ComboFix 14-05-29.01 - DirOfEngineering 05/30/2014  15:35:17.1.1 - x64
Microsoft Windows 7 Enterprise   6.1.7601.1.1252.1.1033.18.3836.2842 [GMT -5:00]
Running from: c:\users\DirOfEngineering\Desktop\ComboFix.exe
AV: Panda Cloud Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C}
FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117}
SP: Panda Cloud Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\setup.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
(((((((((((((((((((((((((   Files Created from 2014-04-28 to 2014-05-30  )))))))))))))))))))))))))))))))
.
.
2014-05-30 14:39 . 2014-05-30 14:39	--------	d-----w-	c:\programdata\Autorun Eater
2014-05-30 14:39 . 2014-05-30 14:39	--------	d-----w-	c:\program files (x86)\Autorun Eater
2014-05-27 17:16 . 2014-05-27 17:16	--------	d-----w-	c:\users\DirOfEngineering\AppData\Roaming\Malwarebytes
2014-05-27 17:16 . 2014-05-27 17:16	--------	d-----w-	c:\programdata\Malwarebytes
2014-05-27 17:16 . 2014-05-27 17:16	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2014-05-27 17:16 . 2013-04-04 19:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-05-27 12:22 . 2014-05-27 12:22	--------	d-----w-	C:\nirsoft_package_1.18.60
2014-05-23 14:42 . 2014-05-23 14:42	--------	d-----w-	c:\users\DirOfEngineering\AppData\Local\Karen's Power Tools
2014-05-23 14:42 . 2014-05-23 14:42	--------	d-----w-	c:\program files (x86)\Karen's Power Tools
2014-05-23 14:41 . 2014-05-23 14:41	--------	d-----w-	c:\programdata\Karen's Power Tools
2014-05-22 13:23 . 2014-05-22 13:25	--------	d-----w-	C:\ccsetup414
2014-05-20 18:58 . 2014-05-20 18:59	--------	d-----w-	c:\users\DirOfEngineering\AppData\Roaming\WiseUpdate
2014-05-16 15:52 . 2014-05-16 16:14	--------	d-----w-	c:\users\DirOfEngineering\AppData\Local\Adobe
2014-05-14 21:05 . 2014-05-14 21:05	--------	d-----w-	C:\SysinternalsSuite
2014-05-13 18:50 . 2014-05-06 04:40	23544320	----a-w-	c:\windows\system32\mshtml.dll
2014-05-13 18:50 . 2014-05-06 03:00	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-05-13 18:50 . 2014-05-06 04:17	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-05-13 18:50 . 2014-05-06 03:07	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-05-13 15:25 . 2013-04-29 07:17	58808	----a-w-	c:\windows\system32\drivers\PSKMAD.sys
2014-05-08 21:53 . 2014-05-08 21:57	--------	d-----w-	c:\users\DirOfEngineering\AppData\Roaming\Wise Registry Cleaner
2014-05-08 21:53 . 2014-05-08 21:53	--------	d-----w-	c:\program files (x86)\Wise
2014-05-04 21:21 . 2014-05-11 20:31	--------	d-----w-	C:\Tor Browser New
2014-05-01 14:38 . 2014-05-01 14:38	--------	d-----w-	C:\Tor Browser
2014-05-01 12:28 . 2014-05-13 18:52	--------	d-s---w-	c:\windows\system32\CompatTel
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-30 20:44 . 2014-04-08 12:17	29	----a-w-	c:\windows\SysWow64\TempWmicBatchFile.bat
2014-05-14 16:29 . 2014-04-30 15:32	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 16:29 . 2014-04-30 15:32	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-13 18:46 . 2014-04-07 13:20	93223848	----a-w-	c:\windows\system32\MRT.exe
