Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

harmfull site connection


  • Please log in to reply

#1
carannir

carannir

    New Member

  • Member
  • Pip
  • 1 posts
malwarebytes always says i block a harmfull site connection

ComboFix 11-08-05.03 - NiR 06.08.2011 17:10:23.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1254.90.1055.18.4094.2276 [GMT 3:00]
Running from: c:\users\NiR\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2011-07-06 to 2011-08-06 )))))))))))))))))))))))))))))))
.
.
2011-08-05 19:18 . 2011-08-06 14:00 -------- d-----w- c:\program files\Doctus
2011-08-05 16:33 . 2011-07-12 18:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{422165D4-7F63-4ADB-A99B-C88B0D6A2500}\mpengine.dll
2011-08-05 08:23 . 2011-08-05 08:23 -------- d-----w- c:\users\Guest
2011-07-31 17:23 . 2011-07-31 17:23 -------- d-----w- c:\windows\USB Vibration
2011-07-31 17:23 . 2011-07-31 17:23 -------- d-----w- c:\program files (x86)\USB Vibration
2011-07-31 16:21 . 2011-07-31 16:21 -------- d-----w- c:\program files (x86)\Microsoft.NET
2011-07-31 15:48 . 2011-07-31 15:48 -------- d-----w- c:\windows\system32\SPReview
2011-07-31 15:47 . 2011-07-31 15:47 -------- d-----w- c:\windows\system32\EventProviders
2011-07-31 15:46 . 2010-11-20 13:43 3584 ----a-w- c:\windows\system32\drivers\tr-TR\tsusbflt.sys.mui
2011-07-31 15:46 . 2010-11-20 13:41 2560 ----a-w- c:\windows\system32\drivers\tr-TR\rdpwd.sys.mui
2011-07-31 15:46 . 2010-11-20 13:40 6144 ----a-w- c:\windows\system32\drivers\tr-TR\rdvgkmd.sys.mui
2011-07-31 15:46 . 2010-11-20 13:33 4096 ----a-w- c:\windows\system32\drivers\tr-TR\tsusbhub.sys.mui
2011-07-31 15:46 . 2010-11-20 13:39 2560 ----a-w- c:\windows\system32\drivers\tr-TR\vwifibus.sys.mui
2011-07-31 15:46 . 2010-11-05 01:57 48976 ----a-w- c:\windows\system32\netfxperf.dll
2011-07-31 15:46 . 2010-11-05 01:57 1942856 ----a-w- c:\windows\system32\dfshim.dll
2011-07-31 15:46 . 2010-11-05 01:58 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll
2011-07-31 15:44 . 2010-11-20 13:33 75136 ----a-w- c:\windows\system32\drivers\partmgr.sys
2011-07-31 15:43 . 2010-11-20 13:27 47104 ----a-w- c:\windows\system32\wshbth.dll
2011-07-31 15:42 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2011-07-31 14:58 . 2011-07-31 14:58 -------- d-----w- c:\windows\SysWow64\Wat
2011-07-31 14:58 . 2011-07-31 14:58 -------- d-----w- c:\windows\system32\Wat
2011-07-31 10:06 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-07-31 10:05 . 2011-03-11 06:34 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-07-31 10:05 . 2011-03-11 06:34 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-07-31 10:05 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-07-31 10:05 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-07-31 10:01 . 2011-02-19 12:03 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-07-31 10:01 . 2011-02-19 09:00 367616 ----a-w- c:\windows\system32\atmfd.dll
2011-07-31 10:01 . 2011-02-19 06:30 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-07-31 10:01 . 2011-02-19 04:34 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-07-31 10:01 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2011-07-31 10:01 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2011-07-31 10:01 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2011-07-31 10:01 . 2011-03-03 06:24 183296 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-07-31 10:01 . 2011-03-03 06:21 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-07-31 10:01 . 2011-03-03 05:36 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-07-31 10:00 . 2011-01-17 11:09 197120 ----a-w- c:\windows\system32\d3d10_1.dll
2011-07-31 10:00 . 2011-01-17 05:47 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-07-31 10:00 . 2010-11-20 13:26 321024 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-07-31 10:00 . 2010-11-20 12:18 219136 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2011-07-31 10:00 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2011-07-31 10:00 . 2011-04-29 03:05 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-07-31 10:00 . 2011-04-29 03:05 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-07-31 09:58 . 2011-02-25 05:34 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-07-31 09:52 . 2009-08-17 16:20 1235968 ----a-w- c:\windows\system32\drivers\viahduaa.sys
