ComboFix 10-06-05.01 - Chris 06/06/2010 8:49.1.2 - x86 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3005.1706 [GMT 1:00] Running from: c:\users\Chris\Desktop\ComboFix.exe SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\programdata\Microsoft\Network\Downloader\qmgr0.dat c:\programdata\Microsoft\Network\Downloader\qmgr1.dat c:\windows\system32\Drivers\kdymrlxr.sys ----- BITS: Possible infected sites ----- hxxp://ads1.msads.net . ((((((((((((((((((((((((( Files Created from 2010-05-06 to 2010-06-06 ))))))))))))))))))))))))))))))) . 2010-06-06 07:46 . 2010-06-06 07:47 -------- d-----w- C:\32788R22FWJFW 2010-06-05 13:34 . 2010-06-05 13:34 -------- d-----w- c:\windows\Internet Logs 2010-06-04 16:15 . 2010-06-04 16:15 -------- d-----w- c:\program files\Common Files\Java 2010-06-04 16:14 . 2010-04-12 16:29 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-06-03 17:37 . 2010-06-06 07:19 -------- d-----w- c:\users\Chris\AppData\Roaming\skypePM 2010-06-03 17:35 . 2010-06-06 07:55 -------- d-----w- c:\users\Chris\AppData\Roaming\Skype 2010-06-03 17:35 . 2010-06-03 17:35 -------- d-----w- c:\program files\Common Files\Skype 2010-06-03 17:35 . 2010-06-03 17:35 -------- d-----r- c:\program files\Skype 2010-06-03 17:35 . 2010-06-03 17:35 -------- d-----w- c:\programdata\Skype 2010-06-03 14:30 . 2010-05-19 19:00 501872 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb713D.tmp.exe 2010-06-03 11:31 . 2010-06-03 11:31 498952 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtb761B.tmp.exe 2010-06-01 17:27 . 2010-06-01 17:27 -------- d-----w- c:\program files\uTorrent 2010-06-01 17:27 . 2010-06-06 07:46 -------- d-----w- c:\users\Chris\AppData\Roaming\uTorrent 2010-06-01 09:21 . 2010-06-01 09:22 -------- d-----w- c:\users\Munns\AppData\Roaming\OnlineArmor 2010-06-01 09:21 . 2010-06-01 09:21 -------- d-----w- c:\users\Munns\AppData\Roaming\CheckPoint 2010-05-31 19:24 . 2010-06-01 06:37 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-05-31 19:24 . 2010-05-31 20:56 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2010-05-31 19:04 . 2010-06-02 07:32 -------- d-----w- c:\programdata\OnlineArmor 2010-05-31 19:04 . 2010-05-31 19:04 -------- d-----w- c:\users\Chris\AppData\Roaming\OnlineArmor 2010-05-31 19:03 . 2010-05-31 19:03 -------- d-----w- c:\program files\Trend Micro 2010-05-31 19:02 . 2010-05-31 19:02 -------- d-----w- c:\program files\ESET 2010-05-31 19:01 . 2010-05-31 19:01 -------- d-----w- c:\users\Chris\AppData\Roaming\Malwarebytes 2010-05-31 19:00 . 2010-04-29 14:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-31 19:00 . 2010-05-31 19:00 -------- d-----w- c:\programdata\Malwarebytes 2010-05-31 19:00 . 2010-04-29 14:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-31 19:00 . 2010-05-31 19:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-31 19:00 . 2010-04-20 03:13 24440 ----a-w- c:\windows\system32\drivers\OAmon.sys 2010-05-31 19:00 . 2010-04-20 03:13 30584 ----a-w- c:\windows\system32\drivers\OAnet.sys 2010-05-31 19:00 . 2010-04-20 03:13 228216 ----a-w- c:\windows\system32\drivers\OADriver.sys 2010-05-31 19:00 . 2010-05-31 19:00 -------- d-----w- c:\program files\Tall Emu 2010-05-31 18:56 . 2010-05-31 18:56 -------- d-----w- c:\users\Chris\AppData\Roaming\CheckPoint 2010-05-31 18:56 . 2010-05-31 18:56 -------- d-----w- c:\program files\CheckPoint 2010-05-31 18:55 . 2010-05-31 18:55 -------- d-----w- c:\programdata\CheckPoint 2010-05-30 19:29 . 2010-05-30 19:29 -------- d-----w- c:\program files\ASIO4ALL v2 2010-05-30 19:28 . 2006-06-20 08:56 225280 ----a-w- c:\windows\system32\rewire.dll 2010-05-30 19:27 . 2010-05-30 19:28 -------- d-----w- c:\program files\VstPlugins 2010-05-30 19:27 . 