Combo Fix

ComboFix 13-08-21.01 - valio 25/08/2013 23:32:33.1.
4 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.54.1033.18.1910.955 [GMT -3:00]
Running from: I:\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))
)))))))))))))))))))))))))))))
.
.
C:\Images
c:\images\Sonido 1455508.peak
c:\program files\LyricsPal
c:\program files\LyricsPal\01.crx
c:\program files\LyricsPal\01.xpi
c:\program files\LyricsPal\128.dat
c:\program files\LyricsPal\128.dll
c:\program files\LyricsPal\chrome.manifest
c:\program files\LyricsPal\crx.dat
c:\program files\LyricsPal\crx.db
c:\program files\LyricsPal\Lyrics.exe
c:\program files\LyricsPal\sqlite3.dll
c:\program files\LyricsPal\Uninstall.exe
c:\program files\LyricsPal\xpi.dat
c:\program files\LyricsPal\xpi.db
c:\users\valio\AppData\Roaming\msregsvv.dll
c:\windows\msvcr71.dll
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\kernel.dll
c:\windows\system32\msvcsv60.dll
c:\windows\system32\Startup.dll
D:\Images.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))
))))))))))))))))))))))))))))))
.
.
-------\Service_DCService.exe
.
.
((((((((((((((((((((((((( Files Created from 2013-07-26 to 2013-08-26 )))))))
))))))))))))))))))))))))
.
.
2013-08-26 02:39 . 2013-08-26 02:41
-------d-----wc:\users
\valio\AppData\Local\temp
2013-08-26 02:29 . 2013-08-26 02:40
56200 ----a-wc:\programdata\M
icrosoft\Windows Defender\Definition Updates\{53C8AD4E-37ED-4986-98BF-88610499FA
62}\offreg.dll
2013-08-26 02:18 . 2013-08-26 02:18
-------d-----wc:\users
\valio\AppData\Roaming\SUPERAntiSpyware.com
2013-08-26 02:17 . 2013-08-26 02:18
-------d-----wc:\progr
am files\SUPERAntiSpyware
2013-08-26 02:17 . 2013-08-26 02:17
-------d-----wc:\progr
amdata\SUPERAntiSpyware.com
2013-08-26 02:16 . 2013-08-26 02:16

-------d-----wc:\progr
am files\CCleaner
2013-08-26 01:37 . 2013-08-26 01:37
-------d-----wc:\progr
am files\El Kinderguapo
2013-08-18 16:15 . 2009-06-22 21:58
89600 ----a-wc:\windows\syste
m32\Spool\prtprocs\w32x86\HPZPPLHN.DLL
2013-08-13 01:44 . 2013-08-13 01:44
159744 ----a-wc:\program files
\Internet Explorer\Mdulos\npqtplugin7.dll
2013-08-13 01:44 . 2013-08-13 01:44
2013-08-13 01:44 . 2013-08-13 01:44
2013-08-13 01:44 . 2013-08-13 01:44
2013-08-13 01:44 . 2013-08-13 01:44
2013-08-13 01:44 . 2013-08-13 01:44
2013-08-13 01:44 . 2013-08-13 01:44
\Internet Explorer\Mdulos\npqtplugin.dll
2013-08-13 01:43 . 2013-08-13 01:44
-------d-----wc:\progr
am files\QuickTime
2013-08-13 01:43 . 2013-08-13 01:43
-------d-----wc:\progr
amdata\Apple Computer
2013-08-13 01:40 . 2012-12-04 20:26
m32\WIN Installer Authorization Manager (Ver. 1.0.9 RC4).exe
2013-08-13 01:40 . 2012-08-29 16:23
m32\mkl_p4p.dll
2013-08-13 01:40 . 2012-08-29 16:23
m32\mkl_p4m3.dll
2013-08-13 01:40 . 2012-08-29 16:23
m32\mkl_p4m.dll
2013-08-13 01:40 . 2012-08-29 16:23
m32\mkl_p4.dll
2013-08-13 01:40 . 2012-08-29 16:23
m32\mkl_intel_thread.dll
2013-08-13 01:40 . 2012-08-29 16:23
m32\mkl_core.dll
2013-08-13 01:40 . 2012-08-29 16:23
m32\libiomp5md.dll
2013-08-13 01:40 . 2012-08-29 16:23
499712 ----a-wc:\windows\msvcp
71.dll
2013-08-13 01:39 . 2013-08-13 01:39
-------d-----wc:\progr
am files\VstPlugIns
2013-08-07 21:16 . 2013-08-07 21:16
-------d-----wc:\progr
am files\Common Files\MAGIX Services
2013-08-07 21:16 . 2013-08-10 15:16
-------d-----wc:\progr
amdata\MAGIX
2013-08-07 21:16 . 2013-08-07 21:16
-------d-----wc:\progr
am files\MAGIX
2013-08-07 21:13 . 2013-08-07 21:13
-------d-----wc:\progr
am files\IconGlobal
2013-08-06 13:48 . 2013-08-06 13:48
m32\FlashPlayerApp.exe
2013-08-05 00:07 . 2013-08-12 23:22
-------d-----wc:\users
\valio\AppData\Roaming\IK Multimedia
2013-08-04 16:13 . 2013-08-04 16:13
-------d-----wc:\users
\valio\AppData\Local\Native Instruments
2013-08-04 16:08 . 2013-08-04 16:08
-------d-----wc:\users
\valio\AppData\Local\Avid
2013-08-03 21:03 . 2013-08-03 21:03

