Hello! Di sini anda dapat mempaste text dan lainnya, gunakan password bila diperlukan.

Posted by chrusty on May Fri 17th 9:17 PM - Never Expires
View followups from Anonymous | Download | New paste

  1. ComboFix 13-05-16.02 - chrusty 05/17/2013  20:06:48.1.2 - x86
  2. Microsoft Windows 7 Ultimate   6.1.7600.0.1252.1.1033.18.2047.596 [GMT 7:00]
  3. Running from: c:\users\chrusty\Downloads\Programs\ComboFix_2.exe
  4. SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  5. .
  6. .
  7. (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
  8. .
  9. .
  10. c:\programdata\BF0CBCE0AD.sys
  11. c:\programdata\ccontiNuetooSave
  12. c:\programdata\ccontiNuetooSave\518c66b6b29ca.dll
  13. c:\programdata\ccontiNuetooSave\518c66b6b29ca.tlb
  14. c:\programdata\ccontiNuetooSave\data\ccontiNuetooSave.dat
  15. c:\programdata\ccontiNuetooSave\settings.ini
  16. c:\programdata\ccontiNuetooSave\uninstall.exe
  17. c:\programdata\contiinuuetooseauvee
  18. c:\programdata\contiinuuetooseauvee\5192f1864d190.dll
  19. c:\programdata\contiinuuetooseauvee\5192f1864d190.tlb
  20. c:\programdata\contiinuuetooseauvee\data\contiinuuetooseauvee.dat
  21. c:\programdata\contiinuuetooseauvee\settings.ini
  22. c:\programdata\contiinuuetooseauvee\uninstall.exe
  23. c:\programdata\conttinuuetoosoave
  24. c:\programdata\conttinuuetoosoave\518a69fb8cf8d.dll
  25. c:\programdata\conttinuuetoosoave\518a69fb8cf8d.tlb
  26. c:\programdata\conttinuuetoosoave\data\conttinuuetoosoave.dat
  27. c:\programdata\conttinuuetoosoave\settings.ini
  28. c:\programdata\cuonutuiinuetyosaavee
  29. c:\programdata\cuonutuiinuetyosaavee\518b30dc5150a.dll
  30. c:\programdata\cuonutuiinuetyosaavee\518b30dc5150a.tlb
  31. c:\programdata\cuonutuiinuetyosaavee\data\cuonutuiinuetyosaavee.dat
  32. c:\programdata\cuonutuiinuetyosaavee\settings.ini
  33. c:\programdata\Microsoft\Windows\Start Menu\Programs\ccontiNuetooSave
  34. c:\programdata\Microsoft\Windows\Start Menu\Programs\ccontiNuetooSave\ccontiNuetooSave.lnk
  35. c:\programdata\Microsoft\Windows\Start Menu\Programs\ccontiNuetooSave\Uninstall.lnk
  36. c:\programdata\Microsoft\Windows\Start Menu\Programs\contiinuuetooseauvee
  37. c:\programdata\Microsoft\Windows\Start Menu\Programs\contiinuuetooseauvee\contiinuuetooseauvee.lnk
  38. c:\programdata\Microsoft\Windows\Start Menu\Programs\contiinuuetooseauvee\Uninstall.lnk
  39. c:\programdata\SearchNewTab
  40. c:\programdata\SearchNewTab\518a6ab57b7b6.dll
  41. c:\programdata\SearchNewTab\518a6ab57b7b6.tlb
  42. c:\programdata\SearchNewTab\518b30fc7f732.dll
  43. c:\programdata\SearchNewTab\518b30fc7f732.tlb
  44. c:\programdata\SearchNewTab\518c66d15abb3.dll
  45. c:\programdata\SearchNewTab\518c66d15abb3.tlb
  46. c:\programdata\SearchNewTab\5192f1ad51ab9.dll
  47. c:\programdata\SearchNewTab\5192f1ad51ab9.tlb
  48. c:\programdata\SearchNewTab\data\SearchNewTab.dat
  49. c:\programdata\SearchNewTab\settings.ini
  50. c:\users\chrusty\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
  51. c:\users\chrusty\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
  52. .
  53. .
