moron

I got some problem with firefox that keep redirect me if i open new tab or new link in google. Here are the log: ComboFix 11-03-23.04 - moron 24/03/2011 12:19:57.1.8 - x86 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.60.1033.18.3575.2102 [GMT 8:00] Running from: c:\users\moron\Downloads\Programs\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . ADS - system32: deleted 12 bytes in 1 streams. . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\ntuser.dat c:\windows\system32\pathname.dll . . ((((((((((((((((((((((((( Files Created from 2011-02-24 to 2011-03-24 ))))))))))))))))))))))))))))))) . . 2011-03-23 07:37 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll 2011-03-23 07:37 . 2011-03-18 17:53 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll 2011-03-23 07:37 . 2011-03-18 17:53 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll 2011-03-23 07:37 . 2011-03-18 17:53 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll 2011-03-23 07:37 . 2011-03-18 17:53 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll 2011-03-23 07:37 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll 2011-03-23 07:37 . 2011-03-18 17:53 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll 2011-03-23 07:37 . 2011-03-18 17:53 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll 2011-03-10 23:20 . 2011-03-10 23:20 -------- d-----w- C:\_OTL 2011-03-10 16:21 . 2011-03-10 22:55 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-03-10 16:21 . 2011-03-10 16:22 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-03-07 21:05 . 2011-03-07 21:05 -------- d-----w- c:\users\moron\AppData\Local\GlobalSCAPE 2011-03-07 21:05 . 2011-03-07 21:05 -------- d-----w- c:\programdata\GlobalSCAPE 2011-03-07 21:05 . 2011-03-07 21:05 -------- d-----w- c:\users\moron\AppData\Roaming\GlobalSCAPE 2011-03-07 21:05 . 2011-03-07 21:05 -------- d-----w- c:\program files\GlobalSCAPE 2011-03-07 21:04 . 2002-07-25 08:07 614532 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe 2011-03-07 21:04 . 2001-09-04 20:18 77824 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll 2011-03-07 21:04 . 2001-09-04 20:18 225280 ----a-w- c:\program files\Common Files\InstallShield\IScript\iscript.dll 2011-03-07 21:04 . 2001-09-04 20:14 176128 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll 2011-03-07 21:04 . 2001-09-04 20:13 32768 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll 2011-03-07 20:08 . 2011-03-07 20:08 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2011-03-06 06:45 . 2011-03-06 06:45 -------- d-----w- c:\users\moron\AppData\Local\Welltek_Software 2011-03-05 23:07 . 2011-03-05 23:10 -------- d-----w- c:\users\moron\AppData\Roaming\Pamela 2011-03-05 23:07 . 2011-03-05 23:07 154624 ----a-w- c:\windows\system32\RemoteControl.dll 2011-03-05 23:07 . 2011-03-05 23:08 -------- d-----w- c:\program files\Pamela 2011-03-03 23:50 . 2011-03-03 23:50 -------- d-----w- c:\windows\Sun 2011-02-26 01:19 . 2011-02-26 01:19 41872 ----a-w- c:\windows\system32\xfcodec.dll 2011-02-25 04:17 . 2011-02-02 13:40 472808 ----a-w- c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll 2011-02-25 04:17 . 2011-02-02 13:40 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-02-25 04:16 . 2011-02-25 04:16 -------- d-----w- c:\programdata\McAfee 2011-02-22 12:43 . 2011-03-04 00:46 -------- d-----w- c:\program files\Garena . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-03-24 04:18 . 2010-12-19 04:23 17488 ----a-w- c:\windows\gdrv.sys 2011-03-06 14:26 . 2010-12-19 16:31 138416 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2011-03-06 14:26 . 2010-12-19 16:31 270904 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-03-06 14:26 . 2010-12-19 16:31 270904 ----a-w- c:\windows\system32\PnkBstrB.xtr 2011-03-05 15:54 . 2010-12-19 16:31 270904 ----a-w- c:\windows\system32\PnkBstrB.ex0 2011-02-21 09:57 . 2011-02-21 09:57 98304 ----a-r- c:\users\moron\AppData\Roaming\Microsoft\Installer\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}\icons.exe 2011-02-13 17:00 . 2011-02-13 17:00 138056 ----a-w- c:\users\moron\AppData\Roaming\PnkBstrK.sys 2011-02-13 16:55 . 2011-02-13 16:55 2434856 ----a-w- c:\windows\system32\pbsvc_bc2.exe 2011-02-07 21:19 . 2011-01-17 11:57 2118848 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll 2011-02-06 19:31 . 2011-02-06 19:31 446258 ----a-w- c:\windows\AutoKMS.exe 2011-01-17 15:10 . 2011-01-17 15:10 180224 ----a-w- c:\windows\system32\WinVd32.sys 2011-01-17 15:10 . 