ComboFix 13-11-03.02 - Ryan2011 11/04/2013  16:39:18.6.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.4061.2581 [GMT -5:00]
Running from: c:\users\Ryan2011\Desktop\ComboFix.exe
Command switches used :: c:\users\Ryan2011\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9FA0D26A-51F5-45D5-94BF-EAC9DAE4FCDA}\mpasbase.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9FA0D26A-51F5-45D5-94BF-EAC9DAE4FCDA}\mpasdlta.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9FA0D26A-51F5-45D5-94BF-EAC9DAE4FCDA}\mpavbase.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9FA0D26A-51F5-45D5-94BF-EAC9DAE4FCDA}\mpavdlta.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9FA0D26A-51F5-45D5-94BF-EAC9DAE4FCDA}\mpengine.dll
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EFCB0D4E-257D-45D3-843F-D571DB0AB01D}\gapaengine.dll
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EFCB0D4E-257D-45D3-843F-D571DB0AB01D}\nisbase.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EFCB0D4E-257D-45D3-843F-D571DB0AB01D}\nisfull.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpasbase.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpasdlta.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpavbase.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpavdlta.vdm
c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
c:\programdata\Microsoft\Microsoft Antimalware\Network Inspection System\Support\NisLog.txt
c:\programdata\Microsoft\Microsoft Antimalware\Scans\heartbeat\130280738929442423
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{00172507-0D9B-4F09-82B0-22848B08986D}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{028F1717-2C35-4176-976F-9EB6FA78E0B9}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{02DB8F69-6EA6-4151-B30A-E91392160252}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{04EA33AF-06C0-4C85-A1B9-A3769AAF18D8}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{074FC7D2-22AD-45A1-9D1A-B6EBB51C389F}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{07572C80-D4B5-4FD7-ACCB-B90975393435}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{0CF8891F-C3EC-4617-AA44-16DAA666C480}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{0EA5B560-CEF4-41A8-85A3-079DC9075905}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{0EF3306E-35E5-42E8-BA59-896779D88294}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{1009D4C0-E1BA-4711-94E0-F367C7AB6E94}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{11F39398-9BFB-4746-A547-DDBC6AFBA5E7}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{142D5728-80FF-47A0-B488-836886918C94}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{1A8855DC-A259-4B96-A81A-C23B8848DDCE}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{1D8B2123-8FD5-4440-ABCE-04FF1FC67B67}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{1E820972-6233-44FD-8E17-BFF1DE49F8CA}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{1F0FF8AD-0D7F-4C1A-B15A-54F16F7D58CC}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{1F4A6A8A-EE29-4637-AE2E-FDF461159DF5}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{1F713196-FACC-493C-A3A4-041AE139004D}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{2306DE65-957E-43BB-881E-285E38AB65AB}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{24D227CA-DB76-4E28-8F85-F044FCA8EF58}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{26A4F3B2-22DC-4C7E-B68D-727B7D3F4990}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{27D77576-8C97-4B1E-AF66-073CCD564BF3}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{2E83C19B-D40E-4C84-9F99-AFB2B044A79C}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{3072E008-84F6-49C6-8CBA-17D8AAA8EB54}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{31A3D5AB-EAEF-4D12-914D-CDCB7A595BC1}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{31AF2EA1-9166-4AA9-8437-73C11D13E8CF}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{32017635-0B56-43B9-9C82-C08743C8469D}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{35C427C4-E8AF-476B-A481-DF29D6F3E9B5}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{38AB3D25-EE4D-4B2A-BE38-40D3D07AFDDB}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{3A56DDFF-8D80-49A6-8A9F-856937ACCFF7}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{3BBB7401-69EA-484D-A45C-29F58490A82F}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{3E98F753-2E25-415C-8B37-B28173004B09}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{3EF3179B-2CC9-44B7-BC3B-D86EBB440471}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{409D14F5-EBD8-4CF1-832F-95193A22F6A3}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{41E18859-6A49-4A77-8DA2-FA7B625FB8A4}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{427AF318-1DEA-457A-8E64-A653ED94605B}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{452E418C-1258-4501-BDAF-5D6A7E567A70}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{4572CCA2-B4F1-41EC-92F0-02657F5185C7}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{464618B2-26A0-465C-9619-F73E22DCF639}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{47E351D3-9DC2-4122-81A2-768282A97C86}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{4C683479-0529-437A-A4D4-E36EEF17B8E4}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{50498592-A201-4095-A9F8-8FC5C38B9AF1}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{50735514-856E-4339-9AE5-F6287FB9C5D1}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{51BD1ADE-554F-4B60-B36E-173ABBC2169E}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{522AB502-B034-4243-ADE6-FA35D7917DE8}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{56569C89-5E1C-45A3-A7C0-FD6F272C8025}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{59337849-8935-4A2A-9CC5-5EC4AFBF027C}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{5C40DBD3-7542-4DDD-96EF-44AFF6772CF6}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{5DA2EADD-AC8C-4956-9D21-089CE7FB1899}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{5EC35CC8-962D-48A9-8274-22DE38BC1786}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{6217403C-66D7-4067-AA9C-A10171F5E38E}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{635C99B3-75A9-4A9B-8B90-8B6D9696389D}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{6538E173-9F67-436C-9B05-BA1BDE92EEE1}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{6551BE59-4EA2-44BD-987D-6B933D852C4B}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{670ABF57-6EFF-4A28-BC93-F91CABEA351C}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{6786CF3F-3D3E-497F-86C1-D3F7F428678A}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{69DCC1E2-6989-465D-BED0-B4FC50E59A97}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{6A36F98E-4E62-42EA-812B-7DC01B49C7B9}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{6B049CA6-5BD5-4CA9-887D-5E9860C72D98}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{6E7201F0-B7CC-4195-91B4-198050775F3D}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{716B85D5-7733-4AAC-8A7B-CCB7829706AC}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{72B4E0BA-B85C-4590-BF5E-0127737E8FCC}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{75A8D2FB-36FE-4ECD-AD47-D1C37C6B33A6}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{76E14264-C8AE-4F0D-8FF2-87179657FDB9}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{7E737E57-2DEF-4426-A805-BC58C4258D7F}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{801F79B8-9412-4C8D-8885-2DBAAD9B1F45}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{83FF1B6F-CCFB-43A9-8490-1C3545673468}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{844C6218-9389-4E5E-806B-B776B735C27F}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{860803E1-6C95-4944-918F-48E8AC5F1889}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{8657DC61-6637-41C5-922C-6D8755455C94}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{86666195-327F-4BE2-873F-D583684142D1}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{8B3A56D5-4A07-40DE-8150-0915160FE36E}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{8B984DD0-5062-4050-A2EE-CB15D39EA53D}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{94662147-61D9-44CA-899A-6074E46827E7}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{9491C9A4-D7D8-488B-9287-0CF1DE42DCF7}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{94FF1E12-EB2D-416A-87FC-99EF053FFB38}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