2011-07-31 09:52 . 2009-08-17 14:58 529920 ----a-w- c:\windows\system32\VIASysFx.dll
2011-07-31 09:52 . 2009-08-17 11:18 1011712 ----a-w- c:\windows\system32\VIAPropPageExt.dll
2011-07-31 09:52 . 2009-06-01 07:10 242176 ----a-w- c:\windows\system32\Dts2APO.dll
2011-07-31 09:52 . 2009-03-04 13:42 84992 ----a-w- c:\windows\system32\Dts2PropPageExt.dll
2011-07-31 09:52 . 2009-01-19 18:32 76288 ----a-w- c:\windows\system32\ViaMicArrayPropPageExt.dll
2011-07-31 09:52 . 2009-01-19 18:32 193024 ----a-w- c:\windows\system32\ViaMicArrayAPO.dll
2011-07-31 09:52 . 2007-12-04 08:28 86016 ----a-w- c:\windows\system32\nQPropPageExt.dll
2011-07-31 09:52 . 2007-12-04 08:28 82432 ----a-w- c:\windows\system32\nQAPO.dll
2011-07-31 09:52 . 2011-07-31 09:52 -------- d-----w- c:\program files (x86)\VIA
2011-07-31 09:52 . 2007-04-11 12:35 414632 ------w- c:\windows\difxapi.dll
2011-07-31 09:46 . 2011-07-31 09:46 -------- d-----w- c:\windows\Sun
2011-07-30 22:46 . 2011-07-30 22:46 -------- d-----w- c:\program files (x86)\Electronic Arts
2011-07-30 22:44 . 2011-07-30 22:44 -------- d-----w- c:\programdata\Solidshield
2011-07-30 22:44 . 2011-07-30 22:44 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2011-07-30 22:44 . 2011-07-30 22:44 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2011-07-30 22:42 . 2011-03-19 12:16 1417216 ----a-w- c:\windows\SysWow64\rapture3d_oal.dll
2011-07-30 22:42 . 2010-09-22 10:12 19087360 ----a-w- c:\windows\SysWow64\mkl_blueripple.dll
2011-07-30 22:42 . 2011-07-30 22:42 -------- d-----w- c:\program files (x86)\BRS
2011-07-30 22:42 . 2011-07-30 22:42 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2011-07-30 22:42 . 2011-07-30 22:42 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2011-07-30 22:42 . 2011-07-30 22:42 122904 ----a-w- c:\windows\system32\OpenAL32.dll
2011-07-30 22:42 . 2011-07-30 22:42 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2011-07-30 22:42 . 2011-07-30 22:42 -------- d-----w- c:\program files (x86)\OpenAL
2011-07-30 22:42 . 2011-04-15 23:40 809496 ----a-r- c:\windows\SysWow64\tmp9158.tmp
2011-07-30 22:32 . 2011-07-30 22:32 -------- d-----w- c:\program files (x86)\Codemasters
2011-07-30 22:26 . 2011-07-30 22:26 -------- d-----w- c:\program files (x86)\Fifa Master
2011-07-30 22:16 . 2011-07-30 22:16 -------- d-----w- c:\program files (x86)\EA Sports
2011-07-30 22:16 . 2008-10-15 03:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2011-07-30 22:16 . 2008-10-15 03:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2011-07-30 22:16 . 2008-10-15 03:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2011-07-30 22:16 . 2008-10-15 03:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2011-07-30 22:16 . 2008-10-15 03:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2011-07-30 22:16 . 2008-10-15 03:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2011-07-30 22:10 . 2009-02-24 15:35 255552 ----a-w- c:\windows\SysWow64\drivers\mcdbus.sys
2011-07-30 22:10 . 2009-02-24 15:35 255552 ----a-w- c:\windows\system32\drivers\mcdbus.sys
2011-07-30 22:10 . 2011-07-30 22:11 -------- d-----w- c:\program files (x86)\MagicDisc
2011-07-30 21:52 . 2011-07-30 21:52 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-07-30 21:46 . 2011-07-30 22:02 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-30 21:46 . 2011-07-30 21:46 -------- d-----w- c:\windows\SysWow64\Macromed
2011-07-30 21:45 . 2011-07-12 18:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-07-30 21:41 . 2011-07-30 21:41 -------- d-----w- c:\windows\tr
2011-07-30 21:34 . 2011-07-30 21:34 -------- d-----w- c:\program files (x86)\Microsoft SQL Server Compact Edition
2011-07-30 21:13 . 2011-07-30 21:29 -------- d-----w- c:\program files (x86)\Windows Live
