ComboFix 10-10-07.01 - Amalita 07/10/2010 16:22:03.2.

2 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.593.3082.18.3003.1972 [GMT -5
:00]
Running from: c:\users\Amalita\Desktop\ComboFix.exe
Command switches used :: /u
* Resident AV is active
.
(((((((((((((((((((((((((
))))))))))))))))))))))))
.

Files Created from 2010-09-07 to 2010-10-07 )))))))

2010-10-07 21:31 . 2010-10-07 21:31

\Rogelito\AppData\Local\temp
2010-10-07 21:31 . 2010-10-07 21:31
\Public\AppData\Local\temp
2010-10-07 21:31 . 2010-10-07 21:31
\Default\AppData\Local\temp
2010-10-07 21:31 . 2010-10-07 21:31
\Administrator\AppData\Local\temp
2010-10-07 21:17 . 2010-10-07 21:31
\Amalita\AppData\Local\temp
2010-10-07 16:11 . 2010-10-07 17:24
\Amalita\Oracle Jar Cache
2010-10-07 16:11 . 2010-10-07 16:11
\Amalita\.jinit
2010-10-07 15:55 . 2010-10-07 15:55
\Amalita\AppData\Roaming\GlarySoft
2010-10-07 15:47 . 2010-10-07 19:53
am files\Glary Utilities
2010-10-01 01:51 . 2010-10-01 01:52
amdata\IMinent
2010-10-01 01:51 . 2010-10-01 01:51
am files\Iminent
2010-09-28 19:05 . 2010-06-19 06:15
m32\tzres.dll
2010-09-24 22:20 . 2010-09-24 22:20
am files\NCH Swift Sound
2010-09-24 22:18 . 2010-09-24 23:01
amdata\NCH Software
2010-09-24 22:17 . 2010-09-24 22:20
am files\NCH Software
2010-09-24 22:17 . 2010-09-24 22:19
\Amalita\AppData\Roaming\NCH Software
2010-09-24 20:59 . 2010-03-15 09:31
m32\unrar.dll
2010-09-24 20:59 . 2010-09-14 08:00
m32\ff_vfw.dll
2010-09-24 20:59 . 2010-06-08 16:10
m32\xvidcore.dll
2010-09-24 20:59 . 2010-06-08 16:10
m32\xvidvfw.dll
2010-09-24 20:59 . 2004-01-25 16:18
m32\yv12vfw.dll
2010-09-24 20:59 . 2010-09-24 20:59
am files\K-Lite Codec Pack
2010-09-23 21:24 . 2010-10-07 21:17
\Rogelito
2010-09-23 18:04 . 2010-09-23 18:04

