ComboFix 11-01-16.02 - HP 01/17/2011 8:57.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.566 [GMT 8:00]
Running from: c:\documents and settings\HP\Desktop\zzz.exe
Command switches used :: c:\documents and settings\HP\Desktop\CFScript.txt
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
FILE ::
"c:\documents and settings\HP\My Documents\Downloads\registrybooster.exe"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\HP\My Documents\Downloads\registrybooster.exe
.
((((((((((((((((((((((((( Files Created from 2010-12-17 to 2011-01-17 )))))))))))))))))))))))))))))))
.
2011-01-15 12:50 . 2011-01-15 12:50 -------- d-----w- c:\program files\ESET
2011-01-12 15:10 . 2011-01-12 15:12 -------- d-----w- c:\program files\Bonjour
2011-01-11 08:20 . 2011-01-11 08:20 -------- d-----w- c:\windows\system32\drivers\NSS
2011-01-11 08:20 . 2011-01-11 08:20 -------- d-----w- c:\program files\Norton Security Scan
2011-01-09 02:01 . 2011-01-09 02:01 -------- d-----w- C:\_OTL
2011-01-03 03:26 . 2011-01-03 03:26 388096 ----a-r- c:\documents and settings\HP\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-01-03 03:26 . 2011-01-03 03:26 -------- d-----w- c:\program files\Trend Micro
2011-01-01 14:06 . 2008-04-13 16:15 31744 ----a-w- c:\windows\system32\drivers\wceusbsh.sys
2010-12-22 05:11 . 2011-01-11 15:10 -------- d-----w- c:\documents and settings\Guest
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-12-14 01:23 . 2010-12-14 01:23 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2010-11-18 18:12 . 2010-11-18 18:12 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52 . 2010-11-09 14:52 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-08 17:44 . 2010-12-14 02:25 4290192 ----a-w- c:\windows\system32\GameMon.des
2010-11-06 00:26 . 2010-12-17 05:16 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-11-06 00:26 . 2010-12-17 05:16 916480 ------w- c:\windows\system32\wininet.dll
2010-11-06 00:26 . 2010-12-17 05:15 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-11-03 12:25 . 2010-12-17 05:16 385024 ----a-w- c:\windows\system32\html.iec
2010-11-02 15:17 . 2010-12-17 05:08 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-10-28 13:13 . 2010-10-28 13:13 290048 ----a-w- c:\windows\system32\atmfd.dll
2010-10-26 13:25 . 2010-10-26 13:25 1853312 ----a-w- c:\windows\system32\win32k.sys
.
((((((((((((((((((((((((((((( SnapShot@2011-01-11_07.28.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-01-17 00:38 . 2011-01-17 00:38 16384 c:\windows\temp\Perflib_Perfdata_9c.dat
+ 2011-01-17 00:38 . 2011-01-17 00:38 16384 c:\windows\temp\Perflib_Perfdata_448.dat
+ 2008-06-25 01:26 . 2011-01-15 12:40 72306 c:\windows\system32\perfc009.dat
- 2008-06-25 01:26 . 2010-12-21 02:51 72306 c:\windows\system32\perfc009.dat
- 2010-07-27 10:44 . 2010-07-27 10:44 75040 c:\windows\system32\jdns_sd.dll
+ 2010-10-07 04:23 . 2010-10-07 04:23 75040 c:\windows\system32\jdns_sd.dll
- 2010-07-27 10:44 . 2010-07-27 10:44 91424 c:\windows\system32\dnssd.dll
+ 2010-10-07 04:23 . 2010-10-07 04:23 91424 c:\windows\system32\dnssd.dll
- 2011-01-09 02:54 . 2011-01-10 01:32 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2011-01-09 02:54 . 2011-01-17 00:45 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2010-01-20 01:27 . 2011-01-10 01:32 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2010-01-20 01:27 . 2011-01-17 00:45 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2011-01-11 15:19 . 2011-01-17 00:45 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2010-01-20 01:27 . 2011-01-10 01:32 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2010-08-15 14:44 . 2011-01-12 23:34 35088 c:\windows\Installer\{90120000-001A-0000-0000-0000000FF1CE}\oisicon.exe
- 2010-08-15 14:44 . 2010-12-17 07:38 35088 c:\windows\Installer\{90120000-001A-0000-0000-0000000FF1CE}\oisicon.exe
+ 2010-08-15 14:44 . 2011-01-12 23:34 18704 c:\windows\Installer\{90120000-001A-0000-0000-0000000FF1CE}\mspicons.exe
- 2010-08-15 14:44 . 2010-12-17 07:38 18704 c:\windows\Installer\{90120000-001A-0000-0000-0000000FF1CE}\mspicons.exe
