I'm posting the combofix log for the user as its easier to read.
ComboFix 11-12-02.01 - ma 12/02/2011 20:32:35.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1256.20.1033.18.3068.2148 [GMT 2:00]
Running from: c:\users\Public\Pictures\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
C:\data
c:\data\default\us_sres.data
C:\ErrLog.txt
c:\program files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
c:\program files\Spyware Cease
c:\program files\Spyware Cease\AutoUpdate.exe
c:\program files\Spyware Cease\bmgac
c:\program files\Spyware Cease\dxddd
c:\program files\Spyware Cease\fp.fpl
c:\program files\Spyware Cease\hrdb.hrl
c:\program files\Spyware Cease\idamx
c:\program files\Spyware Cease\iflee
c:\program files\Spyware Cease\ls.dat
c:\program files\Spyware Cease\LSR.lsr
c:\program files\Spyware Cease\md5.dll
c:\program files\Spyware Cease\mtools.dll
c:\program files\Spyware Cease\networkdll.dll
c:\program files\Spyware Cease\opfile.dll
c:\program files\Spyware Cease\QAreaDLL.dll
c:\program files\Spyware Cease\RkHitApi.dll
c:\program files\Spyware Cease\sctdll.dll
c:\program files\Spyware Cease\spkdll.dll
c:\program files\Spyware Cease\SpywareCease.chm
c:\program files\Spyware Cease\SpywareCease.exe
c:\program files\Spyware Cease\SpywareCease.url
c:\program files\Spyware Cease\udefend.dll
c:\program files\Spyware Cease\unins000.dat
c:\program files\Spyware Cease\unins000.exe
c:\program files\Spyware Cease\update\Update.ini
c:\program files\Spyware Cease\ussafe.dll
c:\program files\Spyware Cease\vf
c:\program files\Spyware Cease\vsn.lst
c:\program files\Spyware Cease\wcfile.lst
c:\program files\Spyware Cease\wl.swl
c:\program files\Spyware Cease\xxcum
c:\program files\Spyware Cease\zlib1.dll
c:\program files\Spyware Process Detector
c:\program files\Spyware Process Detector\Base\good.spd
c:\program files\Spyware Process Detector\Base\process.spd
c:\program files\Spyware Process Detector\Base\startup.spd
c:\program files\Spyware Process Detector\Base\system.spd
c:\program files\Spyware Process Detector\Help\english.chm
c:\program files\Spyware Process Detector\Help\english.mnl
c:\program files\Spyware Process Detector\Plugin\belarusian.lng
c:\program files\Spyware Process Detector\Plugin\bulgarian.lng
c:\program files\Spyware Process Detector\Plugin\czech.lng
c:\program files\Spyware Process Detector\Plugin\deutsch.lng
c:\program files\Spyware Process Detector\Plugin\english.lng
c:\program files\Spyware Process Detector\Plugin\francais.lng
c:\program files\Spyware Process Detector\Plugin\hungarian.lng
c:\program files\Spyware Process Detector\Plugin\italian.lng
c:\program files\Spyware Process Detector\Plugin\romanian.lng
c:\program files\Spyware Process Detector\Plugin\russian.lng
c:\program files\Spyware Process Detector\register.url
c:\program files\Spyware Process Detector\spd322.cfg
c:\program files\Spyware Process Detector\spd322.dll
c:\program files\Spyware Process Detector\spd322.exe
c:\program files\Spyware Process Detector\spd322.sys
c:\program files\Spyware Process Detector\spydetector.url
c:\program files\Spyware Process Detector\Uninstall\IssSurvey.dll
c:\program files\Spyware Process Detector\Uninstall\IssSurvey.ini
c:\program files\Spyware Process Detector\Uninstall\unins000.dat
c:\program files\Spyware Process Detector\Uninstall\unins000.exe
c:\program files\Windows Searchqu Toolbar
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware Cease