2011-07-30 21:13 . 2011-07-30 21:13 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6F7AFA92-D4A4-492A-8E9F-C1C264560064}\gapaengine.dll
2011-07-30 21:11 . 2011-07-30 21:11 -------- d-----w- c:\program files\Windows Live
2011-07-30 21:11 . 2011-07-30 21:11 -------- d-----w- c:\windows\PCHEALTH
2011-07-30 21:02 . 2011-07-31 10:30 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2011-07-30 20:51 . 2011-05-04 01:52 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-07-30 20:51 . 2011-07-30 21:52 -------- d-----w- c:\program files (x86)\Java
2011-07-30 20:51 . 2011-07-30 20:51 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
2011-07-30 20:50 . 2011-07-30 20:51 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2011-07-30 20:50 . 2011-07-30 20:51 -------- d-----w- c:\program files\Microsoft Security Client
2011-07-30 20:48 . 2011-07-30 20:48 -------- d-----w- c:\programdata\Malwarebytes
2011-07-30 20:48 . 2011-07-06 16:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-30 20:48 . 2011-07-30 20:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-30 20:48 . 2011-07-06 16:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-07-30 20:48 . 2011-07-30 20:00 -------- d-----w- c:\windows\Panther
2011-07-30 20:47 . 2011-07-30 20:52 -------- d-----w- c:\program files (x86)\JDownloader
2011-07-30 20:45 . 2011-07-30 20:45 -------- d-----w- c:\programdata\Apple
2011-07-30 20:43 . 2011-07-30 20:43 -------- d-----w- c:\program files\Babylon
2011-07-30 20:43 . 2011-07-30 20:43 -------- d-----w- c:\program files (x86)\Babylon
2011-07-30 20:42 . 2011-08-06 13:36 -------- d-----w- c:\programdata\Babylon
2011-07-30 20:35 . 2011-07-30 20:35 -------- d-----w- c:\programdata\ATI
2011-07-30 20:34 . 2011-07-30 20:34 0 ----a-w- c:\windows\ativpsrm.bin
2011-07-30 20:33 . 2011-07-30 20:33 -------- d-----w- c:\program files (x86)\AMD APP
2011-07-30 20:33 . 2011-07-30 20:33 -------- d-----w- c:\program files\Common Files\ATI Technologies
2011-07-30 20:33 . 2011-07-30 20:33 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2011-07-30 20:33 . 2011-07-30 20:33 -------- d-----w- c:\programdata\AMD
2011-07-30 20:33 . 2010-02-18 06:18 46136 ----a-w- c:\windows\system32\drivers\amdiox64.sys
2011-07-30 20:33 . 2011-07-30 20:33 -------- d-----w- c:\program files (x86)\ATI Technologies
2011-07-30 20:33 . 2011-07-30 20:33 -------- d-----w- c:\program files\ATI
2011-07-30 20:32 . 2011-07-30 20:33 -------- d-----w- c:\program files\ATI Technologies
2011-07-30 20:32 . 2011-07-30 20:32 -------- d-----w- C:\ATI
2011-07-30 20:26 . 2011-07-20 06:44 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{51B32F06-FB4F-45D1-9D8E-FD8C2B35507C}\mpengine.dll
2011-07-30 20:26 . 2010-10-19 20:51 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-07-30 20:09 . 2009-04-06 07:24 13368 ----a-r- c:\windows\SysWow64\drivers\AsIO.sys
2011-07-30 20:09 . 2006-01-10 08:50 24576 ----a-r- c:\windows\SysWow64\AsIO.dll
2011-07-30 20:09 . 2008-01-04 10:34 11832 ----a-w- c:\windows\SysWow64\drivers\AsInsHelp64.sys
2011-07-30 20:09 . 2008-01-04 10:34 10216 ----a-w- c:\windows\SysWow64\drivers\AsInsHelp32.sys
2011-07-30 20:09 . 2011-07-31 17:23 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-31 15:54 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2011-07-31 15:54 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2011-07-30 21:11 . 2011-03-28 15:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-06-27 13:23 . 2011-06-27 13:23 53760 ----a-w- c:\windows\SysWow64\OVDecode.dll
2011-06-27 13:23 . 2011-06-27 13:23 43520 ----a-w- c:\windows\SysWow64\OpenCL.dll
2011-06-27 13:22 . 2011-06-27 13:22 13904896 ----a-w- c:\windows\SysWow64\amdocl.dll
2011-06-16 00:34 . 2011-06-16 00:34 2971648 ----a-w- c:\windows\system32\SlotMaximizerBe.dll
2011-06-16 00:34 . 2011-06-16 00:34 105984 ----a-w- c:\windows\system32\SlotMaximizerAg.dll
2011-06-03 05:57 . 2011-07-31 09:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-05-13 13:03 . 2011-05-13 13:03 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll
2011-05-13 12:42 . 2011-05-13 12:42 302448 ----a-w- c:\windows\WLXPGSS.SCR
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2011-05-13 4283256]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-07 336384]
"Babylon Client"="c:\program files (x86)\Babylon\Babylon-Pro\Babylon.exe" [2011-06-20 3302512]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-07-19 421736]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-08-28 2252800]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584]
.
c:\users\NiR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2011-7-31 576000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Etkinleştirme Teknolojileri Hizmeti;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-07 365568]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
S3 NisSrv;Microsoft Ağ Denetlemesi;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [x]
S3 vvftav303;vvftav303;c:\windows\system32\drivers\vvftav303.sys [x]
S3 ZSMC0303;A4 TECH PC Camera H;c:\windows\system32\Drivers\usbVM303.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VMSnap3"="c:\windows\VMSnap3.exe" [2006-07-18 49152]
"Domino"="c:\windows\Domino.exe" [2006-07-04 49152]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
TCP: DhcpNameServer = 62.248.80.162 62.248.80.161
FF - ProfilePath - c:\users\NiR\AppData\Roaming\Mozilla\Firefox\Profiles\zawdfmmd.default\
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-HijackThis - c:\program files\Doctus\HijackThis.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3461625995-2885147556-332480049-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3461625995-2885147556-332480049-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
c:\program files (x86)\Babylon\Babylon-Pro\TC\BabylonTC.exe
.
**************************************************************************
.
Completion time: 2011-08-06 17:18:11 - machine was rebooted
ComboFix-quarantined-files.txt 2011-08-06 14:18
.
Pre-Run: 149.960.269.824 bayt boş
Post-Run: 149.922.918.400 bayt boş
.
- - End Of File - - 92622F2BBED28429FF5A76914B86A87E

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:19:03, on 05.08.2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Windows\vmsnap3.exe
C:\Windows\Domino.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Babylon\Babylon-Pro\TC\BabylonTC.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Doctus\Doctus.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Windows Live ID Oturum Açma Yardım Aracı - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Local Service')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Local Service')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8490 bytes

DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by NiR at 20:26:50 on 2011-08-05
Microsoft Windows 7 Ultimate 6.1.7601.1.1254.90.1055.18.4094.2070 [GMT 3:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Windows\vmsnap3.exe
C:\Windows\Domino.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Babylon\Babylon-Pro\BabylonHelper64.exe
C:\Program Files (x86)\Babylon\Babylon-Pro\TC\BabylonTC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Windows Live ID Oturum Açma Yardım Aracı: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Babylon IE plugin: {9cfaccb6-2f3f-4177-94ea-0d2b72d384c1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\NiR\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 62.248.80.162 62.248.80.161
TCP: Interfaces\{9F5E7099-F6B9-4AE7-8F86-B5CF5EA3D61B} : DhcpNameServer = 62.248.80.162 62.248.80.161
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
IE-X64: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\NiR\AppData\Roaming\Mozilla\Firefox\Profiles\zawdfmmd.default\
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-7-7 365568]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-7-30 366640]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Ağ Denetlemesi;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]
R3 vvftav303;vvftav303;C:\Windows\system32\drivers\vvftav303.sys --> C:\Windows\system32\drivers\vvftav303.sys [?]
