API tools faq
paste
Advertisement
Guest User

combo

a guest
Jun 28th, 2012
71
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 27.71 KB | None | 0 0
raw download clone embed print report
  1. ComboFix 12-06-27.01 - nick 27/06/2012 23:21:19.1.2 - x86
  2. Microsoft Windows XP Home Edition 5.1.2600.3.1253.30.1032.18.1022.503 [GMT 3:00]
  3. Running from: f:\τα έγγραφα μου\Ληφθέντα αρχεία\ComboFix.exe
  4. .
  5. .
  6. ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
  7. .
  8. .
  9. c:\documents and settings\All Users\Application Data\TEMP
  10. c:\documents and settings\nick\Application Data\facemoods.com
  11. c:\documents and settings\nick\Application Data\PriceGong
  12. c:\documents and settings\nick\Application Data\PriceGong\Data\1.xml
  13. c:\documents and settings\nick\Application Data\PriceGong\Data\a.xml
  14. c:\documents and settings\nick\Application Data\PriceGong\Data\b.xml
  15. c:\documents and settings\nick\Application Data\PriceGong\Data\c.xml
  16. c:\documents and settings\nick\Application Data\PriceGong\Data\d.xml
  17. c:\documents and settings\nick\Application Data\PriceGong\Data\e.xml
  18. c:\documents and settings\nick\Application Data\PriceGong\Data\f.xml
  19. c:\documents and settings\nick\Application Data\PriceGong\Data\g.xml
  20. c:\documents and settings\nick\Application Data\PriceGong\Data\h.xml
  21. c:\documents and settings\nick\Application Data\PriceGong\Data\i.xml
  22. c:\documents and settings\nick\Application Data\PriceGong\Data\J.xml
  23. c:\documents and settings\nick\Application Data\PriceGong\Data\k.xml
  24. c:\documents and settings\nick\Application Data\PriceGong\Data\l.xml
  25. c:\documents and settings\nick\Application Data\PriceGong\Data\m.xml
  26. c:\documents and settings\nick\Application Data\PriceGong\Data\mru.xml
  27. c:\documents and settings\nick\Application Data\PriceGong\Data\n.xml
  28. c:\documents and settings\nick\Application Data\PriceGong\Data\o.xml
  29. c:\documents and settings\nick\Application Data\PriceGong\Data\p.xml
  30. c:\documents and settings\nick\Application Data\PriceGong\Data\q.xml
  31. c:\documents and settings\nick\Application Data\PriceGong\Data\r.xml
  32. c:\documents and settings\nick\Application Data\PriceGong\Data\s.xml
  33. c:\documents and settings\nick\Application Data\PriceGong\Data\t.xml
  34. c:\documents and settings\nick\Application Data\PriceGong\Data\u.xml
  35. c:\documents and settings\nick\Application Data\PriceGong\Data\v.xml
  36. c:\documents and settings\nick\Application Data\PriceGong\Data\w.xml
  37. c:\documents and settings\nick\Application Data\PriceGong\Data\x.xml
  38. c:\documents and settings\nick\Application Data\PriceGong\Data\y.xml
  39. c:\documents and settings\nick\Application Data\PriceGong\Data\z.xml
  40. c:\documents and settings\nick\Local Settings\Application Data\{1b63943d-e31c-cd2d-7a63-5dd2deb1a814}
  41. c:\documents and settings\nick\Local Settings\Application Data\{1b63943d-e31c-cd2d-7a63-5dd2deb1a814}\@
  42. c:\documents and settings\nick\Local Settings\Application Data\{1b63943d-e31c-cd2d-7a63-5dd2deb1a814}\n
  43. c:\documents and settings\nick\Local Settings\Application Data\{1b63943d-e31c-cd2d-7a63-5dd2deb1a814}\U\00000001.@
  44. c:\documents and settings\nick\Local Settings\Application Data\{1b63943d-e31c-cd2d-7a63-5dd2deb1a814}\U\80000000.@
  45. c:\documents and settings\nick\Local Settings\Application Data\{1b63943d-e31c-cd2d-7a63-5dd2deb1a814}\U\800000cb.@
  46. c:\documents and settings\nick\Local Settings\Application Data\assembly\tmp
  47. c:\windows\Installer\{1b63943d-e31c-cd2d-7a63-5dd2deb1a814}
  48. c:\windows\Installer\{1b63943d-e31c-cd2d-7a63-5dd2deb1a814}\@
  49. c:\windows\Installer\{1b63943d-e31c-cd2d-7a63-5dd2deb1a814}\n
  50. c:\windows\system32\SET18C.tmp
  51. c:\windows\system32\SET198.tmp
  52. f:\τα έγγραφα μου\vlc-2.0.1-win32.exe
  53. .