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware Cease\Spyware Cease on the Web.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware Cease\Spyware Cease.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware Cease\Uninstall Spyware Cease.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware Process Detector
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware Process Detector\Online Registration.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware Process Detector\Spyware Process Detector v3.22.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware Process Detector\User Manual.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Spyware Process Detector\Visit our Site.lnk
C:\Thumbs.db
c:\users\ma\AppData\Local\Setup.exe
c:\users\ma\AppData\Roaming\addons.dat
c:\users\ma\AppData\Roaming\desktop.ini
c:\users\ma\AppData\Roaming\L3G!T-Labs\jdvs
c:\users\ma\AppData\Roaming\ntuser.dat
c:\users\ma\kfql59xacm.exe
c:\windows\$NtUninstallKB7045$
c:\windows\$NtUninstallKB7045$\1258669978
c:\windows\$NtUninstallKB7045$\270660699\@
c:\windows\$NtUninstallKB7045$\270660699\L\xadqgnnk
c:\windows\{2521BB91-29B1-4d7e-9137-AC9875D77735}
c:\windows\1542725904
c:\windows\174926236
c:\windows\7Loader.TAG
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf
c:\windows\system32\
c:\windows\system32\BReWErS.dll
c:\windows\system32\c_08084.nl_
c:\windows\system32\c_08084.nls
c:\windows\system32\Cache
c:\windows\system32\drivers\zbvkirtst9.sys
c:\windows\system32\muzapp.exe
c:\windows\system32\SARCheck.dll
c:\windows\system32\tmp.tmp
C:\
www.google.com.htm
.
Infected copy of c:\windows\system32\drivers\tdx.sys was found and disinfected
Restored copy from - The cat found it
c:\windows\system32\atiesrxx.exe . . . is infected!!
c:\windows\system32\atiesrxx.exe . . . was deleted!! You should re-install the program it pertains to
.
Infected copy of c:\program files\Bonjour\mDNSResponder.exe was found and disinfected
Restored copy from - c:\program files\Bonjour\
.
Infected copy of c:\program files\Connectify\ConnectifyService.exe was found and disinfected
Restored copy from - c:\program files\Connectify\
.
Infected copy of c:\program files\Google\Update\GoogleUpdate.exe was found and disinfected
Restored copy from - c:\program files\Google\Update\
.
Infected copy of c:\program files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe was found and disinfected
Restored copy from - c:\program files\Norton AntiVirus\Engine\18.6.0.29\
.
Infected copy of c:\program files\PC Connectivity Solution\ServiceLayer.exe was found and disinfected
Restored copy from - c:\program files\PC Connectivity Solution\
.
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe . . . is infected!!
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe . . . was deleted!! You should re-install the program it pertains to
.
Infected copy of c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE was found and disinfected
Restored copy from - c:\program files\Common Files\microsoft shared\Windows Live\
.
Infected copy of c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe was found and disinfected
Restored copy from - c:\program files\Yahoo!\SoftwareUpdate\
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_RKHIT
-------\Service_1021f45b
-------\Service_RkHit
-------\Service_T
-------\Legacy_spd3ssl
-------\Legacy_zbvkirtst9
-------\Legacy_spd3ssl
-------\Service_spd3ssl
-------\Service_zbvkirtst9
-------\Service_spd3ssl
.
.
((((((((((((((((((((((((( Files Created from 2011-11-02 to 2011-12-02 )))))))))))))))))))))))))))))))
.
.
