ComboFix 09-09-18.02 - MICHELLE 09/19/2009 21:25.2.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.1.1033.18.2046.1185 [GMT -4:00]
Running from: c:\users\MICHELLE\Desktop\ComboFix.exe
Command switches used :: c:\users\MICHELLE\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

FILE ::
"c:\programdata\SPL22FA.tmp"
"c:\programdata\SPL4F5A.tmp"
"c:\programdata\SPL51C7.tmp"
"c:\programdata\SPL5238.tmp"
"c:\programdata\SPL623C.tmp"
"c:\programdata\SPL70DC.tmp"
"c:\programdata\SPL9EC0.tmp"
"c:\programdata\SPLC3EA.tmp"
"c:\programdata\SPLDD55.tmp"
"c:\programdata\SPLF336.tmp"
"c:\programdata\SPLFA7E.tmp"
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\SPL22FA.tmp
c:\programdata\SPL4F5A.tmp
c:\programdata\SPL51C7.tmp
c:\programdata\SPL5238.tmp
c:\programdata\SPL623C.tmp
c:\programdata\SPL70DC.tmp
c:\programdata\SPL9EC0.tmp
c:\programdata\SPLC3EA.tmp
c:\programdata\SPLDD55.tmp
c:\programdata\SPLF336.tmp
c:\programdata\SPLFA7E.tmp
.
---- Previous Run -------
.
c:\$recycle.bin\S-1-5-21-1400113804-1914402855-3429530994-500
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\$recycle.bin\S-1-5-21-2363420569-19101160-1035343276-500
c:\programdata\gwr\WSTEch.dll
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\users\MICHELLE\AppData\Roaming\inst.exe
c:\users\MICHELLE\Documents\ZbThumbnail.info
c:\windows\COUPON~1.OCX
c:\windows\CouponPrinter.ocx
c:\windows\Installer\10ca01.msp
c:\windows\Installer\127c91.msi
c:\windows\Installer\13f15be.msi
c:\windows\Installer\177df50.msp
c:\windows\Installer\1f435.msi
c:\windows\Installer\1f43b.msi
c:\windows\Installer\1f454.msi
c:\windows\Installer\1f459.msi
c:\windows\Installer\1f467.msi
c:\windows\Installer\1f475.msi
c:\windows\Installer\1f483.msi
c:\windows\Installer\1f491.msi
c:\windows\Installer\53fee.msp
c:\windows\Installer\5fee9.msi
c:\windows\system32\tmp.reg

.
(((((((((((((((((((((((((   Files Created from 2009-08-20 to 2009-09-20  )))))))))))))))))))))))))))))))
.

2009-09-20 01:37 . 2009-09-20 01:37	--------	d-----w-	c:\users\MICHELLE\AppData\Local\temp
2009-09-20 01:37 . 2009-09-20 01:37	--------	d-----w-	c:\users\Mcx1\AppData\Local\temp
2009-09-20 01:37 . 2009-09-20 01:37	--------	d-----w-	c:\users\Default\AppData\Local\temp
2009-09-20 01:37 . 2009-09-20 01:37	--------	d-----w-	c:\users\ALEX\AppData\Local\temp
2009-09-20 01:37 . 2009-09-20 01:37	--------	d-----w-	c:\users\ADAM\AppData\Local\temp
2009-09-19 23:37 . 2009-09-19 23:53	--------	d-----w-	c:\users\MICHELLE\AppData\Roaming\GetRightToGo
2009-09-19 23:36 . 2009-09-19 23:53	--------	d-----w-	c:\program files\Common Files\PC Tools
2009-09-19 23:35 . 2009-09-19 23:53	--------	d-----w-	c:\program files\Spyware Doctor
2009-09-19 03:55 . 2009-09-19 23:29	--------	d-----w-	c:\programdata\gwr
2009-09-11 04:48 . 2009-09-11 04:48	--------	d-----w-	c:\program files\iPhone Configuration Utility
2009-09-11 04:47 . 2009-05-18 18:17	26600	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2009-09-11 04:47 . 2008-04-17 17:12	107368	----a-w-	c:\windows\system32\GEARAspi.dll
2009-09-11 04:45 . 2009-09-11 04:47	--------	d-----w-	c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-11 03:24 . 2009-08-19 18:35	651264	----a-w-	c:\windows\system32\lxdrpmui.dll
2009-09-11 03:24 . 2009-08-19 18:35	376832	----a-w-	c:\windows\system32\lxdrcomm.dll
2009-09-11 03:24 . 2009-08-19 18:26	208896	----a-w-	c:\windows\system32\lxdrgrd.dll
2009-09-08 23:41 . 2009-08-14 17:07	897608	----a-w-	c:\windows\system32\drivers\tcpip.sys
2009-09-08 23:41 . 2009-08-14 16:29	104960	----a-w-	c:\windows\system32\netiohlp.dll
2009-09-08 23:41 . 2009-08-14 14:16	27136	----a-w-	c:\windows\system32\NETSTAT.EXE
