ComboFix 11-08-18.02 - Zinja 08/18/2011  22:46:31.1.2 - x64
Running from: c:\users\Zinja\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Zinja\g2mdlhlpx.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
(((((((((((((((((((((((((   Files Created from 2011-07-19 to 2011-08-19  )))))))))))))))))))))))))))))))
.
.
2011-08-19 04:08 . 2011-08-19 04:12	--------	d-----w-	c:\users\Zinja\AppData\Local\temp
2011-08-18 22:27 . 2011-08-18 22:27	--------	d-----w-	c:\program files (x86)\Foxit Software
2011-08-18 21:36 . 2011-08-18 21:36	--------	d-----w-	c:\programdata\Skype
2011-08-18 21:12 . 2011-08-18 21:43	--------	d-----w-	c:\users\Zinja\AppData\Local\Apple Computer
2011-08-18 21:12 . 2011-08-18 21:17	--------	d-----w-	c:\users\Zinja\AppData\Roaming\Apple Computer
2011-08-18 21:11 . 2011-08-18 21:11	--------	d-----w-	c:\program files\iPod
2011-08-18 21:11 . 2011-08-18 21:12	--------	d-----w-	c:\program files\iTunes
2011-08-18 21:11 . 2011-08-18 21:12	--------	d-----w-	c:\program files (x86)\iTunes
2011-08-18 21:10 . 2011-08-18 21:10	--------	d-----w-	c:\program files\Common Files\Apple
2011-08-18 15:24 . 2011-08-18 21:11	--------	d-----w-	c:\programdata\Apple Computer
2011-08-18 15:24 . 2011-08-18 15:25	--------	d-----w-	c:\program files (x86)\QuickTime
2011-08-18 10:29 . 2011-08-18 10:29	--------	d-----w-	c:\programdata\yahoo!
2011-08-18 00:40 . 2011-08-18 00:41	--------	d-----w-	c:\program files\CCleaner
2011-08-17 23:18 . 2011-08-18 15:26	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2011-08-17 23:18 . 2011-08-18 15:26	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2011-08-17 23:18 . 2011-08-18 15:25	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2011-08-17 23:18 . 2011-08-18 15:25	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2011-08-17 23:18 . 2011-08-18 15:25	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2011-08-17 23:18 . 2011-08-18 15:25	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2011-08-17 23:18 . 2011-08-18 15:25	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2011-08-17 22:08 . 2011-08-17 22:08	--------	d-----w-	C:\_OTL
2011-08-17 15:23 . 2011-08-17 15:23	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2011-08-17 15:22 . 2011-08-17 15:22	--------	d-----w-	c:\users\Zinja\AppData\Local\Adobe
2011-08-17 05:21 . 2011-08-17 05:22	--------	d-----w-	c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-08-17 05:20 . 2011-08-17 05:20	--------	d-----w-	c:\programdata\Apple
2011-08-17 05:09 . 2011-08-17 05:09	--------	d-----w-	c:\users\Zinja\AppData\Local\Diagnostics
2011-08-17 05:04 . 2011-08-17 05:04	--------	d-----w-	c:\program files (x86)\WinZip Courier
2011-08-17 05:04 . 2011-08-17 05:04	--------	d-----w-	c:\windows\CD95F661A5C411AFB2CCABCD21A325B4.TMP
2011-08-17 05:03 . 2011-08-17 05:03	--------	d-----w-	c:\users\Zinja\AppData\Local\WinZip
2011-08-17 05:02 . 2011-08-17 05:03	--------	d-----w-	c:\programdata\WinZip
2011-08-17 04:21 . 2011-08-17 04:21	--------	d-----w-	c:\users\Zinja\AppData\Local\Mozilla
2011-08-16 08:35 . 2011-08-16 08:35	--------	d-----w-	c:\users\Zinja\AppData\Roaming\Malwarebytes
2011-08-16 06:34 . 2011-08-16 06:34	--------	d-----w-	c:\programdata\Malwarebytes
2011-08-16 06:34 . 2011-08-19 03:21	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-08-16 03:18 . 2011-08-16 03:18	--------	d-----w-	c:\users\Zinja\AppData\Local\Apps
2011-08-15 15:12 . 2011-08-15 19:22	--------	d-----w-	c:\users\Zinja\AppData\Roaming\QuickScan
2011-08-14 20:42 . 2011-07-04 11:36	288088	----a-w-	c:\windows\system32\drivers\aswSP.sys