  54. (((((((((((((((((((((((((   Files Created from 2013-04-17 to 2013-05-17  )))))))))))))))))))))))))))))))
  55. .
  56. .
  57. 2013-05-17 13:12 . 2013-05-17 13:12     --------     d-----w-     c:\users\Default\AppData\Local\temp
  58. 2013-05-17 13:00 . 2013-05-17 13:00     54016        ----a-w-        c:\windows\system32\drivers\dpjflo.sys
  59. 2013-05-17 12:54 . 2013-05-17 12:54     --------     d-----w-     c:\programdata\Malwarebytes
  60. 2013-05-17 12:54 . 2013-05-17 12:54     --------     d-----w-     c:\program files\Malwarebytes' Anti-Malware
  61. 2013-05-17 12:54 . 2013-04-04 07:50     22856        ----a-w-        c:\windows\system32\drivers\mbam.sys
  62. 2013-05-17 10:42 . 2013-05-17 10:42     60872        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{5256F71D-8887-43F1-A9CA-008631EF09DA}\offreg.dll
  63. 2013-05-15 18:07 . 2013-05-15 18:07     --------     d-----w-     c:\program files\WSRMacros
  64. 2013-05-15 16:41 . 2013-05-15 16:41     71048        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
  65. 2013-05-15 16:41 . 2013-05-15 16:41     692104       ----a-w-       c:\windows\system32\FlashPlayerApp.exe
  66. 2013-05-15 16:41 . 2013-05-15 16:41     --------     d-----w-     c:\windows\system32\Macromed
  67. 2013-05-15 16:32 . 2013-05-16 16:55     --------     d-----w-     c:\programdata\GameXN
  68. 2013-05-14 16:45 . 2012-11-29 09:31     31584        ----a-w-        c:\windows\system32\TURegOpt.exe
  69. 2013-05-14 16:45 . 2012-11-29 09:31     21344        ----a-w-        c:\windows\system32\authuitu.dll
  70. 2013-05-14 16:45 . 2013-05-14 16:45     --------     d-----w-     c:\program files\TuneUp Utilities 2013
  71. 2013-05-14 16:45 . 2013-05-14 16:45     --------     d-----w-     c:\programdata\TuneUp Software
  72. 2013-05-14 16:45 . 2013-05-14 17:34     --------     d-sh--w-     c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
  73. 2013-05-14 16:45 . 2013-05-14 16:45     --------     d--h--w-     c:\programdata\Common Files
  74. 2013-05-14 16:23 . 2013-05-14 16:23     --------     d-----w-     c:\program files\Cheat Engine 6.2
  75. 2013-05-09 12:00 . 2013-05-09 12:00     --------     d-----w-     c:\program files\IQ Publishing
  76. 2013-05-09 11:51 . 2013-05-09 11:51     --------     d-----w-     c:\program files\DAEMON Tools Toolbar
  77. 2013-05-09 11:50 . 2013-05-09 11:51     --------     d-----w-     c:\program files\DAEMON Tools Lite
  78. 2013-05-09 11:50 . 2013-05-09 11:50     --------     d-----w-     c:\programdata\DAEMON Tools Lite
  79. 2013-05-09 05:17 . 2013-05-09 05:17     --------     d-----w-     c:\programdata\StarApp
  80. 2013-05-08 17:17 . 2013-05-08 17:17     --------     d-----w-     c:\program files\FDRLab
  81. 2013-05-08 17:15 . 2013-05-08 17:15     --------     d-----w-     c:\program files\DownloadToolz
  82. 2013-05-08 16:54 . 2013-05-08 16:54     --------     d-----w-     c:\programdata\Baidu Security
  83. 2013-05-08 16:54 . 2013-05-08 16:54     --------     d-----w-     c:\program files\Baidu Security
  84. 2013-05-08 16:41 . 2013-05-08 16:41     --------     d-----w-     c:\programdata\Tarma Installer
  85. 2013-05-08 16:03 . 2013-05-08 16:03     --------     d-----w-     c:\program files\WinPcap
  86. 2013-05-08 16:00 . 2013-05-08 16:03     --------     d-----w-     c:\program files\netcut
