ComboFix 11-12-06.02 - Heintje 07/12/2011 17:02:44.1.8 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.2.1033.18.8183.5563 [GMT -5:00] Running from: c:\users\Heintje\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . I:\install.exe . . ((((((((((((((((((((((((( Files Created from 2011-11-08 to 2011-12-08 ))))))))))))))))))))))))))))))) . . 2011-12-08 12:58 . 2011-12-08 12:58 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{15CF0CEF-93C1-405A-9D7A-ED0ACC7DB752}\offreg.dll 2011-12-07 22:30 . 2011-12-07 22:30 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-12-07 08:42 . 2011-11-21 08:40 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-12-07 08:42 . 2011-11-21 08:40 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{15CF0CEF-93C1-405A-9D7A-ED0ACC7DB752}\mpengine.dll 2011-12-06 13:17 . 2011-12-06 13:17 -------- d-----r- C:\MSOCache 2011-12-06 03:16 . 2011-12-06 03:16 -------- d-----w- c:\program files (x86)\Common Files\SafeNet Sentinel 2011-12-06 03:16 . 2011-12-06 03:16 -------- d-----w- c:\windows\Downloaded Installations 2011-12-06 03:15 . 2011-12-06 03:15 -------- d-----w- c:\programdata\Tajima 2011-12-06 03:15 . 2011-12-06 03:15 -------- d-----w- c:\programdata\Pulse 2011-12-06 03:15 . 2011-12-06 03:15 -------- d-----w- c:\program files (x86)\Tajima 2011-12-06 03:13 . 2011-12-06 03:16 -------- dc-h--w- c:\programdata\{17DED61C-64DD-43C7-B00B-818634A00EE6} 2011-12-05 19:19 . 2005-09-23 22:40 822784 ----a-w- c:\windows\system32\msvcr80.dll 2011-12-05 19:19 . 2005-09-23 22:40 1097728 ----a-w- c:\windows\system32\msvcp80.dll 2011-12-05 19:19 . 2011-12-05 19:19 -------- d-----w- C:\prntdrvr 2011-12-05 13:08 . 2011-12-05 13:08 -------- d-----w- c:\programdata\Xerox 2011-12-05 13:00 . 2011-12-05 13:01 -------- d-----w- C:\Xerox 2011-12-05 12:43 . 2011-12-05 12:43 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4530F716-CADF-4F24-8CCA-C68C1B6ED9E5}\gapaengine.dll 2011-12-05 12:42 . 2010-10-19 20:51 270720 ------w- c:\windows\system32\MpSigStub.exe 2011-12-05 12:35 . 2011-12-05 12:35 -------- d-----w- c:\program files (x86)\Microsoft Security Client 2011-12-05 12:35 . 2011-12-05 12:36 -------- d-----w- c:\program files\Microsoft Security Client 2011-12-05 12:35 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys 2011-12-05 12:03 . 2011-03-25 03:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys 2011-12-05 12:03 . 2011-03-25 03:23 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2011-12-05 12:03 . 2011-03-25 03:23 324608 ----a-w- c:\windows\system32\drivers\usbport.sys 2011-12-05 12:03 . 2011-03-25 03:22 52224 ----a-w- c:\windows\system32\drivers\usbehci.sys 2011-12-05 12:03 . 2011-03-25 03:22 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys 2011-12-05 12:03 . 2011-03-25 03:22 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2011-12-05 12:03 . 2011-03-25 03:22 7936 ----a-w- c:\windows\system32\drivers\usbd.sys 2011-12-05 12:02 . 2011-03-11 06:23 187264 ----a-w- c:\windows\system32\drivers\storport.sys 2011-12-05 12:02 . 2011-03-11 06:23 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys 2011-12-05 12:02 . 2011-03-11 06:23 1657216 ----a-w- c:\windows\system32\drivers\ntfs.sys 2011-12-05 12:02 . 2011-03-11 06:23 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys 2011-12-05 12:02 . 2011-03-11 06:23 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys 2011-12-05 12:02 . 2011-03-11 06:22 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys 2011-12-05 12:02 . 2011-03-11 06:22 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys 2011-12-05 12:02 . 2011-03-11 06:18 2566144 ----a-w- c:\windows\system32\esent.dll 2011-12-05 12:02 . 2011-03-11 06:15 96768 ----a-w- c:\windows\system32\fsutil.exe 2011-12-05 12:02 . 2011-03-11 05:39 1686016 ----a-w- c:\windows\SysWow64\esent.dll 2011-12-05 12:02 . 2011-03-11 05:37 74240 ----a-w- c:\windows\SysWow64\fsutil.exe 2011-12-05 12:01 . 2011-12-06 13:20 -------- d-----w- c:\program files (x86)\Microsoft.NET 2011-12-03 16:29 . 2011-12-03 16:29 -------- d-----w- c:\program files (x86)\MSXML 4.0 2011-12-03 16:28 . 2011-12-03 16:28 -------- d-----w- c:\windows\SysWow64\Wat 2011-12-03 16:28 . 