ComboFix 10-07-11.03 - Lol 12.07.2010  12:07:09.1.2 - FAT32x86
Running from: i:\␚\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

h:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
h:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
h:\documents and settings\Lol\Application Data\.#
h:\documents and settings\Lol\Application Data\.#\MBX@804@1133798.###
h:\documents and settings\Lol\Application Data\.#\MBX@804@11337A8.###
h:\documents and settings\Lol\Application Data\.#\MBX@804@11337B8.###
I:\install.exe

----- BITS: Possible infected sites -----

hxxp://soft.export.yandex.ru
.
(((((((((((((((((((((((((   Files Created from 2010-06-12 to 2010-07-12  )))))))))))))))))))))))))))))))
.

2010-07-11 15:41 . 2010-07-11 15:41	11264	----a-w-	h:\windows\system32\drivers\uzqyodmz.sys
2010-07-10 07:28 . 2010-07-06 06:57	30528	----a-w-	h:\windows\system32\TURegOpt.exe
2010-07-10 07:28 . 2010-07-06 06:52	30016	----a-w-	h:\windows\system32\uxtuneup.dll
2010-07-10 07:28 . 2010-07-10 07:28	--------	d-----w-	h:\documents and settings\Lol\Application Data\TuneUp Software
2010-07-10 07:28 . 2010-07-10 07:28	--------	d-----w-	h:\program files\TuneUp Utilities 2010
2010-07-10 07:27 . 2010-07-10 07:28	--------	d-----w-	h:\documents and settings\All Users\Application Data\TuneUp Software
2010-07-10 07:27 . 2010-07-10 07:27	--------	d-sh--w-	h:\documents and settings\All Users\Application Data\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-07-10 07:12 . 2010-07-10 07:12	--------	d-----w-	H:\FOUND.003
2010-07-07 15:46 . 2010-07-07 15:46	--------	d-----w-	H:\FOUND.002
2010-07-03 10:53 . 2010-07-03 10:53	--------	d-----w-	h:\windows\Sun
2010-07-01 14:07 . 2010-07-01 14:07	--------	d-----w-	h:\documents and settings\Lol\DoctorWeb
2010-07-01 13:17 . 2010-07-01 13:17	--------	d-----w-	h:\documents and settings\LOLL
2010-07-01 11:21 . 2010-07-01 11:21	--------	d-----w-	H:\FOUND.001
2010-07-01 08:31 . 2010-07-01 08:31	388096	----a-r-	h:\documents and settings\Lol\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-07-01 07:12 . 2010-07-01 07:12	--------	d-----w-	h:\documents and settings\Lol\Application Data\Tific
2010-07-01 07:12 . 2010-07-01 07:12	--------	d-----w-	h:\documents and settings\Lol\Local Settings\Application Data\Symantec
2010-06-30 07:13 . 2010-06-30 07:13	--------	d-----w-	h:\windows\system32\N360_BACKUP
2010-06-29 07:02 . 2006-03-02 12:00	41600	----a-w-	h:\windows\system32\dllcache\weitekp9.dll
2010-06-29 07:01 . 2006-03-02 12:00	14848	----a-w-	h:\windows\system32\dllcache\register.exe
2010-06-29 07:00 . 2001-10-19 14:05	5632	----a-w-	h:\windows\system32\dllcache\EXCH_adsiisex.dll
2010-06-29 06:53 . 2006-03-02 12:00	24661	----a-w-	h:\windows\system32\spxcoins.dll
2010-06-29 06:53 . 2006-03-02 12:00	24661	----a-w-	h:\windows\system32\dllcache\spxcoins.dll
2010-06-29 06:53 . 2006-03-02 12:00	13312	----a-w-	h:\windows\system32\irclass.dll
2010-06-29 06:53 . 2006-03-02 12:00	13312	----a-w-	h:\windows\system32\dllcache\irclass.dll
2010-06-28 15:46 . 2009-05-18 22:17	26600	----a-r-	h:\windows\system32\drivers\GEARAspiWDM.sys
2010-06-28 15:46 . 2008-04-17 21:12	107368	----a-r-	h:\windows\system32\GEARAspi.dll
2010-06-28 15:46 . 2010-06-28 15:46	60808	----a-w-	h:\windows\system32\S32EVNT1.DLL
2010-06-28 15:46 . 2010-06-28 15:46	124976	----a-w-	h:\windows\system32\drivers\SYMEVENT.SYS
2010-06-28 15:46 . 2010-06-28 15:46	--------	d-----w-	h:\program files\Symantec
2010-06-28 15:46 . 2010-06-28 15:46	--------	d-----w-	h:\program files\Common Files\Symantec Shared
2010-06-28 15:45 . 2010-06-28 15:45	--------	d-----w-	h:\windows\system32\drivers\N360
2010-06-28 15:45 . 2010-06-28 15:45	--------	d-----w-	h:\program files\Windows Sidebar
