spomaleny internet

ComboFix 11-11-21.01 - Abík . 11. 2011  19:24:00.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1250.421.1051.18.8183.3429 [GMT 1:00]
Running from: c:\users\AbÝk\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0411.exe
.
.
(((((((((((((((((((((((((   Files Created from 2011-10-21 to 2011-11-21  )))))))))))))))))))))))))))))))
.
.
2011-11-21 18:27 . 2011-11-21 18:27   --------   d-----w-   c:\users\Default\AppData\Local\temp
2011-11-21 18:20 . 2011-10-07 04:16   8570192   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{38E19F02-0D59-419A-BE75-A8E4B75D254E}\mpengine.dll
2011-11-20 17:46 . 2011-11-20 17:46   --------   d-----w-   c:\program files (x86)\Common Files\Intel Corporation
2011-11-20 17:42 . 2011-11-20 17:42   --------   d-----w-   c:\users\Abík\AppData\Roaming\Intel Corporation
2011-11-20 17:36 . 2011-11-20 17:36   --------   d-----w-   c:\programdata\ATI
2011-11-20 17:36 . 2011-11-20 17:36   --------   d-----w-   c:\program files (x86)\AMD APP
2011-11-20 17:27 . 2011-10-17 13:55   559384   ----a-w-   c:\windows\system32\drivers\iaStor.sys
2011-11-20 17:27 . 2011-11-20 17:27   --------   d-----w-   c:\users\Abík\AppData\Roaming\InstallShield
2011-11-20 16:52 . 2009-07-14 01:15   315904   ----a-w-   c:\windows\SysWow64\Difxe0d2.rra
2011-11-17 20:46 . 2011-11-17 20:46   --------   d-----w-   c:\users\Abík\AppData\Roaming\SUPERAntiSpyware.com
2011-11-17 20:46 . 2011-11-17 22:48   --------   d-----w-   c:\program files\SUPERAntiSpyware
2011-11-17 20:46 . 2011-11-17 20:46   --------   d-----w-   c:\programdata\SUPERAntiSpyware.com
2011-11-17 18:58 . 2011-11-17 18:58   --------   d---a-w-   c:\windows\rundll16.exe
2011-11-17 18:58 . 2011-11-17 18:58   --------   d---a-w-   c:\windows\logo1_.exe
2011-11-15 14:56 . 2011-11-15 14:56   --------   d-----w-   c:\users\Abík\AppData\Local\Skyrim
2011-11-15 14:54 . 2005-05-26 14:34   3767504   ----a-w-   c:\windows\system32\d3dx9_26.dll
2011-11-15 14:54 . 2005-05-26 14:34   2297552   ----a-w-   c:\windows\SysWow64\d3dx9_26.dll
2011-11-13 12:28 . 2011-11-13 12:28   --------   d-----w-   c:\users\Abík\AppData\Local\{C16F7F4A-A34C-4E4F-8198-1586D74EA399}
2011-11-13 12:28 . 2011-11-13 12:28   --------   d-----w-   c:\users\Abík\AppData\Local\{6EA81EBB-6A16-4D67-ABE0-BBA4DF03A461}
2011-11-11 17:31 . 2011-11-11 17:32   --------   d-----w-   c:\users\Abík\AppData\Local\{68F4AA67-4B0E-429A-9CD2-7D5A3606FE2B}
2011-11-11 17:31 . 2011-11-11 17:31   --------   d-----w-   c:\users\Abík\AppData\Local\{E4D35970-31CE-4ADB-B504-EE8E7EE70D43}
2011-11-08 21:57 . 2011-10-01 05:45   886784   ----a-w-   c:\program files\Common Files\System\wab32.dll
2011-11-08 21:57 . 2011-10-01 04:37   708608   ----a-w-   c:\program files (x86)\Common Files\System\wab32.dll
2011-11-08 21:57 . 2011-09-29 16:29   1923952   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2011-11-08 21:57 . 2011-09-29 04:03   3144704   ----a-w-   c:\windows\system32\win32k.sys
2011-11-06 13:17 . 2011-11-06 13:17   --------   d-----w-   c:\users\Abík\AppData\Local\.inapptracking
2011-11-04 18:35 . 2011-11-06 12:10   --------   d-----w-   c:\program files (x86)\Cracked Steam
