# AdwCleaner v2.202 - Logfile created 04/23/2013 at 14:17:29
# Updated 23/04/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Michelle Huey - DESKTOP
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Michelle Huey\Desktop\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
-\\ Mozilla Firefox v20.0.1 (en-US)
File : C:\Documents and Settings\Michelle Huey\Application Data\Mozilla\Firefox\Profiles\i5adjgi8.default\prefs.js
[OK] File is clean.
File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\pjra47sq.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v26.0.1410.64
File : C:\Documents and Settings\Michelle Huey\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [3115 octets] - [25/10/2012 13:24:57]
AdwCleaner[R2].txt - [2304 octets] - [22/04/2013 18:28:15]
AdwCleaner[S1].txt - [2913 octets] - [25/10/2012 13:25:35]
AdwCleaner[S2].txt - [348 octets] - [23/04/2013 14:16:49]
AdwCleaner[S3].txt - [2314 octets] - [23/04/2013 14:17:29]
########## EOF - C:\AdwCleaner[S3].txt - [2374 octets] ##########
ComboFix 13-04-23.02 - Michelle Huey 04/23/2013 15:04:41.8.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1023.604 [GMT -4:00]
Running from: c:\documents and settings\Michelle Huey\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\PCDr\5907\Downloads\07287f2e-4f82-4848-8132-7055ef322318.dll
c:\documents and settings\All Users\Application Data\PCDr\5907\Downloads\330761e0-2594-472d-8455-796592cf88dc.dll
c:\documents and settings\All Users\Application Data\PCDr\5907\Downloads\c870b857-9ba2-408a-b058-928ff7135168.dll
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2013-03-23 to 2013-04-23 )))))))))))))))))))))))))))))))
.
.
2013-04-23 06:00 . 2013-04-10 03:08 6906960 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{2DB358C6-96AA-463B-85B3-E6AEE59791E4}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-10 03:08 . 2006-05-02 01:50 6906960 -c--a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-04-04 18:50 . 2009-01-11 18:01 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-13 02:16 . 2012-07-17 14:15 693976 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-13 02:16 . 2011-05-27 15:29 73432 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-12 05:10 . 2009-10-03 05:51 237088 -c----w- c:\windows\system32\MpSigStub.exe
2013-03-08 08:36 . 2002-08-29 10:00 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-03-07 01:28 . 1980-01-01 05:00 2193408 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-07 00:50 . 1980-01-01 05:00 2070016 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-02 02:06 . 2004-02-06 23:05 916480 ----a-w- c:\windows\system32\wininet.dll
2013-03-02 02:06 . 2002-08-29 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-02 02:06 . 2002-08-29 10:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-02 01:25 . 2002-08-29 10:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-03-02 01:08 . 2004-08-04 05:59 385024 ----a-w- c:\windows\system32\html.iec
2013-02-28 16:40 . 2013-02-28 16:40 0 ----a-w- c:\windows\system32\REN8E50.tmp
2013-02-28 16:40 . 2013-02-28 16:40 0 ----a-w- c:\windows\system32\REN8E4F.tmp
2013-02-27 07:56 . 2002-08-29 10:00 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-02-12 00:32 . 2004-08-04 06:04 12928 ------w- c:\windows\system32\drivers\usb8023x.sys
2013-02-12 00:32 . 2002-08-29 10:00 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-01-26 03:55 . 2002-08-29 10:00 552448 ------w- c:\windows\system32\oleaut32.dll
2003-05-25 15:46 . 2003-05-25 15:05 8839120 -c--a-w- c:\program files\AcroReader51_ENU.exe
2013-04-22 22:16 . 2013-04-22 22:15 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\documents and settings\Michelle Huey\Application Data\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\documents and settings\Michelle Huey\Application Data\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\documents and settings\Michelle Huey\Application Data\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\documents and settings\Michelle Huey\Local Settings\Application Data\Akamai\netsession_win.exe" [2013-01-26 4480768]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2003-10-06 741376]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2003-10-06 5058560]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"Conime"="c:\windows\system32\conime.exe" [2008-04-14 27648]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"PivotSoftware"="c:\program files\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" [2010-05-13 110192]
"DT ACR"="c:\program files\Common Files\Portrait Displays\Shared\DT_startup.exe" [2010-10-26 121456]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"Monitor"="c:\program files\LeapFrog\LeapFrog Connect\Monitor.exe" [2012-07-05 295304]
"EKIJ5000StatusMonitor"="c:\windows\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe" [2012-10-08 2804224]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2012-11-13 3825176]
"EKStatusMonitor"="c:\program files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2013-01-15 2750840]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-02-20 152392]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files\Kodak\AiO\Center\AiOHomeCenter.exe" [2013-02-18 2236792]
.
