Results of screen317's Security Check version 0.99.4
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
AVG Free 9.0
Trend Micro Internet Security
Microsoft Security Essentials
Antivirus up to date! (On Access scanning disabled!)
```````````````````````````````
Anti-malware/Other Utilities Check:
HijackThis 2.0.2
CCleaner
````````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSMpEng.exe
WinPatrol winpatrol.exe
AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
Microsoft Security Essentials msseces.exe
BillP Studios WinPatrol WinPatrol.exe
Trend Micro BM TMBMSRV.exe
````````````````````````````````
DNS Vulnerability Check:
GREAT! (Not vulnerable to DNS cache poisoning)
``````````End of Log````````````
ComboFix 10-06-29.04 - map 06/30/2010 12:24:49.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3326.2168 [GMT -5:00]
Running from: c:\users\map\Desktop\ComboFix.exe
AV: Trend Micro Internet Security *On-access scanning disabled* (Updated) {7D2296BC-32CC-4519-917E-52E652474AF5}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\gotomon.log
c:\windows\system32\st325866.dll
G:\Autorun.inf
.
((((((((((((((((((((((((( Files Created from 2010-05-28 to 2010-06-30 )))))))))))))))))))))))))))))))
.
2010-06-30 17:33 . 2010-06-30 17:33 -------- d-----w- c:\users\map\AppData\Local\temp
2010-06-30 17:00 . 2010-06-30 17:00 -------- d-----w- c:\program files\ERUNT
2010-06-30 00:58 . 2008-04-07 10:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2010-06-30 00:40 . 2010-06-30 00:44 -------- d-----w- c:\programdata\NOS
2010-06-30 00:40 . 2010-06-30 00:40 -------- d-----w- c:\program files\NOS
2010-06-30 00:40 . 2010-06-30 00:51 -------- d--h--w- c:\windows\AxInstSV
2010-06-29 18:06 . 2010-06-29 18:06 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2010-06-27 02:42 . 2007-05-06 22:11 94208 ----a-w- c:\windows\system32\stacsv.exe
2010-06-27 02:42 . 2007-04-10 23:02 1601536 ----a-w- c:\windows\system32\stlang.dll
2010-06-27 02:41 . 2007-05-06 22:12 326656 ----a-w- c:\windows\system32\drivers\stwrt.sys
2010-06-27 02:41 . 2007-05-06 22:11 326144 ----a-w- c:\windows\system32\stcplx.dll
2010-06-27 02:41 . 2007-05-06 22:11 587776 ----a-w- c:\windows\system32\stapo.dll
2010-06-27 02:41 . 2007-05-06 22:10 244736 ----a-w- c:\windows\system32\stapi32.dll
2010-06-27 02:41 . 2010-06-27 02:41 -------- d-----w- c:\program files\SigmaTel
2010-06-25 23:59 . 2010-06-25 23:59 -------- d-----w- c:\program files\CCleaner
2010-06-25 23:57 . 2010-05-21 17:11 475648 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.scr
2010-06-25 23:57 . 2010-05-21 17:11 1061888 ----a-w- c:\windows\system32\MyDefragScreenSaver_v4.3.1.exe
2010-06-25 23:57 . 2010-06-29 12:07 -------- d-----w- c:\program files\MyDefrag v4.3.1
2010-06-24 09:22 . 2010-06-24 09:22 -------- d-----w- C:\rsit
2010-06-24 00:34 . 2009-11-25 17:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-24 00:34 . 2009-11-25 17:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-24 00:34 . 2009-11-25 17:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-24 00:34 . 2009-11-25 17:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-24 00:34 . 2009-11-25 17:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-24 00:34 . 2010-05-09 09:14 641536 ----a-w- c:\windows\system32\CPFilters.dll
2010-06-24 00:34 . 2010-05-09 09:14 417792 ----a-w- c:\windows\system32\msdri.dll
2010-06-24 00:34 . 2010-03-24 06:37 1286456 ----a-w- c:\windows\system32\ntdll.dll
2010-06-23 14:36 . 2010-06-30 15:19 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-06-23 02:34 . 2009-06-10 21:42 24 ----a-w- c:\users\map\AppData\Roaming\WinPatrol\Autoexec.bat
2010-06-23 02:34 . 2009-06-10 21:42 10 ----a-w- c:\users\map\AppData\Roaming\WinPatrol\Config.sys
2010-06-23 02:34 . 2010-06-23 02:34 -------- d-----w- c:\users\map\AppData\Roaming\WinPatrol
2010-06-23 02:34 . 2010-06-23 02:45 -------- d-----w- c:\program files\BillP Studios
2010-06-22 18:53 . 2010-06-22 18:53 388096 ----a-r- c:\users\map\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-06-10 23:58 . 2010-06-10 23:58 -------- d-----w- c:\programdata\IObit
2010-06-10 13:04 . 2010-06-10 13:04 -------- d-----w- C:\$AVG
2010-06-09 23:33 . 2010-05-21 05:18 977920 ----a-w- c:\windows\system32\wininet.dll
2010-06-09 23:33 . 2010-05-01 14:49 2326528 ----a-w- c:\windows\system32\win32k.sys
2010-06-09 23:33 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
2010-06-09 23:33 . 2010-05-27 07:24 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-06-09 23:33 . 2010-05-27 03:49 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-06-09 12:13 . 2010-06-09 12:13 -------- d-----w- c:\users\map\AppData\Local\Threat Expert