+ 2010-08-15 14:44 . 2011-01-12 23:34 20240 c:\windows\Installer\{90120000-001A-0000-0000-0000000FF1CE}\cagicon.exe
- 2010-08-15 14:44 . 2010-12-17 07:38 20240 c:\windows\Installer\{90120000-001A-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-06-25 01:26 . 2011-01-15 12:40 444596 c:\windows\system32\perfh009.dat
- 2008-06-25 01:26 . 2010-12-21 02:51 444596 c:\windows\system32\perfh009.dat
- 2010-07-27 10:44 . 2010-07-27 10:44 197920 c:\windows\system32\dnssdX.dll
+ 2010-10-07 04:23 . 2010-10-07 04:23 197920 c:\windows\system32\dnssdX.dll
+ 2010-10-07 04:23 . 2010-10-07 04:23 107808 c:\windows\system32\dns-sd.exe
- 2010-07-27 10:44 . 2010-07-27 10:44 107808 c:\windows\system32\dns-sd.exe
+ 2010-11-09 14:52 . 2010-11-09 14:52 249856 c:\windows\system32\dllcache\odbc32.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 102400 c:\windows\system32\dllcache\msjro.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 200704 c:\windows\system32\dllcache\msadox.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 180224 c:\windows\system32\dllcache\msadomd.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 536576 c:\windows\system32\dllcache\msado15.dll
+ 2010-11-09 14:52 . 2010-11-09 14:52 143360 c:\windows\system32\dllcache\msadco.dll
- 2010-08-15 14:44 . 2010-12-17 07:38 845584 c:\windows\Installer\{90120000-001A-0000-0000-0000000FF1CE}\outicon.exe
+ 2010-08-15 14:44 . 2011-01-12 23:34 845584 c:\windows\Installer\{90120000-001A-0000-0000-0000000FF1CE}\outicon.exe
- 2010-08-15 14:44 . 2010-12-17 07:38 217864 c:\windows\Installer\{90120000-001A-0000-0000-0000000FF1CE}\misc.exe
+ 2010-08-15 14:44 . 2011-01-12 23:34 217864 c:\windows\Installer\{90120000-001A-0000-0000-0000000FF1CE}\misc.exe
+ 2011-01-12 15:13 . 2011-01-12 15:13 897024 c:\windows\Installer\{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}\SafariIco.exe
+ 2010-10-06 23:57 . 2011-01-11 15:15 897024 c:\windows\Installer\{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}\SafariIco.exe
- 2010-10-06 23:57 . 2010-10-29 19:32 897024 c:\windows\Installer\{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}\SafariIco.exe
+ 2010-12-16 16:17 . 2010-12-16 16:17 3362304 c:\windows\Installer\1b61203.msp
+ 2011-01-12 15:13 . 2011-01-12 15:13 3140608 c:\windows\Installer\17e4d7.msi
+ 2011-01-12 15:12 . 2011-01-12 15:12 1984000 c:\windows\Installer\17e4c9.msi
+ 2010-02-17 03:13 . 2011-01-12 23:34 37403080 c:\windows\system32\MRT.exe
+ 2010-12-21 05:06 . 2010-12-21 05:06 11570688 c:\windows\Installer\1b611f6.msp
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-13 12:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-13 12:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-13 12:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-15 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-15 159744]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-15 131072]
"AESTFltr"="c:\windows\system32\AESTFltr.exe" [2009-02-18 737280]
"HP BTW Detect Program"="c:\program files\HP\HPBTWD.exe" [2009-03-30 319488]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-01-16 1418536]
"Syncables"="c:\program files\syncables\syncables desktop\Syncables.exe" [2009-04-01 173360]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-15 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2008-04-15 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-15 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-15 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-15 455168]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-09-30 1193848]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-01 1164584]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-21 47904]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-11-10 421160]
c:\documents and settings\HP\Start Menu\Programs\Startup\
Zinio Alert Messenger.lnk - c:\system rollback data\Restore\Archive\00000011\00000001\1\Target\Program Files\Zinio Alert Messenger\Zinio Alert Messenger.exe [N/A]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-7-7 600680]