2011-08-14 20:42 . 2011-07-04 11:32	22360	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2011-08-14 20:42 . 2011-07-04 11:32	31064	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2011-08-14 20:42 . 2011-07-04 11:35	45400	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2011-08-14 20:42 . 2011-07-04 11:36	600920	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2011-08-14 20:42 . 2011-07-04 11:32	64856	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2011-08-14 20:42 . 2011-07-04 11:43	253888	----a-w-	c:\windows\system32\aswBoot.exe
2011-08-14 20:41 . 2011-07-04 11:43	40112	----a-w-	c:\windows\avastSS.scr
2011-08-14 20:41 . 2011-07-04 11:43	199304	----a-w-	c:\windows\SysWow64\aswBoot.exe
2011-08-14 20:41 . 2011-08-14 20:41	--------	d-----w-	c:\programdata\AVAST Software
2011-08-14 20:41 . 2011-08-14 20:41	--------	d-----w-	c:\program files\AVAST Software
2011-08-14 20:37 . 2011-08-19 03:31	--------	d-----w-	c:\program files (x86)\Trend Micro
2011-08-14 20:37 . 2011-08-14 20:37	388096	----a-r-	c:\users\Zinja\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-08-14 20:32 . 2011-08-14 20:32	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-08-14 20:26 . 2011-08-14 20:26	--------	d-----w-	c:\users\Zinja\AppData\Local\Microsoft Help
2011-08-14 20:25 . 2011-08-18 17:30	--------	d-----w-	c:\programdata\Microsoft Help
2011-08-14 20:09 . 2011-08-19 04:11	15672	----a-w-	c:\windows\system32\drivers\SWDUMon.sys
2011-08-14 20:00 . 2011-08-14 20:00	--------	d-----w-	c:\users\Zinja\AppData\Local\ATI
2011-08-14 19:49 . 2011-08-14 19:49	--------	d-----w-	c:\programdata\ATI
2011-08-14 16:49 . 2000-01-01 00:00	651776	------w-	c:\windows\system32\stapi64.dll
2011-08-14 16:46 . 2000-01-01 00:00	520192	----a-w-	c:\windows\system32\drivers\stwrt64.sys
2011-08-14 16:46 . 2000-01-01 00:00	431616	----a-w-	c:\windows\system32\stcplx64.dll
2011-08-14 16:46 . 2000-01-01 00:00	1499136	----a-w-	c:\windows\system32\stapo64.dll
2011-08-14 16:45 . 2011-08-14 19:16	--------	d-----w-	c:\program files\IDT
2011-08-14 16:35 . 2000-01-01 00:00	115216	----a-w-	c:\windows\system32\drivers\AtihdW76.sys
2011-08-14 16:17 . 2011-08-14 16:17	--------	d-----w-	c:\users\Zinja\AppData\Local\SlimWare Utilities Inc
2011-08-14 16:17 . 2011-08-14 19:44	--------	d-----w-	c:\program files (x86)\SlimDrivers
2011-08-14 13:45 . 2009-10-02 16:46	68664	----a-w-	c:\windows\system32\drivers\amdsata.sys
2011-08-14 13:45 . 2009-10-02 16:46	29240	----a-w-	c:\windows\system32\drivers\amdxata.sys
2011-08-14 13:45 . 2009-10-02 16:46	16440	----a-w-	c:\windows\system32\drivers\AtiPcie.sys
2011-08-13 23:42 . 2010-02-09 00:19	8038944	----a-w-	c:\windows\system32\RTSUSTORicon.dll
2011-08-13 23:42 . 2010-02-09 02:57	239136	----a-w-	c:\windows\system32\drivers\RtsUStor.sys
2011-08-13 23:42 . 2010-02-09 00:19	422432	----a-w-	c:\windows\system32\RtsUStor.dll
2011-08-13 23:24 . 2011-05-27 22:58	1284712	----a-w-	c:\windows\RtlExUpd.dll
2011-08-13 22:46 . 2011-08-13 22:46	--------	d-----w-	c:\program files\Common Files\ATI Technologies
2011-08-13 22:41 . 2011-08-13 22:41	--------	d-----w-	c:\users\Zinja\AppData\Local\AMD
2011-08-13 22:39 . 2011-08-13 22:39	--------	d-----w-	c:\programdata\AMD
2011-08-13 22:39 . 2010-02-18 14:18	46136	----a-w-	c:\windows\system32\drivers\amdiox64.sys
2011-08-13 22:33 . 2011-08-14 19:15	--------	d-----w-	c:\program files\ATI Technologies
2011-08-11 05:14 . 2011-08-11 05:14	--------	d-----w-	c:\users\Zinja\AppData\Roaming\PrimoPDF
2011-08-11 04:59 . 2011-02-28 22:37	95008	----a-w-	c:\windows\system32\Primomonnt.dll
2011-08-10 20:55 . 2011-08-10 20:55	21712	----a-w-	c:\windows\SysWow64\drivers\DrvAgent64.SYS
2011-08-10 08:02 . 2011-08-10 08:02	--------	d-sh--w-	c:\windows\system32\%APPDATA%