2011-01-17 15:10 7680 ----a-w- c:\windows\system32\WinFLsrv.exe 2011-01-12 16:58 . 2010-12-18 13:56 17488 ----a-w- c:\windows\etdrv.sys 2011-01-12 16:58 . 2010-12-18 12:42 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys 2011-01-08 03:27 . 2011-01-25 07:39 941160 ----a-w- c:\windows\system32\nvdispco322090.dll 2011-01-08 03:27 . 2011-01-25 07:39 837736 ----a-w- c:\windows\system32\nvgenco322040.dll 2011-01-08 03:27 . 2010-12-24 23:07 57960 ----a-w- c:\windows\system32\OpenCL.dll 2011-01-08 03:27 . 2010-12-24 23:07 4941928 ----a-w- c:\windows\system32\nvcuda.dll 2011-01-08 03:27 . 2010-12-24 23:07 2895976 ----a-w- c:\windows\system32\nvcuvid.dll 2011-01-08 03:27 . 2010-12-24 23:07 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll 2011-01-08 03:27 . 2010-12-24 23:07 15047272 ----a-w- c:\windows\system32\nvoglv32.dll 2011-01-08 03:27 . 2010-12-24 23:07 13011560 ----a-w- c:\windows\system32\nvcompiler.dll 2011-01-08 03:27 . 2010-12-24 23:07 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd 2011-01-08 03:27 . 2010-12-24 23:07 10467656 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2011-01-08 03:27 . 2010-12-24 23:07 10078312 ----a-w- c:\windows\system32\nvd3dum.dll 2011-01-08 03:27 . 2010-12-18 11:43 5653096 ----a-w- c:\windows\system32\nvwgf2um.dll 2011-01-08 03:27 . 2010-12-18 11:43 1965672 ----a-w- c:\windows\system32\nvapi.dll 2011-01-07 13:06 . 2011-01-07 13:06 580200 ----a-w- c:\windows\system32\easyUpdatusAPIU.dll 2011-01-07 13:06 . 2011-01-07 13:06 3597416 ----a-w- c:\windows\system32\nvcpl.dll 2011-01-07 13:06 . 2011-01-07 13:06 2620520 ----a-w- c:\windows\system32\nvsvc.dll 2011-01-07 13:06 . 2011-01-07 13:06 66664 ----a-w- c:\windows\system32\nvshext.dll 2011-01-07 13:06 . 2011-01-07 13:06 608872 ----a-w- c:\windows\system32\nvvsvc.exe 2011-01-07 13:06 . 2011-01-07 13:06 111208 ----a-w- c:\windows\system32\nvmctray.dll 2011-01-06 00:42 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll 2011-01-06 00:42 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll 2011-01-06 00:42 . 2009-07-13 23:24 811520 ----a-w- c:\windows\system32\user32.dll 2011-03-18 17:53 . 2011-03-23 07:37 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- . [-] 2011-01-06 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll [7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c20391ee-b6fd-4a35-9f1b-2892dda5b107}] 2009-11-25 04:47 297808 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{a011d643-4a67-4934-a775-46139847d7f2}"= "mscoree.dll" [2009-11-25 297808] . [HKEY_CLASSES_ROOT\clsid\{a011d643-4a67-4934-a775-46139847d7f2}] [HKEY_CLASSES_ROOT\tGBandObj.tGBandObjClass] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2010-12-23 19:09 67168 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696] "SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2010-10-17 404200] "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2011-01-11 3301376] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "GarenaMessenger"="c:\program files\Garena Messenger\GarenaMessenger.exe" [2011-03-17 3950936] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-09-03 9726568] "NUSB3MON"="c:\program files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064] "Razer Naga Driver"="c:\program files\Razer\Naga\NagaTray.exe" [2010-05-11 810880] "FILE NAME"="c:\program files\Razer\Nostromo\t2Hid.exe" [2010-12-07 261632] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "RPMKickstart"="c:\program files\GIGABYTE\SMART6\Recovery\RPMKickstart.exe" [2010-08-24 1750528] "SDBOK"="c:\program files\GIGABYTE\SMART6\dbios\run.exe" [2009-07-06 207400] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer8"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-09-20 15:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup] 2005-02-16 23:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler] 2005-02-16 23:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-01-25 07:08 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2010-06-01 02:17 5252408 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray] 2010-12-21 03:53 1483264 ----a-w- c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 09:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] 2010-12-08 20:42 74752 ----a-w- c:\program files\Winamp\winampa.exe . R2 Change Modem Device Service;Change Modem Device Service;c:\windows\system32\ChgService.exe [2009-04-21 135168] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272] R3 