Hello emeraldnzl,
Here is the ComboFix.txt Log file with the CFScript.txt with the ComboFix.exe merge.
ComboFix 10-08-28.02 - CompAdmin_DW 08/29/2010 17:45:49.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.148 [GMT -7:00]
Running from: c:\documents and settings\CompAdmin_DW\My Documents\Downloads\ComboFix.exe
Command switches used :: c:\documents and settings\CompAdmin_DW\My Documents\Downloads\CFScript.txt.txt
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\microsoft frontpage . . . .
c:\program files\movie maker . . . .
.
((((((((((((((((((((((((( Files Created from 2010-07-28 to 2010-08-30 )))))))))))))))))))))))))))))))
.
2010-08-28 01:37 . 2010-08-28 01:37 -------- d-----w- C:\_OTL
2010-08-27 19:54 . 2010-08-27 19:54 -------- d-----w- c:\program files\ESET
2010-08-27 03:09 . 2010-08-27 23:31 -------- d-----w- c:\program files\Java
2010-08-26 02:48 . 2010-08-26 02:48 414 ----a-w- c:\documents and
settings\CompAdmin_DW\DisableDrWatson.reg
2010-08-25 02:35 . 2010-08-25 02:35 -------- d-----w- c:\program files\Common Files\Java
2010-08-24 05:32 . 2010-08-24 05:32 -------- d-----w- c:\documents and settings\CompAdmin_DW\Application Data\WinPatrol
2010-08-24 05:31 . 2010-08-24 05:31 -------- d-----w- c:\program files\BillP Studios
2010-08-22 08:05 . 2010-08-22 08:05 -------- d-sh--w- c:\documents and settings\Dew\PrivacIE
2010-08-22 06:38 . 2010-08-22 06:38 -------- d-----w- c:\program files\microsoft frontpage
2010-08-15 23:28 . 2010-08-15 23:28 2688 ----a-w- c:\documents and
settings\CompAdmin_DW\Disable_CinepakEncodedFilesinDirectShow.reg
2010-08-15 01:04 . 2010-08-15 01:04 -------- d-----w- c:\documents and settings\Dew\Application Data\Malwarebytes
2010-08-15 00:24 . 2010-08-15 00:24 566 ----a-w- c:\documents and
settings\CompAdmin_DW\MP3_Parser_Backup.reg
2010-08-14 22:39 . 2010-08-14 22:39 2740 ----a-w- c:\documents and
settings\CompAdmin_DW\Drivers32_Backup.reg
2010-08-14 04:16 . 2010-08-14 04:16 2540 ----a-w- c:\documents and
settings\CompAdmin_DW\Disable_Silverlight.reg
2010-08-14 04:15 . 2010-08-14 04:15 2540 ----a-w- c:\documents and settings\CompAdmin_DW\SL_backup.reg
2010-08-10 04:10 . 2010-08-10 04:10 -------- d-----w- c:\documents and settings\CompAdmin_DW\Application Data\Malwarebytes
2010-08-10 04:10 . 2010-04-29 22:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-10 04:10 . 2010-08-10 04:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-10 04:10 . 2010-08-10 04:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-10 04:10 . 2010-04-29 22:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-10 01:32 . 2010-08-10 01:32 -------- d-----w- C:\_OTM
2010-08-07 22:13 . 2010-08-07 22:13 -------- d-----w- c:\documents and settings\CompAdmin_DW\Local Settings\Application Data\WMTools Downloaded Files
2010-08-01 22:44 . 2010-08-26 01:24 -------- d-----w- c:\program files\CCleaner
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-08-08 03:13 . 2010-08-08 03:13 503808 ----a-w- c:\documents and settings\Dew\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-60eb8bef-n\msvcp71.dll
2010-08-08 03:13 . 2010-08-08 03:13 499712 ----a-w- c:\documents and settings\Dew\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-60eb8bef-n\jmc.dll
2010-08-08 03:13 . 2010-08-08 03:13 348160 ----a-w- c:\documents and settings\Dew\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-60eb8bef-n\msvcr71.dll
2010-08-08 03:13 . 2010-08-08 03:13 61440 ----a-w- c:\documents and settings\Dew\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-2d5c66d7-n\decora-sse.dll
2010-08-08 03:13 . 2010-08-08 03:13 12800 ----a-w- c:\documents and settings\Dew\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-2d5c66d7-n\decora-d3d.dll
2010-08-06 00:33 . 2010-06-20 06:15 -------- d-----w- c:\documents and settings\CompAdmin_DW\Application Data\ZoomBrowser EX
2010-08-05 23:56 . 2010-06-20 06:16 -------- d-----w- c:\documents and settings\CompAdmin_DW\Application Data\CameraWindowDC
2010-08-05 21:18 . 2010-08-05 21:18 503808 ----a-w- c:\documents and settings\CompAdmin_DW\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-79864a60-n\msvcp71.dll
2010-08-05 21:18 . 2010-08-05 21:18 499712 ----a-w- c:\documents and settings\CompAdmin_DW\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-79864a60-n\jmc.dll
