I was finally able to get it to work.. Thanks again for the explanation.. Here is the Combofix log:
ComboFix 09-04-28.02 - BJ 04/29/2009 2:20.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2814.2045 [GMT -4:00]
Running from: c:\users\BJ\Desktop\Commy.exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\drivers\gxvxctefpuoetsxxebxxjhgptbobwmxoymqqp.sys
c:\windows\system32\gxvxccounter
c:\windows\system32\gxvxcnecxtfmkiqnusfiyscxvcnpwscyuuitc.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_GXVXCSERV.SYS
-------\Service_GXVXCSERV.SYS
((((((((((((((((((((((((( Files Created from 2009-05-28 to 2009-4-29 )))))))))))))))))))))))))))))))
.
2009-04-28 12:52 . 2009-04-28 23:44 -------- d-----w C:\ComboFix
2009-04-18 20:38 . 2008-06-02 19:19 29576 ----a-w c:\windows\system32\drivers\kcom.sys
2009-04-18 20:38 . 2009-04-18 20:56 40840 ----a-w c:\windows\system32\drivers\ikfilesec.sys
2009-04-18 20:38 . 2009-04-18 20:56 81288 ----a-w c:\windows\system32\drivers\iksyssec.sys
2009-04-18 20:38 . 2009-04-18 20:56 66952 ----a-w c:\windows\system32\drivers\iksysflt.sys
2009-04-18 20:38 . 2009-04-18 20:38 -------- d-----w c:\users\BJ\AppData\Roaming\PC Tools
2009-04-18 20:38 . 2009-04-28 12:43 -------- d-----w c:\program files\Spyware Doctor
2009-04-18 20:36 . 2009-04-18 20:38 -------- d-----w c:\users\BJ\AppData\Roaming\GetRightToGo
2009-04-15 23:08 . 2008-12-06 04:42 376832 ----a-w c:\windows\system32\winhttp.dll
2009-04-15 23:08 . 2008-06-06 03:27 562176 ----a-w c:\windows\system32\msdtcprx.dll
2009-04-15 23:08 . 2008-06-06 03:27 38912 ----a-w c:\windows\system32\xolehlp.dll
2009-04-15 23:08 . 2009-03-03 04:37 3600880 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-04-15 23:08 . 2009-03-03 04:37 3548656 ----a-w c:\windows\system32\ntoskrnl.exe
2009-04-15 23:08 . 2009-03-03 04:39 551424 ----a-w c:\windows\system32\rpcss.dll
2009-04-15 04:20 . 2009-04-15 04:20 -------- d-----w c:\program files\Trend Micro
2009-04-15 03:11 . 2009-04-15 03:56 -------- d-----w c:\program files\Windows Live Safety Center
2009-04-13 00:52 . 2009-04-13 00:52 -------- d-----w c:\programdata\SITEguard
2009-04-13 00:52 . 2009-04-13 00:52 -------- d-----w c:\users\All Users\SITEguard
2009-04-12 21:13 . 2009-04-12 21:14 -------- d-----r c:\program files\Norton Support
2009-04-12 21:01 . 2009-03-12 08:42 25136 ----a-r c:\windows\system32\drivers\SymIMV.sys
2009-04-12 21:01 . 2009-04-15 23:18 124464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2009-04-12 21:01 . 2009-04-12 21:06 -------- d-----w c:\program files\Common Files\Symantec Shared
2009-04-12 21:01 . 2009-04-15 23:18 -------- d-----w c:\program files\Symantec
2009-04-12 21:00 . 2009-04-17 03:56 -------- d-----w c:\windows\system32\drivers\NIS
2009-04-12 21:00 . 2009-04-12 21:00 -------- d-----w c:\program files\Norton Internet Security
2009-04-12 20:59 . 2009-04-12 20:59 -------- d-----w c:\program files\NortonInstaller
2009-04-12 20:48 . 2008-09-19 18:02 61436856 ----a-w C:\NIS09EN.exe
2009-04-12 20:29 . 2009-04-12 20:47 -------- d-----w c:\windows\LMIBF49.tmp
2009-04-12 17:14 . 2009-04-13 00:53 -------- d-----w c:\program files\STOPzilla!
