Pomalý PC
Napsal: 15 pro 2010 14:16
PC štartuje veľmi pomaly. Programy sa zasekávajú, Nejde spustiť Firefox ani Internet Explorer, len Google Chrome. Nejde vypnúť - stále svieti modrá obrazovka s hláškou ..Vypína sa´´ Urobil som log s Combofixom v safe mode. Prosím o kontrolu. Ďakujem
ComboFix 10-12-14.01 - Vlado . 12. 2010 22:36:09.2.1 - x86 NETWORK
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.1023.414 [GMT 1:00]
Running from: c:\users\Vlado\Downloads\ComboFix.exe
SP: Spyware Doctor *Enabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: STOPzilla Anti-Spyware *Enabled/Updated* {B2E69928-50DC-94CA-6A80-AAB054008761}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\programdata\hpe412D.dll
c:\programdata\hpe720F.dll
c:\windows\system32\ps2.bat
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_AFPANSI
-------\Service_AFPAnsi
((((((((((((((((((((((((( Files Created from 2010-11-14 to 2010-12-14 )))))))))))))))))))))))))))))))
.
2010-12-14 21:50 . 2010-12-14 21:50 -------- d-----w- c:\users\Ocko.Vlado-PC\AppData\Local\temp
2010-12-14 21:50 . 2010-12-14 21:50 -------- d-----w- c:\users\Maťa.Vlado-PC\AppData\Local\temp
2010-12-14 21:50 . 2010-12-14 21:50 -------- d-----w- c:\users\Mamka.Vlado-PC\AppData\Local\temp
2010-12-14 21:32 . 2010-12-14 21:34 -------- d-----w- C:\32788R22FWJFW
2010-12-14 19:22 . 2010-12-14 21:50 -------- d-----w- c:\users\Vlado\AppData\Local\temp
2010-12-14 17:06 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3EED93D0-67A7-4472-B5D7-1B0CF4C4A932}\mpengine.dll
2010-12-14 17:05 . 2010-12-14 17:06 -------- d-----w- C:\21d5e6368849b8348758
2010-12-14 15:54 . 2010-12-14 15:54 -------- d-----w- c:\programdata\GroupPolicy
2010-12-14 15:41 . 2010-12-14 19:25 -------- d-----w- c:\windows\system32\catroot2
2010-12-14 15:33 . 2010-12-14 15:33 -------- d-----w- c:\program files\Yamicsoft
2010-12-14 14:15 . 2010-12-14 14:28 -------- d-----w- c:\programdata\PCPitstop
2010-12-14 14:15 . 2010-12-14 14:37 -------- d-----w- c:\program files\PCPitstop
2010-12-13 20:36 . 2010-12-13 20:36 -------- dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-12-13 20:35 . 2010-12-13 20:37 -------- d-----w- c:\programdata\Lavasoft
2010-12-13 20:10 . 2010-12-13 20:11 -------- d-----w- c:\program files\trend micro
2010-12-13 20:10 . 2010-12-13 20:12 -------- d-----w- C:\rsit
2010-12-13 17:27 . 2010-12-14 14:43 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-12-13 17:27 . 2010-12-13 17:30 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-12-13 16:53 . 2010-12-13 16:54 -------- d-----w- c:\users\Vlado\AppData\Roaming\ScanSpyware
2010-12-13 16:53 . 2008-09-07 16:22 8704 ----a-w- c:\windows\system32\ssbtsr.exe
2010-12-13 16:53 . 2010-12-13 16:53 -------- d-----w- c:\program files\ScanSpyware
2010-12-13 16:47 . 2010-12-13 16:47 80 ---ha-w- C:\aaw7boot.cmd
2010-12-13 15:38 . 2009-09-11 17:33 5974016 ----a-w- c:\windows\system32\vbsbak.dat
2010-12-13 15:38 . 2008-02-24 15:17 11264 ----a-w- c:\windows\system32\drivers\supermounter.sys
2010-12-13 15:38 . 2007-03-11 20:39 44000 ----a-w- c:\windows\system32\drivers\AFPUni.sys
2010-12-13 15:38 . 2007-03-11 20:39 43936 ----a-w- c:\windows\system32\drivers\AFPAnsi.sys
2010-12-13 15:38 . 2008-08-07 22:13 1473536 ----a-w- c:\windows\system32\context.dll
2010-12-13 15:38 . 2008-02-28 08:43 56 ----a-w- c:\windows\system32\vb6sock.dll
2010-12-13 15:38 . 2003-10-16 21:56 6144 ----a-w- c:\windows\system32\SuperRes.dll
2010-12-13 15:38 . 2003-10-11 09:24 89088 ----a-w- c:\windows\system32\Shreder.dll
2010-12-13 15:38 . 2003-09-06 21:32 73728 ----a-w- c:\windows\system32\smh.dat
2010-12-13 15:38 . 2010-12-13 15:38 -------- d-----w- c:\program files\SuperLogix
2010-12-13 15:26 . 2010-02-04 15:53 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-12-12 18:05 . 2010-12-12 18:47 -------- d-----w- c:\program files\STOPzilla!
2010-12-12 18:05 . 2010-12-12 18:05 -------- d-----w- c:\program files\Common Files\iS3
2010-12-12 18:05 . 2010-12-14 20:51 -------- d-----w- c:\programdata\STOPzilla!