  54. .
  55. ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
  56. .
  57. .
  58. -------\Legacy_NPF
  59. .
  60. .
  61. ((((((((((((((((((((((((( Files Created from 2012-05-27 to 2012-06-27 )))))))))))))))))))))))))))))))
  62. .
  63. .
  64. 2012-06-27 20:12 . 2012-06-27 20:12 -------- d-----w- c:\documents and settings\nick\Local Settings\Application Data\AskToolbar
  65. 2012-06-27 18:01 . 2012-06-27 18:01 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla
  66. 2012-06-27 17:32 . 2012-06-27 20:12 -------- d-----w- C:\sh4ldr
  67. 2012-06-27 17:32 . 2012-06-27 17:32 -------- d-----w- c:\program files\Enigma Software Group
  68. 2012-06-27 17:32 . 2012-06-27 20:12 -------- d-----w- c:\windows\9E897D0FF80441A3966C7BB6EB5B6BE8.TMP
  69. 2012-06-27 17:31 . 2012-06-27 17:31 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
  70. 2012-06-27 17:26 . 2012-06-27 17:26 -------- d-----w- c:\documents and settings\nick\Application Data\DriverCure
  71. 2012-06-27 17:26 . 2012-06-27 17:26 -------- d-----w- c:\documents and settings\nick\Application Data\SpeedyPC Software
  72. 2012-06-27 17:26 . 2012-06-27 20:12 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedyPC Software
  73. 2012-06-27 17:08 . 2012-06-27 17:08 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
  74. 2012-06-27 06:19 . 2012-06-27 17:09 -------- d-----w- c:\documents and settings\nick\Application Data\DAEMON Tools Lite
  75. 2012-06-27 06:19 . 2012-06-27 17:08 -------- d-----w- c:\program files\DAEMON Tools Lite
  76. 2012-06-27 06:18 . 2012-06-27 06:19 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
  77. 2012-06-19 14:23 . 2012-06-19 14:23 -------- d-----w- c:\documents and settings\nick\Application Data\Corel
  78. 2012-06-19 14:23 . 2012-06-19 14:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Protexis
  79. 2012-06-19 14:22 . 2012-06-19 14:22 -------- d-----w- c:\documents and settings\nick\Application Data\Ulead Systems
  80. 2012-06-19 14:22 . 2012-06-19 14:22 -------- d-----w- c:\documents and settings\nick\Local Settings\Application Data\Corel PaintShop Pro
  81. 2012-06-19 14:21 . 2012-06-24 13:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Corel
  82. 2012-06-19 14:21 . 2012-06-19 14:21 -------- d-----w- c:\program files\Common Files\Protexis
  83. 2012-06-19 14:17 . 2012-06-19 14:17 -------- d-----w- c:\program files\Corel
  84. 2012-06-19 14:17 . 2007-07-19 21:57 267112 ----a-w- c:\windows\system32\xactengine2_9.dll
  85. 2012-06-19 14:17 . 2007-06-20 17:46 266088 ----a-w- c:\windows\system32\xactengine2_8.dll
  86. 2012-06-19 14:17 . 2007-05-16 13:45 443752 ----a-w- c:\windows\system32\d3dx10_34.dll
  87. 2012-06-19 14:17 . 2007-05-16 13:45 1124720 ----a-w- c:\windows\system32\D3DCompiler_34.dll
