ComboFix 10-01-03.05 - Drazic 04.01.2010  12:49:52.2.2 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1250.381.1033.18.2047.1444 [GMT 1:00]
Running from: c:\users\Drazic\Desktop\ComboFix.exe
AV: ESET NOD32 antivirus system 2.70 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
.

(((((((((((((((((((((((((   Files Created from 2009-12-04 to 2010-01-04  )))))))))))))))))))))))))))))))
.

2010-01-04 11:55 . 2010-01-04 11:55	--------	d-----w-	c:\users\Drazic\AppData\Local\temp
2010-01-04 11:55 . 2010-01-04 11:55	--------	d-----w-	c:\users\Public\AppData\Local\temp
2010-01-04 11:55 . 2010-01-04 11:55	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-01-04 11:47 . 2010-01-04 11:48	--------	d-----w-	C:\32788R22FWJFW
2010-01-03 13:29 . 2010-01-03 13:29	--------	d-----w-	C:\Fraps
2010-01-03 13:26 . 2010-01-03 13:26	--------	d-----w-	c:\program files\IObit
2010-01-01 11:41 . 2010-01-01 12:13	--------	d-----w-	c:\programdata\BioWare
2010-01-01 11:36 . 2010-01-01 11:36	--------	d-----w-	c:\windows\1C4551A64743409391E41477CD655043.TMP
2009-12-30 20:54 . 2009-12-30 20:55	--------	d-----w-	c:\program files\QuickTime
2009-12-30 20:54 . 2009-12-30 20:54	--------	d-----w-	c:\programdata\Apple Computer
2009-12-30 20:54 . 2009-12-30 20:54	--------	d-----w-	c:\program files\Common Files\Apple
2009-12-30 20:54 . 2009-12-30 20:54	--------	d-----w-	c:\users\Drazic\AppData\Local\Apple
2009-12-30 20:53 . 2009-12-30 20:54	--------	d-----w-	c:\program files\Apple Software Update
2009-12-30 20:53 . 2009-12-30 20:53	--------	d-----w-	c:\programdata\Apple
2009-12-30 12:14 . 2010-01-03 20:27	52224	----a-w-	c:\users\Drazic\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2009-12-30 12:14 . 2010-01-03 20:27	117760	----a-w-	c:\users\Drazic\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-12-30 12:13 . 2009-12-30 12:13	--------	d-----w-	c:\programdata\SUPERAntiSpyware.com
2009-12-30 12:13 . 2009-12-30 12:13	--------	d-----w-	c:\program files\SUPERAntiSpyware
2009-12-30 12:13 . 2009-12-30 12:13	--------	d-----w-	c:\users\Drazic\AppData\Roaming\SUPERAntiSpyware.com
2009-12-28 01:19 . 2009-12-28 01:19	55296	----a-w-	c:\programdata\Microsoft\Windows Defender\LocalCopy\{84F0E98B-7AE3-8315-D86A-FF42A34E63EB}-earthps.dll
2009-12-28 01:19 . 2009-12-28 01:19	20933632	----a-w-	c:\programdata\Microsoft\Windows Defender\LocalCopy\{9ACA7B98-EA59-232F-C39E-2A2DED0613F7}-geplugin.exe
2009-12-28 01:19 . 2009-12-28 01:19	5000192	----a-w-	c:\programdata\Microsoft\Windows Defender\LocalCopy\{F17033E8-DE91-BCF9-F0E9-D4D7D90114AA}-npgeplugin.dll
2009-12-27 09:19 . 2009-12-30 06:29	--------	d-----w-	c:\program files\Google
2009-12-20 06:19 . 2009-10-29 19:43	29512	----a-w-	c:\windows\system32\TURegOpt.exe
2009-12-20 06:19 . 2009-10-29 19:38	21320	----a-w-	c:\windows\system32\authuitu.dll
2009-12-20 06:19 . 2009-10-29 19:38	30024	----a-w-	c:\windows\system32\uxtuneup.dll
2009-12-20 06:19 . 2009-12-20 06:19	--------	d-----w-	c:\program files\TuneUp Utilities 2010
2009-12-19 21:53 . 2006-10-26 18:56	33104	----a-w-	c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2009-12-19 21:53 . 2006-10-26 18:56	32592	----a-w-	c:\windows\system32\msonpmon.dll
2009-12-19 21:51 . 2009-12-19 21:51	--------	d-----w-	c:\program files\Microsoft Works
2009-12-19 21:51 . 2009-12-19 21:51	--------	d-----w-	c:\windows\PCHEALTH
2009-12-19 21:51 . 2009-12-19 21:51	--------	d-----w-	c:\program files\Microsoft.NET
2009-12-19 21:49 . 2009-12-19 21:49	--------	d-----w-	c:\program files\Microsoft Visual Studio 8
2009-12-19 21:48 . 2009-12-19 21:48	--------	d-----w-	c:\users\Drazic\AppData\Local\Microsoft Help
2009-12-19 21:48 . 2009-12-19 21:54	--------	d-----w-	c:\programdata\Microsoft Help
2009-12-19 21:48 . 2009-12-19 21:48	--------	d-----r-	C:\MSOCache
2009-12-19 07:57 . 2009-12-19 07:57	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2009-12-17 23:44 . 2009-12-17 23:44	98304	----a-w-	c:\programdata\Microsoft\Windows Defender\LocalCopy\{68E6F68D-131F-CE14-3E31-21C9F0B09D93}-nssdbm3.dll
2009-12-17 23:44 . 2009-12-17 23:44	249856	----a-w-	c:\programdata\Microsoft\Windows Defender\LocalCopy\{90EA397D-65CD-100B-4EB3-C4BA0F070B5C}-freebl3.dll
2009-12-17 23:44 . 2009-12-17 23:44	155648	----a-w-	c:\programdata\Microsoft\Windows Defender\LocalCopy\{047148FF-0933-51E1-1F00-F71234CC5E91}-softokn3.dll
2009-12-17 09:37 . 2010-01-01 12:13	--------	d-----w-	c:\program files\Common Files\BioWare
2009-12-17 09:12 . 2010-01-03 20:30	5061520	----a-w-	c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-12-11 14:52 . 2009-12-11 15:00	--------	d-----w-	c:\users\Drazic\AppData\Roaming\Ventrilo
2009-12-11 14:51 . 2009-12-11 14:51	--------	d-----w-	c:\program files\Ventrilo
2009-12-09 17:43 . 2009-12-09 17:43	--------	d-----w-	c:\users\Drazic\AppData\Roaming\Activision
2009-12-09 17:42 . 2009-12-09 17:42	--------	d-sh--w-	c:\windows\ftpcache
2009-12-09 08:03 . 2010-01-01 12:12	--------	d-----w-	c:\programdata\Media Center Programs