2010-05-30 19:27 -------- d-----w- c:\program files\Outsim 2010-05-30 19:25 . 2010-05-30 19:28 -------- d-----w- c:\program files\Image-Line 2010-05-27 17:03 . 2010-05-27 17:03 50354 ----a-w- c:\users\Chris\AppData\Roaming\Facebook\uninstall.exe 2010-05-27 17:03 . 2010-05-27 17:03 -------- d-----w- c:\users\Chris\AppData\Roaming\Facebook 2010-05-27 15:44 . 2006-11-01 14:54 180224 ----a-w- c:\windows\system32\xvidvfw.dll 2010-05-27 15:44 . 2006-11-01 14:52 765952 ----a-w- c:\windows\system32\xvidcore.dll 2010-05-27 15:44 . 2004-03-09 10:39 8704 ----a-w- c:\windows\system32\vidccleaner.exe 2010-05-27 15:44 . 1998-07-09 19:41 217088 ----a-w- c:\windows\system32\skjpeg40.dll 2010-05-27 15:44 . 1998-03-04 10:40 83968 ----a-w- c:\windows\system32\Skbase40.dll 2010-05-27 15:43 . 2010-05-27 15:43 -------- d-----w- c:\users\Chris\AppData\Roaming\InstallShield 2010-05-27 15:43 . 2007-06-11 15:39 40960 ----a-w- c:\windows\unS385N.dll 2010-05-26 18:31 . 2010-04-23 07:13 2048 ----a-w- c:\windows\system32\tzres.dll 2010-05-25 19:25 . 2010-05-25 19:29 81 ----a-w- c:\users\Chris\jagex_runescape_preferences2.dat 2010-05-25 19:25 . 2010-05-25 19:25 0 ----a-w- c:\users\Chris\jagex__preferences3.dat 2010-05-25 19:24 . 2010-05-25 19:25 42 ----a-w- c:\users\Chris\jagex_runescape_preferences.dat 2010-05-20 17:48 . 2010-05-20 17:48 -------- d-----w- c:\windows\system32\x64 2010-05-20 17:44 . 2009-10-10 02:57 12800 ----a-w- c:\windows\system32\drivers\sffp_sd.sys 2010-05-20 17:39 . 2010-05-20 17:39 -------- d-----w- c:\windows\system32\Wat 2010-05-13 19:44 . 2010-05-13 19:44 -------- d-----w- c:\programdata\FLEXnet 2010-05-12 15:05 . 2010-03-04 07:33 740864 ----a-w- c:\windows\system32\inetcomm.dll 2010-05-08 18:19 . 2010-06-06 07:42 -------- d-----w- c:\users\Chris\AppData\Local\Google 2010-05-08 18:07 . 2010-02-25 16:51 25216 ----a-w- c:\windows\system32\drivers\tap0901.sys 2010-05-08 18:07 . 2010-05-08 18:07 -------- d-----w- c:\program files\S.A.D 2010-05-08 11:28 . 2010-05-08 11:28 509552 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbAFB2.tmp.exe 2010-05-08 11:28 . 2010-06-03 11:31 -------- d-----w- c:\program files\Google 2010-05-08 11:27 . 2010-05-08 11:27 -------- d-----w- c:\windows\system32\Adobe . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-06-05 11:57 . 2009-09-03 13:45 -------- d-----w- c:\program files\Microsoft Silverlight 2010-06-04 16:13 . 2010-01-07 20:38 -------- d-----w- c:\program files\Java 2010-06-03 17:37 . 2010-06-03 17:37 56 ---ha-w- c:\programdata\ezsidmv.dat 2010-06-03 16:14 . 2010-04-26 15:53 -------- d-----w- c:\program files\TeamSpeak 3 Client 2010-06-01 17:26 . 2010-01-10 14:11 -------- d-----w- c:\program files\Vuze 2010-06-01 14:46 . 2009-12-27 18:55 -------- d-----w- c:\users\Chris\AppData\Roaming\Apple Computer 2010-05-31 21:08 . 2010-02-11 21:24 -------- d-----w- c:\program files\Free Offers from Freeze.com 2010-05-30 19:30 . 2010-01-10 14:11 -------- d-----w- c:\users\Chris\AppData\Roaming\Azureus 2010-05-30 19:27 . 2009-12-27 17:57 -------- d-----w- c:\program files\Microsoft 2010-05-27 15:44 . 2010-02-06 17:58 -------- d-----w- c:\program files\Samsung 2010-05-27 15:44 . 2009-09-01 12:28 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-05-27 15:43 . 2009-09-01 12:38 -------- d-----w- c:\program files\Common Files\InstallShield 2010-05-12 20:53 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail 2010-05-12 20:53 . 2009-09-03 14:11 -------- d-----w- c:\programdata\Microsoft Help 2010-05-12 10:21 . 2009-12-26 21:07 221568 ------w- c:\windows\system32\MpSigStub.exe 2010-05-06 19:20 . 2010-05-06 19:15 -------- d-----w- c:\users\Chris\AppData\Roaming\TeamViewer 2010-05-06 19:15 . 