-------dc-h--wc:\progr
amdata\{B7072B15-6E80-42FF-A9AE-4E62AF2B2418}
2013-08-03 21:01 . 2013-08-03 21:01
amdata\{B0CAD5CC-867E-473E-B55F-339F9635A45D}
2013-08-03 21:00 . 2013-08-03 21:00
amdata\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}
2013-08-03 20:58 . 2013-08-03 20:58
amdata\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
2013-08-03 20:58 . 2013-08-03 20:58
amdata\{30FA7941-4170-4C83-A9A8-FDF01C431704}
2013-08-03 20:58 . 2013-08-03 20:58
amdata\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
2013-08-03 20:58 . 2013-08-03 21:02
-------d-----wc:\progr
am files\Native Instruments
2013-08-03 20:58 . 2013-08-03 21:02
-------d-----wc:\progr
am files\Common Files\Native Instruments
2013-08-03 20:58 . 2013-08-03 20:58
-------d-----wc:\progr
amdata\Native Instruments
2013-08-03 20:21 . 2013-08-03 20:21
-------d-----wc:\windo
ws\system32\FFSJ
2013-08-03 20:01 . 2013-08-03 20:21
-------d-----wc:\users
\valio\AppData\Roaming\FFSJ
2013-08-03 19:50 . 2013-08-03 20:47
-------d-----wC:\agost
o
2013-08-03 19:46 . 2013-08-03 20:21
794906 ----a-wc:\windows\unins
000.exe
2013-08-03 18:04 . 2013-08-03 18:04
-------d-----wc:\progr
am files\Steinberg
2013-08-03 18:04 . 2013-08-03 18:04
m32\gdiplus.dll
2013-08-03 18:04 . 2013-08-03 18:04
m32\mfc71.dll
2013-08-03 17:34 . 2013-08-03 17:34
-------d-----wc:\users
\valio\AppData\Local\Bundled software uninstaller
2013-08-03 17:34 . 2013-08-08 01:45
-------d-----wc:\users
\valio\AppData\Local\Lollipop
2013-08-03 17:09 . 2013-08-03 17:33
-------d-----wc:\progr
am files\Astroburn Lite
2013-08-03 17:09 . 2013-08-03 17:09
-------d-----wc:\progr
amdata\Astroburn Lite
2013-08-03 15:38 . 2013-08-03 15:38
-------d-----wc:\users
\valio\guitar 5 a
2013-08-03 15:38 . 2013-08-03 15:38
-------d-----wc:\users
\valio\guitar 5
2013-08-03 15:34 . 2013-08-03 15:34
amdata\{1CEDDDD4-56D2-463F-BC4E-C5DFFD3533C9}
2013-08-03 15:29 . 2013-08-03 15:29
-------d-----wc:\progr
am files\Common Files\DigiDesign
2013-08-03 15:29 . 2013-08-13 01:52
-------d-----wc:\progr
am files\IK Multimedia
2013-07-28 04:20 . 2013-07-28 04:20
-------d-----wc:\progr
am files\WALL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))
)))))))))))))))))))))))))))))))
.
2013-08-06 13:48 . 2011-12-10 22:37
m32\FlashPlayerCPLApp.cpl
2013-08-03 17:51 . 2012-02-16 17:09