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-04 11:49 . 2009-09-28 14:21	--------	d-----w-	c:\programdata\NVIDIA
2010-01-04 11:48 . 2009-09-28 14:25	--------	d-----w-	c:\users\Drazic\AppData\Roaming\uTorrent
2010-01-03 20:30 . 2009-11-25 09:24	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-01-03 18:09 . 2009-11-07 09:37	--------	d-----w-	c:\users\Drazic\AppData\Roaming\Skype
2010-01-03 15:04 . 2009-11-07 09:39	--------	d-----w-	c:\users\Drazic\AppData\Roaming\skypePM
2010-01-01 11:36 . 2009-09-28 14:21	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
2009-12-30 13:55 . 2009-11-25 09:24	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-30 13:54 . 2009-11-25 09:24	19160	----a-w-	c:\windows\system32\drivers\mbam.sys
2009-12-24 20:28 . 2009-11-30 14:56	--------	d-----w-	c:\programdata\TmForever
2009-12-20 06:18 . 2009-10-31 17:19	--------	d-----w-	c:\programdata\TuneUp Software
2009-12-19 22:31 . 2009-09-28 14:23	108824	----a-w-	c:\users\Drazic\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-19 21:51 . 2009-07-14 04:52	--------	d-----w-	c:\program files\MSBuild
2009-12-17 16:21 . 2009-11-04 19:33	--------	d-----w-	c:\program files\Games
2009-12-09 17:42 . 2009-09-28 17:33	--------	d--h--w-	c:\program files\InstallShield Installation Information
2009-12-09 17:33 . 2009-12-09 17:33	--------	d-----w-	c:\program files\Common Files\InstallShield
2009-12-07 17:06 . 2009-09-28 14:25	--------	d-----w-	c:\program files\uTorrent
2009-12-07 09:58 . 2009-09-28 14:30	--------	d-----w-	c:\program files\Java
2009-12-03 14:53 . 2009-12-03 14:53	--------	d-----w-	c:\programdata\Codemasters
2009-12-03 14:49 . 2009-12-03 14:49	--------	d-----w-	c:\program files\BRS
2009-12-03 14:48 . 2009-12-03 14:48	445016	----a-w-	c:\windows\system32\wrap_oal.dll
2009-12-03 14:48 . 2009-12-03 14:48	109144	----a-w-	c:\windows\system32\OpenAL32.dll
2009-12-03 14:48 . 2009-12-03 14:48	--------	d-----w-	c:\program files\OpenAL
2009-11-28 07:02 . 2009-11-28 06:24	--------	d-----w-	c:\users\Drazic\AppData\Roaming\Sony
2009-11-28 06:25 . 2009-11-28 06:25	--------	d-----w-	c:\users\Drazic\AppData\Roaming\Publish Providers
2009-11-28 06:22 . 2009-11-28 06:22	--------	d-----w-	c:\programdata\Sony
2009-11-28 00:46 . 2009-09-28 14:46	--------	d-----w-	c:\program files\TC UP
2009-11-25 09:37 . 2009-09-28 15:05	98304	----a-w-	c:\programdata\NexonEU\NGM\nxgameeu.dll
2009-11-25 09:37 . 2009-09-28 15:05	81920	----a-w-	c:\programdata\NexonEU\NGM\npNxGameeu.dll
2009-11-25 09:37 . 2009-09-28 15:05	532480	----a-w-	c:\programdata\NexonEU\NGM\NGMDll.dll
2009-11-25 09:37 . 2009-09-28 15:05	331776	----a-w-	c:\programdata\NexonEU\NGM\NGMResource.dll
2009-11-25 09:37 . 2009-09-28 15:05	258352	----a-w-	c:\programdata\NexonEU\NGM\unicows.dll
2009-11-25 09:37 . 2009-09-28 15:05	155648	----a-w-	c:\programdata\NexonEU\NGM\NGM.exe
2009-11-25 09:24 . 2009-11-25 09:24	--------	d-----w-	c:\users\Drazic\AppData\Roaming\Malwarebytes