{952CDEC1-722A-4F75-9488-91ADE69B91C7}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{9553BA03-F1FC-4298-94D1-457C64CDAB42}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{9713D083-EABA-4BD8-86EE-EE6BE59BD909}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{9B1F6487-5F7B-40F2-BD1D-7D7A632403FE}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{9DB0B4FB-A6D4-4673-942E-165B6EB448AF}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A09292D9-986E-43AF-B19B-37426A3D1490}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A2AB4A69-5E26-44CF-AFBE-0F512376A67B}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A3274091-A4CA-45AC-9DCE-7FED4A3E7C80}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{A99E2136-9399-428B-B749-10E3F279A2A1}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{AB922862-2AB1-45D7-8570-252E25D10247}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{AC2D666F-2DDB-4B63-8F72-4CE73EC34934}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{AD4328E6-62A1-4383-B884-315F72CEF5D7}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{AD7E05CE-8960-4653-B5BC-C235AEAFA142}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{ADAEC7FD-5B47-4652-A5B4-96935F856920}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{B01F20D4-EE15-4445-8D4B-69568CF04C83}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{B2AE07C8-A823-44F1-A451-057C33D334A5}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{B338BFE8-CEBF-49D0-8FF6-C32C725FC350}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{B486351F-C8D2-4E42-BF5B-2EB628CD6085}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{B5AA57EF-A8AB-4912-8144-B24E4AAD03E9}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{B9A591CD-DE3D-4EA0-AE01-2FE2E55CC281}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{BC49D705-4E8A-4EC9-848D-62B8E0C813DB}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{BC8B5BF4-B516-4C4D-9373-185210AD395B}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{BDDFA2F7-39CD-4178-91DC-DF6BEFF178D5}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{BDFDBCA0-EA91-489D-85D3-B753294A9F28}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C04B4540-F781-422B-93B1-CDC7B7574A89}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C3C00895-A29B-4686-AA36-03A10B6FC56B}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C3CA273E-6208-4E23-9605-1A03AD69483C}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C889D508-41F4-4ECA-9EF1-501A83EFAD81}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C9AC7B9D-2166-4712-9D38-19D2817B249A}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{CA02AAC9-078A-4ACC-B41D-F6155ABB2442}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{CCB34F4E-9AA7-4B84-A83B-033817412C6F}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{CE580ED1-92D4-40DC-B49C-BBA0014F5F54}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D14A38AB-9A6B-4C46-8676-9AB6525EE733}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D1C036F8-F37C-41DE-AD0D-AD791C6683F9}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D4B15784-B051-4202-9FEA-773B3E037F44}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{DC93564B-0AFB-44AC-AC0E-BE8FCC2CD67C}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{DCF30BE8-7A96-44FD-ACED-C2446E2DF97A}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{DE7FCDCD-A1FA-4DBC-85E4-419E5446ACCE}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{E424F6F6-AC9F-4C0E-B877-900E6EDFAB6A}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{E597E762-4669-428C-AF7E-63DEAA419778}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{E6C9B5A6-161F-411F-B52A-6459DA98B2A8}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{E6CC76FC-397B-4ADE-9F5F-8AB551EE67EB}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{E86B6AF2-AFBF-401C-ACA5-1D1611C04E2B}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{EDFCFF01-3CAA-4EBC-A878-A749A063E35A}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{EF3C98D7-BDA4-4BD9-AB4E-37FC28A9B902}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F1DD50E2-9E63-4307-ABD9-E5F1A9CE703B}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F26DC5B4-3ED3-4B3E-B194-7E1045357F4A}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{F8CFC03C-82A6-404C-912A-A49CD00538FA}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{FAED2E13-5624-49BA-89F0-153AB00649A1}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{FBA1E402-FF1F-482C-8B6E-4AB2CDA1D1BF}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{FC0D3B34-149B-4A7F-AABE-8702C1912D4A}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{FD07F3E3-041B-4AA3-A7CA-5B7E2EF60928}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{FD138EBD-9C69-487C-AA95-618EFDBD4CD1}
