Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Combofix Log


  • This topic is locked This topic is locked
2 replies to this topic

#1 xray328

xray328

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:11:50 AM

Posted 30 August 2010 - 07:15 PM

Hi all...noob here. I guess I already broke one of the rules by running combofix....sorry.

I had a trojan last night where it showed a greenshield in the system tray, blocked all my internet access, and gave erroneous pop ups.

I was able to remove it with superantivirus, but while researching this, I ran across combofix and ran it before I knew I wasn't supposed to...

Any help is greatly appreciated...thanks in advance!

ComboFix 10-08-29.04 - MaryAnn 08/30/2010 18:53:20.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3032.1943 [GMT -5:00]
Running from: c:\users\MaryAnn\Desktop\ComboFix.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\MaryAnn\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2010-07-28 to 2010-08-31 )))))))))))))))))))))))))))))))
.

2010-08-30 23:51 . 2010-08-30 23:52 -------- d-----w- C:\32788R22FWJFW
2010-08-30 04:06 . 2010-08-30 04:06 63488 ----a-w- c:\users\MaryAnn\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-08-30 04:06 . 2010-08-30 04:06 52224 ----a-w- c:\users\MaryAnn\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-08-30 04:06 . 2010-08-30 04:06 117760 ----a-w- c:\users\MaryAnn\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-08-30 04:06 . 2010-08-30 04:06 -------- d-----w- c:\users\MaryAnn\AppData\Roaming\SUPERAntiSpyware.com
2010-08-30 04:06 . 2010-08-30 04:06 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2010-08-30 04:06 . 2010-08-30 04:06 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-08-30 02:53 . 2010-08-30 02:53 2843 ----a-w- c:\users\MaryAnn\AppData\Local\okuqujuzesecoq.dll
2010-08-30 02:48 . 2010-08-30 02:48 2843 ----a-w- c:\users\MaryAnn\AppData\Local\avulominixi.dll
2010-08-30 02:45 . 2010-08-30 22:40 -------- d-----w- c:\users\MaryAnn\AppData\Local\rxmrukrrw
2010-08-25 04:02 . 2010-08-25 04:03 -------- d-----w- c:\program files\Google
2010-08-11 23:05 . 2010-06-19 04:07 2326016 ----a-w- c:\windows\system32\win32k.sys
2010-08-06 04:53 . 2010-08-06 04:53 -------- d-----w- C:\Garmin
2010-08-04 02:59 . 2010-08-04 02:59 -------- d-----w- c:\programdata\Blizzard Entertainment
2010-08-04 02:58 . 2010-08-04 02:58 -------- d-----w- c:\programdata\Blizzard
2010-08-04 02:55 . 2010-08-04 02:56 -------- d-----w- c:\users\Public\Games

