ComboFix 11-04-07.06 - Ann Denner 04/07/2011 22:45:58.5.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.4030.1796 [GMT -4:00]
Running from: c:\users\Ann Denner\Downloads\ComboFix.exe
Command switches used :: c:\users\Ann Denner\Desktop\CFScript.txt
AV: Emsisoft Anti-Malware *Disabled/Updated* {607A6E45-BE50-AFD5-4F70-7EAAEC5B715D}
SP: Emsisoft Anti-Malware *Disabled/Updated* {DB1B8FA1-986A-A05B-75C0-45D897DC3BE0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Ann Denner\AppData\Local\{93BB88BD-8692-404F-A1DA-957A19F66F7F}
.
.
((((((((((((((((((((((((( Files Created from 2011-03-08 to 2011-04-08 )))))))))))))))))))))))))))))))
.
.
2011-04-08 02:56 . 2011-04-08 02:56 -------- d-----w- c:\users\QBDataServiceUser19\AppData\Local\temp
2011-04-08 02:56 . 2011-04-08 02:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-04 20:06 . 2011-03-18 17:53 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-04-04 20:06 . 2011-03-18 17:53 16856 ----a-w- c:\program files (x86)\Mozilla Firefox\plugin-container.exe
2011-04-04 20:06 . 2011-03-18 17:53 781272 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-04-04 20:06 . 2011-03-18 17:53 1874904 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
2011-04-04 20:06 . 2011-03-18 17:53 719832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozcpp19.dll
2011-04-04 20:06 . 2011-03-18 17:53 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2011-04-04 20:06 . 2011-03-18 17:53 728024 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2011-04-04 20:06 . 2011-03-18 17:53 142296 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
2011-04-04 20:06 . 2011-03-18 17:53 1893336 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_42.dll
2011-04-04 20:06 . 2011-03-18 17:53 1975768 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_42.dll
2011-03-28 02:14 . 2011-03-28 02:14 -------- d-----w- c:\users\Ann Denner\AppData\Roaming\AVG10
2011-03-28 02:08 . 2011-04-05 00:11 -------- d-----w- c:\programdata\AVG10
2011-03-28 01:13 . 2011-03-28 01:24 -------- d-----w- c:\programdata\MFAData
2011-03-27 18:55 . 2011-03-27 18:55 -------- d-----w- c:\program files\CCleaner
2011-03-25 12:49 . 2011-03-15 05:17 8424784 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EBB05507-31FB-41F7-AA9C-0E68047E1F3E}\mpengine.dll
2011-03-23 14:46 . 2011-02-22 14:47 479744 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-23 14:46 . 2011-02-22 14:13 288768 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2011-03-23 14:46 . 2011-02-22 13:53 1555968 ----a-w- c:\windows\system32\DWrite.dll
2011-03-23 14:46 . 2011-02-22 13:53 1149440 ----a-w- c:\windows\system32\FntCache.dll
2011-03-23 14:46 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\SysWow64\DWrite.dll
2011-03-10 08:12 . 2010-12-29 19:01 416768 ----a-w- c:\windows\system32\sbe.dll
2011-03-10 08:12 . 2010-12-29 19:01 559616 ----a-w- c:\windows\system32\EncDec.dll
2011-03-10 08:12 . 2010-12-29 18:28 429056 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-03-10 08:12 . 2010-12-29 19:01 210944 ----a-w- c:\windows\system32\sbeio.dll
2011-03-10 08:12 . 2010-12-29 18:59 226816 ----a-w- c:\windows\system32\mpg2splt.ax
2011-03-10 08:12 . 2010-12-29 18:28 322560 ----a-w- c:\windows\SysWow64\sbe.dll
2011-03-10 08:12 . 2010-12-29 18:28 153088 ----a-w- c:\windows\SysWow64\sbeio.dll
2011-03-10 08:12 . 2010-12-29 18:26 177664 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-03-09 18:01 . 2010-12-17 17:34 2425344 ----a-w- c:\windows\system32\mstscax.dll
2011-03-09 18:01 . 2010-12-17 15:45 2067968 ----a-w- c:\windows\SysWow64\mstscax.dll
2011-03-09 18:01 . 2010-12-17 15:41 731136 ----a-w- c:\windows\system32\mstsc.exe
2011-03-09 18:01 . 2010-12-17 13:54 677888 ----a-w- c:\windows\SysWow64\mstsc.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-17 10:57 . 2010-06-24 15:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-03 01:40 . 2010-06-11 19:43 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-02-02 22:11 . 2009-10-02 16:15 270720 ------w- c:\windows\system32\MpSigStub.exe
