Microsoft Windows 7 Ultimate 6.1.7600.0.1252.34.3082.18.2940.2038 [GMT -3:00]
Running from: c:\users\LeilaPablo\Desktop\ComboFix.exe
AV: COMODO Antivirus *Enabled/Updated* {675CEE69-9702-A524-3989-6D7CC8BF3695}
FW: COMODO Firewall *Enabled* {5F676F4C-DD6D-A47C-12D6-C449366C71EE}
SP: COMODO Defense+ *Enabled/Updated* {DC3D0F8D-B138-AAAA-0339-560EB3387C28}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-02-23 to 2011-03-23 )))))))))))))))))))))))))))))))
.
.
2011-03-23 07:08 . 2011-03-23 07:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-03-23 06:33 . 2011-03-23 06:34 -------- d-----w- C:\32788R22FWJFW
2011-03-23 05:30 . 2011-03-23 05:32 33416793 ----a-w- C:\tsi4win7.exe
2011-03-23 04:38 . 2011-03-23 04:38 -------- d-----w- c:\windows\RTLInstallTemp
2011-03-23 01:47 . 2010-12-01 12:31 451072 ----a-w- c:\windows\SysWow64\ISSRemoveSP.exe
2011-03-23 01:40 . 2011-02-28 11:09 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2011-03-23 01:23 . 2011-03-23 01:40 -------- d-----w- c:\program files (x86)\Intel
2011-03-23 01:21 . 2011-03-23 01:21 -------- d-----w- C:\Intel
2011-03-23 01:18 . 2011-03-23 01:18 -------- d-----w- c:\program files (x86)\SystemRequirementsLab
2011-03-22 22:56 . 2011-03-22 22:56 -------- d-----w- C:\cce_1.5.181743.64_x64
2011-03-22 22:54 . 2011-03-22 22:54 -------- d-----w- C:\x64
2011-03-22 22:32 . 2011-03-22 22:32 -------- d-----w- c:\windows\system32\SPReview
2011-03-22 22:14 . 2011-03-22 22:14 -------- d-----w- c:\windows\system32\EventProviders
2011-03-22 11:18 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll
2011-03-22 11:18 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll
2011-03-22 06:18 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll
2011-03-22 06:18 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll
2011-03-22 06:13 . 2009-11-25 15:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll
2011-03-22 06:13 . 2009-11-25 15:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll
2011-03-22 06:13 . 2009-11-25 15:47 48960 ----a-w- c:\windows\system32\netfxperf.dll
2011-03-22 06:13 . 2009-11-25 15:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll
2011-03-22 06:13 . 2009-11-25 15:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe
2011-03-22 06:13 . 2009-11-25 15:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-03-22 06:13 . 2009-11-25 15:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-03-22 06:13 . 2009-11-25 15:47 444752 ----a-w- c:\windows\system32\mscoree.dll
2011-03-22 06:13 . 2009-11-25 15:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe
2011-03-22 06:13 . 2009-11-25 15:47 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-03-22 03:11 . 2011-03-22 03:11 -------- d-----w- C:\Esl
2011-03-22 03:11 . 2011-03-22 03:11 -------- d-----w- C:\Resource
2011-03-22 03:11 . 2011-03-22 03:11 -------- d-----w- C:\Reader
2011-03-22 03:11 . 2011-03-22 03:11 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-03-22 03:11 . 2011-03-22 03:11 -------- d-----w- C:\Setup Files
2011-03-21 23:36 . 2011-03-21 23:36 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2011-03-21 23:29 . 2011-03-22 03:02 -------- d-----w- c:\programdata\Norton
2011-03-21 23:29 . 2011-03-22 03:02 -------- d-----w- c:\programdata\Symantec
2011-03-21 23:28 . 2011-03-22 03:17 -------- d-----w- c:\windows\SysWow64\Adobe
