ComboFix 12-02-19.02 - Angel 21/02/2012  20:17:07.1.4 - x64 NETWORK
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.4044.3332 [GMT 0:00]
Running from: c:\users\Angel\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Acrotra.Bin
c:\programdata\NOTEPAD.EXE-x.txt
c:\programdata\RUNDLL32.EXE-x.txt
c:\users\Angel\AppData\Local\Microsoft\Windows\Temporary Internet Files\{12156113-CE4E-4A16-AD62-0F578FABDD7A}.xps
c:\users\Angel\AppData\Local\Microsoft\Windows\Temporary Internet Files\{8D849512-0F24-4A1A-98D7-47D445854541}.xps
c:\users\Angel\Documents\explorer
c:\users\Angel\Documents\explorer\id_110531084432679_110531084432626.upf
.
.
(((((((((((((((((((((((((   Files Created from 2012-01-21 to 2012-02-21  )))))))))))))))))))))))))))))))
.
.
2012-02-21 20:21 . 2012-02-21 20:21	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-02-21 20:21 . 2012-02-21 20:21	--------	d-----w-	c:\users\Angel\AppData\Local\temp
2012-02-21 00:35 . 2012-02-21 00:36	--------	d-----w-	C:\B
2012-02-19 02:08 . 2012-02-19 02:08	--------	d-----w-	c:\programdata\Nikon
2012-02-19 00:02 . 2012-02-19 04:14	--------	d-----w-	C:\## aswSnx private storage
2012-02-18 23:23 . 2012-02-18 23:23	--------	d-----w-	c:\windows\system32\%windir%
2012-02-18 22:59 . 2012-02-18 23:00	--------	d-----w-	C:\VAIO Entertainment
2012-02-18 22:06 . 2012-02-18 22:06	--------	d-----w-	c:\users\Angel\AppData\Local\Sony Corporation
2012-02-17 22:40 . 2012-02-17 22:41	--------	d-----w-	c:\users\Angel\AppData\Local\Google
2012-02-17 02:13 . 2012-02-17 02:13	--------	d-----w-	c:\program files (x86)\VideoLAN
2012-02-13 14:03 . 2012-02-13 14:03	--------	d-----w-	c:\users\Angel\AppData\Roaming\Media Player Classic
2012-02-12 21:47 . 2012-02-12 21:47	--------	d-----w-	c:\program files (x86)\Common Files\EZB Systems
2012-02-12 21:47 . 2012-02-12 21:47	--------	d-----w-	c:\program files (x86)\UltraISO
2012-02-09 01:19 . 2012-02-09 01:19	--------	d-----w-	c:\program files (x86)\Podstawy obsługi Adobe Photoshop CS5
2012-02-08 22:54 . 2012-02-08 22:54	--------	d-----w-	c:\users\Angel\AppData\Local\Apple Computer
2012-02-08 11:52 . 2012-02-08 11:52	--------	d-----w-	c:\users\Angel\AppData\Roaming\NapiProjekt
2012-02-07 22:07 . 2012-02-07 22:07	--------	d-----w-	c:\users\Angel\AppData\Roaming\Apple Computer
2012-02-07 16:21 . 2012-02-07 16:21	--------	d-----w-	c:\users\Angel\AppData\Local\ALLConverter
2012-02-07 16:21 . 2012-02-07 16:21	--------	d-----w-	c:\program files (x86)\NapiProjekt
2012-02-07 16:21 . 2012-02-07 16:21	--------	d-----w-	c:\program files (x86)\ALLConverter PRO
2012-02-07 16:20 . 2012-02-07 16:21	--------	d-----w-	c:\program files (x86)\ALLPlayer5
2012-02-07 00:14 . 2012-02-16 21:24	--------	d-----r-	c:\users\Angel\New Folder 2
2012-02-07 00:14 . 2012-02-07 00:14	--------	d-----w-	c:\users\Angel\New Folder
2012-02-06 21:10 . 2010-03-19 03:00	55856	------w-	c:\windows\system32\drivers\PxHlpa64.sys
2012-02-06 21:10 . 2009-10-20 03:00	10224	------w-	c:\windows\system32\drivers\cdralw2k.sys
2012-02-06 21:10 . 2009-10-20 03:00	10224	------w-	c:\windows\system32\drivers\cdr4_xp.sys
2012-02-06 21:09 . 2012-02-06 21:09	--------	d-----w-	c:\program files (x86)\Common Files\Sonic Shared
2012-02-06 20:58 . 2012-02-06 20:58	--------	d-----w-	c:\program files (x86)\Adobe Story
2012-02-06 18:34 . 2012-02-06 18:34	--------	d-----w-	c:\users\Angel\AppData\Roaming\PACE Anti-Piracy
2012-02-06 18:34 . 2012-02-06 18:34	--------	d-----w-	c:\users\Angel\AppData\Local\PACE Anti-Piracy
2012-02-06 18:34 . 2012-02-06 18:34	--------	d-----w-	c:\programdata\PACE Anti-Piracy
2012-02-06 18:31 . 2012-02-06 18:31	--------	d-----w-	c:\users\Angel\AppData\Roaming\com.adobe.dmp.contentviewer
2012-02-06 18:19 . 2012-02-06 18:19	--------	d-----w-	c:\users\Angel\AppData\Roaming\Adobe Mini Bridge CS5.1
2012-02-06 17:57 . 2012-02-06 17:57	--------	d-----w-	c:\programdata\ALM
2012-02-06 15:52 . 2012-02-06 15:52	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2012-02-06 00:59 . 2012-02-06 00:59	--------	d-----w-	c:\users\Angel\.gstreamer-0.10
2012-02-05 12:34 . 2012-02-05 12:34	--------	d-----w-	c:\users\Angel\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2012-02-05 11:00 . 2012-02-05 11:00	--------	d-----w-	c:\users\Angel\AppData\Roaming\com.adobe.DC3Module.AdobeADC
2012-02-05 08:56 . 2012-02-05 08:56	--------	d-----w-	c:\users\Angel\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2012-02-05 08:19 . 2012-02-05 08:19	--------	d-----w-	c:\users\Public\Roaming
2012-02-05 06:27 . 2012-02-05 06:27	--------	d-----w-	c:\users\Angel\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2012-02-05 06:24 . 2012-02-06 15:52	--------	d-----w-	c:\program files (x86)\Adobe Download Assistant
2012-02-05 01:43 . 2012-02-05 01:43	--------	d-----w-	c:\program files\Microsoft Synchronization Services
2012-02-05 01:42 . 2012-02-05 01:42	--------	d-----w-	c:\windows\PCHEALTH
2012-02-05 01:42 . 2012-02-05 01:42	--------	d-----w-	c:\program files\Microsoft Sync Framework
2012-02-05 01:42 . 2012-02-05 01:42	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2012-02-05 01:41 . 2012-02-05 01:41	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 8
2012-02-05 01:40 . 2012-02-05 01:40	--------	d-----w-	c:\program files\Microsoft Analysis Services
2012-02-05 01:40 . 2012-02-05 01:40	--------	d-----w-	c:\program files (x86)\Microsoft Analysis Services
2012-02-05 01:39 . 2012-02-05 01:39	--------	d-----r-	C:\MSOCache
2012-02-04 19:51 . 2011-11-28 17:54	140120	----a-w-	c:\windows\system32\drivers\aswFW.sys
2012-02-04 19:51 . 2011-11-28 17:53	258392	----a-w-	c:\windows\system32\drivers\aswNdis2.sys
2012-02-04 19:51 . 2011-11-28 17:26	12368	----a-w-	c:\windows\system32\drivers\aswNdis.sys
2012-02-04 19:44 . 2011-11-28 17:53	304472	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-02-04 19:44 . 2011-11-28 17:51	24408	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-02-04 19:44 . 2011-11-28 17:54	591192	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-02-04 19:44 . 2011-11-28 17:52	42328	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2012-02-04 19:44 . 2011-11-28 17:52	58712	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-02-04 19:44 . 2011-11-28 18:01	256960	----a-w-	c:\windows\system32\aswBoot.exe
2012-02-04 19:44 . 2011-11-28 17:52	66904	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2012-02-04 19:44 . 2011-11-28 18:01	41184	----a-w-	c:\windows\avastSS.scr
2012-02-04 19:44 . 2011-11-28 18:01	199816	----a-w-	c:\windows\SysWow64\aswBoot.exe
2012-02-04 19:44 . 2012-02-04 19:44	--------	d-----w-	c:\programdata\AVAST Software
2012-02-04 19:44 . 2012-02-04 19:44	--------	d-----w-	c:\program files\AVAST Software
2012-02-04 16:26 . 2012-02-06 01:00	--------	d-----w-	c:\programdata\OpenFM
2012-02-04 16:26 . 2012-02-04 16:26	--------	d-----w-	c:\users\Angel\AppData\Roaming\OpenFM
2012-02-03 22:10 . 2012-02-04 18:33	--------	d-----w-	c:\users\Angel\AppData\Roaming\Gadu-Gadu 10
2012-02-03 22:10 . 2012-02-03 22:10	--------	d-----w-	c:\programdata\Gadu-Gadu 10
2012-02-03 22:09 . 2012-02-03 22:09	--------	d-----w-	c:\program files (x86)\Gadu-Gadu 10
2012-02-02 21:43 . 2012-02-02 21:43	--------	d-----w-	c:\users\Angel\AppData\Roaming\Nikon
2012-02-02 21:43 . 2012-02-02 21:43	--------	d-----w-	c:\users\Angel\AppData\Local\Nikon
2012-02-02 21:41 . 2012-02-02 21:40	106496	----a-w-	c:\windows\SysWow64\ATL71.DLL
2012-02-02 21:39 . 2012-02-02 21:39	--------	d-----w-	c:\programdata\Apple Computer
2012-02-02 21:39 . 2012-02-02 21:39	--------	d-----w-	c:\programdata\Apple
2012-02-02 21:39 . 2012-02-02 21:39	--------	d-----w-	c:\program files (x86)\Common Files\Apple
2012-01-30 19:02 . 2012-02-06 18:34	--------	d--h--w-	c:\users\Angel\AppData\Local\uqRc5V0ZJbI
2012-01-23 22:18 . 2012-01-23 22:18	--------	d-----w-	c:\program files\Microsoft Silverlight