2011-01-20 16:46 . 2011-02-09 12:56 900480 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:17 . 2011-02-09 12:56 366592 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:17 . 2011-02-09 12:56 625152 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:16 . 2011-02-09 12:56 287232 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:16 . 2011-02-09 12:56 327680 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:16 . 2011-02-09 12:56 196096 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:16 . 2011-02-09 12:56 1268224 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:16 . 2011-02-09 12:56 748544 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:16 . 2011-02-09 12:56 47104 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:16 . 2011-02-09 12:56 3548672 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:16 . 2011-02-09 12:56 35840 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:14 . 2011-02-09 12:56 278528 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:14 . 2011-02-09 12:56 195072 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 16:08 . 2011-02-09 12:56 478720 ----a-w- c:\windows\SysWow64\dxgi.dll
2011-01-20 16:08 . 2011-02-09 12:56 219648 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-09 12:56 160768 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2011-01-20 16:08 . 2011-02-09 12:56 1029120 ----a-w- c:\windows\SysWow64\d3d10.dll
2011-01-20 16:08 . 2011-02-09 12:56 189952 ----a-w- c:\windows\SysWow64\d3d10core.dll
2011-01-20 16:07 . 2011-02-09 12:56 258048 ----a-w- c:\windows\SysWow64\winspool.drv
2011-01-20 16:07 . 2011-02-09 12:56 586240 ----a-w- c:\windows\SysWow64\stobject.dll
2011-01-20 16:06 . 2011-02-09 12:56 2873344 ----a-w- c:\windows\SysWow64\mf.dll
2011-01-20 16:04 . 2011-02-09 12:56 209920 ----a-w- c:\windows\SysWow64\mfplat.dll
2011-01-20 16:04 . 2011-02-09 12:56 98816 ----a-w- c:\windows\SysWow64\mfps.dll
2011-01-20 15:01 . 2011-02-09 12:56 3068416 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 15:01 . 2011-02-09 12:56 1653760 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:59 . 2011-02-09 12:56 1032192 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:58 . 2011-02-09 12:56 1461760 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:57 . 2011-02-09 12:56 231936 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:42 . 2011-02-09 12:56 1257984 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:41 . 2011-02-09 12:56 428544 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:40 . 2011-02-09 12:56 345088 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:40 . 2011-02-09 12:56 34304 ----a-w- c:\windows\system32\mfpmp.exe
2011-01-20 14:40 . 2011-02-09 12:56 377344 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:37 . 2011-02-09 12:56 2002944 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:35 . 2011-02-09 12:56 566272 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 14:28 . 2011-02-09 12:56 1554432 ----a-w- c:\windows\SysWow64\xpsservices.dll
2011-01-20 14:27 . 2011-02-09 12:56 876032 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2011-01-20 14:25 . 2011-02-09 12:56 847360 ----a-w- c:\windows\SysWow64\OpcServices.dll
2011-01-20 14:24 . 2011-02-09 12:56 135680 ----a-w- c:\windows\SysWow64\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-09 12:56 979456 ----a-w- c:\windows\SysWow64\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-09 12:56 357376 ----a-w- c:\windows\SysWow64\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-09 12:56 302592 ----a-w- c:\windows\SysWow64\mfmp4src.dll
2011-01-20 14:14 . 2011-02-09 12:56 261632 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-09 12:56 1172480 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2011-01-20 14:11 . 2011-02-09 12:56 486400 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2011-01-20 14:06 . 2011-02-09 12:56 834048 ----a-w- c:\windows\system32\d2d1.dll
2011-01-20 13:47 . 2011-02-09 12:56 683008 ----a-w- c:\windows\SysWow64\d2d1.dll
2011-01-08 09:03 . 2011-02-09 12:51 48128 ----a-w- c:\windows\system32\atmlib.dll
2011-01-08 08:47 . 2011-02-09 12:51 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-01-08 06:45 . 2011-02-09 12:51 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-01-08 06:28 . 2011-02-09 12:51 292352 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2011-04-05_02.43.37 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-09-09 00:13 . 2011-04-04 13:49 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-09-09 00:13 . 2011-04-08 01:52 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-09-09 00:13 . 2011-04-04 13:49 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-09-09 00:13 . 2011-04-08 01:52 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-09-09 00:13 . 2011-04-04 13:49 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-09-09 00:13 . 2011-04-08 01:52 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-01-21 02:49 . 2008-01-21 02:49 65536 c:\windows\bfsvc.exe