2009-09-08 23:41 . 2009-08-14 14:16	19968	----a-w-	c:\windows\system32\ARP.EXE
2009-09-08 23:41 . 2009-08-14 14:16	9728	----a-w-	c:\windows\system32\TCPSVCS.EXE
2009-09-08 23:41 . 2009-08-14 14:16	10240	----a-w-	c:\windows\system32\finger.exe
2009-09-08 23:41 . 2009-08-14 14:16	8704	----a-w-	c:\windows\system32\HOSTNAME.EXE
2009-09-08 23:41 . 2009-08-14 14:16	17920	----a-w-	c:\windows\system32\ROUTE.EXE
2009-09-08 23:41 . 2009-08-14 14:16	11264	----a-w-	c:\windows\system32\MRINFO.EXE
2009-09-08 23:41 . 2009-08-14 16:29	17920	----a-w-	c:\windows\system32\netevent.dll
2009-09-08 23:40 . 2009-07-11 19:32	293376	----a-w-	c:\windows\system32\wlanmsm.dll
2009-09-08 23:40 . 2009-07-11 19:32	302592	----a-w-	c:\windows\system32\wlansec.dll
2009-09-08 23:40 . 2009-07-11 19:29	127488	----a-w-	c:\windows\system32\L2SecHC.dll
2009-09-08 23:40 . 2009-07-11 19:32	513024	----a-w-	c:\windows\system32\wlansvc.dll
2009-09-08 23:39 . 2009-06-10 12:11	2868224	----a-w-	c:\windows\system32\mf.dll
2009-09-02 21:47 . 2009-08-28 12:39	28672	----a-w-	c:\windows\system32\Apphlpdm.dll
2009-09-02 21:47 . 2009-08-28 10:15	4240384	----a-w-	c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-31 23:52 . 2009-08-31 23:52	--------	d-----w-	c:\programdata\Office Genuine Advantage
2009-08-31 16:13 . 2009-08-31 16:13	--------	d-----w-	c:\users\MICHELLE\Office Genuine Advantage
2009-08-28 23:42 . 2009-08-28 23:42	40448	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2009-08-28 23:42 . 2009-08-28 23:42	2065696	----a-w-	c:\windows\system32\usbaaplrc.dll
2009-08-28 07:02 . 2009-06-22 10:22	2048	----a-w-	c:\windows\system32\tzres.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-20 01:21 . 2009-03-13 01:23	--------	d-----w-	c:\programdata\Lx_cats
2009-09-19 21:54 . 2007-03-24 11:30	17408	----a-w-	c:\windows\system32\rpcnetp.exe
2009-09-19 21:54 . 2007-03-24 11:31	17408	----a-w-	c:\windows\system32\rpcnetp.dll
2009-09-19 21:54 . 2007-03-23 01:19	56680	----a-w-	c:\windows\system32\Rpcnet.dll
2009-09-19 21:51 . 2007-04-07 15:13	--------	d-----w-	c:\program files\Lavasoft
2009-09-19 21:51 . 2009-04-11 09:13	--------	d-----w-	c:\programdata\Lavasoft
2009-09-19 12:07 . 2009-04-12 23:39	--------	d-----w-	c:\program files\Windows Live Safety Center
2009-09-19 11:14 . 2008-06-15 11:08	--------	d-----w-	c:\programdata\Google Updater
2009-09-15 16:42 . 2007-04-06 21:59	8268	----a-w-	c:\users\MICHELLE\AppData\Local\d3d9caps.dat
2009-09-11 10:09 . 2007-04-06 10:36	--------	d-----w-	c:\users\MICHELLE\AppData\Roaming\Apple Computer
2009-09-11 09:48 . 2009-06-02 01:52	--------	d-----w-	c:\program files\QuickTime
2009-09-11 04:47 . 2007-04-06 10:36	--------	d-----w-	c:\program files\iTunes
2009-09-11 04:46 . 2007-04-06 10:36	--------	d-----w-	c:\program files\iPod
2009-09-11 04:46 . 2007-07-01 19:53	--------	d-----w-	c:\program files\Common Files\Apple
2009-09-10 01:40 . 2009-09-10 01:40	144908	----a-w-	c:\programdata\SPLCF0E.tmp
2009-09-09 11:27 . 2008-02-27 03:35	--------	d-----w-	c:\program files\Microsoft Silverlight
2009-09-09 09:35 . 2009-05-31 03:07	--------	d-----w-	c:\users\MICHELLE\AppData\Roaming\ComcastToolbar
2009-08-21 00:20 . 2008-11-30 15:23	--------	d-----w-	c:\program files\Safari
2009-08-19 18:47 . 2009-08-19 18:47	328360	----a-w-	c:\windows\system32\lxdrih.exe
2009-08-19 18:47 . 2009-03-13 01:00	594600	----a-w-	c:\windows\system32\lxdrcoms.exe
2009-08-19 18:47 . 2009-08-19 18:47	369320	----a-w-	c:\windows\system32\lxdrcfg.exe
2009-08-19 18:35 . 2009-03-13 01:01	860160	----a-w-	c:\windows\system32\lxdrusb1.dll
2009-08-19 18:35 . 2009-03-13 01:01	364544	----a-w-	c:\windows\system32\lxdrinpa.dll
2009-08-19 18:35 . 2009-03-13 01:01	339968	----a-w-	c:\windows\system32\lxdriesc.dll
