ComboFix 13-09-23.02 - marston 09/26/2013  11:54:14.5.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3993.2701 [GMT -4:00]
Running from: c:\!tech\ComboFix.exe
AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7}
FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC}
SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Administrator.HUNTERFOODSVI\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Administrator.marston-PC\AppData\Local\Google\Chrome\User Data\Default\preferences
c:\users\marston.HUNTERFOODSVI.000\AppData\Local\Google\Chrome\User Data\Default\Preferences
.
c:\windows\SysWow64\Drivers\atapi.sys . . . is infected!!
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-26 to 2013-09-26  )))))))))))))))))))))))))))))))
.
.
2013-09-26 16:13 . 2013-09-26 16:13	--------	d-----w-	c:\users\Public\AppData\Local\temp
2013-09-26 16:13 . 2013-09-26 16:13	--------	d-----w-	c:\users\marston\AppData\Local\temp
2013-09-26 16:13 . 2013-09-26 16:13	--------	d-----w-	c:\users\marston.HUNTERFOODSVI\AppData\Local\temp
2013-09-26 16:13 . 2013-09-26 16:13	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-09-26 16:13 . 2013-09-26 16:13	--------	d-----w-	c:\users\administrator\AppData\Local\temp
2013-09-26 16:13 . 2013-09-26 16:13	--------	d-----w-	c:\users\Administrator.marston-PC\AppData\Local\temp
2013-09-26 16:13 . 2013-09-26 16:13	--------	d-----w-	c:\users\Administrator.marston-PC.000\AppData\Local\temp
2013-09-26 16:13 . 2013-09-26 16:13	--------	d-----w-	c:\users\Administrator.HUNTERFOODSVI\AppData\Local\temp
2013-09-26 15:28 . 2013-09-26 15:28	--------	d-s---w-	c:\windows\SysWow64\Microsoft
2013-09-26 14:01 . 2013-08-30 07:47	287840	----a-w-	c:\windows\system32\aswBoot.exe
2013-09-26 14:00 . 2013-09-26 14:00	--------	d-----w-	c:\program files\AVAST Software
2013-09-26 13:59 . 2013-09-26 15:33	--------	d-----w-	c:\programdata\AVAST Software
2013-09-24 14:23 . 2013-09-24 14:23	--------	d-----w-	c:\program files\Speccy
2013-09-24 13:45 . 2013-09-24 13:45	--------	d-----w-	C:\FRST
2013-09-24 13:16 . 2013-09-24 13:16	--------	d-----w-	c:\users\Administrator.marston-PC\AppData\Local\adawarebp
2013-09-24 13:16 . 2013-09-24 13:53	--------	d-----w-	c:\users\Administrator.marston-PC\AppData\Roaming\Ad-Aware Antivirus
2013-09-24 13:16 . 2013-09-24 13:16	--------	d-----w-	c:\users\Administrator.marston-PC\AppData\Local\LogMeIn
2013-09-23 17:32 . 2013-09-23 17:32	--------	d-----w-	C:\_OTL
2013-09-16 20:55 . 2013-09-16 20:55	--------	d-----w-	c:\users\marston.HUNTERFOODSVI.000\AppData\Local\Research In Motion
2013-09-16 20:55 . 2013-09-16 20:56	--------	d-----w-	c:\users\marston.HUNTERFOODSVI.000\AppData\Roaming\Research In Motion
2013-09-16 20:50 . 2012-12-10 19:48	44544	----a-w-	c:\windows\system32\drivers\RimSerial_AMD64.sys
2013-09-16 20:49 . 2013-09-16 20:50	--------	d-----w-	c:\program files (x86)\Common Files\XCPCSync.OEM
2013-09-05 23:10 . 2013-09-05 23:12	--------	d-----w-	c:\users\marston.HUNTERFOODSVI.000\AppData\Roaming\Dropbox
2013-09-02 14:17 . 2013-09-02 14:17	--------	d-----w-	c:\users\marston.HUNTERFOODSVI.000\AppData\Local\Diagnostics
2013-08-27 16:18 . 2013-08-27 16:18	--------	d-----w-	c:\users\marston.HUNTERFOODSVI.000\AppData\Local\VirtualStore
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-20 15:42 . 2012-04-23 21:15	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-20 15:42 . 2012-02-21 19:31	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-27 16:01 . 2013-08-27 16:02	923136	----a-w-	C:\RogueKiller.exe
2013-08-27 15:50 . 2013-08-27 15:54	994642	----a-w-	C:\adwcleaner.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"disablecad"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
@="Ad-Aware Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Blackberry Device Manager;Blackberry Device Manager;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
