Ziadost o kontrolu logu s ComboFixu
Napsal: 11 srp 2011 20:13
ComboFix 11-08-11.02 - Datta . 08. 2011 20:06:24.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1033.18.4095.2162 [GMT 2:00]
Running from: e:\upload\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Datta\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-07-11 to 2011-08-11 )))))))))))))))))))))))))))))))
.
.
2011-08-11 18:08 . 2011-08-11 18:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-11 17:20 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-11 17:20 . 2011-08-11 17:20 -------- d-----w- c:\programdata\Malwarebytes
2011-08-11 17:20 . 2011-08-11 17:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-08-11 17:20 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-11 17:19 . 2011-08-11 17:19 -------- d-----w- c:\program files (x86)\Ask.com
2011-08-11 17:10 . 2011-08-11 17:10 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2011-08-11 17:10 . 2011-08-11 17:10 -------- d-----w- c:\program files\Microsoft Security Client
2011-08-11 16:35 . 2009-10-30 13:31 33608 ----a-w- c:\windows\system32\TURegOpt.exe
2011-08-11 16:35 . 2009-10-30 13:24 25928 ----a-w- c:\windows\system32\authuitu.dll
2011-08-11 16:35 . 2009-10-30 13:24 21320 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-08-11 16:35 . 2009-10-30 13:24 36168 ----a-w- c:\windows\system32\uxtuneup.dll
2011-08-11 16:35 . 2009-10-30 13:24 30024 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-08-11 16:35 . 2011-08-11 16:35 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2010
2011-08-11 15:58 . 2011-08-11 15:58 65536 --sha-r- c:\windows\SysWow64\comres6.dll
2011-08-09 15:22 . 2011-08-09 15:22 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-08-08 15:00 . 2011-08-08 15:00 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2011-08-08 15:00 . 2011-08-08 15:00 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2011-08-08 15:00 . 2011-08-08 15:00 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-08-08 15:00 . 2011-08-08 15:00 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-08-08 15:00 . 2011-08-08 15:00 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-08-08 15:00 . 2011-08-08 15:00 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-08-08 15:00 . 2011-08-08 15:00 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-08-08 14:59 . 2011-08-08 15:00 -------- d-----w- c:\program files (x86)\QuickTime
2011-08-08 14:59 . 2011-08-08 14:59 -------- d-----w- c:\programdata\Apple Computer
2011-08-06 19:04 . 2011-08-06 19:04 -------- d-----w- C:\Temp
2011-08-06 18:47 . 2011-07-20 07:45 177640 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2011-08-06 18:47 . 2011-07-20 07:45 16872 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2011-08-06 18:47 . 2011-07-20 07:45 157672 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2011-08-06 18:47 . 2011-07-20 07:45 13800 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2011-08-06 18:47 . 2011-07-20 07:45 13800 ----a-w- c:\windows\system32\drivers\ssadwh.sys
2011-08-06 18:47 . 2011-07-20 07:45 13288 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2011-08-06 18:47 . 2011-07-20 07:45 13288 ----a-w- c:\windows\system32\drivers\ssadcm.sys
2011-08-06 18:46 . 2011-07-26 15:26 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2011-08-06 18:46 . 2011-08-06 18:46 -------- d-----w- c:\program files (x86)\MarkAny
2011-08-06 18:46 . 2011-07-26 15:26 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2011-08-06 18:45 . 2011-08-06 18:46 -------- d-----w- c:\program files (x86)\Samsung
2011-08-06 18:45 . 2011-08-06 18:46 -------- d-----w- c:\programdata\Samsung
2011-08-06 18:39 . 2011-08-08 18:56 -------- d-----w- c:\program files (x86)\DVD Catalyst
2011-08-06 18:39 . 2011-08-06 18:39 -------- d-----w- c:\users\Public\CyberLink
2011-08-06 18:37 . 2011-08-08 19:41 -------- d-----w- c:\programdata\CyberLink
2011-08-03 17:16 . 2011-08-03 17:16 -------- d-----w- c:\program files (x86)\Google
2011-08-01 17:08 . 2011-08-01 17:08 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-07-31 08:44 . 2011-07-31 08:44 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-07-31 08:28 . 2011-08-06 18:37 -------- d-----w- c:\users\Mama
2011-07-31 07:57 . 2011-07-31 07:57 -------- d-----w- c:\windows\SysWow64\Wat
2011-07-31 07:57 . 2011-07-31 07:57 -------- d-----w- c:\windows\system32\Wat
2011-07-31 07:54 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-07-31 07:54 . 2011-02-19 12:04 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-07-31 07:54 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-07-31 07:54 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-07-31 07:54 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-07-31 07:53 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-07-31 07:53 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2011-07-30 23:47 . 2011-07-30 13:56 -------- d-----w- c:\windows\Panther
2011-07-30 20:53 . 2011-07-30 20:53 -------- d-----w- c:\windows\system32\SPReview
2011-07-30 20:52 . 2011-07-30 20:52 -------- d-----w- c:\windows\system32\EventProviders
2011-07-30 20:50 . 2010-11-20 13:25 1504256 ----a-w- c:\windows\system32\wbengine.exe
2011-07-30 20:49 . 2010-11-20 13:27 67072 ----a-w- c:\windows\system32\wsnmp32.dll