2011-10-30 12:51 . 2011-10-30 12:51   --------   d-----w-   c:\users\Abík\AppData\Roaming\Apple Computer
2011-10-28 13:38 . 2011-10-28 13:38   --------   d-----w-   c:\users\Abík\AppData\Local\Apple Computer
2011-10-28 06:42 . 2011-10-28 06:42   --------   d-----w-   c:\programdata\Apple Computer
2011-10-24 21:51 . 2011-10-24 21:51   --------   d-----w-   c:\program files (x86)\Kawaii Radio Player 3
2011-10-24 21:44 . 2011-10-24 21:44   --------   d-----w-   C:\picture export
2011-10-24 21:41 . 2011-10-24 21:41   --------   d-----w-   c:\program files (x86)\RealTime Picture Convertor 6
2011-10-24 18:28 . 2011-10-24 19:28   --------   d-----w-   c:\programdata\Blizzard Entertainment
2011-10-24 13:36 . 2011-10-24 13:36   680288   ----a-w-   c:\windows\system32\Iron Man 2 War Machine.scr
2011-10-24 13:36 . 2011-10-24 13:36   680288   ------w-   c:\windows\SysWow64\Iron Man 2 War Machine.scr
2011-10-24 13:34 . 2011-10-24 13:34   --------   d-----w-   c:\users\Abík\AppData\Roaming\GetRightToGo
2011-10-24 13:27 . 2011-10-24 13:36   --------   d-----w-   c:\programdata\Screentime
2011-10-24 13:27 . 2011-10-24 13:27   680288   ----a-w-   c:\windows\system32\IM-Screensaver.scr
2011-10-24 13:27 . 2011-10-24 13:27   680288   ------w-   c:\windows\SysWow64\IM-Screensaver.scr
2011-10-24 13:27 . 2011-10-24 13:36   --------   d-----w-   c:\users\Abík\AppData\Local\Screentime
2011-10-24 13:25 . 2011-10-24 13:25   --------   d-----w-   c:\users\Abík\AppData\Roaming\Screensaver Factory
2011-10-24 13:25 . 2011-10-24 13:26   --------   d-----w-   c:\program files (x86)\Your Own Screensaver
2011-10-24 13:17 . 2011-10-24 13:17   --------   d-----w-   c:\users\Abík\AppData\Local\{4F7C71D0-FA2B-44A8-B581-2F24A5E85BAF}
2011-10-24 13:17 . 2011-10-24 13:17   --------   d-----w-   c:\users\Abík\AppData\Local\{3CDD1B9B-4643-4FAB-B454-DFDA99A1E91D}
2011-10-24 13:08 . 2011-10-24 13:08   --------   d-----w-   C:\ATI
2011-10-24 12:39 . 2011-10-24 12:40   --------   d-----w-   c:\program files (x86)\ConvertHelper
2011-10-24 12:29 . 2011-10-24 12:29   94208   ----a-w-   c:\windows\SysWow64\QuickTimeVR.qtx
2011-10-24 12:29 . 2011-10-24 12:29   69632   ----a-w-   c:\windows\SysWow64\QuickTime.qts
2011-10-23 17:16 . 2011-10-23 17:16   --------   d-----w-   c:\users\Abík\AppData\Local\Focus Home Interactive
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-03 18:15 . 2011-05-19 12:29   404640   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-12 20:56 . 2011-10-12 20:56   10207232   ----a-w-   c:\windows\system32\drivers\atikmdag.sys
2011-10-12 20:20 . 2011-10-12 20:20   24629760   ----a-w-   c:\windows\system32\atio6axx.dll
2011-10-12 20:14 . 2011-10-12 20:14   159744   ----a-w-   c:\windows\system32\atiapfxx.exe
2011-10-12 20:14 . 2011-05-25 03:07   736768   ----a-w-   c:\windows\SysWow64\aticfx32.dll
2011-10-12 20:13 . 2011-04-20 02:07   867328   ----a-w-   c:\windows\system32\aticfx64.dll
2011-10-12 20:10 . 2011-07-28 21:36   466944   ----a-w-   c:\windows\system32\ATIDEMGX.dll
2011-10-12 20:10 . 2011-10-12 20:10   487936   ----a-w-   c:\windows\system32\atieclxx.exe
2011-10-12 20:09 . 2011-10-12 20:09   204288   ----a-w-   c:\windows\system32\atiesrxx.exe