R3 GoToAssist Remote Support Customer;GoToAssist Remote Support Customer;c:\program files (x86)\Citrix\GoToAssist Remote Support Customer\498\g2ax_service.exe Start=service;c:\program files (x86)\Citrix\GoToAssist Remote Support Customer\498\g2ax_service.exe Start=service [x]
R3 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe;c:\program files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 Ad-Aware Service;Ad-Aware Service;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe;c:\program files (x86)\Ad-Aware Antivirus\AdAwareService.exe [x]
R4 SAAZRemoteSupport;SAAZRemoteSupport;c:\progra~2\SAAZOD\SAAZRemoteSupport.exe;c:\progra~2\SAAZOD\SAAZRemoteSupport.exe [x]
R4 SBAMSvc;Ad-Aware;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe;c:\program files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [x]
R4 ZEvtSVC;ZEvtSVC;c:\progra~2\SAAZOD\zSCC\zEvtSVC.exe;c:\progra~2\SAAZOD\zSCC\zEvtSVC.exe [x]
S0 gfibto;gfibto;c:\windows\system32\drivers\gfibto.sys;c:\windows\SYSNATIVE\drivers\gfibto.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 stcvsm;StorageCraft Volume Snapshot Driver;c:\windows\system32\DRIVERS\stcvsm.sys;c:\windows\SYSNATIVE\DRIVERS\stcvsm.sys [x]
S1 sbmount;StorageCraft Image Mount Driver; [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 MBAMScheduler;MBAMScheduler;c:\progra~2\SAAZOD\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\progra~2\SAAZOD\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\progra~2\SAAZOD\Malwarebytes' Anti-Malware\mbamservice.exe;c:\progra~2\SAAZOD\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe;c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe [x]
S2 SAAZappr;SAAZ RMM Agent Presence-PR;c:\progra~2\SAAZOD\zRealTime\SAAZappr.exe SAAZappr;c:\progra~2\SAAZOD\zRealTime\SAAZappr.exe SAAZappr [x]
S2 SAAZapsc;SAAZ RMM Agent Presence-SC;c:\progra~2\SAAZOD\zRealTime\SAAZapsc.exe SAAZapsc;c:\progra~2\SAAZOD\zRealTime\SAAZapsc.exe SAAZapsc [x]
S2 SAAZDPMACTL;SAAZDPMACTL;c:\progra~2\SAAZOD\SAAZDPMACTL.exe;c:\progra~2\SAAZOD\SAAZDPMACTL.exe [x]
S2 SAAZScheduler;SAAZScheduler;c:\progra~2\SAAZOD\SAAZScheduler.exe;c:\progra~2\SAAZOD\SAAZScheduler.exe [x]
S2 SAAZServerPlus;SAAZServerPlus;c:\progra~2\SAAZOD\SAAZServerPlus.exe;c:\progra~2\SAAZOD\SAAZServerPlus.exe [x]
S2 SAAZWatchDog;SAAZWatchDog;c:\progra~2\SAAZOD\SAAZWatchDog.exe;c:\progra~2\SAAZOD\SAAZWatchDog.exe [x]
S2 sbapifs;sbapifs;c:\windows\system32\DRIVERS\sbapifs.sys;c:\windows\SYSNATIVE\DRIVERS\sbapifs.sys [x]
S2 ShadowProtectSvc;ShadowProtect Service;c:\program files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe;c:\program files (x86)\StorageCraft\ShadowProtect\ShadowProtectSvc.exe [x]
S2 VSNAPVSS;StorageCraft Shadow Copy Provider;c:\windows\SysWOW64\vsnapvss.exe;c:\windows\SysWOW64\vsnapvss.exe [x]
S3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-20 18:26	1177552	----a-w-	c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-23 15:42]
.
2013-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-09-05 11:10]
.
.
--------- X64 Entries -----------
.
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.0.5
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - c:\program files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
Toolbar-Locked - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCCUJobMgr]
"ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.17.20\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Pervasive Software\PSQL]
@Denied: ) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-09-26  12:14:34
ComboFix-quarantined-files.txt  2013-09-26 16:14
ComboFix2.txt  2013-09-23 18:20
ComboFix3.txt  2013-09-23 16:26
ComboFix4.txt  2013-08-27 17:13
.
Pre-Run: 257,895,428,096 bytes free
Post-Run: 257,465,954,304 bytes free
.
- - End Of File - - 82D9EEDDED2DAD6E526A0D9A6E706FE2
A36C5E4F47E84449FF07ED3517B43A31