2009-04-12 17:14 . 2009-04-12 17:14 -------- d-----w c:\program files\Common Files\iS3
2009-04-12 17:14 . 2009-04-13 01:42 -------- d-----w c:\programdata\STOPzilla!
2009-04-12 17:14 . 2009-04-13 01:42 -------- d-----w c:\users\All Users\STOPzilla!
2009-04-03 17:30 . 2009-04-03 17:30 -------- d-----w c:\program files\HTC Touch Pro User Guide
2009-03-31 18:57 . 2009-03-31 18:57 17408 ----a-r c:\windows\system32\SZIO5.dll
2009-03-31 18:56 . 2009-03-31 18:56 294912 ----a-r c:\windows\system32\SZBase5.dll
2009-03-31 18:55 . 2009-03-31 18:55 540672 ----a-r c:\windows\system32\SZComp5.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-17 03:53 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-04-17 03:23 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstrng.dat
2009-04-17 03:23 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat
2009-04-17 03:23 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat
2009-04-15 23:42 . 2008-10-26 00:13 -------- d-----w c:\program files\Java
2009-04-15 23:18 . 2009-04-12 21:01 805 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2009-04-15 23:18 . 2009-04-12 21:01 7386 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2009-04-13 01:44 . 2009-03-06 00:30 75264 ----a-w c:\users\BJ\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-13 00:13 . 2009-03-07 17:07 66946 ----a-w c:\users\All Users\nvModes.dat
2009-04-13 00:13 . 2009-03-07 17:07 66946 ----a-w c:\programdata\nvModes.dat
2009-04-11 18:28 . 2009-03-07 01:27 -------- d-----w c:\program files\LimeWire
2009-04-03 17:50 . 2009-04-03 17:50 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf
2009-04-03 17:27 . 2009-04-03 17:27 0 ---ha-w c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
2009-03-27 14:56 . 2009-03-27 14:56 126976 ----a-r c:\windows\system32\IS3HTUI5.dll
2009-03-27 14:55 . 2009-03-27 14:55 393216 ----a-r c:\windows\system32\IS3DBA5.dll
2009-03-27 14:55 . 2009-03-27 14:55 372736 ----a-r c:\windows\system32\IS3UI5.dll
2009-03-27 14:55 . 2009-03-27 14:55 61440 ----a-r c:\windows\system32\IS3Hks5.dll
2009-03-27 14:54 . 2009-03-27 14:54 23040 ----a-r c:\windows\system32\IS3XDat5.dll
2009-03-27 14:54 . 2009-03-27 14:54 221184 ----a-r c:\windows\system32\IS3Win325.dll
2009-03-27 14:54 . 2009-03-27 14:54 94208 ----a-r c:\windows\system32\IS3Inet5.dll
2009-03-27 14:53 . 2009-03-27 14:53 90112 ----a-r c:\windows\system32\IS3Svc5.dll
2009-03-27 14:50 . 2009-03-27 14:50 716800 ----a-r c:\windows\system32\IS3Base5.dll
2009-03-17 03:38 . 2009-04-15 23:07 40960 ----a-w c:\windows\AppPatch\apihex86.dll
2009-03-17 03:38 . 2009-04-15 23:07 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-15 23:07 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-12 16:18 . 2009-03-12 16:18 54656 ----a-r c:\windows\system32\drivers\SZKG.sys
2009-03-09 09:19 . 2009-03-08 01:29 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-06 21:12 . 2008-08-22 00:03 21256 ----a-w c:\windows\Help\OEM\scripts\HPScript.exe
2009-03-06 00:48 . 2009-03-06 00:48 -------- d-----w c:\program files\MSXML 4.0
2009-03-06 00:32 . 2008-10-26 00:17 -------- d-----w c:\program files\SMINST
2009-03-06 00:25 . 2006-11-02 12:37 -------- d-----w c:\program files\Windows Sidebar
2009-03-06 00:23 . 2009-03-06 00:23 0 --sha-r c:\windows\system32\drivers\103C_HP_cNB_G60 Notebook PC_Y5335KV_0U_Q2CE905826L_E508165-001_4A_I303C_SWistron_V08.48_F.34_T081223_WV3-1_L409_M2814_J250_7AMD_8F31_92.10_#090204_N168C001C;10DE0760_(ZY538UA#ABA)_XMOBILE_CN10_Z_2F.34_G10DE0845.MRK
2009-03-05 16:29 . 2009-03-15 20:33 16648 ----a-w c:\windows\Help\OEM\scripts\HC_ProtectSmartPatch.exe
2009-03-03 04:40 . 2009-04-15 23:07 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:39 . 2009-04-15 23:07 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-15 23:07 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-15 23:07 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 04:37 . 2009-04-15 23:07 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-15 23:07 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-15 23:07 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-15 23:07 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-15 23:07 17408 ----a-w c:\windows\system32\iashost.exe