2011-10-12 20:08 . 2011-10-12 20:08   120320   ----a-w-   c:\windows\system32\atitmm64.dll
2011-10-12 20:08 . 2011-10-12 20:08   423424   ----a-w-   c:\windows\system32\atipdl64.dll
2011-10-12 20:08 . 2011-10-12 20:08   356352   ----a-w-   c:\windows\SysWow64\atipdlxx.dll
2011-10-12 20:07 . 2011-10-12 20:07   278528   ----a-w-   c:\windows\SysWow64\Oemdspif.dll
2011-10-12 20:07 . 2011-10-12 20:07   21504   ----a-w-   c:\windows\system32\atimuixx.dll
2011-10-12 20:07 . 2011-10-12 20:07   59392   ----a-w-   c:\windows\system32\atiedu64.dll
2011-10-12 20:07 . 2011-10-12 20:07   43520   ----a-w-   c:\windows\SysWow64\ati2edxx.dll
2011-10-12 20:04 . 2011-05-25 02:58   4231680   ----a-w-   c:\windows\SysWow64\atidxx32.dll
2011-10-12 20:04 . 2011-10-12 20:04   18630656   ----a-w-   c:\windows\SysWow64\atioglxx.dll
2011-10-12 19:54 . 2011-04-20 01:49   4960768   ----a-w-   c:\windows\system32\atidxx64.dll
2011-10-12 19:46 . 2011-10-12 19:46   51200   ----a-w-   c:\windows\system32\aticalrt64.dll
2011-10-12 19:46 . 2011-10-12 19:46   46080   ----a-w-   c:\windows\SysWow64\aticalrt.dll
2011-10-12 19:46 . 2011-10-12 19:46   44544   ----a-w-   c:\windows\system32\aticalcl64.dll
2011-10-12 19:46 . 2011-10-12 19:46   44032   ----a-w-   c:\windows\SysWow64\aticalcl.dll
2011-10-12 19:45 . 2011-10-12 19:45   9877504   ----a-w-   c:\windows\system32\aticaldd64.dll
2011-10-12 19:44 . 2011-10-12 19:44   1113088   ----a-w-   c:\windows\system32\atiumd6v.dll
2011-10-12 19:44 . 2011-05-25 02:39   4289024   ----a-w-   c:\windows\SysWow64\atiumdag.dll
2011-10-12 19:44 . 2011-10-12 19:44   1828864   ----a-w-   c:\windows\SysWow64\atiumdmv.dll
2011-10-12 19:44 . 2011-07-28 21:11   4023296   ----a-w-   c:\windows\system32\atiumd6a.dll
2011-10-12 19:42 . 2011-10-12 19:42   8391680   ----a-w-   c:\windows\SysWow64\aticaldd.dll
2011-10-12 19:39 . 2011-04-20 01:27   58880   ----a-w-   c:\windows\system32\coinst.dll
2011-10-12 19:38 . 2011-07-28 21:02   5431808   ----a-w-   c:\windows\system32\atiumd64.dll
2011-10-12 19:33 . 2011-05-25 02:50   4174848   ----a-w-   c:\windows\SysWow64\atiumdva.dll
2011-10-12 19:31 . 2011-07-28 20:54   479744   ----a-w-   c:\windows\system32\atiadlxx.dll
2011-10-12 19:31 . 2011-10-12 19:31   335872   ----a-w-   c:\windows\SysWow64\atiadlxy.dll
2011-10-12 19:31 . 2011-10-12 19:31   17408   ----a-w-   c:\windows\system32\atig6pxx.dll
2011-10-12 19:31 . 2011-10-12 19:31   14336   ----a-w-   c:\windows\SysWow64\atiglpxx.dll
2011-10-12 19:31 . 2011-10-12 19:31   14336   ----a-w-   c:\windows\system32\atiglpxx.dll
2011-10-12 19:30 . 2011-10-12 19:30   39936   ----a-w-   c:\windows\system32\atig6txx.dll
2011-10-12 19:30 . 2011-10-12 19:30   32768   ----a-w-   c:\windows\SysWow64\atigktxx.dll
2011-10-12 19:30 . 2011-10-12 19:30   317952   ----a-w-   c:\windows\system32\drivers\atikmpag.sys
2011-10-12 19:29 . 2011-04-20 01:21   40960   ----a-w-   c:\windows\system32\atiuxp64.dll
2011-10-12 19:29 . 2011-05-25 02:24   31744   ----a-w-   c:\windows\SysWow64\atiuxpag.dll
2011-10-12 19:29 . 2011-07-28 20:53   38912   ----a-w-   c:\windows\system32\atiu9p64.dll