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-30 02:47 . 2010-01-08 23:52 -------- d-----w- c:\users\MaryAnn\AppData\Roaming\uTorrent
2010-08-29 03:22 . 2010-08-29 03:22 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2010-08-13 15:51 . 2010-01-17 00:11 19750744 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\WizardGraphicalClient.exe
2010-08-13 15:51 . 2010-01-17 00:11 73728 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\PatchClientUIRsrc-En.dll
2010-08-13 15:51 . 2010-01-17 00:11 135168 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\StringTableEditorMFC.dll
2010-08-13 15:51 . 2010-01-17 00:11 53248 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\MG_HotShots.dll
2010-08-13 15:51 . 2010-01-17 00:11 49152 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\MG_Shockalock.dll
2010-08-13 15:51 . 2010-01-17 00:11 40960 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\MG_PotionMotion.dll
2010-08-13 15:51 . 2010-01-17 00:11 94208 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\MG_Dueling_Diego.dll
2010-08-13 15:51 . 2010-01-17 00:11 24576 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\MG_Concentration.dll
2010-08-13 15:51 . 2010-01-17 00:11 49152 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\MG_ChooChooZoo.dll
2010-08-13 15:51 . 2010-01-17 00:11 39424 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\ConfiguratorResEnglish.dll
2010-08-13 15:51 . 2010-01-17 00:10 126808 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\BugReporter.exe
2010-08-13 15:49 . 2010-01-17 00:10 73728 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\PatchClient\BankB\PatchClientUIRsrc-En.dll
2010-08-13 15:49 . 2010-01-17 00:10 1003352 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\PatchClient\BankB\WizardLauncher.exe
2010-08-13 15:49 . 2010-01-17 00:10 73728 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\PatchClient\BankA\PatchClientUIRsrc-En.dll
2010-08-13 15:49 . 2010-01-17 00:10 1003352 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\PatchClient\BankA\WizardLauncher.exe
2010-08-13 15:49 . 2010-01-17 00:10 39424 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\PatchClient\BankB\ConfiguratorResEnglish.dll
2010-08-13 15:49 . 2010-01-17 00:10 102232 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\PatchClient\BankB\Configurator.exe
2010-08-13 15:49 . 2010-01-17 00:10 39424 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\PatchClient\BankA\ConfiguratorResEnglish.dll
2010-08-13 15:49 . 2010-01-17 00:10 102232 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\PatchClient\BankA\Configurator.exe
2010-08-05 22:35 . 2010-01-09 06:27 -------- d-----w- c:\programdata\Roxio
2010-08-05 13:10 . 2010-05-07 22:26 16384 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101 Test\Bin\WadToolNET.dll
2010-08-05 13:10 . 2010-05-07 22:26 15360 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101 Test\Bin\NIFStripper.dll
2010-08-05 13:10 . 2010-05-07 22:26 49152 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101 Test\Bin\BugReporterResEnglish.dll
2010-07-30 21:32 . 2010-06-08 18:18 16384 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\WadToolNET.dll
2010-07-30 21:32 . 2010-06-08 18:18 15360 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\NIFStripper.dll
2010-07-30 21:32 . 2010-01-17 00:11 49152 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\BugReporterResEnglish.dll
2010-07-29 06:30 . 2010-08-11 23:06 197632 ----a-w- c:\windows\system32\ir32_32.dll
2010-07-29 06:30 . 2010-08-11 23:06 82944 ----a-w- c:\windows\system32\iccvid.dll
2010-07-23 22:22 . 2010-07-29 04:33 1496064 ----a-w- c:\users\MaryAnn\AppData\Roaming\Mozilla\Firefox\Profiles\jouo561g.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-07-23 22:22 . 2010-07-29 04:33 43008 ----a-w- c:\users\MaryAnn\AppData\Roaming\Mozilla\Firefox\Profiles\jouo561g.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-07-23 22:22 . 2010-07-29 04:33 338944 ----a-w- c:\users\MaryAnn\AppData\Roaming\Mozilla\Firefox\Profiles\jouo561g.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-07-23 22:22 . 2010-07-29 04:33 346112 ----a-w- c:\users\MaryAnn\AppData\Roaming\Mozilla\Firefox\Profiles\jouo561g.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2010-06-30 06:25 . 2010-08-11 23:06 978432 ----a-w- c:\windows\system32\wininet.dll
2010-06-22 02:47 . 2010-08-11 23:06 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-22 02:47 . 2010-08-11 23:06 307200 ----a-w- c:\windows\system32\drivers\srv2.sys
2010-06-22 02:47 . 2010-08-11 23:06 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-06-19 06:33 . 2010-08-11 23:06 3955080 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-06-19 06:33 . 2010-08-11 23:06 3899784 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-06-19 06:23 . 2010-08-11 23:06 37376 ----a-w- c:\windows\system32\rtutils.dll
2010-06-16 05:48 . 2010-08-11 23:06 224256 ----a-w- c:\windows\system32\schannel.dll
2010-06-14 06:12 . 2010-08-11 23:06 1286016 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-06-08 18:18 . 2010-06-08 18:18 1036288 ----a-w- c:\programdata\KingsIsle Entertainment\Wizard101\Bin\msvcp80d.dll
2010-06-08 06:02 . 2010-08-11 23:06 1233920 ----a-w- c:\windows\system32\msxml3.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-11-18 20:58 333192 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-11-18 333192]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-08-25 2424560]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-11 175640]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKLM\~\startupfolder\C:^Users^MaryAnn^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk]
backup=c:\windows\pss\Dell Dock.lnk.Startup
backupExtension=.Startup
path=c:\users\MaryAnn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

[HKLM\~\startupfolder\C:^Users^MaryAnn^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
path=c:\users\MaryAnn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2009-12-11 21:57 948672 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-12-22 07:57 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2009-07-14 01:14 144384 ----a-w- c:\windows\ehome\ehtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2006-10-27 05:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2010-02-11 06:08 175640 ----a-w- c:\windows\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2010-02-11 06:08 141848 ----a-w- c:\windows\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]
2010-01-07 22:07 1394000 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2010-02-11 06:08 167448 ----a-w- c:\windows\System32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-02-07 01:30 98304 ----a-w- c:\program files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmileboxTray]
2009-12-07 12:22 266888 ----a-w- c:\users\MaryAnn\AppData\Roaming\Smilebox\SmileboxTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2009-06-29 17:44 458844 ----a-w- c:\program files\IDT\WDM\sttray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2009-07-14 01:14 660480 ----a-w- c:\program files\Windows Defender\MSASCui.exe

