ComboFix 10-02-03.04 - Tess & Trav 04/02/2010  16:06:22.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.61.1033.18.1021.324 [GMT 11:00]
Running from: c:\users\Tess & Trav\Desktop\Combo-Fix.exe
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
c:\recycler\S-1-5-21-1482476501-1644491937-682003330-1033
c:\windows\system32\reboot.txt
c:\windows\unins000.dat
c:\windows\unins000.exe

.
(((((((((((((((((((((((((   Files Created from 2010-01-04 to 2010-02-04  )))))))))))))))))))))))))))))))
.

2010-02-04 05:15 . 2010-02-04 05:15	--------	d-----w-	c:\users\Tess & Trav\AppData\Local\temp
2010-02-04 05:15 . 2010-02-04 05:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-02-01 08:18 . 2010-02-01 22:45	--------	d-----w-	c:\program files\ERUNT
2010-02-01 06:23 . 2010-02-01 06:23	--------	d-----w-	c:\program files\Sophos
2010-01-30 00:20 . 2010-01-30 00:20	--------	d-----w-	c:\users\Tess & Trav\AppData\Roaming\Malwarebytes
2010-01-30 00:20 . 2010-01-07 05:07	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-30 00:20 . 2010-01-30 00:20	--------	d-----w-	c:\programdata\Malwarebytes
2010-01-30 00:20 . 2010-01-07 05:07	19160	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-01-30 00:20 . 2010-01-30 00:20	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-01-28 05:19 . 2010-01-28 05:19	388096	----a-r-	c:\users\Tess & Trav\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-01-28 05:19 . 2010-01-28 05:19	--------	d-----w-	c:\program files\TrendMicro
2010-01-26 04:22 . 2010-01-31 06:22	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2010-01-26 04:22 . 2010-01-26 05:26	--------	d-----w-	c:\program files\Spybot - Search & Destroy
2010-01-25 23:02 . 2010-01-25 23:02	52224	----a-w-	c:\users\Tess & Trav\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-01-24 22:44 . 2010-01-26 23:44	--------	d-----w-	c:\users\Tess & Trav\.psycle
2010-01-24 22:42 . 2010-01-24 22:55	--------	d-----w-	c:\program files\Psycle
2010-01-24 21:57 . 2010-01-25 01:23	720896	----a-w-	c:\windows\iun6002.exe
2010-01-24 21:47 . 2010-01-24 22:53	--------	d-----w-	c:\program files\Electra
2010-01-24 11:41 . 2009-12-16 11:44	834048	----a-w-	c:\windows\system32\wininet.dll
2010-01-24 11:41 . 2009-12-18 13:01	78336	----a-w-	c:\windows\system32\ieencode.dll
2010-01-24 11:23 . 2008-03-17 00:57	103680	----a-w-	c:\windows\system32\drivers\ewusbfake.sys
2010-01-24 11:23 . 2008-03-17 00:05	101632	----a-r-	c:\windows\system32\drivers\ewusbmdm.sys
2010-01-24 11:23 . 2008-03-16 03:47	872192	----a-w-	c:\windows\system32\drivers\mod7700.sys
2010-01-24 11:23 . 2008-01-22 04:10	100864	----a-w-	c:\windows\system32\drivers\ewusbnet.sys
2010-01-24 11:23 . 2007-08-08 17:06	23424	----a-r-	c:\windows\system32\drivers\ewdcsc.sys
2010-01-14 13:15 . 2010-01-14 13:15	--------	d-----w-	c:\users\Tess & Trav\AppData\Local\ElevatedDiagnostics
2010-01-14 13:06 . 2010-01-14 13:07	--------	d-----w-	c:\program files\Microsoft ATS
2010-01-14 12:41 . 2010-01-14 12:41	--------	d-----w-	c:\program files\CCleaner
2010-01-14 12:39 . 2009-10-19 13:38	156672	----a-w-	c:\windows\system32\t2embed.dll
2010-01-14 12:39 . 2009-10-19 13:35	72704	----a-w-	c:\windows\system32\fontsub.dll
2010-01-14 12:22 . 2010-01-16 00:02	--------	d-----w-	c:\program files\3 Mobile Broadband
2010-01-13 04:49 . 2010-01-13 09:37	--------	d-----w-	c:\users\Tess & Trav\AppData\Roaming\Apple Computer
2010-01-13 04:48 . 2010-01-13 04:48	--------	dc----w-	c:\windows\system32\DRVSTORE
2010-01-13 04:48 . 2009-05-18 03:17	26600	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2010-01-13 04:48 . 2008-04-17 02:12	107368	----a-w-	c:\windows\system32\GEARAspi.dll
2010-01-13 04:47 . 2010-01-13 04:47	--------	d-----w-	c:\program files\iPod
2010-01-13 04:47 . 2010-01-13 04:48	--------	d-----w-	c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-01-13 04:47 . 2010-01-13 04:48	--------	d-----w-	c:\program files\iTunes
2010-01-13 04:46 . 2010-01-13 04:46	--------	d-----w-	c:\program files\Bonjour
2010-01-13 04:45 . 2010-01-13 04:46	--------	d-----w-	c:\program files\QuickTime
2010-01-13 04:45 . 2010-01-13 04:47	--------	d-----w-	c:\programdata\Apple Computer
2010-01-13 04:40 . 2010-01-13 04:47	--------	d-----w-	c:\program files\Common Files\Apple
2010-01-06 03:26 . 2010-01-06 03:26	--------	d-----w-	C:\My SyncDirectory
2010-01-06 03:26 . 2010-01-06 03:26	--------	d-----w-	c:\users\Tess & Trav\AppData\Roaming\iriver
2010-01-06 03:21 . 2010-01-06 03:21	77004	----a-w-	c:\windows\system32\drivers\AFS.SYS

