Untitled

ComboFix 11-06-25.01 - Justin Outten 06/25/2011  23:21:46.1.8 - x64 NETWORK
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.1.1033.18.6135.4338 [GMT 9:00]
Running from: d:\downloads\ComboFix.exe
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: COMODO Antivirus *Disabled/Updated* {7554F4C5-5EC0-2FC6-8192-8DF831DBED51}
FW: COMODO Firewall *Enabled* {4D6F75E0-14AF-2E9E-AACD-24CDCF08AA2A}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Defense+ *Enabled/Updated* {CE351521-78FA-2048-BB22-B68A4A5CA7EC}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Justin Outten\AppData\Roaming\inst.exe
c:\windows\SysWow64\Install.bat
c:\windows\SysWow64\readme.rtf
.
.
(((((((((((((((((((((((((   Files Created from 2011-05-25 to 2011-06-25  )))))))))))))))))))))))))))))))
.
.
2011-06-25 14:17 . 2011-06-25 14:18	--------	d-----w-	C:\32788R22FWJFW
2011-06-25 06:55 . 2011-05-16 09:35	56752	----a-w-	c:\windows\system32\drivers\VBoxUSBMon.sys
2011-06-25 04:15 . 2011-06-07 17:10	8873296	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{79BBD1E6-5336-4C1B-A337-6203A894C185}\mpengine.dll
2011-06-25 01:59 . 2011-06-25 01:59	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{34C3DE4B-0982-4AF5-875C-7C8D2D8BAF53}
2011-06-25 01:46 . 2011-06-25 01:46	--------	d-----w-	c:\windows\CheckSur
2011-06-24 14:52 . 2011-06-25 04:01	--------	d-----w-	c:\users\Justin Outten\AppData\Roaming\Bitcoin
2011-06-24 13:59 . 2011-06-24 13:59	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{F04B128E-1EDD-4BC8-A33E-732B51E93F06}
2011-06-24 01:58 . 2011-06-24 01:59	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{B0F1F1CA-50C8-4A28-8E63-C406D90B1CCF}
2011-06-23 14:02 . 2011-06-23 14:02	--------	d-----w-	c:\programdata\Sony
2011-06-23 14:02 . 2011-06-23 14:02	--------	d-----w-	c:\program files (x86)\Sony
2011-06-23 13:54 . 2011-06-23 13:55	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{4ED3F6F5-AAE5-41CF-9F89-CA3473B9B470}
2011-06-23 01:54 . 2011-06-23 01:54	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{F5A72650-3ABE-49D6-9DB7-9735712BF5B7}
2011-06-22 13:53 . 2011-06-22 13:53	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{7E526758-556D-4E2A-A715-60B5E590898C}
2011-06-22 12:39 . 2011-06-22 12:39	--------	d-----w-	c:\users\Justin Outten\AppData\Roaming\GetRightToGo
2011-06-22 01:53 . 2011-06-22 01:53	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{CF113317-E96A-431C-8C92-D44C59F5C63B}
2011-06-21 13:53 . 2011-06-21 13:53	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{6FD15E76-EE5B-4F23-B483-97859D9A7A5D}
2011-06-21 01:52 . 2011-06-21 01:52	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{8FD52ABD-6B05-4A6E-874E-6F50F7DC5245}
2011-06-20 13:52 . 2011-06-20 13:52	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{9F9C0839-FC07-4C66-9294-B48D66C5B9AF}
2011-06-20 01:18 . 2011-06-20 01:18	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{33F319BB-E448-4ABF-AC04-62253785E775}
2011-06-20 00:19 . 2011-06-20 00:19	--------	d-----w-	c:\users\Justin Outten\AppData\Roaming\Hi-Rez Studios
2011-06-20 00:17 . 2011-06-20 00:17	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2011-06-20 00:17 . 2011-06-20 00:17	--------	d-----w-	c:\windows\SysWow64\AGEIA
2011-06-19 13:18 . 2011-06-19 13:18	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{F13DD1B2-59DC-4A4A-8679-D40F9BE43443}
2011-06-19 01:18 . 2011-06-19 01:18	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{6C56F829-3256-44CB-A14F-A8FA04BBE4B9}
2011-06-18 13:18 . 2011-06-18 13:18	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{6FCE6927-95D9-4D1C-91D6-973875980B94}
2011-06-18 01:17 . 2011-06-18 01:17	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{311BADCE-DE7C-4987-B75F-123141026354}
2011-06-17 08:42 . 2011-04-27 02:57	102400	----a-w-	c:\windows\system32\drivers\dfsc.sys
2011-06-17 08:42 . 2011-04-29 05:47	1110528	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-06-17 08:42 . 2011-04-29 05:08	759296	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2011-06-17 08:40 . 2010-12-18 06:13	861184	----a-w-	c:\windows\system32\oleaut32.dll