2009-03-03 02:28 . 2009-04-15 23:07 26624 ----a-w c:\windows\system32\ieUnatt.exe
2009-02-13 08:49 . 2009-04-15 23:07 72704 ----a-w c:\windows\system32\secur32.dll
2009-02-13 08:49 . 2009-04-15 23:07 1255936 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 03:10 . 2009-03-11 23:24 2033152 ----a-w c:\windows\system32\win32k.sys
2009-02-05 04:11 . 2008-10-26 00:00 1053232 ----a-w c:\windows\system32\MFC71u.dll
2009-02-05 04:11 . 2008-08-06 22:29 353840 ----a-w c:\windows\system32\msvcr71.dll
2009-02-05 04:11 . 2008-08-06 22:27 505392 ----a-w c:\windows\system32\msvcp71.dll
2009-02-05 04:11 . 2008-10-26 00:00 1066544 ----a-w c:\windows\system32\MFC71.dll
2009-02-04 09:45 . 2009-02-05 03:34 453152 ----a-w c:\windows\system32\NVUNINST.EXE
2009-01-30 22:24 . 2009-03-15 20:33 14600 ----a-w c:\windows\Help\OEM\scripts\HC_InstallHPHC.exe
2008-01-21 02:43 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini
2008-10-25 23:12 . 2008-10-25 22:59 8192 --sha-w c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-09-30 972080]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-11 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-11 92704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-09-24 468264]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-07 210216]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-04-18 1168264]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{116E4D05-1782-4CEC-B486-8C0E36EF5903}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{1FF9B5FA-F576-4093-AFC7-0A218C7D27C9}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{4902CBA3-3773-4B14-B6C8-7E215919B83C}"= c:\program files\CyberLink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{D8ADE57F-0ABD-4DD0-A895-E7372A9F5E89}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play
"{196F88C8-34DF-4B52-A22C-94619EE7745E}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{5D8EA059-5679-4241-A851-F3EC779F9A6B}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{F35AD9EF-EB3E-4B91-B21E-EEA273853CC8}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1005000.087\SYMEFA.SYS [2009-03-12 310320]
S0 szkg5;szkg;c:\windows\system32\DRIVERS\szkg.sys [2009-03-12 54656]
S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\Drivers\NIS\1005000.087\BHDrvx86.sys [2009-03-12 258608]
S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\NIS\1005000.087\ccHPx86.sys [2009-04-15 482352]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090420.001\IDSvix86.sys [2009-01-29 292912]
S2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe [2009-03-12 115560]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-10-06 365952]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-04-12 101936]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-05-09 43040]
S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NIS\1005000.087\SYMNDISV.SYS [2009-03-12 39984]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder
2009-04-21 c:\windows\Tasks\HPCeeScheduleForBJ.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-10-25 18:34]
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
WebBrowser-{A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - (no file)
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.yahoo.com/mStart Page =
hxxp://ie.redirect.hp.com/svs/rdr?TYPE= ... on&pf=cnnbLSP: c:\program files\Common Files\iS3\Anti-Spyware\iS3lsp.dll
FF - ProfilePath - c:\users\BJ\AppData\Roaming\Mozilla\Firefox\Profiles\uyafla1s.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.yahoo.com/FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-04-29 02:29
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
c:\users\BJ\AppData\Local\Temp\gxvxc000 0 bytes
scan completed successfully
hidden files: 1
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
@="Shockwave Flash Object"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Control]
