ComboFix 12-11-21.01 - kamil 21/11/2012  16:45:23.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.4061.2415 [GMT 1:00]
Running from: c:\users\kamil\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Trend Micro Titanium Internet Security *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Trend Micro Titanium Internet Security *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\codec
c:\program files (x86)\codec\ffdshow\Boost_Software_License_1.0.txt
c:\program files (x86)\codec\ffdshow\ffmpegmt.dll
c:\program files (x86)\codec\ffdshow\gnu_license.txt
c:\program files (x86)\codec\ffdshow\languages\ffdshow.1026.bg
c:\program files (x86)\codec\ffdshow\languages\ffdshow.1028.tc
c:\program files (x86)\codec\ffdshow\languages\ffdshow.1029.cz
c:\program files (x86)\codec\ffdshow\languages\ffdshow.1034.es
c:\program files (x86)\codec\ffdshow\languages\ffdshow.1035.fi
c:\program files (x86)\codec\ffdshow\languages\ffdshow.1038.hu
c:\program files (x86)\codec\ffdshow\languages\ffdshow.1040.it
c:\program files (x86)\codec\ffdshow\languages\ffdshow.1041.ja
c:\program files (x86)\codec\ffdshow\languages\ffdshow.1046.br
c:\program files (x86)\codec\ffdshow\languages\ffdshow.1049.ru
c:\program files (x86)\codec\ffdshow\languages\ffdshow.1051.sk
c:\program files (x86)\codec\ffdshow\languages\ffdshow.1053.se
c:\program files (x86)\codec\ffdshow\languages\ffdshow.2052.sc
c:\program files (x86)\codec\ffdshow\unins000.dat
c:\program files (x86)\codec\ffdshow\unins000.exe
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\programdata\FullRemove.exe
c:\windows\msvcr71.dll
c:\windows\SysWow64\muzapp.exe
D:\Autorun.inf
D:\setup.exe
.
.
(((((((((((((((((((((((((   Files Created from 2012-10-21 to 2012-11-21  )))))))))))))))))))))))))))))))
.
.
2012-11-21 16:42 . 2012-11-21 16:42	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-11-20 09:17 . 2012-07-26 04:47	2560	----a-w-	c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-20 09:17 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2012-11-20 09:17 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2012-11-20 09:17 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2012-11-19 17:04 . 2012-10-03 17:56	1914248	----a-w-	c:\windows\system32\drivers\tcpip.sys
2012-11-19 17:04 . 2012-10-03 17:44	216576	----a-w-	c:\windows\system32\ncsi.dll
2012-11-19 17:04 . 2012-10-03 17:44	303104	----a-w-	c:\windows\system32\nlasvc.dll
2012-11-19 17:04 . 2012-10-03 17:44	246272	----a-w-	c:\windows\system32\netcorehc.dll
2012-11-19 17:04 . 2012-10-03 17:42	569344	----a-w-	c:\windows\system32\iphlpsvc.dll
2012-11-19 17:04 . 2012-10-03 16:42	175104	----a-w-	c:\windows\SysWow64\netcorehc.dll
2012-11-19 17:04 . 2012-10-03 16:42	156672	----a-w-	c:\windows\SysWow64\ncsi.dll
2012-11-19 17:03 . 2012-01-13 07:12	52224	----a-w-	c:\windows\SysWow64\nlaapi.dll
2012-11-19 17:03 . 2012-10-03 17:44	70656	----a-w-	c:\windows\system32\nlaapi.dll
2012-11-19 17:03 . 2012-10-03 17:44	18944	----a-w-	c:\windows\system32\netevent.dll
2012-11-19 17:03 . 2012-10-03 16:42	18944	----a-w-	c:\windows\SysWow64\netevent.dll
2012-11-19 17:03 . 2012-10-03 16:07	45568	----a-w-	c:\windows\system32\drivers\tcpipreg.sys
2012-11-15 19:19 . 2012-11-15 19:19	--------	d-----w-	c:\users\kamil\AppData\Roaming\Thinstall
2012-11-15 19:19 . 2012-11-15 19:19	--------	d-----w-	c:\users\kamil\AppData\Local\Thinstall
2012-11-15 02:01 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2012-11-15 02:01 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2012-11-15 02:01 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2012-11-15 02:01 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2012-11-15 02:01 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2012-11-15 02:01 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2012-11-15 02:01 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2012-11-14 14:42 . 2012-10-09 18:17	55296	----a-w-	c:\windows\system32\dhcpcsvc6.dll