  87. 2013-05-08 15:11 . 2013-05-08 15:11     --------     d-----w-     c:\programdata\Atelier Web
  88. 2013-05-08 15:11 . 2013-05-08 15:11     --------     d-----w-     c:\program files\Atelier Web
  89. 2013-05-08 15:09 . 2013-05-15 01:40     --------     d-----w-     c:\program files\WebSearch
  90. 2013-05-08 15:07 . 2013-05-15 01:40     --------     d-----w-     c:\program files\ContinueToSave
  91. 2013-05-08 15:05 . 2013-05-15 01:41     --------     d-----w-     c:\programdata\InstallMate
  92. 2013-05-08 14:57 . 2013-05-08 14:57     821736       ----a-w-       c:\windows\system32\npDeployJava1.dll
  93. 2013-05-08 14:57 . 2013-05-08 14:57     746984       ----a-w-       c:\windows\system32\deployJava1.dll
  94. 2013-05-08 14:57 . 2013-05-08 14:57     93672        ----a-w-        c:\windows\system32\WindowsAccessBridge.dll
  95. 2013-05-08 14:56 . 2013-05-08 14:57     --------     d-----w-     c:\program files\Java
  96. 2013-05-05 02:38 . 2013-05-05 02:38     --------     d-----w-     c:\program files\Application Updater
  97. 2013-05-05 02:38 . 2013-05-05 02:38     --------     d-----w-     c:\program files\SearchMe Toolbar
  98. 2013-05-05 02:38 . 2013-05-05 02:38     --------     d-----w-     c:\program files\Common Files\Spigot
  99. 2013-05-05 02:36 . 2013-05-05 02:36     --------     d-----w-     c:\windows\system32\C2MP
  100. 2013-05-03 15:15 . 2013-05-03 15:15     --------     d-----w-     c:\programdata\Yahoo!
  101. 2013-05-03 15:15 . 2013-05-03 15:15     --------     d-----w-     c:\program files\Yahoo!
  102. 2013-05-02 18:20 . 2013-05-02 18:21     --------     d-----w-     c:\program files\PutLockerDownloader.com
  103. 2013-05-02 17:58 . 2013-05-02 17:58     --------     d-----w-     c:\program files\Optimizer Pro
  104. 2013-05-02 12:36 . 2013-05-13 14:06     2828 --sha-w- c:\programdata\KGyGaAvL.sys
  105. 2013-05-02 12:23 . 2013-05-02 12:36     --------     d-----w-     c:\programdata\Corel
  106. 2013-05-02 12:23 . 2013-05-02 12:23     --------     d-----w-     c:\program files\Common Files\Protexis
  107. 2013-05-02 12:21 . 2013-05-02 12:21     --------     d-----w-     c:\program files\Common Files\Corel
  108. 2013-05-02 12:21 . 2013-05-02 12:21     --------     d-----w-     c:\program files\Corel
  109. 2013-05-01 07:21 . 2013-05-16 09:24     69792        ----a-w-        c:\windows\system32\rpcnet.dll
  110. 2013-05-01 07:21 . 2013-05-01 07:20     69792        ------w-        c:\windows\system32\rpcnet.exe
  111. 2013-04-30 16:48 . 2013-04-30 16:48     16896        ----a-w-        c:\windows\AsTaskSched.dll
  112. 2013-04-30 16:48 . 2013-04-30 16:48     --------     d-----w-     c:\windows\system32\SRSLabs
  113. 2013-04-30 16:48 . 2013-04-30 16:48     --------     d-----w-     c:\windows\system32\RTCOM
  114. 2013-04-30 16:48 . 2010-07-14 06:51     8    ------r-    c:\windows\system32\drivers\rtkhdaud.dat
  115. 2013-04-30 16:48 . 2010-07-14 06:51     4692 ------r- c:\windows\system32\drivers\SamSfPa.dat
  116. 2013-04-30 16:48 . 2011-09-30 05:35     2275432      ----a-w-      c:\windows\system32\RtkPgExt.dll
  117. 2013-04-30 16:48 . 2011-09-26 06:21     82024        ----a-w-        c:\windows\system32\RtkCoInst.dll
  118. 2013-04-30 16:48 . 2011-08-19 06:54     1313384      ----a-w-      c:\windows\system32\RtkApoApi.dll