2010-08-05 21:18 . 2010-08-05 21:18 348160 ----a-w- c:\documents and settings\CompAdmin_DW\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-79864a60-n\msvcr71.dll
2010-08-05 21:18 . 2010-08-05 21:18 61440 ----a-w- c:\documents and settings\CompAdmin_DW\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5783da91-n\decora-sse.dll
2010-08-05 21:18 . 2010-08-05 21:18 12800 ----a-w- c:\documents and settings\CompAdmin_DW\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-5783da91-n\decora-d3d.dll
2010-08-01 21:58 . 2010-07-06 22:39 -------- d-----w- c:\program files\NortonInstaller
2010-08-01 21:57 . 2009-02-08 01:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-07-17 12:00 . 2010-04-15 22:32 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-11 05:03 . 2010-07-11 05:03 -------- d-----w- c:\documents and settings\Dew\Application Data\ZoomBrowser EX
2010-07-11 02:51 . 2010-07-11 02:51 72224 ----a-w- c:\documents and settings\Dew\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-07-08 21:41 . 2009-02-24 03:24 -------- d-----w- c:\program files\Canon
2010-07-08 21:39 . 2010-07-08 21:39 -------- d-----w- c:\documents and settings\All Users\Application Data\ZoomBrowser
2010-07-07 03:30 . 2010-07-07 01:27 -------- d-----w- c:\program files\Symantec
2010-07-07 03:30 . 2010-07-07 01:27 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2010-07-07 03:30 . 2010-07-07 01:27 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2010-07-07 03:30 . 2010-07-07 01:27 60808 ----a-w- c:\windows\system32\S32EVNT1.DLL
2010-07-07 03:30 . 2010-07-07 01:27 125488 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2010-07-07 01:52 . 2010-07-07 01:27 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-07-07 01:24 . 2010-07-07 01:24 -------- d-----w- c:\program files\Norton Internet Security
2010-07-05 02:24 . 2009-02-09 21:37 50 -c--a-w- c:\windows\system32\bridf06a.dat
2010-07-05 02:23 . 2009-02-09 21:35 -------- d-----w- c:\program files\Brother
2010-07-05 02:23 . 2010-04-20 21:47 -------- d--h--w- c:\program files\InstallShield Installation
Information
2010-07-03 22:41 . 2010-07-03 22:41 -------- d-----w- c:\program files\VS Revo Group
2010-06-30 12:31 . 2004-08-10 17:51 149504 ----a-w- c:\windows\system32\schannel.dll
2010-06-27 04:43 . 2010-06-27 04:43 71680 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2010-06-24 12:22 . 2004-08-10 17:51 916480 ----a-w- c:\windows\system32\wininet.dll
2010-06-24 01:37 . 2010-06-24 01:37 503808 ----a-w- c:\documents and settings\Dew\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4b7576b5-n\msvcp71.dll
2010-06-24 01:37 . 2010-06-24 01:37 499712 ----a-w- c:\documents and settings\Dew\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4b7576b5-n\jmc.dll
2010-06-24 01:37 . 2010-06-24 01:37 348160 ----a-w- c:\documents and settings\Dew\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4b7576b5-n\msvcr71.dll
2010-06-24 01:37 . 2010-06-24 01:37 61440 ----a-w- c:\documents and settings\Dew\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4400c1e1-n\decora-sse.dll
2010-06-24 01:37 . 2010-06-24 01:37 12800 ----a-w- c:\documents and settings\Dew\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-4400c1e1-n\decora-d3d.dll
2010-06-23 13:44 . 2004-08-10 17:51 1851904 ----a-w- c:\windows\system32\win32k.sys
2010-06-22 03:32 . 2010-06-22 03:32 503808 ----a-w- c:\documents and settings\CompAdmin_DW\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-306594ca-n\msvcp71.dll
2010-06-22 03:32 . 2010-06-22 03:32 499712 ----a-w- c:\documents and settings\CompAdmin_DW\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-306594ca-n\jmc.dll
2010-06-22 03:32 . 2010-06-22 03:32 348160 ----a-w- c:\documents and settings\CompAdmin_DW\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-306594ca-n\msvcr71.dll
2010-06-22 03:31 . 2010-06-22 03:31 61440 ----a-w- c:\documents and settings\CompAdmin_DW\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-13d196f4-n\decora-sse.dll
2010-06-22 03:31 . 2010-06-22 03:31 12800 ----a-w- c:\documents and settings\CompAdmin_DW\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-13d196f4-n\decora-d3d.dll
2010-06-21 15:27 . 2004-08-10 17:51 354304 ----a-w- c:\windows\system32\drivers\srv.sys
2010-06-20 06:45 . 2010-06-20 06:45 72224 ----a-w- c:\documents and settings\CompAdmin_DW\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-20 06:22 . 2010-06-20 06:15 4586 ----a-w- c:\documents and settings\CompAdmin_DW\Application Data\wklnhst.dat