2011-12-03 16:28 -------- d-----w- c:\windows\system32\Wat 2011-12-03 16:10 . 2011-12-05 12:23 -------- d-----w- c:\programdata\FLEXnet 2011-12-03 16:07 . 2011-12-03 16:07 -------- d-----w- c:\programdata\ALM 2011-12-03 16:02 . 2008-04-07 10:38 24416 ----a-r- c:\windows\system32\AdobePDFUI.dll 2011-12-03 15:57 . 2011-12-03 15:57 -------- d-----w- c:\program files (x86)\Adobe Media Player 2011-12-03 15:56 . 2011-12-03 15:56 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR 2011-12-03 15:55 . 2011-12-03 16:11 -------- d-----w- c:\program files\Common Files\Adobe 2011-12-03 15:55 . 2011-12-03 15:55 -------- d-----w- c:\program files\Common Files\Macrovision Shared 2011-12-03 15:54 . 2011-12-03 15:54 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared 2011-12-03 15:19 . 2010-09-14 06:45 367104 ----a-w- c:\windows\system32\wcncsvc.dll 2011-12-03 15:19 . 2010-09-14 06:07 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll 2011-12-03 15:13 . 2009-09-10 06:28 311808 ----a-w- c:\windows\system32\msv1_0.dll 2011-12-03 15:13 . 2009-09-10 05:52 257024 ----a-w- c:\windows\SysWow64\msv1_0.dll 2011-12-03 15:03 . 2009-10-10 03:17 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys 2011-12-03 15:03 . 2009-12-29 08:03 220672 ----a-w- c:\windows\system32\wintrust.dll 2011-12-03 15:03 . 2009-12-29 06:55 172032 ----a-w- c:\windows\SysWow64\wintrust.dll 2011-12-03 15:03 . 2010-01-09 07:19 139264 ----a-w- c:\windows\system32\cabview.dll 2011-12-03 15:03 . 2010-01-09 06:52 132608 ----a-w- c:\windows\SysWow64\cabview.dll 2011-12-03 15:02 . 2011-12-03 14:03 -------- d-----w- c:\users\Heintje 2011-12-03 15:02 . 2009-11-25 17:47 99176 ----a-w- c:\windows\SysWow64\PresentationHostProxy.dll 2011-12-03 15:02 . 2009-11-25 17:47 49472 ----a-w- c:\windows\SysWow64\netfxperf.dll 2011-12-03 15:02 . 2009-11-25 17:47 48960 ----a-w- c:\windows\system32\netfxperf.dll 2011-12-03 15:02 . 2009-11-25 17:47 297808 ----a-w- c:\windows\SysWow64\mscoree.dll 2011-12-03 15:02 . 2009-11-25 17:47 295264 ----a-w- c:\windows\SysWow64\PresentationHost.exe 2011-12-03 15:02 . 2009-11-25 17:47 1130824 ----a-w- c:\windows\SysWow64\dfshim.dll 2011-12-03 15:02 . 2009-11-25 17:47 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2011-12-03 15:02 . 2009-11-25 17:47 444752 ----a-w- c:\windows\system32\mscoree.dll 2011-12-03 15:02 . 2009-11-25 17:47 320352 ----a-w- c:\windows\system32\PresentationHost.exe 2011-12-03 15:02 . 2009-11-25 17:47 1942856 ----a-w- c:\windows\system32\dfshim.dll 2011-12-03 14:57 . 2011-12-03 14:58 -------- d-----w- c:\program files\Microsoft IntelliPoint 2011-12-03 14:48 . 2011-12-03 14:48 274432 ----a-w- c:\windows\SysWow64\IscDbc.dll 2011-12-03 14:48 . 2011-12-03 14:48 262144 ----a-w- c:\windows\SysWow64\OdbcJdbcMT.dll 2011-12-03 14:48 . 2011-12-03 14:48 253952 ----a-w- c:\windows\SysWow64\OdbcJdbc.dll 2011-12-03 14:48 . 2011-12-03 14:48 155648 ----a-w- c:\windows\SysWow64\OdbcJdbcSetup.dll 2011-12-03 14:46 . 2011-12-03 14:46 -------- d-----w- c:\program files\Microsoft IntelliType Pro 2011-12-03 14:35 . 2010-03-04 04:32 243712 ----a-w- c:\windows\system32\drivers\ks.sys 2011-12-03 14:33 . 2011-08-20 05:46 696576 ----a-w- c:\program files\Internet Explorer\iexplore.exe 2011-12-03 14:32 . 2011-07-16 02:26 2048 ----a-w- c:\windows\SysWow64\user.exe 2011-12-03 14:32 . 2011-07-09 05:14 2048 ----a-w- c:\windows\system32\tzres.dll 2011-12-03 14:32 . 2011-07-09 04:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2011-12-03 14:31 . 2009-12-11 10:29 153160 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2011-12-03 14:31 . 2009-12-11 09:24 1446912 ----a-w- c:\windows\system32\lsasrv.dll 2011-12-03 14:31 . 2009-12-11 07:39 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2011-12-03 14:31 . 2009-12-11 07:36 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2011-12-03 14:29 . 2009-09-03 07:36 1975296 ----a-w- c:\windows\system32\CertEnroll.dll 2011-12-03 14:28 . 2011-07-09 02:44 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-12-03 14:27 . 2011-01-17 06:17 197120 ----a-w- c:\windows\system32\d3d10_1.dll 2011-12-03 14:26 . 