2011-03-21 23:24 . 2011-03-21 23:24 -------- d-----w- c:\windows\Sun
2011-03-21 23:23 . 2011-03-21 23:23 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-03-21 22:43 . 2011-02-03 00:40 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-03-21 22:43 . 2011-03-21 22:46 -------- d-----w- c:\program files (x86)\Java
2011-03-21 22:40 . 2011-03-21 22:40 521448 ----a-w- c:\windows\system32\deployJava1.dll
2011-03-21 22:40 . 2011-03-21 22:40 -------- d-----w- c:\program files\Java
2011-03-21 03:58 . 2011-03-21 03:58 -------- d-----w- c:\programdata\Kaspersky Lab
2011-03-20 15:28 . 2010-10-27 04:32 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2011-03-20 15:28 . 2010-10-27 05:06 2048 ----a-w- c:\windows\system32\tzres.dll
2011-03-20 15:04 . 2011-03-20 15:04 -------- d-----w- C:\VritualRoot
2011-03-20 06:32 . 2010-03-04 04:40 184832 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-03-20 06:32 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys
2011-03-19 23:33 . 2011-03-20 05:38 -------- dc----w- c:\programdata\{1C533CDB-BAC7-4600-B3DE-0B628D9AC643}
2011-03-19 21:50 . 2011-03-23 01:18 -------- d-sh--w- c:\windows\Installer
2011-03-19 07:53 . 2009-09-03 07:36 1975296 ----a-w- c:\windows\system32\CertEnroll.dll
2011-03-19 07:53 . 2009-09-03 07:04 1320960 ----a-w- c:\windows\SysWow64\CertEnroll.dll
2011-03-19 07:51 . 2010-12-18 06:11 714752 ----a-w- c:\windows\system32\kerberos.dll
2011-03-19 07:51 . 2010-12-18 05:29 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-03-19 07:49 . 2010-12-23 06:07 1118720 ----a-w- c:\windows\system32\sbe.dll
2011-03-19 07:49 . 2010-12-23 06:07 961024 ----a-w- c:\windows\system32\CPFilters.dll
2011-03-19 07:49 . 2010-12-23 06:07 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-03-19 07:49 . 2010-12-23 06:02 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-19 07:49 . 2010-12-23 05:28 850432 ----a-w- c:\windows\SysWow64\sbe.dll
2011-03-19 07:49 . 2010-12-23 05:28 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2011-03-19 07:49 . 2010-12-23 05:28 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-03-19 07:49 . 2010-12-23 05:24 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-03-19 07:48 . 2010-11-02 05:18 524288 ----a-w- c:\windows\system32\wmicmiplugin.dll
2011-03-19 07:48 . 2010-11-02 05:17 473600 ----a-w- c:\windows\system32\taskcomp.dll
2011-03-19 07:48 . 2010-11-02 05:17 1169408 ----a-w- c:\windows\system32\taskschd.dll
2011-03-19 07:48 . 2010-11-02 05:16 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2011-03-19 07:48 . 2010-11-02 05:10 464384 ----a-w- c:\windows\system32\taskeng.exe
2011-03-19 07:48 . 2010-11-02 05:10 285696 ----a-w- c:\windows\system32\schtasks.exe
2011-03-19 07:48 . 2010-11-02 04:40 496128 ----a-w- c:\windows\SysWow64\taskschd.dll
2011-03-19 07:48 . 2010-11-02 04:40 305152 ----a-w- c:\windows\SysWow64\taskcomp.dll
2011-03-19 07:48 . 2010-11-02 04:34 192000 ----a-w- c:\windows\SysWow64\taskeng.exe
2011-03-19 07:48 . 2010-11-02 04:34 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
2011-03-19 06:30 . 2011-03-19 06:30 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-03-19 06:20 . 2010-08-04 07:05 288256 ----a-w- c:\windows\system32\MSNP.ax
2011-03-19 06:20 . 2010-08-04 07:07 552960 ----a-w- c:\windows\system32\msdri.dll