2010-12-12 13:23 . 2010-01-22 08:56 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-12-12 13:23 . 2010-01-22 08:55 767952 ----a-w- c:\windows\BDTSupport.dll
2010-12-12 13:23 . 2010-01-22 08:56 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-12-12 13:23 . 2010-01-22 08:56 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-12-12 13:23 . 2010-02-05 08:18 100136 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2010-12-12 13:23 . 2010-02-05 08:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-12-12 13:22 . 2010-03-29 09:06 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-12-12 13:22 . 2009-11-23 12:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-12-12 13:22 . 2010-04-08 13:29 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-12-12 13:22 . 2010-12-12 13:23 -------- d-----w- c:\program files\Common Files\PC Tools
2010-12-12 13:22 . 2010-12-14 20:47 -------- d-----w- c:\program files\Spyware Doctor
2010-12-12 13:22 . 2010-12-12 13:22 -------- d-----w- c:\users\Vlado\AppData\Roaming\PC Tools
2010-12-12 13:22 . 2010-12-12 13:22 -------- d-----w- c:\programdata\PC Tools
2010-12-12 12:47 . 2010-12-13 20:36 -------- d-----w- c:\program files\Lavasoft
2010-12-12 12:05 . 2010-12-13 16:15 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-12-12 12:03 . 2010-12-12 12:03 -------- d-----w- c:\users\Vlado\AppData\Local\Sunbelt Software
2010-12-11 13:49 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-11 13:49 . 2010-12-11 13:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-11 13:49 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-11 13:42 . 2010-12-11 13:42 -------- d---a-w- c:\windows\rundll16.exe
2010-12-11 13:42 . 2010-12-11 13:42 -------- d---a-w- c:\windows\logo1_.exe
2010-12-11 12:38 . 2010-12-11 12:38 -------- d-----w- c:\users\Vlado\AppData\Roaming\Simply Super Software
2010-12-10 18:27 . 2010-12-10 18:27 -------- d-----w- c:\users\Vlado\AppData\Roaming\dvdcss
2010-12-10 10:51 . 2010-12-10 10:51 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2010-12-10 10:51 . 2010-12-10 10:51 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2010-12-10 10:51 . 2010-12-10 10:51 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2010-12-10 10:51 . 2010-12-10 10:51 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2010-12-10 10:51 . 2010-12-10 10:51 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2010-12-10 10:51 . 2010-12-10 10:51 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2010-12-10 10:51 . 2010-12-10 10:51 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2010-12-10 10:51 . 2010-12-10 10:51 -------- d-----w- c:\program files\QuickTime
2010-12-09 20:04 . 2010-12-10 10:24 -------- d-----w- c:\windows\system32\drivers\NIS\1205000.07D
2010-12-09 16:43 . 2010-12-09 16:43 -------- d-----w- c:\windows\system32\wbem\Logs
2010-12-09 16:38 . 2010-12-09 16:38 132560 ----a-r- c:\windows\system32\IS3HTUI5.dll
2010-12-09 16:38 . 2010-12-09 16:38 546256 ----a-r- c:\windows\system32\SZComp5.dll
2010-12-09 16:38 . 2010-12-09 16:38 452048 ----a-r- c:\windows\system32\SZBase5.dll
2010-12-09 16:38 . 2010-12-09 16:38 398800 ----a-r- c:\windows\system32\IS3DBA5.dll
2010-12-09 16:38 . 2010-12-09 16:38 28624 ----a-r- c:\windows\system32\IS3XDat5.dll
2010-12-09 16:38 . 2010-12-09 16:38 22992 ----a-r- c:\windows\system32\SZIO5.dll
2010-12-09 16:38 . 2010-12-09 16:38 99792 ----a-r- c:\windows\system32\IS3Svc5.dll
2010-12-09 16:38 . 2010-12-09 16:38 99792 ----a-r- c:\windows\system32\IS3Inet5.dll
2010-12-09 16:38 . 2010-12-09 16:38 67024 ----a-r- c:\windows\system32\IS3Hks5.dll
2010-12-09 16:38 . 2010-12-09 16:38 390608 ----a-r- c:\windows\system32\IS3UI5.dll
2010-12-09 16:38 . 2010-12-09 16:38 738768 ----a-r- c:\windows\system32\IS3Base5.dll
2010-12-09 16:38 . 2010-12-09 16:38 230864 ----a-r- c:\windows\system32\IS3Win325.dll
2010-12-09 16:37 . 2010-12-09 16:37 -------- d-----w- c:\program files\Temp File Cleanup
2010-12-07 14:01 . 2010-12-07 14:01 -------- d-----w- c:\users\Vlado\AppData\Roaming\EPSON
2010-12-06 19:38 . 2010-12-06 19:38 -------- d-----w- c:\programdata\UDL
2010-12-06 19:37 . 2010-12-06 19:37 -------- d-----w- c:\program files\Epson Software
2010-12-06 19:34 . 2010-12-07 14:02 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
2010-12-06 19:31 . 2007-06-21 23:10 501912 ----a-w- c:\windows\system32\PICSDK2.dll
2010-12-06 19:31 . 2006-10-30 23:10 71840 ----a-w- c:\windows\system32\EPPicMgr.dll
2010-12-06 19:31 . 2006-10-30 23:10 120992 ----a-w- c:\windows\system32\EpPicPrt.dll
2010-12-06 19:31 . 2006-10-19 23:10 80024 ----a-w- c:\windows\system32\PICSDK.dll
2010-12-06 19:31 . 2006-10-19 23:10 108704 ----a-w- c:\windows\system32\PICEntry.dll
2010-12-06 19:31 . 2010-12-06 19:31 -------- d-----w- c:\users\Vlado\AppData\Roaming\InstallShield
2010-12-06 19:30 . 2007-04-10 19:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2010-12-06 19:30 . 2008-08-08 20:09 86528 ----a-w- c:\windows\system32\E_FLBFCE.DLL
2010-12-06 19:30 . 2007-12-07 20:01 78848 ----a-w- c:\windows\system32\E_FD4BFCE.DLL
2010-12-06 19:30 . 2010-12-06 19:46 -------- d-----w- c:\programdata\EPSON
2010-12-06 19:29 . 2008-11-16 23:00 342016 ----a-w- c:\windows\system32\eswiaud.dll
2010-12-06 19:27 . 2010-12-06 19:33 -------- d-----w- c:\program files\epson
2010-12-05 18:29 . 2010-12-05 18:29 -------- d-----w- c:\program files\Microsoft Silverlight
2010-12-04 11:18 . 2010-12-04 11:18 -------- d-----w- c:\programdata\ATI
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-26 15:14 . 2010-11-26 15:33 -------- d-----w- c:\program files\Common Files\Sony Shared
2010-11-26 15:09 . 2010-11-26 15:10 -------- d-----w- c:\program files\Sony Media Go Install
2010-11-24 14:06 . 2010-10-19 08:10 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-17 08:40 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-11-17 08:40 . 2007-04-04 17:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2010-11-16 10:06 . 2010-11-16 10:06 -------- d-----w- c:\program files\Common Files\xing shared
2010-11-16 10:05 . 2010-11-16 10:06 -------- d-----w- c:\program files\Real
2010-11-16 10:05 . 2010-11-16 11:35 -------- d-----w- c:\users\Vlado\AppData\Local\Digsby
2010-11-16 10:05 . 2010-11-16 10:05 -------- d-----w- c:\users\Vlado\AppData\Roaming\Digsby
2010-11-16 10:05 . 2010-11-16 10:05 -------- d-----w- c:\programdata\Digsby
2010-11-16 10:01 . 2010-12-09 16:52 -------- d-----w- c:\program files\Digsby
2010-11-16 10:00 . 2010-11-16 10:00 -------- d-----w- c:\program files\Common Files\Winferno
2010-11-16 10:00 . 2006-10-09 12:06 495616 ----a-w- c:\windows\system32\WINUTIL5.DLL
2010-11-16 10:00 . 2006-05-17 07:40 393216 ----a-w- c:\windows\system32\WINLCTL5.DLL
2010-11-16 10:00 . 2006-10-09 11:28 835584 ----a-w- c:\windows\system32\WINCTL4.OCX
2010-11-16 09:59 . 2006-07-24 07:56 212240 ----a-w- c:\windows\system32\Richtx32.ocx
2010-11-16 09:59 . 2010-12-13 19:09 -------- d-----w- c:\program files\Free Offers from Freeze.com
2010-11-16 09:59 . 2010-11-16 09:59 -------- d-----w- c:\program files\Winferno
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-05 11:35 . 2010-12-05 11:32 10540952 ----a-w- c:\windows\REGBK03.ZIP