2011-09-29 16:24 1897328 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-12-03 14:25 . 2010-10-12 05:05 35328 ----a-w- c:\program files\Windows Mail\wabfind.dll 2011-12-03 14:24 . 2011-12-03 14:24 -------- d-----w- c:\program files (x86)\Fiery 2011-12-03 14:22 . 2010-12-18 06:08 1097216 ----a-w- c:\windows\system32\mstsc.exe 2011-12-03 14:22 . 2010-12-18 05:26 1034240 ----a-w- c:\windows\SysWow64\mstsc.exe 2011-12-03 14:22 . 2010-08-27 06:14 236032 ----a-w- c:\windows\system32\srvsvc.dll 2011-12-03 14:22 . 2010-08-27 05:46 9728 ----a-w- c:\windows\SysWow64\sscore.dll 2011-12-03 14:22 . 2010-03-04 07:57 2080256 ----a-w- c:\program files\Windows Mail\msoe.dll 2011-12-03 14:22 . 2010-03-04 07:33 1619968 ----a-w- c:\program files (x86)\Windows Mail\msoe.dll 2011-12-03 14:22 . 2010-06-19 06:53 52224 ----a-w- c:\windows\system32\rtutils.dll 2011-12-03 14:22 . 2010-06-19 06:23 37376 ----a-w- c:\windows\SysWow64\rtutils.dll 2011-12-03 14:22 . 2010-10-16 05:23 112000 ----a-w- c:\windows\system32\consent.exe 2011-12-03 14:22 . 2010-07-29 06:30 82944 ----a-w- c:\windows\SysWow64\iccvid.dll 2011-12-03 14:22 . 2011-04-22 20:18 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys 2011-12-03 14:20 . 2011-02-23 05:15 90624 ----a-w- c:\windows\system32\drivers\bowser.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Tajima DGML By Pulse 2009 Update Setup for All Users"="c:\programdata\{17DED61C-64DD-43C7-B00B-818634A00EE6}\setup.exe" [2009-01-20 3409272] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2009-12-22 148888] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-15 98304] "ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2009-07-17 237568] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-25 140520] "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232] "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376] . c:\users\Heintje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Command WorkStation 5.lnk - c:\program files (x86)\Fiery\Applications3\Command WorkStation 5\Contents\WinOS\cws.exe [2011-12-3 589824] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x] R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016] R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-12-03 1038088] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272] R3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-06-26 1124848] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-03-31 92160] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648] S2 EFI ES1000;EFI ES1000;c:\program files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Service.exe [2008-04-11 9216] S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x] S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;c:\windows\system32\DRIVERS\SNTUSB64.SYS [x] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x] . . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-05-23 7833120] "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1873256] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.ca/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: E&xporter vers Microsoft Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.0.1 . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe Wow6432Node-HKCU-Run-Tajima DGML By Pulse 2009 Update Setup - c:\users\Heintje\AppData\Local\{17DED61C-64DD-43C7-B00B-818634A00EE6}\setup.exe Toolbar-Locked - (no file) HKLM-Run-Skytel - c:\program files\Realtek\Audio\HDA\Skytel.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}] @Denied: (A 2) (Everyone) @="IFlashBroker2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Tajima\DGML By Pulse 2009\DesignSpooler.exe c:\program files (x86)\Common Files\EFI\EFI ES-1000 Service\ES1000Server.exe c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files (x86)\Internet Explorer\iexplore.exe c:\program files (x86)\Windows Live\Toolbar\wltuser.exe . ************************************************************************** . Completion time: 2011-12-08 08:18:47 - machine was rebooted ComboFix-quarantined-files.txt 2011-12-08 13:18 . Pre-Run: 427,712,262,144 bytes free Post-Run: 428,225,667,072 bytes free . - - End Of File - - 187551F42610C9F2519D37A5E753D514