2011-03-19 06:20 . 2010-08-04 06:15 204288 ----a-w- c:\windows\SysWow64\MSNP.ax
2011-03-19 06:20 . 2009-12-13 09:46 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-03-19 06:20 . 2009-12-13 09:30 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-03-19 06:15 . 2010-06-19 06:53 52224 ----a-w- c:\windows\system32\rtutils.dll
2011-03-19 06:15 . 2010-06-19 06:23 37376 ----a-w- c:\windows\SysWow64\rtutils.dll
2011-03-19 06:14 . 2010-08-21 06:38 1024512 ----a-w- c:\windows\system32\wmpmde.dll
2011-03-19 06:14 . 2010-08-21 05:36 738816 ----a-w- c:\windows\SysWow64\wmpmde.dll
2011-03-19 06:13 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll
2011-03-19 06:13 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll
2011-03-19 06:13 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll
2011-03-19 06:13 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2011-03-19 06:13 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll
2011-03-19 06:13 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll
2011-03-19 06:13 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll
2011-03-19 06:13 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll
2011-03-19 06:13 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll
2011-03-19 06:13 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll
2011-03-19 06:06 . 2010-03-05 07:52 84992 ----a-w- c:\windows\system32\asycfilt.dll
2011-03-19 06:06 . 2010-03-05 07:42 67584 ----a-w- c:\windows\SysWow64\asycfilt.dll
2011-03-19 06:06 . 2010-08-26 05:27 148992 ----a-w- c:\windows\system32\t2embed.dll
2011-03-19 06:06 . 2010-08-26 04:39 109056 ----a-w- c:\windows\SysWow64\t2embed.dll
2011-03-19 06:06 . 2010-06-29 05:39 2085376 ----a-w- c:\windows\system32\ole32.dll
2011-03-19 06:06 . 2010-06-29 05:35 4582912 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe
2011-03-19 06:06 . 2010-06-29 05:35 4582912 ----a-w- c:\program files\Windows NT\Accesorios\wordpad.exe
2011-03-19 06:06 . 2010-06-29 05:02 1413632 ----a-w- c:\windows\SysWow64\ole32.dll
2011-03-19 06:06 . 2010-06-29 04:57 4247040 ----a-w- c:\program files (x86)\Windows NT\Accessories\wordpad.exe
2011-03-19 06:04 . 2011-03-19 06:04 -------- d-----w- c:\windows\SysWow64\en
2011-03-19 06:04 . 2011-03-19 06:04 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\en-US
2011-03-19 06:04 . 2011-03-19 06:04 -------- d-----w- c:\windows\SysWow64\0409
2011-03-19 06:04 . 2011-03-19 06:04 -------- d-----w- c:\windows\system32\en
2011-03-19 06:04 . 2011-03-19 06:04 -------- d-----w- c:\windows\system32\drivers\UMDF\en-US
2011-03-19 06:04 . 2011-03-19 06:04 -------- d-----w- c:\windows\system32\drivers\en-US
2011-03-19 06:04 . 2011-03-19 06:04 -------- d-----w- c:\windows\system32\0409
2011-03-19 06:02 . 2010-03-04 07:57 2080256 ----a-w- c:\program files\Windows Mail\msoe.dll
2011-03-19 06:02 . 2010-03-04 07:57 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-19 06:02 . 2010-03-04 07:33 1619968 ----a-w- c:\program files (x86)\Windows Mail\msoe.dll
2011-03-19 06:02 . 2010-03-04 07:33 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-19 06:02 . 2011-01-05 04:00 3127808 ----a-w- c:\windows\system32\win32k.sys
2011-03-19 06:01 . 2009-10-31 06:34 2870272 ----a-w- c:\windows\explorer.exe
2011-03-19 06:01 . 2009-10-31 05:45 2614272 ----a-w- c:\windows\SysWow64\explorer.exe
