Sorry not to get back sooner, fell asleep on the couth.
Here are the two logs you requested...Malwarebytes and combofix
Malwarebytes' Anti-Malware 1.32
Database version: 1638
Windows 5.1.2600 Service Pack 3
5/2/2011 1:20:20 AM
mbam-log-2011-05-02 (01-20-20).txt
Scan type: Quick Scan
Objects scanned: 75641
Time elapsed: 15 minute(s), 25 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
ComboFix 11-04-29.02 - John 05/02/2011 1:49.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.519 [GMT -4:00]
Running from: c:\documents and settings\John\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: PC Tools Firewall Plus *Disabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52}
.
.
((((((((((((((((((((((((( Files Created from 2011-04-02 to 2011-05-02 )))))))))))))))))))))))))))))))
.
.
2011-05-02 05:26 . 2011-05-02 05:26 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BEC3B1C4-E3B3-40C8-A3DB-59257611448A}\MpKsl8002e529.sys
2011-05-02 04:53 . 2011-05-02 04:53 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BEC3B1C4-E3B3-40C8-A3DB-59257611448A}\MpKsl82cbd4f6.sys
2011-05-01 17:51 . 2011-04-18 13:15 7071056 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-05-01 17:51 . 2011-04-18 13:15 7071056 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BEC3B1C4-E3B3-40C8-A3DB-59257611448A}\mpengine.dll
2011-05-01 01:34 . 2010-11-24 13:18 89192 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter.sys
2011-05-01 01:34 . 2010-07-08 13:49 57536 ----a-w- c:\windows\system32\drivers\pctNdis.sys
2011-05-01 01:34 . 2010-02-05 13:26 32808 ----a-w- c:\windows\system32\drivers\pctNdis-DNS.sys
2011-05-01 01:34 . 2010-11-25 14:42 124992 ----a-w- c:\windows\system32\drivers\pctplfw.sys
2011-05-01 01:34 . 2011-05-01 01:37 -------- d-----w- c:\program files\PC Tools Firewall Plus
2011-04-29 23:51 . 2010-10-19 20:51 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-04-29 23:48 . 2011-04-29 23:48 -------- d-----w- c:\program files\Microsoft Security Client
2011-04-28 03:56 . 2011-04-28 03:56 388096 ----a-r- c:\documents and settings\John\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-04-26 15:44 . 2010-11-17 14:19 249616 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2011-04-26 15:44 . 2010-11-25 14:53 160448 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2011-04-26 15:44 . 2010-03-29 15:06 218592 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2011-04-26 15:44 . 2010-02-05 13:25 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2011-04-26 15:44 . 2011-04-26 15:50 -------- d-----w- c:\program files\Spyware Doctor
2011-04-26 15:44 . 2011-04-26 15:45 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2011-04-26 15:44 . 2011-04-26 15:44 -------- d-----w- c:\documents and settings\John\Application Data\PC Tools
2011-04-26 15:42 . 2011-04-26 15:48 -------- d-----w- c:\documents and settings\John\Application Data\GetRightToGo
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-19 13:21 . 2011-03-19 13:21 0 ----a-w- c:\windows\system32\ConduitEngine.tmp
2011-03-07 05:33 . 2008-10-21 20:25 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37 . 2004-08-04 12:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21 . 2004-08-04 12:00 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:06 . 2004-08-04 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-02-17 13:18 . 2004-08-04 12:00 455936 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2004-08-04 12:00 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-17 12:32 . 2009-04-16 00:21 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2004-08-04 12:00 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2004-08-04 12:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-04 12:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2004-08-04 12:00 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2004-08-04 12:00 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:58 . 2008-10-21 20:23 2067456 ----a-w- c:\windows\system32\mstscax.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-04-29_23.34.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-05-02 05:08 . 2011-05-02 05:08 21504 c:\windows\Installer\f49b6.msi
