Dobry den
Poprosil by som Vas o kontrolu logu , ktory zasielam nizsie .
V poslednej dobe sa mi stavaju veci , napriklad nemozem pesunut misou z pracovnej plochy
na iny disk nejaky subor , pretoze po presunuti mi ukaze ze neexistuje . Jedine ze ho skopirujem a
dam vlozit tam kam chcem . To sa mi nestavalo .
Dalej nemozem spustit nejake programy . Tak mam nainstalovany Registry Booster ( aj ho mam aktivovany ) , no ked kliknem spustit ukaze sa na par sekund a potom zmizne . Ale pred tym mi isiel v poriadku .
Pouzivam :
Panda antivirus
Superantispyvare
Malvarebytes - aktivovany
CCleaner
Prosil by som o radu - a tu je log z Kombofixu :
===========================================
ComboFix 11-04-27.03 - Admin 28.04.2011 13:08:30.7.1 - x86
Running from: d:\documents and settings\Admin\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Panda Cloud Antivirus *Disabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
d:\documents and settings\Admin\Application Data\Adminlog.dat
d:\documents and settings\Admin\Application Data\facemoods.com
d:\documents and settings\Admin\lame_enc_en.dll
d:\documents and settings\Admin\lametritonus_en.dll
d:\documents and settings\Admin\WINDOWS
d:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
d:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
d:\windows\system32\msde40.dll
d:\windows\system32\Temp
d:\windows\system32\Temp\Kara_K5V.dll
d:\windows\system32\windir
.
----- BITS: Possible infected sites -----
.
hxxp://update.flock.com
.
((((((((((((((((((((((((( Files Created from 2011-03-28 to 2011-04-28 )))))))))))))))))))))))))))))))
.
.
2011-04-28 10:57 . 2011-04-28 10:55 388608 ----a-w- d:\windows\system32\CF9460.exe
2011-04-28 10:49 . 2011-04-28 10:49 -------- dc-h--w- d:\documents and settings\All Users\Application Data\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
2011-04-28 10:49 . 2011-04-28 10:49 -------- d-----w- d:\program files\Uniblue
2011-04-28 08:43 . 2011-04-28 08:43 2 --shatr- d:\windows\winstart.bat
2011-04-27 17:53 . 2011-04-27 17:53 -------- dc-h--w- d:\documents and settings\All Users\Application Data\{6DAA3B20-D487-4FA2-81D5-50404CCB868D}
2011-04-27 16:25 . 2011-04-27 17:14 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\panda2_0dn
2011-04-27 16:25 . 2011-04-28 09:20 -------- d-----w- d:\documents and settings\All Users\Application Data\Panda Security URL Filtering
2011-04-27 16:24 . 2011-04-27 16:25 -------- d-----w- d:\documents and settings\Admin\Application Data\pandasecuritytb
2011-04-27 16:23 . 2011-04-27 16:25 -------- d-----w- d:\program files\Panda Security
2011-04-27 15:06 . 2011-04-27 15:06 -------- d-----w- d:\windows\system32\wbem\Repository
2011-04-27 13:47 . 2011-04-27 15:06 -------- d-----w- d:\program files\123 Sound Recorder
2011-04-17 20:04 . 2011-04-17 20:06 -------- d-----w- D:\!KillBox
2011-04-17 11:26 . 2011-04-17 17:07 -------- d-----w- d:\program files\DrWeb
2011-04-11 16:22 . 2009-07-01 16:34 98304 ----a-w- d:\program files\Windows Media Player\in_midi.dll
2011-04-11 16:21 . 2010-02-11 07:56 155648 ----a-w- d:\program files\Windows Media Player\vlwmp.dll
2011-04-11 16:16 . 2011-04-11 16:16 -------- d-----w- d:\documents and settings\Admin\Application Data\VividLyrics
2011-04-11 09:01 . 2011-04-11 09:01 796672 ----a-w- d:\windows\GPInstall.exe
2011-04-09 21:05 . 2011-04-09 21:05 -------- d-----w- d:\documents and settings\Admin\Application Data\bearsharemediabartb
2011-04-09 15:36 . 2011-04-09 15:37 -------- d-----w- d:\documents and settings\Admin\Application Data\mediabarbs
2011-04-09 15:32 . 2011-04-09 21:32 -------- d-----w- d:\documents and settings\Admin\Local Settings\Application Data\BearShare
2011-04-09 13:36 . 2011-04-09 13:36 -------- d-----w- d:\documents and settings\All Users\Application Data\NCH Swift Sound
2011-04-09 13:15 . 2011-04-09 13:42 -------- d-----w- d:\documents and settings\Admin\Application Data\FMZilla
2011-04-09 09:54 . 2008-11-19 07:41 16640 ----a-w- d:\windows\system32\drivers\WsAudioDevice_383.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-13 13:46 . 2011-02-12 16:03 2560 ----a-w- d:\windows\_MSRSTRT.EXE
2011-01-29 14:55 . 2007-12-23 09:32 130432 ----a-w- d:\windows\system32\drivers\Rtnicxp.sys
2011-01-29 14:55 . 2011-01-29 14:55 73728 ----a-w- d:\windows\system32\RtNicProp32.dll
2011-01-29 14:50 . 2011-01-29 14:50 765952 ----a-w- d:\windows\system\crlds3d.dll
2011-01-29 14:50 . 2011-01-29 14:50 720896 ----a-w- d:\windows\system32\Audio3D.dll
2011-01-29 14:50 . 2011-01-29 14:50 720896 ----a-w- d:\windows\system32\a3d.dll
2011-01-29 14:50 . 2011-01-29 14:50 46592 ----a-w- d:\windows\SOUNDMAN.EXE
2011-01-29 14:50 . 2011-01-29 14:50 1607168 ----a-w- d:\windows\system32\ALSNDMGR.CPL
2011-01-29 14:50 . 2011-01-29 14:50 695852 ----a-w- d:\windows\system32\drivers\ALCXWDM.SYS
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}]
2010-12-19 14:46 86696 ----a-w- d:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "d:\program files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll" [2010-12-19 86696]
.
[HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Malware Icon]
@="{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}"
[HKEY_CLASSES_ROOT\CLSID\{F5D1CF73-C196-48F8-AAAC-B9181E22B4E6}]
2010-12-16 16:18 320832 ----a-w- d:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Panda Suspect Icon]
@="{9AE343CB-BA45-4618-AF6A-0230EE6FC793}"
[HKEY_CLASSES_ROOT\CLSID\{9AE343CB-BA45-4618-AF6A-0230EE6FC793}]
2010-12-16 16:18 320832 ----a-w- d:\program files\Panda Security\Panda Cloud Antivirus\PSUNShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB Firewall Protection"="2" [X]
"POP Peeper"="d:\program files\POP Peeper\POPPeeper.exe" [2010-09-09 1511424]
"RegistryBooster"="d:\program files\Uniblue\RegistryBooster\launcher.exe" [2011-03-14 67456]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"tsnp325"="d:\windows\tsnp325.exe" [2006-10-10 270336]
"snp325"="d:\windows\vsnp325.exe" [2006-10-10 827392]
"SunJavaUpdateSched"="d:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"Malwarebytes' Anti-Malware"="d:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-12-20 443728]
"TkBellExe"="d:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-09-15 198160]
"PSUNMain"="d:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2010-12-16 423232]
"Panda Security URL Filtering"="d:\documents and settings\All Users\Application Data\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2010-12-19 223400]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="d:\program files\Windows Sidebar\sidebar.exe" [2006-12-08 1253376]
"CTFMON.EXE"="d:\windows\system32\CTFMON.EXE" [2004-08-04 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2009-03-08 128512]
.
d:\documents and settings\Admin\Start Menu\Programs\Startup\
SJphone 1.65.lnk - d:\windows\Installer\{E1A45BFD-FD3E-45D7-AD5C-A29A506C2EB3}\SoftphoneIcon.exe [2010-10-13 20480]
Spamihilator.lnk - d:\program files\Spamihilator\spamihilator.exe [2010-5-11 1512448]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoResolveTrack"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
"StartMenuLogoff"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- d:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2005-01-31 14:13 49152 ----a-w- d:\progra~1\COMMON~1\stardock\MCPStub.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=xgusb.cpl
"midi2"=xgusb.cpl
"midi3"=xgusb.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-26 23:47 31016 ----a-w- d:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 18:50 155648 -c--a-w- d:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2011-01-29 14:50 46592 ----a-w- d:\windows\SOUNDMAN.EXE
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"d:\\WINDOWS\\system32\\mmc.exe"=
"d:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"d:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"=
"d:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\WINDOWS\\system32\\sessmgr.exe"=
"d:\\WINDOWS\\system32\\dpvsetup.exe"=
"d:\\Program Files\\uTorrent\\utorrent.exe"=
"d:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"d:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"d:\\Program Files\\Spamihilator\\spamihilator.exe"=
"d:\\Program Files\\Spamihilator\\cdcc.exe"=
"d:\\Program Files\\Spamihilator\\dccproc.exe"=
"d:\\Program Files\\SJphone 1.65\\SJphone.exe"=
"d:\\Program Files\\Java\\jre1.6.0_05\\bin\\javaw.exe"=
"d:\\Program Files\\Opera\\opera.exe"=
"d:\\Program Files\\Avant Browser\\avant.exe"=
"d:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"d:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"d:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"d:\\Program Files\\POP Peeper\\POPPeeper.exe"=
"d:\\Moje dokumenty\\Strong DC++\\StrongDC++\\StrongDC.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"8000:UDP"= 8000:UDP:Express Talk RTP Incoming Audio (UDP)
"8001:UDP"= 8001:UDP:Express Talk RTP Incoming Audio (UDP)
"8002:UDP"= 8002:UDP:Express Talk RTP Incoming Audio (UDP)
"8003:UDP"= 8003:UDP:Express Talk RTP Incoming Audio (UDP)
"8004:UDP"= 8004:UDP:Express Talk RTP Incoming Audio (UDP)
"8005:UDP"= 8005:UDP:Express Talk RTP Incoming Audio (UDP)
"8006:UDP"= 8006:UDP:Express Talk RTP Incoming Audio (UDP)
"8007:UDP"= 8007:UDP:Express Talk RTP Incoming Audio (UDP)
"8008:UDP"= 8008:UDP:Express Talk RTP Incoming Audio (UDP)
"8009:UDP"= 8009:UDP:Express Talk RTP Incoming Audio (UDP)
"5070:UDP"= 5070:UDP:Express Talk Sip Incoming Calls (UDP)