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-08-25 136176]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-07-03 29472]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-13 1343400]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0308000.029\SYMEFA.SYS [2010-03-01 310320]
S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\Drivers\N360\0308000.029\BHDrvx86.sys [2010-03-01 259632]
S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\N360\0308000.029\ccHPx86.sys [2010-03-01 482432]
S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100827.001\IDSvix86.sys [2010-05-28 344112]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_7f2308f435f2c4c1\aestsrv.exe [2009-03-02 81920]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-05-02 161048]
S2 N360;Norton Security Suite;c:\program files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe [2010-03-01 117640]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-05-30 102448]
S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\N360\0308000.029\SYMNDISV.SYS [2010-03-01 48688]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]

.
Contents of the 'Scheduled Tasks' folder

2010-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-25 04:02]

2010-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-25 04:02]

2010-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2853547506-2844543238-574059215-1000Core.job
- c:\users\MaryAnn\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-31 01:10]

2010-08-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2853547506-2844543238-574059215-1000UA.job
- c:\users\MaryAnn\AppData\Local\Google\Update\GoogleUpdate.exe [2010-03-31 01:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyServer = http=127.0.0.1:6522
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
DPF: {2AB1C516-D654-4D3A-B3D6-2185BBCEB409} - hxxps://secure2.edward.org/+CSCOL+/relayp.cab
DPF: {705EC6D4-B138-4079-A307-EF13E4889A82} - hxxps://secure2.edward.org/CACHE/sdesktop/install/binaries/instweb.cab
FF - ProfilePath - c:\users\MaryAnn\AppData\Roaming\Mozilla\Firefox\Profiles\jouo561g.default\
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll
FF - component: c:\users\MaryAnn\AppData\Roaming\Mozilla\Firefox\Profiles\jouo561g.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\McAfee\Supportability\MVT\NPMVTPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\users\MaryAnn\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\MaryAnn\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
FF - plugin: c:\users\MaryAnn\AppData\Roaming\Mozilla\Firefox\Profiles\jouo561g.default\extensions\{38AB6A6C-CC4C-4f9e-A3DD-3C5681EF18A1}\plugins\npsoe.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-Broadcom Wireless Manager UI - c:\windows\system32\WLTRAY.exe
MSConfigStartUp-QuickSet - c:\program files\Dell\QuickSet\QuickSet.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
MSConfigStartUp-wmkfbxof - c:\users\MaryAnn\AppData\Local\rxmrukrrw\gslaxdkshdw.exe



[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files\Norton Security Suite\Engine\3.8.0.41\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton Security Suite\Engine\3.8.0.41\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2853547506-2844543238-574059215-1000\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC]
@Denied: (C D) (Everyone)

