تم عمل الفحص
واليك التقرير
ComboFix 09-07-29.04 - Shukran 07/31/2009 14:20.1.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1256.20.1033.18.255.91 [GMT 3:00]
Running from: d:\my folder\برامج الحماية\ComboFix.exe
* Resident AV is active
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\desktop.ini
c:\windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
D:\resycled
.
((((((((((((((((((((((((( Files Created from 2009-06-28 to 2009-07-31 )))))))))))))))))))))))))))))))
.
2009-07-30 23:04 . 2009-07-30 23:04 -------- d-----w- c:\program files\Trend Micro
2009-07-30 17:37 . 2009-07-30 17:37 -------- d-----w- c:\documents and settings\Shukran\Local Settings\Application Data\WMTools Downloaded Files
2009-07-30 03:37 . 2009-07-30 03:37 -------- d-----w- c:\windows\Sun
2009-07-30 03:16 . 2009-07-30 17:36 -------- d-----w- c:\documents and settings\Shukran\Application Data\Zoom Player
2009-07-30 03:16 . 2009-07-30 03:17 -------- d-----w- c:\program files\Zoom Player
2009-07-30 01:53 . 2009-07-30 02:16 -------- d-----w- c:\program files\MessengerDiscovery
2009-07-29 15:45 . 2009-07-29 15:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2009-07-29 01:26 . 2009-07-29 01:26 -------- d-sh--w- c:\windows\ftpcache
2009-07-29 01:25 . 2009-07-29 01:26 -------- d-----w- c:\program files\مصحف خديجة الإكتروني
2009-07-28 23:05 . 2009-07-28 23:05 -------- d-----w- c:\program files\Clone Shareware
2009-07-28 23:04 . 1997-11-19 12:49 303616 ----a-w- c:\windows\IsUninst.exe
2009-07-28 23:04 . 2009-07-28 23:04 -------- d-----w- c:\documents and settings\Shukran\WINDOWS
2009-07-28 18:23 . 2009-07-29 22:13 -------- d-----w- c:\program files\SuperCopier2
2009-07-28 02:42 . 2009-07-28 02:42 -------- d-----w- c:\program files\Common Files\NSV
2009-07-27 14:45 . 2009-07-27 14:46 -------- d-----w- c:\windows\system32\NtmsData
2009-07-26 03:24 . 2009-07-26 03:24 -------- d--h--w- c:\windows\PIF
2009-07-25 18:25 . 2009-07-25 18:25 -------- d-----w- c:\documents and settings\Shukran\Local Settings\Application Data\Identities
2009-07-24 11:30 . 2001-08-17 11:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-07-24 11:30 . 2004-08-03 20:08 31616 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-07-24 01:21 . 2009-07-24 01:21 -------- d-----w- c:\program files\Common Files\TechSmith Shared
2009-07-23 22:58 . 2009-07-23 22:58 223128 ----a-w- c:\windows\system32\drivers\dtscsi.sys
2009-07-23 22:58 . 2009-07-23 22:58 -------- d-----w- c:\program files\DAEMON Tools
2009-07-23 22:56 . 2009-07-23 22:56 642560 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-07-23 22:56 . 2009-07-23 22:56 96256 ----a-w- c:\windows\system32\drivers\sptd1709.sys
2009-07-23 22:52 . 2009-07-23 22:52 -------- d-----w- c:\program files\Emurayden PSX Emulator v2.2
2009-07-23 22:45 . 2009-07-23 23:38 -------- d-----w- C:\Winning Eleven 2009 .