2010-05-06 19:15 -------- d-----w- c:\program files\TeamViewer 2010-05-03 13:03 . 2010-05-03 13:02 -------- d-----w- c:\program files\iTunes 2010-05-03 13:02 . 2010-05-03 13:02 -------- d-----w- c:\program files\iPod 2010-05-03 13:02 . 2009-12-27 18:52 -------- d-----w- c:\program files\Common Files\Apple 2010-05-03 12:59 . 2010-05-03 12:59 -------- d-----w- c:\program files\Bonjour 2010-05-03 12:57 . 2010-05-03 12:57 73000 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe 2010-05-03 12:25 . 2009-12-27 17:52 85832 ----a-w- c:\users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT 2010-05-02 16:22 . 2009-12-26 20:01 85832 ----a-w- c:\users\Munns\AppData\Local\GDIPFONTCACHEV1.DAT 2010-05-02 13:53 . 2010-05-02 13:53 -------- d-----w- c:\program files\Rockstar Games 2010-05-02 13:52 . 2010-05-02 13:52 -------- d-----w- c:\program files\SystemRequirementsLab 2010-05-02 13:52 . 2010-05-02 13:52 85504 ----a-w- c:\users\Chris\AppData\Roaming\SystemRequirementsLab\srlproxy_cyri_4.1.71.0A.dll 2010-05-02 13:52 . 2010-05-02 13:52 -------- d-----w- c:\users\Chris\AppData\Roaming\SystemRequirementsLab 2010-05-01 12:38 . 2009-12-26 20:04 -------- d-----w- c:\programdata\CyberLink 2010-05-01 12:38 . 2010-05-01 12:38 -------- d-----w- c:\users\Chris\AppData\Roaming\CyberLink 2010-04-30 20:44 . 2009-09-03 13:52 -------- d-----w- c:\program files\Common Files\Adobe 2010-04-30 20:43 . 2010-04-30 20:43 -------- d-----w- c:\program files\Adobe Media Player 2010-04-30 20:41 . 2010-04-30 20:41 -------- d-----w- c:\program files\Common Files\Adobe AIR 2010-04-30 20:38 . 2010-04-30 20:38 -------- d-----w- c:\program files\Common Files\Macrovision Shared 2010-04-30 17:27 . 2010-04-30 17:27 175 ----a-w- c:\users\Chris\AppData\Roaming\Azureus\restart.bat 2010-04-29 19:08 . 2010-04-26 15:56 -------- d-----w- c:\users\Chris\AppData\Roaming\TS3Client 2010-04-26 15:47 . 2010-04-26 15:47 -------- d-----w- c:\program files\Messenger_Plus_Live_UK 2010-04-26 15:47 . 2010-04-26 15:47 -------- d-----w- c:\program files\Conduit 2010-04-24 12:02 . 2010-04-24 12:01 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-04-24 11:58 . 2010-04-24 11:58 -------- d-----w- c:\program files\QuickTime 2010-04-24 11:53 . 2010-02-20 12:11 -------- d-----w- c:\program files\Safari 2010-04-24 11:51 . 2010-04-24 11:51 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe 2010-04-08 12:20 . 2010-04-08 12:20 91424 ----a-w- c:\windows\system32\dnssd.dll 2010-04-08 12:20 . 2010-04-08 12:20 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-04-01 11:53 . 2010-04-01 11:53 499712 ----a-w- c:\windows\system32\msvcp71.dll 2010-03-08 21:33 . 2010-04-14 09:49 427520 ----a-w- c:\windows\system32\vbscript.dll 2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat 2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{77F40091-495B-4C46-9068-2B24C4133157}"= "c:\program files\Messenger_Plus_Live_UK\tbMess.dll" [2010-02-22 2353176] [HKEY_CLASSES_ROOT\clsid\{77f40091-495b-4c46-9068-2b24c4133157}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-08 39408] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-06-01 322352] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-08-26 7723552] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "CLMLServer"="c:\program files\Cyberlink\Power2Go\CLMLSvc.exe" [2009-06-03 103720] "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "YouCam Mirror Tray icon"="c:\program files\CyberLink\YouCam\YouCamTray.exe" [2009-07-31 162912] "UpdatePDRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-01-04 222504] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888] "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-02-20 