Combo Fix

ComboFix 15-07-20.01 - mixer 07/20/2015 12:19:52.1.
4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1256.20.1033.18.3735.2714 [GMT 2:00]
Running from: C:\programes\anti viurse\ComboFix.exe
AV: Norton Internet Security *Enabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC8
05DB}
FW: Norton Internet Security *Enabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
SP: Norton Internet Security *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F
4F66}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
(((((((((((((((((((((((((
))))))))))))))))))))))))
Files Created from 2015-06-20 to 2015-07-20 )))))))
2015-07-20 10:25:27 . 2015-07-20 10:25:27

D:\Users\Default\AppData\Local\temp
2015-07-20 07:51:10 . 2015-07-20 07:51:12
ws\system32\drivers\RTKVHD64.sys
2015-07-20 07:51:10 . 2015-07-20 07:51:12
ws\system32\RtkApi64.dll
2015-07-20 07:51:10 . 2015-07-20 07:51:12
ws\system32\RltkAPO64.dll
2015-07-20 07:51:10 . 2015-07-20 07:51:12
ws\system32\RTSnMg64.cpl
2015-07-20 07:51:10 . 2015-07-20 07:51:12
ws\system32\RtkCfg64.dll
2015-07-20 07:51:09 . 2015-07-20 07:51:10
ws\system32\RCoInstII64.dll
2015-07-20 07:51:08 . 2015-07-20 07:51:10
ws\system32\FMAPO64.dll
2015-07-19 17:09:26 . 2015-07-20 06:32:37
D:\Program Files (x86)\cam2pc
2015-07-19 17:09:26 . 2015-07-19 17:43:53
D:\ProgramData\nabocorp
2015-07-19 00:20:25 . 2015-07-19 00:20:25
D:\Program Files\Common Files\AV
2015-07-19 00:07:13 . 2015-07-20 10:12:07
D:\AdwCleaner
2015-07-19 00:01:24 . 2015-07-19 00:01:33
D:\Program Files\WinHTTrack
2015-07-18 23:39:01 . 2015-07-18 23:50:24
D:\Program Files (x86)\Pafsoft
2015-07-18 01:57:19 . 2015-07-18 01:57:20
D:\Program Files (x86)\K-Lite Codec Pack
2015-07-18 00:34:47 . 2008-01-21 15:43:42
ws\SysWow64\qtp-mt334.dll
2015-07-18 00:34:47 . 2008-01-21 15:43:42
ws\SysWow64\wnaspi32.dll
2015-07-18 00:34:47 . 2008-01-21 15:43:40
ws\SysWow64\prgiso.dll
2015-07-18 00:34:47 . 2007-11-06 07:06:52
ws\SysWow64\drivers\hotcore3.sys
2015-07-18 00:34:32 . 2015-07-19 00:04:15
D:\Program Files (x86)\Paragon Software
2015-07-17 12:35:59 . 2015-07-17 12:35:59
D:\Users\Default\AppData\Local\Microsoft Help
2015-07-17 03:48:33 . 2015-07-17 03:48:33
D:\Program Files\Droid4Xext
2015-07-17 03:47:21 . 2015-07-20 09:24:01
--------
d-----w-
4496600 ----a-w-
D:\Windo
3234520 ----a-w-
D:\Windo
2930904 ----a-w-
D:\Windo
2702040 ----a-w-
D:\Windo
166616 ----a-w-
D:\Windo
1748184 ----a-w-
D:\Windo
3195416 ----a-w-
D:\Windo
--------
d-----w-
--------
d-----w-
--------
d-----w-
--------
d-----w-
--------
d-----w-
--------
d-----w-
--------
d-----w-
4244744 ----a-w-
D:\Windo
13576
----a-w-
D:\Windo
247560 ----a-w-
D:\Windo
35096
D:\Windo
----a-w-
--------
d-----w-
--------
d-----w-
--------
d-----w-
--------
dc----w-
D:\Windows\system32\DRVSTORE