2014-04-16 18:22 . 2014-04-16 18:22	52992	----a-w-	c:\windows\system32\drivers\KSafeDISK.sys
2014-04-16 18:22 . 2014-04-16 18:22	33024	----a-w-	c:\windows\system32\drivers\BTOWSFF.sys
2014-04-16 18:22 . 2014-04-16 18:22	52480	----a-w-	c:\windows\system32\drivers\BTOWSVF.sys
2014-04-10 16:40 . 2014-04-10 16:40	31648	----a-w-	c:\windows\system32\drivers\HWiNFO64A.SYS
2014-04-09 17:19 . 2014-04-09 17:19	1092088	----a-w-	C:\Tweaking.com-ResetRegistryPermissions.exe
2014-04-07 20:16 . 2014-04-07 20:16	947760	----a-w-	c:\windows\system32\SFSS_APO.dll
2014-04-07 20:16 . 2014-04-07 20:16	2792152	----a-w-	c:\windows\system32\RtkAPO64.dll
2014-04-07 20:16 . 2014-04-07 20:16	2770976	----a-w-	c:\windows\system32\FMAPO64.dll
2014-04-07 20:15 . 2014-04-07 20:15	95544	----a-w-	c:\windows\system32\bcmwlcoi.dll
2014-04-07 20:15 . 2014-04-07 20:15	3952640	----a-w-	c:\windows\system32\bcmihvsrv64.dll
2014-04-07 20:15 . 2014-04-07 20:15	3617792	----a-w-	c:\windows\system32\bcmihvui64.dll
2014-04-07 19:53 . 2014-04-07 19:53	871856	----a-w-	c:\windows\system32\tossaeapo64.dll
2014-04-07 19:53 . 2014-04-07 19:53	836544	----a-w-	c:\windows\system32\tadefxapo264.dll
2014-04-07 19:53 . 2014-04-07 19:53	81248	----a-w-	c:\windows\system32\SFCOM64.dll
2014-04-07 19:53 . 2014-04-07 19:53	74064	----a-w-	c:\windows\SysWow64\SFCOM.dll
2014-04-07 19:53 . 2014-04-07 19:53	65944	----a-w-	c:\windows\system32\tepeqapo64.dll
2014-04-07 19:53 . 2014-04-07 19:53	582056	----a-w-	c:\windows\system32\tosasfapo64.dll
2014-04-07 19:53 . 2014-04-07 19:53	518896	----a-w-	c:\windows\system32\SRSTSX64.dll
2014-04-07 19:53 . 2014-04-07 19:53	221024	----a-w-	c:\windows\system32\SFNHK64.dll
2014-04-07 19:53 . 2014-04-07 19:53	211184	----a-w-	c:\windows\system32\SRSTSH64.dll
2014-04-07 19:53 . 2014-04-07 19:53	198896	----a-w-	c:\windows\system32\SRSHP64.dll
2014-04-07 19:53 . 2014-04-07 19:53	162224	----a-w-	c:\windows\system32\toseaeapo64.dll
2014-04-07 19:53 . 2014-04-07 19:53	155888	----a-w-	c:\windows\system32\SRSWOW64.dll
2014-04-07 19:53 . 2014-04-07 19:53	148416	----a-w-	c:\windows\system32\tadefxapo.dll
2014-04-07 19:53 . 2014-04-07 19:53	1361336	----a-w-	c:\windows\system32\tosade.dll
2014-04-07 19:53 . 2014-04-07 19:53	78688	----a-w-	c:\windows\system32\SFAPO64.dll
2014-04-07 19:53 . 2014-04-07 19:53	78680	----a-w-	c:\windows\system32\RTEEG64A.dll
2014-04-07 19:53 . 2014-04-07 19:53	375128	----a-w-	c:\windows\system32\RTEEP64A.dll
2014-04-07 19:53 . 2014-04-07 19:53	331880	----a-w-	c:\windows\system32\RtlCPAPI64.dll
2014-04-07 19:53 . 2014-04-07 19:53	310104	----a-w-	c:\windows\system32\RP3DHT64.dll
2014-04-07 19:53 . 2014-04-07 19:53	310104	----a-w-	c:\windows\system32\RP3DAA64.dll
2014-04-07 19:53 . 2014-04-07 19:53	204120	----a-w-	c:\windows\system32\RTEED64A.dll
2014-04-07 19:53 . 2014-04-07 19:53	149608	----a-w-	c:\windows\system32\RtkCfg64.dll
2014-04-07 19:53 . 2014-04-07 19:53	14952	----a-w-	c:\windows\system32\RtkCoLDR64.dll
2014-04-07 19:53 . 2014-04-07 19:53	1286872	----a-w-	c:\windows\system32\RTCOM64.dll
2014-04-07 19:53 . 2014-04-07 19:53	101208	----a-w-	c:\windows\system32\RTEEL64A.dll