R3 ZSMC0303;A4 TECH PC Camera H;C:\Windows\system32\Drivers\usbVM303.sys --> C:\Windows\system32\Drivers\usbVM303.sys [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Etkinleştirme Teknolojileri Hizmeti;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-08-05 16:59:21 -------- d-----w- C:\Users\NiR\AppData\Local\Babylon
2011-08-05 16:59:18 142336 ----a-w- C:\Program Files (x86)\Mozilla Firefox\BabyFox.dll
2011-08-05 16:33:58 8578896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{422165D4-7F63-4ADB-A99B-C88B0D6A2500}\mpengine.dll
2011-08-05 15:56:34 -------- d-----w- C:\Users\NiR\AppData\Local\{8E8C6CA1-8859-43A8-9A63-CAAC8EB4569B}
2011-08-05 15:55:45 -------- d-----w- C:\Users\NiR\AppData\Local\{FD79C22F-45AE-424E-B816-FEF1E077C3A0}
2011-08-05 15:55:32 -------- d-----w- C:\Users\NiR\AppData\Local\{AF52867E-78E0-4E78-A529-67AFF50F72CE}
2011-08-05 15:55:32 -------- d-----w- C:\Users\NiR\AppData\Local\{8DE273F3-B415-401C-B674-FC2CE17ACF39}
2011-07-31 17:23:53 -------- d-----w- C:\Windows\USB Vibration
2011-07-31 17:23:37 634880 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iKernel.dll
2011-07-31 17:23:37 57344 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\ctor.dll
2011-07-31 17:23:37 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\DotNetInstaller.exe
2011-07-31 17:23:37 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2011-07-31 17:23:37 237568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iscript.dll
2011-07-31 17:23:37 151552 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\iuser.dll
2011-07-31 17:23:36 270468 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\Setup.dll
2011-07-31 17:23:36 159876 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\0700\Intel32\IGdi.dll
2011-07-31 17:23:35 -------- d-----w- C:\Program Files (x86)\USB Vibration
2011-07-31 15:48:30 -------- d-----w- C:\Windows\System32\SPReview
2011-07-31 15:47:47 -------- d-----w- C:\Windows\System32\EventProviders
2011-07-31 15:46:13 6144 ----a-w- C:\Windows\System32\drivers\tr-TR\rdvgkmd.sys.mui
2011-07-31 15:46:13 4096 ----a-w- C:\Windows\System32\drivers\tr-TR\tsusbhub.sys.mui
2011-07-31 15:46:13 3584 ----a-w- C:\Windows\System32\drivers\tr-TR\tsusbflt.sys.mui
2011-07-31 15:46:13 2560 ----a-w- C:\Windows\System32\drivers\tr-TR\rdpwd.sys.mui
2011-07-31 15:46:09 2560 ----a-w- C:\Windows\System32\drivers\tr-TR\vwifibus.sys.mui
2011-07-31 15:46:08 48976 ----a-w- C:\Windows\System32\netfxperf.dll
2011-07-31 15:46:08 1942856 ----a-w- C:\Windows\System32\dfshim.dll
2011-07-31 15:46:02 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll
2011-07-31 15:44:59 98304 ----a-w- C:\Program Files\Common Files\System\msadc\msadcs.dll
2011-07-31 15:43:59 47104 ----a-w- C:\Windows\System32\wshbth.dll
2011-07-31 15:42:00 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-07-31 14:58:25 -------- d-----w- C:\Windows\SysWow64\Wat
2011-07-31 14:58:25 -------- d-----w- C:\Windows\System32\Wat
2011-07-31 10:06:55 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-07-31 10:05:42 -------- d-----w- C:\Users\NiR\AppData\Roaming\Windows Live Writer
2011-07-31 10:05:42 -------- d-----w- C:\Users\NiR\AppData\Local\Windows Live Writer
2011-07-31 10:05:24 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-07-31 10:05:24 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-07-31 10:05:23 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-07-31 10:05:23 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-07-31 10:01:45 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2011-07-31 10:01:45 46080 ----a-w- C:\Windows\System32\atmlib.dll
2011-07-31 10:01:45 367616 ----a-w- C:\Windows\System32\atmfd.dll
2011-07-31 10:01:45 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2011-07-31 10:01:45 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll
2011-07-31 10:01:45 100864 ----a-w- C:\Windows\System32\fontsub.dll
2011-07-31 10:01:41 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-07-31 10:01:07 183296 ----a-w- C:\Windows\System32\dnsrslvr.dll
2011-07-31 10:01:06 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2011-07-31 10:01:06 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2011-07-31 10:00:37 321024 ----a-w- C:\Windows\System32\d3d10_1core.dll