2011-07-30 20:48 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-07-30 20:32 . 2011-03-11 06:41 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-07-30 20:32 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2011-07-30 20:32 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2011-07-30 20:32 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2011-07-30 20:32 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-07-30 20:32 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-07-30 20:32 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-07-30 20:32 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-07-30 20:32 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-07-30 20:32 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-07-30 20:32 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-07-30 20:31 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-07-30 20:31 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-07-30 20:31 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-07-30 20:31 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-07-30 20:31 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-07-30 20:31 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-07-30 20:31 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-07-30 20:31 . 2011-04-28 03:55 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2011-07-30 20:31 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2011-07-30 20:31 . 2010-11-20 13:24 229376 ----a-w- c:\windows\system32\fsquirt.exe
2011-07-30 20:26 . 2011-07-30 20:26 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-07-30 19:27 . 2011-07-30 20:29 -------- d-----w- c:\program files (x86)\Microsoft Works
2011-07-30 19:27 . 2011-07-30 19:27 -------- d-----w- c:\windows\PCHEALTH
2011-07-30 19:26 . 2011-08-11 16:52 -------- d-----w- c:\programdata\Microsoft Help
2011-07-30 19:25 . 2011-07-30 19:25 -------- d-----r- C:\MSOCache
2011-07-30 19:20 . 2011-07-30 19:20 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-07-30 19:20 . 2011-07-30 19:20 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2011-07-30 19:20 . 2011-07-30 19:20 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-07-30 19:19 . 2011-07-30 20:35 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-07-30 17:29 . 2011-07-30 17:29 -------- d-----w- c:\program files (x86)\AMD
2011-07-30 17:27 . 2011-07-30 17:27 -------- d-----r- c:\program files (x86)\Skype
2011-07-30 17:27 . 2011-07-30 17:27 -------- d-----w- c:\programdata\Skype
2011-07-30 17:03 . 2011-07-30 17:03 -------- d-----w- c:\program files (x86)\Microsoft
2011-07-30 17:03 . 2011-07-30 17:03 -------- d-----w- c:\program files (x86)\MSN Toolbar
2011-07-30 17:03 . 2011-07-30 20:34 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-07-30 17:03 . 2011-07-30 17:03 -------- d-----w- c:\program files (x86)\Bing Bar Installer
2011-07-30 17:03 . 2011-07-30 17:05 -------- d-----w- c:\programdata\HP Photo Creations
2011-07-30 17:03 . 2011-07-30 17:03 -------- d-----w- c:\program files (x86)\HP Photo Creations
2011-07-30 17:02 . 2011-07-30 17:05 -------- d-----w- c:\programdata\HP
2011-07-30 17:02 . 2011-07-30 19:35 -------- d-----w- c:\program files (x86)\HP
2011-07-30 17:01 . 2011-07-30 17:01 -------- d-----w- c:\program files\HP
2011-07-30 16:58 . 2011-07-30 16:58 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-07-30 16:58 . 2011-07-30 16:57 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-07-30 16:57 . 2011-07-30 16:57 -------- d-----w- c:\program files (x86)\Java
2011-07-30 16:54 . 2011-07-30 16:54 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-07-30 16:54 . 2011-07-30 16:54 -------- d-----w- c:\programdata\Apple
2011-07-30 16:38 . 2011-07-30 16:38 -------- d-----w- c:\program files (x86)\Downloaded Installations
2011-07-30 16:38 . 2004-02-26 22:00 962612 ----a-w- c:\windows\SysWow64\mfc42d.dll
2011-07-30 16:38 . 2004-02-16 22:00 434252 ----a-w- c:\windows\SysWow64\MSVCRTD.DLL
2011-07-30 16:38 . 2009-09-30 09:33 24576 ----a-w- c:\windows\SysWow64\AsIO.dll
2011-07-30 16:38 . 2009-08-04 08:28 13440 ----a-w- c:\windows\SysWow64\drivers\AsIO.sys
2011-07-30 16:37 . 2008-01-04 11:34 11832 ----a-w- c:\windows\SysWow64\drivers\AsInsHelp64.sys
2011-07-30 16:37 . 2008-01-04 11:34 10216 ----a-w- c:\windows\SysWow64\drivers\AsInsHelp32.sys
2011-07-30 16:37 . 2009-07-16 09:38 15416 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2011-07-30 16:31 . 2011-07-30 16:38 -------- d-----w- c:\program files (x86)\ASUS
2011-07-30 16:20 . 2011-07-30 16:20 -------- d-----w- c:\program files (x86)\VideoLAN
2011-07-30 16:03 . 2006-10-06 12:17 53248 ------w- c:\windows\Ctregrun.exe
2011-07-30 16:03 . 2000-05-22 14:58 647872 ------w- c:\windows\SysWow64\Mscomct2.ocx
2011-07-30 15:58 . 2011-07-30 15:58 -------- d-----w- c:\program files (x86)\Common Files\Creative
2011-07-30 15:58 . 2011-07-30 16:10 -------- d--h--w- c:\program files (x86)\Creative Installation Information
2011-07-30 15:58 . 2011-07-30 15:58 -------- d-----w- c:\program files (x86)\Common Files\Creative Labs Shared
2011-07-30 15:58 . 2011-07-30 16:09 -------- d-----w- c:\program files\Creative
2011-07-30 15:56 . 2010-05-05 19:18 12288 ----a-w- c:\windows\system32\INRES.DLL
2011-07-30 15:56 . 2010-05-05 18:01 11776 ----a-w- c:\windows\SysWow64\INRES.DLL
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-30 20:57 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-07-30 20:57 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-07-30 14:23 . 2011-07-30 14:23 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2011-07-30 14:23 . 2011-07-30 14:23 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-07-16 04:26 . 2011-08-11 16:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-08 04:15 . 2011-07-08 04:15 9884672 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-07-08 03:54 . 2011-07-08 03:54 23385600 ----a-w- c:\windows\system32\atio6axx.dll
2011-07-08 03:33 . 2011-07-08 03:33 17940992 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-07-08 03:29 . 2011-07-08 03:29 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-07-08 03:29 . 2011-07-08 03:29 689152 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-07-08 03:28 . 2011-07-08 03:28 814592 ----a-w- c:\windows\system32\aticfx64.dll