[HKEY_USERS\S-1-5-21-2853547506-2844543238-574059215-1000\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Endpoints]
@Denied: (C D) (Everyone)
"{3323E953-1550-4FB0-A8B0-819CB1D33A6C}"=""
"{84F9218A-963D-462E-9F60-9E70886BC6A6}"=""
"{2C43D946-C8AA-4DEE-9ADE-01479DFB67D2}"=""
"{57CC9133-89E9-480A-9D98-04699A687F7C}"=""
"{C77C2F8D-F45F-4658-A902-0E72653C9115}"=""
"{F0B7E30C-2EB1-48E4-A25A-884927E0A3A6}"=""
"{AAC61EE8-42DA-4A5F-B62C-BF4DCF3C2FC5}"=""
"{5EE9CD77-37DE-4C53-B9E0-7B6D8FABBA38}"=""
"{A3F18229-5ECE-4B33-B299-2D92CCDF1AB5}"=""
"{46E896C0-971A-4B13-9A09-A31617B5D9F8}"=""
"{C7B5D49A-1AA4-42ED-AF26-B6AC8049FDBA}"=""
"{3EB1FD20-50D5-4143-B893-1F4128F62CC5}"=""
"{F6D2391E-CDD1-4658-876A-409B5C814CFD}"=""
"{D26C00E1-4196-4DFE-972A-607ABC5D2CCF}"=""
"{1A310011-E548-4C72-B075-3CBB1B4BCFAA}"=""
"{1B1D3FDA-3AF8-48D0-AE83-419D83C8ED5E}"=""
"{DE35CDE9-D1CE-486E-A32B-BED46E48F197}"=""
"{D01DA289-D6EC-4D1B-B5FB-B7C3BC9513D0}"=""
"{E179D05C-DC45-43EA-B2D2-C73039422ACC}"=""
"{4AD4BC29-C9D4-49AA-A611-C223DD07E0F0}"=""
"{40BA5937-2B86-412E-A3BA-F82D6B60F0F2}"=""
"{94A09C81-6B80-49B0-A2F6-F65F2FD8ADDC}"=""
"{8B05C369-AE56-4F8D-88F9-A281F40AE5DB}"=""
"{78D1F5A4-2360-4E2D-B202-78679C157479}"=""
"{E38E92B2-7964-40E7-A6E9-CC391C6ABA2E}"=""
"{09EC0AD2-A4AD-4E09-8FEF-8234CA9A7EF0}"=""
"{9CA25E67-168E-4AE2-BB5C-E8CD55853939}"=""
"{3737F1FF-44F2-40B7-9C13-76EA26DA688A}"=""
"{1DD6BED6-7FF2-456C-8406-09635D34460E}"=""
"{14EC9F4D-FA33-4706-956C-3A3AD90DFDAE}"=""
"{FCEC5225-3B79-47D0-8312-4748E9E22D39}"=""
"{237F0602-BA40-43D6-99EA-9BA9BBFCDD21}"=""
"{12F13CC2-EF54-4E33-A428-B7B9C4C91315}"=""
"{E84005D9-3825-4892-BD22-7B8AA77891C3}"=""
"{7C5CE7B7-BAE3-48AD-A41E-E1A7B6F529BD}"=""
"{21C5E583-31D3-476A-942F-031179F71DF4}"=""
"{7331900C-7BD8-41E4-8D21-3A7ECE2AFB99}"=""
"{052E9C10-407D-4358-BEB9-0B53E67666D2}"=""
"{83565C4C-D654-4B31-8978-36E294E7D595}"=""
"{56755B97-89BE-481A-86A7-7936BBBC5085}"=""
"{EBD767B7-3D02-44DC-927C-2548B1F6B8AD}"=""
"{ADFE0DB6-7AE5-4FC0-B703-CF4E146A3561}"=""
"{9BB9DD80-4677-4612-B0D1-CF7F963AF08B}"=""
"{DBA7AE1E-1288-4920-A3C7-F9A393342137}"=""
"{47189B20-B223-4B85-A6AA-E5D3C1D438ED}"=""
"{90534CE5-CB75-40A0-84F7-91659D72B77E}"=""
"{64E4AC1B-B1D0-4C06-B3C8-33A8EC3C5086}"=""
"{35338ABA-43DA-4F06-9960-10EF94063066}"=""
"{1430211E-331B-4880-8700-8BD760E28A8A}"=""
"{43A49841-35C6-4A01-B3E8-7EEF43B298CD}"=""
"{88062EEB-D7CE-431A-816B-E316C0B90194}"=""
"{741E0D57-A1A5-4586-9EEF-F87FCDF957FE}"=""
"{901027F7-B592-4EE7-98EF-8992F41CF2F1}"=""
"{B2DC2EBB-4C6B-4D1F-9178-8558F864B29F}"=""
"{ECBC757C-9756-464E-87D8-10CAC9EEC740}"=""
"{94D835D5-E4A4-4C30-AE3A-022F0E5E5CF7}"=""
"{A3A8109D-2C71-410C-920A-13ACABF2CCAC}"=""
"{2C0DF4D7-0EC9-4CA3-A792-9024D4487BB7}"=""
"{132F0F38-A503-4E53-AEE9-A2911A40B467}"=""
"{AB5337C8-B4D3-43F8-9CC4-662F9BD30EDC}"=""
"{CC2FBBAB-5349-4DE3-BD82-56EB86B24D3B}"=""
"{F5B8587F-8D58-437B-8829-2EA4D5BD1483}"=""
"{D322C9B8-F10A-4607-A45C-522D82ACB017}"=""
"{888A601F-8744-43DA-B283-172A5EEDDF47}"=""
"{A53E60CA-5AB3-484B-9FBF-339F6EBA1691}"=""
"{0BC9F3D0-06D5-4393-9218-29714E0A92A8}"=""
"{150411A0-45A4-47F4-95DC-E1D00324BD3F}"=""
"{CE3E71D3-5690-49A1-A3AE-2735CCFED2FF}"=""
"{015AFE21-BC79-41FB-95AB-322D93AB653E}"=""
"{0BE3CDDA-B18C-4F61-85F5-35582F27B08B}"=""
"{71BB3716-FD09-41AD-8EE7-32FF33C8CA1E}"=""
"{799A5A1C-19FE-4717-9A62-83C1ECA95D82}"=""
"{DD793A56-6AB1-4FB7-A2A1-4D3F84DDFB66}"=""
"{740D2364-1AA6-4B21-A153-7F85199AE4A1}"=""
"{1754DB90-7F99-4533-ACEE-A6D3271C2D6C}"=""
"{D7637E24-5839-43E1-9196-8EFA7F7228F4}"=""
"{9A8C1BEF-5C32-40F2-BD24-8B08CD3506B2}"=""
"{7AEE92D8-1A41-486A-B084-0BAC4F2A9128}"=""
"{64D2A03C-3E1E-4636-912D-3581A187D53F}"=""
"{332385FF-4BBC-46BA-AE64-F481A440A364}"=""
"{246D96A0-149A-45EB-AFD8-66CB8EC59CB0}"=""
"{ACDEC642-1C34-4B24-A4F4-4B9B45639FA5}"=""
"{D3EBEBE9-A214-41FF-AD98-7F6225EAA6B4}"=""
"{50FD20EE-7132-4BCC-9520-3BD5B8825491}"=""
"{1F9B30B8-29CC-4EA9-B564-DD0725CD9016}"=""
"{A6F042BF-5FFC-4662-998B-3C7DF2B62702}"=""
"{74F588D1-DF20-4E99-A9EA-FCE543452367}"=""
"{5F53ED9C-FF22-4635-B4EF-08E35BBFE024}"=""
"{F623EFE1-8C2E-4A86-B0E0-E4DECAFC2718}"=""
"{8395CFB9-370F-43EA-AE9C-A04F24FDE213}"=""
"{F565D928-41FB-43CE-9F7E-4587B049529F}"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC]
@Denied: (C D) (Everyone)