BEBO 2009
2009-07-23 16:57 . 2009-07-31 11:14 28672 ----a-w- c:\documents and settings\Shukran\Application Data\IDM\NP_IDM5.dll
2009-07-23 16:57 . 2009-07-31 11:14 28672 ----a-w- c:\documents and settings\Shukran\Application Data\IDM\NP_IDM4.dll
2009-07-23 16:57 . 2009-07-31 11:14 28672 ----a-w- c:\documents and settings\Shukran\Application Data\IDM\NP_IDM3.dll
2009-07-23 16:57 . 2009-07-31 11:14 28672 ----a-w- c:\documents and settings\Shukran\Application Data\IDM\NP_IDM2.dll
2009-07-23 16:57 . 2009-07-31 11:14 28672 ----a-w- c:\documents and settings\Shukran\Application Data\IDM\NP_IDM1.dll
2009-07-23 16:56 . 2009-07-23 16:56 -------- d-----w- c:\documents and settings\Shukran\Local Settings\Application Data\Opera
2009-07-23 16:56 . 2009-07-23 16:56 -------- d-----w- c:\program files\Opera
2009-07-22 21:50 . 2009-07-22 21:52 -------- d-----w- c:\documents and settings\Shukran\Application Data\ManyCam
2009-07-22 21:50 . 2009-07-22 21:52 -------- d-----w- c:\program files\ManyCam 2.4
2009-07-22 01:06 . 2008-07-10 10:56 107864 ----a-w- c:\windows\system32\tsccvid.dll
2009-07-22 01:06 . 2009-07-24 01:22 -------- d-----w- c:\windows\system32\QuickTime
2009-07-22 00:02 . 2009-07-22 00:12 -------- d-----w- c:\program files\iColorFolder
2009-07-21 20:11 . 2009-07-21 20:11 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-21 20:11 . 2009-07-21 20:11 -------- d-----w- c:\program files\Java
2009-07-21 20:10 . 2009-07-21 20:10 152576 ----a-w- c:\documents and settings\Shukran\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-07-21 14:57 . 2009-07-21 14:57 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\ESET
2009-07-20 21:20 . 2009-07-20 21:20 -------- d-----w- c:\documents and settings\Shukran\Local Settings\Application Data\ESET
2009-07-20 15:36 . 2004-08-03 19:58 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys
2009-07-20 15:35 . 2004-08-03 20:10 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys
2009-07-20 15:35 . 2004-08-03 20:10 15360 ----a-w- c:\windows\system32\drivers\StreamIP.sys
2009-07-20 15:35 . 2004-08-03 20:10 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys
2009-07-20 15:35 . 2004-08-03 20:10 19328 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS
2009-07-20 15:35 . 2004-08-03 20:10 85376 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys
2009-07-20 15:35 . 2004-08-03 20:10 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2009-07-20 15:34 . 2004-08-03 21:56 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-07-20 15:33 . 2007-10-04 14:42 48128 ----a-w- c:\windows\system32\Remove.exe
2009-07-20 15:33 . 2007-11-02 08:07 6656 ----a-w- c:\windows\system32\CoInst_071102.dll
2009-07-20 15:33 . 2007-10-25 15:31 616064 ----a-w- c:\windows\system32\drivers\PFC027.SYS
2009-07-20 15:33 . 2009-07-20 15:33 -------- d-----w- c:\program files\PC Camera
2009-07-20 15:33 . 2006-10-12 08:57 14336 ----a-w- c:\windows\system32\P207USD.dll
2009-07-20 15:33 . 2009-07-20 15:33 -------- d-----w- c:\program files\Common Files\PAC207
2009-07-20 15:33 . 2009-07-20 15:33 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-20 15:33 . 2009-07-20 15:33 -------- d-----w- c:\windows\PixArt
2009-07-20 00:18 . 2009-07-20 00:18 11744 ----a-w- c:\documents and settings\Shukran\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-20 00:16 . 2009-07-24 01:21 -------- d-----w- c:\documents and settings\All Users\Application Data\TechSmith
2009-07-20 00:16 . 2009-07-24 01:21 -------- d-----w- c:\program files\TechSmith
2009-07-20 00:16 . 2009-07-22 01:08 -------- d-----w- c:\documents and settings\Shukran\Local Settings\Application Data\TechSmith
2009-07-20 00:12 . 2009-07-20 00:12 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-19 21:53 . 2009-07-30 03:37 1744 ----a-w- c:\windows\system32\d3d9caps.dat
2009-07-19 21:43 . 2009-07-19 21:44 -------- d-----w- c:\documents and settings\Shukran\Application Data\Camfrog
2009-07-19 21:43 . 2009-07-19 21:43 -------- d-----w- c:\program files\Camfrog
2009-07-19 16:21 . 2009-07-19 16:21 7680 ----a-w- c:\documents and settings\Shukran\Application Data\Thinstall\PDF2Office v5.0 - Trial\4000008000002i\Splash Screen.exe
2009-07-19 16:21 . 2009-07-19 16:21 -------- d-----w- c:\documents and settings\Shukran\Local Settings\Application Data\Thinstall
2009-07-19 16:21 . 2009-07-19 16:21 -------- d-----w- c:\documents and settings\Shukran\Application Data\Thinstall
2009-07-18 21:24 . 2009-07-18 21:24 -------- d-----w- c:\documents and settings\Shukran\Application Data\ESET
2009-07-18 21:22 . 2009-07-18 21:22 -------- d-----w- c:\program files\ESET
2009-07-18 21:22 . 2009-07-18 21:22 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-31 11:16 . 2009-07-18 16:06 -------- d-----w- c:\documents and settings\Shukran\Application Data\DMCache
2009-07-31 11:14 . 2009-07-18 16:06 -------- d-----w- c:\documents and settings\Shukran\Application Data\IDM
2009-07-30 01:53 . 2009-07-18 15:41 -------- d-----w- c:\program files\MSN Messenger