2009-08-19 18:35 . 2009-03-13 01:00	577536	----a-w-	c:\windows\system32\lxdrlmpm.dll
2009-08-19 18:35 . 2009-03-13 01:00	1069056	----a-w-	c:\windows\system32\lxdrserv.dll
2009-08-19 18:35 . 2009-03-13 01:00	684032	----a-w-	c:\windows\system32\lxdrhbn3.dll
2009-08-19 18:35 . 2009-03-13 01:00	761856	----a-w-	c:\windows\system32\lxdrcomc.dll
2009-08-14 00:17 . 2009-03-11 04:31	--------	d-----w-	c:\program files\Yapta
2009-08-09 16:12 . 2007-11-14 03:55	--------	d-----w-	c:\programdata\Kodak
2009-08-08 00:30 . 2009-06-05 10:24	--------	d-----w-	c:\programdata\PCPitstop
2009-08-08 00:30 . 2009-06-05 10:24	--------	d-----w-	c:\program files\PCPitstop
2009-08-05 02:37 . 2009-08-05 02:37	--------	d-----w-	c:\programdata\Roxio
2009-08-04 17:08 . 2009-08-04 11:21	--------	d-----w-	c:\program files\Roxio
2009-08-04 11:27 . 2009-08-04 11:27	--------	d-----w-	c:\program files\Common Files\Sonic Shared
2009-08-04 11:27 . 2007-03-16 00:02	--------	d-----w-	c:\program files\Common Files\Roxio Shared
2009-08-04 11:23 . 2009-08-04 11:23	--------	d-----w-	c:\program files\Common Files\SureThing Shared
2009-08-03 19:07 . 2009-08-03 19:07	403816	----a-w-	c:\windows\system32\OGACheckControl.dll
2009-08-03 19:07 . 2009-08-03 19:07	322928	----a-w-	c:\windows\system32\OGAAddin.dll
2009-08-03 19:07 . 2009-08-03 19:07	230768	----a-w-	c:\windows\system32\OGAEXEC.exe
2009-07-30 03:35 . 2009-07-29 01:37	--------	d-----w-	c:\users\MICHELLE\AppData\Roaming\Vso
2009-07-30 03:35 . 2009-07-29 01:37	47360	----a-w-	c:\users\MICHELLE\AppData\Roaming\pcouffin.sys
2009-07-29 11:11 . 2009-07-29 11:11	--------	d-----w-	c:\programdata\vsosdk
2009-07-29 01:37 . 2009-07-29 01:37	47360	----a-w-	c:\windows\system32\drivers\pcouffin.sys
2009-07-29 00:07 . 2009-07-28 03:13	--------	d-----w-	c:\users\MICHELLE\AppData\Roaming\WinFF
2009-07-27 19:15 . 2007-03-16 00:16	--------	d-----w-	c:\program files\CyberLink
2009-07-27 19:13 . 2007-04-07 16:25	--------	d-----w-	c:\users\MICHELLE\AppData\Roaming\CyberLink
2009-07-21 21:52 . 2009-07-28 23:05	915456	----a-w-	c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-28 23:05	109056	----a-w-	c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-28 23:05	71680	----a-w-	c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-28 23:05	133632	----a-w-	c:\windows\system32\ieUnatt.exe
2009-07-17 14:35 . 2009-08-12 05:42	71680	----a-w-	c:\windows\system32\atl.dll
2009-07-15 23:33 . 2009-07-15 23:33	76184	----a-w-	c:\windows\system32\atsckernel.exe
2009-07-15 23:33 . 2009-07-15 23:33	20376	----a-w-	c:\windows\system32\atashost.exe
2009-07-14 13:06 . 2009-07-14 13:06	106496	----a-w-	c:\windows\system32\lxdrinsr.dll
2009-07-14 13:06 . 2009-07-14 13:06	36864	----a-w-	c:\windows\system32\lxdrcur.dll
2009-07-14 13:05 . 2009-07-14 13:05	147456	----a-w-	c:\windows\system32\lxdrjswr.dll
2009-07-14 13:03 . 2009-07-14 13:03	200704	----a-w-	c:\windows\system32\lxdrinsb.dll
2009-07-14 13:03 . 2009-07-14 13:03	90112	----a-w-	c:\windows\system32\lxdrcub.dll
2009-07-14 13:01 . 2009-07-14 13:01	77824	----a-w-	c:\windows\system32\lxdrcu.dll
2009-07-14 13:01 . 2009-07-14 13:01	176128	----a-w-	c:\windows\system32\lxdrins.dll
2009-07-14 13:00 . 2009-08-12 05:42	313344	----a-w-	c:\windows\system32\wmpdxm.dll
2009-07-14 12:59 . 2009-08-12 05:42	4096	----a-w-	c:\windows\system32\dxmasf.dll
2009-07-14 12:59 . 2009-07-14 12:59	544768	----a-w-	c:\windows\system32\lxdrutil.dll
2009-07-14 12:58 . 2009-08-12 05:42	7680	----a-w-	c:\windows\system32\spwmp.dll
2009-07-14 10:59 . 2009-08-12 05:42	8147456	----a-w-	c:\windows\system32\wmploc.DLL
2009-07-10 22:59 . 2009-07-10 22:59	409600	----a-w-	c:\windows\system32\lxdrcoin.dll