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Service\DetectionHistory\05\1E90D5EB-781A-48D0-A6C8-23079C8C21CB
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Service\DetectionHistory\12\693D083E-B840-4B0B-B769-053D81BAC647
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Service\DetectionHistory\16\CC4FC997-CA0D-42DE-831D-28F36E32DFC4
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Service\DetectionHistory\17\D85B9EDF-9CAF-454F-8E5D-D6658DB7B36B
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Service\DetectionHistory\18\D88C380C-015D-47FB-8957-E1106B464F36
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Service\DetectionHistory\21\F1569A6C-EDBF-458F-810E-1110DA11018E
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Service\Detections.log
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Service\History.Log
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Service\Unknown.Log
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Store\B7D7FB37D20BF27C09AD5910A355F4D7
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\Store\EB83A2D70FF50772DACA882502A19D52
c:\programdata\Microsoft\Microsoft Antimalware\Scans\mpcache-F8D8D0D2933C8DC82998CA8E9DE474C76BA02728.bin
c:\programdata\Microsoft\Microsoft Antimalware\Scans\mpcache-F8D8D0D2933C8DC82998CA8E9DE474C76BA02728.bin.67
c:\programdata\Microsoft\Microsoft Antimalware\Scans\mpcache-F8D8D0D2933C8DC82998CA8E9DE474C76BA02728.bin.7E
c:\programdata\Microsoft\Microsoft Antimalware\Scans\mpcache-F8D8D0D2933C8DC82998CA8E9DE474C76BA02728.bin.80
c:\programdata\Microsoft\Microsoft Antimalware\Scans\mpcache-F8D8D0D2933C8DC82998CA8E9DE474C76BA02728.bin.87
c:\programdata\Microsoft\Microsoft Antimalware\Scans\mpcache-F8D8D0D2933C8DC82998CA8E9DE474C76BA02728.bin.A0
c:\programdata\Microsoft\Microsoft Antimalware\Scans\mpcache-F8D8D0D2933C8DC82998CA8E9DE474C76BA02728.bin.CB
c:\programdata\Microsoft\Microsoft Antimalware\Scans\mpcache-F8D8D0D2933C8DC82998CA8E9DE474C76BA02728.bin.CC
c:\programdata\Microsoft\Microsoft Antimalware\Scans\mpcache-F8D8D0D2933C8DC82998CA8E9DE474C76BA02728.bin.VE0
c:\programdata\Microsoft\Microsoft Antimalware\Scans\mpcache-F8D8D0D2933C8DC82998CA8E9DE474C76BA02728.bin.VE1
c:\programdata\Microsoft\Microsoft Antimalware\Scans\mpcache-F8D8D0D2933C8DC82998CA8E9DE474C76BA02728.bin.VF
c:\programdata\Microsoft\Microsoft Antimalware\Scans\PersistedStore\MpPersistedStore.bin
c:\programdata\Microsoft\Microsoft Antimalware\Support\MpWppTracing-11012013-130451-00000003-ffffffff.bin
c:\programdata\Microsoft\Microsoft Antimalware\Support\MpWppTracing-11012013-151525-00000003-ffffffff.bin
c:\programdata\Microsoft\Microsoft Antimalware\Support\MpWppTracing-11042013-073529-00000003-ffffffff.bin
c:\programdata\Microsoft\Microsoft Antimalware\Support\MpWppTracing-11042013-161451-00000003-ffffffff.bin
c:\users\Ryan2011\AppData\Local\Temp\99cab429-f99d-4f69-9d04-113ad532bd0f\CliSecureRT.dll
c:\programdata\Microsoft\Microsoft Antimalware . . . . Failed to delete
c:\programdata\Microsoft\Microsoft Antimalware\IMpServiceEDB4FA23-53B8-4AFA-8C5D-99752CCA7094.lock . . . . Failed to delete
c:\programdata\Microsoft\Microsoft Antimalware\Scans\History\CacheManager\MpScanCache-0.bin . . . . Failed to delete
c:\programdata\Microsoft\Microsoft Antimalware\Scans\MpDiag.bin . . . . Failed to delete
c:\programdata\Microsoft\Microsoft Antimalware\Support\MPDetection-11012013-130451.log . . . . Failed to delete
c:\programdata\Microsoft\Microsoft Antimalware\Support\MPLog-11012013-130451.log . . . . Failed to delete
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_rcbonwqp
.
.
(((((((((((((((((((((((((   Files Created from 2013-10-04 to 2013-11-04  )))))))))))))))))))))))))))))))
.
.
