ComboFix 11-11-05 - Free Webs



ComboFix 11-11-05.02 - Home 05/11/2011 17:16:05.1.1 - x86

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.2038.986 [GMT 0:00]

Running from: C:\Users\Home\Downloads\ComboFix.exe

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\install.exe

C:\Program Files\Downloaded Installers

C:\Program Files\Downloaded Installers\{E3870ACA-B46E-43B7-AE31-D18659FD85F0}\setup.msi

C:\Windows\system32\w32apiw.dll

((((((((((((((((((((((((( Files Created from 2011-10-05 to 2011-11-05 )))))))))))))))))))))))))))))))

2011-11-05 17:27:53 . 2011-11-05 17:27:53 -------- d-----w- C:\Users\Guest\AppData\Local\temp

2011-11-05 17:27:53 . 2011-11-05 17:27:53 -------- d-----w- C:\Users\Default\AppData\Local\temp

2011-11-05 17:27:53 . 2011-11-05 17:27:53 -------- d-----w- C:\Users\Administrator\AppData\Local\temp

2011-11-05 00:38:15 . 2011-11-05 00:38:15 56200 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6CDE8837-3499-429F-9F83-D83B476344CF}\offreg.dll

2011-11-05 00:38:14 . 2011-10-07 03:48:07 6668624 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6CDE8837-3499-429F-9F83-D83B476344CF}\mpengine.dll

2011-11-04 15:24:34 . 2007-03-01 09:18:00 92032 ----a-r- C:\Windows\system32\drivers\ewusbmdm.sys

2011-11-04 15:24:34 . 2007-03-01 09:17:52 23424 ----a-r- C:\Windows\system32\drivers\ewdcsc.sys

2011-10-29 15:09:18 . 2011-10-29 15:09:18 161890 ----a-w- C:\Windows\DP Animation Maker Uninstaller.exe

2011-10-29 15:09:15 . 2011-10-29 15:09:17 -------- d-----w- C:\Program Files\DP Animation Maker

2011-10-29 15:09:15 . 2011-10-29 15:09:15 -------- d-----w- C:\Program Files\Common Files\Thraex Software

2011-10-28 04:30:37 . 2011-10-28 04:30:37 -------- d-----w- C:\Program Files\Chami

2011-10-26 19:08:48 . 2011-08-13 04:18:25 6144 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll

2011-10-24 07:27:18 . 2011-10-24 07:27:47 300 ----a-w- C:\Windows\system32\alarms.reg

2011-10-23 06:17:11 . 2011-10-23 06:17:13 -------- d-----w- C:\Program Files\Callnote

2011-10-23 05:33:52 . 2011-10-23 06:20:10 -------- d-----w- C:\Users\Home\AppData\Roaming\Pamela Call Recorder

2011-10-23 05:33:52 . 2011-10-23 05:33:52 -------- d-----w- C:\Users\Home\AppData\Roaming\Pamela

2011-10-23 05:33:47 . 2011-10-23 05:33:54 -------- d-----w- C:\Program Files\PamelaPCR

2011-10-23 05:13:18 . 2011-10-29 23:31:14 -------- d-----w- C:\Users\Home\AppData\Roaming\Skype

2011-10-23 05:12:46 . 2011-10-23 05:13:40 -------- d-----r- C:\Program Files\Skype

2011-10-23 05:12:39 . 2011-10-23 05:12:45 -------- d-----w- C:\ProgramData\Skype

2011-10-23 03:19:35 . 2011-10-23 03:19:35 -------- d-----w- C:\Users\Home\AppData\Roaming\TeamViewer

2011-10-22 05:23:52 . 2011-10-22 05:23:52 -------- d-----w- C:\ATISupport

2011-10-22 05:03:43 . 2011-10-22 05:03:43 -------- dc-h--w- C:\ProgramData\{4E78170A-6049-4586-A083-3AECE1A687E4}

2011-10-22 05:02:11 . 2011-10-22 05:02:14 -------- d-----w- C:\Program Files\WinSysClean X2

2011-10-19 22:09:36 . 2011-10-19 22:09:36 -------- d-----w- C:\Program Files\iMesh Applications

2011-10-19 22:07:48 . 2011-10-21 01:41:18 -------- dc-h--w- C:\ProgramData\{D7941DA4-2EF5-4E70-8A3D-3CF7634A336B}

2011-10-19 22:07:02 . 2011-10-19 22:07:02 -------- d-----w- C:\Users\Home\AppData\Local\PackageAware

2011-10-19 19:21:24 . 2011-10-19 19:21:24 -------- d-----w- C:\PFiles

2011-10-17 23:01:41 . 2011-10-19 20:09:43 -------- d-----w- C:\Users\Home\AppData\Roaming\Software Informer