  88. 2012-06-19 14:17 . 2007-04-04 15:53 81768 ----a-w- c:\windows\system32\xinput1_3.dll
  89. 2012-06-19 14:17 . 2007-04-04 15:55 261480 ----a-w- c:\windows\system32\xactengine2_7.dll
  90. 2012-06-19 14:17 . 2007-03-15 13:57 443752 ----a-w- c:\windows\system32\d3dx10_33.dll
  91. 2012-06-19 14:17 . 2007-03-12 13:42 1123696 ----a-w- c:\windows\system32\D3DCompiler_33.dll
  92. 2012-06-19 12:21 . 2012-06-19 12:21 -------- d-----w- c:\documents and settings\All Users\Application Data\regid.1986-12.com.adobe
  93. 2012-06-19 11:24 . 2012-06-19 11:24 -------- d-----w- c:\documents and settings\nick\Local Settings\Application Data\fontconfig
  94. 2012-06-19 11:24 . 2012-06-19 11:43 -------- d-----w- c:\documents and settings\nick\.gimp-2.8
  95. 2012-06-19 11:24 . 2012-06-19 11:24 -------- d-----w- c:\documents and settings\nick\Local Settings\Application Data\gegl-0.2
  96. 2012-06-13 11:59 . 2012-05-11 14:41 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
  97. 2012-06-11 14:22 . 2012-05-13 17:05 79872 ----a-w- c:\windows\system32\ff_vfw.dll
  98. 2012-06-11 14:22 . 2012-06-11 14:22 -------- d-----w- c:\program files\ffdshow
  99. 2012-06-11 14:19 . 2012-06-11 14:19 -------- d-----w- c:\program files\Haali
  100. 2012-06-11 13:45 . 2012-06-11 13:45 -------- d-----w- c:\documents and settings\nick\Application Data\RealNetworks
  101. 2012-06-02 13:14 . 2012-06-02 13:48 -------- d-----w- c:\documents and settings\nick\Application Data\Nero
  102. 2012-06-02 13:11 . 2012-06-02 13:12 -------- d-----w- c:\program files\Common Files\Nero
  103. 2012-06-02 13:11 . 2012-06-02 13:13 -------- d-----w- c:\program files\Nero
  104. 2012-06-02 13:11 . 2012-06-02 13:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
  105. 2012-06-02 13:05 . 2012-06-02 13:05 -------- d-----w- c:\program files\Ask.com
  106. 2012-06-02 13:05 . 2008-10-15 03:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
  107. 2012-06-02 13:04 . 2007-05-16 13:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll
  108. 2012-06-01 18:35 . 2012-06-01 18:35 -------- d-----w- c:\program files\Common Files\xing shared
  109. 2012-05-30 17:33 . 2012-05-30 17:33 -------- d-----w- c:\documents and settings\nick\Application Data\Command & Conquer 3 Kane's Wrath
  110. 2012-05-30 17:32 . 2007-10-22 00:39 267272 ----a-w- c:\windows\system32\xactengine2_10.dll
  111. 2012-05-30 17:32 . 2007-10-22 00:37 17928 ----a-w- c:\windows\system32\X3DAudio1_2.dll
  112. 2012-05-30 17:32 . 2007-10-12 12:14 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll
  113. 2012-05-30 17:32 . 2007-10-02 06:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
  114. 2012-05-30 17:32 . 2007-10-12 12:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
  115. .
  116. .
  117. .
  118. (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
  119. .
