ComboFix 12-06-25.03 - DLee 06/25/2012 8:25.1.4 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3063.2191 [GMT -7:00]
Running from: c:\users\DLee\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Christmas\AppData\Local\{91A6E3BF-3359-4417-9BDC-91192FD099B2}
c:\users\Christmas\AppData\Local\{91A6E3BF-3359-4417-9BDC-91192FD099B2}\chrome\content\overlay.xul
c:\users\Christmas\AppData\Local\{91A6E3BF-3359-4417-9BDC-91192FD099B2}\install.rdf
c:\users\Christmas\g2mdlhlpx.exe
c:\users\Christmas\GoToAssistDownloadHelper.exe
c:\users\DLee\AppData\Local\assembly\tmp
c:\users\DLee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
c:\users\DLee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\System Check.lnk
c:\users\DLee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check\Uninstall System Check.lnk
c:\users\DLee\Desktop\ElephantDrive-4.9.4-32bit.exe.txt
c:\users\DLee\Desktop\mozy.txt
c:\users\DLee\g2mdlhlpx.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-05-25 to 2012-06-25 )))))))))))))))))))))))))))))))
.
.
2012-06-25 15:29 . 2012-06-25 15:30 -------- d-----w- c:\users\DLee\AppData\Local\temp
2012-06-25 15:29 . 2012-06-25 15:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-25 15:29 . 2012-06-25 15:29 -------- d-----w- c:\users\Christmas\AppData\Local\temp
2012-06-25 15:25 . 2012-06-25 15:25 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E899CC8F-BA48-4CBF-B61B-6C16B0CA9FEE}\MpKsl8f094e7e.sys
2012-06-25 15:22 . 2012-06-25 15:22 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E899CC8F-BA48-4CBF-B61B-6C16B0CA9FEE}\MpKsl824aa630.sys
2012-06-25 15:21 . 2012-06-25 15:23 56200 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E899CC8F-BA48-4CBF-B61B-6C16B0CA9FEE}\offreg.dll
2012-06-24 16:04 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E899CC8F-BA48-4CBF-B61B-6C16B0CA9FEE}\mpengine.dll
2012-06-24 09:06 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-22 22:05 . 2012-06-22 22:05 -------- d-----w- C:\TDSSKiller_Quarantine
2012-06-21 06:01 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 06:01 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 06:01 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 06:01 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 06:00 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-21 06:00 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 06:00 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 06:00 . 2012-06-02 22:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 06:00 . 2012-06-02 22:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-18 20:01 . 2012-06-18 20:01 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-06-14 15:52 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2012-06-13 15:32 . 2012-04-28 03:17 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 15:32 . 2012-04-07 11:26 2342400 ----a-w- c:\windows\system32\msi.dll
2012-06-13 15:32 . 2012-05-15 01:05 2343936 ----a-w- c:\windows\system32\win32k.sys
2012-06-13 15:32 . 2012-04-26 04:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll
2012-06-13 15:32 . 2012-04-26 04:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-06-13 15:32 . 2012-04-26 04:41 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-06-13 15:32 . 2012-05-01 04:44 164352 ----a-w- c:\windows\system32\profsvc.dll
2012-06-13 15:32 . 2012-04-24 04:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 15:32 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 15:32 . 2012-04-24 04:36 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-13 15:27 . 2012-06-13 15:27 -------- d-----w- c:\users\DLee\AppData\Local\Macromedia
2012-06-12 15:06 . 2012-04-23 16:34 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-06-12 15:06 . 2012-04-23 16:34 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{67CD46DC-D76E-4CCC-879A-B324BA106F99}\gapaengine.dll
2012-06-07 21:39 . 2012-06-07 21:39 -------- d-----w- c:\users\DLee\dwhelper
2012-06-05 20:10 . 2012-06-05 20:10 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll
2012-06-05 20:10 . 2012-06-05 20:10 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll
2012-06-05 20:10 . 2012-06-05 20:10 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll
2012-06-05 20:10 . 2012-06-05 20:10 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll
2012-06-05 20:10 . 2012-06-05 20:10 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll
2012-06-05 20:10 . 2012-06-05 20:10 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll
2012-06-05 20:10 . 2012-06-05 20:10 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll
2012-06-05 20:08 . 2012-06-05 20:08 -------- d-----w- c:\program files\Common Files\Java
2012-06-05 20:07 . 2012-06-05 20:07 -------- d-----w- c:\program files\Oracle
2012-06-05 20:07 . 2012-04-05 01:47 772504 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-06-05 17:44 . 2012-06-05 17:44 -------- d-----w- c:\users\DLee\AppData\Local\Mozilla
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-23 20:36 . 2012-03-29 16:06 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-23 20:36 . 2011-06-03 23:44 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-19 03:56 . 2012-04-19 03:56 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-04-19 03:56 . 2012-04-19 03:56 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-04-05 01:47 . 2011-07-18 18:36 687504 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-04 22:56 . 2012-04-16 16:19 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-03-31 04:39 . 2012-05-11 19:48 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-03-31 04:39 . 2012-05-11 19:47 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-30 10:23 . 2012-05-11 19:48 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-06-18 20:01 . 2012-06-05 17:44 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01ElephantIconOverlay]