"94:TCP"= 94:TCP:VRS Recording System Web Control Panel
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R2 DrWebEngine;Dr.Web Scanning Engine (DrWebEngine);d:\program files\Common Files\Doctor Web\Scanning Engine\dwengine.exe [x]
R2 DUMeterSvc;DU Meter Service; [x]
R2 gupdate1ca24c7f0166fb0;Služba Google Update (gupdate1ca24c7f0166fb0); [x]
R3 SNP325;USB PC Camera (SNPSTD325);d:\windows\system32\DRIVERS\snp325.sys [2007-04-03 10251904]
S1 PSINKNC;PSINKNC;d:\windows\system32\DRIVERS\psinknc.sys [2010-12-16 130376]
S1 SASDIFSV;SASDIFSV;d:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;d:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S2 MBAMService;MBAMService;d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 NanoServiceMain;Panda Cloud Antivirus Service;d:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2010-12-16 140608]
S2 PSINAflt;PSINAflt;d:\windows\system32\DRIVERS\PSINAflt.sys [2010-12-16 141768]
S2 PSINFile;PSINFile;d:\windows\system32\DRIVERS\PSINFile.sys [2010-12-16 97352]
S2 PSINProc;PSINProc;d:\windows\system32\DRIVERS\PSINProc.sys [2010-12-16 111944]
S2 PSINProt;PSINProt;d:\windows\system32\DRIVERS\PSINProt.sys [2010-12-16 113096]
S3 MBAMProtector;MBAMProtector;d:\windows\system32\drivers\mbam.sys [2010-12-20 20952]
S3 MEMSWEEP2;MEMSWEEP2;d:\windows\system32\6.tmp [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - RKREVEAL150
*Deregistered* - UnHackMeDrv
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{34A19196-274E-4D75-9D30-D7A45A0A4178}]
2004-08-04 04:00 11776 -c--a-w- d:\program files\Windows Sidebar\regsvr32.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6B9228DA-9C15-419e-856C-19E768A13BDC}]
2004-08-04 04:00 11776 -c--a-w- d:\program files\Windows Sidebar\regsvr32.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{BADA65A0-86B7-462B-B720-CE66655C73F5}]
2006-11-09 05:57 38912 -c--a-w- d:\vaio\vshellext.dll
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-27 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1202660629-1957994488-1003Core.job
- d:\documents and settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-02-03 14:51]
.
2011-04-28 d:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-1202660629-1957994488-1003UA.job
- d:\documents and settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-02-03 14:51]
.
2011-04-28 d:\windows\Tasks\RegistryBooster.job
- d:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2011-03-14 15:31]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.szm.sk/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Excel - d:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{230D1201-7607-4CF6-A11F-9E4BF0A333E0} - {0DB13731-CEFD-43CF-A8FD-B61DCBC4D5B8} - d:\program files\Verdict Free\etnxp.dll
IE: {{2C73F784-D2DE-4422-B070-2E3332FE5744} - {0320AC26-52C8-4316-B2C4-24BB6FA73C9A} - d:\program files\Verdict Free\etnxp.dll
Trusted Zone: stv.sk\www
FF - ProfilePath - d:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\xliuc52f.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage -
hxxp://search.bearshare.com/
FF - prefs.js: keyword.URL -
hxxp://search.yahoo.com/search?fr=panda ... 0000001&p=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - %profile%\extensions\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}
FF - Ext: MediaBar: {E84D42CA-64EB-11DE-A65F-8C3656D89593} - %profile%\extensions\{E84D42CA-64EB-11DE-A65F-8C3656D89593}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - d:\program files\Real\RealPlayer\browserrecord
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKCU-Run-eyeBeam SIP Client - (no file)
HKLM_ActiveSetup-Windows Sidebar - d:\windows\system32\hidec
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2011-04-28 13:32
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MEMSWEEP2]
"ImagePath"="\??\d:\windows\system32\6.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1715567821-1202660629-1957994488-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="d:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1068)
d:\program files\SUPERAntiSpyware\SASWINLO.DLL
d:\progra~1\COMMON~1\Stardock\mcpstub.dll
.
Completion time: 2011-04-28 13:40:52
ComboFix-quarantined-files.txt 2011-04-28 11:40
.
Pre-Run: 12 492 582 912 bytes free
Post-Run: 10 adresárov, 12 648 861 696 voľných bajtov
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
.
- - End Of File - - 43ACD9DAB1E9F3BA9FD2C01E08D4EDA6