  119. 2013-04-30 16:24 . 2008-08-26 03:02     1580 ----a-w- c:\windows\Uninstsxga.bat
  120. 2013-04-30 16:24 . 2008-08-11 03:14     1752704      ----a-w-      c:\windows\system32\drivers\snp2uvc.sys
  121. 2013-04-30 16:24 . 2008-06-25 12:38     2052 ----a-w- c:\windows\Uninstvga.bat
  122. 2013-04-30 16:24 . 2008-06-25 12:00     1682 ----a-w- c:\windows\Uninstuxga.bat
  123. 2013-04-30 16:24 . 2008-05-12 04:20     28672        ----a-w-        c:\windows\system32\drivers\sncduvc.sys
  124. 2013-04-30 16:24 . 2008-03-21 14:44     384  ----a-w-  c:\windows\Uninstvga.reg
  125. 2013-04-30 16:24 . 2008-03-21 14:44     386  ----a-w-  c:\windows\Uninstsxga.reg
  126. 2013-04-30 16:24 . 2008-03-21 14:38     386  ----a-w-  c:\windows\Uninstuxga.reg
  127. 2013-04-30 16:24 . 2006-11-23 15:20     11776        ----a-w-        c:\windows\DrvInst.exe
  128. 2013-04-30 15:54 . 2011-11-22 06:28     334440       ----a-w-       c:\windows\RtsUvcUninst.exe
  129. 2013-04-30 15:54 . 2011-11-22 06:28     297576       ----a-w-       c:\windows\system32\RtsUvcExt.dll
  130. 2013-04-30 14:55 . 2013-04-30 14:55     --------     d-----w-     c:\program files\Common Files\Skype
  131. 2013-04-30 14:55 . 2013-04-30 15:01     --------     d-----r-     c:\program files\Skype
  132. 2013-04-30 14:26 . 2013-04-30 14:56     --------     d-----w-     c:\programdata\Skype
  133. 2013-04-30 10:49 . 2013-04-30 10:49     --------     d-----w-     c:\program files\Common Files\SolidDocuments
  134. 2013-04-30 10:49 . 2013-04-30 10:49     --------     d-----w-     c:\program files\SolidDocuments
  135. 2013-04-30 10:48 . 2013-04-30 10:48     --------     d-----w-     c:\program files\Internet Download Manager
  136. 2013-04-27 17:34 . 2013-04-27 17:34     --------     d-----w-     c:\program files\GNU
  137. 2013-04-27 17:33 . 2013-04-27 17:33     --------     d-----w-     c:\program files\AC3Filter
  138. 2013-04-27 17:33 . 2009-08-11 14:18     497664       ----a-w-       c:\windows\system32\ac3filter.acm
  139. 2013-04-27 17:33 . 2013-04-27 17:33     --------     d-----w-     c:\program files\GRETECH
  140. 2013-04-27 01:45 . 2013-04-26 10:54     --------     d-----w-     c:\windows\Panther
  141. 2013-04-27 01:45 . 2013-04-27 01:45     --------     d-----w-     C:\Boot
  142. 2013-04-27 00:47 . 2013-05-01 07:15     17408        ----a-w-        c:\windows\system32\rpcnetp.dll
  143. 2013-04-27 00:46 . 2013-05-17 10:21     17408        ----a-w-        c:\windows\system32\rpcnetp.exe
  144. 2013-04-26 13:15 . 2013-04-27 17:29     --------     d-----w-     c:\program files\Google
  145. 2013-04-26 13:10 . 2013-04-16 23:31     6906960      ----a-w-      c:\programdata\Microsoft\Windows Defender\Definition Updates\{5256F71D-8887-43F1-A9CA-008631EF09DA}\mpengine.dll
  146. 2013-04-26 12:47 . 2013-04-26 12:47     --------     d-----w-     c:\programdata\EA Core
  147. 2013-04-26 12:47 . 2013-04-26 12:47     --------     d-----w-     c:\programdata\Electronic Arts
  148. 2013-04-26 12:46 . 2013-04-26 12:46     --------     d-----w-     c:\program files\7-Zip
  149. 2013-04-26 12:23 . 2013-05-17 12:03     --------     d-----w-     c:\program files\Opera
  150. 2013-04-26 12:21 . 2013-04-26 12:21     --------     d-----w-     c:\program files\Smartfren Connex CE682 UI
  151. 2013-04-26 12:21 . 2011-04-04 09:47     21504        ----a-w-        c:\windows\system32\drivers\USB_MODEM_H.sys
