ComboFix 11-12-15.02 - waipahe 12/15/2011  12:10:22.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8184.5951 [GMT -10:00]
Running from: c:\users\waipahe\Downloads\ComboFix.exe
AV: avast! Internet Security *Enabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
FW: avast! Internet Security *Enabled* {FB460EB6-4C6D-E564-6BF5-EEEF2B44B473}
SP: avast! Internet Security *Enabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat
C:\Thumbs.db
c:\users\waipahe\AppData\Roaming\chrtmp
c:\users\waipahe\AppData\Roaming\inst.exe
c:\users\waipahe\AppData\Roaming\vso_ts_preview.xml
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
c:\windows\SysWow64\xTab2003.ocx
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
(((((((((((((((((((((((((   Files Created from 2011-11-15 to 2011-12-15  )))))))))))))))))))))))))))))))
.
.
2011-12-15 20:41 . 2011-12-15 20:41	--------	d-----w-	C:\_OTL
2011-12-14 18:25 . 2011-10-26 05:21	43520	----a-w-	c:\windows\system32\csrsrv.dll
2011-12-14 18:25 . 2011-11-24 04:52	3145216	----a-w-	c:\windows\system32\win32k.sys
2011-12-14 18:25 . 2011-10-15 06:31	723456	----a-w-	c:\windows\system32\EncDec.dll
2011-12-14 18:25 . 2011-10-15 05:38	534528	----a-w-	c:\windows\SysWow64\EncDec.dll
2011-12-14 18:25 . 2011-11-05 05:32	2048	----a-w-	c:\windows\system32\tzres.dll
2011-12-14 18:25 . 2011-11-05 04:26	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2011-12-14 08:02 . 2010-05-06 20:33	22096	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-12-14 08:02 . 2010-05-06 20:39	121936	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-12-14 08:02 . 2010-05-06 20:41	424016	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2011-12-14 08:02 . 2010-05-06 20:41	124496	----a-w-	c:\windows\system32\drivers\aswFW.sys
2011-12-14 08:00 . 2010-05-06 20:40	250448	----a-w-	c:\windows\system32\drivers\aswNdis2.sys
2011-12-14 08:00 . 2010-05-06 20:34	28752	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-12-14 08:00 . 2010-05-06 20:39	51280	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-12-14 08:00 . 2010-05-06 20:34	63568	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2011-12-14 07:59 . 2010-03-19 20:10	12368	----a-w-	c:\windows\system32\drivers\aswNdis.sys
2011-12-14 07:59 . 2010-05-06 20:59	165032	----a-w-	c:\windows\SysWow64\aswBoot.exe
2011-12-14 02:05 . 2011-12-14 02:05	--------	d-----w-	c:\program files (x86)\STOPzilla!
2011-12-14 02:05 . 2011-12-14 02:05	--------	d-----w-	c:\program files (x86)\Common Files\iS3
2011-12-14 02:05 . 2011-12-14 08:12	--------	d-----w-	c:\programdata\STOPzilla!
2011-12-14 01:45 . 2011-12-14 01:45	--------	d-----we	c:\windows\system64
2011-12-13 18:35 . 2011-12-13 18:35	--------	d-----w-	c:\users\waipahe\AppData\Local\HuluDesktop
2011-12-13 17:14 . 2011-11-30 12:21	8822856	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{57121DA7-3755-4AA5-8789-9D3C051FAE3C}\mpengine.dll
2011-12-08 03:12 . 2011-12-08 03:12	68648	----a-r-	c:\windows\SysWow64\IS3Hks5.dll
2011-12-08 03:12 . 2011-12-08 03:12	547880	----a-r-	c:\windows\SysWow64\SZComp5.dll
2011-12-08 03:12 . 2011-12-08 03:12	482344	----a-r-	c:\windows\SysWow64\SZBase5.dll
2011-12-08 03:12 . 2011-12-08 03:12	457768	----a-r-	c:\windows\SysWow64\IS3DBA5.dll
2011-12-08 03:12 . 2011-12-08 03:12	30248	----a-r-	c:\windows\SysWow64\IS3XDat5.dll
2011-12-08 03:12 . 2011-12-08 03:12	24616	----a-r-	c:\windows\SysWow64\SZIO5.dll
2011-12-08 03:12 . 2011-12-08 03:12	134184	----a-r-	c:\windows\SysWow64\IS3HTUI5.dll
2011-12-08 03:12 . 2011-12-08 03:12	740392	----a-r-	c:\windows\SysWow64\IS3Base5.dll
2011-12-08 03:12 . 2011-12-08 03:12	392232	----a-r-	c:\windows\SysWow64\IS3UI5.dll
2011-12-08 03:12 . 2011-12-08 03:12	232488	----a-r-	c:\windows\SysWow64\IS3Win325.dll
2011-12-08 03:12 . 2011-12-08 03:12	105512	----a-r-	c:\windows\SysWow64\IS3Inet5.dll
2011-12-08 03:12 . 2011-12-08 03:12	101416	----a-r-	c:\windows\SysWow64\IS3Svc5.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-20 08:07 . 2011-06-01 08:42	2880	--sha-w-	c:\programdata\KGyGaAvL.sys
