The computer appears to be working fine and so does the one online game I reinstalled. I have not seen any of those weird glitches pop up so for now I would have to say all is good. I am away for the weekend but will monitor it when I get back.
Here is the log as requested.
ComboFix 13-06-22.01 - John Richardson 28/06/2013 18:03:43.8.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3326.2466 [GMT -4:00]
Running from: c:\documents and settings\John Richardson\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\John Richardson\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AAUDSTUM
-------\Service_aaudstum
.
.
((((((((((((((((((((((((( Files Created from 2013-05-28 to 2013-06-28 )))))))))))))))))))))))))))))))
.
.
2013-06-28 06:11 . 2013-06-12 04:18 7068072 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{73425EA9-9DD4-4325-98A3-B53AFADC351D}\mpengine.dll
2013-06-25 23:26 . 2013-06-18 14:22 263576 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll
2013-06-23 15:32 . 2013-06-23 15:48 -------- d---a-w- c:\program files\Cryptic Studios
2013-06-23 13:11 . 2013-06-23 13:11 -------- d-----w- c:\windows\ERUNT
2013-06-23 13:10 . 2013-06-23 13:11 -------- d-----w- C:\JRT
2013-06-21 23:04 . 2013-06-21 23:04 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI
2013-06-21 23:00 . 2012-05-14 06:12 103040 ----a-w- c:\windows\system32\drivers\AtihdXP3.sys
2013-06-21 22:59 . 2013-06-21 23:01 -------- d---a-w- c:\program files\ATI Technologies
2013-06-21 22:59 . 2013-06-21 22:59 -------- d---a-w- c:\program files\ATI
2013-06-21 22:58 . 2013-06-21 22:58 -------- d---a-w- C:\AMD
2013-06-21 00:10 . 2013-06-21 00:10 -------- d---a-w- c:\program files\ESET
2013-06-20 03:03 . 2013-06-20 03:03 22064 ----a-w- c:\windows\DCEBoot.exe
2013-06-19 22:49 . 2013-06-19 22:49 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-19 22:49 . 2013-06-19 22:49 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-19 22:49 . 2013-06-19 22:49 -------- d-----w- c:\program files\Java
2013-06-13 00:36 . 2009-01-25 17:14 15224 ----a-w- c:\windows\system32\sdnclean.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-27 19:11 . 2013-03-18 20:50 175176 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-27 19:11 . 2012-10-16 23:30 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-27 19:11 . 2012-10-16 23:30 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-23 14:53 . 2012-04-05 01:15 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-06-23 14:53 . 2011-06-05 22:48 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-19 22:49 . 2012-09-22 22:21 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-06-19 22:49 . 2011-10-28 22:44 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-06-12 04:18 . 2013-01-05 18:08 7068072 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-05-09 08:59 . 2013-03-18 20:50 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2012-10-16 23:30 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2013-05-25 13:38 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-09 08:59 . 2013-03-18 20:49 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:59 . 2012-10-16 23:30 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-09 08:59 . 2012-10-16 23:30 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:58 . 2012-10-16 23:29 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2012-10-16 23:29 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-07 22:30 . 2004-08-11 22:00 920064 ----a-w- c:\windows\system32\wininet.dll
2013-05-07 22:30 . 2004-08-11 22:00 43520 ------w- c:\windows\system32\licmgr10.dll
2013-05-07 22:30 . 2004-08-11 22:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-05-07 21:53 . 2004-08-11 22:00 385024 ------w- c:\windows\system32\html.iec
2013-05-03 01:30 . 2004-08-11 22:00 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-05-03 00:38 . 2004-08-04 03:59 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-05-02 06:06 . 2013-01-05 18:08 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-04-20 00:13 . 2013-04-20 00:13 86016 ----a-w- c:\windows\system32\OpenAL32.dll
2013-04-20 00:13 . 2013-04-20 00:13 413696 ----a-w- c:\windows\system32\wrap_oal.dll
2013-04-10 01:31 . 2004-08-11 22:00 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 18:50 . 2012-06-02 14:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-02 05:36 . 2012-06-03 17:36 44 ---h--w- c:\program files\d81f0199.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igndlm.exe"="c:\program files\Download Manager\DLM.exe" [2009-05-14 1103216]
"Akamai NetSession Interface"="c:\documents and settings\John Richardson\Local Settings\Application Data\Akamai\netsession_win.exe" [2013-06-05 4489472]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2012-11-23 307712]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2012-12-29 96056]
"Steam"="c:\program files\Steam\Steam.exe" [2013-06-06 1641896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-10-15 196608]
"RTHDCPL"="RTHDCPL.EXE" [2008-01-09 16859648]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2013-05-16 3830224]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-16 98304]
.