  152. 2013-04-26 12:21 . 2009-11-04 20:50     38400        ----a-w-        c:\windows\system32\drivers\USB_BusEnum_H.sys
  153. 2013-04-26 12:21 . 2009-10-26 17:45     30080        ----a-w-        c:\windows\system32\drivers\USB_WinMux_H.sys
  154. 2013-04-26 12:21 . 2008-05-28 16:02     16128        ----a-w-        c:\windows\system32\drivers\USB_ETS_H.sys
  155. 2013-04-26 11:59 . 2013-05-09 11:50     691696       ----a-w-       c:\windows\system32\drivers\sptd.sys
  156. 2013-04-26 11:31 . 2013-04-26 11:31     --------     d-----w-     c:\program files\Microsoft Synchronization Services
  157. 2013-04-26 11:31 . 2013-04-26 11:31     --------     d-----w-     c:\windows\PCHEALTH
  158. 2013-04-26 11:31 . 2013-04-26 11:31     --------     d-----w-     c:\program files\Microsoft.NET
  159. 2013-04-26 11:31 . 2013-04-26 11:31     --------     d-----w-     c:\program files\Microsoft Sync Framework
  160. 2013-04-26 11:31 . 2013-04-26 11:31     --------     d-----w-     c:\program files\Microsoft SQL Server Compact Edition
  161. 2013-04-26 11:30 . 2013-04-26 11:30     --------     d-----w-     c:\program files\Microsoft Visual Studio 8
  162. 2013-04-26 11:29 . 2013-04-26 11:29     --------     d-----w-     c:\program files\Microsoft Analysis Services
  163. 2013-04-26 11:29 . 2013-04-26 11:33     --------     d-----w-     c:\programdata\Microsoft Help
  164. 2013-04-26 11:28 . 2013-04-26 11:28     --------     d-----r-     C:\MSOCache
  165. 2013-04-26 11:25 . 2013-04-26 11:25     --------     d-----w-     c:\program files\Common Files\Adobe AIR
  166. 2013-04-26 11:25 . 2013-04-26 11:25     --------     d-----w-     c:\program files\Common Files\Adobe
  167. 2013-04-26 11:20 . 2011-11-22 06:28     6345064      ----a-r-      c:\windows\system32\drivers\rtsuvc.sys
  168. 2013-04-26 11:20 . 2013-04-30 16:47     --------     d-----w-     c:\program files\Realtek
  169. 2013-04-26 11:15 . 2011-11-23 08:14     2227712      ----a-w-      c:\windows\system32\drivers\athr.sys
  170. 2013-04-26 11:15 . 2011-11-23 08:14     2227712      ----a-w-      c:\windows\system32\athr.sys
  171. 2013-04-26 11:15 . 2013-04-26 11:15     --------     d-----w-     c:\program files\Qualcomm Atheros WiFi Driver Installation
  172. 2013-04-26 11:14 . 2013-04-26 11:14     --------     d-----w-     c:\programdata\Qualcomm Atheros
  173. 2013-04-26 11:14 . 2013-04-26 11:14     --------     d-----w-     c:\program files\Elantech
  174. 2013-04-26 11:14 . 2011-03-10 14:17     4881704      ----a-w-      c:\windows\system32\ETDUI.cpl
  175. 2013-04-26 11:14 . 2011-03-10 14:17     118568       ----a-w-       c:\windows\system32\drivers\ETD.sys
  176. 2013-04-26 11:13 . 2013-04-26 11:13     --------     dc----w-     c:\windows\system32\DRVSTORE
  177. 2013-04-26 11:13 . 2010-05-20 04:02     13224        ----a-w-        c:\windows\system32\drivers\AiDriver.sys
  178. 2013-04-26 11:13 . 2013-04-26 11:13     --------     d-----w-     c:\program files\ASUS
  179. 2013-04-26 11:11 . 2013-05-16 09:24     --------     d--h--w-     c:\program files\InstallShield Installation Information
  180. 2013-04-26 11:04 . 2013-04-26 11:04     --------     d-----w-     c:\programdata\NVIDIA
  181. 2013-04-26 10:59 . 2013-05-15 18:07     --------     d-sh--w-     c:\windows\Installer
  182. .