- 2010-06-08 12:41 . 2011-02-15 18:02 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2010-06-08 12:41 . 2011-04-30 02:34 49152 c:\windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIcon.dll
+ 2005-09-23 02:48 . 2005-09-23 02:48 626688 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcr80.dll
+ 2005-09-23 02:48 . 2005-09-23 02:48 548864 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcp80.dll
+ 2005-09-23 02:48 . 2005-09-23 02:48 479232 c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\msvcm80.dll
+ 2010-10-25 01:25 . 2010-10-25 01:25 165264 c:\windows\system32\drivers\MpFilter.sys
+ 2011-04-29 23:48 . 2011-04-29 23:48 786432 c:\windows\Installer\2bf6a5.msi
+ 2011-04-29 23:48 . 2011-04-29 23:48 479744 c:\windows\Installer\2bf69f.msi
+ 2011-04-29 23:48 . 2011-04-29 23:48 301056 c:\windows\Installer\2bf69a.msi
+ 2008-10-24 02:51 . 2011-04-18 19:46 42181064 c:\windows\system32\MRT.exe
+ 2011-04-30 02:31 . 2011-04-30 02:31 20314624 c:\windows\Installer\1adf10.msp
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{8c49a3d1-585b-4eab-985d-6ad480b4f23d}"= "c:\program files\Kentucky Wildcats Toolbar\Helper.dll" [2010-08-13 243200]
"{6fe46bf4-267f-4d8c-89b9-6c7947823145}"= "c:\program files\Funchester\prxtbFun2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{8c49a3d1-585b-4eab-985d-6ad480b4f23d}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{763C8C3E-9677-474E-B4BD-6ABC7DDDE090}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook]
.
[HKEY_CLASSES_ROOT\clsid\{6fe46bf4-267f-4d8c-89b9-6c7947823145}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2A118156-5307-4BFB-9548-B423FDF368A8}]
2010-08-13 23:14 1498624 ----a-w- c:\program files\Kentucky Wildcats Toolbar\Toolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6fe46bf4-267f-4d8c-89b9-6c7947823145}]
2011-01-17 14:54 175912 ----a-w- c:\program files\Funchester\prxtbFun2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7EF32AD9-C8AC-44E3-A39F-913E777ADEEE}"= "c:\program files\Kentucky Wildcats Toolbar\Toolbar.dll" [2010-08-13 1498624]
"{6fe46bf4-267f-4d8c-89b9-6c7947823145}"= "c:\program files\Funchester\prxtbFun2.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{7ef32ad9-c8ac-44e3-a39f-913e777adeee}]
[HKEY_CLASSES_ROOT\FCTB000061649.IEToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{880EC4BB-9C31-4429-9452-D6F388B0C230}]
[HKEY_CLASSES_ROOT\FCTB000061649.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{6fe46bf4-267f-4d8c-89b9-6c7947823145}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{7EF32AD9-C8AC-44E3-A39F-913E777ADEEE}"= "c:\program files\Kentucky Wildcats Toolbar\Toolbar.dll" [2010-08-13 1498624]
"{6FE46BF4-267F-4D8C-89B9-6C7947823145}"= "c:\program files\Funchester\prxtbFun2.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{7ef32ad9-c8ac-44e3-a39f-913e777adeee}]
[HKEY_CLASSES_ROOT\FCTB000061649.IEToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{880EC4BB-9C31-4429-9452-D6F388B0C230}]
[HKEY_CLASSES_ROOT\FCTB000061649.IEToolbar]
.
[HKEY_CLASSES_ROOT\clsid\{6fe46bf4-267f-4d8c-89b9-6c7947823145}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-07-21 2736128]
"IE New Window Maximizer"="c:\program files\IE New Window Maximizer\iemaximizer.exe" [2003-01-24 348160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BOC-426"="c:\progra~1\Comodo\CBOClean\BOC426.exe" [2008-04-10 351480]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2010-11-29 2676696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http:" [X]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DualCoreCenter.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\DualCoreCenter.lnk
backup=c:\windows\pss\DualCoreCenter.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Kentucky Wildcats Toolbar\\TroubleShooter.exe"=
"c:\\Program Files\\Kentucky Wildcats Toolbar\\ToolbarUpdate.exe"=
.
