ComboFix 10-04-17.07 - Lynn 04/21/2010 11:13:54.2.2 - x86
Microsoft
Windows Vista
Home Premium 6.0.6001.1.1252.1.1033.18.957.320 [GMT -7:00]
Running from: c:\users\Lynn\Desktop\ComboFix.exe
Command switches used :: c:\users\Lynn\Desktop\CFScript.txt
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((( Files Created from 2010-03-21 to 2010-04-21 )))))))))))))))))))))))))))))))
.
2010-04-21 18:30 . 2010-04-21 18:30 -------- d-----w- c:\users\Reggie\AppData\Local\temp
2010-04-21 18:30 . 2010-04-21 18:30 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-04-21 18:30 . 2010-04-21 18:30 -------- d-----w- c:\users\Lance\AppData\Local\temp
2010-04-21 18:30 . 2010-04-21 18:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-21 02:31 . 2010-04-21 02:31 -------- d-----w- c:\users\Lynn\AppData\Local\Midnight Synergy
2010-04-21 02:28 . 2010-04-21 02:29 -------- d-----w- c:\program files\Wonderland Adventures - Mysteries of Fire Island
2010-04-21 02:21 . 2010-04-21 02:21 -------- d-----w- c:\program files\Wonderland Secret Worlds
2010-04-21 02:08 . 2010-04-21 02:09 -------- d-----w- c:\program files\Hidden Wonders of the Depths 3 - Atlantis Adventures
2010-04-19 17:10 . 2010-04-19 17:10 -------- d-----w- c:\users\Lynn\AppData\Roaming\WildTangentv1001
2010-04-18 21:57 . 2010-04-21 02:13 -------- d-----w- C:\BigFishGamesCache
2010-04-18 01:21 . 2010-04-18 01:21 -------- d-----w- c:\program files\Microsoft Silverlight
2010-04-18 01:02 . 2010-04-18 01:02 -------- d-----w- c:\programdata\GameHouse
2010-04-18 00:22 . 2009-03-09 22:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2010-04-17 21:06 . 2010-04-17 21:06 -------- d-----w- c:\users\Reggie\AppData\Roaming\WildTangentv1001
2010-04-17 18:47 . 2010-04-17 18:47 -------- d-----w- c:\users\Reggie\AppData\Roaming\PlayFirst
2010-04-17 15:37 . 2010-04-17 15:37 -------- d-----w- c:\users\Lance\AppData\Roaming\Malwarebytes
2010-04-17 02:47 . 2010-04-17 02:47 -------- d-----w- c:\users\Reggie\AppData\Roaming\Malwarebytes
2010-04-17 01:53 . 2010-04-17 01:53 -------- d-----w- c:\programdata\WildTangentv1005
2010-04-17 00:58 . 2010-04-17 00:58 -------- d-----w- c:\users\Lynn\AppData\Roaming\FlowPlay
2010-04-16 23:24 . 2010-04-16 23:24 -------- d-----w- c:\users\Lynn\AppData\Roaming\Malwarebytes
2010-04-16 23:24 . 2010-03-30 07:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-16 23:24 . 2010-04-16 23:24 -------- d-----w- c:\programdata\Malwarebytes
2010-04-16 23:24 . 2010-04-16 23:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-16 23:24 . 2010-03-30 07:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-16 00:15 . 2010-04-16 00:15 -------- d-----w- c:\program files\Sony Online Entertainment
2010-04-15 19:32 . 2010-02-23 11:32 78848 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-15 19:32 . 2010-02-23 11:32 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-15 19:32 . 2010-02-23 11:32 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-15 19:32 . 2008-04-05 03:34 15360 ----a-w- c:\windows\system32\pacerprf.dll
2010-04-15 19:32 . 2008-04-05 01:21 72192 ----a-w- c:\windows\system32\drivers\pacer.sys
2010-04-15 19:31 . 2010-02-18 14:49 3598216 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-15 19:31 . 2010-02-18 14:49 3545992 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-15 19:31 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-04-15 19:31 . 2010-02-18 14:49 898952 ----a-w- c:\windows\system32\drivers\tcpip.sys
2010-04-15 19:31 . 2010-02-18 14:11 190464 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-04-15 19:31 . 2010-02-18 11:52 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-04-15 19:30 . 2008-09-18 04:56 125952 ----a-w- c:\windows\system32\wersvc.dll
2010-04-15 19:30 . 2008-09-18 04:56 147456 ----a-w- c:\windows\system32\Faultrep.dll
2010-04-15 19:30 . 2008-08-02 03:26 36864 ----a-w- c:\windows\system32\cdd.dll
2010-04-15 19:30 . 2008-08-02 01:01 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2010-04-15 19:30 . 2008-06-26 03:29 565248 ----a-w- c:\windows\system32\emdmgmt.dll