2011-07-31 10:00:37 219136 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2011-07-31 10:00:37 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-07-31 10:00:37 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-07-31 10:00:33 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-07-31 10:00:33 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-07-31 10:00:33 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-07-31 09:58:59 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-07-31 09:52:41 86016 ----a-w- C:\Windows\System32\nQPropPageExt.dll
2011-07-31 09:52:41 84992 ----a-w- C:\Windows\System32\Dts2PropPageExt.dll
2011-07-31 09:52:41 82432 ----a-w- C:\Windows\System32\nQAPO.dll
2011-07-31 09:52:41 76288 ----a-w- C:\Windows\System32\ViaMicArrayPropPageExt.dll
2011-07-31 09:52:41 529920 ----a-w- C:\Windows\System32\VIASysFx.dll
2011-07-31 09:52:41 242176 ----a-w- C:\Windows\System32\Dts2APO.dll
2011-07-31 09:52:41 193024 ----a-w- C:\Windows\System32\ViaMicArrayAPO.dll
2011-07-31 09:52:41 1235968 ----a-w- C:\Windows\System32\drivers\viahduaa.sys
2011-07-31 09:52:41 1011712 ----a-w- C:\Windows\System32\VIAPropPageExt.dll
2011-07-31 09:52:23 414632 ------w- C:\Windows\difxapi.dll
2011-07-31 09:52:23 -------- d-----w- C:\Program Files (x86)\VIA
2011-07-31 09:50:46 -------- d-----w- C:\Users\NiR\AppData\Local\{699701D4-8FCD-4917-99B3-FBC5A2B5DCFB}
2011-07-30 22:44:52 -------- d-----w- C:\ProgramData\Solidshield
2011-07-30 22:44:26 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2011-07-30 22:44:21 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-07-30 22:42:38 19087360 ----a-w- C:\Windows\SysWow64\mkl_blueripple.dll
2011-07-30 22:42:38 1417216 ----a-w- C:\Windows\SysWow64\rapture3d_oal.dll
2011-07-30 22:42:37 809496 ----a-r- C:\Windows\SysWow64\tmp9158.tmp
2011-07-30 22:42:37 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2011-07-30 22:42:37 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2011-07-30 22:42:37 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2011-07-30 22:42:37 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2011-07-30 22:42:37 -------- d-----w- C:\Program Files (x86)\OpenAL
2011-07-30 22:42:37 -------- d-----w- C:\Program Files (x86)\BRS
2011-07-30 22:32:39 -------- d-----w- C:\Program Files (x86)\Codemasters
2011-07-30 22:26:54 -------- d-----w- C:\Program Files (x86)\Fifa Master
2011-07-30 22:16:26 -------- d-----w- C:\Program Files (x86)\EA Sports
2011-07-30 22:16:22 519000 ----a-w- C:\Windows\System32\d3dx10_40.dll
2011-07-30 22:16:22 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll
2011-07-30 22:16:22 2605920 ----a-w- C:\Windows\System32\D3DCompiler_40.dll
2011-07-30 22:16:22 2036576 ----a-w- C:\Windows\SysWow64\D3DCompiler_40.dll
2011-07-30 22:16:21 5631312 ----a-w- C:\Windows\System32\D3DX9_40.dll
2011-07-30 22:16:21 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll
2011-07-30 22:10:52 255552 ----a-w- C:\Windows\SysWow64\drivers\mcdbus.sys
2011-07-30 22:10:52 255552 ----a-w- C:\Windows\System32\drivers\mcdbus.sys
2011-07-30 22:10:51 -------- d-----w- C:\Program Files (x86)\MagicDisc
2011-07-30 21:50:17 -------- d-----w- C:\Users\NiR\AppData\Local\{E286C0A1-A40B-4C5C-9F53-9314CF730A8E}
2011-07-30 21:50:03 -------- d-----w- C:\Users\NiR\Tracing
2011-07-30 21:46:25 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-30 21:45:04 8578896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-07-30 21:41:08 -------- d-----w- C:\Windows\tr
2011-07-30 21:34:57 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2011-07-30 21:13:36 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6F7AFA92-D4A4-492A-8E9F-C1C264560064}\gapaengine.dll
2011-07-30 21:11:39 -------- d-----w- C:\Windows\PCHEALTH
2011-07-30 21:07:01 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\9fe603d51cc4efc05\DSETUP.dll
2011-07-30 21:07:01 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\9fe603d51cc4efc05\DXSETUP.exe
2011-07-30 21:07:01 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\9fe603d51cc4efc05\dsetup32.dll
2011-07-30 21:06:01 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7c01c43b1cc4efc04\DSETUP.dll
2011-07-30 21:06:01 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7c01c43b1cc4efc04\DXSETUP.exe
2011-07-30 21:06:01 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\7c01c43b1cc4efc04\dsetup32.dll
2011-07-30 21:02:47 6260088 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\86b52661cc4efc03\Silverlight.4.0.exe
2011-07-30 20:51:58 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-07-30 20:51:14 -------- d-----w- C:\Users\NiR\AppData\Local\Windows Live