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [4/26/2011 11:44 AM 218592]
R1 MpKsl8002e529;MpKsl8002e529;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BEC3B1C4-E3B3-40C8-A3DB-59257611448A}\MpKsl8002e529.sys [5/2/2011 1:26 AM 28752]
R1 MpKsl82cbd4f6;MpKsl82cbd4f6;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BEC3B1C4-E3B3-40C8-A3DB-59257611448A}\MpKsl82cbd4f6.sys [5/2/2011 12:53 AM 28752]
R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [4/26/2011 11:44 AM 249616]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 2:25 PM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 2:41 PM 67656]
R2 BOCore;BOCore;c:\program files\Comodo\CBOClean\BOCore.exe [10/21/2008 4:40 PM 73464]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [4/26/2011 11:44 AM 160448]
R2 TTFixerService;NST ToolTipFixer;c:\program files\NeoSmart Technologies\ToolTipFixer\ToolTipFixer.exe [6/27/2007 1:20 AM 10240]
R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [4/30/2011 9:34 PM 89192]
R3 pctNdisMP;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [4/30/2011 9:34 PM 57536]
R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [4/30/2011 9:34 PM 124992]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys --> c:\windows\system32\drivers\TfFsMon.sys [?]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys --> c:\windows\system32\drivers\TfSysMon.sys [?]
S1 MpKsl3ece6eb6;MpKsl3ece6eb6;
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/8/2010 2:24 PM 135664]
S2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe --> c:\program files\Spyware Doctor\pctsAuxs.exe [?]
S3 DigiCellDriver;DigiCellDriver;\??\c:\program files\MSI\DualCoreCenter\NTGLM7X.sys --> c:\program files\MSI\DualCoreCenter\NTGLM7X.sys [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/8/2010 2:24 PM 135664]
S3 MsibiosDevice;MsibiosDevice;c:\program files\MSI\Live Update 4\LU4\msibios.sys [9/14/2009 3:41 PM 18432]
S3 PCAlertDriver;PCAlertDriver;\??\c:\program files\MSI\PC Alert 4\NTGLM7X.sys --> c:\program files\MSI\PC Alert 4\NTGLM7X.sys [?]
S3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\drivers\pctNdis.sys [4/30/2011 9:34 PM 57536]
S3 pctplsg;pctplsg;c:\windows\system32\drivers\pctplsg.sys [4/26/2011 11:44 AM 70408]
S3 TfNetMon;TfNetMon;\??\c:\windows\system32\drivers\TfNetMon.sys --> c:\windows\system32\drivers\TfNetMon.sys [?]
S3 ThreatFire;ThreatFire;c:\program files\Spyware Doctor\TFEngine\TFService.exe service --> c:\program files\Spyware Doctor\TFEngine\TFService.exe service [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL8002E529
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-07-21 16:20 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-05-02 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-25 19:46]
.
2011-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 18:23]
.
2011-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-08 18:23]
.
2011-05-02 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 16:26]
.
2011-04-29 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\program files\Common Files\ParetoLogic\UUS3\UUS3.dll [2009-10-12 05:01]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://bigblueheaven.proboards.com/index.cgi
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
.
.
------- File Associations -------
.
txtfile=c:\windows\NOTEPAD.EXE %1
regfile\shell\edit\command=%SystemRoot%\system32\NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
ShellExecuteHooks-{4F07DA45-8170-4859-9B5F-037EF2970034} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2011-05-02 02:05
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(596)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'lsass.exe'(652)
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
- - - - - - - > 'explorer.exe'(3816)
c:\windows\system32\WININET.dll
c:\windows\system32\nview.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-05-02 02:10:19
ComboFix-quarantined-files.txt 2011-05-02 06:10
ComboFix2.txt 2011-04-29 23:39
.
Pre-Run: 94,840,037,376 bytes free
Post-Run: 94,972,563,456 bytes free
.
- - End Of File - - 4B757F5A7D8EAB75A75A5ACDEEAEC70B