+ 2006-11-02 12:42 . 2006-11-02 08:45 122880 c:\windows\system32\DriverStore\FileRepository\prnca001.inf_c505b61f\Amd64\CNBBR124.DLL2008-01-21 02:49 . 2008-01-21 02:49 65536 c:\windows\bfsvc.exe
+ 2009-09-08 17:10 . 2011-04-08 01:52 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-09-08 17:10 . 2011-03-31 15:36 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SetupType"="Portable" [X]
"QPService"="c:\program files (x86)\HP\QuickPlay\QPService.exe" [2007-12-20 468264]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 218408]
"hpWirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2009-12-22 1092872]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"VMware hqtray"="c:\program files (x86)\VMware\VMware Player\hqtray.exe" [2009-08-15 64048]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-9-9 1196048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-06 136176]
R3 NgFilter;Aventail VPN Filter;c:\windows\system32\DRIVERS\ngfilter.sys [x]
R3 NgLog;Aventail VPN Logging;c:\windows\system32\DRIVERS\nglog.sys [x]
R3 NgVpn;Aventail VPN Adapter;c:\windows\system32\DRIVERS\ngvpn.sys [x]
R3 NgWfp;Aventail VPN Callout;c:\windows\system32\DRIVERS\ngwfp.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-10 369688]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [x]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [x]
S3 QuickBooksDB19;QuickBooksDB19;c:\progra~2\Intuit\QUICKB~1\QBDBMgrN.exe [2009-10-01 131072]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 16:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-06 03:07]
.
2011-04-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-06 03:07]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-24 15952416]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-24 82464]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-08 218112]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 701440]
"HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [BU]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 242192]
"WrtMon.exe"="c:\windows\system32\spool\drivers\x64\3\WrtMon.exe" [2006-09-20 20480]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 225792]
.
------- Supplementary Scan -------
.
uStart Page =
https://www.google.com/accounts/Ser...llya694le36z&scc=1<mpl=default<mplcache=2
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
LSP: c:\program files (x86)\VMware\VMware Player\vsocklib.dll
Trusted Zone: intuit.com\ttlc
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll
DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
DPF: {2FF8D282-F78A-4A33-ABC2-49E72A341482} - hxxp://riteaid.storefront.com/images/global/activex/SFImageUpload1_10.CAB
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
FF - ProfilePath - c:\users\Ann Denner\AppData\Roaming\Mozilla\Firefox\Profiles\nzykvgue.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.xfinity.com/customer/start/?cid=xfstart_tech_main
FF - prefs.js: keyword.URL - hxxp://search.avg.com/?d=4d8fee5c&i=23&tp=ab&nt=1&q=
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{1c99b848-84cb-4ce4-8cd8-ed5719484d9f} - (no file)
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\32A7D634EB632D11CABB00087CCFBB48\0CCF218B2916AFB49A6CE158872F55AD]
@DACL=(02 0000)
"PatchGUID"=""
"MediaCabinet"=""
"File"="Global_VC_ATLUnicode_f1.7EBEDD68_AA66_11D2_B980_006097C4DE24"
"ComponentVersion"="3.0.8449.0"
"ProductVersion"="9.0.3"
"PatchSize"="0"
"PatchAttributes"="0"
"PatchSequence"="0"
"SharedComponent"="0"
"IsFullFile"="0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
c:\windows\SysWOW64\vmnat.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\VMware\VMware Player\vmware-authd.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
c:\program files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
c:\windows\System32\spool\drivers\x64\3\WrtProc.exe
c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files\Logitech\SetPoint\x86\SetPoint32.exe
.
**************************************************************************
.
Completion time: 2011-04-07 23:10:45 - machine was rebooted
ComboFix-quarantined-files.txt 2011-04-08 03:10
ComboFix2.txt 2011-04-06 02:30
ComboFix3.txt 2011-04-05 12:58
ComboFix4.txt 2011-04-05 02:48
ComboFix5.txt 2011-04-08 02:42
.
Pre-Run: 61,310,967,808 bytes free
Post-Run: 61,250,985,984 bytes free
.
- - End Of File - - D6429DD18297A2BA10F20CEAC9C9DF79