2011-06-17 08:40 . 2010-12-18 05:31	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2011-06-17 08:40 . 2011-05-03 05:21	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-06-17 08:40 . 2011-05-03 04:50	740864	----a-w-	c:\windows\SysWow64\inetcomm.dll
2011-06-17 08:40 . 2011-04-25 05:32	1896832	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-06-17 08:40 . 2011-04-25 02:44	499712	----a-w-	c:\windows\system32\drivers\afd.sys
2011-06-17 08:40 . 2011-05-04 02:51	287744	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-06-17 08:40 . 2011-05-04 02:51	157696	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-06-17 08:40 . 2011-05-04 02:51	126464	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-06-17 08:40 . 2011-05-28 03:07	3133952	----a-w-	c:\windows\system32\win32k.sys
2011-06-17 08:27 . 2011-06-17 08:27	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{4D816CBF-4B52-4855-A004-0A9A572CC94B}
2011-06-15 21:52 . 2011-06-15 21:52	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{301D0447-F225-4978-89E9-544F7D3BF3A2}
2011-06-15 09:44 . 2011-06-15 09:44	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{EF692194-1473-43E9-92B3-0A015A61DAEF}
2011-06-15 09:16 . 2011-06-15 09:16	--------	d-----w-	c:\program files (x86)\Common Files\Microsoft Games
2011-06-14 21:44 . 2011-06-14 21:44	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{BE91E8AA-66A4-4551-9A53-C794BA860425}
2011-06-14 03:34 . 2011-06-14 03:34	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{BF7CEC7E-EC19-4BB3-A1AF-E2E5A0FF1B03}
2011-06-13 09:53 . 2011-06-13 09:53	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{3B59587F-3D09-46E3-ACE1-88446B5383C8}
2011-06-12 21:52 . 2011-06-12 21:52	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{83B05139-7CF0-4550-9834-72C3ED32EF06}
2011-06-12 01:51 . 2011-06-12 01:51	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{4E0C2761-ABBB-4877-9D09-24605A253B0A}
2011-06-11 11:08 . 2011-06-11 11:08	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{55D27D3F-46D3-4323-B756-5DF656DFE0BB}
2011-06-10 21:52 . 2011-06-10 21:52	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{12E953F2-3371-4CDE-88DA-C8BFBB7A03F3}
2011-06-10 09:52 . 2011-06-10 09:52	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{8509ADB9-760C-4073-8583-AF5FC8CE12E8}
2011-06-09 21:52 . 2011-06-09 21:52	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{3217F48E-64BD-478C-B7F1-3A64EB65556A}
2011-06-09 09:52 . 2011-06-09 09:52	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{A0BA614E-02CB-4109-A297-0AA8421462BB}
2011-06-08 21:52 . 2011-06-08 21:52	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{5EF9E78F-A7A5-49A4-B1B0-AC1282C0B9FC}
2011-06-08 14:43 . 2011-06-08 14:43	--------	d-----w-	c:\users\Justin Outten\AppData\Local\sharpmindprojects.com
2011-06-08 08:39 . 2011-06-08 08:39	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{15BE3784-9B3F-4994-9AB0-F5CBE3E0475D}
2011-06-07 09:43 . 2011-06-07 09:43	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{09419C25-16D1-4463-8BCC-DCD27824A30F}
2011-06-07 03:35 . 2011-06-07 03:35	103864	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2011-06-06 21:43 . 2011-06-06 21:43	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{1E45E2D3-7672-4CE7-A4F1-DA20033A72DA}
2011-06-06 08:34 . 2011-06-06 08:34	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{F4D741D4-14EA-4E4F-9A7F-B758CAA3A038}
2011-06-05 13:49 . 2011-06-05 13:49	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{2FDF08F5-8DFB-4A23-BD0A-77B298257CE8}
2011-06-05 01:49 . 2011-06-05 01:49	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{CAFF154F-0873-40A3-AA55-E0293556F34E}
2011-06-04 13:44 . 2011-06-04 13:44	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{9972B3F5-74D6-4D8B-85F6-AA5B028A6ACA}
2011-06-03 23:39 . 2011-06-03 23:39	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{F32C1E6F-8649-438A-A2EB-F4F082013302}
2011-06-03 09:58 . 2011-06-03 09:58	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{6015330E-FC0E-48F5-8568-44F2F8BBDD5E}