  183. .
  184. ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
  185. .
  186. 2013-04-16 10:35 . 2013-04-16 10:35     3915776      ----a-w-      c:\windows\system32\ffmpeg.dll
  187. 2013-04-16 10:33 . 2013-04-16 10:33     112640       ----a-w-       c:\windows\system32\ff_vfw.dll
  188. 2013-04-16 10:33 . 2013-04-16 10:33     3501568      ----a-w-      c:\windows\system32\ffdshow.ax
  189. 2013-04-16 10:32 . 2013-04-16 10:32     157184       ----a-w-       c:\windows\system32\ff_unrar.dll
  190. 2013-04-16 10:32 . 2013-04-16 10:32     271360       ----a-w-       c:\windows\system32\TomsMoComp_ff.dll
  191. 2013-04-16 10:32 . 2013-04-16 10:32     99840        ----a-w-        c:\windows\system32\ff_wmv9.dll
  192. 2013-04-16 10:32 . 2013-04-16 10:32     211968       ----a-w-       c:\windows\system32\ff_libdts.dll
  193. 2013-04-16 10:32 . 2013-04-16 10:32     147456       ----a-w-       c:\windows\system32\ff_libmad.dll
  194. 2013-04-16 10:32 . 2013-04-16 10:32     1525760      ----a-w-      c:\windows\system32\ff_samplerate.dll
  195. 2013-04-16 10:32 . 2013-04-16 10:32     114688       ----a-w-       c:\windows\system32\ff_liba52.dll
  196. 2013-04-16 10:32 . 2013-04-16 10:32     136704       ----a-w-       c:\windows\system32\libmpeg2_ff.dll
  197. 2013-04-13 12:23 . 2013-04-13 12:23     7788672      ----a-w-      c:\windows\system32\avcodec-lav-55.dll
  198. 2013-04-13 12:23 . 2013-04-13 12:23     424624       ----a-w-       c:\windows\system32\LAVSplitter.ax
  199. 2013-04-13 12:23 . 2013-04-13 12:23     400592       ----a-w-       c:\windows\system32\swscale-lav-2.dll
  200. 2013-04-13 12:23 . 2013-04-13 12:23     284336       ----a-w-       c:\windows\system32\IntelQuickSyncDecoder.dll
  201. 2013-04-13 12:23 . 2013-04-13 12:23     272192       ----a-w-       c:\windows\system32\avutil-lav-52.dll
  202. 2013-04-13 12:23 . 2013-04-13 12:23     244400       ----a-w-       c:\windows\system32\LAVAudio.ax
  203. 2013-04-13 12:23 . 2013-04-13 12:23     194632       ----a-w-       c:\windows\system32\avfilter-lav-3.dll
  204. 2013-04-13 12:23 . 2013-04-13 12:23     172728       ----a-w-       c:\windows\system32\avresample-lav-1.dll
  205. 2013-04-13 12:23 . 2013-04-13 12:23     1300152      ----a-w-      c:\windows\system32\avformat-lav-55.dll
  206. 2013-04-13 12:23 . 2013-04-13 12:23     1185456      ----a-w-      c:\windows\system32\LAVVideo.ax
  207. .
  208. .
  209. (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
  210. .
  211. .
  212. *Note* empty entries & legit default entries are not shown
  213. REGEDIT4
  214. .
  215. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
  216. @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
  217. [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
  218. 2012-02-08 00:49        22376   ----a-w-   c:\program files\Internet Download Manager\IDMShellExt.dll
  219. .