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-04 04:50 . 2010-01-02 03:12	--------	d-----w-	c:\program files\Application Updater
2010-02-02 12:47 . 2009-03-14 13:05	--------	d-----w-	c:\users\Tess & Trav\AppData\Roaming\uTorrent
2010-02-01 22:10 . 2009-03-11 11:03	32441	----a-w-	c:\programdata\nvModes.dat
2010-01-30 23:52 . 2009-03-29 09:42	117760	----a-w-	c:\users\Tess & Trav\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-01-30 23:49 . 2009-03-29 09:38	--------	d-----w-	c:\program files\SUPERAntiSpyware
2010-01-26 04:23 . 2009-08-14 06:07	680	----a-w-	c:\users\Tess & Trav\AppData\Local\d3d9caps.dat
2010-01-24 22:15 . 2010-02-04 04:27	2066200	----a-w-	c:\programdata\avg8\update\backup\avgcorex.dll
2010-01-24 11:24 . 2009-03-11 11:07	--------	d-----w-	c:\program files\VIRGIN BROADBAND
2010-01-14 00:12 . 2009-10-02 23:52	181120	------w-	c:\windows\system32\MpSigStub.exe
2010-01-06 03:21 . 2009-04-26 07:48	--------	d-----w-	c:\program files\iriver
2009-12-06 05:55 . 2009-12-03 06:18	--------	d-----w-	c:\users\Tess & Trav\AppData\Roaming\Cakewalk
2009-12-06 05:55 . 2009-12-03 06:00	--------	d-----w-	c:\programdata\Cakewalk
2009-12-04 11:30 . 2006-11-02 10:25	665600	----a-w-	c:\windows\inf\drvindex.dat
2009-11-12 06:07 . 2009-11-12 06:07	79144	----a-w-	c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
2009-11-09 12:31 . 2009-12-26 22:20	24064	----a-w-	c:\windows\system32\nshhttp.dll
2009-11-09 12:30 . 2009-12-26 22:20	30720	----a-w-	c:\windows\system32\httpapi.dll
2009-11-09 10:36 . 2009-12-26 22:20	411648	----a-w-	c:\windows\system32\drivers\http.sys
2009-05-13 21:55 . 2009-05-13 21:55	1044480	----a-w-	c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-13 21:55 . 2009-05-13 21:55	200704	----a-w-	c:\program files\mozilla firefox\plugins\ssldivx.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 02:01	1230080	----a-w-	c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-12-25 2043160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-03-09 37888]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-24 149280]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-26 13736480]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-26 92704]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-12 141600]

c:\users\Tess & Trav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Run Registration Tool.lnk - c:\program files\WiFiConnector\NintendoWFCReg.exe [2007-12-19 1179648]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-12 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-10-02 23:38	548352	----a-w-	c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):43,26,a6,ef,d6,74,ca,01

R0 AFS;AFS;c:\windows\System32\drivers\AFS.SYS [6/01/2010 2:21 PM 77004]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [14/03/2009 10:54 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [14/03/2009 10:54 PM 108552]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [23/03/2009 2:07 PM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [23/03/2009 2:07 PM 74480]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [14/03/2009 10:53 PM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [14/03/2009 10:53 PM 297752]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [23/03/2009 2:07 PM 7408]
S2 gupdate1ca1669bc4b8b2e;Google Update Service (gupdate1ca1669bc4b8b2e);c:\program files\Google\Update\GoogleUpdate.exe [6/08/2009 6:44 PM 133104]
S3 RDID1093;UM-1G;c:\windows\System32\drivers\Rdwm1093.sys [22/11/2009 6:29 PM 57728]
.
Contents of the 'Scheduled Tasks' folder

2010-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-06 07:43]

2010-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-08-06 07:43]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\users\Tess & Trav\AppData\Roaming\Mozilla\Firefox\Profiles\p0d5vb4l.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - prefs.js: keyword.URL - hxxp://au.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=966134&p=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency",   1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug",            false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight",       2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize",       1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight",   25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight",     5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-*{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
URLSearchHooks-{E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
AddRemove-SimPE PhotoStudio Templates_is1 - c:\windows\unins000.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-04 16:15
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\EA01.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1391052500-3424273704-3297377095-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:c4,d2,40,d2,d8,dd,82,52,b6,ef,46,23,28,5a,36,1f,2e,a3,f6,82,8f,fd,dd,
   d9,1d,f9,bb,b7,51,69,8f,6c,87,5f,1f,28,24,9e,8b,9a,c4,b6,e0,a3,d1,3d,6d,21,\
"??"=hex:7b,04,62,8c,af,12,74,d9,7d,c8,33,3c,b1,51,6a,65

[HKEY_USERS\S-1-5-21-1391052500-3424273704-3297377095-1000\Software\SecuROM\License information*]
"datasecu"=hex:d2,af,f0,4e,c8,aa,e2,48,a0,da,55,de,4d,ae,63,e1,65,c3,7a,e8,1c,
   37,b7,24,0c,2e,ff,fa,a0,f0,26,a7,65,1c,0e,3e,dd,11,9f,02,fc,fd,af,3b,3b,a6,\
"rkeysecu"=hex:01,b1,48,fc,2a,ad,2a,15,e1,c4,78,b2,b3,99,59,31

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-02-04  16:20:37
ComboFix-quarantined-files.txt  2010-02-04 05:20

Pre-Run: 9,194,541,056 bytes free
Post-Run: 8,996,786,176 bytes free

- - End Of File - - DFB0274BFE2AD23B2780D1393443423C