2011-06-02 21:58 . 2011-06-02 21:58	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{E2880A02-218D-49A6-A50D-5789139D6C94}
2011-06-02 09:58 . 2011-06-02 09:58	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{5EE690CC-E605-49BF-A10B-F0771274FDF9}
2011-06-01 21:58 . 2011-06-01 21:58	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{0334393B-70F8-4530-A610-6E6C0F3443E1}
2011-06-01 09:58 . 2011-06-01 09:58	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{2AE044BD-3E17-4A27-BE53-6EAF9711D46A}
2011-05-31 21:58 . 2011-05-31 21:58	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{7854F0D8-CF54-43F5-BF75-F450037829F7}
2011-05-31 06:53 . 2011-05-31 06:53	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{6A1DED1E-5930-41B7-B6A2-33D38EAF1E1B}
2011-05-30 13:35 . 2011-05-30 13:35	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{CC79DE0B-018C-4D9B-BFCB-8E0A0DC067D5}
2011-05-30 01:35 . 2011-05-30 01:35	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{AFD8133D-D57D-4516-8DD5-2817E5DBE3EE}
2011-05-29 13:35 . 2011-05-29 13:35	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{4FABC51B-EDBA-41E9-BD67-B4284101334F}
2011-05-29 01:35 . 2011-05-29 01:35	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{B0640BEA-CE09-4369-94CD-781BADA60F42}
2011-05-28 13:08 . 2011-05-28 13:08	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{3C1A1E02-89FC-4FA4-AF8F-A01431A6757C}
2011-05-28 01:07 . 2011-05-28 01:07	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{4C246A18-D3E4-444E-9105-49FE4E163C56}
2011-05-26 22:06 . 2011-05-27 13:07	--------	d-----w-	c:\users\Justin Outten\AppData\Local\{AC9BE235-A4E3-4001-8102-4CEAAE82FEF7}
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-06 10:58 . 2010-09-10 14:41	360976	----a-w-	c:\windows\system32\guard64.dll
2011-06-06 10:58 . 2010-09-10 14:41	284744	----a-w-	c:\windows\SysWow64\guard32.dll
2011-06-06 10:58 . 2010-09-10 14:40	92688	----a-w-	c:\windows\system32\drivers\inspect.sys
2011-06-06 10:58 . 2010-09-10 14:40	41712	----a-w-	c:\windows\system32\drivers\cmdhlp.sys
2011-06-06 10:58 . 2010-09-10 14:40	252344	----a-w-	c:\windows\system32\drivers\cmdGuard.sys
2011-06-06 10:58 . 2010-09-10 14:40	16016	----a-w-	c:\windows\system32\drivers\cmderd.sys
2011-05-24 10:14 . 2010-01-20 12:50	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-05-10 12:10 . 2011-01-22 08:59	40112	----a-w-	c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-01-22 08:59	199304	----a-w-	c:\windows\SysWow64\aswBoot.exe
2011-05-10 12:10 . 2011-01-28 09:06	253888	----a-w-	c:\windows\system32\aswBoot.exe
2011-05-10 12:04 . 2011-01-24 12:26	600920	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:04 . 2011-01-24 12:26	287576	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-01-24 12:26	53592	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-01-24 12:26	31064	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-01-24 12:26	64344	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-01-24 12:26	22360	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-04-22 20:18 . 2011-05-25 08:40	27008	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2011-04-09 09:55 . 2011-04-09 09:55	15453336	----a-w-	c:\windows\SysWow64\xlive.dll
2011-04-09 09:55 . 2011-04-09 09:55	13642904	----a-w-	c:\windows\SysWow64\xlivefnt.dll
2011-04-09 06:58 . 2011-05-11 22:18	142336	----a-w-	c:\windows\system32\poqexec.exe
2011-04-09 06:45 . 2011-05-11 22:18	5509504	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-04-09 06:13 . 2011-05-11 22:18	3957632	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:13 . 2011-05-11 22:18	3901824	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-11 22:18	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
2011-04-06 07:26 . 2011-04-06 07:26	96544	----a-w-	c:\windows\system32\dnssd.dll
2011-04-06 07:26 . 2011-04-06 07:26	119584	----a-w-	c:\windows\system32\dns-sd.exe
2011-04-06 07:20 . 2011-04-06 07:20	91424	----a-w-	c:\windows\SysWow64\dnssd.dll
2011-04-06 07:20 . 2011-04-06 07:20	107808	----a-w-	c:\windows\SysWow64\dns-sd.exe