  220. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  221. "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2012-10-26 3540416]
  222. "Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-02-28 18642024]
  223. "uTorrent"="c:\users\chrusty\AppData\Roaming\uTorrent\uTorrent.exe" [2013-05-02 1040720]
  224. "Optimizer Pro"="c:\program files\Optimizer Pro\OptProLauncher.exe" [2012-10-30 81952]
  225. "Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2012-05-24 6595928]
  226. "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
  227. "Browser Infrastructure Helper"="c:\users\chrusty\AppData\Local\Smartbar\Application\SnapDo.exe" [2013-04-02 20992]
  228. "GameXN GO"="c:\programdata\GameXN\GameXNGO.exe" [2013-05-15 348440]
  229. "Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2009-07-14 51712]
  230. .
  231. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  232. "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-11 13789728]
  233. "ETDCtrl"="c:\program files\Elantech\ETDCtrl.exe" [2011-03-10 1813800]
  234. "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
  235. "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-09-28 11004520]
  236. "SearchSettings"="c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe" [2013-02-23 1297728]
  237. .
  238. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
  239. "Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2013-04-04 532040]
  240. "Malwarebytes Anti-Malware (cleanup)"="c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll" [2013-04-04 1127496]
  241. .
  242. c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
  243. CodecPackUpdateChecker.lnk - c:\windows\System32\C2MP\UpdateChecker.exe [2013-4-19 48248]
  244. .
  245. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
  246. "ConsentPromptBehaviorAdmin"= 5 (0x5)
  247. "ConsentPromptBehaviorUser"= 3 (0x3)
  248. "EnableUIADesktopToggle"= 0 (0x0)
  249. .
  250. [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
  251. "aux"=wdmaud.drv
  252. .
  253. [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
  254. "iSeriesCharge"=AsusSender.exe c:\program files\ASUS\USBChargeSetting\iSeriesCharge.exe
  255. "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
  256. .
  257. R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
  258. R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x]
  259. R3 rtsuvc;Realtek USB 2.0 PC Camera;c:\windows\system32\DRIVERS\rtsuvc.sys [x]
  260. R3 USB_BusEnum_H;EVDO Telecom USB Bus Enumerator h;c:\windows\system32\DRIVERS\USB_BusEnum_H.sys [x]
  261. R3 USB_ETS_H;EVDO Rev A Service USB port h;c:\windows\system32\DRIVERS\USB_ETS_H.sys [x]
  262. R3 USB_WinMux_H;EVDO Telecom USB MUX Serial Port h;c:\windows\system32\DRIVERS\USB_WinMux_H.sys [x]
  263. R3 UsbModemDriver;EVDO Rev A USB Modem h;c:\windows\system32\DRIVERS\USB_MODEM_H.sys [x]
  264. R4 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [x]
  265. R4 CDROM_Eject_H;CDROM_Eject_H;c:\program files\Smartfren Connex CE682 UI\HEject.exe [x]
  266. S0 AiDriver;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiDriver.sys [x]
  267. S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
  268. S2 AIPS;Arp Intelligent Protection Service;c:\program files\netcut\services\AIPS.exe [x]
  269. S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [x]
  270. S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
  271. S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
  272. S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
  273. S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [x]
  274. S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
  275. S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
  276. S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
  277. S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [x]
  278. .
  279. .
  280. --- Other Services/Drivers In Memory ---
  281. .
  282. *NewlyCreated* - MBAMPROTECTOR
  283. .
  284. [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
  285. 2013-04-27 17:29        1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
  286. .
  287. Contents of the 'Scheduled Tasks' folder
  288. .
  289. 2013-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  290. - c:\program files\Google\Update\GoogleUpdate.exe [2013-04-27 17:29]
  291. .
  292. 2013-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  293. - c:\program files\Google\Update\GoogleUpdate.exe [2013-04-27 17:29]
  294. .
  295. .
  296. ------- Supplementary Scan -------
  297. .