2010-06-28 15:45 . 2010-06-28 15:45	--------	d-----w-	h:\documents and settings\All Users\Application Data\Norton
2010-06-28 15:44 . 2010-06-28 15:44	--------	d-----w-	h:\program files\NortonInstaller
2010-06-28 15:44 . 2010-06-28 15:44	--------	d-----w-	h:\documents and settings\All Users\Application Data\NortonInstaller
2010-06-28 14:47 . 2010-06-28 14:47	9216	----a-w-	h:\documents and settings\Lol\Application Data\Thinstall\Error Repair Professional version 4.0.6\10000006700002i\regedit.exe
2010-06-28 13:54 . 2008-07-06 00:52	407040	----a-w-	h:\documents and settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}\Microsoft Windows Installer 3.1\mWinRun.dll\mWinRunExec.dll
2010-06-28 10:59 . 2010-06-28 10:59	503808	----a-w-	h:\documents and settings\Lol\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2c58aaa1-n\msvcp71.dll
2010-06-28 10:59 . 2010-06-28 10:59	499712	----a-w-	h:\documents and settings\Lol\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2c58aaa1-n\jmc.dll
2010-06-28 10:59 . 2010-06-28 10:59	348160	----a-w-	h:\documents and settings\Lol\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2c58aaa1-n\msvcr71.dll
2010-06-28 10:59 . 2010-06-28 10:59	--------	d-----w-	h:\program files\Common Files\Java
2010-06-28 10:59 . 2010-06-28 10:59	61440	----a-w-	h:\documents and settings\Lol\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4b62b94b-n\decora-sse.dll
2010-06-28 10:59 . 2010-06-28 10:59	12800	----a-w-	h:\documents and settings\Lol\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4b62b94b-n\decora-d3d.dll
2010-06-28 10:59 . 2010-06-28 10:59	411368	----a-w-	h:\windows\system32\deployJava1.dll
2010-06-28 10:58 . 2010-06-28 10:58	--------	d-----w-	h:\program files\Java
2010-06-27 16:06 . 2009-11-30 15:43	136192	----a-w-	h:\windows\system32\fsproflt.exe
2010-06-27 16:06 . 2008-06-05 12:37	43792	----a-w-	h:\windows\system32\drivers\FSPFltd.sys
2010-06-25 15:18 . 2010-06-25 15:18	664	----a-w-	h:\windows\system32\d3d9caps.dat
2010-06-25 13:58 . 2010-06-25 13:58	--------	d-----w-	H:\FOUND.000
2010-06-21 10:02 . 2010-06-21 10:02	--------	d-----w-	h:\windows\system32\NtmsData
2010-06-20 09:36 . 2010-06-20 09:36	--------	d-----w-	h:\documents and settings\Lol\Application Data\DeepBurner
2010-06-20 09:30 . 2010-06-20 09:30	--------	d-----w-	h:\documents and settings\Lol\Application Data\InfraRecorder
2010-06-20 09:24 . 2010-06-20 09:24	--------	d-----w-	h:\documents and settings\Lol\Application Data\ImgBurn
2010-06-20 09:17 . 2010-06-20 09:17	--------	d-----w-	h:\documents and settings\Lol\Application Data\Ashampoo
2010-06-20 09:13 . 2010-06-20 09:13	--------	d-----w-	h:\documents and settings\Lol\Application Data\BinarySense
2010-06-20 09:13 . 2010-06-20 09:13	--------	d-----w-	h:\documents and settings\All Users\Application Data\TEMP
2010-06-20 09:13 . 2010-06-20 09:13	--------	d-----w-	h:\program files\Common Files\BinarySense
2010-06-20 08:22 . 2010-06-20 08:22	--------	d-----w-	h:\documents and settings\Lol\Application Data\Uniblue
2010-06-19 15:07 . 2010-06-19 15:07	691696	----a-w-	h:\windows\system32\drivers\sptd.sys
2010-06-19 14:24 . 2010-06-19 14:24	--------	d-----w-	h:\documents and settings\Lol\Local Settings\Application Data\ashampoo
2010-06-19 14:24 . 2010-06-19 14:24	--------	d-----w-	h:\documents and settings\All Users\Application Data\ashampoo
2010-06-16 14:35 . 2010-06-16 14:35	--------	d-----w-	h:\documents and settings\Lol\Application Data\Ubisoft
2010-06-16 14:35 . 2010-06-16 14:35	--------	d-----w-	h:\documents and settings\All Users\Application Data\Ubisoft
2010-06-14 06:28 . 2010-06-14 06:28	--------	d-----w-	h:\documents and settings\All Users\Application Data\nView_Profiles