@="{AFA39CBB-DF66-47f9-A047-47ED25FE655E}"
[HKEY_CLASSES_ROOT\CLSID\{AFA39CBB-DF66-47f9-A047-47ED25FE655E}]
2011-12-28 22:48 449536 ----a-w- c:\program files\ElephantDrive\ElephantDrive\IconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02ElephantIconOverlay]
@="{1E519A85-494E-4706-AC87-1CC8BB9CC5DA}"
[HKEY_CLASSES_ROOT\CLSID\{1E519A85-494E-4706-AC87-1CC8BB9CC5DA}]
2011-12-28 22:48 449536 ----a-w- c:\program files\ElephantDrive\ElephantDrive\IconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03ElephantIconOverlay]
@="{0E2DD711-458A-4b39-8211-3F5FDAA0539E}"
[HKEY_CLASSES_ROOT\CLSID\{0E2DD711-458A-4b39-8211-3F5FDAA0539E}]
2011-12-28 22:48 449536 ----a-w- c:\program files\ElephantDrive\ElephantDrive\IconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04ElephantIconOverlay]
@="{2E28D71B-2733-46CD-B61B-49926AC3FD6F}"
[HKEY_CLASSES_ROOT\CLSID\{2E28D71B-2733-46CD-B61B-49926AC3FD6F}]
2011-12-28 22:48 449536 ----a-w- c:\program files\ElephantDrive\ElephantDrive\IconOverlay.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 931200]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2011-06-17 07:33 66328 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MozyHome Status.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\MozyHome Status.lnk
backup=c:\windows\pss\MozyHome Status.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Shortcut to ElephantDesktop.exe.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Shortcut to ElephantDesktop.exe.lnk
backup=c:\windows\pss\Shortcut to ElephantDesktop.exe.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Shortcut to ElephantDrive.exe.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Shortcut to ElephantDrive.exe.lnk
backup=c:\windows\pss\Shortcut to ElephantDrive.exe.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^DLee^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
path=c:\users\DLee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
2010-02-22 11:57 406992 ----a-w- c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-21 04:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2011-08-02 07:33 4910912 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
2011-06-23 23:44 1386776 ----a-w- c:\program files\Logitech\SetPointP\SetPoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-06-03 18:44 136176 ----atw- c:\users\DLee\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoToMeeting]
2011-06-14 16:04 39816 ----a-w- c:\program files\Citrix\GoToMeeting\723\g2mstart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-19 03:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-17 18:07 252296 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2012-03-17 00:20 3905920 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 20:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\users\DLee\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-24 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 ElephantDrive-MappedDrive.exe;ElephantDrive-MappedDrive;c:\program files\ElephantDrive\ElephantDrive\ElephantDrive-MappedDrive.exe [2012-02-14 125096]
R3 ElephantDrive-Service.exe;ElephantDrive-Service;c:\program files\ElephantDrive\ElephantDrive\ElephantDrive-Service.exe [2012-02-14 125096]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-06-24 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 74112]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-27 214952]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-06-03 1343400]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]
R4 SQLAgent$ADCENTERDESKTOP;SQL Server Agent (ADCENTERDESKTOP);c:\program files\Microsoft SQL Server\MSSQL10_50.ADCENTERDESKTOP\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 367456]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-03 232512]
S1 MpKsl824aa630;MpKsl824aa630;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E899CC8F-BA48-4CBF-B61B-6C16B0CA9FEE}\MpKsl824aa630.sys [2012-06-25 29904]
S1 MpKsl8f094e7e;MpKsl8f094e7e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E899CC8F-BA48-4CBF-B61B-6C16B0CA9FEE}\MpKsl8f094e7e.sys [2012-06-25 29904]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 MSSQL$ADCENTERDESKTOP;SQL Server (ADCENTERDESKTOP);c:\program files\Microsoft SQL Server\MSSQL10_50.ADCENTERDESKTOP\MSSQL\Binn\sqlservr.exe [2010-04-03 42884448]
S3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-08-21 273960]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2011-04-30 42648]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2011-04-30 12184]
S3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [2010-02-12 844064]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL824AA630
*NewlyCreated* - MPKSL8F094E7E
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 20:36]
.
2012-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-24 16:34]
.
2012-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-06-24 16:34]
.
2012-06-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3568101592-3335626919-1504947496-1000Core.job
- c:\users\DLee\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-03 18:44]
.
2012-06-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3568101592-3335626919-1504947496-1000UA.job
- c:\users\DLee\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-03 18:44]
.
.
------- Supplementary Scan -------
.
uStart Page = https://www.google.com/
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\DLee\AppData\Roaming\Mozilla\Firefox\Profiles\56qmzw2d.Daniel\
FF - prefs.js: browser.search.selectedEngine - Answers.com
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: network.proxy.type - 4
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-06-25 08:32:13
ComboFix-quarantined-files.txt 2012-06-25 15:32
.
Pre-Run: 195,728,523,264 bytes free
Post-Run: 195,722,993,664 bytes free
.
- - End Of File - - 37507C5A1F111960476C5A00D7215357