2009-11-25 09:24 . 2009-11-25 09:24	--------	d-----w-	c:\programdata\Malwarebytes
2009-11-24 08:52 . 2009-09-28 14:22	--------	d-----w-	c:\program files\NVIDIA Corporation
2009-11-23 11:20 . 2009-11-17 15:01	138064	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2009-11-23 11:20 . 2009-11-17 15:00	189184	----a-w-	c:\windows\system32\PnkBstrB.exe
2009-11-23 10:39 . 2009-11-23 10:39	--------	d-----w-	c:\program files\Qtracker
2009-11-21 09:30 . 2009-11-21 09:30	86016	----a-w-	c:\windows\system32\frapsvid.dll
2009-11-17 15:39 . 2009-11-17 15:00	75064	----a-w-	c:\windows\system32\PnkBstrA.exe
2009-11-17 15:01 . 2009-11-17 15:01	22328	----a-w-	c:\users\Drazic\AppData\Roaming\PnkBstrK.sys
2009-11-17 15:01 . 2009-11-17 15:01	22328	----a-w-	c:\users\Drazic\AppData\Roaming\PnkBstrK.sys
2009-11-17 15:00 . 2009-11-17 15:00	682280	----a-w-	c:\windows\system32\pbsvc.exe
2009-11-16 16:24 . 2009-09-28 17:12	--------	d-----w-	c:\program files\ESET
2009-11-13 14:01 . 2009-09-28 14:44	--------	d-----w-	c:\program files\Common Files\Adobe
2009-11-08 22:44 . 2009-11-08 22:44	--------	d-----w-	c:\users\Drazic\AppData\Roaming\avidemux
2009-11-08 22:41 . 2009-09-28 15:14	--------	d-----w-	c:\users\Drazic\AppData\Roaming\BSplayer PRO
2009-11-07 09:39 . 2009-11-07 09:39	56	---ha-w-	c:\programdata\ezsidmv.dat
2009-11-07 09:37 . 2009-11-07 09:37	--------	d-----r-	c:\program files\Skype
2009-11-07 09:37 . 2009-11-07 09:37	--------	d-----w-	c:\program files\Common Files\Skype
2009-11-07 09:37 . 2009-09-28 14:26	--------	d-----w-	c:\programdata\Skype
2009-11-06 09:59 . 2009-11-06 09:59	15406728	----a-w-	c:\windows\system32\xlive.dll
2009-11-06 09:59 . 2009-11-06 09:59	13642888	----a-w-	c:\windows\system32\xlivefnt.dll
2009-11-02 19:42 . 2009-10-25 02:32	195456	------w-	c:\windows\system32\MpSigStub.exe
2009-11-02 17:05 . 2009-11-02 17:05	167064	----a-w-	c:\windows\system32\xliveinstall.dll
2009-11-02 17:05 . 2009-11-02 17:05	71832	----a-w-	c:\windows\system32\xliveinstallhost.exe
2009-10-16 10:19 . 2009-12-03 14:49	872448	----a-w-	c:\windows\system32\rapture3d_oal.dll
2009-10-15 11:44 . 2009-12-03 14:48	809560	----a-r-	c:\windows\system32\tmpE56C.tmp
2009-10-15 11:44 . 2009-12-03 14:47	809560	----a-r-	c:\windows\system32\tmpE52D.tmp
2009-10-14 07:42 . 2009-10-14 07:42	107888	----a-w-	c:\windows\system32\CmdLineExt.dll
2009-10-11 03:17 . 2009-09-28 14:30	411368	----a-w-	c:\windows\system32\deploytk.dll
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"="c:\users\Drazic\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-12-11 289584]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2009-09-28 950664]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-12-30 1389904]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-12-30 429392]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 13:21	548352	----a-w-	c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"PWRISOVM.EXE"=c:\program files\PowerISO\PWRISOVM.EXE
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