2011-12-02 18:43 . 2011-12-02 18:47 -------- d-----w- c:\users\ma\AppData\Local\temp
2011-12-02 18:43 . 2011-12-02 18:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-02 18:43 . 2011-12-02 18:43 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-12-01 12:02 . 2011-12-01 12:02 -------- d-----w- c:\users\ma\AppData\Roaming\vghd
2011-12-01 04:20 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-11-28 23:20 . 2011-10-31 09:22 821824 ----a-w- c:\windows\system32\dgderapi.dll
2011-11-28 16:01 . 2011-11-29 12:09 -------- d-----w- c:\users\ma\AppData\Local\Samsung
2011-11-28 15:56 . 2011-10-27 01:25 1416680 ----a-w- c:\windows\system32\WdfCoInstaller01005.dll
2011-11-28 15:56 . 2011-10-27 01:25 1416680 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01005.dll
2011-11-28 15:56 . 2011-10-27 01:25 136808 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2011-11-28 15:56 . 2011-10-27 01:25 10344 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2011-11-28 15:56 . 2011-10-27 01:25 10344 ----a-w- c:\windows\system32\drivers\ssadwh.sys
2011-11-28 15:56 . 2011-10-27 01:25 30312 ----a-w- c:\windows\system32\drivers\ssadadb.sys
2011-11-28 15:56 . 2011-10-27 01:25 12776 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2011-11-28 15:56 . 2011-10-27 01:25 121064 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2011-11-28 15:56 . 2011-10-27 01:25 10472 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2011-11-28 15:56 . 2011-10-27 01:25 10472 ----a-w- c:\windows\system32\drivers\ssadcm.sys
2011-11-28 15:55 . 2011-10-27 01:25 14920 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys
2011-11-28 15:55 . 2011-10-27 01:25 132424 ----a-w- c:\windows\system32\drivers\sscdmdm.sys
2011-11-28 15:55 . 2011-10-27 01:25 12616 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys
2011-11-28 15:55 . 2011-10-27 01:25 12616 ----a-w- c:\windows\system32\drivers\sscdcm.sys
2011-11-28 15:55 . 2011-10-27 01:25 12488 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys
2011-11-28 15:55 . 2011-10-27 01:25 12488 ----a-w- c:\windows\system32\drivers\sscdwh.sys
2011-11-28 15:55 . 2011-10-27 01:25 104648 ----a-w- c:\windows\system32\drivers\sscdbus.sys
2011-11-28 15:53 . 2011-10-31 09:22 4659712 ----a-w- c:\windows\system32\Redemption.dll
2011-11-25 04:28 . 2011-11-25 04:30 -------- d-----w- c:\users\loda
2011-11-25 04:25 . 2011-11-25 04:25 94896 ----a-w- c:\windows\system32\drivers\49096678.sys
2011-11-25 04:25 . 2011-11-25 04:25 94896 ----a-w- c:\windows\system32\drivers\60885264.sys
2011-11-25 04:24 . 2011-11-25 04:24 94896 ----a-w- c:\windows\system32\drivers\65446781.sys
2011-11-25 04:21 . 2011-11-25 04:21 0 ----a-w- c:\users\ma\AppData\Local\BITD825.tmp
2011-11-25 04:12 . 2011-11-25 04:12 0 ----a-w- c:\users\ma\AppData\Local\BITD138.tmp
2011-11-25 02:32 . 2011-12-01 04:22 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-11-23 13:31 . 2011-11-23 13:43 -------- d-----w- c:\program files\DISCIPLINE
2011-11-21 14:53 . 2011-11-21 14:53 -------- d-----w- c:\users\ma\Livestation
2011-11-21 14:53 . 2011-11-21 14:53 -------- d-----w- c:\users\ma\AppData\Roaming\Mchid
2011-11-21 14:53 . 2011-11-21 14:53 -------- d-----w- c:\users\ma\AppData\Roaming\Livestation
2011-11-21 14:52 . 2011-11-21 14:52 -------- d-----w- c:\program files\OpenAL
2011-11-21 14:52 . 2011-11-21 14:52 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2011-11-21 14:52 . 2011-11-21 14:52 110592 ----a-w- c:\windows\system32\OpenAL32.dll
2011-11-17 23:53 . 2011-11-18 01:29 -------- d-----w- c:\program files\DownVision
2011-11-17 23:52 . 2011-11-17 23:52 460624 ----a-w- c:\users\ma\AppData\Local\promo.exe
2011-11-14 17:25 . 2011-11-29 20:44 -------- d-----w- c:\users\ma\AppData\Roaming\Samsung
