I noticed that instead of my cpu shooting up to 100% and staying there, now, when I open the task manager its at about 70-80% then shoots up to 100% then it climbs back down then up then back down. I suppose its improvement but I can tell the issue is not fixed
ComboFix 14-01-16.03 - Tim 01/20/2014 20:46:45.2.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1913.809 [GMT -5:00]
Running from: c:\users\Tim\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-12-21 to 2014-01-21 )))))))))))))))))))))))))))))))
.
.
2014-01-21 02:05 . 2014-01-21 02:05 -------- d-----w- c:\users\hedev\AppData\Local\temp
2014-01-21 02:05 . 2014-01-21 02:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-20 22:24 . 2014-01-20 22:21 965000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EE0ED14C-18AE-4C09-9AF6-8220FB6CE135}\gapaengine.dll
2014-01-20 22:23 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{333BDE56-574F-45B5-A110-C299F1731E20}\mpengine.dll
2014-01-20 03:54 . 2014-01-20 03:54 -------- d-----w- C:\_OTL
2014-01-20 03:49 . 2013-12-04 03:28 10315576 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-20 03:18 . 2014-01-20 03:18 -------- d-----w- c:\windows\ERUNT
2014-01-20 00:21 . 2014-01-20 00:46 -------- d-----w- C:\AdwCleaner
2014-01-19 01:41 . 2014-01-19 01:44 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-01-19 01:38 . 2014-01-19 01:38 -------- d-----w- c:\users\Default\AppData\Roaming\IObit
2014-01-17 23:50 . 2014-01-17 23:54 -------- d-----w- c:\users\Tim\AppData\Local\CrashDumps
2014-01-17 23:17 . 2014-01-17 23:17 888536 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-01-17 23:17 . 2014-01-17 23:17 73800 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-01-17 23:17 . 2014-01-17 23:17 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-01-17 23:16 . 2014-01-17 23:16 -------- d-----w- c:\program files\Realtek
2014-01-17 23:16 . 2014-01-17 23:16 -------- d-----w- c:\windows\SysWow64\RTCOM
2014-01-17 23:13 . 2014-01-17 23:13 310104 ----a-w- c:\windows\system32\RP3DHT64.dll
2014-01-17 23:08 . 2014-01-17 23:08 90112 ----a-w- c:\windows\system32\igfxCoIn_v2869.dll
2014-01-17 23:07 . 2014-01-17 23:07 32496 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2014-01-17 22:10 . 2014-01-17 22:10 -------- d-----w- c:\programdata\ProductData
2014-01-17 22:09 . 2014-01-17 22:09 -------- d-----w- c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-01-17 22:09 . 2014-01-17 23:02 -------- d-----w- c:\programdata\IObit
2014-01-17 22:09 . 2014-01-20 00:10 -------- d-----w- c:\program files (x86)\IObit
2014-01-17 22:08 . 2014-01-17 23:01 -------- d-----w- c:\users\Tim\AppData\Roaming\IObit
2014-01-04 19:53 . 2014-01-19 01:41 117464 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-01-04 19:50 . 2014-01-04 19:50 89304 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-01-04 00:02 . 2014-01-04 00:02 -------- d-----w- c:\users\Tim\AppData\Local\Opera Software
2014-01-04 00:02 . 2014-01-04 00:02 -------- d-----w- c:\users\Tim\AppData\Roaming\Opera Software
2014-01-04 00:01 . 2014-01-04 00:01 -------- d-----w- c:\program files (x86)\Opera
2014-01-03 22:51 . 2014-01-20 23:45 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2014-01-03 17:06 . 2014-01-03 17:06 -------- d-----w- c:\users\Tim\AppData\Roaming\AVAST Software
2014-01-03 17:04 . 2014-01-03 17:05 79672 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-01-03 17:04 . 2014-01-03 17:04 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-03 17:04 . 2014-01-03 17:04 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-03 17:04 . 2014-01-03 17:04 1034464 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-03 17:04 . 2014-01-03 17:04 422216 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-03 17:04 . 2014-01-03 17:04 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-03 17:04 . 2014-01-03 17:04 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-01-03 17:04 . 2014-01-03 17:04 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-03 17:04 . 2014-01-03 17:04 43152 ----a-w- c:\windows\avastSS.scr
2014-01-03 17:02 . 2014-01-03 17:02 -------- d-----w- c:\program files\AVAST Software
2014-01-03 16:57 . 2014-01-03 16:57 -------- d-----w- c:\programdata\AVAST Software
2013-12-23 05:03 . 2013-12-23 05:05 -------- d-----w- C:\zsnesw151
2013-12-23 04:57 . 2013-12-23 04:57 -------- d-----w- c:\users\Mcx1-TIM-PC
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-19 07:33 . 2011-11-25 18:15 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-17 23:08 . 2011-02-11 23:46 61952 ----a-w- c:\windows\system32\igfxsrvc.dll