2011-04-05 09:19 . 2010-08-20 14:35	119296	----a-w-	c:\windows\SysWow64\zlib.dll
2010-05-16 13:50 . 2010-05-16 13:50	7839944	----a-w-	c:\program files (x86)\Common Files\lpuninstall.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Justin Outten\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Justin Outten\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Justin Outten\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\users\Justin Outten\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="d:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2010-11-17 1242448]
"uTorrent"="d:\program files (x86)\uTorrent\uTorrent.exe" [2011-04-02 399736]
"F.lux"="c:\users\Justin Outten\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]
"098A8453C9F1B8D4DA7DD0B2A59EC1E45E491A12._service_run"="c:\users\Justin Outten\AppData\Local\Google\Chrome\Application\chrome.exe" [2011-06-13 1011768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"UpdatePDRShortCut"="d:\program files (x86)\CyberLink\PowerDirector\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296]
"Adobe Reader Speed Launcher"="d:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 98304]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-21 47904]
"iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2011-04-14 421160]
.
c:\users\Justin Outten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Justin Outten\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-26 24176560]
TrayIt!.lnk - d:\downloads\trayit_4_6_5_5\trayit_4_6_5_5\TrayIt!.exe [2011-5-31 204800]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Rainmeter.lnk - d:\program files\Rainmeter\Rainmeter.exe [2009-11-1 119296]
UltraMon.lnk - c:\windows\Installer\{B49673F8-7AB6-4A14-8213-C8A7BE370010}\IcoUltraMon.ico [2011-5-31 29310]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2010-01-27 15928]
R2 mpich2_smpd;MPICH2 Process Manager, Argonne National Lab;c:\program files (x86)\Folding@Home Windows SMP Client V1.01\smpd.exe [x]
R3 ALSysIO;ALSysIO;c:\users\JUSTIN~1\AppData\Local\Temp\ALSysIO64.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 cpuz130;cpuz130;c:\users\JUSTIN~1\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 CV2K1;CommView Network Monitor;c:\windows\system32\DRIVERS\cv2k1.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 esgiguard;esgiguard;c:\program files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [2010-01-27 5248]
R3 FLASHSYS;FLASHSYS;c:\program files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys [2008-02-15 15192]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [x]
R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys [x]
R3 SaiH0461;SaiH0461;c:\windows\system32\DRIVERS\SaiH0461.sys [x]
R3 sbcwtiv;{4710879B-DF1B-49B2-86A8-279DEE23FDCB};d:\program files (x86)\ophcrack\pwdump\servpw.exe [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsVlb;TsVlb;c:\windows\system32\DRIVERS\tsvlb.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WMSVC;Web Management Service;c:\windows\system32\inetsrv\wmsvc.exe [x]
R3 wsdaub;{D6DDD174-2A3A-40B6-A9A6-B88591CC1A80};d:\program files (x86)\ophcrack\pwdump\servpw.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S1 TsVp;TsVp;c:\windows\system32\DRIVERS\tsvp.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [x]
S2 ftpsvc;Microsoft FTP Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2010-12-08 373640]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys [x]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-01 2296696]
S2 UltraMonUtility;UltraMon Utility Driver;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [2008-11-13 20512]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 CamDrL64;Logitech QuickCam Pro 3000(PID_08B0);c:\windows\system32\DRIVERS\CamDrL64.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 TSCOMM;CommStudio Virtual Adapter by TamoSoft;c:\windows\system32\DRIVERS\tscomm.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2916338974-2146127694-4110325239-1001Core.job
- c:\users\Justin Outten\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-22 06:20]
.
