ComboFix 10-06-02.01 - Brenda 06/02/2010 17:10:25.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.767.408 [GMT -5:00]
Running from: c:\documents and settings\Brenda\Desktop\combo-fix.exe
AV: Microsoft Security Essentials *On-access scanning disabled* (Outdated) {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Brenda\Application Data\.#
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\cup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\customer_cup.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\heart.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_down.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_up.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\plates.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\ticket.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\tray.png
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\music\mainmenumusic.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_bring_check_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_diner.ogg
c:\windows\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_dish_dropoff_1_snd.oggc:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_a.png
c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_b.png
c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\ui\upgrades\icon_table_c.png
c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\upsell\dd1.jpg
c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\upsell\dd2.jpg
c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\upsell\dd3.jpg
c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\assets\upsell\dd4.jpg
c:\windows\Downloaded Program Files\DinerDash2.1.0.0.48\dinerdash2.exe
c:\windows\Downloaded Program Files\f3initialsetup1.0.0.5.inf
c:\windows\Downloaded Program Files\popcaploader.dll
c:\windows\Downloaded Program Files\popcaploader.inf
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\music\mainmenumusic.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\areabomb.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\beetlezap.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\bonusrow.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\bonustimer.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\bucketfilled.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\clearpyramid.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle1a.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle1b.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle1c.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle2a.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle2b.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\cleartriangle2c.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\colorchain.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\dialogbox.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\drumbeat.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\fillrow.ogg
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\assets\audio\sfx\gateopen.oggc:\windows\Downloaded Program Files\TriJinx.1.0.0.55\strings.xml
c:\windows\Downloaded Program Files\TriJinx.1.0.0.55\TriJinx.exe
c:\windows\MailSwitch.ocx
c:\windows\system32\Data
Infected copy of c:\windows\system32\drivers\disk.sys was found and disinfected
Restored copy from - Kitty had a snack :p
.
((((((((((((((((((((((((( Files Created from 2010-05-02 to 2010-06-02 )))))))))))))))))))))))))))))))
.
2010-06-02 18:54 . 2010-06-02 18:58 -------- d-----w- C:\All other Misc files created before June 2010
2010-06-02 11:46 . 2010-06-02 11:47 -------- d-----w- C:\DECCHECK
2010-06-02 04:54 . 2010-06-02 04:54 36352 ----a-w- c:\windows\system32\drivers\pchbkwka.sys
2010-05-31 12:34 . 2010-05-31 12:34 -------- d-----w- c:\documents and settings\Brenda\Local Settings\Application Data\PCHealth
2010-05-31 12:34 . 2010-05-31 12:34 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2010-05-29 23:19 . 2010-05-29 23:29 -------- d-----w- c:\documents and settings\Brenda\Local Settings\Application Data\nos
2010-05-29 23:19 . 2010-05-29 23:19 86016 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
2010-05-29 22:46 . 2010-05-29 22:46 -------- d-----w- c:\program files\ESET
2010-05-29 22:39 . 2010-05-29 22:39 -------- d-----w- c:\program files\Common Files\Java
2010-05-29 22:38 . 2010-05-29 22:36 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-29 22:36 . 2010-05-29 22:36 -------- d-----w- c:\program files\Java
2010-05-28 00:43 . 2010-05-28 00:43 23552 ----a-w- c:\windows\xobglu32.dll
2010-05-28 00:43 . 2010-05-28 00:43 63488 ----a-w- c:\windows\xobglu16.dll
2010-05-27 22:02 . 2010-05-27 22:02 -------- d-----w- C:\_OTL
2010-05-26 18:46 . 2010-05-27 02:46 -------- d-----w- c:\windows\system32\MpEngineStore
2010-05-26 18:28 . 2010-05-26 18:28 -------- d-----w- C:\7e96eceef3e83ddda1c06f471906d6
2010-05-26 18:11 . 2010-05-21 19:14 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-26 02:08 . 2010-05-26 02:09 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-05-25 11:24 . 2010-05-25 11:24 -------- d-----w- c:\documents and settings\Brenda\Local Settings\Application Data\The Weather Channel
2010-05-24 18:27 . 2010-05-26 18:10 -------- d-----w- c:\program files\Windows Live Safety Center
2010-05-24 12:42 . 2010-05-24 12:42 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2010-05-23 20:55 . 2010-05-23 20:55 -------- d-----w- C:\$AVG
2010-05-23 00:14 . 2010-05-23 00:19 -------- d-----w- c:\program files\ATT-PRT22-WISE
2010-05-23 00:14 . 2010-05-23 00:14 -------- d-----w- c:\program files\ATT
2010-05-22 22:14 . 2010-05-22 22:14 -------- d-----w- c:\program files\AVG
2010-05-22 22:13 . 2010-06-01 01:46 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-05-22 20:04 . 2010-05-22 20:04 -------- d-----w- c:\documents and settings\Brenda\Application Data\Malwarebytes
2010-05-22 20:04 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-22 20:04 . 2010-05-22 20:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-05-22 20:04 . 2010-05-22 20:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-22 20:04 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-21 21:59 . 2010-05-21 21:59 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2010-05-19 17:15 . 2010-05-19 17:15 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Yahoo!
