Combo Fix

ComboFix 11-11-07.03 - Leandro 09/11/2011 0:30.1.3 - x64Microsoft Windows Vista Ultimate 6.0.6002.2.1252.34.3082.18.3838.911 [GMT -2:00]Running from: c:\users\Leandro\Downloads\ComboFix.exeAV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}SP: Spybot - Search & Destroy *Enabled/Updated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\users\Leandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\{72B1771D-CA22-477D-8E5F-A67E9B3E5A2A}.xpsc:\users\Leandro\AppData\Local\Microsoft\Windows\Temporary Internet Files\{D6B9AA6F-5320-4C91-9710-126F95097D0B}.xpsc:\users\Leandro\AppData\Local\Temp\nsc83EC.tmp\InstallOptions.dllc:\users\Leandro\AppData\Roaming\vso_ts_preview.xmlc:\windows\system32\drivers\etc\hosts.txt..((((((((((((((((((((((((( Files Created from 2011-10-09 to 2011-11-09 )))))))))))))))))))))))))))))))..2011-11-09 02:38 . 2011-11-09 02:38 -------- d-----w- c:\users\Default\AppData\Local\temp2011-11-08 23:04 . 2011-11-08 23:04 -------- d-----w- c:\program files\ESET2011-11-05 03:28 . 2011-11-05 03:28 -------- d-----w- c:\users\Leandro\AppData\Roaming\Malwarebytes2011-11-05 03:28 . 2011-11-05 03:28 -------- d-----w- c:\programdata\Malwarebytes2011-11-05 03:28 . 2011-11-08 15:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2011-11-05 03:28 . 2011-08-31 19:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys2011-11-05 02:30 . 2011-11-05 02:30 -------- d-----w- C:\ProcAlyzer Dumps2011-11-05 02:09 . 2011-11-09 02:44 -------- d-----w- c:\programdata\Spybot - Search & Destroy2011-11-05 02:08 . 2009-01-25 15:14 17272 ----a-w- c:\windows\system32\sdnclean64.exe2011-11-05 02:08 . 2011-11-05 02:08 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 22011-10-30 22:23 . 2011-10-30 22:23 -------- d-----w- c:\users\Leandro\AppData\Roaming\dvdcss2011-10-28 22:15 . 2011-10-28 22:22 -------- d-----w- c:\users\Leandro\AppData\Roaming\vlc2011-10-28 22:14 . 2011-10-28 22:14 -------- d-----w- c:\program files (x86)\VideoLAN2011-10-28 21:51 . 2011-10-28 21:57 -------- d-----w- c:\users\Leandro\AppData\Roaming\Yamb2011-10-28 21:14 . 2011-10-28 21:22 -------- d-----w- c:\users\Leandro\AppData\Roaming\avidemux2011-10-28 21:14 . 2011-10-28 21:14 -------- d-----w- c:\program files (x86)\Avidemux 2.52011-10-28 21:02 . 2011-10-28 21:03 -------- d-----w- C:\OutputFolder2011-10-28 21:01 . 2011-10-28 21:01 -------- d-----w- c:\program files (x86)\Allok AVI MPEG Converter2011-10-28 20:43 . 2011-10-28 20:51 -------- d-----w- c:\users\Leandro\AppData\Roaming\AVI ReComp2011-10-28 20:43 . 2011-10-28 20:43 -------- d-----w- c:\program files (x86)\Xvid2011-10-28 20:41 . 2011-10-28 20:42 -------- d-----w- c:\program files (x86)\AviSynth 2.52011-10-28 20:41 . 2011-10-28 20:43 -------- d-----w- c:\program files (x86)\AVI ReComp2011-10-28 20:30 . 2011-10-28 20:31 -------- d-----w- c:\program files (x86)\Total Video Converter2011-10-28 20:24 . 2011-10-28 20:30 -------- d-----w- c:\users\Leandro\AppData\Roaming\Vso2011-10-28 20:24 . 2009-09-02 15:44 65602 ----a-w- c:\windows\SysWow64\cook3260.dll2011-10-28 20:24 . 2009-09-02 15:44 217127 ----a-w- c:\windows\SysWow64\drv43260.dll2011-10-28 20:24 . 2009-09-02 15:44 208935 ----a-w- c:\windows\SysWow64\drv33260.dll2011-10-28 20:24 . 2009-09-02 15:44 176165 ----a-w- c:\windows\SysWow64\drv23260.dll2011-10-28 20:24 . 2009-09-02 15:44 102439 ----a-w- c:\windows\SysWow64\sipr3260.dll2011-10-28 20:24 . 2009-09-02 15:44 626688 ----a-w- c:\windows\SysWow64\vp7vfw.dll2011-10-28 20:24 . 2009-09-02 15:44 1184984 ----a-w- c:\windows\SysWow64\wvc1dmod.dll2011-10-28 20:24 . 2011-10-28 20:24 -------- d-----w- c:\program files (x86)\VSO2011-10-28 20:08 . 2011-10-20 13:39 205312 ----a-w- c:\windows\system32\unrar64.dll2011-10-28 20:08 . 2011-10-28 20:56 -------- d-----w- c:\program files\DirectVobSub2011-10-28 19:38 . 2011-10-28 19:38 -------- d-----w- c:\program files (x86)\Gabest2011-10-22 09:14 . 