
2015-08-21 17:02 . 2015-08-21 17:02 -------- d-----w- c:\programdata\Ralink Driver
2015-08-21 16:19 . 2015-08-21 16:19 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1BA8EFDD-45A2-4846-B0AC-9E60A2CF6807}\offreg.1732.dll
2015-08-21 15:35 . 2015-08-21 15:35 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-08-21 15:30 . 2015-08-21 15:30 931528 ----a-w- c:\windows\system32\drivers\rtbth.sys
2015-08-21 15:30 . 2015-08-21 15:30 40958 ----a-w- c:\windows\system32\drivers\rt3298.bin
2015-08-21 15:28 . 2015-08-21 15:28 368912 ----a-w- c:\windows\system32\drivers\IntcDAud.sys
2015-08-21 15:27 . 2015-08-21 15:27 85616 ----a-w- c:\windows\system32\RtNicProp32.dll
2015-08-21 15:27 . 2015-08-21 15:27 731904 ----a-w- c:\windows\system32\drivers\Rt86win7.sys
2015-08-21 15:26 . 2015-08-21 15:26 -------- d-----w- c:\program files\Synaptics
2015-08-21 15:26 . 2015-08-21 15:26 1629040 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2015-08-21 15:26 . 2015-08-21 15:24 60416 ----a-w- c:\windows\system32\OpenCL.DLL
2015-08-21 15:26 . 2015-08-21 15:26 -------- d-----w- c:\program files\Common Files\Intel
2015-08-21 15:22 . 2015-08-21 15:22 2637528 ----a-w- c:\windows\system32\RTSndMgr.cpl
2015-08-21 15:22 . 2015-08-21 15:22 3535576 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2015-08-21 15:22 . 2015-08-21 15:22 2630872 ----a-w- c:\windows\system32\RtkPgExt.dll
2015-08-21 15:22 . 2015-08-21 15:22 1708760 ----a-w- c:\windows\system32\RtkCoInstII.dll
2015-08-21 15:22 . 2015-08-21 15:22 2394328 ----a-w- c:\windows\system32\RtkApoApi.dll
2015-08-21 15:22 . 2015-08-21 15:22 35222128 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT
2015-08-21 15:22 . 2015-08-21 15:22 2585816 ----a-w- c:\windows\system32\RltkAPO.dll
2015-08-21 15:21 . 2015-08-21 15:21 1490960 ----a-w- c:\windows\system32\CX32APO.dll
2015-08-21 14:54 . 2015-08-21 14:54 23840 ----a-w- c:\windows\system32\drivers\HWiNFO32.SYS
2015-08-21 08:03 . 2015-07-31 09:37 9234960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1BA8EFDD-45A2-4846-B0AC-9E60A2CF6807}\mpengine.dll
2015-08-21 07:56 . 2015-08-21 08:05 -------- d-----w- c:\program files\CCleaner
2015-08-21 07:41 . 2012-02-11 05:37 317440 ----a-w- c:\windows\system32\spoolsv.exe
2015-08-21 07:39 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\explorer.exe
2015-08-21 07:30 . 2015-08-21 14:37 98520 ----a-w- c:\windows\system32\drivers\1CAB0946.sys
2015-08-20 20:46 . 2014-03-09 21:47 99480 ----a-w- c:\windows\system32\infocardapi.dll
2015-08-20 20:46 . 2014-06-30 22:14 8856 ----a-w- c:\windows\system32\icardres.dll
2015-08-20 20:46 . 2014-03-09 21:47 619672 ----a-w- c:\windows\system32\icardagt.exe
2015-08-20 20:46 . 2014-06-06 06:16 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2015-08-20 20:34 . 2015-08-20 20:34 -------- d-----w- c:\program files\Internet Download Manager
2015-08-20 14:47 . 2012-03-17 07:27 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys
2015-08-20 14:47 . 2014-12-08 02:46 308224 ----a-w- c:\windows\system32\scesrv.dll
2015-08-20 14:47 . 2015-04-24 17:56 530432 ----a-w- c:\windows\system32\comctl32.dll
2015-08-20 13:56 . 2015-08-20 13:56 -------- d-s---w- c:\windows\system32\CompatTel
2015-08-20 13:56 . 2015-08-20 13:56 -------- d-----w- c:\windows\system32\appraiser
2015-08-20 12:08 . 2015-08-20 12:13 -------- d-----w- c:\windows\system32\MRT
2015-08-20 11:55 . 2015-08-20 08:31 2362688 ----a-w- c:\windows\system32\SNU.dll
2015-08-20 11:55 . 2015-08-20 11:55 -------- d-----w- c:\programdata\2BrightSparks
2015-08-20 11:55 . 2015-08-20 11:55 -------- d-----w- c:\program files\2BrightSparks
2015-08-20 11:36 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2015-08-20 11:36 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2015-08-20 11:36 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2015-08-20 11:36 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2015-08-20 11:36 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2015-08-20 11:36 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2015-08-20 11:36 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2015-08-20 11:18 . 2015-08-20 11:18 -------- d-----w- c:\users\Public\Foxit Software
2015-08-20 11:12 . 2015-08-20 11:12 -------- d-----w- c:\program files\Microsoft.NET
2015-08-20 11:12 . 2015-08-20 11:12 -------- d-----w- c:\windows\Migration
2015-08-20 11:07 . 2015-06-23 12:27 246952 ------w- c:\windows\system32\MpSigStub.exe
2015-08-20 11:04 . 2015-08-20 11:04 -------- d-----w- c:\program files\Foxit Software
2015-08-20 10:53 . 2015-07-30 13:13 103120 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-20 10:52 . 2015-01-09 02:48 76800 ----a-w- c:\windows\system32\wdi.dll
2015-08-20 10:52 . 2015-01-09 02:48 635904 ----a-w- c:\windows\system32\perftrack.dll
2015-08-20 10:52 . 2015-01-09 02:48 27136 ----a-w- c:\windows\system32\powertracker.dll
2015-08-20 10:41 . 2015-07-15 02:55 44032 ----a-w- c:\windows\system32\basesrv.dll
2015-08-20 10:39 . 2013-05-10 03:20 24576 ----a-w- c:\windows\system32\cryptdlg.dll
2015-08-20 10:37 . 2015-07-15 17:59 3989952 ----a-w- c:\windows\system32\ntkrnlpa.exe
2015-08-20 10:36 . 2014-03-04 09:17 538112 ----a-w- c:\windows\system32\objsel.dll
2015-08-20 10:36 . 2014-03-04 09:17 35328 ----a-w- c:\windows\system32\wincredprovider.dll
2015-08-20 10:36 . 2014-03-04 09:17 47616 ----a-w- c:\windows\system32\dpapiprovider.dll
2015-08-20 10:36 . 2014-03-04 09:17 36864 ----a-w- c:\windows\system32\dimsroam.dll
2015-08-20 10:36 . 2014-03-04 09:17 51200 ----a-w- c:\windows\system32\cngprovider.dll
2015-08-20 10:36 . 2014-03-04 09:17 48128 ----a-w- c:\windows\system32\capiprovider.dll
2015-08-20 10:36 . 2014-03-04 09:17 49664 ----a-w- c:\windows\system32\adprovider.dll
2015-08-20 10:36 . 2014-06-18 22:23 81560 ----a-w- c:\windows\system32\mscories.dll
2015-08-20 10:36 . 2014-06-18 22:23 156824 ----a-w- c:\windows\system32\mscorier.dll
2015-08-20 10:36 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\system32\dfshim.dll
2015-08-20 10:36 . 2015-07-10 17:34 3221504 ----a-w- c:\windows\system32\mstscax.dll
2015-08-20 10:36 . 2015-07-10 17:34 36864 ----a-w- c:\windows\system32\tsgqec.dll
2015-08-20 10:36 . 2015-07-10 17:33 131584 ----a-w- c:\windows\system32\aaclient.dll
2015-08-20 10:34 . 2015-07-28 20:00 635904 ----a-w- c:\windows\system32\invagent.dll
2015-08-20 10:32 . 2015-07-30 17:57 812032 ----a-w- c:\windows\system32\FntCache.dll
2015-08-20 10:32 . 2015-07-30 16:52 2384384 ----a-w- c:\windows\system32\win32k.sys
2015-08-20 10:32 . 2015-07-30 16:49 299520 ----a-w- c:\windows\system32\atmfd.dll
2015-08-20 10:32 . 2015-07-30 17:57 1081856 ----a-w- c:\windows\system32\DWrite.dll
2015-08-20 10:32 . 2015-07-30 17:57 1171456 ----a-w- c:\windows\system32\d3d10warp.dll
2015-08-20 10:32 . 2015-07-30 17:57 26624 ----a-w- c:\windows\system32\lpk.dll
2015-08-20 10:32 . 2015-07-30 17:57 70656 ----a-w- c:\windows\system32\fontsub.dll
2015-08-20 10:32 . 2015-07-30 17:57 10240 ----a-w- c:\windows\system32\dciman32.dll
2015-08-20 10:32 . 2015-07-30 17:57 34304 ----a-w- c:\windows\system32\atmlib.dll
2015-08-20 10:31 . 2014-06-18 01:52 868864 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2015-08-20 10:31 . 2014-06-18 01:52 399360 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll
2015-08-20 10:31 . 2014-06-18 01:52 348672 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tiptsf.dll
2015-08-20 10:31 . 2014-06-18 01:52 104448 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
2015-08-20 10:31 . 2014-06-18 01:51 181760 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TabTip.exe
2015-08-20 10:31 . 2014-06-18 01:51 646144 ----a-w- c:\windows\system32\osk.exe
2015-08-20 10:31 . 2014-06-18 01:50 544768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipRes.dll
2015-08-20 10:29 . 2014-08-01 11:35 793600 ----a-w- c:\windows\system32\TSWorkspace.dll
2015-08-20 10:29 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2015-08-20 10:29 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2015-08-20 10:29 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2015-08-20 10:29 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2015-08-20 10:29 . 2015-06-15 21:43 2364416 ----a-w- c:\windows\system32\msi.dll
2015-08-20 10:29 . 2015-06-15 21:47 101824 ----a-w- c:\windows\system32\consent.exe
2015-08-20 10:29 . 2015-06-15 21:43 337408 ----a-w- c:\windows\system32\msihnd.dll
2015-08-20 10:29 . 2015-06-15 21:43 1805824 ----a-w- c:\windows\system32\authui.dll
2015-08-20 10:29 . 2015-06-15 21:43 47104 ----a-w- c:\windows\system32\appinfo.dll
2015-08-20 10:29 . 2015-06-15 21:42 73216 ----a-w- c:\windows\system32\msiexec.exe
2015-08-20 10:29 . 2015-06-15 21:37 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-08-20 10:27 . 2013-10-04 01:58 152576 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2015-08-20 10:26 . 2015-01-29 03:02 2311168 ----a-w- c:\windows\system32\wpdshext.dll
2015-08-20 10:26 . 2014-06-06 09:44 509440 ----a-w- c:\windows\system32\qedit.dll
2015-08-20 10:26 . 2013-10-12 02:04 121856 ----a-w- c:\windows\system32\wshom.ocx
2015-08-20 10:26 . 2013-10-12 02:03 163840 ----a-w- c:\windows\system32\scrrun.dll
2015-08-20 10:26 . 2013-10-12 01:15 141824 ----a-w- c:\windows\system32\wscript.exe
2015-08-20 10:26 . 2013-10-12 01:15 126976 ----a-w- c:\windows\system32\cscript.exe
2015-08-20 10:26 . 2013-07-03 03:36 55808 ----a-w- c:\windows\system32\drivers\hidclass.sys
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-15 17:43 . 2015-08-20 10:37 2560 ----a-w- c:\windows\system32\drivers\en-US\mountmgr.sys.mui
2015-07-14 14:29 . 2015-07-14 14:29 60552 ----a-w- c:\windows\system32\drivers\epfwwfp.sys
2015-07-14 14:29 . 2015-07-14 14:29 46656 ----a-w- c:\windows\system32\drivers\EpfwLWF.sys
2015-07-14 14:29 . 2015-07-14 14:29 202704 ----a-w- c:\windows\system32\drivers\eamonm.sys
2015-07-14 14:29 . 2015-07-14 14:29 185176 ----a-w- c:\windows\system32\drivers\epfw.sys
2015-07-14 14:29 . 2015-07-14 14:29 144536 ----a-w- c:\windows\system32\drivers\ehdrv.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2015-08-14 10:52 23520 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2015-08-15 3907152]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-06-01 6405912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2015-07-08 5089480]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI.exe" [2015-08-21 7540440]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RtHDVBg.exe" [2015-08-21 1015512]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2015-03-19 2491560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-06-11 15872]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2015-07-14 60552]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2015-07-14 202704]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2015-07-14 144536]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2015-07-14 46656]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO32.SYS [2015-08-21 23840]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSrv.EXE [2009-11-17 87968]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2015-07-08 1353720]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-15 1833104]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2015-06-12 123968]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe [2015-08-21 274024]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService.exe [2015-08-21 255192]
S2 SynTPEnhService;SynTPEnh Caller Service;c:\program files\Synaptics\SynTP\SynTPEnhService.exe [2015-03-19 192168]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2015-08-21 368912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-06-18 23256]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2015-08-21 98520]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-06-18 51928]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2015-02-10 2097296]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys [2015-08-21 230616]
S3 rtbth;RTBTH Bluetooth Device Driver;c:\windows\system32\DRIVERS\rtbth.sys [2015-08-21 931528]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2015-08-21 731904]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-03-19 25256]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc REG_MULTI_SZ DiagTrack
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
FF - ProfilePath - c:\users\Yasser\AppData\Roaming\Mozilla\Firefox\Profiles\235zpzof.default\
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-08-21 20:13:46
ComboFix-quarantined-files.txt 2015-08-21 19:13
.
Pre-Run: 36,547,284,992 bytes free
Post-Run: 36,255,559,680 bytes free
.
- - End Of File - - BF579E953C6AB8C111D0C5AA21C6DCE0
A36C5E4F47E84449FF07ED3517B43A31