2009-07-28 03:09 . 2009-07-28 02:36 -------- d-----w- c:\documents and settings\Shukran\Application Data\Winamp
2009-07-28 02:36 . 2009-07-28 02:36 -------- d-----w- c:\program files\Winamp
2009-07-27 14:43 . 2009-07-18 16:05 1632 ----a-w- c:\windows\system32\d3d8caps.dat
2009-07-19 17:10 . 2009-07-18 14:59 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-19 16:36 . 2009-07-18 16:06 -------- d-----w- c:\program files\Internet Download Manager
2009-07-18 16:13 . 2009-07-18 16:13 -------- d-----w- c:\program files\ImageShack Corp
2009-07-18 16:10 . 2009-07-18 16:06 198064 ----a-w- c:\documents and settings\Shukran\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
2009-07-18 16:10 . 2009-07-18 16:08 2927168 ----a-w- c:\documents and settings\Shukran\Application Data\IDM\idmupdt.exe
2009-07-18 16:06 . 2009-07-18 15:20 -------- d-----w- c:\documents and settings\Shukran\Application Data\Media Player Classic
2009-07-18 16:02 . 2009-07-18 16:02 -------- d-----w- c:\program files\Realtek AC97
2009-07-18 16:01 . 2009-07-18 16:01 -------- d-----w- c:\program files\Common Files\InstallShield
2009-07-18 16:01 . 2009-07-18 16:01 -------- d-----w- c:\program files\Windows Media Connect 2
2009-07-18 15:46 . 2009-07-18 15:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-07-18 15:44 . 2009-07-18 15:44 -------- d-----w- c:\program files\Yahoo!
2009-07-18 15:34 . 2009-07-18 15:33 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-07-18 15:28 . 2009-07-18 15:28 0 ----a-w- c:\windows\nsreg.dat
2009-07-18 15:01 . 2009-07-18 15:01 -------- d-----w- c:\program files\LClock
2009-07-18 14:55 . 2009-07-18 14:55 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-02 16:11 . 2009-07-18 15:33 85504 ----a-w- c:\windows\system32\ff_vfw.dll
2009-05-29 21:37 . 2009-07-18 15:33 205824 ----a-w- c:\windows\system32\xvidvfw.dll
2009-05-29 21:31 . 2009-07-18 15:33 881664 ----a-w- c:\windows\system32\xvidcore.dll
2009-05-21 18:31 . 2009-07-18 15:44 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2009-07-21 02:47 . 2009-07-18 15:27 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
.
------- Sigcheck -------
[-] 2006-05-05 12:00 360448 9C515B8621D34478DFAA89B6B5434A54 c:\windows\system32\drivers\tcpip.sys
[-] 2006-05-05 12:00 2188032 C072BEF8FAF78EF13EA9F4C56BA9C98A c:\windows\system32\ntoskrnl.exe
[-] 2006-05-05 12:00 1770496 05082B49A9A6C954D2F6A2902C1DB691 c:\windows\explorer.exe
[-] 2006-05-05 12:00 1580544 9A3022C3C508761A4AAF20E5D4BE13FA c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2006-05-05 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LClock"="c:\program files\LClock\LClock.exe" [2004-09-19 65536]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-04-09 2029640]
"PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2006-11-03 319488]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-21 148888]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-05-05 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlsf"="move" [X]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2006-05-05 44544]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Camfrog\\Camfrog Video Chat\\Camfrog Video Chat.exe"=
"c:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"=
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [09/04/2009 03:18 shukran Pm 107256]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [09/04/2009 03:19 shukran Pm 731840]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [14/01/2008 01:06 shukran Pm 21632]
R3 PAC207;PC
Camer@;c:\windows\system32\drivers\PFC027.SYS [20/07/2009 06:33 shukran Pm 616064]
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKLM-Run-Emurayden PSX Emulator - (no file)
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.eg/
IE: تحميل الكل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetAll.htm
IE: تحميل بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEExt.htm
IE: تحميل محتوى FLV بواسطة Internet Download Manager - c:\program files\Internet Download Manager\IEGetVL.htm
FF - ProfilePath - c:\documents and settings\Shukran\Application Data\Mozilla\Firefox\Profiles\werx6e7r.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.eg/|about:blank
FF - component: c:\documents and settings\Shukran\Application Data\IDM\idmmzcc3\components\idmmzcc.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM1.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM2.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM3.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM4.dll
FF - plugin: c:\program files\Opera\program\plugins\NP_IDM5.dll
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "
");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
Rootkit scan 2009-07-31 14:26
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-07-31 14:28
ComboFix-quarantined-files.txt 2009-07-31 11:28
Pre-Run: 4,045,516,800 bytes free
Post-Run: 4,269,273,088 bytes free
244
:?::?::?:
