The saga continues. I don't notice any problems when I'm not on line, but when I get on the internet problems do occur and they are worst when using Firefox than with Internet Explorer. The good news is that flash player hasn't crashed for a while. I'll tell you about three problem situations that I am aware of.
When I go to weather.com, Firefox displays the page for about a second and then goes blank(white). The message bar at the bottom of the screen says "js.revsci.net...". I click on the stop and back buttons and the same thing happens except that the page that I want displays for several seconds. I can then click the stop button and read the page. If I try to navigate to another page within the site, the same *#$!% thing happens again. With Explorer, the page loads and the message bar says "done". Then after a few seconds the message bar changes to "done" with a yellow diamond and exclamation point in it.
When I do a Google search for antivirus the search seems to go fine. When I click on the AVG page the page appears and then goes blank. The message bar says "waiting for
http://www.google-analytics.com... When I click stop and back, I get to their home page.
Finally, when I go to Hertz.com, I get to their home page fine, but when I log into my #1 club account I have problems. The ads don't appear. Firefox says the connection timed out and IE wants to diagnose the problem.
There are probably other problems that I'm just not aware of.
Have a better day than I'm having.
ComboFix 10-10-05.05 - Anthony 10/08/2010 8:48.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.481 [GMT -4:00]
Running from: c:\documents and settings\Anthony\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Anthony\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FILE ::
"c:\documents and settings\Anthony\Application Data\Sun\Java\Deployment\cache\6.0\34\6115dfa2-652ce8fb"
"c:\documents and settings\Anthony\Application Data\Sun\Java\Deployment\cache\6.0\36\4385b764-2e55163f"
"c:\documents and settings\Anthony\Application Data\Sun\Java\Deployment\cache\6.0\37\7e582e5-3cd91730"
"c:\documents and settings\Anthony\Application Data\Sun\Java\Deployment\cache\6.0\39\61f830e7-38c87152"
"c:\windows\System32\drivers\etc\hosts"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Anthony\Application Data\Sun\Java\Deployment\cache\6.0\34\6115dfa2-652ce8fb
c:\documents and settings\Anthony\Application Data\Sun\Java\Deployment\cache\6.0\36\4385b764-2e55163f
c:\documents and settings\Anthony\Application Data\Sun\Java\Deployment\cache\6.0\37\7e582e5-3cd91730
c:\documents and settings\Anthony\Application Data\Sun\Java\Deployment\cache\6.0\39\61f830e7-38c87152
c:\windows\System32\drivers\etc\hosts
.
((((((((((((((((((((((((( Files Created from 2010-09-08 to 2010-10-08 )))))))))))))))))))))))))))))))
.
2010-10-07 16:41 . 2010-10-07 16:41 -------- d-----w- C:\_OTM
2010-10-05 13:34 . 2010-10-05 13:34 4100960 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgui.exe
2010-10-05 13:34 . 2010-10-05 13:34 4394336 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcorex.dll
2010-10-05 13:34 . 2010-10-05 13:34 2065760 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgtray.exe
2010-10-04 05:09 . 2010-10-04 05:09 -------- d-----w- c:\documents and settings\Anthony\Application Data\Malwarebytes
2010-10-04 03:41 . 2010-10-04 03:41 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-10-04 02:40 . 2010-04-29 19:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-04 02:40 . 2010-10-04 02:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-10-04 02:40 . 2010-10-04 05:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-10-04 02:40 . 2010-04-29 19:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-10-03 22:02 . 2010-10-03 22:03 -------- d-----w- C:\rsit
2010-10-01 15:41 . 2010-10-01 15:41 388096 ----a-r- c:\documents and settings\Anthony\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-10-01 15:41 . 2010-10-03 22:03 -------- d-----w- c:\program files\Trend Micro
2010-09-29 04:23 . 2010-09-29 04:23 -------- d-----w- C:\spoolerlogs
2010-09-26 03:34 . 2010-09-26 03:34 -------- d-----w- c:\windows\system32\wbem\Repository
2010-09-23 12:34 . 2010-09-23 12:34 3586912 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\setup.exe