2011-08-10 08:02 . 2011-07-22 05:32	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2011-08-10 08:02 . 2011-07-22 02:44	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2011-08-09 22:25 . 2011-06-24 05:25	338432	----a-w-	c:\windows\system32\conhost.exe
2011-08-09 22:24 . 2011-07-16 05:21	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-08-09 01:27 . 2011-06-22 16:51	24576	----a-w-	c:\windows\SysWow64\msxml3a.dll
2011-08-06 01:21 . 2011-08-06 01:21	--------	d-----w-	c:\users\Zinja\AppData\Roaming\U3
2011-07-22 22:42 . 2011-08-14 19:56	--------	d-----w-	c:\users\McAfeeMVSUser
2011-07-22 20:51 . 2011-07-22 20:51	94208	----a-w-	c:\windows\SysWow64\dpl100.dll
2011-07-20 19:18 . 2011-08-19 04:10	--------	d-----w-	c:\program files (x86)\Emsisoft Anti-Malware
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-12 05:47 . 2011-05-14 19:49	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-16 04:26 . 2011-08-09 22:25	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2011-07-13 14:43 . 2011-07-13 14:43	74272	----a-w-	c:\windows\system32\RtNicProp64.dll
2011-07-13 14:43 . 2011-07-13 14:43	344680	----a-w-	c:\windows\system32\drivers\Rt64win7.sys
2011-07-13 14:43 . 2010-05-21 08:41	107552	----a-w-	c:\windows\system32\RTNUninst64.dll
2011-07-13 14:40 . 2010-05-21 08:42	6656	----a-w-	c:\windows\system32\bcmwlrc.dll
2011-07-12 16:34 . 2011-07-12 16:34	96104	----a-w-	c:\windows\system32\dns-sd.exe
2011-07-12 16:34 . 2011-07-12 16:34	85864	----a-w-	c:\windows\system32\dnssd.dll
2011-07-12 16:34 . 2011-07-12 16:34	61288	----a-w-	c:\windows\system32\jdns_sd.dll
2011-07-12 16:34 . 2011-07-12 16:34	212840	----a-w-	c:\windows\system32\dnssdX.dll
2011-07-12 16:20 . 2011-07-12 16:20	83816	----a-w-	c:\windows\SysWow64\dns-sd.exe
2011-07-12 16:20 . 2011-07-12 16:20	73064	----a-w-	c:\windows\SysWow64\dnssd.dll
2011-07-12 16:20 . 2011-07-12 16:20	50536	----a-w-	c:\windows\SysWow64\jdns_sd.dll
2011-07-12 16:20 . 2011-07-12 16:20	178536	----a-w-	c:\windows\SysWow64\dnssdX.dll
2011-07-08 04:37 . 2011-07-08 04:37	60416	----a-w-	c:\windows\system32\OVDecode64.dll
2011-07-08 04:37 . 2011-07-08 04:37	53760	----a-w-	c:\windows\SysWow64\OVDecode.dll
2011-07-08 04:37 . 2011-07-08 04:37	51200	----a-w-	c:\windows\system32\OpenCL.dll
2011-07-08 04:37 . 2011-07-08 04:37	43520	----a-w-	c:\windows\SysWow64\OpenCL.dll
2011-07-08 04:36 . 2011-07-08 04:36	16907776	----a-w-	c:\windows\system32\amdocl64.dll
2011-07-08 04:36 . 2011-07-08 04:36	13904896	----a-w-	c:\windows\SysWow64\amdocl.dll
2011-07-07 00:52 . 2011-02-21 06:45	25912	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-07-05 23:37 . 2011-07-05 23:37	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2011-07-05 23:37 . 2011-07-05 23:37	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
2011-07-01 09:46 . 2011-07-01 09:46	31232	----a-w-	c:\windows\system32\drivers\tap0901.sys
2011-06-16 08:34 . 2011-06-16 08:34	79872	----a-w-	c:\windows\SysWow64\SlotMaximizerAg.dll
2011-06-16 08:34 . 2011-06-16 08:34	2971648	----a-w-	c:\windows\system32\SlotMaximizerBe.dll
2011-06-16 08:34 . 2011-06-16 08:34	2117632	----a-w-	c:\windows\SysWow64\SlotMaximizerBe.dll
2011-06-16 08:34 . 2011-06-16 08:34	105984	----a-w-	c:\windows\system32\SlotMaximizerAg.dll
2011-06-11 03:07 . 2011-07-13 13:37	3137536	----a-w-	c:\windows\system32\win32k.sys
2011-06-10 19:23 . 2011-02-21 01:41	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-06-10 19:19 . 2011-02-21 03:45	525544	----a-w-	c:\windows\system32\deployJava1.dll
2011-06-10 19:02 . 2011-01-13 11:19	499712	----a-w-	c:\windows\SysWow64\msvcp71.dll
2011-06-10 19:02 . 2011-01-13 11:19	348160	----a-w-	c:\windows\SysWow64\msvcr71.dll
2011-05-24 11:42 . 2011-06-28 21:38	404480	----a-w-	c:\windows\system32\umpnpmgr.dll
2011-05-24 10:40 . 2011-06-28 21:37	64512	----a-w-	c:\windows\SysWow64\devobj.dll