2011-10-17 23:01:40 . 2011-10-17 23:01:41 -------- d-----w- C:\Program Files\Software Informer

2011-10-15 02:56:32 . 2011-10-15 02:56:32 -------- d-----w- C:\Program Files\Ashampoo

2011-10-13 20:01:14 . 2011-09-06 02:28:37 2334720 ----a-w- C:\Windows\system32\win32k.sys

2011-10-13 20:01:12 . 2011-08-17 04:24:12 465408 ----a-w- C:\Windows\system32\psisdecd.dll

2011-10-13 20:01:12 . 2011-08-17 04:19:27 75776 ----a-w- C:\Windows\system32\psisrndr.ax

2011-10-13 20:01:08 . 2011-08-27 04:26:27 571904 ----a-w- C:\Windows\system32\oleaut32.dll

2011-10-13 20:01:08 . 2011-08-27 04:26:27 233472 ----a-w- C:\Windows\system32\oleacc.dll

2011-10-10 04:07:49 . 2009-09-04 16:44:40 69464 ----a-w- C:\Windows\system32\XAPOFX1_3.dll

2011-10-10 04:07:49 . 2009-09-04 16:44:40 515416 ----a-w- C:\Windows\system32\XAudio2_5.dll

2011-10-10 04:07:49 . 2009-09-04 16:29:34 453456 ----a-w- C:\Windows\system32\d3dx10_42.dll

2011-10-09 21:19:08 . 2011-10-10 23:33:06 -------- d-----w- C:\Remote Programs

2011-10-09 21:19:05 . 2010-10-28 17:29:36 49152 ----a-w- C:\Windows\system32\ErrorLogging.dll

2011-10-09 21:18:53 . 2001-09-05 04:18:34 225280 ----a-w- C:\Program Files\Common Files\InstallShield\IScript\iscript.dll

2011-10-09 21:18:52 . 2001-09-05 04:14:42 176128 ----a-w- C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll

2011-10-09 21:18:52 . 2001-09-05 04:13:42 32768 ----a-w- C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll

2011-10-09 21:18:51 . 2001-09-05 04:18:52 77824 ----a-w- C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll

2011-10-09 21:18:44 . 2003-02-07 00:07:00 614532 ----a-w- C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2011-10-25 17:53:54 . 2011-05-15 18:32:42 414368 ----a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl

2011-10-23 16:51:54 . 2011-02-15 12:46:02 14454784 ----a-w- C:\Windows\system32\common_res.dll

2011-10-03 04:06:03 . 2011-10-03 04:57:56 472808 ----a-w- C:\Windows\system32\deployJava1.dll

2011-09-20 04:30:56 . 2011-09-20 04:30:56 3584 ----a-r- C:\Users\Home\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe

2011-09-06 20:45:29 . 2010-07-14 18:25:28 41184 ----a-w- C:\Windows\avastSS.scr

2011-09-06 20:45:29 . 2010-07-14 18:25:27 199304 ----a-w- C:\Windows\system32\aswBoot.exe

2011-09-06 20:38:05 . 2011-02-24 08:13:14 442200 ----a-w- C:\Windows\system32\drivers\aswSnx.sys

2011-09-06 20:37:53 . 2010-07-14 18:26:24 320856 ----a-w- C:\Windows\system32\drivers\aswSP.sys

2011-09-06 20:36:38 . 2010-07-14 18:26:23 34392 ----a-w- C:\Windows\system32\drivers\aswRdr.sys

2011-09-06 20:36:36 . 2010-07-14 18:26:21 52568 ----a-w- C:\Windows\system32\drivers\aswTdi.sys

2011-09-06 20:36:26 . 2010-07-14 18:26:18 54616 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys

2011-09-06 20:36:12 . 2010-07-14 18:26:25 20568 ----a-w- C:\Windows\system32\drivers\aswFsBlk.sys

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{1E5A4F45-C0AA-403B-8347-AF78A162D200}"= "C:\Program Files\Webs Credits 2\Helper.dll" [2011-09-30 03:05:56 361472]

[HKEY_CLASSES_ROOT\clsid\{1e5a4f45-c0aa-403b-8347-af78a162d200}]

[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1]

[HKEY_CLASSES_ROOT\TypeLib\{26D232EA-82BE-4AC9-96C0-1B61A4900FC1}]

[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{818B93D5-A4FA-4488-BF14-C4CB7B54AA0C}]

2011-09-30 03:05:56 1604096 ----a-w- C:\Program Files\Webs Credits 2\Toolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{674F9426-E0C0-4BEC-A819-5F57D5A94CB3}"= "C:\Program Files\Webs Credits 2\Toolbar.dll" [2011-09-30 03:05:56 1604096]

