ComboFix 11-05-23.02 - filipino . 05. 2011 22:00:43.1.1 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1029.18.2937.1630 [GMT 2:00]
Running from: c:\users\filipino\Downloads\ComboFix.exe
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-04-23 to 2011-05-23 )))))))))))))))))))))))))))))))
.
.
2011-05-23 20:15 . 2011-05-23 20:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-05-23 07:58 . 2011-05-23 07:58 -------- d-----w- c:\program files (x86)\7-Zip
2011-05-20 16:34 . 2011-05-09 22:00 8718160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{808341C9-CBF3-439E-A5DC-EFB1FB936831}\mpengine.dll
2011-05-20 06:31 . 2011-05-20 06:31 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-18 19:43 . 2011-05-18 19:43 -------- d-----w- c:\users\filipino\AppData\Roaming\Malwarebytes
2011-05-18 19:43 . 2010-12-20 16:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-05-18 19:43 . 2011-05-18 19:43 -------- d-----w- c:\programdata\Malwarebytes
2011-05-18 19:43 . 2010-12-20 16:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-18 19:43 . 2011-05-18 19:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-05-17 18:44 . 2011-05-17 18:44 -------- d-----w- c:\program files (x86)\EPSON Projector
2011-05-13 10:00 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2011-05-13 10:00 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2011-05-11 06:29 . 2011-04-09 06:45 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-05-11 06:29 . 2011-04-09 06:13 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-05-11 06:29 . 2011-04-09 06:13 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-05-11 06:29 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-05-11 06:29 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-05-11 06:29 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-05-11 06:29 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-05-11 06:29 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-05-11 06:29 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-05-11 06:29 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-05-09 10:35 . 2011-05-09 10:35 0 ---ha-w- c:\users\filipino\AppData\Local\BIT9987.tmp
2011-04-28 05:50 . 2011-02-26 06:23 2870272 ----a-w- c:\windows\explorer.exe
2011-04-28 05:50 . 2011-02-26 05:33 2614784 ----a-w- c:\windows\SysWow64\explorer.exe
2011-04-28 05:50 . 2011-03-12 12:03 662528 ----a-w- c:\windows\system32\XpsPrint.dll
2011-04-28 05:50 . 2011-03-12 11:31 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-04-27 14:57 . 2011-04-27 14:57 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-13 19:40 . 2011-04-13 19:40 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2011-04-13 19:40 . 2011-04-13 19:40 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2011-04-13 19:40 . 2011-04-13 19:40 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-04-13 19:40 . 2011-04-13 19:40 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2011-04-13 19:40 . 2011-04-13 19:40 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2011-04-13 19:40 . 2011-04-13 19:40 367104 ----a-w- c:\windows\SysWow64\html.iec
2011-04-13 19:40 . 2011-04-13 19:40 1797632 ----a-w- c:\windows\SysWow64\jscript9.dll
2011-04-13 19:40 . 2011-04-13 19:40 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2011-04-13 19:40 . 2011-04-13 19:40 1126912 ----a-w- c:\windows\SysWow64\wininet.dll
2011-04-13 19:40 . 2011-04-13 19:40 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2011-04-13 19:40 . 2011-04-13 19:40 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2011-04-13 19:40 . 2011-04-13 19:40 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-04-13 19:40 . 2011-04-13 19:40 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2011-04-13 19:40 . 2011-04-13 19:40 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2011-04-13 19:40 . 2011-04-13 19:40 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2011-04-13 19:40 . 2011-04-13 19:40 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2011-04-13 19:40 . 2011-04-13 19:40 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2011-04-13 19:40 . 2011-04-13 19:40 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2011-04-13 19:40 . 2011-04-13 19:40 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2011-04-13 19:40 . 2011-04-13 19:40 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2011-04-13 19:40 . 2011-04-13 19:40 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2011-04-13 19:40 . 2011-04-13 19:40 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-13 19:40 . 2011-04-13 19:40 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-13 19:40 . 2011-04-13 19:40 85504 ----a-w- c:\windows\system32\iesetup.dll
2011-04-13 19:40 . 2011-04-13 19:40 76800 ----a-w- c:\windows\system32\tdc.ocx
2011-04-13 19:40 . 2011-04-13 19:40 603648 ----a-w- c:\windows\system32\vbscript.dll
2011-04-13 19:40 . 2011-04-13 19:40 49664 ----a-w- c:\windows\system32\imgutil.dll
2011-04-13 19:40 . 2011-04-13 19:40 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-13 19:40 . 2011-04-13 19:40 448512 ----a-w- c:\windows\system32\html.iec
2011-04-13 19:40 . 2011-04-13 19:40 30720 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-13 19:40 . 2011-04-13 19:40 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-13 19:40 . 2011-04-13 19:40 2303488 ----a-w- c:\windows\system32\jscript9.dll
2011-04-13 19:40 . 2011-04-13 19:40 222208 ----a-w- c:\windows\system32\msls31.dll
2011-04-13 19:40 . 2011-04-13 19:40 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-13 19:40 . 2011-04-13 19:40 165888 ----a-w- c:\windows\system32\iexpress.exe
2011-04-13 19:40 . 2011-04-13 19:40 160256 ----a-w- c:\windows\system32\wextract.exe
2011-04-13 19:40 . 2011-04-13 19:40 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-13 19:40 . 2011-04-13 19:40 1389056 ----a-w- c:\windows\system32\wininet.dll
2011-04-13 19:40 . 2011-04-13 19:40 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-13 19:40 . 2011-04-13 19:40 12288 ----a-w- c:\windows\system32\mshta.exe
2011-04-13 19:40 . 2011-04-13 19:40 114176 ----a-w- c:\windows\system32\admparse.dll
2011-04-13 19:40 . 2011-04-13 19:40 111616 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-05 13:04 . 2010-06-03 20:00 135168 ----a-w- c:\windows\system32\drivers\ZTEusbnet.sys