2011-10-12 19:29 . 2011-05-25 02:24   29184   ----a-w-   c:\windows\SysWow64\atiu9pag.dll
2011-10-12 19:28 . 2011-10-12 19:28   53248   ----a-w-   c:\windows\system32\drivers\ati2erec.dll
2011-10-12 19:16 . 2011-10-12 19:16   54784   ----a-w-   c:\windows\system32\atimpc64.dll
2011-10-12 19:16 . 2011-10-12 19:16   54784   ----a-w-   c:\windows\system32\amdpcom64.dll
2011-10-12 19:16 . 2011-10-12 19:16   53760   ----a-w-   c:\windows\SysWow64\atimpc32.dll
2011-10-12 19:16 . 2011-10-12 19:16   53760   ----a-w-   c:\windows\SysWow64\amdpcom32.dll
2011-10-12 15:16 . 2011-10-12 15:16   66048   ----a-w-   c:\windows\system32\OpenVideo64.dll
2011-10-12 15:16 . 2011-10-12 15:16   56832   ----a-w-   c:\windows\SysWow64\OpenVideo.dll
2011-10-12 15:16 . 2011-10-12 15:16   16787456   ----a-w-   c:\windows\system32\amdocl64.dll
2011-10-12 15:15 . 2011-10-12 15:15   13753856   ----a-w-   c:\windows\SysWow64\amdocl.dll
2011-10-12 15:14 . 2011-10-12 15:14   51200   ----a-w-   c:\windows\system32\OpenCL.dll
2011-10-12 15:14 . 2011-10-12 15:14   43520   ----a-w-   c:\windows\SysWow64\OpenCL.dll
2011-10-03 03:06 . 2011-05-25 09:44   472808   ----a-w-   c:\windows\SysWow64\deployJava1.dll
2011-09-26 13:13 . 2009-07-13 23:57   20267008   ----a-w-   c:\windows\system32\imageres.dll
2011-09-22 21:55 . 2011-09-22 21:55   275360   ----a-w-   c:\windows\system32\DreamScene.dll
2011-09-19 22:56 . 2011-09-19 22:56   18328   ----a-w-   c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-09-14 09:47 . 2011-09-14 09:47   60416   ----a-w-   c:\windows\system32\OVDecode64.dll
2011-09-14 09:47 . 2011-09-14 09:47   53760   ----a-w-   c:\windows\SysWow64\OVDecode.dll
2011-09-14 09:38 . 2011-09-14 09:38   44032   ----a-w-   c:\windows\system32\amdoclcl64.dll
2011-09-14 09:38 . 2011-09-14 09:38   37376   ----a-w-   c:\windows\SysWow64\amdoclcl.dll
2011-09-13 15:14 . 2011-09-13 15:14   212992   ----a-w-   c:\windows\system32\drivers\nusb3xhc.sys
2011-09-13 15:14 . 2011-09-13 15:14   95744   ----a-w-   c:\windows\system32\drivers\nusb3hub.sys
2011-09-09 23:02 . 2011-09-09 23:02   23056   ----a-w-   c:\windows\system32\drivers\Usbnic.sys
2011-09-06 20:45 . 2011-05-11 16:26   41184   ----a-w-   c:\windows\avastSS.scr
2011-09-06 20:45 . 2011-05-11 16:26   199304   ----a-w-   c:\windows\SysWow64\aswBoot.exe
2011-09-06 20:45 . 2011-05-11 16:26   254400   ----a-w-   c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-05-11 16:26   601944   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:38 . 2011-05-11 16:26   301912   ----a-w-   c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2011-05-11 16:26   58200   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2011-05-11 16:26   42328   ----a-w-   c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2011-05-11 16:26   65368   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2011-05-11 16:26   24408   ----a-w-   c:\windows\system32\drivers\aswFsBlk.sys
2011-09-01 05:24 . 2011-10-14 01:00   2309120   ----a-w-   c:\windows\system32\jscript9.dll
2011-09-01 05:17 . 2011-10-14 01:00   1389056   ----a-w-   c:\windows\system32\wininet.dll