2011-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2916338974-2146127694-4110325239-1001UA.job
- c:\users\Justin Outten\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-22 06:20]
.
2011-06-25 c:\windows\Tasks\SpyHunter4.job
- c:\program files (x86)\Enigma Software Group\SpyHunter\SpyHunter4.exe [2010-05-18 09:05]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10	134384	----a-w-	d:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	97792	----a-w-	c:\users\Justin Outten\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	97792	----a-w-	c:\users\Justin Outten\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	97792	----a-w-	c:\users\Justin Outten\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	97792	----a-w-	c:\users\Justin Outten\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 10:12	98056	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 10:12	98056	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 10:12	98056	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 10:12	98056	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 10:12	98056	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 10:12	98056	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 10:12	98056	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 10:12	98056	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2010-01-18 10:12	98056	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2010-01-27 57928]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-06 9057608]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-05 500208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Download all by FlashGet3 - c:\users\Justin Outten\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - c:\users\Justin Outten\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-FTPbox - d:\downloads\FTPbox.exe
BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - d:\program files (x86)\Hotspot Shield\hssie\HssIE_64.dll
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
ShellIconOverlayIdentifiers-{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE} - d:\program files\Alwil Software\Avast5\snxPlugins64.dll
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-AeroWorks FREE_is1 - d:\program files (x86)\AeroWorks\unins000.exe
AddRemove-Afterburner - c:\program files (x86)\MSI Afterburner\uninstall.exe
AddRemove-CommView for WiFi - d:\progra~1\COMMVI~1\CV.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_moh.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2916338974-2146127694-4110325239-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*M*u*l*t*i*v*e*îSn\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2916338974-2146127694-4110325239-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*M*u*l*t*i*v*e*îSn\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2916338974-2146127694-4110325239-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:b1,fc,6e,ff,80,6b,13,a3,df,f0,2f,66,28,16,9f,26,3b,96,20,fb,ff,6a,ed,
   dd,2b,d2,a5,49,91,b2,c6,4a,e6,83,8d,c8,70,a7,13,c3,9e,4d,bd,cc,b9,ef,fc,fe,\
"??"=hex:27,c5,49,d4,5e,f1,91,d7,08,18,ea,a0,68,05,43,7b
.
[HKEY_USERS\S-1-5-21-2916338974-2146127694-4110325239-1001\Software\SecuROM\License information*]
"datasecu"=hex:3b,8f,7f,84,4f,ee,b8,10,06,28,ed,a7,03,e2,95,61,67,c5,96,82,48,
   db,18,fe,10,90,df,49,0c,8a,01,64,23,1a,85,f3,66,ae,d1,c2,84,9d,72,93,72,5d,\
"rkeysecu"=hex:c1,e4,cb,d2,76,92,99,24,93,44,a2,e7,ea,96,e4,b5
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:03,15,36,5a,6e,bb,3e,ae,1d,b2,48,f6,53,e1,6c,fc,84,6e,62,ba,e4,
   4f,78,20,5f,c1,78,45,46,c1,31,fa,9d,ab,02,7a,ff,0e,1d,4f,db,b6,80,7c,58,4c,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:03,15,36,5a,6e,bb,3e,ae,1d,b2,48,f6,53,e1,6c,fc,84,6e,62,ba,e4,
   4f,78,20,5f,c1,78,45,46,c1,31,fa,9d,ab,02,7a,ff,0e,1d,4f,db,b6,80,7c,58,4c,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\progra~2\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
d:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Cyberlink\Shared files\RichVideo.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
c:\program files (x86)\Common Files\Java\Java Update\jucheck.exe
c:\windows\PEV.exe
.
**************************************************************************
.
Completion time: 2011-06-25  23:59:26 - machine was rebooted
ComboFix-quarantined-files.txt  2011-06-25 14:59
.
Pre-Run: 25,028,435,968 bytes free
Post-Run: 18,836,029,440 bytes free
.
- - End Of File - - 5D3B6A4B8459B82472B6DD7FE0C2AF36