2010-11-16 10:05 . 2005-09-28 12:31 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-11-16 10:05 . 2005-09-28 12:31 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-10 16:03 . 2010-11-10 16:03 126512 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-11-03 15:02 . 2010-11-03 15:02 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-10-28 16:24 . 2010-10-28 16:24 10536 ----a-w- c:\windows\system32\drivers\hmonitor45.sys
2010-10-28 14:18 . 2010-10-28 14:14 2038935 ----a-w- c:\windows\REGBK02.ZIP
2010-10-27 03:59 . 2010-10-27 03:59 6573568 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-10-27 03:08 . 2010-10-27 03:08 16281600 ----a-w- c:\windows\system32\atioglxx.dll
2010-10-27 02:55 . 2010-10-27 02:55 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-10-27 02:55 . 2010-05-27 17:02 547328 ----a-w- c:\windows\system32\aticfx32.dll
2010-10-27 02:52 . 2010-10-27 02:52 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-10-27 02:51 . 2010-10-27 02:51 393216 ----a-w- c:\windows\system32\atieclxx.exe
2010-10-27 02:51 . 2010-10-27 02:51 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2010-10-27 02:50 . 2010-10-27 02:50 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-10-27 02:50 . 2010-09-29 01:49 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-10-27 02:49 . 2010-10-27 02:49 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-10-27 02:49 . 2010-10-27 02:49 15872 ----a-w- c:\windows\system32\atimuixx.dll
2010-10-27 02:49 . 2010-10-27 02:49 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-10-27 02:46 . 2010-05-27 16:54 4020736 ----a-w- c:\windows\system32\atidxx32.dll
2010-10-27 02:35 . 2010-10-27 02:35 46080 ----a-w- c:\windows\system32\aticalrt.dll
2010-10-27 02:35 . 2010-10-27 02:35 44032 ----a-w- c:\windows\system32\aticalcl.dll
2010-10-27 02:33 . 2010-10-27 02:33 5441536 ----a-w- c:\windows\system32\aticaldd.dll
2010-10-27 02:28 . 2010-10-27 02:28 4094464 ----a-w- c:\windows\system32\atiumdag.dll
2010-10-27 02:14 . 2010-05-27 16:35 52736 ----a-w- c:\windows\system32\coinst.dll
2010-10-27 02:14 . 2010-10-27 02:14 249856 ----a-w- c:\windows\system32\atiadlxx.dll
2010-10-27 02:14 . 2010-10-27 02:14 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-10-27 02:14 . 2010-10-27 02:14 27136 ----a-w- c:\windows\system32\atigktxx.dll
2010-10-27 02:14 . 2010-10-27 02:14 229888 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-10-27 02:13 . 2010-05-27 16:24 30720 ----a-w- c:\windows\system32\atiuxpag.dll
2010-10-27 02:13 . 2010-05-27 16:24 28672 ----a-w- c:\windows\system32\atiu9pag.dll
2010-10-27 02:12 . 2010-10-27 02:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-10-27 01:50 . 2010-10-27 01:50 3460096 ----a-w- c:\windows\system32\atiumdva.dll
2010-10-27 01:37 . 2010-10-27 01:37 52736 ----a-w- c:\windows\system32\atimpc32.dll
2010-10-27 01:37 . 2010-10-27 01:37 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2010-10-23 17:11 . 2010-08-08 14:24 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-10-23 17:11 . 2010-08-08 14:24 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-10-19 09:41 . 2010-06-22 13:03 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- c:\windows\system32\xlive.dll
2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2010-10-12 10:41 . 2010-10-17 13:12 181704 ----a-w- c:\windows\system32\drivers\PCGenFAM.sys
2010-09-30 15:15 . 2010-06-22 13:12 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-09-30 15:09 . 2010-10-16 19:57 21312 ----a-w- c:\windows\system32\authuitu.dll
2010-09-30 15:09 . 2010-10-16 19:57 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-09-23 09:11 . 2010-09-23 09:11 374048 ----a-w- c:\windows\system32\yk62x86.dll
2010-09-23 09:11 . 2010-09-23 09:11 316192 ----a-w- c:\windows\system32\drivers\yk62x86.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-11-29 443728]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-03-09 1286608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Wrapper"="runonce" [X]
"GrpConv"="grpconv -o" [X]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"FilterAdministratorToken"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digsby.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digsby.lnk
backup=c:\windows\pss\Digsby.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Vlado^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerStrip.lnk]
path=c:\users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerStrip.lnk
backup=c:\windows\pss\PowerStrip.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^Vlado^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rain.lnk]
path=c:\users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rain.lnk
backup=c:\windows\pss\Rain.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 02:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2010-06-28 20:50 75048 ------w- c:\program files\CyberLink\Shared files\brs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D3DOverrider]
2009-08-22 18:25 40960 ----a-w- c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverriderWrapper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-06-22 12:58 136176 ----atw- c:\users\Vlado\AppData\Local\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
2010-03-09 07:40 1286608 ----a-w- c:\program files\Spyware Doctor\pctsTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2010-05-11 20:35 2528584 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster]
2010-02-05 16:09 15265424 ----a-w- c:\program files\Inkline Global\PC Booster\PCBooster.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Pitstop Optimize Scheduler]
2010-12-14 14:35 1680883 ----a-w- c:\program files\PCPitstop\Optimize\PCPOptimize.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Pitstop PC Matic Reminder]
2010-10-13 10:18 324848 ----a-w- c:\program files\PCPitstop\PC Matic\Reminder-PCMatic.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerSuite]
2010-03-23 08:17 46368 ----a-w- c:\program files\Uniblue\PowerSuite\Launcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
2001-07-03 11:13 81920 ----a-w- c:\windows\System32\ps2.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
2010-02-02 22:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
2008-12-12 19:44 306088 ----a-w- c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTuner]
2009-08-22 18:25 24576 ----a-w- c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
2010-06-22 14:51 61944 ----a-w- c:\program files\Siber Systems\AI RoboForm\robotaskbaricon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-11-20 08:17 434176 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-12-11 12:39 2424560 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-11-16 10:05 274608 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
2010-12-11 13:48 1233856 ----a-w- c:\program files\Trojan Remover\Trjscan.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Vlado\AppData\Local\Google\Update\GoogleUpdate.exe" /c
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
R0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [2009-12-07 61328]