2013-11-04 21:44 . 2013-11-04 21:44	--------	d-----w-	c:\users\Public\AppData\Local\temp
2013-11-04 21:44 . 2013-11-04 21:44	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-11-01 17:04 . 2013-11-01 17:04	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2013-11-01 17:04 . 2013-11-01 17:04	--------	d-----w-	c:\program files\Microsoft Security Client
2013-10-30 14:24 . 2013-10-30 14:24	--------	d-----w-	c:\programdata\Kaspersky Lab
2013-10-29 11:32 . 2013-10-29 11:32	--------	d-----w-	C:\found.000
2013-10-25 15:19 . 2013-11-04 19:58	--------	d-----w-	C:\FRST
2013-10-18 12:24 . 2013-10-18 12:24	163504	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2013-10-15 18:16 . 2013-10-15 18:18	--------	d-----w-	c:\users\Ryan2011\AppData\Roaming\Talisman
2013-10-14 19:32 . 2013-10-14 19:33	--------	d-----w-	c:\users\Ryan2011\AppData\Roaming\Talisman Prologue
2013-10-09 12:26 . 2013-08-29 01:29	33280	----a-w-	c:\windows\system32\drivers\usbser.sys
2013-10-09 12:25 . 2013-08-29 02:16	243712	----a-w-	c:\windows\system32\wow64.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-01 19:52 . 2013-11-01 19:52	26907909	----a-w-	C:\Qoobox.zip
2013-10-09 16:06 . 2011-02-01 19:42	80541720	----a-w-	c:\windows\system32\MRT.exe
2013-10-09 15:47 . 2012-03-30 11:49	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-09 15:47 . 2011-05-18 11:51	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-29 01:48 . 2013-10-09 12:25	44032	----a-w-	c:\windows\apppatch\acwow64.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Ryan2011\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Ryan2011\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Ryan2011\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	130736	----a-w-	c:\users\Ryan2011\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-07-02 975288]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-07-02 21432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"masqform.exe"="c:\program files (x86)\PureEdge\Viewer 6.1\masqform.exe" [2004-04-19 634880]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-07-02 3524536]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
.
c:\users\Ryan2011\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Ryan2011\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-24 27776968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2011-6-7 113664]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 gtfilter;Gametel Filter Driver;c:\windows\system32\DRIVERS\gtfilter.sys;c:\windows\SYSNATIVE\DRIVERS\gtfilter.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S2 dlbk_device;dlbk_device;c:\windows\system32\dlbkcoms.exe;c:\windows\SYSNATIVE\dlbkcoms.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 15:47]
.
2013-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1237553287-1429794397-2156527687-1000Core.job
- c:\users\Ryan2011\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-03 19:10]
.
2013-11-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1237553287-1429794397-2156527687-1000UA.job
- c:\users\Ryan2011\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-03 19:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Ryan2011\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Ryan2011\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Ryan2011\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36	164016	----a-w-	c:\users\Ryan2011\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-21 8306208]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-11 162328]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-11 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-11 417304]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-08-12 1356240]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yahoo.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Notify-GoToAssist - (no file)
Notify-igfxcui - (no file)
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file)
AddRemove-{C73A3942-84C8-4597-9F9B-EE227DCBA758} - c:\programdata\{D19C2D22-6043-47E7-B400-83A351841204}\delldock.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1237553287-1429794397-2156527687-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:56,6f,d7,79,c2,a1,f4,24,bd,f8,09,3b,2c,21,a3,7e,39,10,f1,09,69,45,25,
   21,e0,23,8a,75,74,70,24,a6,d6,fd,eb,67,e0,3a,c6,46,58,65,49,72,ab,f8,37,e7,\
"??"=hex:83,85,8f,72,36,56,9f,f2,e0,16,65,d1,f8,ef,b2,a6
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\users\Ryan2011\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Completion time: 2013-11-04  16:50:27 - machine was rebooted
ComboFix-quarantined-files.txt  2013-11-04 21:50
ComboFix2.txt  2013-11-04 21:14
ComboFix3.txt  2013-11-01 15:57
ComboFix4.txt  2013-11-01 15:12
ComboFix5.txt  2013-11-04 21:38
.
Pre-Run: 395,092,987,904 bytes free
Post-Run: 395,217,674,240 bytes free
.
- - End Of File - - 28F3B587FC78E097C5436780F6BF4E9B
CDB4DE4BBD714F152979DA2DCBEF57EB