2014-01-17 23:08 . 2011-02-12 00:09 571904 ----a-w- c:\windows\SysWow64\igdumdx32.dll
2014-01-17 23:08 . 2009-07-13 21:59 4896768 ----a-w- c:\windows\SysWow64\igdumd32.dll
2014-01-17 23:08 . 2009-07-13 21:59 4722176 ----a-w- c:\windows\system32\igd10umd64.dll
2014-01-17 23:08 . 2011-02-11 23:45 108544 ----a-w- c:\windows\system32\hccutils.dll
2013-12-18 06:11 . 2013-12-18 06:11 354656 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl
2013-12-10 20:34 . 2012-04-01 13:54 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-10 20:34 . 2011-11-25 23:34 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-10 20:33 . 2013-12-10 20:33 9293192 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Jump Desktop"="c:\program files (x86)\Jump Desktop\JumpDesktop.exe" [2013-05-07 469032]
"Spotify Web Helper"="c:\users\Tim\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-11-09 1140736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-03 3764024]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-11-15 1861968]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2013-03-15 2236792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys;c:\windows\SYSNATIVE\DRIVERS\ManyCam_x64.sys [x]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys;c:\windows\SYSNATIVE\drivers\PCTCore64.sys [x]
S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys;c:\windows\SYSNATIVE\drivers\pctDS64.sys [x]
S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys;c:\windows\SYSNATIVE\drivers\pctEFA64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys;c:\windows\SYSNATIVE\Drivers\PCTSD64.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 JumpDesktop;Jump Desktop Service;c:\program files (x86)\Jump Desktop\JumpService.exe;c:\program files (x86)\Jump Desktop\JumpService.exe [x]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [x]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 tvnserver;TightVNC Server;c:\program files\TightVNC\tvnserver.exe;c:\program files\TightVNC\tvnserver.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S2 XMouseButton Launcher;XMouseButton Launcher;c:\program files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe;c:\program files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8187B.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 96433611
*Deregistered* - 96433611
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 20:34]
.
2014-01-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1653703331-2215413810-4147242134-1001Core.job
- c:\users\Tim\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-13 16:03]
.
2014-01-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1653703331-2215413810-4147242134-1001UA.job
- c:\users\Tim\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-13 16:03]
.
2014-01-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-20 03:21]
.
2014-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-20 03:21]
.
2014-01-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1653703331-2215413810-4147242134-1001Core.job
- c:\users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-18 16:37]
.
2014-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1653703331-2215413810-4147242134-1001UA.job
- c:\users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-18 16:37]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-01-17 22:10 2486592 ----a-w- c:\program files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-03 17:04 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"tvncontrol"="c:\program files\TightVNC\tvnserver.exe" [2013-07-19 2179056]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-10-01 497648]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-17 163360]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-17 387616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-17 418336]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-01-17 13662936]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://
www.google.com
mDefault_Page_URL = hxxp://
www.google.com
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\1t83d977.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.com
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-20 21:09:36
ComboFix-quarantined-files.txt 2014-01-21 02:09
ComboFix2.txt 2014-01-19 21:58
.
Pre-Run: 118,401,966,080 bytes free
Post-Run: 124,158,906,368 bytes free
.
- - End Of File - - F2B5194C55432D17291E05DD422BD7BE
A36C5E4F47E84449FF07ED3517B43A31