2011-09-01 05:12 . 2011-10-14 01:00   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2011-09-01 02:35 . 2011-10-14 01:00   1798144   ----a-w-   c:\windows\SysWow64\jscript9.dll
2011-09-01 02:28 . 2011-10-14 01:00   1126912   ----a-w-   c:\windows\SysWow64\wininet.dll
2011-09-01 02:22 . 2011-10-14 01:00   2382848   ----a-w-   c:\windows\SysWow64\mshtml.tlb
2011-08-31 17:12 . 2011-05-11 15:37   1698408   ----a-w-   c:\windows\RtlExUpd.dll
2011-08-31 14:20 . 2011-09-19 19:36   53248   ----a-w-   c:\windows\SysWow64\CSVer.dll
2011-08-30 15:28 . 2011-09-19 19:39   3069032   ----a-w-   c:\windows\system32\drivers\RTKVHD64.sys
2011-08-30 11:37 . 2011-09-19 19:39   2518632   ----a-w-   c:\windows\system32\RtPgEx64.dll
2011-08-27 05:37 . 2011-10-14 00:46   861696   ----a-w-   c:\windows\system32\oleaut32.dll
2011-08-27 05:37 . 2011-10-14 00:46   331776   ----a-w-   c:\windows\system32\oleacc.dll
2011-08-27 04:26 . 2011-10-14 00:46   571904   ----a-w-   c:\windows\SysWow64\oleaut32.dll
2011-08-27 04:26 . 2011-10-14 00:46   233472   ----a-w-   c:\windows\SysWow64\oleacc.dll
2011-08-25 15:52 . 2011-08-25 15:51   833024   ----a-w-   c:\windows\SysWow64\user32.dll
2011-08-25 15:52 . 2011-08-25 15:51   2048   ----a-w-   c:\windows\SysWow64\winver.exe
2011-08-25 15:51 . 2011-08-25 15:51   410624   ----a-w-   c:\windows\SysWow64\systemcpl.dll
2011-08-25 15:51 . 2011-08-25 15:51   1536   ----a-w-   c:\windows\SysWow64\sppcomapi.dll
2011-08-25 15:51 . 2011-08-25 15:51   113543   ----a-w-   c:\windows\SysWow64\slmgr.vbs
2011-08-24 11:30 . 2011-09-19 19:39   3201128   ----a-w-   c:\windows\system32\RtkAPO64.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2010-11-20 . E573BD9AB55C8E333C202B9E255F972E . 1008640 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[-] 2011-08-25 . 2C9CC9F492CA596B1B9FC1AE5E916356 . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
[7] 2011-02-26 . E38899074D4951D31B4040E994DD7C8D . 2870784 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[7] 2011-02-26 . 0862495E0C825893DB75EF44FAEA8E93 . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[7] 2011-02-26 . 3B69712041F3D63605529BD66DC00C48 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[-] 2011-02-25 . DB3631F9DFBC84CD3E0FA658EC9A9BFA . 2388992 . . [6.1.7600.16385] .. c:\windows\explorer.exe
[7] 2011-02-25 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[7] 2010-11-20 . AC4C51EB24AA95B77F705AB159189E24 . 2872320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[7] 2009-10-31 . B8EC4BD49CE8F6FC457721BFC210B67F . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[7] 2009-10-31 . 9AAAEC8DAC27AA17B053E6352AD233AE . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[7] 2009-08-03 . 700073016DAC1C3D2E7E2CE4223334B6 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[7] 2009-08-03 . F170B4A061C9E026437B193B4D571799 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[7] 2009-07-14 . C235A51CB740E45FFA0EBFB9BAFCDA64 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-09-19 640888]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-11-17 5495680]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"Razer Mamba Driver"="c:\program files (x86)\Razer\Mamba\RazerTray.exe" [2009-12-15 3278728]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-09-16 115048]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-10-17 284440]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-12 343168]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