  298. uStart Page = hxxp://websearch.lookforithere.info/?pid=727&r=2013/05/15&hid=642164211&lg=EN&cc=ID&unqvl=14
  299. mStart Page = hxxp://websearch.lookforithere.info/?pid=727&r=2013/05/15&hid=642164211&lg=EN&cc=ID&unqvl=14
  300. uInternet Settings,ProxyServer = 95.77.97.146:8080
  301. uSearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=ID&userid=a19e70e9-4ff9-48cf-baf3-3dee0e859773&searchtype=ds&q={searchTerms}&installDate=14/05/2013
  302. IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
  303. IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
  304. IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
  305. IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
  306. TCP: DhcpNameServer = 94.242.206.150 184.82.128.138
  307. .
  308. - - - - ORPHANS REMOVED - - - -
  309. .
  310. BHO-{219A3A5C-319A-7D5E-C22D-77F9A02BA005} - c:\programdata\contiinuuetooseauvee\5192f1864d190.dll
  311. BHO-{46AE36A3-0189-676F-3353-D3932482EC95} - c:\programdata\SearchNewTab\518c66d15abb3.dll
  312. BHO-{68F1C996-4748-DC61-8CD3-87AE9AEE6460} - c:\programdata\ccontiNuetooSave\518c66b6b29ca.dll
  313. BHO-{9241D719-7B90-A880-3636-0E27654EC83E} - c:\programdata\SearchNewTab\518b30fc7f732.dll
  314. BHO-{F5B1FF33-E7F7-E5E6-FC37-262142456A05} - c:\programdata\SearchNewTab\518a6ab57b7b6.dll
  315. AddRemove-{C1C6816E-CBB3-A748-85F9-A8B47B68985B} - c:\programdata\contiinuuetooseauvee\uninstall.exe
  316. .
  317. .
  318. .
  319. --------------------- LOCKED REGISTRY KEYS ---------------------
  320. .
  321. [HKEY_USERS\S-1-5-21-2648890081-3013141611-3806427358-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2]
  322. @Denied: (Full) (Everyone)
  323. @Allowed: (A B C D E 1 2 3 4 5 6 0x0001c0) (Administrators)
  324. .
  325. [HKEY_USERS\S-1-5-21-2648890081-3013141611-3806427358-1000_Classes\CLSID\{1e19fed3-91ed-4b39-b75a-b17ae6063d80}]
  326. @Denied: (Full) (Everyone)
  327. @Allowed: (Read) (RestrictedCode)
  328. "Model"=dword:00000088
  329. "Therad"=dword:00000012
  330. .
  331. [HKEY_USERS\S-1-5-21-2648890081-3013141611-3806427358-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
  332. @Denied: (Full) (Everyone)
  333. @Allowed: (Read) (RestrictedCode)
  334. "scansk"=hex(0):24,c0,e7,01,3d,7e,08,4c,0f,7e,32,3f,8e,f1,7f,e3,4a,16,65,f2,3b,
  335.    10,29,33,c3,82,dc,90,a7,64,a1,f0,0a,3d,bc,cf,2c,7d,57,7e,00,00,00,00,00,00,\
  336. .
  337. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
  338. @Denied: (A) (Users)
  339. @Denied: (A) (Everyone)
  340. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  341. "BlindDial"=dword:00000000
  342. .
  343. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
  344. @Denied: (A) (Users)
  345. @Denied: (A) (Everyone)
  346. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  347. "BlindDial"=dword:00000000
  348. .
  349. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
  350. @Denied: (A) (Users)
  351. @Denied: (A) (Everyone)
  352. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  353. "BlindDial"=dword:00000000
  354. .
  355. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
  356. @Denied: (A) (Users)
  357. @Denied: (A) (Everyone)
  358. @Allowed: (B 1 2 3 4 5) (S-1-5-20)
  359. "BlindDial"=dword:00000000
  360. .
  361. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  362. @Denied: (Full) (Everyone)
  363. .
  364. Completion time: 2013-05-17  20:14:29
  365. ComboFix-quarantined-files.txt  2013-05-17 13:14
  366. .
  367. Pre-Run: 27,428,560,896 bytes free
  368. Post-Run: 27,395,678,208 bytes free
  369. .
  370. - - End Of File - - F6725A1EADA543698DB73211C59AFB2D
Language:





© 2014 - Powered by PASTE 1.0