2011-10-22 09:14 -------- d-----w- c:\program files (x86)\Common Files\Java2011-10-20 03:22 . 1999-11-05 09:31 208896 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\iuser.dll2011-10-20 03:22 . 1999-11-03 11:53 151552 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ctor.dll2011-10-20 03:22 . 1999-10-28 06:35 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\IScript.dll2011-10-20 03:22 . 1999-09-20 06:38 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\objectps.dll2011-10-20 03:22 . 1999-09-20 06:38 212992 ----a-w- c:\program files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll2011-10-20 03:22 . 2011-10-20 03:22 -------- d-----w- C:\temp2011-10-20 02:20 . 2011-10-20 02:20 -------- d-----w- c:\program files (x86)\Common Files\Adobe2011-10-20 02:19 . 2011-06-21 21:25 17200 ----a-w- c:\windows\system32\nitrolocalui2.dll2011-10-20 02:19 . 2011-06-21 21:25 28976 ----a-w- c:\windows\system32\nitrolocalmon2.dll2011-10-20 02:19 . 2011-10-20 02:19 -------- d-----w- c:\programdata\Nitro PDF2011-10-20 02:19 . 2011-10-20 02:19 -------- d-----w- c:\program files\Common Files\Nitro PDF2011-10-20 02:19 . 2011-10-20 02:19 -------- d-----w- c:\program files (x86)\Nitro PDF2011-10-20 02:19 . 2011-10-20 02:19 -------- d-----w- c:\program files (x86)\Common Files\Nitro PDF2011-10-20 02:17 . 2009-09-04 19:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll2011-10-20 02:17 . 2006-09-28 18:05 2414360 ----a-w- c:\windows\SysWow64\d3dx9_31.dll2011-10-20 02:16 . 2011-10-20 02:16 -------- d-----w- c:\program files (x86)\Winamp Detect2011-10-20 02:16 . 2011-10-20 16:12 -------- d-----w- c:\users\Leandro\AppData\Local\OpenCandy2011-10-20 02:16 . 2011-10-20 02:16 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine2011-10-20 02:16 . 2011-11-08 17:25 -------- d-----w- c:\users\Leandro\AppData\Roaming\Winamp2011-10-20 02:16 . 2011-10-20 03:22 -------- d-----w- c:\program files (x86)\Winamp2011-10-20 02:16 . 2011-10-20 02:16 -------- d-----w- c:\users\Leandro\AppData\Roaming\OpenCandy2011-10-14 14:49 . 2011-06-16 20:53 232960 ----a-w- c:\windows\system32\Spool\prtprocs\x64\EKIJ5000PPR.dll...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2011-10-30 16:22 . 2011-05-19 13:58 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2011-10-03 07:06 . 2011-02-26 03:24 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll2011-09-08 17:32 . 2011-09-08 17:32 800824 ----a-w- c:\users\Default\AppData\Roaming\DPInst.exe2011-09-08 17:32 . 2011-09-08 17:32 36352 ----a-w- c:\users\Default\AppData\Roaming\PnPutil.exe2011-09-08 17:32 . 2011-09-08 17:32 106496 ----a-w- c:\users\Default\AppData\Roaming\gacutil.exe..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-04-17 3872080].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-03-24 599328]"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]"Conime"="c:\windows\system32\conime.exe" [2009-04-11 69120]"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-07-11 74752]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2011-10-05 3578272]"EKIJ5000StatusMonitor"="c:\windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe" [2011-06-16 2922496]"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2011-10-05 3025304].[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2011-09-05 2232752].c:\users\Leandro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de pantalla e Inicio rpido de OneNote 2007.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"EnableLUA"= 0 (0x0)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"aux"=wdmaud.drv.