R0 PCGenFAM;PCGenFAM;c:\windows\system32\DRIVERS\PCGenFAM.sys [2010-10-12 181704]
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-03 691696]
R1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20101123.003\BHDrvx86.sys [2010-11-23 691248]
R1 Hmonitor45;Hmonitor45;c:\windows\system32\drivers\hmonitor45.sys [2010-10-28 10536]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20101210.001\IDSvix86.sys [2010-11-09 353912]
R1 ntiomin;ntiomin; [x]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
R1 SuperMounter;SuperMounter; [x]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1205000.07D\Ironx86.SYS [2010-11-16 136312]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NIS\1205000.07D\SYMNETS.SYS [2010-12-01 295032]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/08/05 14:13];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-06-28 20:50 87536]
R2 ATE_PROCMON;ATE_PROCMON;c:\program files\Anti Trojan Elite\ATEPMon.sys [x]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-05-11 20072]
R2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-04 1228208]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-11-29 363344]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe [2010-11-24 130000]
R2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [2007-07-15 27992]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-09-30 1051968]
R3 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 176128]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-10-27 6573568]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-10-27 229888]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2009-12-18 11336]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-11-10 102448]
R3 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-01 136176]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-11-29 20952]
R3 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R3 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [2010-05-11 1619272]
R3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [2010-10-13 90864]
R3 RadeonPro Support Service;RadeonPro Support Service;c:\program files\RadeonPro\RadeonProSupport.exe [2010-10-30 12288]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-26 1343400]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-02-04 64288]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-03-29 218592]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1205000.07D\SYMDS.SYS [2010-10-21 340016]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1205000.07D\SYMEFA.SYS [2010-11-18 652336]
S0 szkg5;szkg5;c:\windows\system32\DRIVERS\szkg.sys [2009-12-07 61328]
S0 szkgfs;szkgfs;c:\windows\system32\drivers\szkgfs.sys [2010-05-12 59280]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2010-12-13 98392]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2010-10-12 330784]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2010-09-23 316192]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Contents of the 'Scheduled Tasks' folder
2010-12-14 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:52]
2010-12-14 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:52]
2010-12-14 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:52]
2010-12-14 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:52]
2010-12-13 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:52]
2010-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-01 11:34]
2010-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-01 11:34]
2010-12-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3121190998-737162547-1199987306-1001Core.job
- c:\users\Vlado\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-22 12:58]
2010-12-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3121190998-737162547-1199987306-1001UA.job
- c:\users\Vlado\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-22 12:58]
2010-11-17 c:\windows\Tasks\PCConfidential.job
- c:\program files\Winferno\PC Confidential\PCConfidential.exe [2010-11-16 13:10]
2010-12-14 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3121190998-737162547-1199987306-1001.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
2010-12-14 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3121190998-737162547-1199987306-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = about:blank
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Nástrojová lišta RoboFormu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Prispôsobiť menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Uložiť formulár - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Vyplniť formulár - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
FF - ProfilePath - c:\users\Vlado\AppData\Roaming\Mozilla\Firefox\Profiles\0iocuqdf.default\
FF - prefs.js: browser.startup.homepage - hxxp://sk.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:sk:official
FF - prefs.js: keyword.URL - hxxp://start.facemoods.com/results.php?f=5&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 4.0 Beta 2\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 4.0 Beta 2\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 4.0 Beta 2\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: AI Roboform Toolbar for Firefox: {22119944-ED35-4ab1-910B-E619EA06A115} - c:\program files\Siber Systems\AI RoboForm\Firefox
FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHANS REMOVED - - - -
HKLM-RunOnce-<NO NAME> - (no file)
MSConfigStartUp-Anti Trojan Elite - c:\program files\Anti Trojan Elite\TJEnder.exe
MSConfigStartUp-KBD - c:\hp\KBD\KBD.EXE
MSConfigStartUp-RefreshLock - c:\users\Vlado\Downloads\refreshlock\RefreshLock.exe
MSConfigStartUp-Steam - c:\program files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.5.0.125\diMaster.dll\" /prefetch:1"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-3121190998-737162547-1199987306-1001\Software\SecuROM\License information*]
"datasecu"=hex:12,e7,08,32,cf,10,c7,03,53,61,cd,9c,bb,a1,2a,1b,0a,05,46,f3,38,
fe,3f,10,b2,39,44,35,53,5d,f0,96,7e,51,71,d8,ee,bf,0d,6a,56,37,49,e8,89,13,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(332)
c:\program files\HappyFoto\HfAsistentSlk\FotoSync.dll
c:\program files\HappyFoto\HfAsistentSlk\xerc2701.dll
c:\program files\HappyFoto\HfAsistentSlk\fotosynr.dll
.
Completion time: 2010-12-14 22:55:47
ComboFix-quarantined-files.txt 2010-12-14 21:55
Pre-Run: 2 101 760 000 bytes free
Post-Run: 1 999 953 920 bytes free
- - End Of File - - C2B209EC6984AA6613F9B7D3536CB314
ComboFix 10-12-14.01 - Vlado . 12. 2010 22:36:09.2.1 - x86 NETWORK
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.421.1051.18.1023.414 [GMT 1:00]
Running from: c:\users\Vlado\Downloads\ComboFix.exe
SP: Spyware Doctor *Enabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: STOPzilla Anti-Spyware *Enabled/Updated* {B2E69928-50DC-94CA-6A80-AAB054008761}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\programdata\hpe412D.dll
c:\programdata\hpe720F.dll
c:\windows\system32\ps2.bat
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_AFPANSI
-------\Service_AFPAnsi
((((((((((((((((((((((((( Files Created from 2010-11-14 to 2010-12-14 )))))))))))))))))))))))))))))))
.