2011-04-05 13:04 . 2010-06-03 20:00 119680 ----a-w- c:\windows\system32\drivers\ZTEusbser6k.sys
2011-04-05 13:04 . 2010-06-03 20:00 119680 ----a-w- c:\windows\system32\drivers\ZTEusbnmea.sys
2011-04-05 13:04 . 2010-06-03 20:00 119680 ----a-w- c:\windows\system32\drivers\ZTEusbmdm6k.sys
2011-04-05 13:04 . 2010-06-03 20:00 11776 ----a-w- c:\windows\system32\drivers\massfilter.sys
2011-03-11 06:19 . 2011-04-13 19:24 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-03-11 06:19 . 2011-04-13 19:24 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-03-11 05:40 . 2011-04-13 19:24 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-03-11 05:40 . 2011-04-13 19:24 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-03-08 06:14 . 2011-04-13 19:24 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-08 05:38 . 2011-04-13 19:24 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-03-04 06:17 . 2011-04-28 05:49 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2011-03-04 06:17 . 2011-04-28 05:49 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2011-03-03 06:17 . 2011-04-13 19:24 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-03-03 06:14 . 2011-04-13 19:24 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-03-03 05:27 . 2011-04-13 19:24 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-03-03 03:58 . 2011-04-13 19:24 3133440 ----a-w- c:\windows\system32\win32k.sys
2011-02-24 06:30 . 2011-04-15 06:15 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-02-24 05:32 . 2011-04-15 06:15 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-02-23 05:16 . 2011-04-13 19:24 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-23 05:16 . 2011-04-13 19:24 401920 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-02-23 05:15 . 2011-04-13 19:24 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-02-23 05:15 . 2011-04-13 19:24 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-23 05:15 . 2011-04-13 19:24 286720 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-02-23 05:15 . 2011-04-13 19:24 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-02-23 05:15 . 2011-04-13 19:24 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-29 39408]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-14 221184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-21 83336]
"ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-11-29 1294712]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2009-08-11 2446648]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-03-17 421888]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-14 81920]
"EPSON_UD_START"="c:\program files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UD.exe" [2010-06-09 329704]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2009-8-6 2680160]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-03 136176]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-03 136176]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 Samsung UPD Service;Samsung UPD Service;c:\windows\System32\SUPDSvc.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2009-08-10 248688]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2009-07-14 42368]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-03-10 46448]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2010-07-02 810144]
S2 EMP_UDSA;EMP_UDSA;c:\program files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [2010-06-09 104424]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [2010-10-26 124368]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2009-08-27 251760]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [x]
S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-11-29 54136]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2009-09-17 137560]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2009-08-04 826224]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-03 19:45]
.
2011-05-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-06-03 19:45]
.
2011-05-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-984472848-3492997605-4012346626-1002Core.job
- c:\users\filipino\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-05 05:24]
.
2011-05-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-984472848-3492997605-4012346626-1002UA.job
- c:\users\filipino\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-05 05:24]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2010-10-26 1050072]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 365592]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2009-07-20 503864]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-05-29 1794856]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-09-17 709976]
"TosVolRegulator"="c:\windows\TosVolRegulator_x64.exe" [2009-09-04 47928]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2009-08-25 134032]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-07-02 2903688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://mypemic.sk/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: {081CF3E9-3596-4D4E-B31A-9A41583D7A56} = 217.73.17.2,217.73.16.2
FF - ProfilePath - c:\users\filipino\AppData\Roaming\Mozilla\Firefox\Profiles\6u9m06de.default\
FF - prefs.js: keyword.URL - hxxp://
www.google.com/search?sourceid=navclient&hl=sk&q=
FF - prefs.js: network.proxy.type - 0
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Firebug:
firebug@software.joehewitt.com - %profile%\extensions\
firebug@software.joehewitt.com
FF - Ext: Page Speed: {e3f6c2cc-d8db-498c-af6c-499fb211db97} - %profile%\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-TUSBSleepChargeSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-ConexantAudioPatch - c:\program files (x86)\ConexantAudioPatch\Audioreset.exe
AddRemove-InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E} - c:\program files\TOSHIBA\TVAP\Setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-05-23 22:40:04
ComboFix-quarantined-files.txt 2011-05-23 20:39
.
Pre-Run: Volných bajtů: 126 667 624 448
Post-Run: Volných bajtů: 127 369 482 240
.
- - End Of File - - B8A61E339133E072B9EE8FF48E54D03A
Přispějete na provoz fóra?