2015-07-17 03:47:21 . 2014-05-16 12:04:46
ws\system32\drivers\VBoxDrv.sys
2015-07-17 03:47:20 . 2015-07-17 03:47:20
D:\Program Files\Oracle
2015-07-17 03:46:51 . 2015-07-17 05:27:47
D:\Program Files (x86)\Droid4X
2015-07-16 07:06:49 . 2015-07-16 07:06:50
D:\Program Files (x86)\PowerISO
2015-07-16 07:06:49 . 2013-04-15 09:50:30
ws\system32\drivers\scdemu.sys
2015-07-15 07:36:25 . 2015-07-15 07:37:22
D:\Program Files (x86)\Smarty Uninstaller Pro
2015-07-15 07:36:25 . 2007-08-15 11:09:12
ws\SysWow64\vbalCmdBar6.ocx
2015-07-15 07:36:25 . 2007-08-15 11:09:12
ws\SysWow64\wt_menu.dll
2015-07-15 07:36:25 . 2007-08-15 11:09:12
ws\SysWow64\MSINET.ocx
2015-07-15 07:36:25 . 2007-08-15 11:09:10
ws\SysWow64\img_lst.ocx
2015-07-15 07:36:25 . 2007-08-15 11:09:10
ws\SysWow64\ssubtmr6.dll
2015-07-15 07:36:25 . 2007-08-15 11:09:10
ws\SysWow64\lst_v.ocx
2015-07-15 07:36:25 . 2007-08-15 11:09:10
ws\SysWow64\COMCT232.OCX
2015-07-15 07:36:25 . 2005-04-15 18:58:18
ws\SysWow64\comctl32.ocx
2015-07-15 07:36:25 . 2004-03-08 23:00:00
ws\SysWow64\RICHTX32.OCX
2015-07-15 07:36:25 . 2004-02-28 19:05:14
ws\SysWow64\vbalTreeView6.ocx
2015-07-15 07:36:25 . 1999-02-09 19:40:10
ws\SysWow64\vbuzip10.DLL
2015-07-15 06:48:42 . 2015-07-15 07:46:22
D:\Program Files (x86)\Bandwidth broke
2015-07-15 06:33:07 . 2015-06-27 02:47:11
ws\system32\jscript9diag.dll
2015-07-15 06:33:07 . 2015-06-27 02:43:26
ws\system32\jscript9.dll
2015-07-15 06:33:07 . 2015-06-27 01:58:17
ws\SysWow64\jscript9diag.dll
2015-07-15 06:33:07 . 2015-06-27 01:39:37
ws\SysWow64\jscript9.dll
2015-07-15 06:29:49 . 2015-07-09 17:58:41
ws\system32\generaltel.dll
2015-07-15 06:29:49 . 2015-07-09 17:50:11
ws\system32\aeinv.dll
2015-07-15 06:29:48 . 2015-07-09 17:58:31
ws\system32\invagent.dll
2015-07-15 06:29:48 . 2015-07-09 17:58:26
ws\system32\devinv.dll
2015-07-15 06:29:48 . 2015-07-09 17:58:23
ws\system32\acmigration.dll
2015-07-15 06:29:48 . 2015-07-09 17:58:23
ws\system32\aepdu.dll
2015-07-15 06:21:38 . 2015-07-04 18:07:11
ws\system32\ole32.dll
2015-07-15 06:20:21 . 2015-07-03 18:05:54
254240 ----a-w-
D:\Windo
--------
d-----w-
--------
d-----w-
--------
d-----w-
127384 ----a-w--------
D:\Windo
d-----w-
417792 ----a-w-
D:\Windo
159744 ----a-w-
D:\Windo
115920 ----a-w-
D:\Windo
94208
----a-w-
D:\Windo
40960
----a-w-
D:\Windo
262144 ----a-w-
D:\Windo
167683 ----a-w-
D:\Windo
1351392 ----a-w-
D:\Windo
212240 ----a-w-
D:\Windo
266240 ----a-w-
D:\Windo
188928 ----a-w-
D:\Windo
--------
d-----w-
814080 ----a-w-
D:\Windo
5923840 ----a-w-
D:\Windo
620032 ----a-w-
D:\Windo
4520448 ----a-w-
D:\Windo
726528 ----a-w-
D:\Windo
1145856 ----a-w-
D:\Windo
765440 ----a-w-
D:\Windo
433664 ----a-w-
D:\Windo
67584
----a-w-
D:\Windo
227328 ----a-w-
D:\Windo
2087424 ----a-w-
D:\Windo
41984
D:\Windo
----a-w-
ws\system32\lpk.dll