CEDRIVER60;CEDRIVER60;c:\program files\Cheat Engine 6\dbk32.sys [2010-12-15 62336] R3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;c:\windows\system32\DRIVERS\cmnsusbser.sys [2008-10-31 103424] R3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;e:\dragon age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832] R3 etdrv;etdrv;c:\windows\etdrv.sys [2011-01-12 17488] R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena Messenger\Room\safedrv.sys [x] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208] R3 MSI_DVD_010507;MSI_DVD_010507;c:\program files\MSI\Live Update 5\DVDSYS32_100507.sys [x] R3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files\MSI\Live Update 5\msibios32_100507.sys [x] R3 MSI_VGASYS_010507;MSI_VGASYS_010507;c:\program files\MSI\Live Update 5\VGASYS32_100507.sys [x] R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2010-07-26 137600] R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2010-07-26 8576] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2010-10-11 3641832] R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\MSI\Live Update 5\NTIOLib.sys [x] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-09-03 279656] R3 SQLAgent$PROVIDUSSTD;SQLAgent$PROVIDUSSTD;c:\program files\Microsoft SQL Server\MSSQL$PROVIDUSSTD\Binn\sqlagent.EXE [2002-12-17 311872] R3 T2Fltr;Razer Nostromo;c:\windows\system32\Drivers\T2Fltr.sys [2010-10-07 16384] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-01-06 1343400] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-19 691696] S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 19496] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x32.sys [2010-07-09 20328] S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136] S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2010-12-23 84720] S2 MSSQL$PROVIDUSSTD;MSSQL$PROVIDUSSTD;c:\program files\Microsoft SQL Server\MSSQL$PROVIDUSSTD\Binn\sqlservr.exe [2002-12-17 7520337] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-06-25 35088] S2 Smart TimeLock;Smart TimeLock Service;c:\program files\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984] S3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088] S3 MEI;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [2010-09-21 41088] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-07-27 60800] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-07-27 140672] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-11-11 122984] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 RzSynapse;Razer Naga Driver;c:\windows\system32\DRIVERS\RzSynapse.sys [2010-04-21 60032] S3 TS_AR5416;[CommView] Atheros AR5008 Wireless Network Adapter Service 7.7;c:\windows\system32\DRIVERS\ts_athw.sys [2010-07-31 02:31 1628872] S3 vHidDev;Razer Gaming Device;c:\windows\system32\DRIVERS\vHidDev.sys [2009-12-21 5760] S3 VJoystick;Virtual JoyStick KMDF HID Minidriver;c:\windows\system32\DRIVERS\VJoystick.sys [2010-09-30 10240] . . Contents of the 'Scheduled Tasks' folder . . ------- Supplementary Scan ------- . uInternet Settings,ProxyOverride = *.local IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm IE: Download with Mipony - file://c:\program files\MiPony\Browser\IEContext.htm IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL FF - ProfilePath - c:\users\moron\AppData\Roaming\Mozilla\Firefox\Profiles\x4xgtakt.default\ FF - user.js: yahoo.ytff.general.dontshowhpoffer - true . - - - - ORPHANS REMOVED - - - - . MSConfigStartUp-JP595IR86O - c:\users\moron\AppData\Local\Temp\Afc.exe MSConfigStartUp-Live Update 5 - c:\program files\MSI\Live Update 5\LU5.exe AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe AddRemove-FolderLock6 - c:\program files\Folder Lock\Uninstall.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-4171440346-905252656-3007884514-1001_Classes\CLSID\{0f6eb98b-50b9-4659-a7b5-ed4875166a62}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) . [HKEY_USERS\S-1-5-21-4171440346-905252656-3007884514-1001_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):bc,0d,47,fc,7f,55,cc,3a,62,7e,86,ed,9c,be,dd,19,94,71,ac,0e,c3, 65,0b,c6,a3,09,48,cd,2b,9c,ca,94,ec,f6,aa,9f,dc,88,d2,99,00,00,00,00,00,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2011-03-24 12:24:36 ComboFix-quarantined-files.txt 2011-03-24 04:24 . Pre-Run: 75,541,147,648 bytes free Post-Run: 75,487,457,280 bytes free . - - End Of File - - 68E331E38D6A0912601E3902B3367221