c:\documents and settings\Michelle Huey\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\Michelle Huey\Application Data\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2012-12-24 01:05 92664 ----a-w- c:\windows\SYSTEM32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\SYSTEM32\\mmc.exe"=
"c:\\Program Files\\Hewlett-Packard\\HP DreamScreen PC Software\\httpsvr.exe"=
"c:\\Program Files\\Hewlett-Packard\\HP DreamScreen PC Software\\pcsw.exe"=
"c:\\Program Files\\TVersity\\Media Server\\MediaServer.exe"=
"c:\\Program Files\\AirPrint\\airprint.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Documents and Settings\\Michelle Huey\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\LeapFrog\\LeapFrog Connect\\LeapFrogConnect.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=
"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\AiOHomeCenter.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\Kodak.Statistics.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\NetworkPrinterDiscovery.exe"=
"c:\\Program Files\\Kodak\\AiO\\Firmware\\KodakAiOUpdater.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kodak\\Installer\\Setup.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1900:UDP"= 1900:UDP:@xpsp2res.dll,-22007
"2869:TCP"= 2869:TCP:@xpsp2res.dll,-22008
"5353:UDP"= 5353:UDP:Bonjour Port 5353
"9322:TCP"= 9322:TCP:EKDiscovery
"1058:TCP"= 1058:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R1 aswSnx;aswSnx;c:\windows\SYSTEM32\DRIVERS\aswSnx.sys [5/31/2011 4:27 PM 729752]
R1 aswSP;aswSP;c:\windows\SYSTEM32\DRIVERS\aswSP.sys [9/4/2010 11:34 PM 355632]
R2 AirPrint;AirPrint;c:\program files\AirPrint\airprint.exe -R _ipp._tcp,_universal -s --> c:\program files\AirPrint\airprint.exe -R _ipp._tcp,_universal -s [?]
R2 aswFsBlk;aswFsBlk;c:\windows\SYSTEM32\DRIVERS\aswFsBlk.sys [9/4/2010 11:34 PM 21256]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\Kodak\AiO\Center\EKAiOHostService.exe [2/18/2013 11:20 AM 395640]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [1/15/2013 2:07 PM 780152]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [10/23/2010 8:23 PM 375296]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [8/11/2008 1:41 PM 12856]
R2 mrtRate;mrtRate;c:\windows\SYSTEM32\DRIVERS\MrtRate.sys [4/14/2003 2:03 PM 34712]
R2 PdiService;Portrait Displays SDK Service;c:\program files\Common Files\Portrait Displays\Drivers\pdisrvc.exe [6/21/2011 12:34 PM 109168]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [2/18/2013 7:39 PM 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2/18/2013 7:39 PM 1369624]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2/18/2013 7:39 PM 168384]
S3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [1/10/2010 10:50 AM 15960]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 21:44 1642448 ----a-w- c:\program files\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-17 02:16]
.
2013-04-01 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57]
.
2013-04-23 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-09-07 09:12]
.
2013-04-23 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2013-02-18 19:08]
.
2013-04-08 c:\windows\Tasks\Defraggler Volume C Task.job
- c:\program files\Defraggler\df.exe [2010-06-18 18:47]
.
2013-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 01:28]
.
2013-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 01:28]
.
2013-04-23 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 23:20]
.
2013-04-10 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09]
.
2013-04-04 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2013-02-18 19:07]
.
2013-04-01 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job
- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2013-02-18 19:07]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.google.com/uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Trusted Zone: internet
Trusted Zone: mcafee.com
TCP: DhcpNameServer = 208.67.222.222 208.67.220.220 209.18.47.61
TCP: Interfaces\{B2544E4D-4581-4C6D-B2E4-D742F7589491}: NameServer = 208.67.222.222,208.67.220.220
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {C77FB8C0-8B6D-440E-AC26-2BD39E97E8F2} - hxxp://speedtest.adelphia.net/customerdiag/speedtest/SPEEDTESTACTIVEX.CAB
FF - ProfilePath - c:\documents and settings\Michelle Huey\Application Data\Mozilla\Firefox\Profiles\i5adjgi8.default\
FF - ExtSQL: !HIDDEN! 2009-09-14 03:05; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-04-23 15:17
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(712)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
Completion time: 2013-04-23 15:23:25
ComboFix-quarantined-files.txt 2013-04-23 19:22
ComboFix2.txt 2013-03-16 15:56
.
Pre-Run: 2,899,619,840 bytes free
Post-Run: 2,862,792,704 bytes free
.
- - End Of File - - 57633FFECC854883FEC25162BC86E241