Here is the second log i got after using the new way.
ComboFix 10-06-17.02 - Alicia 06/17/2010 20:36:23.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.456 [GMT -4:00]
Running from: c:\documents and settings\Alicia\My Documents\Downloads\ComboFix.exe
Command switches used :: c:\documents and settings\Alicia\Desktop\CFscript.txt
AV: McAfee VirusScan *On-access scanning disabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\win.com
.
((((((((((((((((((((((((( Files Created from 2010-05-18 to 2010-06-18 )))))))))))))))))))))))))))))))
.
2010-06-15 01:43 . 2010-06-15 01:43 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2010-06-15 01:43 . 2010-06-15 01:43 -------- d-sh--w- c:\documents and settings\LocalService\IECompatCache
2010-06-15 01:43 . 2010-06-15 01:43 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Zynga
2010-06-15 01:43 . 2010-06-15 01:43 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Swag_Bucks
2010-06-15 00:47 . 2010-06-15 01:36 574 ----a-w- C:\cleanup.bat
2010-06-14 23:41 . 2010-06-14 23:41 -------- d-----w- c:\documents and settings\Alicia\Application Data\QuickScan
2010-06-13 14:41 . 2010-06-16 01:03 -------- d-----w- c:\documents and settings\Alicia\Local Settings\Application Data\awrgrds
2010-06-09 17:20 . 2010-06-09 17:20 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Swag_Bucks
2010-06-09 12:51 . 2010-05-06 10:41 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-08 02:04 . 2010-06-08 02:04 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-05-31 05:00 . 2008-04-14 09:41 21504 ----a-w- c:\windows\system32\drivers\hidserv.dll
2010-05-30 15:47 . 2010-05-30 19:13 -------- d-----w- c:\documents and settings\Alicia\Application Data\TeamViewer
2010-05-30 15:47 . 2010-05-30 15:47 -------- d-----w- c:\program files\TeamViewer
2010-05-30 14:19 . 2008-04-14 09:41 21504 ----a-w- c:\windows\system32\hidserv.dll
2010-05-30 14:19 . 2008-04-14 09:41 21504 ----a-w- c:\windows\system32\dllcache\hidserv.dll
2010-05-30 12:32 . 2010-05-30 12:32 -------- d-----w- c:\documents and settings\LocalService\Application Data\PeerNetworking
2010-05-30 12:31 . 2010-05-30 12:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2010-05-30 12:31 . 2010-05-30 12:32 -------- d-----w- c:\documents and settings\Alicia\Application Data\Yahoo!
2010-05-30 12:19 . 2010-05-30 12:19 -------- d-----w- c:\documents and settings\Alicia\Local Settings\Application Data\Mozilla
2010-05-30 03:38 . 2010-06-16 03:06 -------- d-----w- c:\program files\Gamevance
2010-05-30 02:15 . 2010-05-30 02:15 -------- d-----w- c:\documents and settings\Alicia\Application Data\Uniblue
2010-05-30 02:13 . 2010-05-30 02:13 -------- d-----w- c:\program files\Uniblue
2010-05-30 02:11 . 2009-11-03 18:07 679936 ----a-w- c:\windows\system32\D3DX81ab.dll
2010-05-30 02:11 . 2009-11-03 18:07 1970176 ----a-w- c:\windows\system32\d3dx9.dll
2010-05-30 02:11 . 2010-05-30 02:15 -------- d-----w- c:\documents and settings\Alicia\Local Settings\Application Data\OpenCandy
2010-05-30 02:11 . 2010-05-30 02:11 -------- d-----w- c:\documents and settings\Alicia\Application Data\OpenCandy
2010-05-30 02:11 . 2010-06-16 03:06 -------- d-----w- c:\program files\Cheat Engine
2010-05-30 01:57 . 2010-05-30 01:58 -------- d-----w- c:\documents and settings\Alicia\Local Settings\Application Data\Swag_Bucks
2010-05-30 01:57 . 2010-05-30 01:57 -------- d-----w- c:\program files\Swag_Bucks
2010-05-30 01:55 . 2010-06-18 00:45 -------- d-----w- c:\program files\Steam
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-10 11:13 . 2007-08-26 22:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-06-10 01:56 . 2008-12-20 02:51 -------- d-----w- c:\program files\Microsoft Silverlight
2010-05-31 20:34 . 2010-06-14 23:41 702120 ----a-w- c:\documents and settings\Alicia\Application Data\Mozilla\Firefox\Profiles\7pvtkbss.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
2010-05-31 20:34 . 2010-06-14 23:41 868456 ----a-w- c:\documents and settings\Alicia\Application Data\Mozilla\Firefox\Profiles\7pvtkbss.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
2010-05-31 05:01 . 2010-05-31 05:01 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_NuidFltr_01005.Wdf
2010-05-31 05:01 . 2010-05-31 05:01 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2010-05-30 12:32 . 2008-09-20 04:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2010-05-30 12:32 . 2006-12-08 21:59 -------- d-----w- c:\program files\Yahoo!