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-11 19:52 . 2010-03-21 15:13	12	----a-w-	h:\windows\bthservsdp.dat
2010-07-10 09:42 . 2010-03-19 13:08	22520	----a-w-	h:\documents and settings\Lol\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-08 08:13 . 2006-03-02 05:00	78784	----a-w-	h:\windows\system32\perfc019.dat
2010-07-08 08:13 . 2006-03-02 05:00	452418	----a-w-	h:\windows\system32\perfh019.dat
2010-06-28 15:46 . 2010-06-28 15:46	805	----a-w-	h:\windows\system32\drivers\SYMEVENT.INF
2010-06-28 15:46 . 2010-06-28 15:46	7443	----a-w-	h:\windows\system32\drivers\SYMEVENT.CAT
2010-06-28 13:54 . 2010-06-28 13:54	--------	d--h--w-	h:\documents and settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2010-06-15 14:34 . 2010-05-25 11:56	22328	----a-w-	h:\windows\system32\drivers\PnkBstrK.sys
2010-06-15 14:34 . 2010-05-25 11:56	103736	----a-w-	h:\windows\system32\PnkBstrB.exe
2010-06-14 15:11 . 2010-05-25 11:55	66872	----a-w-	h:\windows\system32\PnkBstrA.exe
2010-06-14 14:58 . 2010-05-25 11:56	22328	----a-w-	h:\documents and settings\Lol\Application Data\PnkBstrK.sys
2010-06-14 14:58 . 2010-05-25 11:56	22328	----a-w-	h:\documents and settings\Lol\Application Data\PnkBstrK.sys
2010-06-11 02:46 . 2010-06-11 02:46	--------	d-----w-	h:\documents and settings\Lol\Application Data\BitTorrent
2010-06-05 08:11 . 2010-06-05 08:11	180224	----a-w-	h:\windows\system32\WinVd32.sys
2010-06-05 08:11 . 2010-06-05 08:11	7680	----a-w-	h:\windows\system32\WinFLsrv.exe
2010-06-01 23:26 . 2010-06-01 23:26	--------	d-----w-	h:\documents and settings\Lol\Application Data\QipGuard
2010-06-01 09:26 . 2010-06-01 09:26	--------	d-----w-	h:\documents and settings\All Users\Application Data\Nero
2010-05-27 12:53 . 2010-05-27 12:53	128	----a-w-	h:\documents and settings\Lol\Local Settings\Application Data\fusioncache.dat
2010-05-27 11:37 . 2010-05-25 11:55	669184	----a-w-	h:\windows\system32\pbsvc.exe
2010-05-14 08:32 . 2010-06-01 23:26	280440	----a-w-	h:\documents and settings\Lol\Application Data\QipGuard\sqlite3.dll
2010-05-14 08:32 . 2010-06-01 23:26	184272	----a-w-	h:\documents and settings\Lol\Application Data\QipGuard\QipGuard.exe
2010-05-14 08:32 . 2010-06-01 23:26	20944	----a-w-	h:\documents and settings\Lol\Application Data\QipGuard\chrome.dll
2010-05-10 06:37 . 2010-05-10 05:33	150528	----a-w-	h:\documents and settings\Lol\Application Data\Macromedia\Authorware Web Player\NP32ASW\webplr08\vct32161.dll
2010-05-10 05:35 . 2010-05-10 05:34	839680	----a-w-	h:\documents and settings\Lol\Application Data\Macromedia\Authorware Web Player\NP32ASW\webplr08\webplr.exe
2010-05-10 05:34 . 2010-05-10 05:34	148480	----a-w-	h:\documents and settings\Lol\Application Data\Macromedia\Authorware Web Player\NP32ASW\webplr08\awiml32.dll
2010-05-10 05:34 . 2010-05-10 05:34	28672	----a-w-	h:\documents and settings\Lol\Application Data\Macromedia\Authorware Web Player\NP32ASW\webplr08\dvd.dll
2010-05-10 05:34 . 2010-05-10 05:33	169472	----a-w-	h:\documents and settings\Lol\Application Data\Macromedia\Authorware Web Player\NP32ASW\webplr08\js32.dll
2010-05-10 05:33 . 2010-05-10 05:33	135680	----a-w-	h:\documents and settings\Lol\Application Data\Macromedia\Authorware Web Player\NP32ASW\webplr08\msvcrt.dll
2010-04-30 10:42 . 2010-04-30 10:42	181096	----a-w-	h:\documents and settings\Lol\Application Data\Mozilla\Firefox\Profiles\6ifbo21b.default\FlashGot.exe
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-19 16844800]
"SkyTel"="SkyTel.EXE" [2007-08-02 1826816]
"NvCplDaemon"="h:\windows\system32\NvCpl.dll" [2008-02-28 13516800]
"nwiz"="nwiz.exe" [2008-02-28 1626112]
"NvMediaCenter"="h:\windows\system32\NvMcTray.dll" [2008-02-28 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="h:\windows\system32\CTFMON.EXE" [2006-03-02 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fsproflt]
@="Service"