2012-11-14 14:42 . 2012-10-09 18:17	226816	----a-w-	c:\windows\system32\dhcpcore6.dll
2012-11-14 14:42 . 2012-10-09 17:40	44032	----a-w-	c:\windows\SysWow64\dhcpcsvc6.dll
2012-11-14 14:42 . 2012-10-09 17:40	193536	----a-w-	c:\windows\SysWow64\dhcpcore6.dll
2012-11-14 14:41 . 2012-10-18 18:25	3149824	----a-w-	c:\windows\system32\win32k.sys
2012-11-14 14:36 . 2012-09-25 22:47	78336	----a-w-	c:\windows\SysWow64\synceng.dll
2012-11-14 14:36 . 2012-09-25 22:46	95744	----a-w-	c:\windows\system32\synceng.dll
2012-11-05 13:11 . 2012-11-05 13:11	--------	d-----w-	c:\users\kamil\AppData\Local\Samsung
2012-11-05 13:11 . 2012-11-05 13:11	--------	d-----w-	c:\users\kamil\AppData\Roaming\Samsung
2012-11-05 13:02 . 2012-06-27 08:37	1917416	----a-w-	c:\windows\system32\WdfCoInstaller01005.dll
2012-11-05 13:02 . 2012-06-27 08:37	1917416	----a-w-	c:\windows\system32\drivers\WdfCoInstaller01005.dll
2012-11-05 13:02 . 2012-06-27 08:37	13800	----a-w-	c:\windows\system32\drivers\ssadwhnt.sys
2012-11-05 13:02 . 2012-06-27 08:37	13800	----a-w-	c:\windows\system32\drivers\ssadwh.sys
2012-11-05 13:02 . 2012-06-27 08:37	36328	----a-w-	c:\windows\system32\drivers\ssadadb.sys
2012-11-05 13:02 . 2012-06-27 08:37	177640	----a-w-	c:\windows\system32\drivers\ssadmdm.sys
2012-11-05 13:02 . 2012-06-27 08:37	16872	----a-w-	c:\windows\system32\drivers\ssadmdfl.sys
2012-11-05 13:02 . 2012-06-27 08:37	157672	----a-w-	c:\windows\system32\drivers\ssadbus.sys
2012-11-05 13:02 . 2012-06-27 08:37	13288	----a-w-	c:\windows\system32\drivers\ssadcmnt.sys
2012-11-05 13:02 . 2012-06-27 08:37	13288	----a-w-	c:\windows\system32\drivers\ssadcm.sys
2012-11-05 13:02 . 2012-06-27 08:37	146920	----a-w-	c:\windows\system32\drivers\ssadserd.sys
2012-11-05 13:00 . 2012-09-26 19:57	4659712	----a-w-	c:\windows\SysWow64\Redemption.dll
2012-11-05 13:00 . 2012-11-05 13:00	--------	d-----w-	c:\program files (x86)\MarkAny
2012-11-05 13:00 . 2012-09-26 19:57	821824	----a-w-	c:\windows\SysWow64\dgderapi.dll
2012-11-05 13:00 . 2012-11-05 13:01	--------	d-----w-	c:\program files (x86)\Samsung
2012-11-05 13:00 . 2012-11-05 13:01	--------	d-----w-	c:\programdata\Samsung
2012-11-05 12:50 . 2012-11-05 12:50	--------	d-----w-	c:\users\kamil\AppData\Local\Downloaded Installations
2012-10-24 09:28 . 1999-11-12 03:11	183808	----a-w-	c:\windows\SysWow64\BDEADMIN.CPL
2012-10-24 09:28 . 1999-01-20 03:01	210032	----a-w-	c:\windows\SysWow64\DBCLIENT.DLL
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-15 02:02 . 2011-08-28 18:00	66395536	----a-w-	c:\windows\system32\MRT.exe
2012-11-13 12:59 . 2012-10-11 11:15	129216	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-11-13 12:59 . 2012-10-11 11:15	98888	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-09-26 19:57 . 2012-09-26 19:57	90112	----a-w-	c:\windows\MAMCityDownload.ocx
2012-09-26 19:57 . 2012-09-26 19:57	330240	----a-w-	c:\windows\MASetupCaller.dll
2012-09-26 19:57 . 2012-09-26 19:57	30568	----a-w-	c:\windows\MusiccityDownload.exe
2012-09-26 19:57 . 2012-09-26 19:57	974848	----a-w-	c:\windows\SysWow64\cis-2.4.dll
2012-09-26 19:57 . 2012-09-26 19:57	81920	----a-w-	c:\windows\SysWow64\issacapi_bs-2.3.dll
2012-09-26 19:57 . 2012-09-26 19:57	65536	----a-w-	c:\windows\SysWow64\issacapi_pe-2.3.dll
2012-09-26 19:57 . 2012-09-26 19:57	57344	----a-w-	c:\windows\SysWow64\MTXSYNCICON.dll
2012-09-26 19:57 . 2012-09-26 19:57	57344	----a-w-	c:\windows\SysWow64\MK_Lyric.dll
2012-09-26 19:57 . 2012-09-26 19:57	57344	----a-w-	c:\windows\SysWow64\issacapi_se-2.3.dll
2012-09-26 19:57 . 2012-09-26 19:57	569344	----a-w-	c:\windows\SysWow64\muzdecode.ax
2012-09-26 19:57 . 2012-09-26 19:57	491520	----a-w-	c:\windows\SysWow64\muzapp.dll
2012-09-26 19:57 . 2012-09-26 19:57	49152	----a-w-	c:\windows\SysWow64\MaJGUILib.dll