@SACL=
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage]
@SACL=
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Implemented Categories]
@SACL=
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@SACL=
@="c:\\Windows\\system32\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@SACL=
@="0"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@SACL=
@="ShockwaveFlash.ShockwaveFlash.9"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Programmable]
@SACL=
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@SACL=
@="c:\\Windows\\system32\\Macromed\\Flash\\Flash9f.ocx, 1"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@SACL=
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@SACL=
@="1.0"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@SACL=
@="ShockwaveFlash.ShockwaveFlash"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
@="Macromedia Flash Factory Object"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Control]
@SACL=
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@SACL=
@="c:\\Windows\\system32\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@SACL=
@="FlashFactory.FlashFactory.1"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Programmable]
@SACL=
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@SACL=
@="c:\\Windows\\system32\\Macromed\\Flash\\Flash9f.ocx, 1"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@SACL=
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@SACL=
@="1.0"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@SACL=
@="FlashFactory.FlashFactory"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@SACL=
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
@SACL=
"Enabled"=dword:00000001
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@SACL=
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe"
[HKEY_USERS\SOFTWARE\Classes\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_USERS\SOFTWARE\Classes\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@SACL=
@="IFlashBroker"
[HKEY_USERS\SOFTWARE\Classes\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@SACL=
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_USERS\SOFTWARE\Classes\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_USERS\SOFTWARE\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
[HKEY_USERS\SOFTWARE\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@SACL=
@="Shockwave Flash"
[HKEY_USERS\SOFTWARE\Classes\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@SACL=
@=""
[HKEY_USERS\SOFTWARE\Classes\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@SACL=
@="FlashBroker"
[HKEY_USERS\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\
0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_USERS\SYSTEM\ControlSet001\Services\gxvxcserv.sys]
@DACL=(02 0000)
"start"=dword:00000001
"type"=dword:00000001
"group"="file system"
"imagepath"=expand:"\\systemroot\\system32\\drivers\\gxvxcbuwrcwppctpauxriehysxnwpolgmietx.sys"
[HKEY_USERS\SYSTEM\ControlSet002\Services\gxvxcserv.sys]
@DACL=(02 0000)
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=expand:"\\systemroot\\system32\\drivers\\gxvxctefpuoetsxxebxxjhgptbobwmxoymqqp.sys"
"group"="file system"
[HKEY_USERS\SYSTEM\ControlSet003\Services\gxvxcserv.sys]
@DACL=(02 0000)
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=expand:"\\systemroot\\system32\\drivers\\gxvxctefpuoetsxxebxxjhgptbobwmxoymqqp.sys"
"group"="file system"
[HKEY_USERS\SYSTEM\ControlSet004\Services\gxvxcserv.sys]
@DACL=(02 0000)
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=expand:"\\systemroot\\system32\\drivers\\gxvxctefpuoetsxxebxxjhgptbobwmxoymqqp.sys"
"group"="file system"
[HKEY_USERS\SYSTEM\ControlSet005\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\
0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-04-29 2:32
ComboFix-quarantined-files.txt 2009-04-29 06:32
Pre-Run: 196,580,597,760 bytes free
Post-Run: 196,689,309,696 bytes free
Current=1 Default=1 Failed=0 LastKnownGood=5 Sets=1,2,3,4,5
351 --- E O F --- 2009-04-17 03:34