2011-11-14 15:04 . 2011-11-14 15:04 -------- d-----w- c:\program files\MarkAny
2011-11-14 15:03 . 2011-11-29 20:45 -------- d-----w- c:\programdata\Samsung
2011-11-14 15:03 . 2011-11-29 20:45 -------- d-----w- c:\program files\Samsung
2011-11-12 20:50 . 2011-11-12 20:50 -------- d-----w- c:\users\ma\AppData\Local\Skyrim
2011-11-11 21:25 . 2011-11-11 21:25 -------- d-----w- c:\program files\Apple Software Update
2011-11-10 01:45 . 2009-05-18 11:17 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2011-11-10 01:45 . 2008-04-17 10:12 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2011-11-10 01:05 . 2011-11-11 20:38 -------- d-----w- c:\users\ma\AppData\Roaming\redsn0w
2011-11-09 12:20 . 2011-11-14 16:25 -------- d-----w- c:\program files\iPod
2011-11-09 12:20 . 2011-11-09 12:22 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-25 17:32 . 2011-05-20 16:27 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-25 14:01 . 2009-07-13 23:11 35328 ----a-w- c:\windows\system32\drivers\npfs.sys
2011-11-02 12:51 . 2011-11-02 12:50 783 ----a-w- c:\programdata\1320237980.8128.bin
2011-11-02 12:51 . 2011-11-02 12:50 3255 ----a-w- c:\programdata\1320237980.8124.bin
2011-11-02 12:51 . 2011-11-02 12:46 11037 ----a-w- c:\programdata\1320237980.2952.bin
2011-11-02 12:51 . 2011-11-02 12:46 28797 ----a-w- c:\programdata\1320237980.4720.bin
2011-11-02 12:51 . 2011-11-02 12:50 507 ----a-w- c:\programdata\1320237980.8012.bin
2011-11-02 12:51 . 2011-11-02 12:46 2832 ----a-w- c:\programdata\1320237980.3444.bin
2011-11-02 12:50 . 2011-11-02 12:46 1304 ----a-w- c:\programdata\1320237980.5140.bin
2011-11-02 12:50 . 2011-11-02 12:46 5518 ----a-w- c:\programdata\1320237980.4900.bin
2011-11-02 12:46 . 2011-11-02 12:46 8624 ----a-w- c:\programdata\1320237980.2540.bin
2011-10-31 09:22 . 2011-10-31 09:22 81920 ----a-w- c:\windows\system32\issacapi_bs-2.3.dll
2011-10-31 09:22 . 2011-10-31 09:22 65536 ----a-w- c:\windows\system32\issacapi_pe-2.3.dll
2011-10-31 09:22 . 2011-10-31 09:22 57344 ----a-w- c:\windows\system32\issacapi_se-2.3.dll
2011-10-31 09:22 . 2011-10-31 09:22 49152 ----a-w- c:\windows\system32\MaJGUILib.dll
2011-10-31 09:22 . 2011-10-31 09:22 45056 ----a-w- c:\windows\system32\MaXMLProto.dll
2011-10-31 09:22 . 2011-10-31 09:22 40960 ----a-w- c:\windows\system32\MTTELECHIP.dll
2011-10-31 09:22 . 2011-10-31 09:22 200704 ----a-w- c:\windows\system32\muzwmts.dll
2011-10-31 09:22 . 2011-10-31 09:22 143360 ----a-w- c:\windows\system32\3DAudio.ax
2011-10-31 09:22 . 2011-10-31 09:22 135168 ----a-w- c:\windows\system32\muzaf1.dll
2011-10-31 09:22 . 2011-10-31 09:22 122880 ----a-w- c:\windows\system32\muzeffect.ax
2011-10-31 09:22 . 2011-10-31 09:22 118784 ----a-w- c:\windows\system32\MaDRM.dll
2011-10-31 09:22 . 2011-10-31 09:22 110592 ----a-w- c:\windows\system32\muzmp4sp.ax
2011-10-31 09:22 . 2011-10-31 09:22 974848 ----a-w- c:\windows\system32\cis-2.4.dll
2011-10-31 09:22 . 2011-10-31 09:22 57344 ----a-w- c:\windows\system32\MTXSYNCICON.dll
2011-10-31 09:22 . 2011-10-31 09:22 57344 ----a-w- c:\windows\system32\MK_Lyric.dll
2011-10-31 09:22 . 2011-10-31 09:22 569344 ----a-w- c:\windows\system32\muzdecode.ax
2011-10-31 09:22 . 2011-10-31 09:22 491520 ----a-w- c:\windows\system32\muzapp.dll
2011-10-31 09:22 . 2011-10-31 09:22 45056 ----a-w- c:\windows\system32\MACXMLProto.dll
2011-10-31 09:22 . 2011-10-31 09:22 40960 ----a-w- c:\windows\system32\MAMACExtract.dll
2011-10-31 09:22 . 2011-10-31 09:22 352256 ----a-w- c:\windows\system32\MSLUR71.dll
2011-10-31 09:22 . 2011-10-31 09:22 258048 ----a-w- c:\windows\system32\muzoggsp.ax
2011-10-31 09:22 . 2011-10-31 09:22 245760 ----a-w- c:\windows\system32\MSCLib.dll