2015-07-15 06:20:21 . 2015-07-03 18:05:43
ws\system32\fontsub.dll
2015-07-15 06:20:21 . 2015-07-03 18:05:34
ws\system32\dciman32.dll
2015-07-15 06:20:21 . 2015-07-03 18:05:26
ws\system32\atmlib.dll
2015-07-15 06:20:21 . 2015-07-03 17:56:59
ws\SysWow64\fontsub.dll
2015-07-15 06:20:21 . 2015-07-03 17:56:56
ws\SysWow64\dciman32.dll
2015-07-15 06:20:21 . 2015-07-03 17:56:52
ws\SysWow64\atmlib.dll
2015-07-15 06:20:21 . 2015-07-03 17:55:42
ws\SysWow64\lpk.dll
2015-07-15 06:20:21 . 2015-07-03 16:52:31
ws\system32\atmfd.dll
2015-07-15 06:20:21 . 2015-07-03 16:42:38
ws\SysWow64\atmfd.dll
2015-07-15 05:49:12 . 2015-07-15 05:49:46
ws\SysWow64\FlashPlayerApp.exe
2015-07-15 05:49:12 . 2015-07-15 05:49:46
ws\SysWow64\FlashPlayerCPLApp.cpl
2015-07-14 23:57:25 . 2015-07-14 23:57:25
D:\Program Files\Microsoft Silverlight
2015-07-14 23:57:25 . 2015-07-14 23:57:25
D:\Program Files (x86)\Microsoft Silverlight
2015-07-14 23:56:45 . 2015-07-14 23:56:45
D:\ProgramData\DivX
2015-07-14 18:25:41 . 2006-09-21 11:59:14
ws\SysWow64\actskn43.ocx
2015-07-14 18:25:40 . 2015-07-14 18:25:41
D:\Program Files (x86)\netcut
2015-07-14 16:30:33 . 2010-05-26 09:41:02
ws\SysWow64\D3DCompiler_43.dll
2015-07-14 16:30:32 . 2010-05-26 09:41:02
ws\SysWow64\D3DX9_43.dll
2015-07-14 16:29:59 . 2015-07-14 16:30:05
D:\ProgramData\Package Cache
2015-07-14 06:20:10 . 2015-07-16 08:14:46
D:\Program Files (x86)\Wild Hare
2015-07-14 03:38:57 . 2015-07-14 03:39:05
D:\Program Files\Core Temp
2015-07-13 18:41:08 . 2015-07-13 18:41:10
D:\Program Files\MPC-HC
2015-07-11 02:22:17 . 2015-07-11 02:22:18
D:\Program Files\McAfee Security Scan
2015-07-10 22:21:07 . 2015-07-11 02:22:21
D:\ProgramData\McAfee Security Scan
2015-07-10 22:21:01 . 2015-07-10 22:21:01
D:\ProgramData\McAfee
2015-07-10 02:29:19 . 2013-08-15 14:39:12
ws\system32\PuranDefrag.dll
2015-07-10 02:29:19 . 2013-08-15 14:39:10
ws\system32\PuranDefragBT.exe
2015-07-10 02:29:18 . 2013-08-15 14:39:08
ws\system32\PuranDefragS.exe
2015-07-10 02:29:18 . 2013-08-15 14:39:06
ws\system32\PuranDC.exe
2015-07-10 02:29:18 . 2013-08-15 14:39:06
100864 ----a-w-
D:\Windo
14336
----a-w-
D:\Windo
46080
----a-w-
D:\Windo
70656
----a-w-
D:\Windo
10240
----a-w-
D:\Windo
34304
----a-w-
D:\Windo
25600
----a-w-
D:\Windo
372224 ----a-w-
D:\Windo
299008 ----a-w-
D:\Windo
778416 ----a-w-
D:\Windo
142512 ----a-w-
D:\Windo
--------
d-----w-
--------
d-----w-
--------
d-----w-
389120 ----a-w--------
D:\Windo
d-----w-
2106216 ----a-w-
D:\Windo
1998168 ----a-w-
D:\Windo
--------
d-----w-
--------
d-----w-
--------
d-----w-
--------
d-----w-
--------
d-----w-
--------
d-----w-
--------
d-----w-
256896 ----a-w-
D:\Windo
132480 ----a-w-
D:\Windo
292736 ----a-w-
D:\Windo
287616 ----a-w-
D:\Windo
1367424 ----a-w-
D:\Windo
ws\system32\PuranFD.exe
2015-07-10 02:29:17 . 2015-07-10 02:29:19
D:\Program Files\Puran Utilities
2015-07-08 21:04:42 . 2015-07-19 03:19:51
D:\Program Files (x86)\Microsoft Works
2015-07-08 21:03:47 . 2015-07-08 21:03:47
D:\Windows\PCHEALTH
2015-07-08 21:01:56 . 2015-07-08 21:01:56
D:\Program Files\Microsoft Office
2015-07-08 21:01:15 . 2015-07-19 22:13:25
D:\ProgramData\Microsoft Help
2015-07-08 20:59:57 . 2015-07-08 20:59:57
D:\MSOCache
2015-07-08 11:46:01 . 2015-07-10 05:12:13
D:\Program Files (x86)\ApeeeGoSoft
2015-07-08 07:21:31 . 2015-07-08 07:21:31
ws\system32\WinUSBCoInstaller2.dll
2015-07-08 07:19:34 . 2015-07-08 07:19:34
ws\system32\drivers\Smb_driver_Intel.sys
2015-07-08 07:13:25 . 2015-07-08 07:13:25
ws\system32\drivers\iusb3xhc.sys
2015-07-08 02:53:07 . 2015-07-08 02:53:10
D:\Program Files (x86)\WinPcap
2015-07-07 23:12:46 . 2015-07-07 23:12:46
D:\Program Files (x86)\4KDownload
2015-07-07 19:40:08 . 2015-01-30 23:56:52
ws\system32\rdpudd.dll
2015-07-07 19:40:04 . 2014-12-11 17:47:16
ws\system32\TSWbPrxy.exe
2015-07-07 07:22:38 . 2015-07-07 07:22:38
D:\Program Files (x86)\Sierra
2015-07-07 07:19:56 . 2003-10-14 05:44:46
ws\SysWow64\MFC71.dll
2015-07-07 06:15:23 . 2015-06-18 10:21:42
ws\system32\drivers\eagleGet.sys
2015-07-07 06:14:53 . 2015-07-17 03:46:15
D:\Program Files (x86)\EagleGet
2015-07-07 06:14:53 . 2015-07-17 03:46:12
D:\Program Files (x86)\Common Files\EagleGet
2015-07-07 06:14:53 . 2015-07-07 06:14:53
D:\ProgramData\EagleGet
2015-07-06 06:56:58 . 2014-08-29 02:07:13
ws\system32\tsgqec.dll
2015-07-06 06:56:58 . 2014-08-29 02:07:12
ws\system32\mstscax.dll
2015-07-06 06:56:58 . 2014-08-29 02:07:10
ws\system32\aaclient.dll
2015-07-06 06:56:58 . 2014-08-29 02:06:47
ws\system32\mstsc.exe
2015-07-06 06:56:58 . 2014-08-29 01:44:52
ws\SysWow64\tsgqec.dll
2015-07-06 06:56:58 . 2014-08-29 01:44:51
ws\SysWow64\mstscax.dll
2015-07-06 06:56:58 . 2014-08-29 01:44:49
ws\SysWow64\aaclient.dll
2015-07-06 06:56:58 . 2014-08-29 01:44:19
ws\SysWow64\mstsc.exe
2015-07-06 05:38:39 . 2015-07-06 05:38:39
D:\ProgramData\Ashampoo
2015-07-06 04:01:05 . 2015-07-11 15:33:43
--------
d-----w-
--------
d-----w-
--------
d-----w-
--------
d-----w-
--------
d-----w-
--------
d-----r-
--------
d-----w-
1002728 ----a-w-
D:\Windo
33448
----a-w-
D:\Windo
791024 ----a-w-
D:\Windo
--------
d-----w-
--------
d-----w-
243200 ----a-w-
D:\Windo
62976
D:\Windo
----a-w-
--------
d-----w-
1060864 ----a-w-
D:\Windo
77112
D:\Windo
----a-w-
--------
d-----w-
--------
d-----w-
--------
d-----w-
44032
----a-w-
D:\Windo
5780480 ----a-w-
D:\Windo
322560 ----a-w-
D:\Windo
1125888 ----a-w-
D:\Windo
37376
----a-w-
D:\Windo
4922368 ----a-w-
D:\Windo
269312 ----a-w-
D:\Windo
1050112 ----a-w-
D:\Windo
--------
d-----w-
--------
d-----w-
D:\Program Files (x86)\iMovie Video Converter

2015-07-05 22:34:47 . 2015-07-11 07:59:55
D:\Program Files (x86)\FrostWire 6
2015-07-05 13:06:06 . 2015-04-27 19:23:45
ws\system32\wintrust.dll
2015-07-05 13:06:06 . 2015-04-27 19:23:13
ws\system32\cryptsvc.dll
2015-07-05 13:06:06 . 2015-04-27 19:23:13
ws\system32\crypt32.dll
2015-07-05 13:06:06 . 2015-04-27 19:05:58
ws\SysWow64\wintrust.dll
2015-07-05 13:06:06 . 2015-04-27 19:04:37
ws\SysWow64\cryptsvc.dll
2015-07-05 13:06:06 . 2015-04-27 19:04:37
ws\SysWow64\crypt32.dll
2015-07-05 13:06:05 . 2015-04-27 19:23:13
ws\system32\cryptnet.dll
2015-07-05 13:06:05 . 2015-04-27 19:04:37
ws\SysWow64\cryptnet.dll
2015-07-05 05:22:08 . 2015-07-14 03:41:59
ws\gdrv.sys
2015-07-05 05:20:02 . 2015-07-17 20:07:41
D:\Windows\SysWow64\GWX
2015-07-05 05:20:01 . 2015-07-17 20:07:41
D:\Windows\system32\GWX
((((((((((((((((((((((((((((((((((((((((
)))))))))))))))))))))))))))))))
d-----w-
229376 ----a-w-
D:\Windo
188416 ----a-w-
D:\Windo
1480192 ----a-w-
D:\Windo
179200 ----a-w-
D:\Windo
143872 ----a-w-
D:\Windo
1174528 ----a-w-
D:\Windo
140288 ----a-w-
D:\Windo
103936 ----a-w-
D:\Windo
26192
D:\Windo
----a-w-
--------
d-s---w-
--------
d-s---w-
Find3M Report
2015-07-02 14:59:07 . 2009-07-14 02:36:51

ws\system32\msclmd.dll
2015-07-02 14:59:07 . 2009-07-14 02:36:51
ws\SysWow64\msclmd.dll
2015-07-01 22:39:42 . 2015-03-19 18:02:18
ws\SysWow64\IntelCpHeciSvc.exe
2015-07-01 22:39:42 . 2015-03-19 18:02:10
ws\SysWow64\igdusc32.dll
2015-07-01 22:39:42 . 2015-03-19 18:02:06
D:\Windows\SysWow64\igdumdim32.dll
2015-07-01 22:39:42 . 2015-03-19 18:01:44
D:\Windows\SysWow64\igd10iumd32.dll
2015-06-16 23:01:52 . 2015-06-16 23:01:52
ws\SysWow64\FM20.DLL
2015-06-10 20:18:06 . 2015-06-10 20:18:06
ws\SysWow64\DiscHandler.exe
2015-05-25 18:01:17 . 2015-07-03 11:15:24
ws\apppatch\acwow64.dll
(((((((((((((((((((((((((((((((((((((
)))))))))))))))))))))))))))))))
--------
)))))))))))))))))))))
175616 ----a-w-
D:\Windo
152576 ----a-w-
D:\Windo
280680 ----a-w-
D:\Windo
3628160 ----a-w-
D:\Windo
10474552
----a-w-
11793480
----a-w-
1202856 ----a-w-
D:\Windo
47080
----a-w-
D:\Windo
44032
----a-w-
D:\Windo
Reg Loading Points
)))))))))))))))))))
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EagleGet"="D:\Program Files (x86)\EagleGet\EagleGet.exe" [2015-07-10 15:43:54 1
861632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="D:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Control
ler Driver\Application\iusb3mon.exe" [2014-02-21 05:56:54 292848]
"PWRISOVM.EXE"="D:\Program Files (x86)\PowerISO\PWRISOVM.EXE" [2013-04-15 09:50:
34 337432]
D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - D:\Program Files\McAfee Security Scan\3.8.150\SS
Scheduler.exe [2014-4-9 332016]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;D
:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;D:\Windows\Microsoft
.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 pr2ae5eb;Instinct Drivers Auto Removal (pr2ae5eb);D:\Windows\system32\pr2ae5e
b.exe svc;D:\Windows\SYSNATIVE\pr2ae5eb.exe svc [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;D:\Windows\syst
em32\IEEtwCollector.exe;D:\Windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display Audio;D:\Windows\system32\DRIVERS\IntcDAud.sys;D:\W
indows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Li
censing Service TCP IP Interface;D:\Program Files\Intel\iCLS Client\SocketHeciSe
rver.exe;D:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;D:\Program
Files\McAfee Security Scan\3.8.150\McCHSvc.exe;D:\Program Files\McAfee Security
Scan\3.8.150\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;D:\Windows\system32\dri
vers\rdpvideominiport.sys;D:\Windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;D:\Windows\system32\drivers\synth3dvsc.sys;D:\Windows\S
YSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;D:\Windows\system32\drivers\tsusbflt.sys;D:\Windows\SYSNATI
VE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;D:\Windows\system32\drivers\tsusbhub.sys;D:\Windows\SYSNATI
VE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;D:\Windows\system32\drivers\rdvgkmd.sys;D:\Windows\SYSNATIVE\driver
s\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;D:\Windows\system32\Wat\W
atAdminSvc.exe;D:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 PuranDefrag;PuranDefrag;D:\Windows\system32\PuranDefragS.exe;D:\Windows\SYSNA
TIVE\PuranDefragS.exe [x]
S0 hotcore3;hotcore3;D:\Windows\SysWOW64\drivers\hotcore3.sys;D:\Windows\SysWOW6
4\drivers\hotcore3.sys [x]
S0 iaStorA;iaStorA;D:\Windows\system32\DRIVERS\iaStorA.sys;D:\Windows\SYSNATIVE\
DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;D:\Windows\system32\DRIVERS\iaStorF.sys;D:\Windows\SYSNATIVE\
DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;D:\Windows\system32\D
RIVERS\iusb3hcs.sys;D:\Windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 pe3ae5eb;Instinct Environment Driver (pe3ae5eb);D:\Windows\system32\drivers\p
e3ae5eb.sys;D:\Windows\SYSNATIVE\drivers\pe3ae5eb.sys [x]
S0 ps6ae5eb;Instinct Synchronization Driver (ps6ae5eb);D:\Windows\system32\drive
rs\ps6ae5eb.sys;D:\Windows\SYSNATIVE\drivers\ps6ae5eb.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;D:\Windows\SysWOW64\drivers\HWiNFO64A.SYS;
D:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S1 VBoxDrv;VirtualBox Service;D:\Windows\system32\DRIVERS\VBoxDrv.sys;D:\Windows
\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S2 AIPS;Arp Intelligent Protection Service;D:\Program Files (x86)\netcut\service
s\AIPS.exe;D:\Program Files (x86)\netcut\services\AIPS.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;D:\Windows\System32\svchost.exe;D:\Win
dows\SYSNATIVE\svchost.exe [x]
S2 egGetSvc;egGetSvc;D:\Program Files (x86)\EagleGet\EGMonitor.exe;D:\Program Fi
les (x86)\EagleGet\EGMonitor.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;D:\Windows\s
ystem32\igfxCUIService.exe;D:\Windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing
Service Interface;D:\Program Files\Intel\iCLS Client\HeciServer.exe;D:\Program
Files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;D:\Pro
gram Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
;D:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_serv
ice.exe [x]
S2 NIS;Norton Internet Security;D:\Program Files (x86)\Norton Internet Security\
Engine\21.7.0.11\NIS.exe;D:\Program Files (x86)\Norton Internet Security\Engine\
21.7.0.11\NIS.exe [x]
S2 NPF;NetGroup Packet Filter Driver;D:\Windows\system32\drivers\npf.sys;D:\Wind
ows\SYSNATIVE\drivers\npf.sys [x]
S3 BHDrvx64;BHDrvx64;D:\Program Files (x86)\Norton Internet Security\NortonData\
21.1.0.18\Definitions\BASHDefs\20150706.001\BHDrvx64.sys;D:\Program Files (x86)\
Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20150706.001\
BHDrvx64.sys [x]
S3 ccSet_NIS;NIS Settings Manager;D:\Windows\system32\drivers\NISx64\1507000.00B
\ccSetx64.sys;D:\Windows\SYSNATIVE\drivers\NISx64\1507000.00B\ccSetx64.sys [x]
S3 eagleGet;eagleGet;D:\Windows\system32\Drivers\eagleGet.sys;D:\Windows\SYSNATI
VE\Drivers\eagleGet.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;D:\Program Files (x86)\Common Files\S
ymantec Shared\EENGINE\EraserUtilRebootDrv.sys;D:\Program Files (x86)\Common Fil
es\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IDSVia64;IDSVia64;D:\Program Files (x86)\Norton Internet Security\NortonData\
21.1.0.18\Definitions\IPSDefs\20150717.001\IDSvia64.sys;D:\Program Files (x86)\N
orton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20150717.001\ID
Svia64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;D:\Windows\system32\DRIVERS\iusb3hub.sys
;D:\Windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;D:\Windows\system
32\DRIVERS\iusb3xhc.sys;D:\Windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;D:\Windows\system32\DRIVERS\Rt64win7.sys;D:\Wi
ndows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;D:\Windows\system32\DRIVERS\Smb_driver_Intel.sys;D:\Windows\S
YSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 SymDS;Symantec Data Store;D:\Windows\system32\drivers\NISx64\1507000.00B\SYMD
S64.SYS;D:\Windows\SYSNATIVE\drivers\NISx64\1507000.00B\SYMDS64.SYS [x]
S3 SymEFA;Symantec Extended File Attributes;D:\Windows\system32\drivers\NISx64\1
507000.00B\SYMEFA64.SYS;D:\Windows\SYSNATIVE\drivers\NISx64\1507000.00B\SYMEFA64
.SYS [x]
S3 SymIRON;Symantec Iron Driver;D:\Windows\system32\drivers\NISx64\1507000.00B\I
ronx64.SYS;D:\Windows\SYSNATIVE\drivers\NISx64\1507000.00B\Ironx64.SYS [x]
S3 SymNetS;Symantec Network Security WFP Driver;D:\Windows\System32\Drivers\NISx
64\1507000.00B\SYMNETS.SYS;D:\Windows\SYSNATIVE\Drivers\NISx64\1507000.00B\SYMNE
TS.SYS [x]
--- Other Services/Drivers In Memory --*NewlyCreated* - WS2IFSL
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed compon

ents\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-14 20:30:05
991048 ----a-wD:\Program Files (x86)\Google\Ch
rome\Application\43.0.2357.134\Installer\chrmstp.exe
Contents of the 'Scheduled Tasks' folder
2015-07-20 D:\Windows\Tasks\Adobe Flash Player Updater.job
- D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15 05
:49:14 . 2015-07-15 05:49:47]
2015-07-20 D:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-01 07:15:11 . 2
015-07-01 07:15:11]
2015-07-20 D:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- D:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-01 07:15:11 . 2
015-07-01 07:15:11]
--------- X64 Entries ----------[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [2015-07-20 07:51:1
0 14021336]
------- Supplementary Scan ------uLocal Page = D:\Windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mLocal Page = D:\Windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
IE: Download all links with EagleGet - D:\Program Files (x86)\EagleGet\IEGraberB
HO.dll/202
IE: Download with EagleGet - D:\Program Files (x86)\EagleGet\IEGraberBHO.dll/201
IE: E&xport to Microsoft Excel - D:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{60B176E7-8FC6-47A3-A703-947CEB6BB59A}: NameServer = 8.8.8.8,8.8
.4.4
FF - ProfilePath - D:\Users\mixer\AppData\Roaming\Mozilla\Firefox\Profiles\ebvox
pwo.default\
FF - prefs.js: browser.search.selectedEngine - webssearches
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.eg
FF - prefs.js: network.proxy.type - 2
- - - - ORPHANS REMOVED - - - Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - D:\Windows\System32\SPReview\SPReview
.exe

Combo Fix

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Combo Fix

Uploaded by

Copyright:

Available Formats

ComboFix 15-07-20.01 - mixer 07/20/2015 12:19:52.1.

Files Created from 2015-06-20 to 2015-07-20 )))))))

2015-07-20 10:25:27 . 2015-07-20 10:25:27

D:\Program Files (x86)\iMovie Video Converter

2015-07-02 14:59:07 . 2009-07-14 02:36:51

Reg Loading Points

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed compon

You might also like