[HKEY_CLASSES_ROOT\clsid\{674f9426-e0c0-4bec-a819-5f57d5a94cb3}]

[HKEY_CLASSES_ROOT\FCTB000062219.IEToolbar.1]

[HKEY_CLASSES_ROOT\TypeLib\{BF6E780C-D909-4910-98E1-33F53F9680DD}]

[HKEY_CLASSES_ROOT\FCTB000062219.IEToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{674F9426-E0C0-4BEC-A819-5F57D5A94CB3}"= "C:\Program Files\Webs Credits 2\Toolbar.dll" [2011-09-30 03:05:56 1604096]

[HKEY_CLASSES_ROOT\clsid\{674f9426-e0c0-4bec-a819-5f57d5a94cb3}]

[HKEY_CLASSES_ROOT\FCTB000062219.IEToolbar.1]

[HKEY_CLASSES_ROOT\TypeLib\{BF6E780C-D909-4910-98E1-33F53F9680DD}]

[HKEY_CLASSES_ROOT\FCTB000062219.IEToolbar]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-09-06 20:45:22 122512 ----a-w- C:\Program Files\Alwil Software\Avast5\ashShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ccleaner"="C:\LiberKey\Apps\CCleaner\App\CCleaner\CCleaner.exe" [2011-10-21 12:30:08 2663232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MobileConnect"="C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-09-18 16:48:34 2412032]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2009-09-03 22:21:41 548352 ----a-w- C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0RwcLkRen C:\Windows\system32\RwcLkCfg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LAlarmSubProgram]

2009-12-15 14:26:20 32768 ----a-r- C:\Program Files\LAlarm\LAlarmSub.exe

R1 aswSnx;aswSnx; [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 12:16:28 130384]

R2 LAlarmService;LAlarm Service;C:\Program Files\LAlarm\LAlarmService.exe [2009-12-15 14:26:20 28672]

R2 R-Wipe and Clean Task Service;R-Wipe and Clean Task Service;C:\Program Files\R-Wipe&Clean\RwcTaskService.exe [2011-06-24 16:24:46 114688]

R3 athur;Atheros AR9271 Wireless Network Adapter Service;C:\Windows\system32\DRIVERS\athur.sys [2010-01-05 02:20:10 1500160]

R3 KEUVVEAXPDN;KEUVVEAXPDN; [x]

R3 MatSvc;Microsoft Automated Troubleshooting Service;C:\Program Files\Microsoft Fix it Center\Matsvc.exe [2010-11-16 01:10:14 267568]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys [2010-11-20 10:21:14 15872]

R3 SASENUM;SASENUM; [x]

R3 SliceDisk5;SliceDisk5;C:\LiberKey\Apps\PartitionFindandMount\App\PartitionFindandMount\slicedisk.sys [2011-02-25 20:16:50 26192]

R3 SWDUMon;SWDUMon;C:\Windows\system32\DRIVERS\SWDUMon.sys [2011-05-13 03:14:18 11232]

R3 TRBCRLZNZLR;TRBCRLZNZLR; [x]

R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 10:24:41 52224]

R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2011-08-15 14:06:20 104752]

R3 VBoxNetFlt;VirtualBox Bridged Networking Service;C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [x]

R4 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-21 05:09:58 116608]

R4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 11:55:28 64952]

R4 gupdate;Google Update Service (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-17 16:04:53 136176]

S1 aswSP;aswSP; [x]

S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-08-09 04:30:14 12880]

S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-08-09 04:30:15 67664]

S1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 23:52:04 48128]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys [2011-09-06 20:36:26 54616]

S2 VMCService;Vodafone Mobile Connect Service;C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-09-18 16:48:28 9216]

S2 X4HSEx_Pr146;X4HSEx_Pr146;C:\Program Files\GameTreat Player\X4HSEx.Sys [2010-03-10 19:02:38 56352]

S3 netr73;RT73 USB Extensible Wireless LAN Card Driver;C:\Windows\system32\DRIVERS\netr73.sys [2010-02-24 06:06:30 562464]

--- Other Services/Drivers In Memory ---

*Deregistered* - BMLoad

------- Supplementary Scan -------

uStart Page = hxxp://torfaenpcclasses.apps/profile/

mStart Page = about:blank

LSP: bmnet.dll

DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} -

DPF: {9E89BECE-D23F-4782-8397-242E78C042D1} -

- - - - ORPHANS REMOVED - - - -

ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download

To fulfill the demand for quickly locating and searching documents.

It is intelligent file search solution for home and business.

Literature Lottery

Related download
Related searches

©2024 5y1.org, Inc. All rights reserved.