2011-05-24 10:40 . 2011-06-28 21:37	44544	----a-w-	c:\windows\SysWow64\devrtl.dll
2011-05-24 10:39 . 2011-06-28 21:38	145920	----a-w-	c:\windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37 . 2011-06-28 21:38	252928	----a-w-	c:\windows\SysWow64\drvinst.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{A8FB70FA-0FDF-4601-9DC4-BFA1B357204F}]
2011-05-19 08:00	193864	----a-r-	c:\progra~2\WINZIP~1\wzwmcie.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36	94208	----a-w-	c:\users\Zinja\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36	94208	----a-w-	c:\users\Zinja\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36	94208	----a-w-	c:\users\Zinja\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-07-19 421736]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoStrCmpLogical"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-01-27 102968]
R3 ATP;Comodo EasyVPN Miniport Driver;c:\windows\system32\DRIVERS\cmdatp.sys [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2011-08-10 21712]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-02-22 30192]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [x]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
R3 PSSDK42;PSSDK42;c:\windows\system32\Drivers\pssdk42.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WefiEngSvc;WeFi Engine Service;c:\program files (x86)\WeFi\WefiEngSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
R4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files (x86)\PCPitstop\PCPitstopScheduleService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 CbFs;CbFs;c:\windows\system32\drivers\cbfs64.sys [x]
S1 Cox_Business_CBOBFilter;Cox_Business_CBOBFilter;c:\windows\system32\DRIVERS\Cox_Business_CBOB.sys [x]
S1 DVMIO;DeviceVM IO Service;c:\windows\system32\DRIVERS\dvmio.sys [x]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files (x86)\IObit\Advanced SystemCare 4\ASCService.exe [2011-08-09 328536]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2000-01-01 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-08 365568]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-02-26 127984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 Cox_Business_CBOBbackup;Online Backup Backup Service;c:\program files\Online Backup\Cox_Business_CBOBbackup.exe [2011-02-25 47432]
S2 DvmMDES;DeviceVM Meta Data Export Service;c:\swsetup\QuickWeb\QW.SYS\config\DVMExportService.exe [2010-03-06 338168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-05-21 103992]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-01-18 20480]
S2 McAfee SiteAdvisor Enterprise Service;McAfee SiteAdvisor Enterprise Service;c:\program files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe [2010-10-15 324928]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-01-12 203104]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
S2 myAgtSvc;McAfee Virus and Spyware Protection Service;c:\program files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe [2011-01-25 291064]
S2 RumorServer;McAfee Peer Distribution Service;c:\program files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe [2011-01-25 291064]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2011-04-19 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2011-04-19 399416]
S2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe [2011-05-18 62184]
S3 ALSysIO;ALSysIO;c:\users\Zinja\AppData\Local\Temp\ALSysIO64.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ALSYSIO
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2011-08-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1115849333-2882087070-3583721905-1000Core.job
- c:\users\Zinja\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-14 21:31]
.