2014-04-07 19:53 . 2014-04-07 19:53	7164176	----a-w-	c:\windows\system32\R4EEP64A.dll
2014-04-07 19:53 . 2014-04-07 19:53	906800	----a-w-	c:\windows\system32\MISS_APO.dll
2014-04-07 19:53 . 2014-04-07 19:53	75024	----a-w-	c:\windows\system32\R4EEG64A.dll
2014-04-07 19:53 . 2014-04-07 19:53	662784	----a-w-	c:\windows\system32\MaxxVolumeSDAPO.dll
2014-04-07 19:53 . 2014-04-07 19:53	434960	----a-w-	c:\windows\system32\R4EED64A.dll
2014-04-07 19:53 . 2014-04-07 19:53	141584	----a-w-	c:\windows\system32\R4EEL64A.dll
2014-04-07 19:53 . 2014-04-07 19:53	1313904	----a-w-	c:\windows\system32\MaxxSpeechAPO64.dll
2014-04-07 19:53 . 2014-04-07 19:53	124176	----a-w-	c:\windows\system32\R4EEA64A.dll
2014-04-07 19:53 . 2014-04-07 19:53	663296	----a-w-	c:\windows\system32\MaxxAudioAPO30.dll
2014-04-07 19:53 . 2014-04-07 19:53	318808	----a-w-	c:\windows\system32\MaxxAudioAPO20.dll
2014-04-07 19:53 . 2014-04-07 19:53	603984	----a-w-	c:\windows\system32\KAAPORT64.dll
2014-04-07 19:53 . 2014-04-07 19:53	728680	----a-w-	c:\windows\system32\DTSBassEnhancementDLL64.dll
2014-04-07 19:53 . 2014-04-07 19:53	712296	----a-w-	c:\windows\system32\DTSSymmetryDLL64.dll
2014-04-07 19:53 . 2014-04-07 19:53	693352	----a-w-	c:\windows\system32\DTSVoiceClarityDLL64.dll
2014-04-07 19:53 . 2014-04-07 19:53	501184	----a-w-	c:\windows\system32\DTSU2PLFX64.dll
2014-04-07 19:53 . 2014-04-07 19:53	491112	----a-w-	c:\windows\system32\DTSNeoPCDLL64.dll
2014-04-07 19:53 . 2014-04-07 19:53	487360	----a-w-	c:\windows\system32\DTSU2PGFX64.dll
2014-04-07 19:53 . 2014-04-07 19:53	432744	----a-w-	c:\windows\system32\DTSLimiterDLL64.dll
2014-04-07 19:53 . 2014-04-07 19:53	428648	----a-w-	c:\windows\system32\DTSGainCompensatorDLL64.dll
2014-04-07 19:53 . 2014-04-07 19:53	415680	----a-w-	c:\windows\system32\DTSU2PREC64.dll
2014-04-07 19:53 . 2014-04-07 19:53	242792	----a-w-	c:\windows\system32\DTSLFXAPO64.dll
2014-04-07 19:53 . 2014-04-07 19:53	242792	----a-w-	c:\windows\system32\DTSGFXAPO64.dll
2014-04-07 19:53 . 2014-04-07 19:53	241768	----a-w-	c:\windows\system32\DTSGFXAPONS64.dll
2014-04-07 19:53 . 2014-04-07 19:53	1756264	----a-w-	c:\windows\system32\DTSS2SpeakerDLL64.dll
2014-04-07 19:53 . 2014-04-07 19:53	1568360	----a-w-	c:\windows\system32\DTSS2HeadphoneDLL64.dll
2014-04-07 19:53 . 2014-04-07 19:53	1486952	----a-w-	c:\windows\system32\DTSBoostDLL64.dll
2014-04-07 19:53 . 2014-04-07 19:53	209096	----a-w-	c:\windows\system32\AERTAC64.dll
2014-04-07 19:53 . 2014-04-07 19:53	113576	----a-w-	c:\windows\system32\CONEQMSAPOGUILibrary.dll
2014-04-07 19:53 . 2014-04-07 19:53	109848	----a-w-	c:\windows\system32\AcpiServiceVnA64.dll
2014-04-07 19:53 . 2014-04-07 19:53	108640	----a-w-	c:\windows\system32\AERTAR64.dll
2014-04-07 19:52 . 2014-04-07 19:52	128200	----a-w-	c:\windows\system32\drivers\L1C62x64.sys
2014-04-07 15:46 . 2014-04-07 15:46	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2014-04-07 15:46 . 2014-04-07 15:46	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2014-04-07 15:46 . 2014-04-07 15:46	235008	----a-w-	c:\windows\system32\elshyph.dll
