Here is the combofix log.
thanks again,
todd
ComboFix 10-03-19.08 - Daddy's 03/20/2010 6:37.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3069.1161 [GMT -7:00]
Running from: c:\users\Daddy's\Desktop\schrauber.exe
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-1667813676-3718549145-1303418750-500
c:\$recycle.bin\S-1-5-21-2773397201-2855733099-4214572315-500
c:\progra~1\Webroot\WEBROO~1\Backup\ntSVc.ocx
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
c:\windows\system32\Connect.dll
c:\windows\system32\oem5.inf
.
((((((((((((((((((((((((( Files Created from 2010-02-20 to 2010-03-20 )))))))))))))))))))))))))))))))
.
2010-03-20 13:46 . 2010-03-20 13:46 -------- d-----w- c:\users\Marlee\AppData\Local\temp
2010-03-20 13:46 . 2010-03-20 13:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-03-20 13:46 . 2010-03-20 13:46 -------- d-----w- c:\users\Andrew\AppData\Local\temp
2010-03-15 13:40 . 2010-03-15 13:40 5845664 ----a-w- c:\programdata\Creative\Software Update\cache\Creative ZEN Mozaic Firmware 1.06.01__\ZENMozaic_PCFW_L22_1_06_01.exe
2010-03-15 13:40 . 2010-03-15 13:40 16591600 ----a-w- c:\programdata\Creative\Software Update\cache\Creative ZEN Mozaic Starter Pack 1.16.02__\ZENMozaic_PCApp_A4_1_16_02.exe
2010-03-14 18:29 . 2010-03-14 18:29 -------- d-----w- c:\users\Andrew\AppData\Roaming\Webroot
2010-03-14 18:28 . 2010-03-14 18:28 -------- d-----w- c:\users\Andrew\AppData\Roaming\Malwarebytes
2010-03-14 18:03 . 2010-03-14 18:03 -------- d-----w- c:\users\Marlee\AppData\Roaming\Webroot
2010-03-14 18:03 . 2010-03-14 18:03 -------- d-----w- c:\users\Marlee\AppData\Roaming\Malwarebytes
2010-03-13 04:32 . 2010-03-13 04:38 -------- d-----w- c:\programdata\Webroot
2010-03-13 04:32 . 2010-03-13 04:32 -------- d-----w- c:\users\Daddy's\AppData\Roaming\Webroot
2010-03-13 04:32 . 2009-11-06 23:19 1563008 ----a-w- c:\windows\WRSetup.dll
2010-03-13 02:36 . 2010-01-08 00:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-13 02:36 . 2010-01-08 00:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-12 05:05 . 2010-03-12 05:05 -------- d-----w- c:\program files\CCleaner
2010-03-12 03:12 . 2010-03-12 03:12 -------- d-----w- c:\users\Daddy's\AppData\Roaming\Malwarebytes
2010-03-12 03:12 . 2010-03-12 03:12 -------- d-----w- c:\programdata\Malwarebytes
2010-03-12 03:12 . 2010-03-13 02:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-11 11:02 . 2010-03-11 11:02 -------- d-sh--w- c:\windows\system32\%APPDATA%
2010-03-11 11:00 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll
2010-03-11 11:00 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys
2010-03-11 11:00 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll
2010-03-05 14:33 . 2010-03-05 14:33 -------- d-----w- c:\program files\iPod
2010-03-05 14:33 . 2010-03-05 14:33 -------- d-----w- c:\program files\iTunes
2010-03-05 14:28 . 2010-03-05 14:28 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-03-04 15:33 . 2010-03-04 15:33 -------- d-----w- c:\users\Andrew\AppData\Local\assembly
2010-03-04 15:33 . 2010-03-04 15:33 -------- d-----w- c:\users\Andrew\AppData\Local\IsolatedStorage
2010-02-28 04:07 . 2010-02-28 04:07 690952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-02-23 19:31 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll
2010-02-23 19:30 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-23 19:30 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll
2010-02-23 19:30 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-23 19:30 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-23 19:30 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-23 19:30 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-23 19:30 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-23 19:30 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-23 19:30 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll
2010-02-23 19:30 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-02-23 19:30 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-02-23 19:30 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-02-19 01:07 . 2010-02-19 01:07 -------- d-----w- c:\users\Marlee\AppData\Local\Apple
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-20 13:13 . 2008-06-21 21:52 -------- d-----w- c:\program files\Blue Coat K9 Web Protection
2010-03-20 11:15 . 2008-06-27 21:23 -------- d-----w- c:\programdata\Google Updater
2010-03-15 17:00 . 2008-06-03 14:10 12 ----a-w- c:\windows\bthservsdp.dat
2010-03-15 16:57 . 2008-06-03 18:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-15 16:55 . 2008-06-28 01:10 -------- d-----w- c:\program files\Shockwave.com
2010-03-15 16:54 . 2008-09-29 15:20 -------- d-----w- c:\program files\Yahoo! Games
2010-03-13 04:32 . 2008-08-16 21:20 -------- d-----w- c:\program files\Webroot
2010-03-13 04:29 . 2009-04-01 02:14 164 ----a-w- c:\windows\install.dat
2010-03-12 05:16 . 2008-08-13 23:01 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-03-12 05:12 . 2008-08-13 23:01 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-03-11 11:20 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-03-11 11:05 . 2008-06-03 18:30 -------- d-----w- c:\programdata\Microsoft Help
2010-03-05 14:33 . 2009-01-15 23:09 -------- d-----w- c:\program files\Common Files\Apple
2010-02-25 00:32 . 2009-06-04 17:03 74912 ----a-w- c:\users\Andrew\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 23:40 . 2009-06-04 22:51 74912 ----a-w- c:\users\Marlee\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-24 17:16 . 2009-10-03 06:52 181632 ------w- c:\windows\system32\MpSigStub.exe
2010-02-24 14:41 . 2008-06-21 18:53 74912 ----a-w- c:\users\Daddy's\AppData\Local\GDIPFONTCACHEV1.DAT
2010-01-27 14:31 . 2008-06-03 18:35 -------- d-----w- c:\program files\Google
2010-01-23 22:29 . 2010-01-23 22:29 -------- d-----w- c:\users\Daddy's\AppData\Roaming\Amazon
2010-01-23 22:28 . 2009-02-27 20:42 -------- d-----w- c:\program files\Amazon
2010-01-21 03:04 . 2009-12-27 07:18 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-06 15:38 . 2010-02-23 19:30 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2010-01-06 15:38 . 2010-02-23 19:30 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll
2010-01-06 15:38 . 2010-02-23 19:30 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll
2010-01-06 15:38 . 2010-02-23 19:30 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2010-01-02 06:38 . 2010-02-12 20:28 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-02-12 20:28 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 06:32 . 2010-02-12 20:28 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 04:57 . 2010-02-12 20:28 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-25 15:55 . 2009-12-25 15:55 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
2009-12-21 23:04 . 2008-07-02 01:12 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-12-21 23:04 . 2008-07-02 01:12 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-12-01 01:10 . 2009-12-01 01:10 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2008-06-03 18:26 . 2008-06-03 18:26 74 --sh--r- c:\windows\CT4CET.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\BackupIconOverlayId]
@="{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}"
[HKEY_CLASSES_ROOT\CLSID\{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}]
2009-11-06 23:14 238968 ----a-w- c:\program files\Webroot\WebrootSecurity\Backup\CtxMenu_1_0_0_10.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\windows\RtHDVCpl.exe" [2008-01-17 4907008]
"Bluetooth HCI Monitor"="HCIMNTR.DLL" [2006-12-07 9728]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-12-01 30192]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"OEM05Mon.exe"="c:\windows\OEM05Mon.exe" [2007-08-22 36864]
"Kernel and Hardware Abstraction Layer"="c:\windows\KHALMNPR.EXE" [2007-01-23 101136]