m32\drivers\sptd.sys
2011-11-21 04:24 . 2011-12-10 21:59
\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck ------Note: Unsigned files aren't necessarily malware.
.
[-] 2012-01-13 . 8626F0C30D4E3564FFDD25C90F4426F1 . 811520 . . [6.1.7600.16385]
. . c:\windows\System32\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385]
. . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.163
85_none_cd0ec264ceb014a3\user32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))
)))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-0
7-02 220544]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [20
10-01-16 717696]
"GoogleChromeAutoLaunch_5E20F30499C3F7547699CC66C382FB3B"="c:\users\valio\AppData
\Local\Google\Chrome\Application\chrome.exe" [2013-07-25 846288]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-05
1305408]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\ISUS
PM.exe" [2005-08-12 249856]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [201
2-01-20 4617600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIco
n.exe" [2011-10-17 284440]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-0404 958576]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-21 142616]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-21 177432]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-21 176408]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 6
48072]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 9
1520]
"Nikon Message Center 2"="c:\program files\Nikon\Nikon Message Center 2\NkMC2.ex
e" [2011-10-30 571392]
"TVTray"="c:\progra~1\TVTray.exe" [2010-08-12 700416]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch
.exe" [2005-08-12 81920]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDa
emon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExec
uteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SAS
SEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify
\!SASWinLogon]
2011-05-04 17:54
551296 ----a-wc:\program files\SUPERAntiSpywar
e\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R3 AVIDUSBFASTTRACKDUO;Service for Avid Fast Track Duo;c:\windows\system32\DRIVE
RS\AvidFastTrackDuo.sys [2013-05-24 494352]
R3 bcm;WiMAX Network Adapter;c:\windows\system32\DRIVERS\drxvi314.sys [x]
R3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\DRIVERS\BcmBusCtr.sys [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS
\ew_hwusbdev.sys [2010-03-20 101504]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2010
-04-09 69504]
R3 TridVid;USB TV Tuner;c:\windows\system32\DRIVERS\tridvid6010.sys [2011-01-21
339712]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers
\CM106.sys [2010-08-12 1517056]
R3 WatAdminSvc;Servicio de tecnologas de activacin de Windows;c:\windows\system32\
Wat\WatAdminSvc.exe [2012-01-13 1343400]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22
12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12
67664]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-11-0
4 158512]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBM
on.sys [2011-11-04 91440]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011
-08-11 116608]
S2 FastTrackDuoAudioDevMon;Fast Track Duo Audio Device Monitor;c:\program files\
Avid\Fast Track Duo\AudioDevMon.exe [2013-05-24 2036496]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Int
el(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
S2 KMService;KMService;c:\windows\system32\srvany.exe [2012-02-16 8192]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Inst
ruments\Hardware\NIHardwareService.exe [2012-09-05 4590968]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\p
rogram files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-04-16
2533400]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsof
tbus01.sys [2013-01-10 218176]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.
sys [2010-04-09 63616]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-26 132480]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [201
1-08-23 270336]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011
-09-29 490088]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\D
RIVERS\rtl8192Ce.sys [2011-10-06 1056360]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\
VBoxNetAdp.sys [2011-11-04 104752]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\
VBoxNetFlt.sys [2011-11-04 116016]
.
.
--- Other Services/Drivers In Memory --.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ
wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ
WcesComm RapiMgr
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-06 13
:48]
.
2013-08-26 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task fc535ffb-697c-47dd-b
acd-581b9f9cb256.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
------- Supplementary Scan ------.
uStart Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=306BE0B9A59967C5
&affID=123622&tsp=4963
uInternet Settings,ProxyServer = proxy.sarmientoba.local:8080
uInternet Settings,ProxyOverride = *.sarmientoba.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
FF - ProfilePath - c:\users\valio\AppData\Roaming\Mozilla\Firefox\Profiles\qna3um
c0.default\
FF - prefs.js: browser.startup.homepage FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2013-08-03 14:33; {9309FA47-1B48-4768-AFA4-9E0556F5DC81}; c:\progra
m files\LyricsPal\125.xpi
FF - ExtSQL: 2013-08-03 17:08; ffxtlbr@delta.com; c:\users\vali o\AppData\Roaming\Moz
illa\Firefox\Profiles\qna3umc0.default\extensions\ffxtlbr@delta.com
FF - user.js: extensions.delta.tlbrSrchUrl FF - user.js: extensions.delta.id - 306b496c000000000000e0b9a59967c5
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15920
FF - user.js: extensions.delta.vrsn - 1.8.22.0
FF - user.js: extensions.delta.vrsni - 1.8.22.0
FF - user.js: extensions.delta.vrsnTs - 1.8.22.017:08
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - es
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false