  120. 2012-06-23 11:35 . 2012-04-23 16:26 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
  121. 2012-06-23 11:35 . 2011-05-30 07:33 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
  122. 2012-06-02 12:19 . 2009-08-06 17:24 24088 ----a-w- c:\windows\system32\wucltui.dll.mui
  123. 2012-06-02 12:19 . 2009-08-06 17:24 16408 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
  124. 2012-06-02 12:19 . 2009-08-06 17:24 16408 ----a-w- c:\windows\system32\wuapi.dll.mui
  125. 2012-06-02 12:19 . 2010-12-22 05:29 329240 ----a-w- c:\windows\system32\wucltui.dll
  126. 2012-06-02 12:19 . 2010-12-22 05:29 210968 ----a-w- c:\windows\system32\wuweb.dll
  127. 2012-06-02 12:19 . 2010-12-22 05:29 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
  128. 2012-06-02 12:19 . 2010-12-22 05:29 53784 ----a-w- c:\windows\system32\wuauclt.exe
  129. 2012-06-02 12:19 . 2010-12-22 05:29 35864 ----a-w- c:\windows\system32\wups.dll
  130. 2012-06-02 12:19 . 2009-08-06 17:24 45080 ----a-w- c:\windows\system32\wups2.dll
  131. 2012-06-02 12:19 . 2006-03-02 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
  132. 2012-06-02 12:19 . 2010-12-22 05:29 577048 ----a-w- c:\windows\system32\wuapi.dll
  133. 2012-06-02 12:19 . 2009-08-06 17:23 19480 ----a-w- c:\windows\system32\wuaueng.dll.mui
  134. 2012-06-02 12:19 . 2010-12-22 05:29 1933848 ----a-w- c:\windows\system32\wuaueng.dll
  135. 2012-06-02 12:19 . 2010-12-22 10:51 18672 ----a-w- c:\windows\system32\mucltui.dll.mui
  136. 2012-06-02 12:18 . 2010-12-22 10:51 275696 ----a-w- c:\windows\system32\mucltui.dll
  137. 2012-06-02 12:18 . 2010-12-22 10:51 214256 ----a-w- c:\windows\system32\muweb.dll
  138. 2012-06-01 18:34 . 2011-12-05 16:02 499712 ----a-w- c:\windows\system32\msvcp71.dll
  139. 2012-05-31 13:21 . 2006-03-02 12:00 604160 ----a-w- c:\windows\system32\crypt32.dll
  140. 2012-05-24 21:18 . 2012-05-24 21:18 4472832 ----a-w- c:\windows\system32\GPhotos.scr
  141. 2012-05-16 15:06 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
  142. 2012-05-15 13:55 . 2006-03-02 12:00 1863424 ----a-w- c:\windows\system32\win32k.sys
  143. 2012-05-15 10:18 . 2011-12-31 19:33 65536 ----a-w- c:\windows\system32\OpenCL.dll
  144. 2012-05-15 10:18 . 2011-12-31 19:33 883008 ----a-w- c:\windows\system32\nvgenco32.dll
  145. 2012-05-15 10:18 . 2011-12-31 19:33 2530624 ----a-w- c:\windows\system32\nvcuvid.dll
  146. 2012-05-15 10:18 . 2011-12-31 19:33 1000768 ----a-w- c:\windows\system32\nvdispco32.dll
  147. 2012-05-15 10:18 . 2011-12-31 19:33 6012928 ----a-w- c:\windows\system32\nvcuda.dll
  148. 2012-05-15 10:18 . 2011-12-31 19:33 2445120 ----a-w- c:\windows\system32\nvcuvenc.dll
  149. 2012-05-15 10:18 . 2011-12-31 19:33 17543168 ----a-w- c:\windows\system32\nvcompiler.dll
  150. 2012-05-15 10:18 . 2006-02-15 11:07 18771968 ----a-w- c:\windows\system32\nvoglnt.dll
  151. 2012-05-15 10:18 . 2006-02-13 13:05 4373248 ----a-w- c:\windows\system32\nv4_disp.dll
  152. 2012-05-15 10:18 . 2006-02-13 13:05 2359808 ----a-w- c:\windows\system32\nvapi.dll
  153. 2012-05-15 10:18 . 2006-02-13 13:05 14014656 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
  154. 2012-05-15 09:43 . 2006-02-13 13:05 229376 ----a-w- c:\windows\system32\nvrszhc.dll
  155. 2012-05-15 09:43 . 2011-12-31 19:34 253952 ----a-w- c:\windows\system32\nvrsth.dll
  156. 2012-05-15 09:43 . 2006-02-13 13:05 282624 ----a-w- c:\windows\system32\nvrsit.dll
  157. 2012-05-15 09:43 . 2006-02-13 13:05 253952 ----a-w- c:\windows\system32\nvrssv.dll