2011-03-19 06:01 . 2009-10-28 06:24 389632 ----a-w- c:\windows\system32\winlogon.exe
2011-03-19 05:59 . 2010-06-14 06:37 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-03-19 05:58 . 2010-08-21 06:36 340992 ----a-w- c:\windows\system32\schannel.dll
2011-03-19 05:58 . 2010-08-21 05:36 224256 ----a-w- c:\windows\SysWow64\schannel.dll
2011-03-19 05:58 . 2010-04-07 07:37 861184 ----a-w- c:\windows\system32\oleaut32.dll
2011-03-19 05:58 . 2010-04-07 07:10 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-03-19 05:57 . 2011-01-07 08:07 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-03-19 05:57 . 2011-01-07 08:07 475648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-19 05:57 . 2011-01-07 07:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-03-19 05:57 . 2011-01-07 07:31 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-22 22:44 . 2011-03-22 22:44 19532225 ----a-w- C:\cce_1.5.181743.64_x64.zip
2011-03-15 05:38 . 2009-07-13 23:56 419840 ----a-w- c:\windows\system32\systemcpl.dll
2011-03-15 05:37 . 2009-07-13 23:38 1008640 ----a-w- c:\windows\system32\user32.dll
2011-02-02 13:31 . 2011-02-02 13:31 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2011-01-12 13:30 . 2011-01-12 13:30 509976 ----a-w- c:\windows\system32\igfxsrvc.exe
2011-01-12 13:30 . 2011-01-12 13:30 162328 ----a-w- c:\windows\system32\igfxtray.exe
2011-01-12 13:30 . 2011-01-12 13:30 417304 ----a-w- c:\windows\system32\igfxpers.exe
2011-01-12 13:30 . 2011-01-12 13:30 386584 ----a-w- c:\windows\system32\hkcmd.exe
2011-01-12 13:30 . 2011-01-12 13:30 223768 ----a-w- c:\windows\system32\igfxext.exe
2011-01-12 13:30 . 2011-01-12 13:30 3157528 ----a-w- c:\windows\system32\GfxUI.exe
2011-01-12 13:30 . 2011-01-12 13:30 152600 ----a-w- c:\windows\system32\difx64.exe
2011-01-12 13:25 . 2011-01-12 13:25 92672 ----a-w- c:\windows\system32\igfxCoIn_v2281.dll
2011-01-12 13:18 . 2011-01-12 13:18 6549504 ----a-w- c:\windows\system32\igdumd64.dll
2011-01-12 13:18 . 2011-01-12 13:18 10627392 ----a-w- c:\windows\system32\drivers\igdkmd64.sys
2011-01-12 13:16 . 2011-01-12 13:16 982240 ----a-w- c:\windows\system32\igkrng500.bin
2011-01-12 13:16 . 2011-01-12 13:16 92356 ----a-w- c:\windows\system32\igfcg500m.bin
2011-01-12 13:16 . 2011-01-12 13:16 439308 ----a-w- c:\windows\system32\igcompkrng500.bin
2011-01-12 13:12 . 2011-01-12 13:12 4967424 ----a-w- c:\windows\SysWow64\igdumd32.dll
2011-01-12 13:10 . 2011-01-12 13:10 571904 ----a-w- c:\windows\SysWow64\igdumdx32.dll
2011-01-12 13:08 . 2009-07-13 21:59 4722176 ----a-w- c:\windows\system32\igd10umd64.dll
2011-01-12 13:06 . 2011-01-12 13:06 4411392 ----a-w- c:\windows\SysWow64\igd10umd32.dll
2011-01-12 13:00 . 2011-01-12 13:00 15034880 ----a-w- c:\windows\system32\ig4icd64.dll
2011-01-12 12:51 . 2011-01-12 12:51 11039232 ----a-w- c:\windows\SysWow64\ig4icd32.dll
2011-01-12 12:46 . 2011-01-12 12:46 88064 ----a-w- c:\windows\system32\igfxrsky.lrc
2011-01-12 12:46 . 2011-01-12 12:46 87552 ----a-w- c:\windows\system32\igfxrtrk.lrc
2011-01-12 12:46 . 2011-01-12 12:46 87552 ----a-w- c:\windows\system32\igfxrslv.lrc
2011-01-12 12:46 . 2011-01-12 12:46 87040 ----a-w- c:\windows\system32\igfxrtha.lrc
2011-01-12 12:46 . 2011-01-12 12:46 88576 ----a-w- c:\windows\system32\igfxresn.lrc
2011-01-12 12:46 . 2011-01-12 12:46 88064 ----a-w- c:\windows\system32\igfxrrus.lrc
