ComboFix 13-09-14.01 - user 16-09-2013 21:50:14.3.2 - x86Microsoft Windows 7 Ultimate 6.1.7600.0.1252.91.1033.18.3002.1694 [GMT 5.5:30]Running from: c:\users\user\Desktop\ComboFix.exeCommand switches used :: c:\users\user\Desktop\CFScript.txtAV: Quick Heal Total Security 13.00 *Disabled/Updated* D8418B0E-EE80-1320-B172-3D5DEB3CE14FFW: Quick Heal Firewall *Disabled* E07A0A2B-A4EF-1278-9A2D-946815EFA634SP: Quick Heal Total Security 13.00 *Disabled/Updated* 63206AEA-C8BA-1CAE-8BC2-062F90BBABF2SP: Windows Defender *Disabled/Outdated* D68DDC3A-831F-4fae-9E44-DA132C1ACF46.FILE ::"c:\users\user\Desktop - Copy\LaunchManager_Dritek_2.0.00_Vistax64Vistax86_A.zip""f:\26.03.2012\Desktop\LaunchManager_Dritek_2.0.00_Vistax64Vistax86_A.zip""f:\programs\LaunchManager_Dritek_2.0.00_Vistax64Vistax86_A.zip""h:\prabir\Personal\Movies\English\BSPlayer Pro 2.56 Build 1043\keygen.rar"..((((((((((((((((((((((((( Files Created from 2013-08-16 to 2013-09-16 )))))))))))))))))))))))))))))))..2013-09-16 16:26 . 2013-09-16 16:26 -------- d-----w- c:\users\Default\AppData\Local\temp2013-09-12 09:00 . 2013-09-12 09:00 -------- d-----w- c:\users\user\AppData\Roaming\Malwarebytes2013-09-12 08:59 . 2013-09-12 08:59 -------- d-----w- c:\programdata\Malwarebytes2013-09-12 08:59 . 2013-09-12 15:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware2013-09-11 16:28 . 2013-09-11 16:28 -------- d-----w- c:\users\user\AppData\Roaming\337 Wallpaper2013-09-11 16:20 . 2013-09-12 04:11 -------- d-----w- c:\programdata\Freemake2013-09-11 16:20 . 2013-09-12 04:11 -------- d-----w- c:\program files\Freemake2013-09-11 15:46 . 2013-09-11 15:46 -------- d-----w- c:\users\user\AppData\Roaming\EurekaLog2013-09-11 15:46 . 2013-09-11 15:46 -------- d-----w- c:\program files\FDRLab2013-09-11 08:01 . 2013-09-11 08:01 -------- d-----w- c:\users\user\AppData\Local\Programs2013-08-23 06:51 . 2013-08-23 06:55 -------- d-----w- c:\program files\USBAntivirus...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-07-11 07:53 . 2013-07-11 07:53 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll2013-07-11 07:53 . 2012-08-27 11:20 867240 ----a-w- c:\windows\system32\npDeployJava1.dll2013-07-11 07:53 . 2010-11-09 07:56 789416 ----a-w- c:\windows\system32\deployJava1.dll..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-21 19875432].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-08 141848]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-08 174104]"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-08 151064]"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-28 7625248]"PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704]"VitaKeyPdtWzd"="c:\program files\Acer Bio Protection\PdtWzd.exe" [2009-09-05 3570176]"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2009-08-07 225280]"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-09-03 1557800]"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 71216]"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-01-08 52256]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-07-31 38872]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-11 919008]"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]"Quick Heal Core UI"="c:\program files\Quick Heal\Quick Heal Total Security\strtupap.exe" [2011-08-06 161224]"UIExec"="c:\program files\Reliance 3G\UIExec.exe" [2011-08-09 153424]"SonicWALLNetExtender"="c:\program files\SonicWALL\SSL-VPN\NetExtender\NEGui.exe" [2010-06-22 1103744]"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 383424].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-12-23 113664]HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 275768].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"aux"=wdmaud.drv.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]Notification Packages REG_MULTI_SZ c:\program files\Acer Bio Protection\PwdFilter.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200445] Ime File REG_SZ GoogleInputTools.ime.