[HKEY_LOCAL_MACHINE\SOFTWARE\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Channels]
@Denied: (C D) (Everyone)
"ccSvcHst_UserSession_3536"="{7B14E623-BA11-492D-A762-1F2AF061C308}"
"ccSvcHst_UserSession_3060"="{251092C8-4A65-4B1D-8D10-E22BF473E499}"
"ccSvcHst_UserSession_2384"="{BA16D6F7-0731-4591-8DDA-97D6AC67779C}"
"ccSvcHst_UserSession_3596"="{58473396-6908-4DE4-A45C-C3B2085DCEEF}"
"ccSvcHst_UserSession_2884"="{1D01F61F-3374-4B32-A70B-94D6B882F096}"
"ccSvcHst_UserSession_2344"="{6EDD6911-54E3-49BE-8893-DCD93B02DE6C}"
"ccSvcHst_UserSession_2908"="{13A999F3-E0CF-427B-9323-5CF68BC58BF2}"
"ccSvcHst_UserSession_3380"="{326FCC0E-0E08-448C-924A-2D21624C0DAC}"
"ccSvcHst_UserSession_3108"="{4854ECE7-70CE-4201-8E24-11CFBA2AA885}"
"ccSvcHst_UserSession_2392"="{D1477659-E5E4-412D-9659-EE300CDF6DED}"
"ccSvcHst_UserSession_2940"="{55F2471C-09ED-4D04-B5FE-2E9B6E34391F}"
"ccSvcHst_UserSession_3096"="{6DCB6D18-AF6F-495D-8EC6-C0BAF04DF0C9}"
"ccSvcHst_UserSession_2996"="{0D78DBCD-6C0F-4008-96E5-B8A2849E9F6D}"
"ccSvcHst_UserSession_3864"="{C7551E1C-A67C-49AC-A3DC-8B67470855FB}"
"ccSvcHst_UserSession_2864"="{9E9E92B4-3F69-49C7-9A82-BA90BD9B451B}"
"ccSvcHst_UserSession_2728"="{09E9E2C7-D49B-445E-B6C8-88FAA5417686}"
"ccSvcHst_UserSession_3100"="{4DE76987-086C-4E50-8F4A-56B457B1490D}"
"ccSvcHst_UserSession_2620"="{C3AC1BFF-4F87-48EE-B502-1D8B60021D13}"
"ccSvcHst_UserSession_3296"="{F1A01FBA-A436-482A-A7F6-5563492AD479}"
"ccSvcHst_UserSession_2484"="{CFDA7426-E2AA-4D01-B966-6F658DCF0B78}"
"ccSvcHst_UserSession_3180"="{BD18C1D1-EFB5-420B-8630-2CC3E2A193B0}"
"ccSvcHst_UserSession_3364"="{0A286779-516C-4979-BE25-1B5BCF10831D}"
"ccSvcHst_UserSession_3224"="{FF508988-5DB0-47F1-8D04-1058FC67A77F}"
"ccSvcHst_UserSession_3272"="{F340DE11-AC1B-42A6-8C42-BB55288F2E2F}"
"ccSvcHst_UserSession_3232"="{56380B54-8FB7-49E1-9B00-1E5230DE872B}"
"ccSvcHst_UserSession_3032"="{BB3BA6D1-0297-45FA-8374-172AB2D631D2}"
"ccSvcHst_UserSession_3336"="{30C912E0-E513-4855-B5DE-7C3BD55219FF}"
"ccSvcHst_UserSession_3356"="{C41F6F26-477E-41C9-A4C9-9B79A974DDC4}"
"ccSvcHst_UserSession_3128"="{4AE8D372-B4CC-46EA-9FEF-CCD79D13A1B0}"
"ccSvcHst_UserSession_3560"="{95CB9A30-C480-4E0C-B026-E2D164788FE3}"
"ccSvcHst_UserSession_3132"="{E2926168-F07F-42ED-B3A1-57905BBE3B00}"
"ccSvcHst_N360"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"uiPerf_Service_Channel"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"ccJobMgr_general_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"ccJobMgr_session_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"QuickStart{4302D82E-BA29-4be2-A0EF-72589D61BCD3}"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"IPS_COMMAND_CHANNEL"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"ccGenericEvent_Global_EM"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