2011-07-08 03:25 . 2011-07-08 03:25 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-07-08 03:25 . 2011-07-08 03:25 485376 ----a-w- c:\windows\system32\atieclxx.exe
2011-07-08 03:25 . 2011-07-08 03:25 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-07-08 03:23 . 2011-07-08 03:23 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-07-08 03:23 . 2011-07-08 03:23 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-07-08 03:23 . 2011-07-08 03:23 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-07-08 03:23 . 2011-07-08 03:23 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-07-08 03:23 . 2011-07-08 03:23 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-07-08 03:23 . 2011-07-08 03:23 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-07-08 03:22 . 2011-07-08 03:22 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-07-08 03:19 . 2011-07-08 03:19 4275712 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-07-08 03:10 . 2011-07-08 03:10 5072896 ----a-w- c:\windows\system32\atidxx64.dll
2011-07-08 03:06 . 2011-07-08 03:06 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-07-08 03:05 . 2011-07-08 03:05 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-07-08 03:05 . 2011-07-08 03:05 3848704 ----a-w- c:\windows\system32\atiumd6a.dll
2011-07-08 03:02 . 2011-07-08 03:02 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-07-08 03:02 . 2011-07-08 03:02 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-07-08 03:01 . 2011-07-08 03:01 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-07-08 03:01 . 2011-07-08 03:01 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-07-08 03:01 . 2011-07-08 03:01 8134656 ----a-w- c:\windows\system32\aticaldd64.dll
2011-07-08 03:00 . 2011-07-08 03:00 4367360 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-07-08 02:58 . 2011-07-08 02:58 6740480 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-07-08 02:55 . 2011-07-08 02:55 4039680 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-07-08 02:54 . 2011-04-19 23:27 58880 ----a-w- c:\windows\system32\coinst.dll
2011-07-08 02:54 . 2011-07-08 02:54 5540864 ----a-w- c:\windows\system32\atiumd64.dll
2011-07-08 02:47 . 2011-07-08 02:47 375808 ----a-w- c:\windows\system32\atiadlxx.dll
2011-07-08 02:47 . 2011-07-08 02:47 266240 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-07-08 02:47 . 2011-07-08 02:47 15360 ----a-w- c:\windows\system32\atig6pxx.dll
2011-07-08 02:47 . 2011-07-08 02:47 13312 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-07-08 02:47 . 2011-07-08 02:47 13312 ----a-w- c:\windows\system32\atiglpxx.dll
2011-07-08 02:47 . 2011-07-08 02:47 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-07-08 02:47 . 2011-07-08 02:47 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-07-08 02:47 . 2011-07-08 02:47 307712 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-07-08 02:46 . 2011-07-08 02:46 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-07-08 02:46 . 2011-07-08 02:46 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-07-08 02:46 . 2011-07-08 02:46 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-07-08 02:45 . 2011-07-08 02:45 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-07-08 02:45 . 2011-07-08 02:45 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-07-08 02:41 . 2011-07-08 02:41 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-07-08 02:41 . 2011-07-08 02:41 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-07-08 02:40 . 2011-07-08 02:40 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-07-08 02:40 . 2011-07-08 02:40 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-07-07 21:37 . 2011-07-07 21:37 60416 ----a-w- c:\windows\system32\OVDecode64.dll
2011-07-07 21:37 . 2011-07-07 21:37 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-07-07 21:36 . 2011-07-07 21:36 16907776 ----a-w- c:\windows\system32\amdocl64.dll
2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-06-27 14:23 . 2011-06-27 14:23 53760 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-06-27 14:23 . 2011-06-27 14:23 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-06-27 14:22 . 2011-06-27 14:22 13904896 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-06-16 01:34 . 2011-06-16 01:34 2971648 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-06-16 01:34 . 2011-06-16 01:34 105984 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-07-26 16:23 1493160 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-07-26 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"ANT Agent"="c:\program files (x86)\Garmin\ANT Agent\ANT Agent.exe" [2011-04-14 12036968]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-07-30 639864]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-07-26 958352]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-07-26 3507088]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-07-26 20880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-07 336384]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]
"Bing Bar"="c:\program files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe" [2010-04-27 243544]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-07-26 397992]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
.
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2011-05-25 136616]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 136176]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-07-30 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-07-30 79360]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 136176]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-07 365568]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 17:16]
.