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-02-20 175640] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-02-20 167960] "@OnlineArmor GUI"="c:\program files\Tall Emu\Online Armor\OAui.exe" [2010-04-20 6678008] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Launch.lnk - c:\windows\Installer\{4A65DAD2-E914-4923-9C2A-81B968A68CE2}\_A685CC3126A7CC37D335DE.exe [2009-9-3 17542] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\TALLEM~1\ONLINE~1\oaevent.dll" [2010-04-20 925688] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys] @="FSFilter Activity Monitor" R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-05-08 135664] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-04 166912] R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-20 1343400] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0308000.029\SYMEFA.SYS [2009-08-22 310320] S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\Drivers\N360\0308000.029\BHDrvx86.sys [2009-08-22 259632] S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\N360\0308000.029\ccHPx86.sys [2009-08-22 482432] S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20100520.001\IDSvix86.sys [2009-10-28 343088] S1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2010-04-20 228216] S1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2010-04-20 24440] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 N360;Norton 360;c:\program files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe [2009-08-22 117640] S2 OAcat;Online Armor Helper Service;c:\program files\Tall Emu\Online Armor\OAcat.exe [2010-04-20 1284600] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 SvcOnlineArmor;Online Armor;c:\program files\Tall Emu\Online Armor\oasrv.exe [2010-04-20 3364856] S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-04-16 173352] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-05-26 102448] S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-26 122368] S3 OAnet;OnlineArmor Service;c:\windows\system32\DRIVERS\oanet.sys [2010-04-20 30584] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-05-22 167936] S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\N360\0308000.029\SYMNDISV.SYS [2009-08-22 48688] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336] . Contents of the 'Scheduled Tasks' folder 2010-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-08 11:37] 2010-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-08 11:37] . . ------- Supplementary Scan ------- . uStart Page = hxxp://m.uk.yahoo.com/ uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll FF - ProfilePath - c:\users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\5rob0dlk.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - hxxp://m.uk.yahoo.com FF - prefs.js: keyword.URL - hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCxpt018YYGB&fl=0&ptb=BTpvFP9LdLQIW1eMvoCRTA&url=http://search.mywebsearch.com/mywebsearch/GGmain.jhtml&st=kwd&n=77ce7c33&searchfor= FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\components\coFFPlgn.dll FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\IPSFFPlgn\components\IPSFFPl.dll FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: c:\users\Chris\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); . - - - - ORPHANS REMOVED - - - - Toolbar-Locked - (no file) [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\3.8.0.41\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\3.8.0.41\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2010-06-06 08:58:01 ComboFix-quarantined-files.txt 2010-06-06 07:58 Pre-Run: 434,052,927,488 bytes free Post-Run: 435,709,779,968 bytes free - - End Of File - - 7374CDB067FAEC293AEADA015F4F35B1