"ccGenericEvent_Global_LM"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"ccGenericLog_Manager"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"SNDServiceRequestChannel"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"SNDLocationChannel"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"ccSettingsService"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"_AvProdSvcComm_"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"g_coVistaProxyChannel"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"FWAlert"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"_isDataPrComm_"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"SymRedirSvcRequestChannel"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"_buSvcComm_"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"Tuneup_Context_Switch_Channel"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"BashIPCChannel"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"NortonNetServiceIPC"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"NetMapServiceIPC"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"_StatisticsCommand_"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"ccSvcHst_UserSession_3716"="{52A741A8-30A0-471C-B5EB-52E86D19764C}"
"{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{541A52A7-EE28-455A-867C-DF90EE2ED210}"
"{B44E7D73-F081-414B-ADD2-CD66675A190D}1"="{541A52A7-EE28-455A-867C-DF90EE2ED210}"
"AvProdSession_01"="{541A52A7-EE28-455A-867C-DF90EE2ED210}"
"AvProdSession_Options_01"="{541A52A7-EE28-455A-867C-DF90EE2ED210}"
"AvProdSession_Scanless_01"="{541A52A7-EE28-455A-867C-DF90EE2ED210}"
"_buUIComm_"="{541A52A7-EE28-455A-867C-DF90EE2ED210}"
"clt::AlertChannel2_01"="{541A52A7-EE28-455A-867C-DF90EE2ED210}"
"QuickStart{4A16DDA3-2513-41ea-90C8-E34A67781129}1"="{541A52A7-EE28-455A-867C-DF90EE2ED210}"
"AccountServices_1"="{541A52A7-EE28-455A-867C-DF90EE2ED210}"
"FormHandler_1"="{541A52A7-EE28-455A-867C-DF90EE2ED210}"
"TRUSTCHANNEL"="{541A52A7-EE28-455A-867C-DF90EE2ED210}"
"SDKCHANNEL1"="{541A52A7-EE28-455A-867C-DF90EE2ED210}"
"ToasterNotify\\SessionID_1"="{541A52A7-EE28-455A-867C-DF90EE2ED210}"
"_TrustSvcComm_"="{7A433264-7FA6-4E89-917F-4413A2E01B8D}"
"ccSvcHst_UserSession_3120"="{C4842617-B9E0-45E1-8D3B-A664128F6212}"
"ccSvcHst_UserSession_3936"="{47D1C180-6BC1-4FCB-8E10-2A732E0A3136}"
"ccSvcHst_UserSession_3800"="{19442A7A-F24A-4107-BB8B-CA4AE25D5554}"
"ccSvcHst_UserSession_3476"="{541A52A7-EE28-455A-867C-DF90EE2ED210}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Endpoints]
@Denied: (C D) (Everyone)
"{7B14E623-BA11-492D-A762-1F2AF061C308}"=""
"{85F9074F-3BD8-4CBC-9468-91D33D339544}"=""
"{543B827E-86C9-4AB4-BD89-5EB30A8C17F9}"=""
"{DECEA248-F9C0-45ED-8647-8F7F9336D004}"=""
"{A6531D1B-6079-484C-B6F8-5C5F87778942}"=""