FF - user.js: extensions.delta_i.babTrack - affID=123622&tsp=4963
FF - user.js: extensions.delta_i.babExt FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - ORPHANS REMOVED - - - .
Toolbar-Locked - (no file)
HKLM-Run-Cm106Sound - cm106.cpl
AddRemove-lrcspal@lyricspal.co - c:\program files\LyricsPal\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS --------------------.
[HKEY_USERS\S-1-5-21-279611071-2757080897-2550450903-1000\Software\10Moons\V
r * *Om * * * *hV *\Bars\Settings-Bar0]
"BarID"=dword:0000e81b
"Bars"=dword:00000003
"Bar#0"=dword:00000000
"Bar#1"=dword:0000e800
"Bar#2"=dword:00000000
.
"BarID"=dword:0000e81c
"Bar#0"=dword:00000000
"Bar#3"=dword:00000000
.
"BarID"=dword:0000e800
"XPos"=dword:fffffffe
"YPos"=dword:fffffffe
"Docking"=dword:00000001
"MRUDockID"=dword:00000000
"MRUDockLeftPos"=dword:fffffffe
"MRUDockTopPos"=dword:fffffffe
"MRUDockRightPos"=dword:000001f5
"MRUDockBottomPos"=dword:00000036
"MRUFloatStyle"=dword:00002000
"MRUFloatXPos"=dword:80000000
"MRUFloatYPos"=dword:cdcdcdcd
.
"YPos"=dword:00000141
"MRUDockID"=dword:0000e81c
* *G
* *G
* *G
* *G
"MRUDockTopPos"=dword:00000141
"MRUDockRightPos"=dword:000000c6
.
[HKEY_USERS\S-1-5-21-279611071-2757080897-2550450903-1000\Software\10Moons\V * *G
"YPos"=dword:fffffffe
"MRUDockID"=dword:00000000
"MRUDockTopPos"=dword:fffffffe
"MRUDockRightPos"=dword:000000c6
.
r * *Om * * * *hV *\Bars\Settings-Summary]
"ScreenCX"=dword:00000400
"ScreenCY"=dword:00000300
.
r * *Om * * * *hV *\Settings]
"FirstRun"=dword:00000000
"xScreen"=dword:00000400
"yScreen"=dword:000002c4
"floats"="1.000000 0.500000 0.500000 120 120"
"skin"="ISR_10Moons.dll"
.
r * *Om * * * *hV *\WNDSTATUS]
"FLAG"=dword:00000000
"SHOWCMD"=dword:00000001
"LEFT"=dword:fffffffc
"TOP"=dword:fffffffc
"RIGHT"=dword:00000404
"BOTTOM"=dword:000002e2
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC108002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC108002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes --------------------.
- - - - - - - > 'Explorer.exe'(2032)
c:\progra~1\ALCOHO~1\ALCOHO~1\AxShlex.dll
c:\windows\system32\igfxpph.dll
c:\windows\system32\hccutils.DLL
c:\windows\system32\igfxrESN.lrc
c:\windows\system32\igfxsrvc.dll
c:\program files\SUPERAntiSpyware\SASCTXMN.DLL
c:\windows\system32\FFSJ\FFSJSHL.dll
.
------------------------ Other Running Processes -----------------------.
c:\windows\system32\AUDIODG.EXE
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\taskhost.exe
c:\windows\KMService.exe
c:\windows\system32\conhost.exe
c:\program files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\windows\system32\conhost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\System32\rundll32.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Completion time: 2013-08-25 23:47:44 - machine was rebooted
ComboFix-quarantined-files.txt 2013-08-26 02:47
.
Pre-Run: 15.052.230.656 bytes libres
Post-Run: 14.215.442.432 bytes libres
.
- - End Of File - - 5754A58E3FF1AC02E80E61BB3E1CF301
A36C5E4F47E84449FF07ED3517B43A31

Combo Fix

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Combo Fix

Caricato da

Copyright:

Formati disponibili

ComboFix 13-08-21.01 - valio 25/08/2013 23:32:33.1.

2013-08-26 02:16 . 2013-08-26 02:16

2013-08-03 21:03 . 2013-08-03 21:03

2013-08-03 17:51 . 2012-02-16 17:09

FF - user.js: extensions.delta.admin - false

@Denied: (A) (Everyone)

Potrebbero piacerti anche