  158. 2012-05-15 09:43 . 2006-02-13 13:05 126976 ----a-w- c:\windows\system32\nvrszht.dll
  159. 2012-05-15 09:43 . 2006-02-13 13:05 335872 ----a-w- c:\windows\system32\nvrsar.dll
  160. 2012-05-15 09:43 . 2006-02-13 13:05 282624 ----a-w- c:\windows\system32\nvrsel.dll
  161. 2012-05-15 09:43 . 2006-02-13 13:05 274432 ----a-w- c:\windows\system32\nvrsnl.dll
  162. 2012-05-15 09:43 . 2006-02-13 13:05 274432 ----a-w- c:\windows\system32\nvrsesm.dll
  163. 2012-05-15 09:43 . 2006-02-13 13:05 266240 ----a-w- c:\windows\system32\nvrsko.dll
  164. 2012-05-15 09:43 . 2006-02-13 13:05 249856 ----a-w- c:\windows\system32\nvrseng.dll
  165. 2012-05-15 09:43 . 2006-02-13 13:05 335872 ----a-w- c:\windows\system32\nvrshe.dll
  166. 2012-05-15 09:43 . 2006-02-13 13:05 286720 ----a-w- c:\windows\system32\nvrsfr.dll
  167. 2012-05-15 09:43 . 2006-02-13 13:05 274432 ----a-w- c:\windows\system32\nvrspt.dll
  168. 2012-05-15 09:43 . 2006-02-13 13:05 258048 ----a-w- c:\windows\system32\nvrssl.dll
  169. 2012-05-15 09:43 . 2006-02-13 13:05 253952 ----a-w- c:\windows\system32\nvrsno.dll
  170. 2012-05-15 09:43 . 2006-02-13 13:05 249856 ----a-w- c:\windows\system32\nvrsfi.dll
  171. 2012-05-15 09:43 . 2006-02-13 13:05 282624 ----a-w- c:\windows\system32\nvrses.dll
  172. 2012-05-15 09:43 . 2006-02-13 13:05 270336 ----a-w- c:\windows\system32\nvrsru.dll
  173. 2012-05-15 09:43 . 2006-02-13 13:05 258048 ----a-w- c:\windows\system32\nvrssk.dll
  174. 2012-05-15 09:43 . 2006-02-13 13:05 262144 ----a-w- c:\windows\system32\nvrshu.dll
  175. 2012-05-15 09:43 . 2006-02-13 13:05 258048 ----a-w- c:\windows\system32\nvrstr.dll
  176. 2012-05-15 09:43 . 2006-02-13 13:05 253952 ----a-w- c:\windows\system32\nvrsda.dll
  177. 2012-05-15 09:43 . 2006-02-13 13:05 274432 ----a-w- c:\windows\system32\nvrsja.dll
  178. 2012-05-15 09:43 . 2006-02-13 13:05 258048 ----a-w- c:\windows\system32\nvrspl.dll
  179. 2012-05-15 09:43 . 2006-02-13 13:05 278528 ----a-w- c:\windows\system32\nvrsde.dll
  180. 2012-05-15 09:43 . 2006-02-13 13:05 270336 ----a-w- c:\windows\system32\nvrsptb.dll
  181. 2012-05-15 09:43 . 2006-02-13 13:05 249856 ----a-w- c:\windows\system32\nvrscs.dll
  182. 2012-05-15 09:40 . 2006-02-13 13:05 54272 ----a-w- c:\windows\system32\nvwddi.dll
  183. 2012-05-15 09:40 . 2006-02-13 13:05 15504192 ----a-w- c:\windows\system32\nvcpl.dll
  184. 2012-05-15 09:40 . 2006-02-13 13:05 143680 ----a-w- c:\windows\system32\nvcolor.exe
  185. 2012-05-15 09:40 . 2006-02-13 13:05 164160 ----a-w- c:\windows\system32\nvsvc32.exe
  186. 2012-05-15 09:40 . 2006-02-13 13:05 108352 ----a-w- c:\windows\system32\nvmctray.dll
  187. 2012-05-11 14:41 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
  188. 2012-05-11 14:41 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
  189. 2012-05-11 11:38 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
  190. 2012-05-05 03:14 . 2006-03-02 12:00 2155520 ----a-w- c:\windows\system32\ntoskrnl.exe
  191. 2012-05-05 03:14 . 2004-09-04 06:41 2033664 ----a-w- c:\windows\system32\ntkrnlpa.exe
  192. 2012-05-02 13:47 . 2010-12-22 05:27 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
  193. 2012-04-23 16:35 . 2010-12-29 16:38 73728 ----a-w- c:\windows\system32\javacpl.cpl
  194. 2012-04-23 16:35 . 2010-12-29 16:38 472808 ----a-w- c:\windows\system32\deployJava1.dll
  195. 2012-04-04 12:56 . 2011-10-25 09:55 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
  196. .