2010-05-19 17:15 . 2010-05-19 17:15 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Yahoo!
2010-05-19 17:15 . 2010-05-19 17:15 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE
2010-05-17 20:12 . 2010-05-17 20:12 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-30 13:13 . 2009-02-06 23:46 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-05-29 23:21 . 2009-02-07 00:09 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-05-28 17:34 . 2007-05-09 12:11 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-05-28 16:52 . 2009-05-27 00:51 -------- d-----w- c:\program files\Megaplex Madness - Now Playing
2010-05-28 01:20 . 2006-11-29 02:16 -------- d-----w- c:\program files\Fizzball
2010-05-27 01:25 . 2007-03-11 17:06 36772214 ----a-w- c:\windows\Internet Logs\tvDebug.zip
2010-05-25 00:30 . 2009-01-05 00:15 -------- d-----w- c:\program files\Paint.NET
2010-05-25 00:26 . 2007-05-18 17:52 -------- d--h--w- c:\documents and settings\Brenda\Application Data\Move Networks
2010-05-24 21:28 . 2010-01-27 20:50 -------- d-----w- c:\program files\Encore
2010-05-24 19:46 . 2009-01-02 18:57 -------- d-----w- c:\program files\RealArcade
2010-05-24 19:45 . 2007-01-10 23:49 -------- d-----w- c:\program files\Dolphin
2010-05-24 19:29 . 2005-05-25 21:22 -------- d-----w- c:\program files\The Learning Company
2010-05-24 19:19 . 2003-02-01 15:19 -------- d-----w- c:\program files\Hasbro Interactive
2010-05-23 11:43 . 2006-04-20 16:48 -------- d-----w- c:\program files\Common Files\Motive
2010-05-23 00:14 . 2006-04-20 16:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Motive
2010-05-22 21:37 . 2003-01-20 02:56 -------- d-----w- c:\program files\Yahoo!
2010-05-22 21:37 . 2006-04-20 16:35 -------- d-----w- c:\documents and settings\All Users\Application Data\yahoo!
2010-05-22 21:27 . 2006-04-20 17:13 -------- d-----w- c:\program files\Common Files\Scanner
2010-05-21 21:48 . 2010-05-22 03:17 3886080 ----a-w- c:\windows\Internet Logs\xDBB.tmp
2010-05-20 12:13 . 2006-04-20 16:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2010-05-14 00:58 . 2007-05-09 12:08 -------- d-----w- c:\documents and settings\All Users\Application Data\BigFishGamesCache
2010-04-24 19:42 . 2007-11-19 15:42 32256 ---h--w- C:\~WRL2179.tmp
2010-04-24 19:42 . 2007-11-19 15:42 32768 ---h--w- C:\~WRL0256.tmp
2010-04-24 19:42 . 2007-11-19 15:42 32256 ---h--w- C:\~WRL0220.tmp
2010-03-27 15:10 . 2010-03-27 15:10 50354 ----a-w- c:\documents and settings\Brenda\Application Data\Facebook\uninstall.exe
2010-03-10 06:15 . 2002-02-26 20:58 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-06 05:30 . 2010-03-06 05:30 847040 ----a-w- c:\documents and settings\Brenda\Application Data\Facebook\axfbootloader.dll
2010-03-06 05:30 . 2010-03-06 05:30 5582848 ----a-w- c:\documents and settings\Brenda\Application Data\Facebook\npfbplugin_1_0_3.dll
2008-03-08 21:09 . 2008-03-08 21:09 0 ----a-w- c:\program files\temp01
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MoneyAgent"="c:\program files\Microsoft Money\System\Money Express.exe" [2001-07-25 184376]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2009-02-11 801904]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-04-17 95536]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-06-20 4351216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2001-08-17 28738]
"diagent"="c:\program files\Creative\SBLive\Diagnostics\diagent.exe" [2002-04-03 135264]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"AdaptecDirectCD"="c:\program files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" [2002-04-10 679936]
"DwlClient"="c:\program files\Common Files\Dell\EUSW\Support.exe" [2002-12-03 212992]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe" [2004-06-21 172032]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-04-08 77824]
"BJCFD"="c:\program files\BroadJump\Client Foundation\CFD.exe" [2002-09-11 368706]
"YBrowser"="c:\progra~1\Yahoo!\browser\ybrwicon.exe" [2006-07-21 129536]
"Zone Labs Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2006-08-24 968696]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2008-10-07 111856]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-30 185896]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-26 652624]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-09-14 1603152]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-04-17 54576]