2011-08-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1115849333-2882087070-3583721905-1000UA.job
- c:\users\Zinja\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-14 21:31]
.
2011-08-19 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2011-08-01 19:44]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-07-04 11:43	134384	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-12-18 01:40	2210304	----a-w-	c:\program files (x86)\Zecter\ZumoDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-12-18 01:40	2210304	----a-w-	c:\program files (x86)\Zecter\ZumoDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-12-18 01:40	2210304	----a-w-	c:\program files (x86)\Zecter\ZumoDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-12-18 01:40	2210304	----a-w-	c:\program files (x86)\Zecter\ZumoDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-12-18 01:40	2210304	----a-w-	c:\program files (x86)\Zecter\ZumoDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Cox_Business_CBOB]
@="{0c5ad048-552c-fbe6-c6b0-6a08559c9c7d}"
[HKEY_CLASSES_ROOT\CLSID\{0c5ad048-552c-fbe6-c6b0-6a08559c9c7d}]
2011-02-25 15:19	4345160	----a-w-	c:\program files\Online Backup\Cox_Business_CBOBshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Cox_Business_CBOB2]
@="{660ab6ed-0dcb-8263-f187-c9e122de6608}"
[HKEY_CLASSES_ROOT\CLSID\{660ab6ed-0dcb-8263-f187-c9e122de6608}]
2011-02-25 15:19	4345160	----a-w-	c:\program files\Online Backup\Cox_Business_CBOBshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Cox_Business_CBOB3]
@="{08e527d9-6623-f035-7753-07126ac1c440}"
[HKEY_CLASSES_ROOT\CLSID\{08e527d9-6623-f035-7753-07126ac1c440}]
2011-02-25 15:19	4345160	----a-w-	c:\program files\Online Backup\Cox_Business_CBOBshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36	97792	----a-w-	c:\users\Zinja\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36	97792	----a-w-	c:\users\Zinja\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36	97792	----a-w-	c:\users\Zinja\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36	97792	----a-w-	c:\users\Zinja\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"combofix"="c:\combofix\CF22049.cfxxe" [X]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-20 611896]
"HP Quick Launch"="c:\program files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-01-18 451072]
"HPToneControl"="c:\program files\Hewlett-Packard\HPToneControl\HPTonectl.exe" [2009-08-19 107832]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2000-01-01 525312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://search.foxtab.com/?s=0&chnl=dcom&cd=2XzutBtN2Y1L1QzuyBtD0FtAzyyDtAyDyBzytAtA0E0FyByD0FtN0D0TzutBtDtCtCtDzztCyE&cr=455734634
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
IE: Free YouTube Download
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device...
IE: Send page to &Bluetooth Device...
IE: Tux Messenger share
IE: {{E6B2C7F7-B5C8-45D2-8820-E17C03C99ED1}
Trusted Zone: facebook.com\www
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{F5AD79AC-758E-47A4-8BFA-762DB7ECF4CC}\2456C6B696E6F574F505C65737F5D494D4F4F5833463545413: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{F5AD79AC-758E-47A4-8BFA-762DB7ECF4CC}\C4964747C656F52427561646F534F6D60716E697: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{F5AD79AC-758E-47A4-8BFA-762DB7ECF4CC}\F4A71627B6E41647572716C664F6F64637: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Zinja\AppData\Roaming\Mozilla\Firefox\Profiles\6w4rqzwk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=ZUGO&form=ZGAADF&q=
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-DriverMax - (no file)
Wow6432Node-HKCU-Run-DriverMax_RESTART - (no file)
Wow6432Node-HKLM-Run-TaskTray - (no file)
HKLM_Wow6432Node-ActiveSetup-{10880D85-AAD9-4558-ABDC-2AB1552D831F} - c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-HPWirelessAssistant - c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe
AddRemove-Climsy_is1 - c:\program files (x86)\Climsy\unins000.exe
AddRemove-HP DVB-T TV Tuner - c:\program files (x86)\HP\HP DVB-T TV Tuner\uninst.exe
AddRemove-InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
AddRemove-InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} - c:\program files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe
AddRemove-InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E} - c:\program files (x86)\InstallShield Installation Information\{3023EBDA-BF1B-4831-B347-E5018555F26E}\setup.exe
