Need Help For Analyze ComboFix Log

Recently i just use ComboFix
It says i need helper to Analyze the log
Here is the log:

ComboFix 13-04-12.02 - Xillus 4/2013 Sun 12:25:37.1.1 - x86
Microsoft Windows 7 Enterprise 6.1.7601.1.936.86.1033.18.1014.481 [GMT -7:00]
Executive position: c:\users\Xillus\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Deleted files )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Autorun.inf
c:\windows\KwYlx.dat
.
.
((((((((((((((((((((((((( New Files From 2013-03-14 to 2013-04-14 )))))))))))))))))))))))))))))))
.
.
2013-04-14 19:32 . 2013-04-14 19:43 -------- d-----w- c:\users\Xillus\AppData\Local\temp
2013-04-14 18:36 . 2013-04-14 18:36 -------- d-----w- c:\users\bin\AppData\Roaming\Malwarebytes
2013-04-14 17:45 . 2013-04-14 17:45 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AF741729-4651-4CD0-909D-8352C4CAC936}\offreg.dll
2013-04-14 08:10 . 2013-04-14 08:10 -------- d-----w- c:\users\Xillus\AppData\Roaming\Malwarebytes
2013-04-14 08:10 . 2013-04-14 08:10 -------- d-----w- c:\programdata\Malwarebytes
2013-04-14 08:10 . 2013-04-14 08:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-04-14 08:10 . 2013-04-04 21:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-14 08:10 . 2013-04-14 08:10 -------- d-----w- c:\users\Xillus\AppData\Local\Programs
2013-04-13 18:50 . 2013-04-13 18:50 -------- d-----w- c:\users\bin\AppData\Roaming\Yahoo!
2013-04-13 06:40 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\system32\mstscax.dll
2013-04-13 06:40 . 2013-02-15 04:34 131584 ----a-w- c:\windows\system32\aaclient.dll
2013-04-13 06:40 . 2013-02-15 03:25 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-13 06:40 . 2013-03-01 03:09 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-04-13 06:40 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-13 06:40 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-04-13 06:40 . 2013-03-19 04:48 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-13 06:40 . 2013-03-19 02:49 69632 ----a-w- c:\windows\system32\smss.exe
2013-03-31 07:07 . 2013-03-31 07:48 -------- d-----w- C:\Kuai8Games
2013-03-31 07:03 . 2013-04-06 00:08 -------- d-----w- c:\users\bin\AppData\Roaming\Kuai8
2013-03-30 00:40 . 2013-03-30 00:40 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-29 05:46 . 2013-03-29 19:55 -------- d-----w- c:\users\Xillus\funshion
2013-03-26 04:22 . 2013-03-26 04:23 -------- d-----w- c:\users\Public\Thunder Network
2013-03-26 04:22 . 2013-03-26 04:22 -------- d-----w- c:\programdata\Thunder Network
2013-03-23 01:38 . 2013-03-23 01:38 -------- d-----w- c:\users\bin\AppData\Roaming\FreemakeVideoDownloader
2013-03-23 01:31 . 2013-03-23 01:34 -------- d-----w- c:\programdata\Freemake
2013-03-23 01:31 . 2013-02-25 19:47 8013376 ----a-w- c:\program files\Internet Explorer\Microsoft.mshtml.dll
2013-03-23 01:31 . 2013-03-23 01:31 -------- d-----w- c:\program files\Freemake
2013-03-23 00:04 . 2013-03-23 00:04 -------- d-----w- c:\users\bin\AppData\Roaming\xim
2013-03-23 00:04 . 2013-03-23 00:04 -------- d-----w- c:\users\bin\AppData\Roaming\GarenaPlus
2013-03-17 21:36 . 2013-03-17 21:36 -------- d-----w- c:\users\Xillus\AppData\Roaming\Yahoo!
2013-03-17 21:36 . 2013-03-17 21:36 -------- d-----w- c:\programdata\Yahoo! Companion
2013-03-17 21:36 . 2013-03-17 21:36 -------- d-----w- c:\program files\Yahoo!
2013-03-17 21:36 . 2013-03-17 21:36 -------- d-----w- c:\program files\CCleaner
2013-03-17 04:38 . 2013-03-17 04:42 -------- d-----w- c:\program files\Garena Plus
2013-03-16 21:36 . 2013-02-12 03:32 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Modified files within three months ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-15 19:26 . 2012-10-11 23:35 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-15 19:26 . 2012-10-11 23:35 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-26 23:01 . 2012-12-10 05:48 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2013-01-14 21:07 . 2013-01-14 21:07 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note * blank legal default login will not be displayed
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2}]
2012-05-05 02:29 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Download Accelerator Manager"="c:\program files\Tensons\Download Accelerator Manager\daman.exe" [2012-10-01 783872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200804]
Ime File REG_SZ GOOGLEPINYIN2.IME
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Download Accelerator Manager]
2012-10-01 17:43 783872 ----a-w- c:\program files\Tensons\Download Accelerator Manager\daman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-09-24 02:30 247320 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-09-24 02:30 285208 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-09-24 02:30 220184 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2011-04-08 20:59 336616 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R3 dmvsc;dmvsc;c:\windows\system32\DRIVERS\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\DRIVERS\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\DRIVERS\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;g:\game booster 3\Driver\WinRing0.sys [x]
R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;e:\advanced systemcare 6\ASCService.exe [x]
R4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.207\McCHSvc.exe [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-13 06:53 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
'Scheduled Tasks' folder in the content
.
2013-04-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-11 19:26]
.
2013-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-10 06:33]
.
2013-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-10 06:33]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{8FE8FCA9-D234-2AAD-AEE3-2277510BAE53} - c:\program files\BaiduAddr\{8FE8FCA9-D234-2AAD-AEE3-2277510BAE53}\AddressBar.dll
HKU-Default-Run-PPS Accelerator - c:\program files\PPStream\PPSKernel.exe
MSConfigStartUp-ChengZi - c:\program files\chengzi\haochengzi-1681900000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\!j遙篘u
T泏^)Y0W *塠艌z廭]
"DisplayName"="Sims - magical world installer"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other running processes ------------------------
.
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\conhost.exe
c:\windows\System32\slui.exe
.
**************************************************************************
.
Completion Time: 2013-04-14 12:47:02 - The computer has been restarted
ComboFix-quarantined-files.txt 2013-04-14 19:47
.
Pre-Run: 75,236,798,464 bytes free
Post-Run: 75,179,696,128 bytes free
.
- - End Of File - - C78DDC59E96DB03CC72D8DD1F6635447



Someone pls help.....................:frown:

Attached Files

log.txt (11.7 KB)