2010-06-17 14:03 . 2010-06-17 14:03 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-14 14:31 . 2004-08-10 18:02 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:41 . 2004-08-10 17:51 1172480 ----a-w- c:\windows\system32\msxml3.dll
2009-06-10 00:43 . 2009-03-18 02:55 88 --sh--r- c:\windows\system32\05DBC0C248.sys
2009-06-10 00:43 . 2009-03-18 02:55 3350 -csha-w- c:\windows\system32\KGyGaAvL.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2010-05-31 323976]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^STIMON.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\STIMON.lnk
backup=c:\windows\pss\STIMON.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-06-09 08:06 976832 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd]
2006-03-28 23:48 622592 ----a-r- c:\program files\Brother\Brmfcmon\BrMfcWnd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3]
2006-04-10 22:58 61440 ----a-w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2005-10-05 08:12 94208 ----a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-09-20 16:32 77824 ----a-w- c:\windows\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-09-20 16:36 114688 ----a-w- c:\windows\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-09-20 16:35 94208 ----a-w- c:\windows\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
2005-03-17 22:45 40960 ----a-w- c:\program files\ScanSoft\PaperPort\IndexSearch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2006-05-17 07:58 213936 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2006-05-17 07:58 213936 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-05-17 07:58 86960 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
2005-03-17 22:25 57393 ----a-w- c:\program files\ScanSoft\PaperPort\pptd40nt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt]
2005-01-27 01:02 49152 ----a-w- c:\program files\Brother\Brmfl06a\BrStDvPt.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2004-10-15 00:42 1404928 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2003-10-14 18:22 155648 ----a-r- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 18:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1107000.00C\symds.sys [7/6/2010 7:50 PM 328752]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1107000.00C\symefa.sys [7/6/2010 7:50 PM 173104]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100810.004\BHDrvx86.sys [8/9/2010
6:11 PM 692272]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1107000.00C\cchpx86.sys [7/6/2010 7:50 PM 501888]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1107000.00C\ironx86.sys [7/6/2010 7:50 PM 116784]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.7.0.12\ccsvchst.exe [7/6/2010 7:50 PM 126392]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [7/6/2010 6:49 PM 102448]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100827.001\IDSXpx86.sys [8/27/2010
5:36 PM 331640]
--- Other Services/Drivers In Memory ---
*Deregistered* - uphcleanhlp
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
UPHClean REG_MULTI_SZ UPHClean
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.bing.com/?scope=web&setmkt=en-CA&setlang=SET_NULL&uid=A01618EC&FORM=W5WA
Trusted Zone: adobe.com\www
Trusted Zone: bing.com\www
Trusted Zone: geekstogo.com\www
Trusted Zone: microsoft.com\*.update
Trusted Zone: microsoft.com\*.windowsupdate
Trusted Zone: microsoft.com\update
Trusted Zone: microsoft.com\www
Trusted Zone: secunia.com\psi
FF - ProfilePath - c:\documents and settings\CompAdmin_DW\Application Data\Mozilla\Firefox\Profiles\q9axt25y.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js -
pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2010-08-29 17:57
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.7.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(2816)
c:\windows\system32\WININET.dll
c:\program files\BillP Studios\WinPatrol\PATROLPRO.DLL
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Canon\CAL\CALMAIN.exe
.
**************************************************************************
.
Completion time: 2010-08-29 18:03:52 - machine was rebooted
ComboFix-quarantined-files.txt 2010-08-30 01:03
ComboFix2.txt 2010-08-29 23:45
Pre-Run: 57,050,509,312 bytes free
Post-Run: 57,045,225,472 bytes free
- - End Of File - - E1E49183627801D925EE589234DE9AB8