2009-06-27 21:25 . 2007-03-23 00:27	59688	----a-w-	c:\users\ALEX\AppData\Local\GDIPFONTCACHEV1.DAT
2007-09-03 19:41 . 2007-09-03 19:41	8	--sha-r-	c:\windows\System32\DB460FB393.sys
2007-09-03 19:41 . 2007-09-03 19:41	2828	--sha-w-	c:\windows\System32\KGyGaAvL.sys
2007-03-16 07:39 . 2007-03-16 07:38	8192	--sha-w-	c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((   SnapShot@2009-09-19_22.34.07   )))))))))))))))))))))))))))))))))))))))))
.
- 2007-03-20 23:28 . 2009-09-19 22:02	32768              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-03-20 23:28 . 2009-09-20 00:45	32768              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-03-20 23:28 . 2009-09-20 00:45	81920              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-03-20 23:28 . 2009-09-19 22:02	81920              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-03-20 23:28 . 2009-09-20 00:45	32768              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2007-03-20 23:28 . 2009-09-19 22:02	32768              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"PhotoShow Deluxe Media Manager"="c:\progra~1\Comcast\COMCAS~1\data\Xtras\mssysmgr.exe" [2005-05-09 192512]
"RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2009-07-26 160592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-17 815104]
"PCMService"="c:\program files\Dell\MediaDirect\PCMService.exe" [2006-10-13 184320]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 81920]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2006-11-22 842584]
"Yapta Tracker"="c:\program files\Yapta\YaptaClient.exe" [2009-07-27 345392]
"Conime"="c:\windows\system32\conime.exe" [2008-01-19 69120]
"lxdrmon.exe"="c:\program files\Lexmark 4900 Series\lxdrmon.exe" [2008-09-10 676520]
"lxdramon"="c:\program files\Lexmark 4900 Series\lxdramon.exe" [2008-09-10 16040]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-11-01 582992]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 221184]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-09 305440]
"SigmatelSysTrayApp"="sttray.exe" - c:\windows\sttray.exe [2007-02-08 303104]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2008-10-10 69632]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\users\MICHELLE\Desktop\SetPoint\SetPoint.exe [2009-1-21 809488]
PHOTOfunSTUDIO.lnk - c:\program files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe [2009-6-18 44176]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
 [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk /r \??\C:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^KODAK Software Updater.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\KODAK Software Updater.lnk
backup=c:\windows\pss\KODAK Software Updater.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^MICHELLE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Media Player.lnk]
path=c:\users\MICHELLE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Media Player.lnk
backup=c:\windows\pss\Adobe Media Player.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^MICHELLE^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CNNAlerter.lnk]
path=c:\users\MICHELLE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CNNAlerter.lnk
backup=c:\windows\pss\CNNAlerter.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoBoingo
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SiteAdvisor
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TheLaptopLock