"EverioService"="c:\program files\CyberLink\PCM4Everio\EverioService.exe" [2007-11-01 151552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-02-21 1093208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2002-11-15 45056]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588]
Microsoft Works Calendar Reminders.lnk - c:\program files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [2001-8-7 24633]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\XEROX\\NWWIA\\XrxFTPLt.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
S3 DSCVc;Video Capture;c:\windows\system32\DRIVERS\CoachVc.sys --> c:\windows\system32\DRIVERS\CoachVc.sys [?]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 09:32 128512 ----a-w- c:\windows\SYSTEM32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
2003-01-03 c:\windows\Tasks\FRU Task 2002-05-31 16:38ewlett-PackardeskjetD1F5C76C62909B80B7DD96D9CE9D83EC24F74D1377528048C4168AA70B210A5D320.job
- c:\program files\Hewlett-Packard\upapp\hpqfruv.exe [2002-05-31 15:38]
2002-11-19 c:\windows\Tasks\ISP signup reminder 1.job
- c:\windows\System32\OOBE\OOBEBALN.EXE [2001-08-18 00:12]
2010-06-02 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2009-12-09 23:02]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://us.mc825.mail.yahoo.com/mc/welcome?.partner=sbc&.gx=0&.tm=1246966300&.rand=3qt4e5hr8e06dmSearch Bar =
hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.htmluInternet Settings,ProxyOverride = 127.0.0.1
uSearchURL,(Default) =
hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.comTrusted Zone: christianbook.com\dlm
Trusted Zone: christianbook.com\drm
Trusted Zone: christianbook.com\www
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cabDPF: {049A470D-F818-4E34-B14D-E4E237DADCF8} -
hxxp://games.bigfishgames.com/en_fashion-dash/online/fashiondashweb.1.0.0.21.cabDPF: {65FDEDF3-8ED9-4F5B-825E-18C2D44191A7} -
hxxp://d.66.155.171.39.downloads.estara.com./as/OneCCDM.php?template=1302&sessionid=928213738_66.155.171.39_48602&=&req=1167233643281OneCC.cabDPF: {6C7CAD20-85AA-475A-AC0D-303C4A9A69CE} -
hxxp://www.shockwave.com/content/greatchocolatechase/sis/greatchocolatechaseweb.1.0.0.12.cabDPF: {74EF5274-F439-2168-B543-14745B625C72} -
hxxp://games.bigfishgames.com/en_wedding-dash-2-rings-around-world-game/online/WeddingDash2Web.1.0.0.11.cabDPF: {8ADC4409-4FBF-4224-B73F-2392C721BCB4} -
hxxp://games.bigfishgames.com/en_butterflyescape/online/GenimoWebGamesControl.cabDPF: {935F9B04-0C7B-4454-A391-348C54AD7ADD} -
hxxp://games.bigfishgames.com/en_bigcityadventuresa/online/JBGamePlayer.cabDPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} -
hxxp://www.gamehouse.com/games/delish/zylomplayer.cabDPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} -
hxxps://www.stopzilla.com/_download/Auto_Installer/dwnldr.cabDPF: {D40F5876-A494-4124-8161-82625BB28C06} -
hxxp://games.bigfishgames.com/en_chocolatier-2-secret-ingredients/online/Chocolatier2Web.1.0.0.10.cabDPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} -
hxxp://www.bigfishgames.com/online/dinerdash/DinerDash.1.0.0.58.cabFF - ProfilePath - c:\documents and settings\Brenda\Application Data\Mozilla\Firefox\Profiles\v8eddjxk.default\
FF - plugin: c:\documents and settings\Brenda\Application Data\Facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\program files\Common Files\Motive\npMotive.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Musicnotes\npmusicn.dll
FF - plugin: c:\program files\Musicnotes\NPSibelius.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-06-02 17:28
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DwlClient = c:\program files\Common Files\Dell\EUSW\Support.exe?l?e?s?\?D?e?l?l?\?E?U?S?W?\?S?u?p?p?o?r?t?.?e?x?e???????X:??????x??? ???X??? ??????? ???P????(?w'(?w????????????(???u??????w????????????0????$?w7(?w?o?wS??w???w????????????x'@?????????X????????"@?e?????
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2010-06-02 17:34:47
ComboFix-quarantined-files.txt 2010-06-02 22:34
Pre-Run: 48,665,714,688 bytes free
Post-Run: 51,149,467,648 bytes free
- - End Of File - - F964E673EFBF3F1F07504A841180CFE2