2010-12-14 21:50 . 2010-12-14 21:50 -------- d-----w- c:\users\Ocko.Vlado-PC\AppData\Local\temp
2010-12-14 21:50 . 2010-12-14 21:50 -------- d-----w- c:\users\Maťa.Vlado-PC\AppData\Local\temp
2010-12-14 21:50 . 2010-12-14 21:50 -------- d-----w- c:\users\Mamka.Vlado-PC\AppData\Local\temp
2010-12-14 21:32 . 2010-12-14 21:34 -------- d-----w- C:\32788R22FWJFW
2010-12-14 19:22 . 2010-12-14 21:50 -------- d-----w- c:\users\Vlado\AppData\Local\temp
2010-12-14 17:06 . 2010-11-16 11:01 6273872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3EED93D0-67A7-4472-B5D7-1B0CF4C4A932}\mpengine.dll
2010-12-14 17:05 . 2010-12-14 17:06 -------- d-----w- C:\21d5e6368849b8348758
2010-12-14 15:54 . 2010-12-14 15:54 -------- d-----w- c:\programdata\GroupPolicy
2010-12-14 15:41 . 2010-12-14 19:25 -------- d-----w- c:\windows\system32\catroot2
2010-12-14 15:33 . 2010-12-14 15:33 -------- d-----w- c:\program files\Yamicsoft
2010-12-14 14:15 . 2010-12-14 14:28 -------- d-----w- c:\programdata\PCPitstop
2010-12-14 14:15 . 2010-12-14 14:37 -------- d-----w- c:\program files\PCPitstop
2010-12-13 20:36 . 2010-12-13 20:36 -------- dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-12-13 20:35 . 2010-12-13 20:37 -------- d-----w- c:\programdata\Lavasoft
2010-12-13 20:10 . 2010-12-13 20:11 -------- d-----w- c:\program files\trend micro
2010-12-13 20:10 . 2010-12-13 20:12 -------- d-----w- C:\rsit
2010-12-13 17:27 . 2010-12-14 14:43 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-12-13 17:27 . 2010-12-13 17:30 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-12-13 16:53 . 2010-12-13 16:54 -------- d-----w- c:\users\Vlado\AppData\Roaming\ScanSpyware
2010-12-13 16:53 . 2008-09-07 16:22 8704 ----a-w- c:\windows\system32\ssbtsr.exe
2010-12-13 16:53 . 2010-12-13 16:53 -------- d-----w- c:\program files\ScanSpyware
2010-12-13 16:47 . 2010-12-13 16:47 80 ---ha-w- C:\aaw7boot.cmd
2010-12-13 15:38 . 2009-09-11 17:33 5974016 ----a-w- c:\windows\system32\vbsbak.dat
2010-12-13 15:38 . 2008-02-24 15:17 11264 ----a-w- c:\windows\system32\drivers\supermounter.sys
2010-12-13 15:38 . 2007-03-11 20:39 44000 ----a-w- c:\windows\system32\drivers\AFPUni.sys
2010-12-13 15:38 . 2007-03-11 20:39 43936 ----a-w- c:\windows\system32\drivers\AFPAnsi.sys
2010-12-13 15:38 . 2008-08-07 22:13 1473536 ----a-w- c:\windows\system32\context.dll
2010-12-13 15:38 . 2008-02-28 08:43 56 ----a-w- c:\windows\system32\vb6sock.dll
2010-12-13 15:38 . 2003-10-16 21:56 6144 ----a-w- c:\windows\system32\SuperRes.dll
2010-12-13 15:38 . 2003-10-11 09:24 89088 ----a-w- c:\windows\system32\Shreder.dll
2010-12-13 15:38 . 2003-09-06 21:32 73728 ----a-w- c:\windows\system32\smh.dat
2010-12-13 15:38 . 2010-12-13 15:38 -------- d-----w- c:\program files\SuperLogix
2010-12-13 15:26 . 2010-02-04 15:53 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-12-12 18:05 . 2010-12-12 18:47 -------- d-----w- c:\program files\STOPzilla!
2010-12-12 18:05 . 2010-12-12 18:05 -------- d-----w- c:\program files\Common Files\iS3
2010-12-12 18:05 . 2010-12-14 20:51 -------- d-----w- c:\programdata\STOPzilla!
2010-12-12 13:23 . 2010-01-22 08:56 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-12-12 13:23 . 2010-01-22 08:55 767952 ----a-w- c:\windows\BDTSupport.dll
2010-12-12 13:23 . 2010-01-22 08:56 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-12-12 13:23 . 2010-01-22 08:56 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-12-12 13:23 . 2010-02-05 08:18 100136 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2010-12-12 13:23 . 2010-02-05 08:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-12-12 13:22 . 2010-03-29 09:06 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-12-12 13:22 . 2009-11-23 12:54 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-12-12 13:22 . 2010-04-08 13:29 63360 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-12-12 13:22 . 2010-12-12 13:23 -------- d-----w- c:\program files\Common Files\PC Tools
2010-12-12 13:22 . 2010-12-14 20:47 -------- d-----w- c:\program files\Spyware Doctor
2010-12-12 13:22 . 2010-12-12 13:22 -------- d-----w- c:\users\Vlado\AppData\Roaming\PC Tools
2010-12-12 13:22 . 2010-12-12 13:22 -------- d-----w- c:\programdata\PC Tools
2010-12-12 12:47 . 2010-12-13 20:36 -------- d-----w- c:\program files\Lavasoft
2010-12-12 12:05 . 2010-12-13 16:15 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-12-12 12:03 . 2010-12-12 12:03 -------- d-----w- c:\users\Vlado\AppData\Local\Sunbelt Software
2010-12-11 13:49 . 2010-11-29 16:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-12-11 13:49 . 2010-12-11 13:49 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-12-11 13:49 . 2010-11-29 16:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-12-11 13:42 . 2010-12-11 13:42 -------- d---a-w- c:\windows\rundll16.exe
2010-12-11 13:42 . 2010-12-11 13:42 -------- d---a-w- c:\windows\logo1_.exe
2010-12-11 12:38 . 2010-12-11 12:38 -------- d-----w- c:\users\Vlado\AppData\Roaming\Simply Super Software
2010-12-10 18:27 . 2010-12-10 18:27 -------- d-----w- c:\users\Vlado\AppData\Roaming\dvdcss
2010-12-10 10:51 . 2010-12-10 10:51 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2010-12-10 10:51 . 2010-12-10 10:51 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2010-12-10 10:51 . 2010-12-10 10:51 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2010-12-10 10:51 . 2010-12-10 10:51 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2010-12-10 10:51 . 2010-12-10 10:51 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2010-12-10 10:51 . 2010-12-10 10:51 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2010-12-10 10:51 . 2010-12-10 10:51 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2010-12-10 10:51 . 2010-12-10 10:51 -------- d-----w- c:\program files\QuickTime
2010-12-09 20:04 . 2010-12-10 10:24 -------- d-----w- c:\windows\system32\drivers\NIS\1205000.07D
2010-12-09 16:43 . 2010-12-09 16:43 -------- d-----w- c:\windows\system32\wbem\Logs
2010-12-09 16:38 . 2010-12-09 16:38 132560 ----a-r- c:\windows\system32\IS3HTUI5.dll
2010-12-09 16:38 . 2010-12-09 16:38 546256 ----a-r- c:\windows\system32\SZComp5.dll
2010-12-09 16:38 . 2010-12-09 16:38 452048 ----a-r- c:\windows\system32\SZBase5.dll
2010-12-09 16:38 . 2010-12-09 16:38 398800 ----a-r- c:\windows\system32\IS3DBA5.dll
2010-12-09 16:38 . 2010-12-09 16:38 28624 ----a-r- c:\windows\system32\IS3XDat5.dll
2010-12-09 16:38 . 2010-12-09 16:38 22992 ----a-r- c:\windows\system32\SZIO5.dll
2010-12-09 16:38 . 2010-12-09 16:38 99792 ----a-r- c:\windows\system32\IS3Svc5.dll