2011-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 17:16]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-02-18 415816]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-02-18 2093128]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-02-18 4271688]
"VX1000"="c:\windows\vVX1000.exe" [2010-05-20 762736]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-11-03 3856128]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://szm.sk/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 88.212.8.8 88.212.8.88
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\Datta\AppData\Roaming\Mozilla\Firefox\Profiles\t25bviy3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.csfd.cz/
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="0EF0D8373BF73B53C0F066EA07F5577F5B61F624DE0E39351D267FAE6C0D9FBFFA507619AC185131ACFC48DEDED12B9486381CA4528B94B9ABFE5B8E7305AD8405C31B963343DFD9118EC400BB723291FDA11DD2F454F08299B911EDD648A8110951562311FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98088EDD5E5BE2F6E667A6171C11EC38DE3DA6171C11EC38DE3D9707485BCAAF94E58951A9ECEB4AB7C41428068798A6824411797B0CF954940120048AC3DA164EF3A1CE2D97EC7EE7134A6EFE1FA8E523C847A0F3FDB6A10E32F0B41A0EE61FC83E0CC3F6DEBF3DEC089DB5E87D93FD738FCA219E18B00A3ABF4D6C1F62967D11BFF7486158458BD39AC37D6D47916B9F2FF9FC97AB191D897A5DCFC5DD3275F527F349C78EFC046FF6D8933991FCBC1A6F980A7C7B427FAFE82D5ABD1225618CD8F7848B7E8ED5D47E589E7FE7D4161AD0CEF07042266822472EDB388302ADAC6D5B8F129C42C15B462717F549BB2D9902A7B11AA85F251C02B3F5EFAA7C5B722DDDD142CD08A0A11689C9552A78CFD5E9131C24D0AD171EBCF6A01FF46E813E9A9D85096A70D909E9AC57DBEFF55AD1A16356BC4EF4B06B4F93A584C4D3C634E8A33DD842B1EBB5F39CB3CA76C3C1D376505B17A9BD7989C18A24E66D4EE93CFD57D9A317A5EB9096CB28E78B148D64EAF4766ADDB39045D3410F893922BC02768515651FC9FDC7EC12527D74BE58D3B3524C70DB27A3ADF7FDAC3C63B9A2F6A1E07A1804C05CCCC029A258E53DD0333BC9D0E6060B7893D46E974B1F9F17CD04FE683C63CFD55394AF5DC98C2FBBD81DA34E9337F86711C423BF8D90862600D3581558CF61CCD51C271B2986D86F5EAC0CE23A39AADB7FD58F6758CF43F0C8FCCA06F4CF043790C0F649CDE61E5722EF1280264D01D67F4C8D2507EA4DADA81E97181D5CE71F051D69A818B50D71C71E276BA6A5806B729C58E2FAE343A3640D65FA6263E3A2F8842DCDE66CD254B326A53F8D6CCF4401F190E197ACE533034F3BB259C87276F478532222FAC12410A94768B23D3B1B942C3A32C331184BD12287179A60AFDD45B3D2E13244529DCB7EABA9EFA634C05EDABE3C6B4DE4F1DF729C52C2F4DF33FBA1079C849F1F8F992D5598A32ECC9A5048E9B97DD278C002E5AEE5F2C566E66F632DB80C5766DD6E73AD9DB14CBC2122EBEBBA6F0624644F545825CF83CF79364DE76EBDAB0B7F04437EF8FEEAE15E4FF5D9A0B69F5C9DA547153881D3480330E7BE4B92CE94FEDA42793A77EBBA7495C72B23D1CCB944A400489AB352A22CFC6F1B2E89672D7C3249AE4809A26B9779F83DCC3DAF793EAFF1B51B1A0CD3328155CACE2390A42B1367975D2757BB10C0D3D0FCFDDBFC0BEE43885E65"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
.
**************************************************************************
.
Completion time: 2011-08-11 20:11:34 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-11 18:11
.
Pre-Run: 11 556 847 616 bytes free
Post-Run: 11 395 645 440 bytes free
.
- - End Of File - - 109CFEAB9C6986BE3AFC8C8FDA9D5FF9
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.421.1033.18.4095.2162 [GMT 2:00]
Running from: e:\upload\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Datta\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
c:\windows\SysWow64\muzapp.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-07-11 to 2011-08-11 )))))))))))))))))))))))))))))))
.
.