c:\documents and settings\Administrator\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk.disabled [2008-11-10 767]
.
c:\documents and settings\John Richardson\Start Menu\Programs\Startup\
SpywareGuard.lnk - c:\program files\SpywareGuard\sgmain.exe [2003-8-29 360448]
Xfire.lnk - c:\program files\Xfire\Xfire.exe [2013-3-21 3560832]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean.exe\0aswBoot.exe /A:* /A:C: /A:*STARTUP-SHORT /A:*STARTUP /L:1033 /heur:100 /RA:chest /pup /archives /IA:0 /KBD:2 /dir:C:\Program
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MarbleStation"=c:\netmarbleglobal\MarbleStation\GlbMSLauncher.exe
"AVG PC Tuneup"="c:\program files\AVG\AVG PC Tuneup\BoostSpeed.exe" -UseTray
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Games\\Dungeon Siege 2\\DungeonSiege2.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2main_amdxp.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwupdate.exe"=
"c:\\Program Files\\Atari\\Neverwinter Nights 2\\nwn2server.exe"=
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\StarCraft II\\StarCraft II.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\amd driver updater, xp, 32 bit\\Setup.exe"=
"c:\\NetmarbleGlobal\\MarbleStation\\nmgDownloader\\nmgDownload.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\FEAR2\\FEAR2.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Documents and Settings\\John Richardson\\Local Settings\\Application Data\\Akamai\\netsession_win.exe"=
"c:\\Program Files\\Diablo III\\Diablo III.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\king's bounty - the legend\\kb.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\king's bounty - the legend\\save_fixer.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\kings bounty armored princess\\kb.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\kings bounty crossworlds\\kb.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\dungeon siege iii\\Dungeon Siege III.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Carrier Command Gaea Mission demo\\carrier_demo.exe"=
"c:\\Documents and Settings\\John Richardson\\Local Settings\\Apps\\2.0\\RCMH2E3C.XKX\\N6C0O9YD.PBO\\curs..tion_9e9e83ddf3ed3ead_0005.0001_f88ee66177b243ac\\CurseClient.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\Mafia II\\pc\\mafia2.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\sid meier's civilization v\\Launcher.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.1675\\Agent.exe"=
"c:\\WINDOWS\\system32\\dxdiag.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Cryptic Studios\\Star Trek Online\\Live\\GameClient.exe"=
"c:\\Program Files\\File Type Assistant\\TSAssist.exe"=
"c:\\Program Files\\Wing Commander Saga Prologue\\wcsaga.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Battle.net\\Agent\\Agent.1737\\Agent.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58199:TCP"= 58199:TCP:Pando Media Booster
"58199:UDP"= 58199:UDP:Pando Media Booster
"59153:TCP"= 59153:TCP:Pando Media Booster
"59153:UDP"= 59153:UDP:Pando Media Booster
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
"1041:TCP"= 1041:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [18/03/2013 4:50 PM 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [18/03/2013 4:50 PM 175176]
R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [25/05/2013 9:38 AM 21576]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [16/10/2012 7:30 PM 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [16/10/2012 7:30 PM 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [16/10/2012 7:30 PM 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [18/03/2013 4:49 PM 66336]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [12/06/2013 8:36 PM 1033688]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [03/11/2006 8:19 PM 13592]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [21/06/2013 7:00 PM 103040]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [11/08/2004 6:00 PM 14336]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [12/06/2013 8:36 PM 1817560]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [12/06/2013 8:36 PM 171928]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\Dell Support Center\pcdsrvc.pkms [04/09/2012 1:54 AM 22640]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 14:53]
.