--------

d-----w-

c:\users

--------

d-----w-

c:\users

--------

d-----w-

c:\users

--------

d-----w-

c:\users

--------

d-----w-

c:\users

--------

d-----w-

c:\users

--------

d-----w-

c:\users

--------

d-----w-

c:\users

--------

d-----w-

c:\progr

--------

d-----w-

c:\progr

--------

d-----w-

c:\progr

2048

----a-w-

c:\windows\syste

--------

d-----w-

c:\progr

--------

d-----w-

c:\progr

--------

d-----w-

c:\progr

--------

d-----w-

c:\users

165376 ----a-w-

c:\windows\syste

108032 ----a-w-

c:\windows\syste

790528 ----a-w-

c:\windows\syste

134144 ----a-w-

c:\windows\syste

217088 ----a-w-

c:\windows\syste

--------

d-----w-

c:\progr

--------

d-----w-

c:\users

--------

d-----w-

c:\progr

am files\Common Files\Java
2010-09-22 23:00 . 2010-09-24 04:04
-------d-----wc:\users
\Amalita\AppData\Local\WMTools Downloaded Files
2010-09-22 20:59 . 2010-09-22 20:59
-------d-----wc:\progr
am files\Movie Maker 2.6
2010-09-22 20:59 . 2010-09-22 20:59
-------d-----wc:\progr
am files\Conduit
2010-09-22 17:21 . 2010-09-22 17:21
-------d-----wc:\progr
am files\DzSoft
2010-09-16 17:42 . 2010-07-17 10:00
423656 ----a-wc:\windows\syste
m32\deployJava1.dll
2010-09-16 16:31 . 2010-08-21 05:32
316928 ----a-wc:\windows\syste
m32\spoolsv.exe
2010-09-10 15:40 . 2010-09-23 18:02
-------d-----wc:\progr
am files\Java
2010-09-10 15:14 . 2010-09-10 15:41
-------d-----wc:\progr
am files\LimeWire
2010-09-10 14:48 . 2010-09-10 14:48
-------d-----wc:\users
\Amalita\AppData\Local\Ares
2010-09-10 14:48 . 2010-09-10 14:48
-------d-----wc:\progr
am files\Ares
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))
)))))))))))))))))))))))))))))))
.
2010-10-07 21:22 . 2009-07-14 08:48
697070 ----a-wc:\windows\syste
m32\perfh00A.dat
2010-10-07 21:22 . 2009-07-14 08:48
135658 ----a-wc:\windows\syste
m32\perfc00A.dat
2010-10-07 21:20 . 2010-09-10 15:41
-------d-----wc:\users
\Amalita\AppData\Roaming\LimeWire
2010-10-07 16:34 . 2010-02-18 03:56
-------d-----wc:\progr
amdata\VMware
2010-10-05 23:18 . 2010-03-03 13:54
-------d--h--wc:\progr
am files\InstallShield Installation Information
2010-10-05 23:18 . 2010-02-19 22:19
-------d-----wc:\progr
am files\Oracle
2010-09-24 21:19 . 2010-09-24 21:19
-------d-----wc:\progr
am files\Emprenet Turnos FREE
2010-09-16 17:26 . 2010-02-12 02:41
-------d-----wc:\progr
amdata\Microsoft Help
2010-08-18 00:03 . 2010-08-18 00:03
-------d-----wc:\progr
am files\HUAWEI Modem Driver
2010-08-18 00:03 . 2010-03-03 13:53
-------d-----wc:\progr
am files\Movistar
2010-08-11 16:54 . 2010-08-11 16:54
-------d-----wc:\users
\Amalita\AppData\Roaming\Foxit
2010-08-11 16:54 . 2010-08-11 16:54
-------d-----wc:\progr
am files\Foxit Software
2010-08-09 16:21 . 2010-08-09 16:21
-------d-----wc:\progr
am files\LightScribe Template Labeler
2010-08-09 16:11 . 2010-08-09 16:11
-------d-----wc:\progr
am files\LightScribe
2010-08-09 16:05 . 2010-03-20 18:08
-------d-----wc:\progr
amdata\LightScribe
2010-08-05 16:40 . 2010-07-01 15:53
154
----a-wC:\modificar.bat
2010-07-29 06:30 . 2010-08-12 02:36
197632 ----a-wc:\windows\syste
m32\ir32_32.dll
2010-07-29 06:30 . 2010-08-12 02:36
82944 ----a-wc:\windows\syste

m32\iccvid.dll
2010-06-25 02:22 . 2010-06-25 02:22
119808 ----a-w\mozilla firefox\components\GoogleDesktopMozilla.dll
2009-06-10 21:26 . 2009-07-14 02:04
9633792 --sha-r\StaticCache.dat
.

c:\program files
c:\windows\Fonts

------- Sigcheck ------[-] 2009-07-14 . 8626F0C30D4E3564FFDD25C90F4426F1 . 811520 . . [6.1.7600.16385]

. . c:\windows\System32\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385]
. . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.163
85_none_cd0ec264ceb014a3\user32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))
)))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{84FF7BD6-B47F-46F8-9130-01B2696B36CB}"= "c:\program files\Iminent\SearchTheWeb
\Iminent.BHO.NavigationError.dll" [2010-07-09 111608]
[HKEY_CLASSES_ROOT\clsid\{84ff7bd6-b47f-46f8-9130-01b2696b36cb}]
[HKEY_CLASSES_ROOT\IminentBHONavigationError.CHelperBHO.1]
[HKEY_CLASSES_ROOT\TypeLib\{59E6E159-57CC-4DA5-8700-2AD17DC31DD1}]
[HKEY_CLASSES_ROOT\IminentBHONavigationError.CHelperBHO]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36
CB}]
2010-07-09 21:21
111608 ----a-wc:\program files\Iminent\SearchT
heWeb\Iminent.BHO.NavigationError.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883
856]
"ares"="c:\program files\Ares\Ares.exe" [2010-07-10 1015808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [
2008-10-25 31072]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-02-06 2021400]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_s
l.exe" [2010-06-20 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-0609 976832]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2010-03-23 495708]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-20 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-20 175640]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-20 167960]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\
CS4ServiceManager.exe" [2008-08-14 611712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe
" [2010-05-14 248552]
"IMBooster"="c:\program files\Iminent\IMBooster\imbooster.exe" [2010-08-16 16317
36]
"Iminent.Notifier"="c:\program files\Iminent\SearchTheWeb\Iminent.Notifier.exe"