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"="0x00000000"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{B1554098-2B14-4333-AB0F-53C74A49A14E}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{ED6CBBD3-6B02-4778-B34E-BD25CBF4565F}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{3D534813-C883-45F3-A789-39270E6E86AC}c:\\windows\\system32\\ctmweb.exe"= UDP:c:\windows\system32\ctmweb.exe:ctmweb.exe
"UDP Query User{EDAF5A29-FFD8-420C-AA2B-5BA4D35D771F}c:\\windows\\system32\\ctmweb.exe"= TCP:c:\windows\system32\ctmweb.exe:ctmweb.exe
"TCP Query User{D43BA8D4-F7BF-4050-9284-AB50D651E5B5}c:\\program files\\msgtag\\msgtag.exe"= UDP:c:\program files\msgtag\msgtag.exe:MSGTAG
"UDP Query User{A04EEB63-2E58-4A23-AFAC-0399D4CFE036}c:\\program files\\msgtag\\msgtag.exe"= TCP:c:\program files\msgtag\msgtag.exe:MSGTAG
"TCP Query User{D2F82F5E-FD86-4665-A18B-E84EE1C6F72D}c:\\program files\\gametap\\bin\\release\\gametap.exe"= UDP:c:\program files\gametap\bin\release\gametap.exe:GameTap Application
"UDP Query User{9861C908-5E46-4321-ABBC-5E620546A5B4}c:\\program files\\gametap\\bin\\release\\gametap.exe"= TCP:c:\program files\gametap\bin\release\gametap.exe:GameTap Application
"TCP Query User{F89360A3-D292-4764-BEC1-6DBB953E01F1}c:\\program files\\kodak\\kodak software updater\\7288971\\program\\kodak software updater.exe"= UDP:c:\program files\kodak\kodak software updater\7288971\program\kodak software updater.exe:Kodak Software Updater
"UDP Query User{BD635C9A-0907-4FD2-AFE2-675FAC3D1227}c:\\program files\\kodak\\kodak software updater\\7288971\\program\\kodak software updater.exe"= TCP:c:\program files\kodak\kodak software updater\7288971\program\kodak software updater.exe:Kodak Software Updater
"TCP Query User{C83D8481-DADE-4A8D-9C67-B6ECB53C5CD7}c:\\program files\\msgtag\\msgtag.exe"= UDP:c:\program files\msgtag\msgtag.exe:MSGTAG
"UDP Query User{636FDF6B-88D1-4B9F-8F44-CB1FF52F4E2F}c:\\program files\\msgtag\\msgtag.exe"= TCP:c:\program files\msgtag\msgtag.exe:MSGTAG
"{3ED2C9C4-576B-467C-A65D-10DF23C626EE}"= UDP:c:\program files\DellConnect\Bin\Launch.exe:DellConnect
"{3EE1A3D4-3C15-4AC7-B86C-5996D97A48E9}"= TCP:c:\program files\DellConnect\Bin\Launch.exe:DellConnect
"{B879921C-3A93-4525-8841-167B8F6A97E1}"= UDP:c:\program files\DellSupport\DSAgnt.exe:Dell Support
"{216E4DDF-DE39-48EA-9C71-C9E50B5DE001}"= TCP:c:\program files\DellSupport\DSAgnt.exe:Dell Support
"{E66C97C6-5D24-43B7-A467-CAB0C11B70A9}"= UDP:c:\program files\Siber Systems\AI RoboForm\identities.exe:Edit Identities
"{4BDDCE18-AD70-4D5B-A295-85879AD15CA7}"= TCP:c:\program files\Siber Systems\AI RoboForm\identities.exe:Edit Identities
"{44BFD514-1882-453E-A59B-812450E004F3}"= UDP:c:\program files\Siber Systems\AI RoboForm\passcards.exe:Edit Passcards
"{CE7B810C-CFB6-4B6E-978F-9EE45BFA4B27}"= TCP:c:\program files\Siber Systems\AI RoboForm\passcards.exe:Edit Passcards
"{E64F1CC6-CCCE-4421-8CC8-58F6E4AD9885}"= UDP:c:\program files\Google\Google Desktop Search\GoogleDesktop.exe:Google Desktop
"{628C37BC-9B09-4F70-B032-61A98A4E03F4}"= TCP:c:\program files\Google\Google Desktop Search\GoogleDesktop.exe:Google Desktop
"{7380B378-C2D6-46BA-B559-C95FF834CE98}"= UDP:c:\program files\Dell\MediaDirect\MDirect.exe:MediaDirect
"{0B2FCAB0-00B8-450D-A4AE-02B51CE85656}"= TCP:c:\program files\Dell\MediaDirect\MDirect.exe:MediaDirect
"{679C1439-F3D7-4CFC-8024-04BA1E1ED472}"= UDP:c:\program files\Windows Mail\WinMail.exe:Windows Mail
"{94062850-02BD-4DF0-AED9-18FCE59BFF59}"= TCP:c:\program files\Windows Mail\WinMail.exe:Windows Mail
"{29F8919D-6F4D-42F3-A705-22EA50E06ADB}"= UDP:c:\program files\Yapta\YaptaClient.exe:Yapta Tracker
"{0FE933A4-EF81-402B-ABD4-AC7050A757A5}"= TCP:c:\program files\Yapta\YaptaClient.exe:Yapta Tracker
"{A250B121-7F24-4B44-9DC8-AC0987E49D8E}"= UDP:c:\program files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe:ZoomBrowser EX