2010-04-15 19:30 . 2008-06-26 03:29 45056 ----a-w- c:\windows\system32\dataclen.dll
2010-04-15 19:30 . 2008-05-20 02:07 148480 ----a-w- c:\windows\system32\drivers\nwifi.sys
2010-04-15 19:30 . 2008-05-08 21:59 90112 ----a-w- c:\windows\system32\wshext.dll
2010-04-15 19:30 . 2008-05-08 21:59 180224 ----a-w- c:\windows\system32\scrobj.dll
2010-04-15 19:30 . 2008-05-08 21:59 172032 ----a-w- c:\windows\system32\scrrun.dll
2010-04-15 19:30 . 2008-05-08 21:59 155648 ----a-w- c:\windows\system32\wscript.exe
2010-04-15 19:30 . 2008-05-08 21:58 135168 ----a-w- c:\windows\system32\cscript.exe
2010-04-15 19:21 . 2009-12-23 12:43 171520 ----a-w- c:\windows\system32\wintrust.dll
2010-04-15 19:20 . 2010-01-15 00:04 98304 ----a-w- c:\windows\system32\cabview.dll
2010-04-15 18:28 . 2010-04-15 18:28 -------- d-----w- c:\users\Lance\AppData\Local\Microsoft Games
2010-04-15 17:32 . 2010-04-15 17:32 -------- d-----w- c:\users\Lance\AppData\Roaming\WildTangent
2010-04-15 17:12 . 2010-04-15 17:12 -------- d-----w- c:\users\Lance\AppData\Roaming\SampleView
2010-04-15 15:54 . 2010-04-15 15:54 102424 ----a-w- c:\users\Lance\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-13 03:49 . 2010-04-13 03:49 -------- d-----w- c:\users\Reggie\AppData\Roaming\TikGames
2010-04-13 03:49 . 2010-04-13 03:49 -------- d-----w- c:\programdata\TikGames
2010-04-12 23:14 . 2010-04-12 23:20 -------- d-----w- c:\users\Reggie\AppData\Roaming\Template
2010-03-31 05:29 . 2010-03-31 05:29 -------- d-----w- c:\programdata\Sony Online Entertainment
2010-03-31 04:12 . 2010-03-31 04:12 -------- d-----w- c:\programdata\Beanbag Studios
2010-03-31 03:24 . 2010-03-31 03:24 -------- d-----w- c:\users\Lynn\AppData\Roaming\Gamelab
2010-03-31 01:38 . 2010-03-31 01:38 -------- d-----w- c:\users\Lynn\AppData\Roaming\Shape games
2010-03-30 20:15 . 2010-03-30 20:15 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-03-30 20:12 . 2010-03-30 20:12 -------- d-----w- c:\programdata\McAfee Security Scan
2010-03-30 20:12 . 2010-04-10 18:09 -------- d-----w- c:\program files\McAfee Security Scan
2010-03-30 20:10 . 2010-03-31 01:32 -------- d-----w- c:\programdata\NOS
2010-03-27 04:49 . 2010-03-28 21:39 -------- d-----w- c:\users\Lynn\AppData\Roaming\Mind Control Software
2010-03-27 03:33 . 2010-03-27 03:33 -------- d-----w- c:\users\Lynn\AppData\Roaming\Gold Casual Games
2010-03-27 02:56 . 2010-03-27 02:56 -------- d-----w- c:\programdata\Operation Mania
2010-03-27 02:56 . 2010-03-27 02:56 -------- d-----w- c:\users\Lynn\AppData\Roaming\Pogo Games
2010-03-26 22:40 . 2010-03-26 22:40 -------- d-----w- c:\users\Lynn\AppData\Roaming\SaveThePuppy
2010-03-26 21:14 . 2010-03-26 21:14 -------- d-----w- c:\program files\Microsoft
2010-03-26 21:14 . 2010-03-26 21:14 -------- d-----w- c:\program files\MSN Toolbar
2010-03-26 21:07 . 2010-03-26 21:15 -------- d-----w- c:\program files\MSN Toolbar Installer
2010-03-25 18:40 . 2010-03-25 18:40 -------- d-----w- c:\users\Lynn\AppData\Roaming\DivoGames
2010-03-25 17:36 . 2010-03-25 17:36 -------- d-----w- c:\users\Lynn\AppData\Roaming\QB9
2010-03-25 16:34 . 2010-03-25 16:34 -------- d-----w- c:\users\Lynn\AppData\Roaming\Braintonik
2010-03-25 16:34 . 2010-03-25 16:34 -------- d-----w- c:\programdata\Braintonik
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-21 00:31 . 2007-03-17 00:33 -------- d-----w- c:\program files\Gateway Games
2010-04-19 22:43 . 2007-04-30 22:31 -------- d-----w- c:\users\Lynn\AppData\Roaming\PlayFirst
2010-04-19 17:03 . 2008-04-21 03:28 -------- d-----w- c:\users\Lynn\AppData\Roaming\Ludia
2010-04-19 17:03 . 2008-04-21 03:28 -------- d-----w- c:\programdata\Ludia
2010-04-17 18:53 . 2007-03-17 00:33 -------- d-----w- c:\programdata\WildTangent
2010-04-17 18:47 . 2007-09-10 22:16 -------- d-----w- c:\programdata\PlayFirst
2010-04-16 14:57 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-04-16 14:55 . 2007-03-17 00:41 -------- d-----w- c:\programdata\Microsoft Help
2010-04-15 17:42 . 2008-03-12 02:36 -------- d-----w- c:\program files\Intermix_media
2010-04-15 15:53 . 2007-05-19 21:51 -------- d-----w- c:\program files\Common Files\Sandlot Shared
2010-04-15 15:52 . 2007-04-30 18:23 -------- d-----w- c:\program files\Common Files\AOL
2010-04-13 05:25 . 2007-05-04 01:43 -------- d-----w- c:\program files\AOL 9.0a
2010-04-13 00:45 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-04-13 00:45 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-04-13 00:45 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-04-13 00:45 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-04-13 00:45 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-04-13 00:44 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-04-12 23:28 . 2008-01-01 20:00 -------- d-----w- c:\program files\Norton Security Scan
2010-04-12 23:14 . 2010-04-12 23:14 0 ----a-w- c:\users\Reggie\AppData\Roaming\wklnhst.dat
2010-04-12 23:08 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-04-12 23:08 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-04-12 22:56 . 2007-06-09 04:12 -------- d-----w- c:\program files\ArcSoft
2010-04-12 22:56 . 2007-03-17 00:32 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-31 20:32 . 2007-11-11 03:27 -------- d-----w- c:\program files\Nick Arcade
2010-03-30 20:29 . 2008-03-08 23:14 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-30 20:12 . 2007-03-17 00:50 -------- d-----w- c:\programdata\McAfee
2010-03-26 23:41 . 2008-05-30 15:21 -------- d-----w- c:\users\Lynn\AppData\Roaming\Flood Light Games
2010-03-26 23:41 . 2008-05-30 15:21 -------- d-----w- c:\programdata\Flood Light Games
2010-03-21 02:57 . 2010-03-21 02:57 -------- d-----w- c:\users\Lynn\AppData\Roaming\Frogwares
2010-03-21 02:57 . 2010-03-20 18:26 -------- d-----w- c:\program files\Alice in Wonderland
2010-03-21 01:56 . 2010-03-21 01:56 -------- d-----w- c:\users\Lynn\AppData\Roaming\Merscom
2010-03-21 01:56 . 2010-03-21 01:56 -------- d-----w- c:\programdata\Merscom
2010-03-21 00:55 . 2010-03-21 00:55 -------- d-----w- c:\programdata\Big Fish Games
2010-03-21 00:55 . 2010-03-13 23:50 -------- d-----w- c:\users\Lynn\AppData\Roaming\Big Fish Games
2010-03-20 20:39 . 2010-03-20 20:39 -------- d-----w- c:\users\Lynn\AppData\Roaming\BigFishv1002
2010-03-20 18:07 . 2007-09-05 01:13 -------- d-----w- c:\program files\bfgclient
2010-03-20 18:01 . 2010-03-20 18:01 -------- d-----w- c:\programdata\Office Genuine Advantage
2010-03-12 15:53 . 2009-12-05 02:33 102424 ----a-w- c:\users\Reggie\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-02 00:34 . 2007-04-30 20:41 6806 ----a-w- c:\users\Lynn\AppData\Roaming\wklnhst.dat
2010-02-28 23:15 . 2007-11-26 02:26 102424 ----a-w- c:\users\Lynn\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-28 21:06 . 2007-03-17 00:44 -------- d-----w- c:\program files\Microsoft Works
2010-02-24 17:16 . 2009-12-07 21:35 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-23 06:39 . 2010-03-30 20:57 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 06:33 . 2010-03-30 20:57 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-02-23 06:33 . 2010-03-30 20:57 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-02-23 04:55 . 2010-03-30 20:57 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-02-20 23:39 . 2010-03-12 21:37 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-02-20 23:37 . 2010-03-12 21:37 31232 ----a-w- c:\windows\system32\httpapi.dll
2010-02-20 21:18 . 2010-03-12 21:37 411136 ----a-w- c:\windows\system32\drivers\http.sys
2010-01-25 12:48 . 2010-02-24 19:09 472576 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-25 12:48 . 2010-02-24 19:09 151040 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-25 12:48 . 2010-02-24 19:09 151040 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-25 12:48 . 2010-02-24 19:09 472064 ----a-w- c:\windows\system32\secproc.dll
2010-01-25 12:45 . 2010-02-24 19:09 329216 ----a-w- c:\windows\system32\msdrm.dll