R1 nod32drv;nod32drv;c:\windows\System32\drivers\nod32drv.sys [28.9.2009 18:12 15424]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [16.12.2009 16:26 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [16.12.2009 16:26 74480]
R1 VD_FileDisk;VD_FileDisk;c:\windows\System32\drivers\vd_filedisk.sys [13.1.2006 14:00 15872]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [17.12.2009 10:13 235344]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [27.9.2009 16:48 240232]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [29.10.2009 20:41 1021256]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\System32\drivers\l160x86.sys [22.6.2009 7:06 48128]
R3 MBAMProtector;MBAMProtector;c:\windows\System32\drivers\mbam.sys [25.11.2009 10:24 19160]
R3 nvoclock;NVIDIA Enthusiasts Platform KDM;c:\windows\System32\drivers\nvoclock.sys [9.3.2009 12:25 38304]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [14.10.2009 7:24 10064]
S0 sptd;sptd;c:\windows\System32\drivers\sptd.sys [28.9.2009 15:51 721904]
S3 3xHybrid;SAA713x TV Card Service;c:\windows\System32\drivers\3xHybrid.sys [6.7.2007 19:00 906368]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16.12.2009 16:27 7408]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper	REG_MULTI_SZ   	getPlusHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\imon.dll
FF - ProfilePath - c:\users\Drazic\AppData\Roaming\Mozilla\Firefox\Profiles\chsjddm6.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: c:\programdata\NexonEU\NGM\npNxGameeu.dll
FF - plugin: c:\users\Drazic\AppData\Roaming\Mozilla\Firefox\Profiles\chsjddm6.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\GarenaPEngine]
"ImagePath"="\??\c:\users\Drazic\AppData\Local\Temp\SEL85F7.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-317834004-782162464-3461374618-1001\Software\SecuROM\License information*]
"datasecu"=hex:8d,14,c1,fa,32,10,3c,f9,0e,8d,20,dd,48,95,6d,fc,4e,f5,29,db,da,
   f9,d6,bf,44,f6,e3,19,5e,a6,f6,e4,03,2c,81,60,f5,b6,6f,b2,9a,fd,1d,01,47,8b,\
"rkeysecu"=hex:49,9d,e4,f9,ea,bb,d0,aa,be,ca,3f,c5,75,cc,00,70

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-01-04  12:56:57
ComboFix-quarantined-files.txt  2010-01-04 11:56
ComboFix2.txt  2010-01-04 11:18

Pre-Run: 21.534.928.896 bytes free
Post-Run: 21.516.742.656 bytes free

- - End Of File - - 7FE0542896C4D4A8E006BD359573CA73