[HKLM\~\startupfolder\H:^Documents and Settings^Lol^ ^^^DSL Speed.lnk]
path=h:\documents and settings\Lol\ \\\DSL Speed.lnk
backup=h:\windows\pss\DSL Speed.lnkStartup

[HKLM\~\startupfolder\H:^Documents and Settings^Lol^ ^^^HDDlife.lnk]
path=h:\documents and settings\Lol\ \\\HDDlife.lnk
backup=h:\windows\pss\HDDlife.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-03 00:43	69632	------r-	h:\windows\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]
2007-01-19 04:49	49152	----a-w-	h:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2006-03-02 05:00	110592	----a-w-	h:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2006-03-02 05:00	15360	----a-w-	h:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link D-Link Wireless G DWA-510]
2007-05-04 13:26	1662976	----a-w-	i:\program files\AirGCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Infium]
2010-05-14 18:33	5562832	----a-w-	i:\game\QIP 2010\qip.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InternetConnect.exe]
2010-03-21 18:18	1244160	----a-w-	c:\downloads\\icv2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-05-18 14:29	49152	----a-w-	i:\game\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LTConsole]
2003-09-09 13:49	61440	----a-w-	c:\legionteamsoft\LTConsole\LTConsole.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MAgent]
2010-04-03 16:01	7975608	----a-w-	i:\program files\magent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBCore]
2009-07-20 04:51	1590568	----a-w-	h:\program files\Common Files\Nero\Nero BackItUp 4\NBCore.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NexusServer]
2007-03-26 10:45	389120	----a-w-	h:\program files\Common Files\Grass Valley\ProCoder 3\Kernel\PNXSERVR.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-02-28 06:34	13516800	----a-w-	h:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-02-28 06:34	86016	----a-w-	h:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-02-28 06:34	1626112	----a-w-	h:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QIP Internet Guardian]
2010-05-14 08:32	184272	----a-w-	h:\documents and settings\Lol\Application Data\QipGuard\QipGuard.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2005-12-08 01:57	30208	------w-	i:\game\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2007-09-19 00:14	16844800	------r-	h:\windows\RTHDCPL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2007-08-02 19:22	1826816	------r-	h:\windows\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-02-18 04:43	248040	----a-w-	h:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinGuard Pro]
2009-11-01 08:19	282624	----a-w-	i:\game\wgp7\wgpro7.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"WmiApSrv"=3 (0x3)