2011-07-30 20:51:13 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2011-07-30 20:50:54 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2011-07-30 20:50:36 -------- d-----w- C:\Program Files\Microsoft Security Client
2011-07-30 20:49:15 -------- d-----w- C:\Users\NiR\AppData\Roaming\Malwarebytes
2011-07-30 20:48:19 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-30 20:48:19 -------- d-----w- C:\ProgramData\Malwarebytes
2011-07-30 20:48:16 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-07-30 20:48:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-07-30 20:48:01 -------- d-----w- C:\Windows\Panther
2011-07-30 20:47:31 -------- d-----w- C:\Program Files (x86)\JDownloader
2011-07-30 20:45:16 -------- d-----w- C:\Windows\SysWow64\directx
2011-07-30 20:43:10 -------- d-----w- C:\Program Files\Babylon
2011-07-30 20:43:10 -------- d-----w- C:\Program Files (x86)\Babylon
2011-07-30 20:42:38 -------- d-----w- C:\Users\NiR\AppData\Roaming\Babylon
2011-07-30 20:42:38 -------- d-----w- C:\ProgramData\Babylon
2011-07-30 20:35:16 -------- d-----w- C:\Users\NiR\AppData\Local\AMD
2011-07-30 20:35:06 -------- d-----w- C:\Users\NiR\AppData\Local\ATI
2011-07-30 20:34:43 0 ----a-w- C:\Windows\ativpsrm.bin
2011-07-30 20:33:54 -------- d-----w- C:\Program Files (x86)\AMD APP
2011-07-30 20:33:51 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2011-07-30 20:33:51 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2011-07-30 20:33:42 -------- d-----w- C:\ProgramData\AMD
2011-07-30 20:33:41 46136 ----a-w- C:\Windows\System32\drivers\amdiox64.sys
2011-07-30 20:33:26 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2011-07-30 20:33:23 -------- d-----w- C:\Program Files\ATI
2011-07-30 20:32:50 -------- d-----w- C:\Program Files\ATI Technologies
2011-07-30 20:32:23 -------- d-----w- C:\ATI
2011-07-30 20:26:47 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{51B32F06-FB4F-45D1-9D8E-FD8C2B35507C}\mpengine.dll
2011-07-30 20:26:46 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-07-30 20:09:20 24576 ----a-r- C:\Windows\SysWow64\AsIO.dll
2011-07-30 20:09:20 13368 ----a-r- C:\Windows\SysWow64\drivers\AsIO.sys
2011-07-30 20:09:18 11832 ----a-w- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
2011-07-30 20:09:18 10216 ----a-w- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
2011-07-30 20:09:17 -------- d-----w- C:\Program Files (x86)\ASUS
2011-07-30 20:08:44 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2011-07-30 20:08:44 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2011-07-30 20:08:44 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2011-07-30 20:08:44 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2011-07-30 20:07:53 -------- d-sh--w- C:\Windows\Installer
2011-07-30 20:07:39 -------- d-----w- C:\Users\NiR\AppData\Local\Downloaded Installations
2011-07-12 08:34:00 96104 ----a-w- C:\Windows\System32\dns-sd.exe
2011-07-12 08:34:00 85864 ----a-w- C:\Windows\System32\dnssd.dll
2011-07-12 08:34:00 61288 ----a-w- C:\Windows\System32\jdns_sd.dll
2011-07-12 08:34:00 212840 ----a-w- C:\Windows\System32\dnssdX.dll
2011-07-12 08:20:54 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe
2011-07-12 08:20:54 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll
2011-07-12 08:20:54 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll
2011-07-12 08:20:54 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll
2011-07-08 04:15:50 9884672 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-07-08 03:54:26 23385600 ----a-w- C:\Windows\System32\atio6axx.dll
2011-07-08 03:33:28 17940992 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-07-08 03:29:54 151552 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-07-08 03:29:44 689152 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-07-08 03:28:26 814592 ----a-w- C:\Windows\System32\aticfx64.dll
2011-07-08 03:25:48 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-07-08 03:25:38 485376 ----a-w- C:\Windows\System32\atieclxx.exe
2011-07-08 03:25:02 204288 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-07-08 03:23:48 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-07-08 03:23:32 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-07-08 03:23:26 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-07-08 03:23:14 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-07-08 03:23:08 16384 ----a-w- C:\Windows\System32\atimuixx.dll