[2010-07-09 536056]
c:\users\Amalita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
LimeWire On Startup.lnk - c:\program files\LimeWire\LimeWire.exe [2010-8-19 5038
08]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2009-10
-2 795936]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer9"=wdmaud.drv
[HKLM\~\startupfolder\C:^Users^Amalita^AppData^Roaming^Microsoft^Windows^Start M
enu^Programs^Startup^LimeWire On Startup.lnk]
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^Amalita^AppData^Roaming^Microsoft^Windows^Start M
enu^Programs^Startup^Recorte de pantalla e Inicio rpido de OneNote 2007.lnk]
backup=c:\windows\pss\Recorte de pantalla e Inicio rpido de OneNote 2007.lnk.Star
tup
backupExtension=.Startup
[HKLM\~\startupfolder\C:^Users^Amalita^AppData^Roaming^Microsoft^Windows^Start M
enu^Programs^Startup^sukisuki.lnk]
backup=c:\windows\pss\sukisuki.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
2010-07-10 12:56
1015808 ----a-wc:\program files\Ares\Ares.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BroadCam
]
2010-09-24 22:20
1175556 ----a-wc:\program files\NCH Software\Br
oadCam\broadcam.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google D
esktop Search]
2010-06-25 02:22
30192 ----a-wc:\program files\Google\Google D
esktop Search\GoogleDesktop.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google U
pdate]
2010-06-18 04:58
136176 ----atwc:\users\Amalita\AppData\Local\G
oogle\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScr
ibe Control Panel]
2008-06-09 15:16
2363392 ----a-wc:\program files\Common Files\Li
ghtScribe\LightScribeControlPanel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMRemind

erService]
2007-05-18 05:05
37392
ager 7\MmReminderService.exe

----a-r-

c:\program files\Mindjet\MindMan

R3 GoogleDesktopManager-051210-111108;Administrador de Google Desktop 5.9.1005.1

2335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-06-25
30192]
R3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader;c:\windows\system32\DRIV
ERS\ewdcsc.sys [2007-08-08 23424]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.
sys [2009-10-12 101120]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2010-05-26 136304]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfil
ter.sys [2008-08-12 7168]
R3 MySQL5EmprenetFREE;MySQL5EmprenetFREE;c:\program files\Emprenet Turnos FREE\m
ysql\bin\mysqld --defaults-file=c:\program files\Emprenet Turnos FREE\mysql\my.i
ni MySQL5EmprenetFREE [x]
R3 netw5v32;Controlador del adaptador Intel(R) Wireless WiFi Link 5000 Series pa
ra Windows Vista de 32 bits;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13
4231168]
R3 OracleJobSchedulerORCL;OracleJobSchedulerORCL;c:\oracle\product\10.2.0\db_1\B
in\extjob.exe ORCL [x]
R3 OracleOraDb10g_home1TNSListener;OracleOraDb10g_home1TNSListener;c:\oracle\pro
duct\10.2.0\db_1\BIN\TNSLSNR [x]
R3 OracleServiceORCL;OracleServiceORCL;c:\oracle\product\10.2.0\db_1\bin\ORACLE.
EXE ORCL [x]
R3 WatAdminSvc;Servicio de tecnologas de activacin de Windows;c:\windows\system32\
Wat\WatAdminSvc.exe [2010-04-21 1343400]
R4 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRep
ository\stwrt.inf_x86_neutral_9691412ff1876250\aestsrv.exe [2009-03-02 81920]
R4 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [2008-06-14 17408]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S1 tidnet;TID NDIS Protocol Driver;c:\windows\system32\DRIVERS\tidnet.sys [200911-11 19200]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys
[2009-07-13 48128]
S2 BroadCamService;BroadCam Video Streaming Server;c:\program files\NCH Software
\BroadCam\broadcam.exe [2010-09-24 1175556]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2009-02
-06 727720]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2010-06-15 26168]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [20
09-12-02 29472]
S3 NETw5s32;Controlador del adaptador Intel(R) Wireless WiFi Link para Windows 7
de 32 bits;c:\windows\system32\DRIVERS\NETw5s32.sys [2010-01-13 6755840]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009
-03-02 139776]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\v
wifimp.sys [2009-07-13 14336]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D
85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 15:14
451872 ----a-wc:\program files\Common Files\Li
ghtScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
2010-10-07 c:\windows\Tasks\GlaryInitialize.job