2011-10-31 09:22 . 2011-10-31 09:22 24576 ----a-w- c:\windows\system32\MASetupCleaner.exe
2011-10-31 09:22 . 2011-10-31 09:22 155648 ----a-w- c:\windows\system32\MSFLib.dll
2011-10-31 09:22 . 2011-10-31 09:22 131072 ----a-w- c:\windows\system32\muzmpgsp.ax
2011-09-15 13:59 . 2011-09-15 13:55 25271 ----a-w- c:\programdata\1316094932.808.bin
2011-09-15 13:59 . 2011-09-15 13:55 24807 ----a-w- c:\programdata\1316094932.4828.bin
2011-09-15 13:58 . 2011-09-15 13:55 2832 ----a-w- c:\programdata\1316094932.4824.bin
2011-09-15 13:57 . 2011-09-15 13:57 507 ----a-w- c:\programdata\1316094932.1976.bin
2011-09-15 13:57 . 2011-09-15 13:56 1304 ----a-w- c:\programdata\1316094932.5548.bin
2011-09-15 13:57 . 2011-09-15 13:55 5518 ----a-w- c:\programdata\1316094932.3804.bin
2011-09-15 13:56 . 2011-09-15 13:55 9108 ----a-w- c:\programdata\1316094932.4868.bin
2011-09-15 00:17 . 2011-08-07 15:06 388096 ----a-w- c:\windows\system32\drivers\csc.sys
2011-09-14 22:25 . 2011-09-14 22:25 133001 ----a-w- c:\programdata\1316039083.bdinstall.bin
2011-09-14 21:36 . 2011-09-14 21:36 15526 ----a-w- c:\programdata\1316036191.bdinstall.bin
2011-09-14 21:36 . 2011-09-14 21:36 89035 ----a-w- c:\programdata\1316036123.bdinstall.bin
2011-09-14 09:47 . 2011-09-14 09:47 53760 ----a-w- c:\windows\system32\OVDecode.dll
2011-09-14 09:46 . 2011-09-14 09:46 13625856 ----a-w- c:\windows\system32\amdocl.dll
2011-09-14 09:38 . 2011-09-14 09:38 37376 ----a-w- c:\windows\system32\amdoclcl.dll
2011-09-14 02:53 . 2011-09-14 02:53 36352 ----a-w- c:\windows\system32\drivers\netbios.sys
2011-09-13 08:04 . 2011-08-07 15:04 78336 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-09-13 04:30 . 2011-09-13 04:30 32592 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2011-09-13 03:18 . 2011-09-13 03:18 717 ----a-w- c:\programdata\1315883904.2904.bin
2011-09-13 03:18 . 2011-09-13 03:18 459 ----a-w- c:\programdata\1315883904.1832.bin
2011-09-13 03:18 . 2011-09-13 03:18 442 ----a-w- c:\programdata\1315883904.2320.bin
2011-09-13 03:18 . 2011-09-13 03:18 462 ----a-w- c:\programdata\1315883904.3128.bin
2011-09-13 03:18 . 2011-09-13 03:18 24078 ----a-w- c:\programdata\1315883904.3020.bin
2011-09-13 02:23 . 2011-09-13 02:23 459 ----a-w- c:\programdata\1315880570.3144.bin
2011-09-13 02:23 . 2011-09-13 02:23 396 ----a-w- c:\programdata\1315880570.3208.bin
2011-09-13 02:23 . 2011-09-13 02:22 643 ----a-w- c:\programdata\1315880570.884.bin
2011-09-13 02:23 . 2011-09-13 02:22 24079 ----a-w- c:\programdata\1315880570.2708.bin
2011-09-13 02:23 . 2011-09-13 02:22 462 ----a-w- c:\programdata\1315880570.3908.bin
2011-09-08 18:26 . 2011-09-08 18:26 8606208 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-09-08 17:39 . 2011-09-08 17:39 18534912 ----a-w- c:\windows\system32\atioglxx.dll
2011-09-08 17:34 . 2011-09-08 17:34 151552 ----a-w- c:\windows\system32\atiapfxx.exe
2011-09-08 17:34 . 2011-05-25 03:07 732672 ----a-w- c:\windows\system32\aticfx32.dll
2011-09-08 17:30 . 2011-09-08 17:30 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-09-08 17:30 . 2011-09-08 17:30 401408 ----a-w- c:\windows\system32\atieclxx.exe
2011-09-08 17:28 . 2011-09-08 17:28 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2011-09-08 17:28 . 2011-09-08 17:28 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2011-09-08 17:28 . 2011-09-08 17:28 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-09-08 17:28 . 2011-09-08 17:28 20992 ----a-w- c:\windows\system32\atimuixx.dll
2011-09-08 17:28 . 2011-09-08 17:28 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-09-08 17:24 . 2010-10-07 01:29 4204032 ----a-w- c:\windows\system32\atidxx32.dll