2011-01-12 12:46 . 2011-01-12 12:46 87552 ----a-w- c:\windows\system32\igfxrsve.lrc
2011-01-12 12:46 . 2011-01-12 12:46 88064 ----a-w- c:\windows\system32\igfxrptg.lrc
2011-01-12 12:46 . 2011-01-12 12:46 88064 ----a-w- c:\windows\system32\igfxrplk.lrc
2011-01-12 12:46 . 2011-01-12 12:46 87552 ----a-w- c:\windows\system32\igfxrptb.lrc
2011-01-12 12:46 . 2011-01-12 12:46 87552 ----a-w- c:\windows\system32\igfxrnor.lrc
2011-01-12 12:46 . 2011-01-12 12:46 84992 ----a-w- c:\windows\system32\igfxrkor.lrc
2011-01-12 12:46 . 2011-01-12 12:46 88576 ----a-w- c:\windows\system32\igfxrell.lrc
2011-01-12 12:46 . 2011-01-12 12:46 88064 ----a-w- c:\windows\system32\igfxrita.lrc
2011-01-12 12:46 . 2011-01-12 12:46 87552 ----a-w- c:\windows\system32\igfxrhun.lrc
2011-01-12 12:46 . 2011-01-12 12:46 86528 ----a-w- c:\windows\system32\igfxrheb.lrc
2011-01-12 12:46 . 2011-01-12 12:46 84992 ----a-w- c:\windows\system32\igfxrjpn.lrc
2011-01-12 12:46 . 2011-01-12 12:46 88576 ----a-w- c:\windows\system32\igfxrfra.lrc
2011-01-12 12:46 . 2011-01-12 12:46 88064 ----a-w- c:\windows\system32\igfxrnld.lrc
2011-01-12 12:46 . 2011-01-12 12:46 88064 ----a-w- c:\windows\system32\igfxrdeu.lrc
2011-01-12 12:46 . 2011-01-12 12:46 87552 ----a-w- c:\windows\system32\igfxrfin.lrc
2011-01-12 12:46 . 2011-01-12 12:46 87040 ----a-w- c:\windows\system32\igfxrdan.lrc
2011-01-12 12:46 . 2011-01-12 12:46 87552 ----a-w- c:\windows\system32\igfxrcsy.lrc
2011-01-12 12:46 . 2011-01-12 12:46 86528 ----a-w- c:\windows\system32\igfxrara.lrc
2011-01-12 12:46 . 2011-01-12 12:46 83968 ----a-w- c:\windows\system32\igfxrcht.lrc
2011-01-12 12:46 . 2011-01-12 12:46 83968 ----a-w- c:\windows\system32\igfxrchs.lrc
2011-01-12 12:46 . 2011-01-12 12:46 122368 ----a-w- c:\windows\system32\igfxcpl.cpl
2011-01-12 12:45 . 2011-01-12 12:45 380416 ----a-w- c:\windows\system32\igfxTMM.dll
2011-01-12 12:45 . 2011-01-12 12:45 244224 ----a-w- c:\windows\system32\igfxpph.dll
2011-01-12 12:45 . 2011-01-12 12:45 27648 ----a-w- c:\windows\system32\igfxexps.dll
2011-01-12 12:45 . 2011-01-12 12:45 61952 ----a-w- c:\windows\system32\igfxsrvc.dll
2011-01-12 12:44 . 2011-01-12 12:44 108544 ----a-w- c:\windows\system32\hccutils.dll
2011-01-12 12:44 . 2011-01-12 12:44 119808 ----a-w- c:\windows\system32\gfxSrvc.dll
2011-01-12 12:44 . 2011-01-12 12:44 4096 ----a-w- c:\windows\system32\IGFXDEVLib.dll
2011-01-12 12:44 . 2011-01-12 12:44 272384 ----a-w- c:\windows\system32\igfxdev.dll
2011-01-12 12:44 . 2011-01-12 12:44 87552 ----a-w- c:\windows\system32\igfxrenu.lrc
2011-01-12 12:43 . 2011-01-12 12:43 830464 ----a-w- c:\windows\system32\igfxress.dll
2011-01-12 12:43 . 2011-01-12 12:43 142336 ----a-w- c:\windows\system32\igfxdo.dll
2011-01-12 12:40 . 2011-01-12 12:40 23552 ----a-w- c:\windows\SysWow64\igfxexps32.dll
2011-01-12 12:39 . 2011-01-12 12:39 228864 ----a-w- c:\windows\SysWow64\igfxdv32.dll
2011-01-12 12:32 . 2011-01-12 12:32 208896 ----a-w- c:\windows\SysWow64\iglhsip32.dll
2011-01-12 12:32 . 2011-01-12 12:32 206336 ----a-w- c:\windows\system32\iglhsip64.dll
2011-01-12 12:32 . 2011-01-12 12:32 188416 ----a-w- c:\windows\system32\iglhcp64.dll
2011-01-12 12:32 . 2011-01-12 12:32 147456 ----a-w- c:\windows\SysWow64\iglhcp32.dll
2011-01-06 20:37 . 2011-01-06 20:37 89840 ----a-w- c:\windows\system32\drivers\inspect.sys