  197. .
  198. ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
  199. .
  200. .
  201. *Note* empty entries & legit default entries are not shown
  202. REGEDIT4
  203. .
  204. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
  205. "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo2.dll" [2011-05-09 176936]
  206. .
  207. [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
  208. .
  209. [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
  210. 2011-05-09 09:49 176936 ----a-w- c:\program files\uTorrentBar\prxtbuTo2.dll
  211. .
  212. [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
  213. 2010-05-21 09:17 1233288 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
  214. .
  215. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  216. "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\prxtbuTo2.dll" [2011-05-09 176936]
  217. "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-21 1233288]
  218. .
  219. [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
  220. .
  221. [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
  222. [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
  223. [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
  224. [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
  225. .
  226. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
  227. "{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\prxtbuTo2.dll" [2011-05-09 176936]
  228. "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-21 1233288]
  229. .
  230. [HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
  231. .
  232. [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
  233. [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
  234. [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
  235. [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
  236. .
  237. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  238. "NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]
  239. "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
  240. .
  241. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  242. "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952]
  243. "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-01-21 91520]
  244. "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
  245. "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
  246. "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
  247. "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-05-15 15504192]
  248. "NvMediaCenter"="NvMCTray.dll" [2012-05-15 108352]
  249. "nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2012-05-15 1634112]
  250. "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-06-01 296056]
  251. "WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-03-22 74752]
  252. "AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
  253. "SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
  254. "AdobeCS5.5ServiceManager"="c:\program files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
  255. "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
  256. .
  257. [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
  258. "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
  259. .
  260. [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
  261. "%windir%\\system32\\sessmgr.exe"=
  262. .
  263. R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [27/6/2012 8:08 μμ 242240]
  264. R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [4/5/2010 12:07 μμ 503080]
  265. R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [23/4/2012 2:23 μμ 1262400]
  266. R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [19/6/2012 5:32 μμ 3048136]
  267. R3 SNCT511;See U Camera;c:\windows\system32\drivers\snct511.sys [19/6/2012 11:32 πμ 219264]
  268. S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/1/2011 1:09 πμ 136176]
  269. S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [14/6/2012 11:37 πμ 160944]
  270. S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [23/4/2012 7:26 μμ 250056]
  271. S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [24/12/2010 2:10 μμ 13192]
  272. S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [24/12/2010 2:10 μμ 8456]
  273. S3 gupdatem;Υπηρεσία Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [10/1/2011 1:09 πμ 136176]
  274. S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [21/1/2010 5:51 μμ 30963576]
  275. S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [11/5/2012 11:23 μμ 113120]
  276. S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9/1/2010 8:37 μμ 4640000]
  277. S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19/2/2010 1:37 μμ 517096]
  278. S3 wxpSvc;webcamXP Service;c:\program files\wLite\wService.exe [3/5/2010 12:34 πμ 5027328]
  279. .
  280. Contents of the 'Scheduled Tasks' folder
  281. .