2010-05-30 11:57 . 2010-02-24 19:15 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-05-30 11:57 . 2010-02-24 19:23 38784 ----a-w- c:\documents and settings\Alicia\Application Data\Macromedia\Flash Player\
www.macromedia.com\bin\airappinstaller\airappinstaller.exe2010-05-30 03:39 . 2010-05-13 12:58 154112 ----a-w- c:\documents and settings\Alicia\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\components\gvtlf.dll
2010-05-30 02:11 . 2010-05-30 02:11 257257 ----a-w- c:\documents and settings\Alicia\Application Data\OpenCandy\OpenCandy_63E786650FA14FFE9C82323BAB46C24D\DLMgr3WrapperUniBlue.exe
2010-05-23 15:33 . 2010-05-23 15:33 503808 ----a-w- c:\documents and settings\Alicia\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-2c35705d-n\msvcp71.dll
2010-05-23 15:33 . 2010-05-23 15:33 499712 ----a-w- c:\documents and settings\Alicia\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-2c35705d-n\jmc.dll
2010-05-23 15:33 . 2010-05-23 15:33 348160 ----a-w- c:\documents and settings\Alicia\Application Data\Sun\Java\Deployment\cache\6.0\46\f84c6ae-2c35705d-n\msvcr71.dll
2010-05-21 18:14 . 2009-10-03 04:16 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-14 01:54 . 2007-11-22 01:01 -------- d-----w- c:\program files\McAfee
2010-05-06 10:41 . 2005-08-16 09:18 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 05:22 . 2005-08-16 09:18 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-28 18:16 . 2010-04-28 18:15 -------- d-----w- c:\program files\iTunes
2010-04-28 18:16 . 2010-04-28 18:15 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-04-28 18:15 . 2010-04-28 18:15 -------- d-----w- c:\program files\iPod
2010-04-28 18:15 . 2007-08-08 20:32 -------- d-----w- c:\program files\Common Files\Apple
2010-04-28 18:12 . 2010-04-28 18:11 -------- d-----w- c:\program files\QuickTime
2010-04-28 18:07 . 2010-04-28 18:07 -------- d-----w- c:\program files\Bonjour
2010-04-28 17:52 . 2010-04-28 17:52 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.1.1.11\SetupAdmin.exe
2010-04-21 16:07 . 2010-05-30 15:17 52224 ----a-w- c:\documents and settings\Alicia\Application Data\Mozilla\Firefox\Profiles\7pvtkbss.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\components\FFExternalAlert.dll
2010-04-21 16:07 . 2010-05-30 15:17 101376 ----a-w- c:\documents and settings\Alicia\Application Data\Mozilla\Firefox\Profiles\7pvtkbss.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\components\RadioWMPCore.dll
2010-04-20 20:45 . 2010-05-30 12:31 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2010-04-20 05:30 . 2005-08-16 09:18 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-04-08 17:20 . 2010-04-08 17:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-04-08 17:20 . 2010-04-08 17:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2008-11-07 01:22 . 2008-11-07 01:22 19385 ----a-w- c:\program files\Common Files\ypidofe.ban
2008-11-07 01:22 . 2008-11-07 01:22 16849 ----a-w- c:\program files\Common Files\vomajo._sy
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files\Zynga\tbZyng.dll" [2010-02-22 2353176]
"{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files\Swag_Bucks\tbSwag.dll" [2010-05-20 2675296]
[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
2010-02-22 16:05 2353176 ----a-w- c:\program files\Zynga\tbZyng.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
2010-05-20 19:35 2675296 ----a-w- c:\program files\Swag_Bucks\tbSwag.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files\Zynga\tbZyng.dll" [2010-02-22 2353176]
"{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files\Swag_Bucks\tbSwag.dll" [2010-05-20 2675296]
[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{7B13EC3E-999A-4B70-B9CB-2617B8323822}"= "c:\program files\Zynga\tbZyng.dll" [2010-02-22 2353176]
"{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94}"= "c:\program files\Swag_Bucks\tbSwag.dll" [2010-05-20 2675296]
[HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}]
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 24576]
"Steam"="c:\program files\steam\steam.exe" [2010-05-30 1238352]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-04-29 5248312]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-07-21 98304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-07-21 86016]
"Persistence"="c:\windows\system32\igfxpers.exe" [2006-07-21 81920]
"SigmatelSysTrayApp"="stsystra.exe" [2006-07-24 282624]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 151552]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-10-31 57344]
"MBMon"="CTMBHA.DLL" [2006-06-29 1355042]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"VoiceCenter"="c:\program files\Creative\VoiceCenter\AndreaVC.exe" [2006-02-16 1118208]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-10-29 1218008]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-04-13 47392]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-04 866584]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-06-03 206064]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-18 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-24 142120]
"Gamevance"="c:\program files\Gamevance\gamevance32.exe" [2010-05-30 222720]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]
c:\documents and settings\Alicia\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 8:19 PM 13592]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
.
Contents of the 'Scheduled Tasks' folder
2010-06-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
2010-06-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2007-11-22 16:22]
2010-05-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2007-11-22 16:22]
2010-06-18 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]
2010-06-18 c:\windows\Tasks\User_Feed_Synchronization-{605085C0-5B98-4066-B4DB-6E70B0C00825}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
2010-06-18 c:\windows\Tasks\User_Feed_Synchronization-{79B7F784-C95B-4D49-B4D9-E67329AE0EF3}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.washingtonpost.com/uDefault_Search_URL =
hxxp://www.google.com/ieuInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant =
hxxp://www.google.comuSearchURL,(Default) =
hxxp://www.google.com/search?q=%sIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} -
hxxp://s.nx.com/activex/public_new/nxpm.cabDPF: {D40F5876-A494-4124-8161-82625BB28C06} -
hxxp://games.myspace.com/gameshell/games/channel--110343720/lc--en/room--bf09f975-c036-4869-a4e5-d0b858db1799/online/chocolatier_2/en/Chocolatier2Web.1.0.0.10.cabDPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} -
hxxp://clubgames.pogo.com/online2/pogop/diner_dash/DinerDash.1.0.0.80.cabFF - ProfilePath - c:\documents and settings\Alicia\Application Data\Mozilla\Firefox\Profiles\7pvtkbss.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}FF - prefs.js: browser.search.selectedEngine - Swag Bucks Customized Web Search
FF - prefs.js: browser.search.selectedengine - Swag Bucks Customized Web Search
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 1101
FF - prefs.js: network.proxy.type - 4
FF - component: c:\documents and settings\Alicia\Application Data\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\components\gvtlf.dll
FF - component: c:\documents and settings\Alicia\Application Data\Mozilla\Firefox\Profiles\7pvtkbss.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Alicia\Application Data\Mozilla\Firefox\Profiles\7pvtkbss.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Alicia\Application Data\Mozilla\Firefox\Profiles\7pvtkbss.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\qscanff.dll
FF - component: c:\program files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\components\SEPsearchhelperff.dll
FF - plugin: c:\documents and settings\Alicia\Application Data\Facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\Alicia\Application Data\Move Networks\plugins\npqmp071505000010.dll
FF - plugin: c:\documents and settings\Alicia\Application Data\Move Networks\plugins\npqmp071505000011.dll
FF - plugin: c:\documents and settings\Alicia\Application Data\Mozilla\Firefox\Profiles\7pvtkbss.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-06-17 20:45
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(564)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\brss01a.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\windows\stsystra.exe
c:\windows\system32\Rundll32.exe
c:\docume~1\Alicia\LOCALS~1\Temp\clclean.0001
c:\progra~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\progra~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\progra~1\McAfee\VIRUSS~1\mcshield.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\McAfee\MPF\MPFSrv.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Dell Support Center\bin\sprtsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\eHome\ehmsas.exe
.
**************************************************************************
.
Completion time: 2010-06-17 20:52:33 - machine was rebooted
ComboFix-quarantined-files.txt 2010-06-18 00:52
ComboFix2.txt 2010-06-17 01:21
Pre-Run: 100,035,072,000 bytes free
Post-Run: 100,026,163,200 bytes free
- - End Of File - - CCC8BD6ADC7FA7B6718A29929F9C5697