2011-11-16 00:29 . 2011-08-29 18:32	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-11-11 18:33 . 2011-05-31 18:57	414368	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-29 16:29 . 2011-11-09 16:35	1923952	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-09-26 21:21 . 2011-09-26 21:21	74768	----a-r-	c:\windows\SysWow64\drivers\SZKG64.sys
2011-09-26 21:21 . 2011-09-26 21:21	74768	----a-r-	c:\windows\SysWow64\drivers\is3srv64.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-05-06 21:02	151648	----a-w-	c:\program files\Alwil Software\Avast5\snxPlugins.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DIMDownloading your update...1300677038363"="c:\program files (x86)\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe" [2010-05-21 95592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-23 98304]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-09-01 449608]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WNDA3100v2 Smart Wizard.lnk - c:\program files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe [2011-10-7 4577760]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2010-1-21 2119488]
WDSmartWare.lnk - c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2010-1-21 9136960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 is3srv;is3srv;c:\windows\SySWOW64\drivers\is3srv64.sys [2011-09-26 74768]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-22 85560]
R2 WSWNDA3100;WSWNDA3100;c:\program files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [2010-08-20 272864]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-04-08 1431888]
R3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;c:\windows\system32\DRIVERS\SNTUSB64.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys [x]
S0 szkg5;szkg5;c:\windows\SySWOW64\DRIVERS\szkg64.sys [2011-09-26 74768]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S1 WMDrive;WMDrive;c:\windows\SysWOW64\drivers\WMDrive.sys [2011-03-30 92536]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe [2010-05-06 119200]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-09-01 366152]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-05-06 1128952]
S2 RipCore;RipCore;c:\program files (x86)\Fawkes Engineering\AccuRIP\RipCore.exe [2011-08-24 2102680]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344]
S2 Sentinel64;Sentinel64;c:\windows\System32\Drivers\Sentinel64.sys [x]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-21 5790064]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-21 487280]
S2 WDDMService;WD SmartWare Drive Manager Service;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2010-01-22 130048]
S2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [2009-06-16 20480]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-26 c:\windows\Tasks\HPCeeScheduleForWAIPAHE-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2011-12-12 c:\windows\Tasks\HPCeeScheduleForwaipahe.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MountOverlayIcon]
@="{0F49CF41-FD97-4942-9F2A-35E8B489E7FB}"
[HKEY_CLASSES_ROOT\CLSID\{0F49CF41-FD97-4942-9F2A-35E8B489E7FB}]
2010-10-21 20:41	308736	----a-w-	c:\program files\WinMount\WinMTExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-05-06 20:59	174832	----a-w-	c:\program files\Alwil Software\Avast5\snxPlugins64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"combofix"="c:\combofix\CF9807.3XE" [2010-11-20 345088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.ask.com/?l=dis&o=15007
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\waipahe\AppData\Roaming\Mozilla\Firefox\Profiles\djnn73c1.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226} - c:\program files (x86)\InstallShield Installation Information\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
.
**************************************************************************
.
Completion time: 2011-12-15  12:22:59 - machine was rebooted
ComboFix-quarantined-files.txt  2011-12-15 22:22
.
Pre-Run: 1,300,528,648,192 bytes free
Post-Run: 1,300,179,255,296 bytes free
.
- - End Of File - - B5264F24943BB119F8A5AA37AA4A7584