Will do the ESET scan now... so far there are no new pop-ups of Internet Explorer, but I will let you know.
___
ComboFix 10-04-10.02 - Luke 12/04/2010 13:26:33.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.1790.1040 [GMT 1:00]
Running from: c:\users\Luke\Desktop\comfix.exe
Command switches used :: c:\users\Luke\Desktop\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FILE ::
"c:\users\Luke\AppData\Local\1633618601.dll"
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Luke\AppData\Local\1633618601.dll
c:\users\Luke\AppData\Roaming\Your Protection
c:\users\Luke\AppData\Roaming\Your Protection\about.ico
c:\users\Luke\AppData\Roaming\Your Protection\activate.ico
c:\users\Luke\AppData\Roaming\Your Protection\buy.ico
c:\users\Luke\AppData\Roaming\Your Protection\help.ico
c:\users\Luke\AppData\Roaming\Your Protection\scan.ico
c:\users\Luke\AppData\Roaming\Your Protection\settings.ico
c:\users\Luke\AppData\Roaming\Your Protection\splash.mp3
c:\users\Luke\AppData\Roaming\Your Protection\update.ico
c:\users\Luke\AppData\Roaming\Your Protection\urp.db
c:\users\Luke\AppData\Roaming\Your Protection\urpext.dll
c:\users\Luke\AppData\Roaming\Your Protection\urphook.dll
c:\users\Luke\AppData\Roaming\Your Protection\virus.mp3
.
((((((((((((((((((((((((( Files Created from 2010-03-12 to 2010-04-12 )))))))))))))))))))))))))))))))
.
2010-04-12 12:34 . 2010-04-12 12:34 -------- d-----w- c:\users\Luke\AppData\Local\temp
2010-04-12 12:34 . 2010-04-12 12:34 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-04-12 12:34 . 2010-04-12 12:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-06 16:34 . 2010-04-06 16:34 598368 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\EmailScanner.dll
2010-04-06 16:08 . 2010-04-06 16:08 388096 ----a-r- c:\users\Luke\AppData\Roaming\Microsoft\Installer\{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}\HiJackThis.exe
2010-04-06 16:08 . 2010-04-06 16:08 -------- d-----w- c:\program files\TrendMicro
2010-04-03 17:55 . 2010-04-03 17:55 -------- d-----w- c:\users\Luke\AppData\Roaming\Avira
2010-04-03 16:58 . 2010-03-01 08:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-04-03 16:58 . 2010-02-16 12:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-04-03 16:58 . 2009-05-11 10:49 51992 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-04-03 16:58 . 2009-05-11 10:49 17016 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-04-03 16:58 . 2010-04-03 16:58 -------- d-----w- c:\programdata\Avira
2010-04-03 16:58 . 2010-04-03 16:58 -------- d-----w- c:\program files\Avira
2010-04-03 16:49 . 2010-04-03 16:34 15880 ----a-w- c:\windows\system32\lsdelete.exe
2010-04-03 16:31 . 2010-04-03 16:31 -------- dc-h--w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
2010-04-03 16:31 . 2010-02-04 15:53 2954656 -c--a-w- c:\programdata\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}\Ad-AwareInstaller.exe
2010-04-03 16:30 . 2010-04-03 16:34 -------- d-----w- c:\programdata\Lavasoft
2010-04-03 16:30 . 2010-04-03 16:31 -------- d-----w- c:\program files\Lavasoft
2010-04-03 16:16 . 2010-04-06 20:40 -------- d-----w- c:\users\Luke\AppData\Roaming\QuickScan
2010-04-03 16:16 . 2010-03-30 18:35 670696 ----a-w- c:\users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\x8e2xi0j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
2010-04-03 16:16 . 2010-03-30 18:34 833448 ----a-w- c:\users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\x8e2xi0j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
2010-04-02 02:01 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe
2010-03-31 11:57 . 2010-03-09 15:42 834048 ----a-w- c:\windows\system32\wininet.dll
2010-03-31 11:57 . 2010-03-09 16:25 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-03-30 12:39 . 2008-11-05 17:30 614400 ----a-w- c:\users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\x8e2xi0j.default\extensions\reader_plugin@ebrary.com\plugins\NPinfotl.dll
2010-03-17 10:13 . 2010-03-17 10:13 56 ---ha-w- c:\windows\system32\ezsidmv.dat
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-12 12:34 . 2008-12-25 03:20 -------- d-----w- c:\programdata\Kontiki
2010-04-12 12:21 . 2008-12-28 17:21 109416 ----a-w- c:\programdata\nvModes.dat
2010-04-11 13:02 . 2008-12-24 18:48 -------- d-----w- c:\users\Luke\AppData\Roaming\Skype
2010-04-11 07:56 . 2008-12-24 18:49 -------- d-----w- c:\users\Luke\AppData\Roaming\skypePM
2010-04-08 01:08 . 2009-03-31 13:26 -------- d-----w- c:\program files\Google
2010-04-06 16:34 . 2010-04-03 16:34 966104 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\CEAPI.dll
2010-04-06 16:34 . 2010-04-03 16:34 1265264 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWService.exe
2010-04-05 12:54 . 2008-12-25 03:20 -------- d-----w- c:\program files\Kontiki
2010-04-05 12:53 . 2008-08-04 16:25 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-04-05 12:53 . 2008-12-24 17:30 -------- d-----w- c:\users\Luke\AppData\Roaming\Symantec
2010-04-05 00:30 . 2009-11-25 11:57 -------- d-----w- c:\programdata\Norton
2010-04-05 00:30 . 2010-01-22 18:01 -------- d-----w- c:\program files\Norton Security Scan
2010-04-03 17:08 . 2008-08-04 16:25 -------- d-----w- c:\programdata\Symantec
2010-04-03 14:48 . 2008-11-13 08:33 -------- d-----w- c:\programdata\NVIDIA
2010-03-12 03:26 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-03-12 03:09 . 2008-08-04 17:47 -------- d-----w- c:\programdata\Microsoft Help
2010-03-09 22:04 . 2008-08-04 18:04 588472 ----a-w- c:\windows\system32\ezsvc7x.dll
2010-02-25 08:29 . 2008-12-24 17:31 75440 ----a-w- c:\users\Luke\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 10:16 . 2009-10-03 00:46 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-20 23:06 . 2010-03-12 03:01 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-20 23:05 . 2010-03-12 03:01 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 20:53 . 2010-03-12 03:01 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-02-04 15:53 . 2010-04-03 16:34 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2010-01-25 12:00 . 2010-02-24 11:21 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-25 12:00 . 2010-02-24 11:21 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:00 . 2010-02-24 11:21 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-25 12:00 . 2010-02-24 11:21 471552 ----a-w- c:\windows\system32\secproc.dll
2010-01-25 11:58 . 2010-02-24 11:21 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-01-25 08:21 . 2010-02-24 11:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:21 . 2010-02-24 11:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:21 . 2010-02-24 11:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-25 08:21 . 2010-02-24 11:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-23 13:40 . 2008-12-26 02:52 680 ----a-w- c:\users\Luke\AppData\Local\d3d9caps.dat
2010-01-23 09:26 . 2010-02-24 11:21 2048 ----a-w- c:\windows\system32\tzres.dll
2008-08-04 14:47 . 2008-08-04 14:47 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((( SnapShot@2010-04-11_23.17.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-11-02 13:05 . 2010-04-12 09:56 92330 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-12-24 17:25 . 2010-04-12 09:56 11594 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-841141263-361029112-3710205945-1000_UserData.bin
+ 2008-11-13 07:43 . 2010-04-12 09:54 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-11-13 07:43 . 2010-04-11 13:13 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-11-13 07:43 . 2010-04-12 09:54 81920 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-11-13 07:43 . 2010-04-11 13:13 81920 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-11-13 07:43 . 2010-04-11 13:13 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-11-13 07:43 . 2010-04-12 09:54 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-01-05 14:30 . 2010-04-05 12:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-01-05 14:30 . 2010-04-12 09:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-01-05 14:30 . 2010-04-05 12:54 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-01-05 14:30 . 2010-04-12 09:54 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-01-05 14:30 . 2010-04-12 09:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-01-05 14:30 . 2010-04-05 12:54 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-04-11 13:13 . 2010-04-12 09:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-04-11 13:13 . 2010-04-11 13:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2010-04-11 13:13 . 2010-04-12 09:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2010-04-11 13:13 . 2010-04-11 13:13 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-12-24 21:02 . 2010-04-12 12:21 378628 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\startupfolder\C:^Users^Luke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BBC iPlayer Desktop.lnk]