2010-09-23 12:34 . 2010-09-23 12:34 620896 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgnsx.exe
2010-09-23 12:34 . 2010-09-23 12:34 1619296 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgssie.dll
2010-09-23 12:33 . 2010-09-23 12:33 1377632 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgssff.dll
2010-09-23 12:33 . 2010-09-23 12:33 942432 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgcfgx.dll
2010-09-23 12:33 . 2010-09-23 12:33 598368 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgsrmx.dll
2010-09-23 12:33 . 2010-09-23 12:33 300896 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgchclx.dll
2010-09-23 12:31 . 2010-09-23 12:31 1690952 ----a-w- c:\documents and settings\All Users\Application Data\avg9\update\backup\avgupd.dll
2010-09-21 15:22 . 2010-09-21 15:22 -------- d-----w- c:\program files\Apple Software Update
2010-09-18 13:41 . 2010-09-18 13:41 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-08 13:44 . 2009-03-06 18:12 -------- d-----w- c:\documents and settings\Anthony\Application Data\HPAppData
2010-10-08 12:42 . 2008-07-11 00:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2010-10-05 13:25 . 2001-08-17 13:58 37248 ----a-w- c:\windows\system32\drivers\isapnp.sys
2010-10-05 11:55 . 2008-08-23 17:46 -------- d-----w- c:\program files\Microsoft Silverlight
2010-10-03 19:33 . 2008-10-10 14:41 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-09-21 15:25 . 2006-02-16 09:56 -------- d-----w- c:\program files\QuickTime
2010-09-21 15:24 . 2010-08-22 01:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2010-09-21 15:23 . 2010-08-22 01:39 -------- d-----w- c:\program files\Common Files\Apple
2010-09-07 18:25 . 2007-03-22 20:09 -------- d-----w- c:\program files\Common Files\Adobe
2010-08-31 15:56 . 2010-08-22 01:44 -------- d-----w- c:\documents and settings\Anthony\Application Data\Apple Computer
2010-08-24 13:23 . 2006-10-06 21:48 43664 ----a-w- c:\documents and settings\Anthony\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-08-24 12:52 . 2010-08-24 12:52 -------- d-----w- c:\program files\MSECache
2010-08-23 19:34 . 2010-08-23 19:34 -------- d-----w- c:\program files\Xiph.Org
2010-08-23 19:34 . 2010-03-01 17:31 -------- d-----w- c:\program files\V CAST Media Manager
2010-08-23 19:33 . 2010-08-23 19:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Tarma Installer
2010-08-23 19:32 . 2010-08-23 19:27 92793224 ----a-w- c:\documents and settings\Anthony\Application Data\Smith Micro\Updates\VCASTMediaManager_Full_1652.exe
2010-08-22 23:30 . 2010-08-22 23:30 34864 ---ha-w- c:\windows\system32\mlfcache.dat
2010-08-22 01:43 . 2010-08-22 01:42 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-08-22 01:39 . 2010-08-22 01:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-08-17 13:17 . 2006-02-15 14:04 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-08-11 21:05 . 2010-08-23 19:33 1742848 --s-a-r- c:\documents and settings\All Users\Application Data\Tarma Installer\{E7269FD6-34EA-4617-8752-6739AA384080}\_Setup.dll
2010-08-11 21:04 . 2010-08-23 19:33 16232 --s-a-r- c:\documents and settings\All Users\Application Data\Tarma Installer\{E7269FD6-34EA-4617-8752-6739AA384080}\_Setupx.dll
2010-07-26 08:33 . 2010-08-23 19:33 227328 --s---r- c:\documents and settings\All Users\Application Data\Tarma Installer\{E7269FD6-34EA-4617-8752-6739AA384080}\Setup.exe
2010-07-26 00:38 . 2010-07-26 00:38 53248 ----a-r- c:\documents and settings\Anthony\Application Data\Microsoft\Installer\{08DEC21F-F7E5-46F9-81D1-3ED30BD3AEC9}\ARPPRODUCTICON.exe
2010-07-26 00:32 . 2010-07-26 00:28 89411448 ----a-w- c:\documents and settings\Anthony\Application Data\Smith Micro\Updates\VCASTMediaManager_Full_1585.exe
2010-07-22 15:49 . 2006-02-15 14:03 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2010-07-22 05:57 . 2009-04-16 18:15 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-07-15 13:22 . 2008-05-23 14:29 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-07-15 13:22 . 2010-07-15 13:22 12536 ----a-w- c:\windows\system32\avgrsstx.dll
2010-07-15 13:21 . 2008-05-23 14:29 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2006-11-03 04:34 . 2006-11-03 04:33 14879120 ----a-w- c:\program files\GoogleEarthWin.exe
.