2014-04-07 15:46 . 2014-04-07 15:46	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-04-07 15:46 . 2014-04-07 15:46	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2014-04-07 15:46 . 2014-04-07 15:46	337408	----a-w-	c:\windows\SysWow64\html.iec
2014-04-07 15:46 . 2014-04-07 15:46	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2014-04-07 15:46 . 2014-04-07 15:46	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2014-04-07 15:46 . 2014-04-07 15:46	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2014-04-07 15:46 . 2014-04-07 15:46	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2014-04-07 15:46 . 2014-04-07 15:46	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2014-04-07 15:46 . 2014-04-07 15:46	942592	----a-w-	c:\windows\system32\jsIntl.dll
2014-04-07 15:46 . 2014-04-07 15:46	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2014-04-07 15:46 . 2014-04-07 15:46	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2014-04-07 15:46 . 2014-04-07 15:46	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2014-04-07 15:46 . 2014-04-07 15:46	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2014-04-07 15:46 . 2014-04-07 15:46	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2014-04-07 15:46 . 2014-04-07 15:46	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2014-04-07 15:46 . 2014-04-07 15:46	247808	----a-w-	c:\windows\system32\msls31.dll
2014-04-07 15:46 . 2014-04-07 15:46	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2014-04-07 15:46 . 2014-04-07 15:46	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2014-04-07 15:46 . 2014-04-07 15:46	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2014-04-07 15:46 . 2014-04-07 15:46	81408	----a-w-	c:\windows\system32\icardie.dll
2014-04-07 15:46 . 2014-04-07 15:46	77312	----a-w-	c:\windows\system32\tdc.ocx
2014-04-07 15:46 . 2014-04-07 15:46	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2014-04-07 15:46 . 2014-04-07 15:46	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2014-04-07 15:46 . 2014-04-07 15:46	48640	----a-w-	c:\windows\system32\mshtmler.dll
2014-04-07 15:46 . 2014-04-07 15:46	413696	----a-w-	c:\windows\system32\html.iec
2014-04-07 15:46 . 2014-04-07 15:46	30208	----a-w-	c:\windows\system32\licmgr10.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\DirOfEngineering\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\DirOfEngineering\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\DirOfEngineering\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\DirOfEngineering\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartRAM"="c:\iobit_toolbox\tools\Suo10_SmartRAM.exe" [2014-05-01 845144]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PSUAMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2013-10-19 32736]
"SystemExplorerAutoStart"="c:\program files (x86)\System Explorer\SystemExplorer.exe" [2014-05-12 4008296]
"Autorun Eater"="c:\program files (x86)\Autorun Eater\oldmcdonald.exe" [2012-02-17 522720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0SmartDefragBootTime.exe
Supplementary scan did not complete!
.
.
.