[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe.R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2011-01-13 21712]R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]S1 BIOS;BIOS;c:\windows\system32\drivers\BIOS64.sys [2006-10-31 14136]S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]S1 SDHookDriver;Spybot-S&D 2 Hook Driver;c:\program files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [2011-10-05 48888]S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2011-09-05 393648]S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2011-06-21 341296]S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]S2 SDHookService;Spybot S&D 2 Live Protection Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDHookSvc.exe [2011-10-05 130976]S2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2011-10-05 892336]S2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2011-10-05 955816]S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2011-10-05 169624]S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-03 483688]S3 NVHDA;Service for NVIDIA HDMI Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-03 209768]..Contents of the 'Scheduled Tasks' folder.2011-11-09 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job- c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2011-11-05 17:46].2011-11-09 c:\windows\Tasks\Final Media Player Update Checker.job- c:\program files (x86)\FinalMediaPlayer\FMPCheckForUpdates.exe [2011-03-04 18:50].2011-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2570248279-3596124885-2482221772-1000Core.job- c:\users\Leandro\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-10 23:45].2011-11-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2570248279-3596124885-2482221772-1000UA.job- c:\users\Leandro\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-10 23:45].2011-11-05 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job- c:\program files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2011-11-05 17:46].2011-11-09 c:\windows\Tasks\RegPowerClean.job- c:\program files (x86)\Winferno\RegistryPowerCleaner\RegPowerClean.exe [2011-03-04 16:48].2011-11-09 c:\windows\Tasks\RPCReminder.job- c:\program files (x86)\Winferno\RegistryPowerCleaner\RPCReminder.exe [2011-03-04 16:34].2011-11-05 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job- c:\program files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2011-11-05 17:46]..--------- x86-64 -----------..[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-16 16137760]"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-01-16 82464]"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-13 11725928]"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2011-06-16 2922496]"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152].[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]"LoadAppInit_DLLs"=0x0.------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://www.greatsearch.me/start.htmlmStart Page = hxxp://www.greatsearch.me/start.htmlmLocal Page = %SystemRoot%\system32\blank.htmIE: E&xportar a Microsoft Excel - c:\progra~2\MI1933~1\Office12\EXCEL.EXE/3000TCP: DhcpNameServer = 200.49.130.27 200.49.130.31 172.20.2.11CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dllFF - ProfilePath - c:\users\Leandro\AppData\Roaming\Mozilla\Firefox\Profiles\l8a4k4ye.default\FF - prefs.js: network.proxy.socks_port - 80FF - prefs.js: network.proxy.type - 2FF - user.js: yahoo.ytff.general.dontshowhpoffer - true.- - - - ORPHANS REMOVED - - - -.Notify-SDWinLogon - SDWinLogon.dllHKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.10".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]@Denied: (A 2) (Everyone)@="IFlashBroker4".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]@Denied: (A 2) (Everyone).[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]@="Shockwave Flash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]@Denied: (A 2) (Everyone)@="".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]@="FlashBroker".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.Completion time: 2011-11-09 00:50:14 - machine was rebootedComboFix-quarantined-files.txt 2011-11-09 02:50.Pre-Run: 746.479.747.072 bytes libresPost-Run: 746.520.137.728 bytes libres.- - End Of File - - 763BBA7BC56A38333EDB83F5AA5FB554

Documents

Combo Fix