"VSS"=3 (0x3)
"SysmonLog"=3 (0x3)
"SCardSvr"=3 (0x3)
"RichVideo"=2 (0x2)
"RDSessMgr"=3 (0x3)
"PnkBstrA"=2 (0x2)
"PlugPlay"=2 (0x2)
"ose"=3 (0x3)
"NVSvc"=2 (0x2)
"Nero BackItUp Scheduler 4.0"=2 (0x2)
"NBService"=3 (0x3)
"N360"=2 (0x2)
"mnmsrvc"=3 (0x3)
"JavaQuickStarterService"=2 (0x2)
"ImapiService"=3 (0x3)
"ICQ Service"=2 (0x2)
"fsproflt"=2 (0x2)
"Eventlog"=2 (0x2)
"ekrn"=2 (0x2)
"EhttpSrv"=3 (0x3)
"ANIWZCSdService"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"i:\\Program Files\\uTorrent.exe"=
"i:\\Game\\ICQ7.0\\ICQ.exe"=
"%windir%\\system32\\wmisrv.exe"=
"i:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"i:\\Game\\ICQ7.0\\aolload.exe"=
"i:\\\\Ventrilo.exe"=
"h:\\WINDOWS\\System32\\PnkBstrA.exe"=
"h:\\WINDOWS\\System32\\PnkBstrB.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"i:\\Documents and Settings\\Saneck\\ \\Counter-strike\\hl.exe"=
"i:\\Р РЋР В°РЎв‚¬Р В°\\utorrent.exe"=
"i:\\Program Files\\cod4\\iw3mp.exe"=
"h:\\WINDOWS\\System32\\mmc.exe"=
"i:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 sptd;sptd;h:\windows\System32\Drivers\sptd.sys [2010-06-19 691696]
R1 vdqyodmz;AVZ-BC Kernel Driver;h:\windows\system32\Drivers\vdqyodmz.sys [x]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;h:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-07-06 1051968]
R4 fsproflt;FSPro Filter Service;h:\windows\system32\fsproflt.exe [2009-11-30 136192]
R4 ICQ Service;ICQ Service;h:\program files\ICQ6Toolbar\ICQ Service.exe [2008-06-10 222456]
S0 FSProFilter;FSPro File Filter;h:\windows\System32\Drivers\FSPFltd.sys [2008-06-05 43792]
S0 SymDS;Symantec Data Store;h:\windows\system32\drivers\N360\0402000.00C\SYMDS.SYS [2009-10-15 328752]
S0 SymEFA;Symantec Extended File Attributes;h:\windows\system32\drivers\N360\0402000.00C\SYMEFA.SYS [2010-04-22 173104]
S1 BHDrvx86;BHDrvx86;h:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\BASHDefs\20100619.001\BHDrvx86.sys [2010-06-18 691248]
S1 ccHP;Symantec Hash Provider;h:\windows\system32\drivers\N360\0402000.00C\ccHPx86.sys [2010-02-26 501888]
S1 SymIRON;Symantec Iron Driver;h:\windows\system32\drivers\N360\0402000.00C\Ironx86.SYS [2010-04-29 116784]
S1 uzqyodmz;AVZ-RK Kernel Driver;h:\windows\system32\Drivers\uzqyodmz.sys [2010-07-11 11264]
S2 N360;Norton 360;i:\program files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe [2010-02-26 126392]
S3 IDSxpx86;IDSxpx86;h:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\Definitions\IPSDefs\20100709.001\IDSxpx86.sys [2010-05-28 331640]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;h:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064]