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver".R0 mscank;mscank;c:\windows\system32\DRIVERS\mscank.sys [2011-08-06 33096]R2 Core Scanning Server;Core Scanning Server;c:\program files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE [2011-08-06 206280]R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-08-14 3291008]R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-06-21 162408]R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys [2010-07-28 25112]R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2011-03-26 9216]R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 174592]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-13 1343400]R3 wsnf;Network Filter Service;c:\windows\system32\DRIVERS\wsnf.sys [2011-08-06 44616]R4 ggc;ggc;c:\windows\system32\DRIVERS\ggc.sys [2011-07-29 49864]S1 wstif;wstif;c:\windows\system32\drivers\wstif.sys [2012-04-10 67136]S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2009-08-04 1807608]S2 Autodesk Content Service;Autodesk Content Service;c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-01-31 19232]S2 catflt;catflt;c:\windows\system32\DRIVERS\catflt.sys [2011-08-06 39880]S2 Core Mail Protection;Core Mail Protection;c:\program files\Quick Heal\Quick Heal Total Security\EMLPROXY.EXE [2011-08-06 29640]S2 Core Scanning ServerEx;Core Scanning ServerEx;c:\program files\Quick Heal\Quick Heal Total Security\SAPISSVC.EXE [2011-08-06 206280]S2 EMLSS;EMLSS;c:\windows\system32\drivers\emltdi.sys [2011-08-06 29384]S2 GoogleInputService;GoogleInputService;c:\program files\Google\Google Input Tools\GoogleInputService.exe [2012-11-07 164888]S2 IGBASVC;EgisTec Service;c:\program files\Acer Bio Protection\BASVC.exe [2009-09-05 3449856]S2 Quick Update Service;Quick Update Service;c:\program files\Quick Heal\Quick Heal Total Security\quhlpsvc.exe [2011-08-06 90568]S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]S2 UI Assistant Service;UI Assistant Service;c:\program files\Reliance 3G\AssistantServices.exe [2011-08-09 270672]S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-08-04 659328]S3 IntcHdmiAddService;Intel High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-07-10 122880]S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]S3 netw5v32;Intel Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]S3 NxDrv;SonicWALL NetExtender Adapter;c:\windows\system32\DRIVERS\NxDrv.sys [2009-10-21 22600]S3 wsnfmp;Network Filter Miniport;c:\windows\system32\DRIVERS\wsnf.sys [2011-08-06 44616]S4 Online Protection System;Online Protection System;c:\program files\Quick Heal\Quick Heal Total Security\opssvc.exe [2011-08-06 24520]..[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12HPService REG_MULTI_SZ HPSLPSVChpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc.Contents of the 'Scheduled Tasks' folder.2013-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-04 06:22].2013-09-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-04 06:22].2013-09-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-108519296-852325044-3339374726-1000Core.job- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-01 15:11].2013-09-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-108519296-852325044-3339374726-1000UA.job- c:\users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-01 15:11].2013-09-16 c:\windows\Tasks\Resume Quickup Download.job- c:\program files\Quick Heal\Quick Heal Total Security\ACAPPAA.EXE [2011-08-06 17:50]..------- Supplementary Scan -------.IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html..--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\4D36E96D-E325-11CE-BFC1-08002BE10318\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000"MSCurrentCountry"=dword:000000b5.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\4D36E96D-E325-11CE-BFC1-08002BE10318\0001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\4D36E96D-E325-11CE-BFC1-08002BE10318\0004\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\4D36E96D-E325-11CE-BFC1-08002BE10318\0005\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\4D36E96D-E325-11CE-BFC1-08002BE10318\0006\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'lsass.exe'(564)c:\program files\Acer Bio Protection\PwdFilter.DLL.- - - - - - - > 'Explorer.exe'(4556)c:\windows\system32\msiltcfg.dllc:\windows\system32\LINKINFO.dllc:\windows\System32\gameux.dllc:\windows\system32\ieframe.DLLc:\windows\System32\davclnt.dll.Completion time: 2013-09-16 21:59:11ComboFix-quarantined-files.txt 2013-09-16 16:29ComboFix2.txt 2013-09-16 15:49ComboFix3.txt 2013-09-15 15:20.Pre-Run: 8,599,519,232 bytes freePost-Run: 8,529,117,184 bytes free.- - End Of File - - 4A48B393AC6BC5C585A6A1B3EEA9E32DA36C5E4F47E84449FF07ED3517B43A31
Quick Heal Total Security 2013 Keygen
2ff7e9595c