2011-09-08 17:18 . 2011-09-08 17:18 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-09-08 17:09 . 2011-09-08 17:09 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-09-08 17:09 . 2011-09-08 17:09 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-09-08 17:08 . 2011-05-25 02:50 4064768 ----a-w- c:\windows\system32\atiumdva.dll
2011-09-08 17:05 . 2011-09-08 17:05 7331840 ----a-w- c:\windows\system32\aticaldd.dll
2011-09-08 17:05 . 2011-05-25 02:39 4289024 ----a-w- c:\windows\system32\atiumdag.dll
2011-09-08 16:59 . 2011-05-25 02:18 52736 ----a-w- c:\windows\system32\coinst.dll
2011-09-08 16:53 . 2011-09-08 16:53 270336 ----a-w- c:\windows\system32\atiadlxx.dll
2011-09-08 16:52 . 2011-09-08 16:52 13312 ----a-w- c:\windows\system32\atiglpxx.dll
2011-09-08 16:52 . 2011-09-08 16:52 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-09-08 16:52 . 2011-09-08 16:52 248832 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-09-08 16:51 . 2011-05-25 02:24 31744 ----a-w- c:\windows\system32\atiuxpag.dll
2011-09-08 16:51 . 2011-05-25 02:24 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-09-08 16:51 . 2011-09-08 16:51 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-09-08 16:50 . 2011-09-08 16:50 53760 ----a-w- c:\windows\system32\atimpc32.dll
2011-09-08 16:50 . 2011-09-08 16:50 53760 ----a-w- c:\windows\system32\amdpcom32.dll
2011-09-06 02:28 . 2011-10-12 18:03 2334720 ----a-w- c:\windows\system32\win32k.sys
2010-12-02 04:16 . 2011-02-25 10:17 675840 ----a-w- c:\program files\Uninstall OurBabymaker.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\Steam\Steam.exe" [2011-09-18 1242448]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2011-08-21 6276408]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-03-29 399736]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-11-02 928656]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-11-02 3508624]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-11-02 21392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2009-11-09 180224]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-07-29 9267816]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-08 343168]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2011-09-23 2404704]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-11-02 928656]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-11-02 3508624]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders credssp.dll, mevgtvfp.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RkHit.sys]
@=""
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" /background
"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R0 41022098;41022098;c:\windows\system32\drivers\00324302.sys [x]
R1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.6.0.29\Definitions\BASHDefs\20110415.001\BHDrvx86.sys [2011-04-19 802936]
R1 RemoveAny;RemoveAny driver;c:\windows\system32\Drivers\removeany.sys [2011-03-28 11392]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NAV\1206000.01D\SYMNETS.SYS [2011-03-22 296568]
R2 AcerSyncServiceWinService;AcerSyncServiceWinService;c:\program files\Acer\AcerSync\AcerSyncService.exe [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 NAV;Norton AntiVirus;c:\program files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe [2011-12-02 130008]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [x]
R3 42475455;42475455;c:\windows\system32\drivers\60885264.sys [2011-11-25 94896]
R3 48375230;48375230;c:\windows\system32\drivers\65446781.sys [2011-11-25 94896]
R3 89240295;89240295;c:\windows\system32\drivers\49096678.sys [2011-11-25 94896]
R3 a2acc;a2acc;c:\program files\MAMUTU\a2accx86.sys [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-10-27 30312]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [2011-07-10 16720]