2010-12-09 16:38 . 2010-12-09 16:38 99792 ----a-r- c:\windows\system32\IS3Inet5.dll
2010-12-09 16:38 . 2010-12-09 16:38 67024 ----a-r- c:\windows\system32\IS3Hks5.dll
2010-12-09 16:38 . 2010-12-09 16:38 390608 ----a-r- c:\windows\system32\IS3UI5.dll
2010-12-09 16:38 . 2010-12-09 16:38 738768 ----a-r- c:\windows\system32\IS3Base5.dll
2010-12-09 16:38 . 2010-12-09 16:38 230864 ----a-r- c:\windows\system32\IS3Win325.dll
2010-12-09 16:37 . 2010-12-09 16:37 -------- d-----w- c:\program files\Temp File Cleanup
2010-12-07 14:01 . 2010-12-07 14:01 -------- d-----w- c:\users\Vlado\AppData\Roaming\EPSON
2010-12-06 19:38 . 2010-12-06 19:38 -------- d-----w- c:\programdata\UDL
2010-12-06 19:37 . 2010-12-06 19:37 -------- d-----w- c:\program files\Epson Software
2010-12-06 19:34 . 2010-12-07 14:02 -------- d-----w- c:\program files\ABBYY FineReader 6.0 Sprint
2010-12-06 19:31 . 2007-06-21 23:10 501912 ----a-w- c:\windows\system32\PICSDK2.dll
2010-12-06 19:31 . 2006-10-30 23:10 71840 ----a-w- c:\windows\system32\EPPicMgr.dll
2010-12-06 19:31 . 2006-10-30 23:10 120992 ----a-w- c:\windows\system32\EpPicPrt.dll
2010-12-06 19:31 . 2006-10-19 23:10 80024 ----a-w- c:\windows\system32\PICSDK.dll
2010-12-06 19:31 . 2006-10-19 23:10 108704 ----a-w- c:\windows\system32\PICEntry.dll
2010-12-06 19:31 . 2010-12-06 19:31 -------- d-----w- c:\users\Vlado\AppData\Roaming\InstallShield
2010-12-06 19:30 . 2007-04-10 19:06 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2010-12-06 19:30 . 2008-08-08 20:09 86528 ----a-w- c:\windows\system32\E_FLBFCE.DLL
2010-12-06 19:30 . 2007-12-07 20:01 78848 ----a-w- c:\windows\system32\E_FD4BFCE.DLL
2010-12-06 19:30 . 2010-12-06 19:46 -------- d-----w- c:\programdata\EPSON
2010-12-06 19:29 . 2008-11-16 23:00 342016 ----a-w- c:\windows\system32\eswiaud.dll
2010-12-06 19:27 . 2010-12-06 19:33 -------- d-----w- c:\program files\epson
2010-12-05 18:29 . 2010-12-05 18:29 -------- d-----w- c:\program files\Microsoft Silverlight
2010-12-04 11:18 . 2010-12-04 11:18 -------- d-----w- c:\programdata\ATI
2010-11-29 16:38 . 2010-11-29 16:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-11-29 16:38 . 2010-11-29 16:38 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-11-26 15:14 . 2010-11-26 15:33 -------- d-----w- c:\program files\Common Files\Sony Shared
2010-11-26 15:09 . 2010-11-26 15:10 -------- d-----w- c:\program files\Sony Media Go Install
2010-11-24 14:06 . 2010-10-19 08:10 7680 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2010-11-17 08:40 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2010-11-17 08:40 . 2007-04-04 17:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
2010-11-16 10:06 . 2010-11-16 10:06 -------- d-----w- c:\program files\Common Files\xing shared
2010-11-16 10:05 . 2010-11-16 10:06 -------- d-----w- c:\program files\Real
2010-11-16 10:05 . 2010-11-16 11:35 -------- d-----w- c:\users\Vlado\AppData\Local\Digsby
2010-11-16 10:05 . 2010-11-16 10:05 -------- d-----w- c:\users\Vlado\AppData\Roaming\Digsby
2010-11-16 10:05 . 2010-11-16 10:05 -------- d-----w- c:\programdata\Digsby
2010-11-16 10:01 . 2010-12-09 16:52 -------- d-----w- c:\program files\Digsby
2010-11-16 10:00 . 2010-11-16 10:00 -------- d-----w- c:\program files\Common Files\Winferno
2010-11-16 10:00 . 2006-10-09 12:06 495616 ----a-w- c:\windows\system32\WINUTIL5.DLL
2010-11-16 10:00 . 2006-05-17 07:40 393216 ----a-w- c:\windows\system32\WINLCTL5.DLL
2010-11-16 10:00 . 2006-10-09 11:28 835584 ----a-w- c:\windows\system32\WINCTL4.OCX
2010-11-16 09:59 . 2006-07-24 07:56 212240 ----a-w- c:\windows\system32\Richtx32.ocx
2010-11-16 09:59 . 2010-12-13 19:09 -------- d-----w- c:\program files\Free Offers from Freeze.com
2010-11-16 09:59 . 2010-11-16 09:59 -------- d-----w- c:\program files\Winferno
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-05 11:35 . 2010-12-05 11:32 10540952 ----a-w- c:\windows\REGBK03.ZIP
2010-11-16 10:05 . 2005-09-28 12:31 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-11-16 10:05 . 2005-09-28 12:31 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-11-10 16:03 . 2010-11-10 16:03 126512 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-11-03 15:02 . 2010-11-03 15:02 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-10-28 16:24 . 2010-10-28 16:24 10536 ----a-w- c:\windows\system32\drivers\hmonitor45.sys
2010-10-28 14:18 . 2010-10-28 14:14 2038935 ----a-w- c:\windows\REGBK02.ZIP
2010-10-27 03:59 . 2010-10-27 03:59 6573568 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2010-10-27 03:08 . 2010-10-27 03:08 16281600 ----a-w- c:\windows\system32\atioglxx.dll
2010-10-27 02:55 . 2010-10-27 02:55 143360 ----a-w- c:\windows\system32\atiapfxx.exe
2010-10-27 02:55 . 2010-05-27 17:02 547328 ----a-w- c:\windows\system32\aticfx32.dll
2010-10-27 02:52 . 2010-10-27 02:52 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll
2010-10-27 02:51 . 2010-10-27 02:51 393216 ----a-w- c:\windows\system32\atieclxx.exe
2010-10-27 02:51 . 2010-10-27 02:51 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2010-10-27 02:50 . 2010-10-27 02:50 159744 ----a-w- c:\windows\system32\atitmmxx.dll
2010-10-27 02:50 . 2010-09-29 01:49 356352 ----a-w- c:\windows\system32\atipdlxx.dll
2010-10-27 02:49 . 2010-10-27 02:49 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2010-10-27 02:49 . 2010-10-27 02:49 15872 ----a-w- c:\windows\system32\atimuixx.dll
2010-10-27 02:49 . 2010-10-27 02:49 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2010-10-27 02:46 . 2010-05-27 16:54 4020736 ----a-w- c:\windows\system32\atidxx32.dll
2010-10-27 02:35 . 2010-10-27 02:35 46080 ----a-w- c:\windows\system32\aticalrt.dll
2010-10-27 02:35 . 2010-10-27 02:35 44032 ----a-w- c:\windows\system32\aticalcl.dll
2010-10-27 02:33 . 2010-10-27 02:33 5441536 ----a-w- c:\windows\system32\aticaldd.dll
2010-10-27 02:28 . 2010-10-27 02:28 4094464 ----a-w- c:\windows\system32\atiumdag.dll
2010-10-27 02:14 . 2010-05-27 16:35 52736 ----a-w- c:\windows\system32\coinst.dll
2010-10-27 02:14 . 2010-10-27 02:14 249856 ----a-w- c:\windows\system32\atiadlxx.dll
2010-10-27 02:14 . 2010-10-27 02:14 12800 ----a-w- c:\windows\system32\atiglpxx.dll
2010-10-27 02:14 . 2010-10-27 02:14 27136 ----a-w- c:\windows\system32\atigktxx.dll
2010-10-27 02:14 . 2010-10-27 02:14 229888 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2010-10-27 02:13 . 2010-05-27 16:24 30720 ----a-w- c:\windows\system32\atiuxpag.dll
2010-10-27 02:13 . 2010-05-27 16:24 28672 ----a-w- c:\windows\system32\atiu9pag.dll