2011-07-08 03:23:04 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-07-08 03:22:58 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-07-08 03:19:50 4275712 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-07-08 03:10:38 5072896 ----a-w- C:\Windows\System32\atidxx64.dll
2011-07-08 03:06:10 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-07-08 03:05:46 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-07-08 03:05:34 3848704 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-07-08 03:02:08 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-07-08 03:02:06 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-07-08 03:01:58 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-07-08 03:01:58 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-07-08 03:01:46 8134656 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-07-08 03:00:34 4367360 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-07-08 02:58:52 6740480 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-07-08 02:55:56 4039680 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-07-08 02:54:30 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-07-08 02:54:22 5540864 ----a-w- C:\Windows\System32\atiumd64.dll
2011-07-08 02:47:42 375808 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-07-08 02:47:34 266240 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-07-08 02:47:24 15360 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-07-08 02:47:20 13312 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-07-08 02:47:20 13312 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-07-08 02:47:18 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-07-08 02:47:10 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-07-08 02:47:04 307712 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-07-08 02:46:20 40960 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-07-08 02:46:14 31744 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-07-08 02:46:06 38912 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-07-08 02:45:58 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-07-08 02:45:10 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-07-08 02:41:02 53760 ----a-w- C:\Windows\System32\atimpc64.dll
2011-07-08 02:41:02 53760 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-07-08 02:40:48 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-07-08 02:40:48 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-07-07 20:37:30 60416 ----a-w- C:\Windows\System32\OVDecode64.dll
2011-07-07 20:37:10 51200 ----a-w- C:\Windows\System32\OpenCL.dll
2011-07-07 20:36:58 16907776 ----a-w- C:\Windows\System32\amdocl64.dll
.
==================== Find3M ====================
.
2011-07-31 15:54:20 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-07-31 15:54:20 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-06-27 13:23:20 53760 ----a-w- C:\Windows\SysWow64\OVDecode.dll
2011-06-27 13:23:02 43520 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2011-06-27 13:22:40 13904896 ----a-w- C:\Windows\SysWow64\amdocl.dll
2011-06-16 00:34:06 2971648 ----a-w- C:\Windows\System32\SlotMaximizerBe.dll
2011-06-16 00:34:06 105984 ----a-w- C:\Windows\System32\SlotMaximizerAg.dll
2011-06-11 03:07:25 3137536 ----a-w- C:\Windows\System32\win32k.sys
2011-06-03 06:57:45 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-06-03 06:57:45 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-06-03 06:57:45 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-06-03 06:57:44 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-06-03 06:57:38 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-06-03 06:56:38 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-06-03 06:53:33 338944 ----a-w- C:\Windows\System32\conhost.exe
2011-06-03 06:00:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-06-03 05:57:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-06-03 05:57:33 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-06-03 05:56:12 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-06-03 05:56:11 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-06-03 03:53:31 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-06-03 03:53:31 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2011-05-13 13:03:34 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2011-05-13 12:42:24 302448 ----a-w- C:\Windows\WLXPGSS.SCR
.
============= FINISH: 20:27:05,34 ===============

Attached Files


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP