combofix log:
ComboFix 13-11-07.01 - Attila 11/08/2013 7:00.2.4 - x86
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.1.1033.18.3325.1922 [GMT -5:00]
Running from: c:\users\Attila\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-10-08 to 2013-11-08 )))))))))))))))))))))))))))))))
.
.
2013-11-08 12:20 . 2013-11-08 12:20 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-11-08 12:20 . 2013-11-08 12:20 -------- d-----w- c:\users\Mcx1\AppData\Local\temp
2013-11-08 12:20 . 2013-11-08 12:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-08 12:20 . 2013-11-08 12:20 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-11-08 10:57 . 2013-11-08 10:57 -------- d-----w- c:\program files\Speccy
2013-11-08 03:12 . 2013-11-08 03:12 -------- d-----w- C:\FRST
2013-11-08 03:01 . 2013-11-08 03:01 -------- d-----w- c:\windows\ERUNT
2013-11-08 02:50 . 2013-11-08 02:53 -------- d-----w- C:\AdwCleaner
2013-11-05 20:29 . 2013-10-14 06:39 7796464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{24430397-2C32-4CA7-9546-912E6F414425}\mpengine.dll
2013-11-03 20:24 . 2013-11-03 20:24 -------- d-----w- c:\program files\Common Files\Overwolf
2013-11-03 08:36 . 2013-11-03 08:36 -------- d-----w- c:\programdata\Overwolf
2013-10-30 23:35 . 2013-10-14 06:39 7796464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-10-18 23:37 . 2013-10-17 15:14 719224 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D04693CE-E4AE-4B76-A934-0C4C8D93D50F}\gapaengine.dll
2013-10-18 23:37 . 2013-09-05 01:58 718712 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-05 02:44 . 2010-03-03 03:16 138904 ----a-w- c:\users\Attila\AppData\Roaming\PnkBstrK.sys
2010-02-10 00:22 . 2013-11-06 11:04 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 14:20 64792 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-01-21 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"DisplayFusion"="c:\program files\DisplayFusion\DisplayFusion.exe" [2013-02-11 7203712]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2010-05-01 2938552]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2011-11-23 442640]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Overwolf"="c:\program files\Overwolf\Overwolf.exe" [2013-10-23 35256]
"EADM"="c:\program files\Origin\Origin.exe" [2013-11-03 3561816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-02-01 4706304]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-02-10 30192]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-02-26 128296]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-13 342312]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-01 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-01 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-01 133656]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"Lachesis"="c:\program files\Razer\Lachesis\razerhid.exe" [2007-09-12 172032]
"AmazonGSDownloaderTray"="c:\program files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe" [2009-10-23 326144]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2011-09-29 101144]
"Razer Blackwidow Driver"="c:\program files\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe" [2011-05-16 887712]
"DivXMediaServer"="c:\program files\DivX\DivX Media Server\DivXMediaServer.exe" [2013-01-30 450560]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-05-01 185640]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-07-18 995184]
.
c:\users\Attila\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2010-6-29 0]
Launch Jawbone Updater.lnk - c:\program files\Jawbone\LaunchJU.exe [2012-11-29 62128]
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMBR
*NewlyCreated* - CPUZ136
*NewlyCreated* - PROCEXP152
*Deregistered* - aswMBR
*Deregistered* - cpuz136
*Deregistered* - PROCEXP152
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
2008-04-11 22:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
2008-08-28 15:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 16:29]
.
2013-11-07 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-21 01:48]
.
2013-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 18:52]
.
2013-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-04 18:52]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Attila\AppData\Roaming\Mozilla\Firefox\Profiles\g70ha1li.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - ExtSQL: !HIDDEN! 2009-11-02 06:40; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Hardware Helper_is1 - c:\program files\Driver-Soft\HardwareHelper\unins000.exe
AddRemove-Steam App 102810 - f:\steam folder\steam.exe
AddRemove-Steam App 105400 - f:\steam folder\steam.exe
AddRemove-Steam App 105600 - f:\steam folder\steam.exe
AddRemove-Steam App 10680 - f:\steam folder\steam.exe
AddRemove-Steam App 108710 - f:\steam folder\steam.exe
AddRemove-Steam App 108800 - f:\steam folder\steam.exe
AddRemove-Steam App 110800 - f:\steam folder\steam.exe
AddRemove-Steam App 111800 - f:\steam folder\steam.exe
AddRemove-Steam App 11200 - f:\steam folder\steam.exe
AddRemove-Steam App 113200 - f:\steam folder\steam.exe
AddRemove-Steam App 11450 - f:\steam folder\steam.exe
AddRemove-Steam App 115100 - f:\steam folder\steam.exe
AddRemove-Steam App 115110 - f:\steam folder\steam.exe
AddRemove-Steam App 12100 - f:\steam folder\steam.exe
AddRemove-Steam App 12110 - f:\steam folder\steam.exe
AddRemove-Steam App 12120 - f:\steam folder\steam.exe
AddRemove-Steam App 12200 - f:\steam folder\steam.exe
AddRemove-Steam App 1250 - f:\steam folder\steam.exe
AddRemove-Steam App 12710 - f:\steam folder\steam.exe
AddRemove-Steam App 12810 - f:\steam folder\steam.exe
AddRemove-Steam App 12900 - f:\steam folder\steam.exe
AddRemove-Steam App 1510 - f:\steam folder\steam.exe
AddRemove-Steam App 15520 - f:\steam folder\steam.exe
AddRemove-Steam App 16450 - f:\steam folder\steam.exe
AddRemove-Steam App 17300 - f:\steam folder\steam.exe
AddRemove-Steam App 17330 - f:\steam folder\steam.exe
AddRemove-Steam App 17340 - f:\steam folder\steam.exe
AddRemove-Steam App 17390 - f:\steam folder\steam.exe
AddRemove-Steam App 17410 - f:\steam folder\steam.exe
AddRemove-Steam App 17440 - f:\steam folder\steam.exe
AddRemove-Steam App 17460 - f:\steam folder\steam.exe
AddRemove-Steam App 17470 - f:\steam folder\steam.exe
AddRemove-Steam App 18000 - f:\steam folder\steam.exe
AddRemove-Steam App 18020 - f:\steam folder\steam.exe
AddRemove-Steam App 18700 - f:\steam folder\steam.exe
AddRemove-Steam App 19680 - f:\steam folder\steam.exe
AddRemove-Steam App 200010 - f:\steam folder\steam.exe
AddRemove-Steam App 200390 - f:\steam folder\steam.exe
AddRemove-Steam App 200510 - f:\steam folder\steam.exe
AddRemove-Steam App 200900 - f:\steam folder\steam.exe
AddRemove-Steam App 201790 - f:\steam folder\steam.exe
AddRemove-Steam App 202170 - f:\steam folder\steam.exe
AddRemove-Steam App 202730 - f:\steam folder\steam.exe
AddRemove-Steam App 204300 - f:\steam folder\steam.exe
AddRemove-Steam App 204360 - f:\steam folder\steam.exe
AddRemove-Steam App 205060 - f:\steam folder\steam.exe
AddRemove-Steam App 205070 - f:\steam folder\steam.exe
AddRemove-Steam App 205080 - f:\steam folder\steam.exe
AddRemove-Steam App 205100 - f:\steam folder\steam.exe
AddRemove-Steam App 20540 - f:\steam folder\steam.exe
AddRemove-Steam App 205910 - f:\steam folder\steam.exe
AddRemove-Steam App 206420 - f:\steam folder\steam.exe
AddRemove-Steam App 207490 - f:\steam folder\steam.exe
AddRemove-Steam App 207610 - f:\steam folder\steam.exe
AddRemove-Steam App 20900 - f:\steam folder\steam.exe
AddRemove-Steam App 21090 - f:\steam folder\steam.exe
AddRemove-Steam App 21110 - f:\steam folder\steam.exe
AddRemove-Steam App 21120 - f:\steam folder\steam.exe
AddRemove-Steam App 212480 - f:\steam folder\steam.exe
AddRemove-Steam App 212680 - f:\steam folder\steam.exe
AddRemove-Steam App 214970 - f:\steam folder\steam.exe
AddRemove-Steam App 218060 - f:\steam folder\steam.exe
AddRemove-Steam App 218620 - f:\steam folder\steam.exe
AddRemove-Steam App 218680 - f:\steam folder\steam.exe
AddRemove-Steam App 218740 - f:\steam folder\steam.exe
AddRemove-Steam App 219150 - f:\steam folder\steam.exe
AddRemove-Steam App 219540 - f:\steam folder\steam.exe
AddRemove-Steam App 219740 - f:\steam folder\steam.exe
AddRemove-Steam App 220 - f:\steam folder\steam.exe
AddRemove-Steam App 22000 - f:\steam folder\steam.exe
AddRemove-Steam App 220460 - f:\steam folder\steam.exe
AddRemove-Steam App 22120 - f:\steam folder\steam.exe
AddRemove-Steam App 221260 - f:\steam folder\steam.exe
AddRemove-Steam App 22140 - f:\steam folder\steam.exe
AddRemove-Steam App 221640 - f:\steam folder\steam.exe
AddRemove-Steam App 22180 - f:\steam folder\steam.exe
AddRemove-Steam App 22200 - f:\steam folder\steam.exe
AddRemove-Steam App 222730 - f:\steam folder\steam.exe
AddRemove-Steam App 22300 - f:\steam folder\steam.exe
AddRemove-Steam App 22350 - f:\steam folder\steam.exe
AddRemove-Steam App 224260 - f:\steam folder\steam.exe
AddRemove-Steam App 224540 - f:\steam folder\steam.exe
AddRemove-Steam App 225120 - f:\steam folder\steam.exe
AddRemove-Steam App 225260 - f:\steam folder\steam.exe
AddRemove-Steam App 225940 - f:\steam folder\steam.exe
AddRemove-Steam App 22610 - f:\steam folder\steam.exe
AddRemove-Steam App 22650 - f:\steam folder\steam.exe
AddRemove-Steam App 226980 - f:\steam folder\steam.exe
AddRemove-Steam App 228060 - f:\steam folder\steam.exe
AddRemove-Steam App 228100 - f:\steam folder\steam.exe
AddRemove-Steam App 228200 - f:\steam folder\steam.exe
AddRemove-Steam App 228300 - f:\steam folder\steam.exe
AddRemove-Steam App 229520 - f:\steam folder\steam.exe
AddRemove-Steam App 23310 - f:\steam folder\steam.exe
AddRemove-Steam App 233740 - f:\steam folder\steam.exe
AddRemove-Steam App 234710 - f:\steam folder\steam.exe
AddRemove-Steam App 23490 - f:\steam folder\steam.exe
AddRemove-Steam App 236090 - f:\steam folder\steam.exe
AddRemove-Steam App 240 - f:\steam folder\steam.exe
AddRemove-Steam App 24420 - f:\steam folder\steam.exe
AddRemove-Steam App 245170 - f:\steam folder\steam.exe
AddRemove-Steam App 24720 - f:\steam folder\steam.exe
AddRemove-Steam App 24740 - f:\steam folder\steam.exe
AddRemove-Steam App 247750 - f:\steam folder\steam.exe
AddRemove-Steam App 24780 - f:\steam folder\steam.exe
AddRemove-Steam App 24980 - f:\steam folder\steam.exe
AddRemove-Steam App 2500 - f:\steam folder\steam.exe
AddRemove-Steam App 26900 - f:\steam folder\steam.exe
AddRemove-Steam App 28050 - f:\steam folder\steam.exe
AddRemove-Steam App 29180 - f:\steam folder\steam.exe
AddRemove-Steam App 31280 - f:\steam folder\steam.exe
AddRemove-Steam App 33460 - f:\steam folder\steam.exe
AddRemove-Steam App 33900 - f:\steam folder\steam.exe
AddRemove-Steam App 33930 - f:\steam folder\steam.exe
AddRemove-Steam App 34830 - f:\steam folder\steam.exe
AddRemove-Steam App 35140 - f:\steam folder\steam.exe
AddRemove-Steam App 35700 - f:\steam folder\steam.exe
AddRemove-Steam App 3710 - f:\steam folder\steam.exe
AddRemove-Steam App 3830 - f:\steam folder\steam.exe
AddRemove-Steam App 38900 - f:\steam folder\steam.exe
AddRemove-Steam App 3900 - f:\steam folder\steam.exe
AddRemove-Steam App 400 - f:\steam folder\steam.exe
AddRemove-Steam App 4000 - f:\steam folder\steam.exe
AddRemove-Steam App 40800 - f:\steam folder\steam.exe
AddRemove-Steam App 41000 - f:\steam folder\steam.exe
AddRemove-Steam App 41010 - f:\steam folder\steam.exe
AddRemove-Steam App 41050 - f:\steam folder\steam.exe
AddRemove-Steam App 41060 - f:\steam folder\steam.exe
AddRemove-Steam App 41070 - f:\steam folder\steam.exe
AddRemove-Steam App 41210 - f:\steam folder\steam.exe
AddRemove-Steam App 41800 - f:\steam folder\steam.exe
AddRemove-Steam App 42120 - f:\steam folder\steam.exe
AddRemove-Steam App 42910 - f:\steam folder\steam.exe
AddRemove-Steam App 43110 - f:\steam folder\steam.exe
AddRemove-Steam App 440 - f:\steam folder\steam.exe
AddRemove-Steam App 4500 - f:\steam folder\steam.exe
AddRemove-Steam App 4540 - f:\steam folder\steam.exe
AddRemove-Steam App 4560 - f:\steam folder\steam.exe
AddRemove-Steam App 45740 - f:\steam folder\steam.exe
AddRemove-Steam App 47790 - f:\steam folder\steam.exe
AddRemove-Steam App 47830 - f:\steam folder\steam.exe
AddRemove-Steam App 47890 - f:\steam folder\steam.exe
AddRemove-Steam App 48000 - f:\steam folder\steam.exe
AddRemove-Steam App 48240 - f:\steam folder\steam.exe
AddRemove-Steam App 49520 - f:\steam folder\steam.exe
AddRemove-Steam App 49600 - f:\steam folder\steam.exe
AddRemove-Steam App 500 - f:\steam folder\steam.exe
AddRemove-Steam App 50620 - f:\steam folder\steam.exe
AddRemove-Steam App 550 - f:\steam folder\steam.exe
AddRemove-Steam App 55040 - f:\steam folder\steam.exe
AddRemove-Steam App 55110 - f:\steam folder\steam.exe
AddRemove-Steam App 55230 - f:\steam folder\steam.exe
AddRemove-Steam App 570 - f:\steam folder\steam.exe
AddRemove-Steam App 57300 - f:\steam folder\steam.exe
AddRemove-Steam App 61100 - f:\steam folder\steam.exe
AddRemove-Steam App 6120 - f:\steam folder\steam.exe
AddRemove-Steam App 620 - f:\steam folder\steam.exe
AddRemove-Steam App 63380 - f:\steam folder\steam.exe
AddRemove-Steam App 63700 - f:\steam folder\steam.exe
AddRemove-Steam App 63710 - f:\steam folder\steam.exe
AddRemove-Steam App 65800 - f:\steam folder\steam.exe
AddRemove-Steam App 67370 - f:\steam folder\steam.exe
AddRemove-Steam App 70 - f:\steam folder\steam.exe
AddRemove-Steam App 70300 - f:\steam folder\steam.exe
AddRemove-Steam App 70400 - f:\steam folder\steam.exe
AddRemove-Steam App 72200 - f:\steam folder\steam.exe
AddRemove-Steam App 72500 - f:\steam folder\steam.exe
AddRemove-Steam App 72850 - f:\steam folder\steam.exe
AddRemove-Steam App 7670 - f:\steam folder\steam.exe
AddRemove-Steam App 8190 - f:\steam folder\steam.exe
AddRemove-Steam App 8870 - f:\steam folder\steam.exe
AddRemove-Steam App 91200 - f:\steam folder\steam.exe
AddRemove-Steam App 91310 - f:\steam folder\steam.exe
AddRemove-Steam App 91600 - f:\steam folder\steam.exe
AddRemove-Steam App 9340 - f:\steam folder\steam.exe
AddRemove-Steam App 94200 - f:\steam folder\steam.exe
AddRemove-Steam App 94500 - f:\steam folder\steam.exe
AddRemove-Steam App 94510 - f:\steam folder\steam.exe
AddRemove-Steam App 94520 - f:\steam folder\steam.exe
AddRemove-Steam App 94530 - f:\steam folder\steam.exe
AddRemove-Steam App 95300 - f:\steam folder\steam.exe
AddRemove-Steam App 96200 - f:\steam folder\steam.exe
AddRemove-Steam App 97000 - f:\steam folder\steam.exe
AddRemove-Steam App 98800 - f:\steam folder\steam.exe
AddRemove-Steam App 99700 - f:\steam folder\steam.exe
AddRemove-BitTorrent DNA - c:\users\Attila\Program Files\DNA\btdna.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2013-11-08 07:20
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1944996874-710951996-293725333-1001\Software\SecuROM\License information*]
"datasecu"=hex:5c,d7,98,2d,9d,0f,70,05,3b,fe,5d,84,e3,41,3c,9a,73,39,11,87,52,
0b,c8,68,f0,7d,04,03,c1,66,2a,d2,42,ba,1a,ce,3f,9d,66,e7,bb,2e,61,89,df,f4,\
"rkeysecu"=hex:56,81,f0,40,29,d6,c5,87,42,fa,49,69,92,6c,10,fc
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5876)
c:\program files\DisplayFusion\Hooks\AppHookx86_58DF3D9E-3ED4-4660-8C5F-375C7CE714EB.dll
.
Completion time: 2013-11-08 07:23:05
ComboFix-quarantined-files.txt 2013-11-08 12:22
ComboFix2.txt 2013-06-22 11:47
.
Pre-Run: 51,825,594,368 bytes free
Post-Run: 52,378,767,360 bytes free
.
- - End Of File - - 397F7F07FDD35D400AB4F7DA2D9D5D34
5C616939100B85E558DA92B899A0FC36