- c:\program files\Glary Utilities\initialize.exe [2010-10-07 16:21]

2010-10-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-417377055-2509645967-10
51460997-1000Core.job
- c:\users\Amalita\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-18 04:5
8]
2010-09-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-417377055-2509645967-10
51460997-1000UA.job
- c:\users\Amalita\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-18 04:5
8]
.
.
------- Supplementary Scan ------.
uStart Page = hxxp://www.google.com.ec/
uInternet Settings,ProxyServer = 192.168.0.1:3128
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Enviar imagen al dispositivo &Bluetooth... - c:\program files\ThinkPad\Bluet
ooth Software\btsendto_ie_ctx.htm
IE: Enviar pgina al dispositivo &Bluetooth... - c:\program files\ThinkPad\Bluetoo
th Software\btsendto_ie.htm
TCP: {AFD7D270-1521-42FF-B402-AE8D2947588D} = 200.107.10.52,200.107.60.58
TCP: {BFE53661-CE2E-4E9F-951B-19F4E0490FB7} = 192.168.3.166,192.168.3.1
DPF: {CAFECAFE-0013-0001-0017-ABCDEFABCDEF}
DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} - hxxp://as.autosierra.com.ec:7778/f
orms/jinitiator/jinit.exe
DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF} - hxxp://as.llantasierra.com.ec:7778
/forms/jinitiator/jinit.exe
FF - ProfilePath - c:\users\Amalita\AppData\Roaming\Mozilla\Firefox\Profiles\ktr
ab1no.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.ec/
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla
.dll
FF - component: c:\program files\Mozilla Firefox\extensions\webbooster@iminent.c
om\components\Iminent.XPCOM.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJinit13117.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJinit13122.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPJinit13128.dll
FF - plugin: c:\users\Amalita\AppData\Local\Google\Update\1.2.183.29\npGoogleOne
Click8.dll
---- FIREFOX POLICIES ---c:\program files\Mozilla Firefox\defaults\pref\all-iminent.js - pref("iminent.ap
pInstanceUid", "8F5CCDE8-820B-4B3D-9496-4BA236DB17F6");
c:\program files\Mozilla Firefox\defaults\pref\all-iminent.js - pref("iminent.cu
rrentLcid", "3082");
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MySQL5EmprenetFREE]
"ImagePath"="\"c:\program files\Emprenet Turnos FREE\mysql\bin\mysqld\" --defaul
ts-file=\"c:\program files\Emprenet Turnos FREE\mysql\my.ini\" MySQL5EmprenetFRE
E"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\OracleOraDb10g_home1TNSListene
r]
"ImagePath"="c:\oracle\product\10.2.0\db_1\BIN\TNSLSNR "
.
--------------------- LOCKED REGISTRY KEYS --------------------[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC108002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC108002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC108002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC108002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC108002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC108002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - > 'winlogon.exe'(736)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
- - - - - - - > 'Explorer.exe'(4456)
c:\program files\Iminent\IMBooster\Iminent.WinCore.dll
c:\program files\ThinkPad\Bluetooth Software\btmmhook.dll

.
Completion time: 2010-10-07 16:33:50
ComboFix-quarantined-files.txt 2010-10-07 21:33
ComboFix2.txt 2010-10-07 21:16
Pre-Run: 155,285,880,832 bytes libres
Post-Run: 155,253,456,896 bytes libres
- - End Of File - - E38B5D21A4C164BC14E9114B1520C9BF