Nikon Monitor.lnk - c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe [2008-6-5 479232]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\syncables\\syncables desktop\\jre\\bin\\javaw.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\Common Files\\Mcafee\\McSvcHost\\McSvHost.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
R0 SahdIa32;HDD Filter Driver;c:\windows\system32\drivers\SahdIa32.sys [6/25/2009 3:57 PM 21488]
R0 SaibIa32;Volume Filter Driver;c:\windows\system32\drivers\SaibIa32.sys [6/25/2009 3:57 PM 15856]
R0 SysCow;SysCow;c:\windows\system32\drivers\syscow32x.sys [9/24/2008 10:09 PM 103792]
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [10/13/2010 10:28 PM 84072]
R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [8/10/2010 12:01 PM 54776]
R1 SaibVd32;Virtual Disk Driver;c:\windows\system32\drivers\SaibVd32.sys [6/25/2009 3:57 PM 25584]
R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [12/11/2008 10:46 PM 125424]
R2 BOTService;BOTService;c:\program files\Roxio\BackOnTrack\Instant Restore\BOTService.exe [3/19/2009 12:04 PM 203248]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [3/10/2010 10:14 AM 271480]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [3/10/2010 10:14 AM 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [3/10/2010 10:14 AM 271480]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\Mcafee\SystemCore\mfefire.exe [2/11/2010 5:40 PM 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\program files\Common Files\Mcafee\SystemCore\mfevtps.exe [2/11/2010 5:39 PM 141792]
R2 MOBKbackup;McAfee Online Backup;c:\program files\McAfee Online Backup\MOBKbackup.exe [4/13/2010 8:11 PM 229688]
R2 NAUpdate;@c:\program files\Nero\Update\NASvc.exe,-200;c:\program files\Nero\Update\NASvc.exe [5/4/2010 12:07 PM 503080]
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [6/25/2009 3:52 PM 113664]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [10/13/2010 10:28 PM 55840]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [3/3/2009 5:03 AM 38912]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [10/13/2010 10:28 PM 313288]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [1/5/2010 6:04 PM 88544]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [1/5/2010 6:04 PM 88544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [10/13/2010 10:28 PM 84264]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [7/31/2010 1:52 PM 18432]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [6/25/2009 3:52 PM 160256]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
--- Other Services/Drivers In Memory ---
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
2011-01-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 03:50]
2011-01-17 c:\windows\Tasks\BackOnTrack Instant Restore Idle.job
- c:\program files\Roxio\BackOnTrack\Instant Restore\RstIdle.exe [2009-03-19 04:05]
2011-01-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4166144268-992329058-247108149-1006Core.job
- c:\documents and settings\HP\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-12-31 01:56]
2011-01-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4166144268-992329058-247108149-1006UA.job
- c:\documents and settings\HP\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-12-31 01:56]
2011-01-13 c:\windows\Tasks\Norton Security Scan for HP.job
- c:\program files\Norton Security Scan\Engine\3.0.1.8\Nss.exe [2011-01-11 14:06]
2011-01-16 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2010-10-11 08:12]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL =
hxxp://www.google.com/ieuInternet Settings,ProxyOverride = *.local
uSearchAssistant =
hxxp://www.google.com/ieuSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {B46FA8BD-AE41-4821-AFF4-D4FFE4F3D390} -
hxxp://presentur.ntu.edu.sg/aculearn-id ... viewer.cab.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2011-01-17 09:15
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2011-01-17 09:20:31
ComboFix-quarantined-files.txt 2011-01-17 01:20
ComboFix2.txt 2011-01-11 07:35
Pre-Run: 83,758,346,240 bytes free
Post-Run: 83,907,502,080 bytes free
- - End Of File - - 185A07A0B497E59176623052625AEFA0