AddRemove-InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658} - c:\program files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe
AddRemove-InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5} - c:\program files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe
AddRemove-InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF} - c:\program files (x86)\InstallShield Installation Information\{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}\setup.exe
AddRemove-InstallShield_{8C8224B7-AA9B-4807-97CD-55899BAC83FE} - c:\program files (x86)\InstallShield Installation Information\{8C8224B7-AA9B-4807-97CD-55899BAC83FE}\setup.exe
AddRemove-InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C} - c:\program files (x86)\InstallShield Installation Information\{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}\setup.exe
AddRemove-InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} - c:\program files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe
AddRemove-InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095} - c:\program files (x86)\InstallShield Installation Information\{D12E3E7F-1B13-4933-A915-16C7DD37A095}\setup.exe
AddRemove-InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE} - c:\program files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe
AddRemove-InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5} - c:\program files (x86)\InstallShield Installation Information\{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}\setup.exe
AddRemove-InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF} - c:\program files (x86)\InstallShield Installation Information\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}\setup.exe
AddRemove-My HP Game Console - c:\program files (x86)\HP Games\HP Game Console\Uninstall.exe
AddRemove-PROPLUSR - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe
AddRemove-WildTangent hp Master Uninstall - c:\program files (x86)\HP Games\Uninstall.exe
AddRemove-WildTangentGameProvider-hp-genres - c:\program files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe
AddRemove-WildTangentGameProvider-hp-main - c:\program files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe
AddRemove-WildTangentGDF-hp-clubpenguin - c:\program files (x86)\HP Games\Web Link - Club Penguin\Uninstall.exe
AddRemove-WildTangentGDF-hp-darkorbit - c:\program files (x86)\HP Games\Web Link - Dark Orbit\Uninstall.exe
AddRemove-WildTangentGDF-hp-runescape - c:\program files (x86)\HP Games\Web Link - RuneScape HD\Uninstall.exe
AddRemove-WildTangentGDF-hp-seafight - c:\program files (x86)\HP Games\Web Link - Seafight\Uninstall.exe
AddRemove-WildTangentGDF-hp-worldofwarcraft - c:\program files (x86)\HP Games\Web Link - World of Warcraft\Uninstall.exe
AddRemove-WinPcapInst - c:\program files (x86)\WinPcap\uninstall.exe
AddRemove-winscp3_is1 - c:\program files (x86)\WinSCP\unins000.exe
AddRemove-WT082122 - c:\program files (x86)\HP Games\Blackhawk Striker 2\Uninstall.exe
AddRemove-WT082124 - c:\program files (x86)\HP Games\Blasterball 3\Uninstall.exe
AddRemove-WT082133 - c:\program files (x86)\HP Games\Dora's Carnival Adventure\Uninstall.exe
AddRemove-WT082141 - c:\program files (x86)\HP Games\FATE\Uninstall.exe
AddRemove-WT082168 - c:\program files (x86)\HP Games\Penguins!\Uninstall.exe
AddRemove-WT082170 - c:\program files (x86)\HP Games\Plants vs. Zombies\Uninstall.exe
AddRemove-WT082171 - c:\program files (x86)\HP Games\Poker Superstars III\Uninstall.exe
AddRemove-WT082172 - c:\program files (x86)\HP Games\Polar Bowler\Uninstall.exe
AddRemove-WT082173 - c:\program files (x86)\HP Games\Polar Golfer\Uninstall.exe
AddRemove-WT082188 - c:\program files (x86)\HP Games\Virtual Families\Uninstall.exe
AddRemove-WT082189 - c:\program files (x86)\HP Games\Wheel of Fortune 2\Uninstall.exe
AddRemove-WT082192 - c:\program files (x86)\HP Games\Bejeweled 2 Deluxe\Uninstall.exe
AddRemove-WT082200 - c:\program files (x86)\HP Games\Chuzzle Deluxe\Uninstall.exe
AddRemove-WT082241 - c:\program files (x86)\HP Games\Virtual Villagers - The Secret City\Uninstall.exe
AddRemove-WT082396 - c:\program files (x86)\HP Games\Diner Dash 2 Restaurant Rescue\Uninstall.exe
AddRemove-WT082438 - c:\program files (x86)\HP Games\Build-a-lot 2\Uninstall.exe
AddRemove-WT082442 - c:\program files (x86)\HP Games\Faerie Solitaire\Uninstall.exe
AddRemove-WT082443 - c:\program files (x86)\HP Games\Jewel Quest 3\Uninstall.exe
AddRemove-WT082456 - c:\program files (x86)\HP Games\Mystery P.I. - The New York Fortune\Uninstall.exe