"LogitechCommunicationsManager"="c:\program files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-01-12 488984]
"LVCOMSX"="c:\program files\Common Files\LogiShrd\LComMgr\LVComSX.exe" [2007-01-12 244512]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-16 141608]
"SpySweeper"="c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe" [2009-11-06 6515784]
c:\users\Marlee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-6-21 688128]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(

:3f,59,1e,7b,44,44,ca,01
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 135664]
R2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2007-12-14 309744]
R2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2007-12-14 166384]
R2 SessionLauncher;SessionLauncher;c:\users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
R3 CTUPnPSv;Creative Centrale Media Server;c:\program files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2009-12-01 30192]
R3 OEM05Afx;Provides a software interface to control audio effects of OEM005 camera.;c:\windows\system32\Drivers\OEM05Afx.sys [2007-08-22 141376]
R3 RoxMediaDB10;RoxMediaDB10;c:\program files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2007-12-14 1112560]
R4 oggtjsdhujqoty;oggtjsdhujqoty; [x]
S0 ssfs0bbc;ssfs0bbc;c:\windows\system32\DRIVERS\ssfs0bbc.sys [2009-11-06 29808]
S1 bckd;bckd;c:\windows\system32\drivers\bckd.sys [2009-01-13 72992]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]
S2 bckwfs;Blue Coat K9 Web Protection;c:\program files\Blue Coat K9 Web Protection\k9filter.exe [2009-01-13 1078560]
S2 cprmjbqumdxgrx;cprmjbqumdxgrx;c:\windows\system32\xdeevl.exe [2008-03-16 81991]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\WebrootSecurity\WRConsumerService.exe [2010-03-13 1201640]
S3 netr73;Netopia RT73 Wireless Driver for Vista;c:\windows\system32\DRIVERS\netr73.sys [2009-05-24 501248]
S3 OEM05Vfx;Creative Camera OEM005 Video VFX Driver;c:\windows\system32\DRIVERS\OEM05Vfx.sys [2007-08-22 7424]
S3 OEM05Vid;Creative Camera OEM005 Driver;c:\windows\system32\DRIVERS\OEM05Vid.sys [2007-08-22 235616]
S3 RLDesignVirtualAudioCableWdm;Live! Cam Virtual;c:\windows\system32\DRIVERS\livecamv.sys [2007-01-15 31616]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
getPlusHelper REG_MULTI_SZ getPlusHelper
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
2010-03-20 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-03 07:26]
2010-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 02:24]
2010-03-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-07 02:24]
2010-03-19 c:\windows\Tasks\User_Feed_Synchronization-{77A147F5-8BAF-4745-A2B7-4E32A4858AA4}.job
- c:\windows\system32\msfeedssync.exe [2010-02-12 04:56]
2010-03-20 c:\windows\Tasks\wrSpySweeper_LDB3E56D53A21482AABE48BB3A04599F2.job
- c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe [2010-03-13 23:19]
2010-03-20 c:\windows\Tasks\wrSpySweeper_LDB3E56D53A21482AABE48BB3A04599F2.job
- c:\program files\Webroot\WebrootSecurity\SpySweeperUI.exe [2010-03-13 23:19]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
LSP: c:\windows\system32\wpclsp.dll
FF - ProfilePath - c:\users\Daddy's\AppData\Roaming\Mozilla\Firefox\Profiles\kqfib0p2.default\
FF - prefs.js: browser.startup.homepage - usatoday.com
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Virtual Earth 3D\npVE3D.dll
FF - plugin: c:\users\Daddy's\AppData\Roaming\Mozilla\Firefox\Profiles\kqfib0p2.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -
SafeBoot-mcmscsvc
SafeBoot-MCODS
AddRemove-HijackThis - c:\program files\Trend Micro\HijackThis\HijackThis.exe
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-03-20 06:46
Windows 6.0.6002 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\oggtjsdhujqoty]
"ImagePath"=" "
.
Completion time: 2010-03-20 06:49:29
ComboFix-quarantined-files.txt 2010-03-20 13:49
Pre-Run: 215,663,005,696 bytes free
Post-Run: 215,954,714,624 bytes free
- - End Of File - - B53D5B9E98A68F463E2F836A0B3791B1