Evo to sto si trazio:
ComboFix 09-09-28.01 - EMY 29.09.2009 14:23.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1251.389.1033.18.2047.1661 [GMT 2:00]
Running from: c:\documents and settings\EMY\Desktop\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\docume~1\EMY\LOCALS~1\Temp\svchost.exe
c:\documents and settings\EMY\Favorites\Games.url
c:\windows\neoqaz2.dll
f:\my documents\retgedit.reg
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SKYNET
-------\Legacy_SkyNetBDA
-------\Service_SKYNET
-------\Service_SkyNetBDA
((((((((((((((((((((((((( Files Created from 2009-08-28 to 2009-09-29 )))))))))))))))))))))))))))))))
.
2009-09-27 22:31 . 2009-09-27 22:39 -------- d-----w- c:\program files\ProgDVB
2009-09-27 22:12 . 2009-09-27 22:13 -------- d-----w- c:\program files\TechniSat DVB
2009-09-27 11:55 . 2009-09-11 05:47 551824 ----a-w- c:\windows\system32\drivers\SkyNetBDA.sys
2009-09-26 15:13 . 2009-09-26 15:14 -------- d-----w- c:\windows\Backups
2009-09-26 15:13 . 2009-09-26 15:13 -------- d-----w- c:\windows\AutoREGs
2009-09-26 15:13 . 2009-09-26 15:16 60 ----a-w- c:\windows\automatski.cmd
2009-09-26 15:12 . 2009-09-26 15:16 404319 ----a-w- c:\windows\zakrpa.exe
2009-09-26 14:22 . 2008-06-29 19:48 311128 ----a-w- c:\windows\system32\libssl32.dll
2009-09-26 14:22 . 2008-06-29 19:48 1526468 ----a-w- c:\windows\system32\libeay32.dll
2009-09-26 13:17 . 2009-09-28 07:10 -------- d-----w- c:\documents and settings\EMY\Application Data\BID
2009-09-26 13:17 . 2009-09-26 13:23 -------- d-----w- c:\program files\Bulk Image Downloader
2009-09-25 16:44 . 2009-09-25 16:44 -------- d-----w- c:\program files\EPSON
2009-09-25 16:43 . 2009-09-25 16:43 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON
2009-09-25 16:43 . 2004-09-10 20:12 49152 ----a-w- c:\windows\system32\E_DCINST.DLL
2009-09-25 16:43 . 2006-12-08 02:04 76800 ----a-w- c:\windows\system32\E_FLBCCE.DLL
2009-09-25 16:43 . 2006-04-19 02:00 62976 ----a-w- c:\windows\system32\E_FD4BCCE.DLL
2009-09-25 16:41 . 2008-04-13 22:17 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-09-25 16:41 . 2008-04-13 22:17 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-09-25 13:31 . 2009-09-25 13:31 -------- d-----w- c:\program files\The Tetris Game
2009-09-25 13:20 . 2009-09-25 13:20 -------- d-----w- c:\documents and settings\EMY\Application Data\Publish Providers
2009-09-25 13:18 . 2009-09-25 13:20 -------- d-----w- c:\documents and settings\EMY\Application Data\Sony
2009-09-25 13:18 . 2009-09-25 13:18 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Sony
2009-09-25 13:16 . 2009-09-25 13:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony
2009-09-25 13:16 . 2009-09-25 13:16 -------- d-----w- c:\program files\Sony
2009-09-25 13:13 . 2009-09-25 13:15 -------- d-----w- c:\windows\system32\drivers\UMDF
2009-09-25 13:13 . 2009-09-25 13:13 -------- d-----w- c:\windows\system32\LogFiles
2009-09-25 13:13 . 2006-09-15 23:05 23856 ----a-w- c:\windows\system32\spupdsvc.exe
2009-09-25 13:12 . 2009-09-25 13:12 -------- d-----w- C:\WMSDK
2009-09-25 13:05 . 2009-09-25 13:05 -------- d-----w- c:\documents and settings\All Users\Application Data\CHL Pack
2009-09-25 11:36 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe
2009-09-25 11:24 . 2009-09-25 11:24 -------- d-----w- c:\documents and settings\EMY\Application Data\Apple Computer
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\program files\QuickTime
2009-09-25 11:22 . 2009-09-25 11:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Apple
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\program files\Apple Software Update
2009-09-25 11:22 . 2009-09-25 11:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-09-25 11:21 . 2009-09-25 11:21 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Apple Computer
2009-09-25 11:04 . 2009-09-25 11:04 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet
2009-09-25 10:47 . 2009-09-25 10:47 -------- d-----w- c:\documents and settings\All Users\Application Data\ALM
2009-09-25 10:36 . 2009-09-25 10:36 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-09-25 10:31 . 2009-09-25 10:31 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2009-09-24 17:53 . 2009-09-24 17:53 -------- d-----w- c:\documents and settings\EMY\Application Data\Nero
2009-09-24 12:22 . 2009-09-24 12:22 -------- d-----w- c:\documents and settings\EMY\Application Data\AdobeUM
2009-09-24 12:22 . 2009-09-25 11:19 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Adobe
2009-09-24 12:20 . 2009-09-24 12:20 -------- d-----w- c:\windows\Cache
2009-09-23 20:49 . 2009-09-23 20:49 -------- d-----w- c:\documents and settings\EMY\Application Data\Media Player Classic
2009-09-23 12:04 . 2009-09-23 12:04 -------- d-----w- c:\program files\Microsoft WSE
2009-09-23 12:02 . 2006-09-28 14:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2009-09-23 12:02 . 2009-09-23 12:02 -------- d-----w- c:\windows\Logs
2009-09-23 11:58 . 2009-09-23 11:58 -------- d-----w- c:\program files\Electronic Arts
2009-09-23 11:56 . 2009-09-23 11:56 -------- d-----w- c:\program files\Common Files\EZB Systems
2009-09-23 11:56 . 2009-09-23 11:56 -------- d-----w- c:\program files\UltraISO
2009-09-23 11:45 . 2009-09-23 11:45 -------- d-----w- c:\program files\zabkat
2009-09-21 17:27 . 2009-09-21 17:27 -------- d--h--w- c:\windows\PIF
2009-09-21 13:11 . 2009-09-21 13:11 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\GlobalSCAPE
2009-09-21 13:11 . 2009-09-21 13:11 -------- d-----w- c:\documents and settings\All Users\Application Data\GlobalSCAPE
2009-09-21 13:06 . 2009-09-21 13:06 -------- d-----w- c:\program files\AskBarDis
2009-09-21 12:08 . 2009-09-21 17:01 -------- d-----w- c:\documents and settings\EMY\Application Data\GlobalSCAPE
2009-09-21 12:08 . 2009-09-21 13:06 -------- d-----w- c:\program files\GlobalSCAPE
2009-09-14 06:59 . 2009-09-14 06:59 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\ESET
2009-09-13 23:29 . 2008-04-13 22:15 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-09-13 18:11 . 2009-09-29 11:37 -------- d-----w- C:\Video
2009-09-13 16:22 . 2006-03-17 12:49 368640 ----a-w- c:\windows\system32\TwnLib4.dll
2009-09-13 16:22 . 2006-03-17 09:45 802816 ----a-w- c:\windows\system32\imagXRA7.dll
2009-09-13 16:22 . 2006-03-17 09:45 497296 ----a-w- c:\windows\system32\imagXpr7.dll
2009-09-13 16:22 . 2006-03-17 09:45 258048 ----a-w- c:\windows\system32\imagXR7.dll
2009-09-13 16:22 . 2006-03-17 09:45 1757184 ----a-w- c:\windows\system32\imagX7.dll
2009-09-13 16:22 . 2009-09-13 16:22 -------- d-----w- c:\program files\Nero
2009-09-13 16:22 . 2009-09-13 16:22 -------- d-----w- c:\program files\Common Files\Nero
2009-09-13 16:22 . 2009-09-13 16:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-09-13 15:44 . 2009-09-27 21:31 -------- d-----w- c:\program files\Common Files\TerraTec
2009-09-13 15:44 . 2009-09-13 15:44 -------- d-----w- c:\program files\TerraTec
2009-09-13 15:44 . 2009-09-27 21:04 -------- d-----w- c:\documents and settings\EMY\Application Data\TerraTec
2009-09-13 15:41 . 2009-09-13 15:41 -------- d-----w- c:\program files\uTorrent
2009-09-13 15:41 . 2009-09-29 12:31 -------- d-----w- c:\documents and settings\EMY\Application Data\uTorrent
2009-09-13 15:23 . 2009-09-13 15:23 -------- d-----w- c:\program files\ASIO4ALL v2
2009-09-13 15:22 . 2009-09-13 15:22 -------- d-----w- c:\program files\Outsim
2009-09-13 15:21 . 2009-09-13 15:22 -------- d-----w- c:\program files\Image-Line
2009-09-13 15:10 . 2009-09-13 15:10 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{C2686527-0D57-4F0B-ADAB-EE203CA30FC6}
2009-09-13 15:09 . 2009-09-13 15:09 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{A397AF63-B3A1-40DF-AA85-5C5368304B60}
2009-09-13 15:05 . 2009-09-13 15:05 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Native Instruments
2009-09-13 15:00 . 2009-09-13 15:22 -------- d-----w- c:\program files\Vstplugins
2009-09-13 14:58 . 2009-09-13 15:09 -------- d-----w- c:\program files\Common Files\Native Instruments
2009-09-13 14:58 . 2009-09-13 15:09 -------- d-----w- c:\program files\Native Instruments
2009-09-13 14:55 . 2009-09-13 14:55 -------- d-----w- c:\windows\ShellNew
2009-09-13 14:55 . 2009-09-13 14:55 -------- d-----w- c:\program files\AutoHotkey
2009-09-13 14:55 . 2009-09-13 14:55 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-09-13 14:47 . 2009-09-13 14:48 -------- d-----w- c:\program files\DVBViewer
2009-09-13 14:41 . 2009-09-13 14:41 -------- d-----w- c:\program files\Real Alternative
2009-09-13 14:41 . 2009-09-13 14:41 -------- d-----w- c:\documents and settings\EMY\Local Settings\Application Data\Real
2009-09-13 14:39 . 2009-09-23 20:50 -------- d-----w- c:\program files\The KMPlayer
2009-09-13 14:33 . 2009-09-13 14:33 -------- d-----w- c:\program files\ACD Systems
2009-09-13 14:31 . 2009-09-13 14:32 -------- d-----w- C:\ProgDVB
2009-09-13 14:26 . 2009-09-25 11:04 18256 ----a-w- c:\documents and settings\EMY\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-09-13 14:19 . 2009-09-13 14:19 -------- d-----w- c:\documents and settings\EMY\Application Data\ESET
2009-09-13 14:18 . 2009-09-13 14:18 -------- d-----w- c:\program files\ESET
2009-09-13 14:18 . 2009-09-13 14:18 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2009-09-13 13:56 . 2009-09-28 08:15 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-09-13 13:56 . 2009-09-28 08:14 -------- d-----w- c:\documents and settings\EMY\Application Data\VideoReDo-TVSuite
2009-09-13 13:56 . 2009-09-13 13:56 -------- d-----w- c:\program files\VideoReDoTVSuite
2009-09-13 13:34 . 2007-03-07 23:51 129784 ------w- c:\windows\system32\pxafs.dll
2009-09-13 13:34 . 2009-09-13 13:45 -------- d-----w- c:\documents and settings\EMY\Application Data\Winamp
2009-09-13 13:34 . 2009-09-13 13:45 -------- d-----w- c:\program files\Winamp
2009-09-13 13:32 . 2009-09-13 13:32 -------- d-----w- c:\program files\MSECache
2009-09-13 04:06 . 2001-08-17 13:59 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2009-09-13 04:05 . 2008-04-14 05:41 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-09-13 04:05 . 2008-04-14 00:10 57600 ----a-w- c:\windows\system32\drivers\redbook.sys
2009-09-13 04:04 . 2008-04-14 03:42 74240 -c--a-w- c:\windows\system32\dllcache\usbui.dll
2009-09-13 04:04 . 2008-04-14 03:42 74240 ----a-w- c:\windows\system32\usbui.dll
2009-09-13 04:02 . 2008-04-14 12:00 7168 -c--a-w- c:\windows\system32\dllcache\kbdcz.dll
2009-09-13 04:00 . 2009-09-29 12:22 -------- d-----w- c:\windows\system32\CatRoot2
2009-09-13 04:00 . 2009-09-13 04:00 -------- d-----w- c:\windows\system32\CatRoot
2009-09-13 04:00 . 2009-09-29 12:22 -------- d--h--w- c:\documents and settings\Default User
2009-09-13 04:00 . 2009-09-13 14:55 -------- d-----w- c:\documents and settings\All Users
2009-09-13 04:00 . 2009-09-13 02:22 -------- d-----w- C:\Documents and Settings
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-27 22:12 . 2009-09-13 02:58 -------- d-----w- c:\program files\DVBViewerTE
2009-09-27 22:12 . 2009-09-13 02:35 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-09-25 10:40 . 2009-09-13 03:52 -------- d-----w- c:\program files\Common Files\Adobe
2009-09-21 17:03 . 2009-09-13 02:35 -------- d-----w- c:\program files\Common Files\InstallShield
2009-09-13 15:45 . 2009-09-13 15:45 -------- d-----w- c:\documents and settings\All Users\Application Data\TerraTec
2009-09-13 14:47 . 2009-09-13 02:58 -------- d-----w- c:\documents and settings\All Users\Application Data\CMUV
2009-09-13 03:50 . 2009-09-13 03:50 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-09-13 03:49 . 2009-09-13 03:49 0 ----a-w- c:\windows\nsreg.dat
2009-09-13 03:10 . 2009-09-13 03:10 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-09-13 02:58 . 2009-09-13 02:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Technisat
2009-09-13 02:58 . 2009-09-13 02:58 -------- d-----w- c:\program files\MainConcept
2009-09-13 02:56 . 2009-09-13 02:56 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-13 02:56 . 2009-09-13 02:56 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-09-13 02:39 . 2009-09-13 02:39 -------- d-----w- c:\program files\Realtek
2009-09-13 02:35 . 2009-09-13 02:35 -------- d-----w- c:\program files\Analog Devices
2009-09-13 02:32 . 2009-09-13 02:32 -------- d-----w- c:\program files\Intel
2009-09-13 02:14 . 2009-09-13 02:14 -------- d-----w- c:\program files\microsoft frontpage
2009-09-13 02:11 . 2009-09-13 02:11 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-07-14 10:04 . 2009-07-14 10:04 344064 ----a-w- c:\windows\system32\msvcr70.dll
2009-07-14 10:04 . 2009-07-14 10:04 83448 ----a-w- c:\windows\system32\CddbLangJA.dll
2009-07-14 10:04 . 2009-07-14 10:04 808440 ----a-w- c:\windows\system32\CDDBUI.dll
2009-07-14 10:04 . 2009-07-14 10:04 796152 ----a-w- c:\windows\system32\CDDBControl.dll
2009-07-14 10:04 . 2009-07-14 10:04 108024 ----a-w- c:\windows\system32\CddbLangIT.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangNL.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangFR.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangES.dll
2009-07-14 10:04 . 2009-07-14 10:04 103928 ----a-w- c:\windows\system32\CddbLangDE.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 15:20 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]
[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-09-13 288048]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"JMB36X IDE Setup"="c:\windows\JM\JMInsIDE.exe" [2006-10-30 36864]
"JMB36X Configure"="c:\windows\system32\JMRaidSetup.exe" [2006-10-30 1953792]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-25 13680640]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-25 86016]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-05-14 2029640]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-12-25 1657376]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\EMY\Start Menu\Programs\Startup\
AutoHotkey.lnk - c:\program files\AutoHotkey\AutoHotkey.exe [2007-11-21 240128]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Server4PC.lnk - c:\program files\TechniSat DVB\bin\Server4PC.exe [2009-9-28 338448]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvr.exe"=
"c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrUpdate\\CinergyDVRUp_Date.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"c:\\Program Files\\TerraTec\\TerraTec Home Cinema\\CinergyDvrHelper.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [5/14/2009 3:47 PM 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [5/14/2009 3:47 PM 731840]
R3 3xHybrid;TerraTec BDA capture service;c:\windows\system32\drivers\3xHybrid.sys [4/15/2005 5:50 AM 908160]
.
.
------- Supplementary Scan -------
.
IE: En&queue current page with BID - file://c:\program files\Bulk Image Downloader\iemenu\iebidqueue.htm
IE: Enqueue link tar&get with BID - file://c:\program files\Bulk Image Downloader\iemenu\iebidlinkqueue.htm
IE: Open &link target with BID - file://c:\program files\Bulk Image Downloader\iemenu\iebidlink.htm
IE: Open current page with BI&D - file://c:\program files\Bulk Image Downloader\iemenu\iebid.htm
IE: Open current page with BID Link Explorer - file://c:\program files\Bulk Image Downloader\iemenu\iebidlinkexplorer.htm
FF - ProfilePath - c:\documents and settings\EMY\Application Data\Mozilla\Firefox\Profiles\0nyhknli.default\
FF - prefs.js: browser.startup.homepage -
www.google.com
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-Remote Control Editor - c:\program files\Common Files\TerraTec\Remote\TTTVRC.exe
AddRemove-Native Instruments Massive v1.0.1.008 - c:\progra~1\NATIVE~1\Massive\UNWISE.EXE
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-09-29 14:30
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"PackageTag"=dword:6090e758
"AppDataDir"="c:\\Documents and Settings\\All Users\\Application Data\\ESET\\ESET Smart Security\\"
"DataDir"="ESET\\ESET Smart Security\\"
"EditionName"="BUSINESS EDITION"
"InstallDir"="c:\\Program Files\\ESET\\ESET Smart Security\\"
"LanguageId"=dword:00000409
"ProductBase"=dword:00000001
"ProductCode"="{71CBF9BB-7E07-4A9D-BF30-84C11810B242}"
"ProductName"="ESET Smart Security"
"ProductType"="essbe"
"ProductVersion"="4.0.437.0"
"UniqueId"="008FBB694AACFF67"
"ScannerBuild"=dword:00001329
"ScannerVersionId"=dword:00000feb
"ScannerVersion"="Open window for status."
"FixId"=dword:00000005
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(916)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
- - - - - - - > 'explorer.exe'(792)
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-09-29 14:33 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-29 12:33
Pre-Run: 160.538.730.496 bytes free
Post-Run: 160.433.266.688 bytes free
281