  282. 2012-06-27 c:\windows\Tasks\Adobe Flash Player Updater.job
  283. - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 11:35]
  284. .
  285. 2012-06-26 c:\windows\Tasks\debutShakeIcon.job
  286. - c:\program files\NCH Software\Debut\debut.exe [2012-06-19 10:50]
  287. .
  288. 2012-06-26 c:\windows\Tasks\ExpressBurnReminder.job
  289. - c:\program files\NCH Software\ExpressBurn\expressburn.exe [2012-06-19 10:51]
  290. .
  291. 2012-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  292. - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-09 22:09]
  293. .
  294. 2012-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  295. - c:\program files\Google\Update\GoogleUpdate.exe [2011-01-09 22:09]
  296. .
  297. 2012-06-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-220523388-1592454029-725345543-1004Core.job
  298. - c:\documents and settings\nick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-12-22 06:01]
  299. .
  300. 2012-06-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-220523388-1592454029-725345543-1004UA.job
  301. - c:\documents and settings\nick\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-12-22 06:01]
  302. .
  303. 2012-06-26 c:\windows\Tasks\prismShakeIcon.job
  304. - c:\program files\NCH Software\Prism\prism.exe [2012-06-19 10:50]
  305. .
  306. 2012-06-27 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-220523388-1592454029-725345543-1004.job
  307. - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 15:21]
  308. .
  309. 2012-06-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-220523388-1592454029-725345543-1004.job
  310. - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-04-30 15:21]
  311. .
  312. 2012-06-27 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
  313. - c:\program files\Ask.com\UpdateTask.exe [2010-05-21 09:17]
  314. .
  315. 2012-06-27 c:\windows\Tasks\Screamer Radio.job
  316. - c:\docume~1\nick\6808~1\system\players\SCREAM~1\screamer.exe [2010-11-20 14:58]
  317. .
  318. 2012-06-22 c:\windows\Tasks\videopadShakeIcon.job
  319. - c:\program files\NCH Software\VideoPad\videopad.exe [2012-06-19 10:50]
  320. .
  321. .
  322. ------- Supplementary Scan -------
  323. .
  324. uStart Page = hxxp://greek.toggle.com/el/index.php?rvs=google/
  325. mStart Page = hxxp://greek.toggle.com/el/index.php?rvs=google
  326. uInternet Connection Wizard,ShellNext = iexplore
  327. IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
  328. IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office14\EXCEL.EXE/3000
  329. IE: Se&nd to OneNote - c:\progra~1\MI1933~1\Office14\ONBttnIE.dll/105
  330. TCP: DhcpNameServer = 192.168.1.1
  331. FF - ProfilePath - c:\documents and settings\nick\Application Data\Mozilla\Firefox\Profiles\ock63add.default\
  332. FF - prefs.js: browser.startup.homepage - www.google.gr
  333. .
  334. - - - - ORPHANS REMOVED - - - -
  335. .
  336. HKCU-Run-DAEMON Tools Pro Agent - c:\program files\DAEMON Tools Pro\DTAgent.exe
  337. HKLM-Run-GhostMouse - c:\program files\GhostMouse Free\GhostMouse.exe
  338. HKLM-Run-avgnt - c:\program files\Avira\AntiVir Desktop\avgnt.exe
  339. AddRemove-Opera 11.11.2109 - c:\program files\Opera\Opera.exe
  340. AddRemove-Streamripper - c:\program files\Streamripper\Uninstall.exe
  341. AddRemove-{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1 - c:\program files\Core Temp\unins000.exe
  342. .
  343. .
  344. .
  345. **************************************************************************
  346. .
  347. catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
  348. Rootkit scan 2012-06-27 23:31
  349. Windows 5.1.2600 Service Pack 3 NTFS
  350. .
  351. scanning hidden processes ...
  352. .
  353. scanning hidden autostart entries ...
  354. .
  355. scanning hidden files ...
  356. .
  357. scan completed successfully
  358. hidden files: 0
  359. .