2010-06-09 07:27 . 2010-06-28 11:11 -------- d-----w- c:\program files\Spyware Doctor
2010-06-09 00:02 . 2010-06-09 00:02 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-06-09 00:02 . 2010-06-09 14:42 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-06-09 00:02 . 2010-06-09 00:02 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-06-09 00:02 . 2010-06-30 13:18 -------- d-----w- c:\windows\system32\drivers\Avg
2010-06-09 00:02 . 2010-06-09 14:42 29584 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-06-09 00:00 . 2010-06-09 00:00 -------- d-----w- c:\program files\AVG
2010-06-08 23:59 . 2010-06-09 00:00 -------- d-----w- c:\programdata\avg9
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-30 15:56 . 2008-10-29 16:47 -------- d-----w- c:\program files\Trend Micro
2010-06-30 14:57 . 2008-05-02 14:16 6618 ----a-w- c:\users\map\AppData\Roaming\wklnhst.dat
2010-06-30 03:14 . 2009-12-27 04:48 97056 ----a-w- c:\users\map\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-30 00:57 . 2007-12-10 11:25 -------- d-----w- c:\program files\Common Files\Adobe
2010-06-29 01:00 . 2007-12-10 11:36 -------- d-----w- c:\program files\Google
2010-06-29 00:56 . 2008-08-02 11:01 -------- d-----w- c:\program files\CoffeeCup Software
2010-06-29 00:36 . 2010-05-27 01:05 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-06-27 02:34 . 2007-12-10 11:14 -------- d-----w- c:\program files\Intel
2010-06-24 00:35 . 2009-04-10 06:13 -------- d-----w- c:\program files\Microsoft.NET
2010-06-23 14:24 . 2010-04-30 23:23 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-11 21:44 . 2009-11-27 06:50 -------- d-----w- c:\program files\Pando Networks
2010-06-11 21:40 . 2010-05-08 03:20 -------- d-----w- c:\programdata\Skype
2010-06-05 22:41 . 2008-06-03 00:18 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-03 11:05 . 2009-12-27 12:32 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2010-06-03 11:05 . 2010-05-19 11:56 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2010-06-01 17:37 . 2009-10-05 05:41 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-29 20:56 . 2010-05-29 20:56 48388 ----a-w- c:\programdata\Blizzard Entertainment\Battle.net\Cache\Download\Scan.dll
2010-05-28 12:09 . 2010-04-30 23:25 4277016 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2010-05-28 12:09 . 2010-05-28 12:09 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2010-05-28 12:09 . 2009-12-25 11:10 588096 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-05-28 12:09 . 2010-01-29 11:49 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2010-05-26 22:34 . 2008-02-19 00:29 161296 ----a-w- c:\windows\system32\drivers\tmcomm.sys
2010-05-26 22:30 . 2007-12-10 11:14 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-05-18 17:43 . 2009-08-20 01:01 -------- d-----w- c:\programdata\Blizzard Entertainment
2010-05-11 21:11 . 2008-02-13 09:17 -------- d-----w- c:\programdata\NVIDIA
2010-05-11 21:11 . 2010-02-07 03:18 -------- d-----w- c:\program files\NVIDIA Corporation
2010-05-11 21:03 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-05-11 20:48 . 2010-05-08 03:21 -------- d-----w- c:\users\map\AppData\Roaming\Skype
2010-05-11 13:06 . 2010-05-08 03:24 -------- d-----w- c:\users\map\AppData\Roaming\skypePM
2010-05-08 03:24 . 2010-05-08 03:24 56 ---ha-w- c:\programdata\ezsidmv.dat
2010-04-30 23:25 . 2009-12-27 12:32 588096 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-04-30 23:25 . 2009-12-27 12:32 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2010-04-23 07:13 . 2010-05-26 02:40 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-03 23:27 . 2010-04-03 23:27 985704 ----a-w- c:\windows\system32\nvsvc.dll
2010-04-03 23:27 . 2010-04-03 23:27 13683816 ----a-w- c:\windows\system32\nvcpl.dll
2010-04-03 23:27 . 2010-04-03 23:27 129640 ----a-w- c:\windows\system32\nvvsvc.exe
2010-04-03 23:27 . 2010-04-03 23:27 110696 ----a-w- c:\windows\system32\nvmctray.dll
2002-08-01 00:55 . 2008-10-06 08:57 106 --sha-w- c:\windows\WSYS049.SYS
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2009-07-14 144384]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-09-26 185640]
"dellsupportcenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"AVG9_TRAY"="c:\progra~1\AVG\AVG9\avgtray.exe" [2010-06-09 2065248]
"WinPatrol"="c:\program files\BillP Studios\WinPatrol\winpatrol.exe" [2010-05-31 323976]
"Task Catcher"="c:\program files\BillP Studios\Task Catcher\tasktrap.exe" [2006-08-15 140856]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-05-06 405504]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2007-12-10 50688]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