2010-01-25 08:35 . 2010-02-24 19:09 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-25 08:35 . 2010-02-24 19:09 523776 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-25 08:34 . 2010-02-24 19:09 511488 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-25 08:34 . 2010-02-24 19:09 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-01-23 09:44 . 2010-02-24 19:11 2048 ----a-w- c:\windows\system32\tzres.dll
2009-12-05 20:14 . 2009-12-05 20:14 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2007-11-28 19:12 . 2008-01-01 03:08 67696 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2007-11-28 19:12 . 2008-01-01 03:08 54376 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2007-11-28 19:12 . 2008-01-01 03:08 34952 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2007-11-28 19:12 . 2008-01-01 03:08 46720 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2007-11-28 19:12 . 2008-01-01 03:08 172144 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-27 39408]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-11-17 815104]
"BigFix"="c:\program files\Bigfix\bigfix.exe" [2006-11-16 2348584]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-05 30192]
"HostManager"="c:\program files\Common Files\AOL\1177957379\ee\AOLSoftware.exe" [2006-09-26 50736]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-09-26 267064]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2007-09-21 286720]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe" [2009-12-09 240992]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-03-30 1086856]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 135664]
R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-05 30192]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 RTL85n86;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;c:\windows\system32\DRIVERS\RTL85n86.sys [2007-03-13 354816]
--- Other Services/Drivers In Memory ---
*Deregistered* - mfeavfk
*Deregistered* - mfebopk
*Deregistered* - mfesmfk
*Deregistered* - MPFP
.
Contents of the 'Scheduled Tasks' folder
2010-04-21 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 18:20]
2010-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 01:00]
2010-04-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-17 01:00]
2010-03-12 c:\windows\Tasks\Norton Security Scan.job
- c:\program files\Norton Security Scan\Nss.exe [2007-04-20 05:42]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.gateway.com/g/startpage.html?Ch=Retail&Br=GTW&Loc=ENG_US&Sys=PTB&M=MT3707
IE: &ieSpell Options - c:\program files\ieSpell\iespell.dll/SPELLOPTION.HTM
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Check &Spelling - c:\program files\ieSpell\iespell.dll/SPELLCHECK.HTM
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Lookup on Merriam Webster - file://c:\program files\ieSpell\Merriam Webster.HTM
IE: Lookup on Wikipedia - file://c:\program files\ieSpell\wikipedia.HTM
FF - ProfilePath - c:\users\Lynn\AppData\Roaming\Mozilla\Firefox\Profiles\o0fpjvvp.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=VI2TDF&PC=VI2TDF&q=
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=VI2TDF&PC=VI2TDF&q=
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.allow_platform_file_picker", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("signon.prefillForms", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.remoteLookups", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.updateURL", "http://sb.google.com/safebrowsing/update?client={moz:client}&appver={moz:version}&");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.lookupURL", "http://sb.google.com/safebrowsing/lookup?sourceid=firefox-antiphish&features=TrustRank&client={moz:client}&appver={moz:version}&");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.safebrowsing.provider.0.reportURL", "http://sb.google.com/safebrowsing/report?");
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-21 11:31
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2010-04-21 11:46:46
ComboFix-quarantined-files.txt 2010-04-21 18:46
ComboFix2.txt 2010-04-18 21:18
ComboFix3.txt 2010-04-19 05:52
Pre-Run: 88,107,622,400 bytes free
Post-Run: 89,335,312,384 bytes free
- - End Of File - - 00C85E0D69D772C37145BA82F0563CEB