--- Other Services/Drivers In Memory ---

*Deregistered* - EraserUtilDrv11010

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ru.ask.com?o=15788&l=dis
uDefault_Search_URL = hxxp://search.qip.ru
uSearchAssistant = hxxp://search.qip.ru/ie
IE: &  Microsoft Excel - h:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE:     Download Master - i:\games\Download Master\dmieall.htm
IE:    Download Master - i:\games\Download Master\dmie.htm
IE:     DM - i:\games\Download Master\remdown.htm
IE: @Mail.Ru - h:\program files\mail.ru\sputnik\MailRuSputnik.dll/282
IE: @Mail.Ru - h:\program files\mail.ru\sputnik\MailRuSputnik.dll/283
TCP: {7C8DDECB-BA54-4303-9981-6E88737923BE} = 109.195.33.1 109.195.32.1
.
- - - - ORPHANS REMOVED - - - -

BHO-{E666624D-1800-4030-AA40-33013B4A18A7} - (no file)
WebBrowser-{91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
MSConfigStartUp-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - h:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
MSConfigStartUp-egui - h:\program files\ESET\ESET NOD32 Antivirus\egui.exe
MSConfigStartUp-ICQ - h:\documents and settings\Lol\ \ICQ6.5\ICQ.exe
MSConfigStartUp-NBJ - i:\game\Nero BackItUp\NBJ.exe
MSConfigStartUp-NeroFilterCheck - h:\program files\Common Files\Ahead\Lib\NeroCheck.exe
MSConfigStartUp-WinFoxV2 - h:\windows\system32\WF2K.EXE
AddRemove-Get Styles for Opera - h:\program files\Get-Styles 2.0\op\uninstall.exe
AddRemove-Get-Styles for Chrome - h:\program files\Get-Styles 2.0\ch\uninstall.exe
AddRemove-Get-Styles for IE - h:\program files\Get-Styles 2.0\ie\uninstall.exe
AddRemove-Get-Styles   - h:\program files\Get-Styles 2.0\utils\uninstall.exe
AddRemove-POD bot v2.6 - i:\documents and settings\SANECK\L+++L TT+T\COUNTER-STRIKE\Uninstal.exe
AddRemove-QIP2005 - h:\documents and settings\Lol\ \QIP\unqip.exe
AddRemove-{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1 - h:\program files\Uniblue\RegistryBooster\unins000.exe
AddRemove-FolderLock6 - c:\program files\Folder Lock\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-12 12:14
Windows 5.1.2600 Service Pack 2 FAT NTAPI

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]
"ImagePath"="\"i:\program files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe\" /s \"N360\" /m \"i:\program files\Norton 360\Engine\4.2.0.12\diMaster.dll\" /prefetch:1"
.
Completion time: 2010-07-12  12:15:40
ComboFix-quarantined-files.txt  2010-07-12 05:15

Pre-Run: 1135640576  
Post-Run: 1168363520  

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 9D622DF6043052B8E9A847BE19012908