  360. **************************************************************************
  361. .
  362. [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wxpSvc]
  363. "ImagePath"="c:\program files\wLite\wService.exe /startedbyscm:5053B757-40E35B3B-webcamSRV"
  364. .
  365. --------------------- LOCKED REGISTRY KEYS ---------------------
  366. .
  367. [HKEY_USERS\S-1-5-21-220523388-1592454029-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\jpg ֚€|Φ[d
  368. H†s•]
  369. @Class="Shell"
  370. "a"="c:\\Documents and Settings\\nick\\Επιφάνεια εργασίας\\Φάκελος\\1111111111111.?g??????D"
  371. "MRUList"="cba"
  372. "b"="c:\\Documents and Settings\\nick\\Επιφάνεια εργασίας\\Φάκελος\\22222222222.?g??????D"
  373. "c"="c:\\Documents and Settings\\nick\\Επιφάνεια εργασίας\\Φάκελος\\ASPROMAYRI1.?g??????D"
  374. .
  375. [HKEY_USERS\S-1-5-21-220523388-1592454029-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. jpg ֚€|Φ[d
  376. H†s•]
  377. @Class="Shell"
  378. .
  379. [HKEY_USERS\S-1-5-21-220523388-1592454029-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\. jpg ֚€|Φ[d
  380. H†s•\OpenWithList]
  381. @Class="Shell"
  382. "a"="Corel PaintShop Pro.exe"
  383. "MRUList"="a"
  384. .
  385. [HKEY_USERS\S-1-5-21-220523388-1592454029-725345543-1004\Software\SecuROM\License information*]
  386. "datasecu"=hex:74,82,93,d0,a7,bf,04,d4,cc,69,8c,d6,08,47,0f,19,5f,fe,14,cc,e8,
  387. 66,c0,f1,0f,fd,bb,0c,58,69,c3,a0,1b,bd,f4,34,82,b8,de,35,1a,f5,a1,08,3b,71,\
  388. "rkeysecu"=hex:49,1a,27,73,6a,63,8e,bb,5b,74,f0,10,22,0b,a7,bb
  389. .
  390. --------------------- DLLs Loaded Under Running Processes ---------------------
  391. .
  392. - - - - - - - > 'explorer.exe'(2000)
  393. c:\program files\Unlocker\UnlockerHook.dll
  394. c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
  395. c:\progra~1\MI1933~1\Office14\1033\GrooveIntlResource.dll
  396. c:\windows\system32\msi.dll
  397. c:\windows\system32\webcheck.dll
  398. c:\windows\system32\WPDShServiceObj.dll
  399. c:\windows\system32\PortableDeviceTypes.dll
  400. c:\windows\system32\PortableDeviceApi.dll
  401. .
  402. ------------------------ Other Running Processes ------------------------
  403. .
  404. c:\windows\ATKKBService.exe
  405. c:\program files\Java\jre6\bin\jqs.exe
  406. c:\program files\Google\Update\1.3.21.111\GoogleCrashHandler.exe
  407. c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
  408. c:\windows\system32\nvsvc32.exe
  409. c:\program files\Common Files\Protexis\License Service\PsiService_2.exe
  410. c:\windows\system32\RunDLL32.exe
  411. c:\windows\system32\wbem\wmiapsrv.exe
  412. c:\windows\system32\wscntfy.exe
  413. .
  414. **************************************************************************
  415. .
  416. Completion time: 2012-06-27 23:32:51 - machine was rebooted
  417. ComboFix-quarantined-files.txt 2012-06-27 20:32
  418. .
  419. Pre-Run: 7 Κατάλογοι 52.699.578.368 διαθέσιμα byte
  420. Post-Run: 9 Κατάλογοι 53.017.104.384 διαθέσιμα byte
  421. .
  422. WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
  423. [boot loader]
  424. timeout=2
  425. default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
  426. [operating systems]
  427. c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
  428. UnsupportedDebug="do not select this" /debug
  429. multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
  430. .
  431. - - End Of File - - 8112281666344426AB71DCC16D5E9397
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!