2012-09-26 19:57 . 2012-09-26 19:57	45320	----a-w-	c:\windows\SysWow64\MAMACExtract.dll
2012-09-26 19:57 . 2012-09-26 19:57	45056	----a-w-	c:\windows\SysWow64\MaXMLProto.dll
2012-09-26 19:57 . 2012-09-26 19:57	45056	----a-w-	c:\windows\SysWow64\MACXMLProto.dll
2012-09-26 19:57 . 2012-09-26 19:57	40960	----a-w-	c:\windows\SysWow64\MTTELECHIP.dll
2012-09-26 19:57 . 2012-09-26 19:57	352256	----a-w-	c:\windows\SysWow64\MSLUR71.dll
2012-09-26 19:57 . 2012-09-26 19:57	258048	----a-w-	c:\windows\SysWow64\muzoggsp.ax
2012-09-26 19:57 . 2012-09-26 19:57	245760	----a-w-	c:\windows\SysWow64\MSCLib.dll
2012-09-26 19:57 . 2012-09-26 19:57	24576	----a-w-	c:\windows\SysWow64\MASetupCleaner.exe
2012-09-26 19:57 . 2012-09-26 19:57	200704	----a-w-	c:\windows\SysWow64\muzwmts.dll
2012-09-26 19:57 . 2012-09-26 19:57	155648	----a-w-	c:\windows\SysWow64\MSFLib.dll
2012-09-26 19:57 . 2012-09-26 19:57	143360	----a-w-	c:\windows\SysWow64\3DAudio.ax
2012-09-26 19:57 . 2012-09-26 19:57	135168	----a-w-	c:\windows\SysWow64\muzaf1.dll
2012-09-26 19:57 . 2012-09-26 19:57	131072	----a-w-	c:\windows\SysWow64\muzmpgsp.ax
2012-09-26 19:57 . 2012-09-26 19:57	122880	----a-w-	c:\windows\SysWow64\muzeffect.ax
2012-09-26 19:57 . 2012-09-26 19:57	118784	----a-w-	c:\windows\SysWow64\MaDRM.dll
2012-09-26 19:57 . 2012-09-26 19:57	110592	----a-w-	c:\windows\SysWow64\muzmp4sp.ax
2012-09-24 07:58 . 2012-10-11 11:15	27800	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-09-14 19:19 . 2012-10-10 10:44	2048	----a-w-	c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 10:44	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2012-08-31 18:19 . 2012-10-10 10:45	1659760	----a-w-	c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 10:45	5559664	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 10:45	3968880	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 10:45	3914096	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05 . 2012-10-10 10:45	220160	----a-w-	c:\windows\system32\wintrust.dll
2012-08-24 18:05 . 2012-10-02 18:47	1188864	----a-w-	c:\windows\system32\wininet.dll
2012-08-24 18:05 . 2012-10-02 18:47	1494528	----a-w-	c:\windows\system32\urlmon.dll
2012-08-24 18:05 . 2012-10-02 18:47	134144	----a-w-	c:\windows\system32\url.dll
2012-08-24 18:03 . 2012-10-02 18:47	9056256	----a-w-	c:\windows\system32\mshtml.dll
2012-08-24 18:03 . 2012-10-02 18:47	97792	----a-w-	c:\windows\system32\mshtmled.dll
2012-08-24 18:03 . 2012-10-02 18:47	735744	----a-w-	c:\windows\system32\msfeeds.dll
2012-08-24 18:03 . 2012-10-02 18:47	64512	----a-w-	c:\windows\system32\jsproxy.dll
2012-08-24 18:02 . 2012-10-02 18:47	247808	----a-w-	c:\windows\system32\ieui.dll
2012-08-24 18:02 . 2012-10-02 18:47	12295680	----a-w-	c:\windows\system32\ieframe.dll
2012-08-24 18:02 . 2012-10-02 18:47	2453504	----a-w-	c:\windows\system32\iertutil.dll
2012-08-24 16:57 . 2012-10-10 10:45	172544	----a-w-	c:\windows\SysWow64\wintrust.dll
2012-08-24 16:57 . 2012-10-02 18:47	981504	----a-w-	c:\windows\SysWow64\wininet.dll
2012-08-24 15:59 . 2012-10-02 18:47	1638912	----a-w-	c:\windows\system32\mshtml.tlb
2012-08-24 15:20 . 2012-10-02 18:47	1638912	----a-w-	c:\windows\SysWow64\mshtml.tlb
2009-04-08 17:31 . 2009-04-08 17:31	106496	----a-w-	c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 04:45 . 2008-08-12 04:45	155648	----a-w-	c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}]
2011-09-22 16:58	177712	----a-w-	c:\program files (x86)\vShare.tv plugin\BarLcher.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}"= "c:\program files (x86)\vShare.tv plugin\BarLcher.dll" [2011-09-22 177712]
.
[HKEY_CLASSES_ROOT\clsid\{7ac3e13b-3bca-4158-b330-f66dbb03c1b5}]
[HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher.1]
[HKEY_CLASSES_ROOT\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}]