backup=c:\windows\pss\Logitech SetPoint.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 15:55 206064 ----a-w- c:\program files\Dell Support Center\bin\sprtcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2007-10-10 00:57 16384 ----a-w- c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]
2008-10-10 20:46 69632 ----a-w- c:\windows\KHALMNPR.Exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 22:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 IntelDH;IntelDH Driver;c:\windows\system32\Drivers\IntelDH.sys [2007-12-10 5632]
R3 TMPassthru;Trend Micro Passthru Ndis Service;c:\windows\system32\DRIVERS\TMPassthru.sys [2008-03-02 206608]
R3 TmPfw;Trend Micro Personal Firewall;c:\progra~1\TRENDM~1\INTERN~1\TmPfw.exe [x]
R3 tmproxy;Trend Micro Proxy Service;c:\program files\Trend Micro\Internet Security\TmProxy.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-30 1343400]
R4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 135664]
S0 hotcore3;hotcore3;c:\windows\system32\drivers\hotcore3.sys [2008-02-14 39472]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-06-09 216200]
S1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-06-09 242896]
S1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;c:\windows\system32\DRIVERS\tmlwf.sys [2009-08-13 142352]
S2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-06-09 916760]
S2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-06-09 308064]
S2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-09-26 189736]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2009-08-13 50192]
S2 tmpreflt;tmpreflt;c:\windows\system32\DRIVERS\tmpreflt.sys [2009-08-13 36368]
S2 tmwfp;Trend Micro WFP Callout Driver;c:\windows\system32\DRIVERS\tmwfp.sys [2009-08-13 235024]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-26 42368]
S3 TMPassthruMP;TMPassthruMP;c:\windows\system32\DRIVERS\TMPassthru.sys [2008-03-02 206608]
S3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\DRIVERS\VSTBS23.SYS [2009-07-13 266752]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
2010-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 00:03]
2010-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-22 00:03]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.wowhead.com/
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
Trusted Zone: intuit.com\ttlc
Trusted Zone: microsoft.com\oas.support
Trusted Zone: microsoft.com\support
FF - ProfilePath - c:\users\map\AppData\Roaming\Mozilla\Firefox\Profiles\sraf3hte.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.wowhead.com
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
MSConfigStartUp-Adobe ARM - c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-Pando Media Booster - c:\program files\Pando Networks\Media Booster\PMB.exe
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
AddRemove-CNXT_MODEM_PCI_HSF - c:\program files\CONEXANT\CNXT_MODEM_PCI_HSF\UIU32m.exe
AddRemove-Fraps - c:\torrents\fraps\uninstall.exe
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,ea,51,38,54,e1,5c,44,8f,09,b5,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2e,ea,51,38,54,e1,5c,44,8f,09,b5,\
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.HTM"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.MHT"
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.url\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="IE.AssocFile.URL"
[HKEY_USERS\S-1-5-21-39228075-3906853669-2834664714-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{70CAB321-DA10-7FC5-B575-329EB7715C36}*]
"nanojjkkafliainpkpjandafiopb"=hex:6a,61,6a,6c,67,6d,61,6a,6d,6b,62,62,63,69,
63,61,69,6c,66,64,00,f6
"mahgmlkolchgjgnmmgglmbcine"=hex:6a,61,6b,6c,6e,6c,70,6a,69,6d,67,61,66,6c,70,
66,6e,70,68,68,00,f6
"abjfkmelgklfegpdpihgbbohopacaacgdn"=hex:64,62,67,61,6c,6e,64,65,61,65,69,69,
6e,6d,6a,67,64,64,64,63,6f,61,6a,62,6b,62,64,6c,61,6d,70,64,6f,66,6f,6e,68,\
"maiffjgbgagdifnbiafkpfjjed"=hex:64,62,62,67,6d,69,6a,70,6d,6d,64,68,64,64,63,
63,67,6e,68,65,6e,64,6a,69,70,6e,65,6e,6f,6d,61,63,67,67,6f,66,61,6b,6a,6e,\
[HKEY_USERS\S-1-5-21-39228075-3906853669-2834664714-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D8298EA5-9429-54C2-6D74-DAE329D339C9}*]
"malmnablccnkgemfkkblfafnhk"=hex:69,61,62,66,66,62,6f,63,6e,62,63,66,6e,70,61,
6e,6c,70,00,00
"nabmccakfhmnlfhekpopefkmcifd"=hex:6b,61,66,66,68,62,68,6a,6b,65,68,63,70,6e,
64,66,6c,61,66,61,66,6b,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-06-30 12:36:45
ComboFix-quarantined-files.txt 2010-06-30 17:36
Pre-Run: 103,145,598,976 bytes free
Post-Run: 103,120,379,904 bytes free
- - End Of File - - BF716A9339475DA38D83F3DDC5C7951E