2013-06-28 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-10-16 08:58]
.
2013-06-28 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2013-06-13 14:58]
.
2013-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-16 23:30]
.
2013-06-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-16 23:30]
.
2013-06-28 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]
.
2013-06-11 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2012-09-19 03:48]
.
2013-06-28 c:\windows\Tasks\ProgramRefresh-ATFST.job
- c:\program files\File Type Assistant\TSASetup.exe [2013-01-08 00:48]
.
2013-06-28 c:\windows\Tasks\ProgramUpdateCheck.job
- c:\program files\File Type Assistant\tsassist.exe [2011-03-27 17:09]
.
2013-06-26 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2013-06-13 14:57]
.
2013-06-13 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2013-06-13 14:58]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = localhost:21320
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://ca.search.yahoo.com/search?fr=mcafee&p=%s
IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Show avast! EasyPass Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: microsoft.com\windowsupdate
Trusted Zone: soe.com
Trusted Zone: sony.com
Trusted Zone: worldoftanks.com
TCP: DhcpNameServer = 64.71.255.204 64.71.255.198
Handler: intu-qt2007 - {026BF40D-BA05-467b-9F1F-AD0D7A3F5F11} - c:\program files\QuickTax 2007\ic2007pp.dll
FF - ProfilePath - c:\documents and settings\John Richardson\Application Data\Mozilla\Firefox\Profiles\zy5758f9.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-28 18:15
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_80c2ffa.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\PCDSRVC{E9D79540-57D5953E-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-879840139-2802958703-907680667-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:64,5f,aa,30,64,48,a5,e2,9f,c3,01,ee,47,f7,9e,7e,11,7d,de,3f,53,e3,61,
65,b7,0a,a4,67,96,3d,f0,d2,33,47,2f,b8,2d,b6,f7,26,49,ca,63,67,c0,74,0f,5b,\
"??"=hex:af,4b,db,31,8c,18,8b,1f,0f,e7,56,55,e3,4a,d7,19
.
[HKEY_USERS\S-1-5-21-879840139-2802958703-907680667-1005\Software\SecuROM\License information*]
"datasecu"=hex:79,3e,8d,fc,be,fb,61,b0,6d,87,b2,94,0d,99,ea,c1,09,89,90,16,35,
eb,c5,40,6c,5e,13,b8,a8,26,42,9a,f9,df,36,c4,46,b3,69,ce,a3,60,e4,b5,48,4f,\
"rkeysecu"=hex:a3,57,c4,0d,f8,95,92,51,5f,05,99,76,7c,43,56,19
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(884)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(796)
c:\windows\system32\WININET.dll
c:\program files\Xfire\xfire_toucan_46139.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\windows\system32\CDRTC.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\windows\RTHDCPL.EXE
c:\program files\SpywareGuard\sgbhp.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
.
**************************************************************************
.
Completion time: 2013-06-28 18:23:24 - machine was rebooted
ComboFix-quarantined-files.txt 2013-06-28 22:23
ComboFix2.txt 2013-06-27 23:11
ComboFix3.txt 2013-06-23 13:50
.
Pre-Run: 71,995,871,232 bytes free
Post-Run: 72,030,765,056 bytes free
.
- - End Of File - - 562BD4135F90D46F3A5EF3BD1E16194A
5CB90281D1A59B251F6603134774EEC3