"{2208ABAE-84E1-4BA5-88EE-07C05276E0E6}"= TCP:c:\program files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe:ZoomBrowser EX
"{82F03D62-F85F-488C-962D-A0D5DCD43A3F}"= UDP:c:\program files\Yapta\YaptaSettings.exe:Yapta Settings
"{0B7D2C3A-C882-4D25-86CE-41A35E090C2F}"= TCP:c:\program files\Yapta\YaptaSettings.exe:Yapta Settings
"TCP Query User{3EA75441-6FFA-4025-8173-E7BB13E26274}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{7352AE6C-4A27-47FB-8819-6698C3D849DD}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{4DE8204E-ACBD-4A99-B753-0ABE3B222B3A}"= Disabled:UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{F513ED03-39D0-4D90-ACA4-B90E22352EAA}"= Disabled:TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{48E30C34-8B59-4237-9BA5-DF2D03A6B58F}c:\\stubinstaller.exe"= Disabled:UDP:C:\stubinstaller.exe:LimeWire swarmed installer
"UDP Query User{5C114170-9817-42B0-BC9A-76DF82D8D390}c:\\stubinstaller.exe"= Disabled:TCP:C:\stubinstaller.exe:LimeWire swarmed installer
"{B88FD737-5383-4179-82B4-74D7539DF820}"= UDP:c:\program files\Yapta\YaptaClient.exe:Yapta Tracker
"{FA189B96-D168-4193-9B46-5844411F2853}"= TCP:c:\program files\Yapta\YaptaClient.exe:Yapta Tracker
"{A4BF2964-60BB-41D2-8FF4-909B7B58BD66}"= UDP:c:\program files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe:ZoomBrowser EX
"{906A78A7-240B-43AE-A613-4F810558BFA9}"= TCP:c:\program files\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe:ZoomBrowser EX
"{C1A3343D-F974-4C04-B72D-AF5A38D2ED05}"= UDP:c:\program files\Yapta\YaptaSettings.exe:Yapta Settings
"{4F0A5109-84D0-44BB-A790-109AC3FEEC8D}"= TCP:c:\program files\Yapta\YaptaSettings.exe:Yapta Settings
"{E198FFB7-D2BE-4675-A12A-56BA83A8C914}"= UDP:c:\program files\Windows Defender\MSASCui.exe:Windows Defender
"{6FE7F10D-4B1E-4BC4-A139-AD78D5905E87}"= TCP:c:\program files\Windows Defender\MSASCui.exe:Windows Defender
"{1DCE3C0D-F2EF-4263-B6E0-7685B50E4C9D}"= UDP:c:\program files\DellConnect\Bin\Launch.exe:DellConnect
"{9E3B61B8-5CEB-4EE1-B72E-4FC50200BF07}"= TCP:c:\program files\DellConnect\Bin\Launch.exe:DellConnect
"{36964AF2-35E1-4362-A591-0EA66566C543}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{46956F07-0AF5-4008-AE0F-AC754E81351B}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{D7F36AF8-F5CE-40B9-8B86-294DA9B2A2CA}"= UDP:c:\program files\AIM6\aim6.exe:AIM
"{FD1C8B6A-D6B6-4DD5-925E-F164F66A2785}"= TCP:c:\program files\AIM6\aim6.exe:AIM
"{3D9B9A8F-A7C7-4502-B087-4B145E7AD03A}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{EC7C1EA9-AD5B-4684-ABA5-D6CE1D5EDEB5}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{113E2CC1-780A-4BF8-B7C1-B3FF4148DC64}"= UDP:9322:EKDiscovery
"{9638770B-3FE6-473E-AEE8-8FEC1959E026}"= UDP:9323:EKDiscovery
"{EFDE957D-9947-43E2-B6A7-BA9D55C6ADAE}"= UDP:9323:EKDiscovery
"{0EB38B8B-C0AA-483F-AFFF-E87291A5DF35}"= e:\setup\hpznui01.exe:hpznui01.exe
"{6D43A19E-7993-4D5B-B5F8-0523D97B53C6}"= TCP:427|RPort=427|c:\windows\system32\svchost.exe|Svc=HPSLPSVC:SLP_Service
"{234C3492-7FB8-4525-B3FB-E208020B7755}"= c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{6B13E0CB-19B7-48AE-90C1-C3FF7992E389}"= c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{EEF28060-ABC8-4E21-B759-3857B8E1DD11}"= c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{983BC193-BB32-45A8-B76F-CAF0D1BFBA21}"= c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{0004B0A9-C8B9-44FD-A22D-7DF125E745ED}"= c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{6E9DB860-F919-42C6-AAC0-A08BA17FB620}"= c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{8C082C5A-1D63-475B-B131-49759BD367F8}"= c:\program files\Common Files\HP\Digital Imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{4DB974E1-3604-4A81-966F-996C99936230}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{F67336F7-A63F-42DA-88F4-149A08AE938A}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{28B1F9DC-F233-44D6-9137-A6417654E22F}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{4011D4A0-09D4-4F4E-87C4-B5E36878067B}"= c:\program files\HP\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe
"{5A1DC797-8511-436A-AD79-058576F12F52}"= c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe
"{24CE2F8C-0095-413A-87B4-81026D7DA51A}"= UDP:c:\windows\System32\lxdrcoms.exe:Lexmark Communications System
"{9D939F04-BDA2-47FB-B589-FB05B380CAF0}"= TCP:c:\windows\System32\lxdrcoms.exe:Lexmark Communications System
"{1FBAF56F-7D89-4C63-9F19-F0407645BCBD}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxdrpswx.exe:Printer Status Window
"{97DFC081-8E47-4BA8-B33C-EB4134D9C3AA}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxdrpswx.exe:Printer Status Window
"{84599512-F9F6-4832-9F46-7DA2D019BCDD}"= UDP:c:\program files\Lexmark 4900 Series\lxdramon.exe:Lexmark Device Monitor
"{9F2492D1-4B78-4120-BE83-9545BC5DE584}"= TCP:c:\program files\Lexmark 4900 Series\lxdramon.exe:Lexmark Device Monitor
"{1ADE7CA6-F4FB-4E47-A15A-83708182282F}"= UDP:c:\program files\Lexmark 4900 Series\frun.exe:Lexmark Productivity Studio
"{86089135-96F2-42C3-99A0-FEEBBC0BC44C}"= TCP:c:\program files\Lexmark 4900 Series\frun.exe:Lexmark Productivity Studio
"{421580AA-A3BB-435E-AA6B-6A36A87D03E7}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"TCP Query User{D2EF6CCE-7207-4147-934C-88127C2D73FC}c:\\program files\\aim6\\aim6.exe"= UDP:c:\program files\aim6\aim6.exe:AIM
"UDP Query User{D1EF9AE5-0B50-4485-83E1-43185B9540DF}c:\\program files\\aim6\\aim6.exe"= TCP:c:\program files\aim6\aim6.exe:AIM
"{155798F7-6339-4517-837E-1B66527AA697}"= UDP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{7E6CD9DB-5166-4E6C-A17F-05E77B9079A2}"= TCP:c:\program files\Abbyy FineReader 6.0 Sprint\Scan\ScanMan6.exe:ABBYY FineReader
"{A91548C1-337B-494C-A0E0-4368A7899392}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{A8487762-9C8E-4A52-93A4-756FC847B520}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{11B740B1-3991-4977-98EC-952A0313EBF0}"= UDP:c:\program files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe:UltiDev Cassini Web Server for ASP.NET 2.0
"{6DB90BC2-8E8D-4FE0-AD43-7B71AB86266C}"= TCP:c:\program files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe:UltiDev Cassini Web Server for ASP.NET 2.0
"TCP Query User{17DA61C3-4E9D-4C9C-84F2-8C753AC32844}c:\\program files\\webguide\\webguide4\\bin\\webguide_configuration.exe"= UDP:c:\program files\webguide\webguide4\bin\webguide_configuration.exe:WebGuide_Configuration
"UDP Query User{06A092FC-C5E1-4046-BC54-5E33034856D3}c:\\program files\\webguide\\webguide4\\bin\\webguide_configuration.exe"= TCP:c:\program files\webguide\webguide4\bin\webguide_configuration.exe:WebGuide_Configuration
"{0938EC74-671D-4908-98F5-A54A8CAAE687}"= UDP:58550:WebGuide
"{22D43C65-923D-4FEC-AC70-FCE639B4673B}"= UDP:58551:WebGuide
"{C1BC8A0D-E5FB-45B9-B40F-C7D6407E1097}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{A1B8B99F-C381-4ECA-89BD-4110793375D7}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 tclondrv;tclondrv;c:\windows\System32\drivers\tclondrv.sys [10/1/2008 8:50 AM 20352]
R2 atashost;WebEx Service Host for Support Center;c:\windows\System32\atashost.exe [7/15/2009 7:33 PM 20376]
R2 lxdr_device;lxdr_device;c:\windows\system32\lxdrcoms.exe -service --> c:\windows\system32\lxdrcoms.exe -service [?]