"{B8D70F5D-38FE-49C3-82F2-C0D0B71DDEA7}"=""
"{251092C8-4A65-4B1D-8D10-E22BF473E499}"=""
"{A9A6D2FC-FC9C-4E23-A287-4437A5372564}"=""
"{27DC1C5C-0005-4CD8-965E-5A35CBBBB026}"=""
"{C87CA8DC-BF0A-48C7-B8FF-8068B475A54A}"=""
"{188C7133-20DC-4761-8DF5-2A585030A407}"=""
"{45C7D0D2-56F3-4702-BAE4-E75259C47351}"=""
"{BA58813E-E85A-492E-98B5-61EB0949DF4A}"=""
"{F70CB2C4-E65D-4AE4-A5A5-C25AE5E6AC06}"=""
"{BA16D6F7-0731-4591-8DDA-97D6AC67779C}"=""
"{925BE9D5-4FE6-4CF5-9A55-93A832595A0A}"=""
"{F05AC20D-9F44-4ABC-AB80-2FA05CF94D0D}"=""
"{B773A78E-3420-4CF9-BEFB-040A54E7666C}"=""
"{58473396-6908-4DE4-A45C-C3B2085DCEEF}"=""
"{A68B93C3-9F2A-48D5-A329-0B2127D93E7D}"=""
"{51CE8238-37AC-46FD-931D-D247E48F37CD}"=""
"{E3ACA0E5-DA83-4A63-9159-AF226B76FFC4}"=""
"{CF92263C-AE79-4FC5-9E25-7461C0849A01}"=""
"{DF45C9C7-9E91-4FA1-9EF7-A41FA95D88D0}"=""
"{1D01F61F-3374-4B32-A70B-94D6B882F096}"=""
"{3EDC775D-B343-480A-86B2-DBEDA4C456D4}"=""
"{6EDD6911-54E3-49BE-8893-DCD93B02DE6C}"=""
"{B63425D0-D780-4BFC-8EA9-4F95E8A4A596}"=""
"{46806B66-9AF9-480B-A38A-210E26DD5AFA}"=""
"{6B30CEC8-E8E9-46BA-99F9-44547094924A}"=""
"{13A999F3-E0CF-427B-9323-5CF68BC58BF2}"=""
"{D58BD56E-BE56-4C07-BBEB-F4F03B540B2C}"=""
"{326FCC0E-0E08-448C-924A-2D21624C0DAC}"=""
"{46A942C9-F87E-49C2-B11D-3C2C60ACFE2D}"=""
"{4854ECE7-70CE-4201-8E24-11CFBA2AA885}"=""
"{30BF80CA-832C-46E6-8F02-0B335376B963}"=""
"{D1477659-E5E4-412D-9659-EE300CDF6DED}"=""
"{B74CF558-F331-4F47-9C05-EA66188B7BCB}"=""
"{55F2471C-09ED-4D04-B5FE-2E9B6E34391F}"=""
"{898E795C-17FF-4F1B-A746-32BF874FF267}"=""
"{6DCB6D18-AF6F-495D-8EC6-C0BAF04DF0C9}"=""
"{B801F25C-BCDA-4855-8D65-C761A4D2955E}"=""
"{0D78DBCD-6C0F-4008-96E5-B8A2849E9F6D}"=""
"{63815C8B-DD76-4535-99C9-700CE94F7BF1}"=""
"{C7551E1C-A67C-49AC-A3DC-8B67470855FB}"=""
"{366DC161-DB73-4EA9-B213-EE72F240BC62}"=""
"{6DBA848A-F082-4398-B8A9-D9521B3B78EE}"=""
"{49A67A8C-3088-4560-9B78-D0580D78083C}"=""
"{EBB7421E-D384-45D1-AF4E-ED584AA0885F}"=""
"{9E9E92B4-3F69-49C7-9A82-BA90BD9B451B}"=""
"{BDE0D7A3-B7C8-4C98-BB94-25506BFA7059}"=""
"{09E9E2C7-D49B-445E-B6C8-88FAA5417686}"=""
"{D6B1F53A-2FC1-4427-9634-83AE1FF88F6E}"=""
"{4DE76987-086C-4E50-8F4A-56B457B1490D}"=""
"{A3EC3416-836A-4826-8494-AA56761792F9}"=""
"{C3AC1BFF-4F87-48EE-B502-1D8B60021D13}"=""
"{8979828D-B2FF-4FFC-AF66-5A82D90912BB}"=""
"{F1A01FBA-A436-482A-A7F6-5563492AD479}"=""
"{E04E3B59-DEEA-4FBD-A6A9-594090666678}"=""
"{CFDA7426-E2AA-4D01-B966-6F658DCF0B78}"=""
"{8FDCE08B-6583-4F58-A52A-5E278AA518AC}"=""
"{9BDA004B-A565-4250-B092-DD54A656EEDA}"=""
"{98CFA42B-17F7-47A5-8223-D7373F13CF4A}"=""
"{BD18C1D1-EFB5-420B-8630-2CC3E2A193B0}"=""
"{0C0D39AC-4699-42E2-9C4A-8279705A0B63}"=""
"{0A286779-516C-4979-BE25-1B5BCF10831D}"=""
"{849A0825-D1B9-4E66-BC4D-E5D3828859CE}"=""
"{E9EE9C56-B242-4395-8191-CEE2EE3B5D78}"=""
"{30F360F8-E482-4C86-8955-B989CD075E94}"=""