c:\users\Abík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ScreenUpdate.lnk - c:\program files (x86)\Your Own Screensaver\ScreenUpdate.exe [2011-10-24 167936]
Yahoo! Widgets.lnk - c:\program files (x86)\Yahoo!\Widgets\YahooWidgets.exe [2008-3-19 4742184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ      kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-10-17 13592]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-03-29 598312]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
R3 cpuz134;cpuz134;c:\program files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [2010-07-09 21480]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RAMDiskVE;RAMDiskVE;c:\windows\system32\Drivers\RAMDiskVE.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 Usbnic;OTi Network Driver Module;c:\windows\system32\DRIVERS\Usbnic.sys [x]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-04 2329480]
S2 HyperDeskCustomThemeEnabler;HyperDesk's Custom Theme Enabler;c:\windows\Installer\MSI31A0.tmp [2011-09-26 102400]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]
S2 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2011-07-15 741624]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 10:29   451872   ----a-w-   c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-18 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task c977279d-d172-443a-a472-9aac57e35f41.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-05-04 17:52]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45   134384   ----a-w-   c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-05 500208]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-26 12681320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.sk/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovať do programu Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Abík\AppData\Roaming\Mozilla\Firefox\Profiles\6trm9hpj.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
AddRemove-YInstHelper - c:\windows\system32\regsvr32
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\HyperDeskCustomThemeEnabler]
"ImagePath"="\"c:\windows\Installer\MSI31A0.tmp\" -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1564969282-139998884-2361810755-1001\Software\SecuROM\License information*]
"datasecu"=hex:15,27,99,ac,54,09,9c,1e,b8,eb,99,23,47,d9,21,15,78,dc,ce,9b,92,
   3d,af,71,86,b8,13,72,ff,b6,9a,09,9b,91,ee,3c,19,d5,ed,5a,b1,c9,4b,3a,4b,be,\
"rkeysecu"=hex:47,94,37,60,9a,f8,2e,4e,99,e7,dc,0a,4a,5b,28,75
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
.
**************************************************************************
.
Completion time: 2011-11-21  19:30:35 - machine was rebooted
ComboFix-quarantined-files.txt  2011-11-21 18:30
.
Pre-Run: 56 335 966 208 bytes free
Post-Run: 57 970 896 896 bytes free
.
- - End Of File - - 68BEC9A8C7821E47D637A98F061F7513