path=c:\users\Luke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk
backup=c:\windows\pss\BBC iPlayer Desktop.lnk.Startup
backupExtension=.Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\4oD]
2008-02-27 17:56 1032376 ----a-w- c:\program files\Kontiki\KHost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 00:04 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]
2008-04-15 20:42 70912 ----a-w- c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 23:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]
2008-04-15 21:51 488752 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
2008-02-27 17:56 1032376 ----a-w- c:\program files\Kontiki\KHost.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-07-23 14:39 13797920 ----a-w- c:\windows\System32\nvcpl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2008-03-14 15:45 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]
2008-06-12 05:17 468264 ----a-w- c:\program files\HP\QuickPlay\QPService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-09-06 15:09 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-10 22:28 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-03-09 04:19 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
2007-12-24 23:55 222504 ------w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2008-01-21 02:23 1008184 ----a-w- c:\program files\Windows Defender\MSASCui.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
2007-05-31 09:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(

:a7,78,1d,ff,38,20,ca,01
R2 gupdate1c9b20474657fc0;Google Update Service (gupdate1c9b20474657fc0);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-31 133104]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-03-26 717296]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-02-04 64288]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-04-06 1265264]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-04-26 361808]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-05-03 42528]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-02-26 22:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
2010-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-31 13:26]
2010-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-31 13:26]
2010-04-12 c:\windows\Tasks\User_Feed_Synchronization-{AA042E53-8B1B-4BFD-8DD4-933B2C4D5D28}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:24]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=83&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=83&bd=Pavilion&pf=cnnb
IE: &AOL Toolbar Search - c:\programdata\AOL\ieToolbar\resources\en-GB\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\x8e2xi0j.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php?
FF - prefs.js: network.proxy.ftp - 10.247.6.20
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 10.247.6.20
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - 10.247.6.20
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 10.247.6.20
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 10.247.6.20
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 4
FF - component: c:\users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\x8e2xi0j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npBBCPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
FF - plugin: c:\users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\x8e2xi0j.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\users\Luke\AppData\Roaming\Mozilla\Firefox\Profiles\x8e2xi0j.default\extensions\reader_plugin@ebrary.com\plugins\NPinfotl.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-04-12 13:34
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-841141263-361029112-3710205945-1000\Software\Sony Creative Software\M*e*d*i*a* *M*a*n*a*g*e*r* *f*o*r* *P*S*P*"!\3.0]
"FRT"="cbMX1lUj7Ua9ia9mLgpuzG0tVV60fi1eAZPF0iiCaNUDhFJLtRysVA=="
"PLCK"="oXJ6MUjQxTE7kfz4nsKc2qB51xoZdBBB"
"Percents"="0 0.0826 0.2208 0.4045 0.8802 0.9546 0.9607 "
"Increment"=".001548"
"PHSH"=""
.
Completion time: 2010-04-12 13:37:53
ComboFix-quarantined-files.txt 2010-04-12 12:37
ComboFix2.txt 2010-04-11 23:22
Pre-Run: 27,539,709,952 bytes free
Post-Run: 27,399,700,480 bytes free
- - End Of File - - A3AF4FADAE10D981DE88137C31CCA518