[HKEY_CLASSES_ROOT\MyNewsBarLauncher.IE5BarLauncher]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08	143360	----a-w-	c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-10-11 966072]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-10-09 580096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2010-07-06 2443376]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2010-02-04 7350912]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-04-26 1597440]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-11-13 384800]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-10-11 309688]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-3-25 548528]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2011-3-25 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2011-3-25 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2012-06-27 36328]
R3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;c:\program files (x86)\BitComet\tools\BitCometService.exe [2010-12-28 1296728]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-03-20 1431888]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2012-06-27 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2012-06-27 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2012-06-27 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2012-06-27 146920]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-15 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [2009-06-18 15928]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-09-24 27800]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-07 379520]
S2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-10-30 84256]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-05-03 44032]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-05-15 1327520]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52	159744	----a-w-	c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49	70656	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49	70656	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" [2011-02-17 1111568]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-12-20 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-12-20 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-12-20 410136]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2011-02-10 197152]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://home.sweetim.com/?crg=3.1010000&st=10&barid={57F5264E-8590-4D36-9A58-157C54175145}
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000&st=10&barid={57F5264E-8590-4D36-9A58-157C54175145}
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: &D&ownload &with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all with BitComet - c:\program files (x86)\BitComet\BitComet.exe/AddAllLink.htm
IE: E&ksport do programu Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 95.160.170.92 88.156.222.92 82.139.8.40
FF - ProfilePath - c:\users\kamil\AppData\Roaming\Mozilla\Firefox\Profiles\tqb62jc1.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/
FF - prefs.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - user.js: browser.search.order.1 - Search the web
FF - user.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - user.js: privacy.item.cookies - false
FF - user.js: privacy.sanitize.promptOnSanitize - false
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-{DFEFCDEE-CF1A-4FC8-89AF-189327213627} - c:\users\kamil\AppData\Roaming\toolplugin\toolbar.dll
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-ffdshow_is1 - c:\program files (x86)\SubEdit-Player\codec\ffdshow\unins000.exe
AddRemove-Gadu-Gadu - c:\program files (x86)\Gadu-Gadu\Setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-11-21  17:53:35
ComboFix-quarantined-files.txt  2012-11-21 16:53
.
Pre-Run: 9,451,892,736 bytes free
Post-Run: 9,708,187,648 bytes free
.
- - End Of File - - EA28BC9376849CE2D934A0281383BEAF