2011-08-11 18:08 . 2011-08-11 18:08 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-11 17:20 . 2011-07-06 17:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-08-11 17:20 . 2011-08-11 17:20 -------- d-----w- c:\programdata\Malwarebytes
2011-08-11 17:20 . 2011-08-11 17:20 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-08-11 17:20 . 2011-07-06 17:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-11 17:19 . 2011-08-11 17:19 -------- d-----w- c:\program files (x86)\Ask.com
2011-08-11 17:10 . 2011-08-11 17:10 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2011-08-11 17:10 . 2011-08-11 17:10 -------- d-----w- c:\program files\Microsoft Security Client
2011-08-11 16:35 . 2009-10-30 13:31 33608 ----a-w- c:\windows\system32\TURegOpt.exe
2011-08-11 16:35 . 2009-10-30 13:24 25928 ----a-w- c:\windows\system32\authuitu.dll
2011-08-11 16:35 . 2009-10-30 13:24 21320 ----a-w- c:\windows\SysWow64\authuitu.dll
2011-08-11 16:35 . 2009-10-30 13:24 36168 ----a-w- c:\windows\system32\uxtuneup.dll
2011-08-11 16:35 . 2009-10-30 13:24 30024 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2011-08-11 16:35 . 2011-08-11 16:35 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2010
2011-08-11 15:58 . 2011-08-11 15:58 65536 --sha-r- c:\windows\SysWow64\comres6.dll
2011-08-09 15:22 . 2011-08-09 15:22 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2011-08-08 15:00 . 2011-08-08 15:00 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2011-08-08 15:00 . 2011-08-08 15:00 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2011-08-08 15:00 . 2011-08-08 15:00 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-08-08 15:00 . 2011-08-08 15:00 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-08-08 15:00 . 2011-08-08 15:00 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-08-08 15:00 . 2011-08-08 15:00 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-08-08 15:00 . 2011-08-08 15:00 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-08-08 14:59 . 2011-08-08 15:00 -------- d-----w- c:\program files (x86)\QuickTime
2011-08-08 14:59 . 2011-08-08 14:59 -------- d-----w- c:\programdata\Apple Computer
2011-08-06 19:04 . 2011-08-06 19:04 -------- d-----w- C:\Temp
2011-08-06 18:47 . 2011-07-20 07:45 177640 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2011-08-06 18:47 . 2011-07-20 07:45 16872 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2011-08-06 18:47 . 2011-07-20 07:45 157672 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2011-08-06 18:47 . 2011-07-20 07:45 13800 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2011-08-06 18:47 . 2011-07-20 07:45 13800 ----a-w- c:\windows\system32\drivers\ssadwh.sys
2011-08-06 18:47 . 2011-07-20 07:45 13288 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2011-08-06 18:47 . 2011-07-20 07:45 13288 ----a-w- c:\windows\system32\drivers\ssadcm.sys
2011-08-06 18:46 . 2011-07-26 15:26 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2011-08-06 18:46 . 2011-08-06 18:46 -------- d-----w- c:\program files (x86)\MarkAny
2011-08-06 18:46 . 2011-07-26 15:26 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2011-08-06 18:45 . 2011-08-06 18:46 -------- d-----w- c:\program files (x86)\Samsung
2011-08-06 18:45 . 2011-08-06 18:46 -------- d-----w- c:\programdata\Samsung
2011-08-06 18:39 . 2011-08-08 18:56 -------- d-----w- c:\program files (x86)\DVD Catalyst
2011-08-06 18:39 . 2011-08-06 18:39 -------- d-----w- c:\users\Public\CyberLink
2011-08-06 18:37 . 2011-08-08 19:41 -------- d-----w- c:\programdata\CyberLink
2011-08-03 17:16 . 2011-08-03 17:16 -------- d-----w- c:\program files (x86)\Google
2011-08-01 17:08 . 2011-08-01 17:08 -------- d-----w- c:\program files (x86)\Apple Software Update
2011-07-31 08:44 . 2011-07-31 08:44 -------- d-sh--w- c:\programdata\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-07-31 08:28 . 2011-08-06 18:37 -------- d-----w- c:\users\Mama
2011-07-31 07:57 . 2011-07-31 07:57 -------- d-----w- c:\windows\SysWow64\Wat
2011-07-31 07:57 . 2011-07-31 07:57 -------- d-----w- c:\windows\system32\Wat
2011-07-31 07:54 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2011-07-31 07:54 . 2011-02-19 12:04 1544192 ----a-w- c:\windows\system32\DWrite.dll
2011-07-31 07:54 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2011-07-31 07:54 . 2011-02-19 06:30 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-07-31 07:54 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-07-31 07:53 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-07-31 07:53 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2011-07-30 23:47 . 2011-07-30 13:56 -------- d-----w- c:\windows\Panther
2011-07-30 20:53 . 2011-07-30 20:53 -------- d-----w- c:\windows\system32\SPReview
2011-07-30 20:52 . 2011-07-30 20:52 -------- d-----w- c:\windows\system32\EventProviders
2011-07-30 20:50 . 2010-11-20 13:25 1504256 ----a-w- c:\windows\system32\wbengine.exe
2011-07-30 20:49 . 2010-11-20 13:27 67072 ----a-w- c:\windows\system32\wsnmp32.dll
2011-07-30 20:48 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-07-30 20:32 . 2011-03-11 06:41 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-07-30 20:32 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2011-07-30 20:32 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2011-07-30 20:32 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2011-07-30 20:32 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-07-30 20:32 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-07-30 20:32 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-07-30 20:32 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-07-30 20:32 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-07-30 20:32 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-07-30 20:32 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-07-30 20:31 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-07-30 20:31 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-07-30 20:31 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-07-30 20:31 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-07-30 20:31 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-07-30 20:31 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-07-30 20:31 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-07-30 20:31 . 2011-04-28 03:55 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2011-07-30 20:31 . 2011-04-28 03:54 80384 ----a-w- c:\windows\system32\drivers\BTHUSB.SYS
2011-07-30 20:31 . 2010-11-20 13:24 229376 ----a-w- c:\windows\system32\fsquirt.exe
2011-07-30 20:26 . 2011-07-30 20:26 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2011-07-30 19:27 . 2011-07-30 20:29 -------- d-----w- c:\program files (x86)\Microsoft Works
2011-07-30 19:27 . 2011-07-30 19:27 -------- d-----w- c:\windows\PCHEALTH
2011-07-30 19:26 . 2011-08-11 16:52 -------- d-----w- c:\programdata\Microsoft Help
2011-07-30 19:25 . 2011-07-30 19:25 -------- d-----r- C:\MSOCache
2011-07-30 19:20 . 2011-07-30 19:20 254528 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-07-30 19:20 . 2011-07-30 19:20 -------- d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2011-07-30 19:20 . 2011-07-30 19:20 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2011-07-30 19:19 . 2011-07-30 20:35 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-07-30 17:29 . 2011-07-30 17:29 -------- d-----w- c:\program files (x86)\AMD
2011-07-30 17:27 . 2011-07-30 17:27 -------- d-----r- c:\program files (x86)\Skype
2011-07-30 17:27 . 2011-07-30 17:27 -------- d-----w- c:\programdata\Skype
2011-07-30 17:03 . 2011-07-30 17:03 -------- d-----w- c:\program files (x86)\Microsoft
2011-07-30 17:03 . 2011-07-30 17:03 -------- d-----w- c:\program files (x86)\MSN Toolbar
2011-07-30 17:03 . 2011-07-30 20:34 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-07-30 17:03 . 2011-07-30 17:03 -------- d-----w- c:\program files (x86)\Bing Bar Installer
2011-07-30 17:03 . 2011-07-30 17:05 -------- d-----w- c:\programdata\HP Photo Creations
2011-07-30 17:03 . 2011-07-30 17:03 -------- d-----w- c:\program files (x86)\HP Photo Creations
2011-07-30 17:02 . 2011-07-30 17:05 -------- d-----w- c:\programdata\HP
2011-07-30 17:02 . 2011-07-30 19:35 -------- d-----w- c:\program files (x86)\HP
2011-07-30 17:01 . 2011-07-30 17:01 -------- d-----w- c:\program files\HP
2011-07-30 16:58 . 2011-07-30 16:58 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-07-30 16:58 . 2011-07-30 16:57 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-07-30 16:57 . 2011-07-30 16:57 -------- d-----w- c:\program files (x86)\Java
2011-07-30 16:54 . 2011-07-30 16:54 -------- d-----w- c:\program files (x86)\Common Files\Apple
2011-07-30 16:54 . 2011-07-30 16:54 -------- d-----w- c:\programdata\Apple
2011-07-30 16:38 . 2011-07-30 16:38 -------- d-----w- c:\program files (x86)\Downloaded Installations
2011-07-30 16:38 . 2004-02-26 22:00 962612 ----a-w- c:\windows\SysWow64\mfc42d.dll
2011-07-30 16:38 . 2004-02-16 22:00 434252 ----a-w- c:\windows\SysWow64\MSVCRTD.DLL
2011-07-30 16:38 . 2009-09-30 09:33 24576 ----a-w- c:\windows\SysWow64\AsIO.dll
2011-07-30 16:38 . 2009-08-04 08:28 13440 ----a-w- c:\windows\SysWow64\drivers\AsIO.sys
2011-07-30 16:37 . 2008-01-04 11:34 11832 ----a-w- c:\windows\SysWow64\drivers\AsInsHelp64.sys
2011-07-30 16:37 . 2008-01-04 11:34 10216 ----a-w- c:\windows\SysWow64\drivers\AsInsHelp32.sys
2011-07-30 16:37 . 2009-07-16 09:38 15416 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2011-07-30 16:31 . 2011-07-30 16:38 -------- d-----w- c:\program files (x86)\ASUS
2011-07-30 16:20 . 2011-07-30 16:20 -------- d-----w- c:\program files (x86)\VideoLAN
2011-07-30 16:03 . 2006-10-06 12:17 53248 ------w- c:\windows\Ctregrun.exe
2011-07-30 16:03 . 2000-05-22 14:58 647872 ------w- c:\windows\SysWow64\Mscomct2.ocx
2011-07-30 15:58 . 2011-07-30 15:58 -------- d-----w- c:\program files (x86)\Common Files\Creative
2011-07-30 15:58 . 2011-07-30 16:10 -------- d--h--w- c:\program files (x86)\Creative Installation Information
2011-07-30 15:58 . 2011-07-30 15:58 -------- d-----w- c:\program files (x86)\Common Files\Creative Labs Shared
2011-07-30 15:58 . 2011-07-30 16:09 -------- d-----w- c:\program files\Creative
2011-07-30 15:56 . 2010-05-05 19:18 12288 ----a-w- c:\windows\system32\INRES.DLL
2011-07-30 15:56 . 2010-05-05 18:01 11776 ----a-w- c:\windows\SysWow64\INRES.DLL
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-30 20:57 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-07-30 20:57 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-07-30 14:23 . 2011-07-30 14:23 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2011-07-30 14:23 . 2011-07-30 14:23 249344 ----a-w- c:\windows\system32\webcheck.dll
2011-07-16 04:26 . 2011-08-11 16:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-07-08 04:15 . 2011-07-08 04:15 9884672 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-07-08 03:54 . 2011-07-08 03:54 23385600 ----a-w- c:\windows\system32\atio6axx.dll
2011-07-08 03:33 . 2011-07-08 03:33 17940992 ----a-w- c:\windows\SysWow64\atioglxx.dll
2011-07-08 03:29 . 2011-07-08 03:29 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-07-08 03:29 . 2011-07-08 03:29 689152 ----a-w- c:\windows\SysWow64\aticfx32.dll
2011-07-08 03:28 . 2011-07-08 03:28 814592 ----a-w- c:\windows\system32\aticfx64.dll
2011-07-08 03:25 . 2011-07-08 03:25 462848 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-07-08 03:25 . 2011-07-08 03:25 485376 ----a-w- c:\windows\system32\atieclxx.exe
2011-07-08 03:25 . 2011-07-08 03:25 204288 ----a-w- c:\windows\system32\atiesrxx.exe
2011-07-08 03:23 . 2011-07-08 03:23 120320 ----a-w- c:\windows\system32\atitmm64.dll
2011-07-08 03:23 . 2011-07-08 03:23 423424 ----a-w- c:\windows\system32\atipdl64.dll
2011-07-08 03:23 . 2011-07-08 03:23 356352 ----a-w- c:\windows\SysWow64\atipdlxx.dll
2011-07-08 03:23 . 2011-07-08 03:23 278528 ----a-w- c:\windows\SysWow64\Oemdspif.dll
2011-07-08 03:23 . 2011-07-08 03:23 16384 ----a-w- c:\windows\system32\atimuixx.dll
2011-07-08 03:23 . 2011-07-08 03:23 59392 ----a-w- c:\windows\system32\atiedu64.dll
2011-07-08 03:22 . 2011-07-08 03:22 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2011-07-08 03:19 . 2011-07-08 03:19 4275712 ----a-w- c:\windows\SysWow64\atidxx32.dll
2011-07-08 03:10 . 2011-07-08 03:10 5072896 ----a-w- c:\windows\system32\atidxx64.dll
2011-07-08 03:06 . 2011-07-08 03:06 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2011-07-08 03:05 . 2011-07-08 03:05 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2011-07-08 03:05 . 2011-07-08 03:05 3848704 ----a-w- c:\windows\system32\atiumd6a.dll
2011-07-08 03:02 . 2011-07-08 03:02 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2011-07-08 03:02 . 2011-07-08 03:02 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2011-07-08 03:01 . 2011-07-08 03:01 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2011-07-08 03:01 . 2011-07-08 03:01 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2011-07-08 03:01 . 2011-07-08 03:01 8134656 ----a-w- c:\windows\system32\aticaldd64.dll
2011-07-08 03:00 . 2011-07-08 03:00 4367360 ----a-w- c:\windows\SysWow64\atiumdag.dll
2011-07-08 02:58 . 2011-07-08 02:58 6740480 ----a-w- c:\windows\SysWow64\aticaldd.dll
2011-07-08 02:55 . 2011-07-08 02:55 4039680 ----a-w- c:\windows\SysWow64\atiumdva.dll
2011-07-08 02:54 . 2011-04-19 23:27 58880 ----a-w- c:\windows\system32\coinst.dll
2011-07-08 02:54 . 2011-07-08 02:54 5540864 ----a-w- c:\windows\system32\atiumd64.dll
2011-07-08 02:47 . 2011-07-08 02:47 375808 ----a-w- c:\windows\system32\atiadlxx.dll
2011-07-08 02:47 . 2011-07-08 02:47 266240 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2011-07-08 02:47 . 2011-07-08 02:47 15360 ----a-w- c:\windows\system32\atig6pxx.dll
2011-07-08 02:47 . 2011-07-08 02:47 13312 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2011-07-08 02:47 . 2011-07-08 02:47 13312 ----a-w- c:\windows\system32\atiglpxx.dll
2011-07-08 02:47 . 2011-07-08 02:47 39936 ----a-w- c:\windows\system32\atig6txx.dll
2011-07-08 02:47 . 2011-07-08 02:47 32768 ----a-w- c:\windows\SysWow64\atigktxx.dll
2011-07-08 02:47 . 2011-07-08 02:47 307712 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-07-08 02:46 . 2011-07-08 02:46 40960 ----a-w- c:\windows\system32\atiuxp64.dll
2011-07-08 02:46 . 2011-07-08 02:46 31744 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2011-07-08 02:46 . 2011-07-08 02:46 38912 ----a-w- c:\windows\system32\atiu9p64.dll
2011-07-08 02:45 . 2011-07-08 02:45 29184 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2011-07-08 02:45 . 2011-07-08 02:45 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-07-08 02:41 . 2011-07-08 02:41 53760 ----a-w- c:\windows\system32\atimpc64.dll
2011-07-08 02:41 . 2011-07-08 02:41 53760 ----a-w- c:\windows\system32\amdpcom64.dll
2011-07-08 02:40 . 2011-07-08 02:40 52736 ----a-w- c:\windows\SysWow64\atimpc32.dll
2011-07-08 02:40 . 2011-07-08 02:40 52736 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2011-07-07 21:37 . 2011-07-07 21:37 60416 ----a-w- c:\windows\system32\OVDecode64.dll
2011-07-07 21:37 . 2011-07-07 21:37 51200 ----a-w- c:\windows\system32\OpenCL.dll
2011-07-07 21:36 . 2011-07-07 21:36 16907776 ----a-w- c:\windows\system32\amdocl64.dll
2011-07-05 16:37 . 2011-07-05 16:37 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
2011-07-05 16:37 . 2011-07-05 16:37 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
2011-06-27 14:23 . 2011-06-27 14:23 53760 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-06-27 14:23 . 2011-06-27 14:23 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-06-27 14:22 . 2011-06-27 14:22 13904896 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-06-16 01:34 . 2011-06-16 01:34 2971648 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-06-16 01:34 . 2011-06-16 01:34 105984 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-07-26 16:23 1493160 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2011-07-26 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files (x86)\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"ANT Agent"="c:\program files (x86)\Garmin\ANT Agent\ANT Agent.exe" [2011-04-14 12036968]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-07-30 639864]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-07-26 958352]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-07-26 3507088]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-07-26 20880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-07 336384]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]
"Bing Bar"="c:\program files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe" [2010-04-27 243544]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2011-07-26 397992]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 29696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"HP Software Update"=c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe
.