R2 tgsrvc_providercomcast;SupportSoft Repair Service (providercomcast);c:\program files\providerComcast\bin\tgsrvc.exe [5/2/2008 12:40 PM 148768]
R2 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2/8/2007 12:06 AM 49152]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [10/9/2008 8:16 PM 24652]
R2 WebGuideTranscode;WebGuideTranscode;c:\program files\WebGuide\WebGuide4\bin\WebGuideTranscodeService.exe [8/8/2007 7:28 PM 40960]
R3 NETw5v32;Intel(R) WiFi Link Adapter Driver for Windows Vista 32 Bit ;c:\windows\System32\drivers\NETw5v32.sys [1/17/2008 2:53 PM 4788736]
S2 lxdrCATSCustConnectService;lxdrCATSCustConnectService;c:\windows\System32\spool\drivers\w32x86\3\lxdrserv.exe [5/16/2008 11:39 AM 98984]
S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [8/7/2009 8:27 PM 90352]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - MCHINJDRV
*Deregistered* - mchInjDrv

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-09-19 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-15 00:13]

2009-09-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-05-14 17:32]

2009-08-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-05-14 17:32]

2009-09-20 c:\windows\Tasks\User_Feed_Synchronization-{43A518E6-C34F-4385-927F-75DDE5105BDE}.job
- c:\windows\system32\msfeedssync.exe [2009-07-28 20:13]

2009-09-20 c:\windows\Tasks\User_Feed_Synchronization-{4EF27C85-EE55-495F-80F8-3060E4B8A57A}.job
- c:\windows\system32\msfeedssync.exe [2009-07-28 20:13]

2009-09-20 c:\windows\Tasks\User_Feed_Synchronization-{5F21486F-FCF4-4E72-B917-B2262D5A96A6}.job
- c:\windows\system32\msfeedssync.exe [2009-07-28 20:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://comcast.net/
uInternet Settings,ProxyOverride = *.local
IE: Customize Menu - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: Fill Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RoboForm Toolbar - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {{0362b485-11fe-469c-ae98-42f478e581a0} - c:\program files\Yapta\YaptaSettings.exe
IE: {{0094A600-9BDD-4019-BAFE-487284F7D476} - {C3C07AD6-ACE9-43EE-A2AF-45BC13F6275F} - c:\program files\Yapta\YaptaSidebar.dll
Trusted Zone: comcastsupport.com\www
Trusted Zone: gameinformer.com
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: msgtag.com\www
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
DPF: Garmin Communicator Plug-In - hxxps://my.garmin.com/static/m/cab/2.6.4/GarminAxControl.CAB
FF - ProfilePath - c:\users\MICHELLE\AppData\Roaming\Mozilla\Firefox\Profiles\edccnlxs.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/aolcom/search?invocationType=tbff50ie7&query=
FF - prefs.js: browser.startup.homepage - hxxp://www.comcast.net/
FF - prefs.js: keyword.URL - hxxp://search.aol.com/aolcom/search?invocationType=TB50TRFF;homepage=no;search=yesab&query=
FF - component: c:\program files\Siber Systems\AI RoboForm\Firefox\components\rfproxy_31.dll
FF - component: c:\users\MICHELLE\AppData\Roaming\Mozilla\Firefox\Profiles\edccnlxs.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\components\WinampPlayer.dll
FF - component: c:\users\MICHELLE\AppData\Roaming\Mozilla\Firefox\Profiles\edccnlxs.default\gsl.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Media Player\npViewpoint.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-19 21:37
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-09-20 21:41
ComboFix-quarantined-files.txt  2009-09-20 01:41

Pre-Run: 32,007,786,496 bytes free
Post-Run: 31,700,631,552 bytes free

436	--- E O F ---	2009-09-19 11:24