2011-01-06 20:37 . 2011-01-06 20:37 39888 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2011-01-06 20:36 . 2011-01-06 20:36 250008 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2011-01-06 20:36 . 2011-01-06 20:36 14184 ----a-w- c:\windows\system32\drivers\cmderd.sys
2010-12-29 04:42 . 2010-12-29 04:42 285480 ----a-w- c:\windows\SysWow64\guard32.dll
2010-12-29 04:42 . 2010-12-29 04:42 362784 ----a-w- c:\windows\system32\guard64.dll
.
.
------- Sigcheck -------
.
[7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2011-03-15 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
[-] 2011-03-15 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-03-16 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"COMODO"="c:\program files\COMODO\COMODO GeekBuddy\CLPSLA.exe" [2011-03-02 215792]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]
@="Service"
.
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
R3 esihdrv;esihdrv;c:\users\LEILAP~1\AppData\Local\Temp\esihdrv.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 gupdate;Servicio Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 136176]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-03-02 163280]
S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
S3 RTL8167;Controlador NT de Realtek 8167;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 18:33]
.
2011-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-16 18:33]
.
2011-03-15 c:\windows\Tasks\hpwebreg_BR0C7FN0KT05HX.job
- c:\program files\HP\HP Deskjet 3050 J610 series\Bin\hpwebreg.exe [2010-06-14 19:29]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-18 8866120]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-12 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-12 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-12 417304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
DPF: {7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} - hxxps://browsercheck.qualys.com/qbc_ax.cab
FF - ProfilePath - c:\users\LeilaPablo\AppData\Roaming\Mozilla\Firefox\Profiles\upha9qos.default\
FF - prefs.js: network.proxy.type - 0
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{32004B8A-44A9-43E7-84E9-808838809519}"=hex:51,66,7a,6c,4c,1d,38,12,e4,48,13,
36,9b,0a,89,06,fb,ff,c3,c8,3d,de,d1,0d
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:fb,23,fe,f0,a2,e5,cb,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b4,be,5f,0c,62,53,24,41,8e,30,01,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b4,be,5f,0c,62,53,24,41,8e,30,01,\
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.partial\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.PARTIAL"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.SVG"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.URL"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.website\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.WEBSITE"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.XHT"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.XHT"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-03-23 04:11:55
ComboFix-quarantined-files.txt 2011-03-23 07:11
.
Pre-Run: 39.404.347.392 bytes libres
Post-Run: 38.929.641.472 bytes libres
.
- - End Of File - - 3E563B52FF224FAFAD6EBAB9D6CB5F11
Sign In
Create Account