2012-01-23 22:18 . 2012-01-23 22:18	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2012-01-23 17:14 . 2012-01-23 17:14	--------	d-----w-	c:\users\Angel\AppData\Local\Programs
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-20 19:51 . 2012-01-20 19:51	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-03 13:10 . 2012-01-03 13:10	53656	----a-w-	c:\windows\system32\AdobePDF.dll
2012-01-03 13:10 . 2012-01-03 13:10	24984	----a-w-	c:\windows\system32\AdobePDFUI.dll
2011-12-29 20:25 . 2010-06-24 10:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ALLUpdate"="c:\program files (x86)\ALLPlayer5\ALLUpdate.exe" [2011-08-16 1379840]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATIHTE.EXE" [2011-04-25 239488]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 908160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-01-03 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-01-03 815512]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
.
c:\users\Angel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 245120]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-29 146592]
R2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-04-29 91296]
R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2011-11-28 127192]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
R2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-29 2361344]
R2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 51456888]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-18 385336]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys [x]
S3 HP8207_8307;HP-HP8207_8307;c:\windows\system32\DRIVERS\HP8207_8307.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3481905678-3624121343-1315150275-1000Core.job
- c:\users\Angel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-17 22:40]
.
2012-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3481905678-3624121343-1315150275-1000UA.job
- c:\users\Angel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-17 22:40]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01	134384	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-29 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-29 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-29 418328]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://vaioportal.sony.eu
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Angel\AppData\Roaming\Mozilla\Firefox\Profiles\fbjz5eap.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.pl/ig
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3481905678-3624121343-1315150275-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*v‹Đë*‰c:\program files (x86)\VideoLAN\VLC\lua\playlist\lelombrik.lua]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-3481905678-3624121343-1315150275-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*v‹Đë*‰c:\program files (x86)\VideoLAN\VLC\lua\playlist\lelombrik.lua\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-3481905678-3624121343-1315150275-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*v‹Đë*Śc:\program files (x86)\VideoLAN\VLC\lua\playlist\koreus.lua**?]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-3481905678-3624121343-1315150275-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*v‹Đë*Śc:\program files (x86)\VideoLAN\VLC\lua\playlist\koreus.lua**?\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-3481905678-3624121343-1315150275-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.*v‹Đë*‰c:\program files (x86)\VideoLAN\VLC\lua\playlist\lelombrik.lua]
"0"=hex:43,3a,5c,55,73,65,72,73,5c,41,6e,67,65,6c,5c,44,65,73,6b,74,6f,70,5c,
   73,74,61,74,69,73,74,69,63,73,2e,64,61,74,00,63,00,31,00,32,00,38,00,2e,00,\
"MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-02-21  20:23:41
ComboFix-quarantined-files.txt  2012-02-21 20:23
.
Pre-Run: 127,096,832,000 bytes free
Post-Run: 127,814,553,600 bytes free
.
- - End Of File - - 778E01304BD43496D10116B8921A7280