((((((((((((((((((((((((((((( SnapShot@2010-10-06_13.55.13 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-10-08 11:58 . 2010-10-08 11:58 16384 c:\windows\Temp\Perflib_Perfdata_9a8.dat
+ 2010-10-08 11:58 . 2010-10-08 11:58 16384 c:\windows\Temp\Perflib_Perfdata_2d8.dat
+ 2010-09-25 20:42 . 2010-10-08 11:58 224336 c:\windows\system32\inetsrv\MetaBase.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-29 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CFSServ.exe"="CFSServ.exe -NoClient" [X]
"TFncKy"="TFncKy.exe" [BU]
"TDispVol"="TDispVol.exe" [2005-03-11 73728]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-28 77824]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"THotkey"="c:\program files\Toshiba\Toshiba Applet\thotkey.exe" [2006-01-05 352256]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-12-16 82009]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-16 761945]
"LtMoh"="c:\program files\ltmoh\Ltmoh.exe" [2004-08-18 184320]
"AGRSMMSG"="AGRSMMSG.exe" [2005-10-15 88203]
"NDSTray.exe"="NDSTray.exe" [BU]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-05 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-28 602182]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-10-05 2067808]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-03-22 39264]
c:\documents and settings\Anthony\Start Menu\Programs\Startup\
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-4-19 64864]
V CAST Media Monitor.lnk - c:\program files\V CAST Media Manager\MEMonitor.exe [2010-5-13 2991464]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-10-14 813584]
Metamail Trust Manager.lnk - c:\program files\Metamail Inc\Metamail Tray\Metamail Trust Manager.exe [2006-6-5 329472]
RAMASST.lnk - c:\windows\system32\RAMASST.exe [2006-2-15 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-07-15 13:22 12536 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 16:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"=
"c:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"= c:\\TOSHIBA\\IVP\\ISM\\pinger.exe
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1140083713\\EE\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Activision Value\\World Series of Poker TOC\\WSOPTOC.exe"=
"c:\\Program Files\\Yahoo!\\Yahoo! Music Engine\\YahooMusicEngine.exe"=
"c:\\Program Files\\Phantom EFX\\OnlineCasino\\Bin\\Prelauncher.exe"=
"c:\\Program Files\\Phantom EFX\\OnlineCasino\\Launcher\\OLCLauncher.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=
"c:\\Program Files\\Java\\jre1.5.0_04\\bin\\javaw.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [5/23/2008 10:29 AM 216400]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [5/23/2008 10:29 AM 243024]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [7/15/2010 9:21 AM 308136]
R2 Iprip;RIP Listener;c:\windows\System32\svchost.exe -k netsvcs [2/15/2006 10:04 AM 14336]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [10/14/2009 10:20 PM 10384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [10/26/2009 11:15 PM 133104]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPService REG_MULTI_SZ HPSLPSVC
.
Contents of the 'Scheduled Tasks' folder
2010-10-08 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 16:20]
2010-10-08 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-24 15:26]
2010-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-27 03:14]
2010-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-27 03:14]
2010-10-08 c:\windows\Tasks\User_Feed_Synchronization-{20953B89-5D8C-4449-9DC7-AF3C558FBAEC}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) =
hxxp://www.google.com/search?q=%s
DPF: {24BACF02-5676-11D3-B8DE-00105A17A9E6} -
hxxp://www.schaeffersresearch.com/Downl ... ancial.cabFF - ProfilePath - c:\documents and settings\Anthony\Application Data\Mozilla\Firefox\Profiles\yer9dd8q.default\
FF - prefs.js: browser.startup.homepage -
hxxp://www.msn.com/FF - component: c:\documents and settings\Anthony\Application Data\Mozilla\Firefox\Profiles\yer9dd8q.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\documents and settings\Anthony\Application Data\Mozilla\Firefox\Profiles\yer9dd8q.default\extensions\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Anthony\Application Data\Mozilla\Firefox\Profiles\yer9dd8q.default\extensions\{3ee8d0be-f450-4ef2-97b9-ac2222d14db3}\components\RadioWMPCore.dll
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBook.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpClipBookDB.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpNeoLogger.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSaturn.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSeymour.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartSelect.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpSWPOperation.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPLogging.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTC.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXPMTL.dll
FF - component: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\components\hpXREStub.dll
FF - plugin: c:\documents and settings\Anthony\Application Data\Facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\Anthony\Application Data\Move Networks\plugins\npqmp071701000002.dll
FF - plugin: c:\documents and settings\Anthony\Application Data\Move Networks\plugins\npqmp071705000014.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\Microsoft Research\HDView for Firefox\nphdview.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ce,e1,93,00,ac,64,c0,42,a9,70,5d,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ce,e1,93,00,ac,64,c0,42,a9,70,5d,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(1056)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
.
Completion time: 2010-10-08 08:57:21
ComboFix-quarantined-files.txt 2010-10-08 12:57
ComboFix2.txt 2010-10-06 13:57
ComboFix3.txt 2010-10-05 21:47
Pre-Run: 61,964,951,552 bytes free
Post-Run: 62,063,824,896 bytes free
- - End Of File - - 58C69381FF8A3195F4DB067ABD95228F