"{FA18DE2C-BBCD-4E01-BB66-FA2E5429D667}"=""
"{0CF2ACB0-6BF6-4C61-85BD-B6B986D2584B}"=""
"{5B9AF380-B4AD-43E7-AE82-A9D9F19734D1}"=""
"{FF508988-5DB0-47F1-8D04-1058FC67A77F}"=""
"{DBBADB8C-054E-4DC5-BCBD-4F55A187CB83}"=""
"{F340DE11-AC1B-42A6-8C42-BB55288F2E2F}"=""
"{699B3A01-BE7A-4857-AB9F-6D08029FD885}"=""
"{E95A7274-BB94-4C41-9711-B15779454CAB}"=""
"{474A2B01-B206-4403-8A88-370A34C6524A}"=""
"{AAC06B59-E6C4-4879-B352-D8F29C0181FD}"=""
"{C075CBD5-42D1-4D9F-A67E-0DA6F2E8475F}"=""
"{BB3BA6D1-0297-45FA-8374-172AB2D631D2}"=""
"{AC82730D-DAB9-4B82-85BB-814FBB7C5397}"=""
"{30C912E0-E513-4855-B5DE-7C3BD55219FF}"=""
"{EB8EC4CA-A342-4278-8E40-9D75CC085050}"=""
"{C41F6F26-477E-41C9-A4C9-9B79A974DDC4}"=""
"{A40808A4-3D85-4690-8C6A-409F0A258CC2}"=""
"{219E7B28-E0F9-48C9-A52E-3CC1484D8632}"=""
"{3204B179-F300-42D2-A46E-34831F4F9091}"=""
"{C0A9392D-1DC1-40D7-9285-5C8574FC44A5}"=""
"{5BCF0ED4-4F49-4F1B-A424-87225F887A39}"=""
"{15D8EE59-F6FC-48F9-ADD6-EDAD5005137A}"=""
"{D01E3991-2B32-43C5-827A-6FFBE0ECE629}"=""
"{64E32987-E770-4AD3-A8FC-51299B3F4F74}"=""
"{56380B54-8FB7-49E1-9B00-1E5230DE872B}"=""
"{5E6D5B06-D296-47E4-B3AC-422AC7772906}"=""
"{4AE8D372-B4CC-46EA-9FEF-CCD79D13A1B0}"=""
"{C2F5E0F0-F23C-4A50-8616-BF2FA95608DD}"=""
"{E121FCBC-200B-4493-B0FD-81FF1E0E160A}"=""
"{6B135B36-41ED-450B-97C7-DE8DD215EAE0}"=""
"{95CB9A30-C480-4E0C-B026-E2D164788FE3}"=""
"{20BF7B21-9EC6-4E01-8F78-14662C2C801C}"=""
"{E2926168-F07F-42ED-B3A1-57905BBE3B00}"=""
"{1C08D50C-0C65-4A3B-8E26-1A0A13305080}"=""
"{CA8F7603-47AF-44BC-974F-A703C735ECEE}"=""
"{4F4B2E81-7816-4B19-8895-6E233441EEA9}"=""
"{FC1B7358-3C1D-4F59-9DF6-874B62095A22}"=""
"{091874C1-F5B4-43AF-9CAD-09991ED26016}"=""
"{E3CDCBE2-7FDE-42B9-9C9C-684D1FE4A16B}"=""
"{EA8AC8F5-4CE9-41DD-8105-D71A5EF93023}"=""
"{52A741A8-30A0-471C-B5EB-52E86D19764C}"=""
"{42ED7906-5D41-4825-B5FB-BDC73A0E9914}"=""
"{C4842617-B9E0-45E1-8D3B-A664128F6212}"=""
"{7587E453-DBCB-43AB-85EA-085A3E0F1D26}"=""
"{2B26761A-0DB2-4147-A441-C8E9DD68BF52}"=""
"{47D1C180-6BC1-4FCB-8E10-2A732E0A3136}"=""
"{C6482A6D-B131-472E-B49B-342DDF7439DA}"=""
"{19442A7A-F24A-4107-BB8B-CA4AE25D5554}"=""
"{7A433264-7FA6-4E89-917F-4413A2E01B8D}"=""
"{541A52A7-EE28-455A-867C-DF90EE2ED210}"=""
"{8D5F039E-5BCF-44EE-BF96-FC634E4BBC28}"=""

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-08-30 19:04:29
ComboFix-quarantined-files.txt 2010-08-31 00:04

Pre-Run: 148,786,163,712 bytes free
Post-Run: 148,706,369,536 bytes free

- - End Of File - - 8147266670404BBC5E6E4BE4D99F9E81


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:04:50 PM

Posted 08 September 2010 - 05:58 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:04:50 PM

Posted 12 September 2010 - 06:23 PM

This topic has been closed.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users