2010-10-27 02:12 . 2010-10-27 02:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2010-10-27 01:50 . 2010-10-27 01:50 3460096 ----a-w- c:\windows\system32\atiumdva.dll
2010-10-27 01:37 . 2010-10-27 01:37 52736 ----a-w- c:\windows\system32\atimpc32.dll
2010-10-27 01:37 . 2010-10-27 01:37 52736 ----a-w- c:\windows\system32\amdpcom32.dll
2010-10-23 17:11 . 2010-08-08 14:24 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-10-23 17:11 . 2010-08-08 14:24 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-10-19 09:41 . 2010-06-22 13:03 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-10-14 00:36 . 2010-10-14 00:36 15451288 ----a-w- c:\windows\system32\xlive.dll
2010-10-14 00:36 . 2010-10-14 00:36 13642904 ----a-w- c:\windows\system32\xlivefnt.dll
2010-10-12 10:41 . 2010-10-17 13:12 181704 ----a-w- c:\windows\system32\drivers\PCGenFAM.sys
2010-09-30 15:15 . 2010-06-22 13:12 30528 ----a-w- c:\windows\system32\TURegOpt.exe
2010-09-30 15:09 . 2010-10-16 19:57 21312 ----a-w- c:\windows\system32\authuitu.dll
2010-09-30 15:09 . 2010-10-16 19:57 30016 ----a-w- c:\windows\system32\uxtuneup.dll
2010-09-23 09:11 . 2010-09-23 09:11 374048 ----a-w- c:\windows\system32\yk62x86.dll
2010-09-23 09:11 . 2010-09-23 09:11 316192 ----a-w- c:\windows\system32\drivers\yk62x86.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-11-29 443728]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2010-03-09 1286608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Wrapper"="runonce" [X]
"GrpConv"="grpconv -o" [X]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"FilterAdministratorToken"= 1 (0x1)
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digsby.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digsby.lnk
backup=c:\windows\pss\Digsby.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^Users^Vlado^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PowerStrip.lnk]
path=c:\users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerStrip.lnk
backup=c:\windows\pss\PowerStrip.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^Vlado^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rain.lnk]
path=c:\users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rain.lnk
backup=c:\windows\pss\Rain.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\reset]
regedit [X]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 21:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-23 02:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDRegion]
2010-06-28 20:50 75048 ------w- c:\program files\CyberLink\Shared files\brs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D3DOverrider]
2009-08-22 18:25 40960 ----a-w- c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\Tools\D3DOverrider\D3DOverriderWrapper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2010-04-01 09:16 357696 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-06-22 12:58 136176 ----atw- c:\users\Vlado\AppData\Local\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
2010-03-09 07:40 1286608 ----a-w- c:\program files\Spyware Doctor\pctsTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OODefragTray]
2010-05-11 20:35 2528584 ----a-w- c:\program files\OO Software\Defrag\oodtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster]
2010-02-05 16:09 15265424 ----a-w- c:\program files\Inkline Global\PC Booster\PCBooster.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Pitstop Optimize Scheduler]
2010-12-14 14:35 1680883 ----a-w- c:\program files\PCPitstop\Optimize\PCPOptimize.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Pitstop PC Matic Reminder]
2010-10-13 10:18 324848 ----a-w- c:\program files\PCPitstop\PC Matic\Reminder-PCMatic.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PowerSuite]
2010-03-23 08:17 46368 ----a-w- c:\program files\Uniblue\PowerSuite\Launcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
2001-07-03 11:13 81920 ----a-w- c:\windows\System32\ps2.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 16:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
2010-02-02 22:08 87336 ------w- c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
2008-12-12 19:44 306088 ----a-w- c:\program files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTuner]
2009-08-22 18:25 24576 ----a-w- c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
2010-06-22 14:51 61944 ----a-w- c:\program files\Siber Systems\AI RoboForm\robotaskbaricon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-11-20 08:17 434176 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-12-11 12:39 2424560 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2010-11-16 10:05 274608 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrojanScanner]
2010-12-11 13:48 1233856 ----a-w- c:\program files\Trojan Remover\Trjscan.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\Vlado\AppData\Local\Google\Update\GoogleUpdate.exe" /c
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
R0 is3srv;is3srv;c:\windows\system32\drivers\is3srv.sys [2009-12-07 61328]
R0 PCGenFAM;PCGenFAM;c:\windows\system32\DRIVERS\PCGenFAM.sys [2010-10-12 181704]
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-11-03 691696]
R1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20101123.003\BHDrvx86.sys [2010-11-23 691248]
R1 Hmonitor45;Hmonitor45;c:\windows\system32\drivers\hmonitor45.sys [2010-10-28 10536]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20101210.001\IDSvix86.sys [2010-11-09 353912]
R1 ntiomin;ntiomin; [x]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
R1 SuperMounter;SuperMounter; [x]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1205000.07D\Ironx86.SYS [2010-11-16 136312]
R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NIS\1205000.07D\SYMNETS.SYS [2010-12-01 295032]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/08/05 14:13];c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-06-28 20:50 87536]
R2 ATE_PROCMON;ATE_PROCMON;c:\program files\Anti Trojan Elite\ATEPMon.sys [x]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x32.sys [2010-05-11 20072]
R2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-04 1228208]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-11-29 363344]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe [2010-11-24 130000]
R2 PStrip;PStrip;c:\windows\system32\drivers\pstrip.sys [2007-07-15 27992]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2010-03-11 366840]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-09-30 1051968]
R3 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-10-27 176128]