AddRemove-WT082463 - c:\program files (x86)\HP Games\Zuma's Revenge\Uninstall.exe
AddRemove-WT082468 - c:\program files (x86)\HP Games\Jewel Quest Solitaire 2\Uninstall.exe
AddRemove-WT083477 - c:\program files (x86)\HP Games\Cake Mania\Uninstall.exe
AddRemove-WT083484 - c:\program files (x86)\HP Games\Escape Rosecliff Island\Uninstall.exe
AddRemove-WT083491 - c:\program files (x86)\HP Games\TextTwist 2\Uninstall.exe
AddRemove-YInstHelper - c:\windows\system32\regsvr32
AddRemove-{01FB4998-33C4-4431-85ED-079E3EEFE75D} - c:\program files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe
AddRemove-{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} - c:\program files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe
AddRemove-{2C13F8C1-570B-42A9-87B4-8C7903ECD602} - c:\programdata\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}\ObjectDock_free.exe
AddRemove-{3023EBDA-BF1B-4831-B347-E5018555F26E} - c:\program files (x86)\InstallShield Installation Information\{3023EBDA-BF1B-4831-B347-E5018555F26E}\setup.exe
AddRemove-{40BF1E83-20EB-11D8-97C5-0009C5020658} - c:\program files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe
AddRemove-{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5} - c:\program files (x86)\InstallShield Installation Information\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}\setup.exe
AddRemove-{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF} - c:\program files (x86)\InstallShield Installation Information\{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}\setup.exe
AddRemove-{8833FFB6-5B0C-4764-81AA-06DFEED9A476} - c:\program files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe
AddRemove-{9008D736-35CA-40DB-A2BE-5F32D954E5AA} - c:\programdata\Uninstall\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}\setup.exe
AddRemove-{91A34181-9FAD-43AB-A35F-E7A8945B7E1C} - c:\program files (x86)\InstallShield Installation Information\{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}\setup.exe
AddRemove-{96AE7E41-E34E-47D0-AC07-1091A8127911} - c:\program files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe
AddRemove-{C59C179C-668D-49A9-B6EA-0121CCFC1243} - c:\program files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe
AddRemove-{CB099890-1D5F-11D5-9EA9-0050BAE317E1} - c:\program files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe
AddRemove-{D12E3E7F-1B13-4933-A915-16C7DD37A095} - c:\program files (x86)\InstallShield Installation Information\{D12E3E7F-1B13-4933-A915-16C7DD37A095}\setup.exe
AddRemove-{D36DD326-7280-11D8-97C8-000129760CBE} - c:\program files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe
AddRemove-{DCCAD079-F92C-44DA-B258-624FC6517A5A} - c:\program files (x86)\InstallShield Installation Information\{DCCAD079-F92C-44DA-B258-624FC6517A5A}\setup.exe
AddRemove-{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A} - c:\program files (x86)\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe
AddRemove-{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001} - c:\program files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe
AddRemove-{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5} - c:\program files (x86)\InstallShield Installation Information\{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}\setup.exe
AddRemove-{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF} - c:\program files (x86)\InstallShield Installation Information\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}\setup.exe
AddRemove-{FC274982-5AAD-4C20-848D-4424A5043010}_is1 - c:\program files (x86)\WinUtilities\unins000.exe
AddRemove-CNET TechTracker - c:\users\Zinja\AppData\Roaming\CBS Interactive\CNET TechTracker\uninst.exe
AddRemove-Google Chrome - c:\users\Zinja\AppData\Local\Google\Chrome\Application\13.0.782.112\Installer\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10u_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10u.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\mcafee\ManagedServices]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\mcafee\VSCORE]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
.
**************************************************************************
.
Completion time: 2011-08-18  23:22:10 - machine was rebooted
ComboFix-quarantined-files.txt  2011-08-19 04:22
.
Pre-Run: 40,668,815,360 bytes free
Post-Run: 40,053,334,016 bytes free
.
- - End Of File - - 2C133CBC93CA615B6600886523707A37