R3 CKDKLN;CKDKLN;c:\users\ma\AppData\Local\Temp\CKDKLN.exe [x]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [2010-06-24 29248]
R3 EraserUtilDrv11113;EraserUtilDrv11113;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11113.sys [x]
R3 gupdatem;ÎÏãÉ Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2011-07-17 101120]
R3 LZKIEM;LZKIEM;c:\users\ma\AppData\Local\Temp\LZKIEM.exe [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\6779.tmp [x]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-01-12 3461132]
R3 PORTIO64;PORTIO64;c:\users\ma\Documents\Downloads\Compressed\New folder\JungleFlasher_v0.1.77_Beta_(179)\JungleFlasher v0.1.77 Beta (179)\portio32.sys [x]
R3 ProDefense;ProDefense;c:\windows\system32\drivers\ProDefense.sys [x]
R3 qcusbser;ACER USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\qcusbser.sys [2009-10-13 112672]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-10-27 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-10-27 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-10-27 136808]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2010-11-30 10064]
R3 TXYYQSDM;TXYYQSDM;c:\users\ma\AppData\Local\Temp\TXYYQSDM.exe [x]
R3 VDFUBFO;VDFUBFO;c:\users\ma\AppData\Local\Temp\VDFUBFO.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 VHLHMT;VHLHMT;c:\users\ma\AppData\Local\Temp\VHLHMT.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-17 1343400]
R3 XDva347;XDva347;c:\windows\system32\XDva347.sys [x]
R3 XDva352;XDva352;c:\windows\system32\XDva352.sys [x]
R3 XDva358;XDva358;c:\windows\system32\XDva358.sys [x]
R3 XG;XG;c:\users\ma\AppData\Local\Temp\XG.exe [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NAV\1206000.01D\SYMDS.SYS [2011-01-27 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NAV\1206000.01D\SYMEFA.SYS [2011-03-15 744568]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.6.0.29\Definitions\IPSDefs\20110330.001\IDSVix86.sys [2011-03-15 353912]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NAV\1206000.01D\Ironx86.SYS [2011-01-27 136312]
S2 Connectify;Connectify;c:\program files\Connectify\ConnectifyService.exe [2011-12-02 108544]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-09-08 8606208]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-09-08 248832]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2011-06-06 211984]
S3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [2010-06-24 29248]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-04 277536]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.babylon.com/home?AF=100581
uInternet Settings,ProxyOverride = local;*.local
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKCU-Run-spdetector3 - c:\program files\Spyware Process Detector\spd322.exe
HKCU-Run-Akamai NetSession Interface - c:\users\ma\AppData\Local\Akamai\netsession_win.exe
HKCU-Run-Livestation - c:\program files\Livestation\Livestation.exe
HKCU-Run-Privacy Protection - c:\programdata\privacy.exe
HKCU-Run-Microsoft Firewall 2.9 - c:\users\ma\AppData\Roaming\WMPRWISE.EXE
HKLM-Run-SpywareCease.exe - c:\program files\Spyware Cease\SpywareCease.exe
SafeBoot-15821059.sys
SafeBoot-16045905.sys
SafeBoot-41022098.sys
SafeBoot-54046235.sys
SafeBoot-58088765.sys
SafeBoot-62762315.sys
SafeBoot-66918256.sys
SafeBoot-72181656.sys
SafeBoot-82143056.sys
MSConfigStartUp-kfql59xacm - c:\users\ma\kfql59xacm.exe
AddRemove-AVG - c:\program files\AVG\AVG2012\avgmfapx.exe
AddRemove-Spyware Process Detector_is1 - c:\program files\Spyware Process Detector\Uninstall\unins000.exe
AddRemove-thriXXX WebLaunch - c:\program files\thriXXX\WebLaunch\WebLaunchUninstall.exe
AddRemove-vghd - d:\vghd\uninstall.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.