R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-10-27 6573568]
R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-10-27 229888]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2009-12-18 11336]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-11-10 102448]
R3 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-07-01 136176]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-11-29 20952]
R3 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R3 OODefragAgent;O&O Defrag Agent;c:\program files\OO Software\Defrag\oodag.exe [2010-05-11 1619272]
R3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [2010-10-13 90864]
R3 RadeonPro Support Service;RadeonPro Support Service;c:\program files\RadeonPro\RadeonProSupport.exe [2010-10-30 12288]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
R3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 15016]
R3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 114600]
R3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 108328]
R3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 26024]
R3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0017obex.sys [2008-10-21 104616]
R3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\DRIVERS\s0017unic.sys [2008-10-21 109736]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-25 10064]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-26 1343400]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-02-04 64288]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-03-29 218592]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1205000.07D\SYMDS.SYS [2010-10-21 340016]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1205000.07D\SYMEFA.SYS [2010-11-18 652336]
S0 szkg5;szkg5;c:\windows\system32\DRIVERS\szkg.sys [2009-12-07 61328]
S0 szkgfs;szkgfs;c:\windows\system32\drivers\szkgfs.sys [2010-05-12 59280]
S1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [2010-12-13 98392]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe [2010-10-12 330784]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2010-09-23 316192]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Contents of the 'Scheduled Tasks' folder
2010-12-14 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:52]
2010-12-14 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:52]
2010-12-14 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:52]
2010-12-14 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:52]
2010-12-13 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 15:52]
2010-10-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-01 11:34]
2010-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-01 11:34]
2010-12-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3121190998-737162547-1199987306-1001Core.job
- c:\users\Vlado\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-22 12:58]
2010-12-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3121190998-737162547-1199987306-1001UA.job
- c:\users\Vlado\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-22 12:58]
2010-11-17 c:\windows\Tasks\PCConfidential.job
- c:\program files\Winferno\PC Confidential\PCConfidential.exe [2010-11-16 13:10]
2010-12-14 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3121190998-737162547-1199987306-1001.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
2010-12-14 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3121190998-737162547-1199987306-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 10:33]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = about:blank
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Nástrojová lišta RoboFormu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Prispôsobiť menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Uložiť formulár - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Vyplniť formulár - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
FF - ProfilePath - c:\users\Vlado\AppData\Roaming\Mozilla\Firefox\Profiles\0iocuqdf.default\
FF - prefs.js: browser.startup.homepage - hxxp://sk.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:sk:official
FF - prefs.js: keyword.URL - hxxp://start.facemoods.com/results.php?f=5&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox 4.0 Beta 2\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 4.0 Beta 2\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox 4.0 Beta 2\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: DAEMON Tools Toolbar: DTToolbar@toolbarnet.com - %profile%\extensions\DTToolbar@toolbarnet.com
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Facemoods: ffxtlbr@Facemoods.com - %profile%\extensions\ffxtlbr@Facemoods.com
FF - Ext: Stylish: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8} - %profile%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: vShare: vshare@toolbar - %profile%\extensions\vshare@toolbar
FF - Ext: AI Roboform Toolbar for Firefox: {22119944-ED35-4ab1-910B-E619EA06A115} - c:\program files\Siber Systems\AI RoboForm\Firefox
FF - Ext: Norton IPS: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPlgn
FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\coFFPlgn
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - ORPHANS REMOVED - - - -
HKLM-RunOnce-<NO NAME> - (no file)
MSConfigStartUp-Anti Trojan Elite - c:\program files\Anti Trojan Elite\TJEnder.exe
MSConfigStartUp-KBD - c:\hp\KBD\KBD.EXE
MSConfigStartUp-RefreshLock - c:\users\Vlado\Downloads\refreshlock\RefreshLock.exe
MSConfigStartUp-Steam - c:\program files\Steam\Steam.exe
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.5.0.125\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.5.0.125\diMaster.dll\" /prefetch:1"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD10\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-3121190998-737162547-1199987306-1001\Software\SecuROM\License information*]
"datasecu"=hex:12,e7,08,32,cf,10,c7,03,53,61,cd,9c,bb,a1,2a,1b,0a,05,46,f3,38,
fe,3f,10,b2,39,44,35,53,5d,f0,96,7e,51,71,d8,ee,bf,0d,6a,56,37,49,e8,89,13,\
"rkeysecu"=hex:29,23,be,84,e1,6c,d6,ae,52,90,49,f1,f1,bb,e9,eb
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'Explorer.exe'(332)
c:\program files\HappyFoto\HfAsistentSlk\FotoSync.dll
c:\program files\HappyFoto\HfAsistentSlk\xerc2701.dll
c:\program files\HappyFoto\HfAsistentSlk\fotosynr.dll
.
Completion time: 2010-12-14 22:55:47
ComboFix-quarantined-files.txt 2010-12-14 21:55
Pre-Run: 2 101 760 000 bytes free
Post-Run: 1 999 953 920 bytes free
- - End Of File - - C2B209EC6984AA6613F9B7D3536CB314