R2 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2011-05-25 136616]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 136176]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-07-30 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-07-30 79360]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 136176]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-07 365568]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 17:16]
.
2011-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-03 17:16]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-02-18 415816]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-02-18 2093128]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-02-18 4271688]
"VX1000"="c:\windows\vVX1000.exe" [2010-05-20 762736]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-11-03 3856128]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://szm.sk/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 88.212.8.8 88.212.8.88
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
FF - ProfilePath - c:\users\Datta\AppData\Roaming\Mozilla\Firefox\Profiles\t25bviy3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.csfd.cz/
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
FF - user.js: nglayout.initialpaint.delay - 750
FF - user.js: content.notify.interval - 750000
FF - user.js: content.max.tokenizing.time - 2250000
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="0EF0D8373BF73B53C0F066EA07F5577F5B61F624DE0E39351D267FAE6C0D9FBFFA507619AC185131ACFC48DEDED12B9486381CA4528B94B9ABFE5B8E7305AD8405C31B963343DFD9118EC400BB723291FDA11DD2F454F08299B911EDD648A8110951562311FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98088EDD5E5BE2F6E667A6171C11EC38DE3DA6171C11EC38DE3D9707485BCAAF94E58951A9ECEB4AB7C41428068798A6824411797B0CF954940120048AC3DA164EF3A1CE2D97EC7EE7134A6EFE1FA8E523C847A0F3FDB6A10E32F0B41A0EE61FC83E0CC3F6DEBF3DEC089DB5E87D93FD738FCA219E18B00A3ABF4D6C1F62967D11BFF7486158458BD39AC37D6D47916B9F2FF9FC97AB191D897A5DCFC5DD3275F527F349C78EFC046FF6D8933991FCBC1A6F980A7C7B427FAFE82D5ABD1225618CD8F7848B7E8ED5D47E589E7FE7D4161AD0CEF07042266822472EDB388302ADAC6D5B8F129C42C15B462717F549BB2D9902A7B11AA85F251C02B3F5EFAA7C5B722DDDD142CD08A0A11689C9552A78CFD5E9131C24D0AD171EBCF6A01FF46E813E9A9D85096A70D909E9AC57DBEFF55AD1A16356BC4EF4B06B4F93A584C4D3C634E8A33DD842B1EBB5F39CB3CA76C3C1D376505B17A9BD7989C18A24E66D4EE93CFD57D9A317A5EB9096CB28E78B148D64EAF4766ADDB39045D3410F893922BC02768515651FC9FDC7EC12527D74BE58D3B3524C70DB27A3ADF7FDAC3C63B9A2F6A1E07A1804C05CCCC029A258E53DD0333BC9D0E6060B7893D46E974B1F9F17CD04FE683C63CFD55394AF5DC98C2FBBD81DA34E9337F86711C423BF8D90862600D3581558CF61CCD51C271B2986D86F5EAC0CE23A39AADB7FD58F6758CF43F0C8FCCA06F4CF043790C0F649CDE61E5722EF1280264D01D67F4C8D2507EA4DADA81E97181D5CE71F051D69A818B50D71C71E276BA6A5806B729C58E2FAE343A3640D65FA6263E3A2F8842DCDE66CD254B326A53F8D6CCF4401F190E197ACE533034F3BB259C87276F478532222FAC12410A94768B23D3B1B942C3A32C331184BD12287179A60AFDD45B3D2E13244529DCB7EABA9EFA634C05EDABE3C6B4DE4F1DF729C52C2F4DF33FBA1079C849F1F8F992D5598A32ECC9A5048E9B97DD278C002E5AEE5F2C566E66F632DB80C5766DD6E73AD9DB14CBC2122EBEBBA6F0624644F545825CF83CF79364DE76EBDAB0B7F04437EF8FEEAE15E4FF5D9A0B69F5C9DA547153881D3480330E7BE4B92CE94FEDA42793A77EBBA7495C72B23D1CCB944A400489AB352A22CFC6F1B2E89672D7C3249AE4809A26B9779F83DCC3DAF793EAFF1B51B1A0CD3328155CACE2390A42B1367975D2757BB10C0D3D0FCFDDBFC0BEE43885E65"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
.
**************************************************************************
.
Completion time: 2011-08-11 20:11:34 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-11 18:11
.
Pre-Run: 11 556 847 616 bytes free
Post-Run: 11 395 645 440 bytes free
.
- - End Of File - - 109CFEAB9C6986BE3AFC8C8FDA9D5FF9
