ComboFix 10-05-08.01 - ROBIN 05/08/2010 15:30:35.1.2 - x86 NETWORK
Microsoft Windows 7 Starter 6.1.7600.0.1252.1.1033.18.987.565 [GMT -7:00]
Running from: c:\users\ROBIN\Desktop\commy.exe
Command switches used :: /stepdel
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\sqlite3.dll
.
((((((((((((((((((((((((( Files Created from 2010-04-08 to 2010-05-08 )))))))))))))))))))))))))))))))
.
2010-05-08 22:39 . 2010-05-08 22:39 -------- d-----w- c:\users\ROBIN\AppData\Local\temp
2010-05-08 22:39 . 2010-05-08 22:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-05-08 22:28 . 2010-05-08 22:29 -------- d-----w- C:\32788R22FWJFW
2010-05-06 01:15 . 2010-05-06 01:15 -------- d-----w- c:\users\ROBIN\AppData\Local\ElevatedDiagnostics
2010-05-05 16:12 . 2010-05-05 16:12 -------- d-----w- c:\users\ROBIN\AppData\Roaming\.BitTornado
2010-05-03 18:22 . 2010-05-08 23:07 -------- d-----w- c:\program files\BitTornado
2010-04-21 16:56 . 2010-04-21 16:56 242696 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys
2010-04-21 16:54 . 2010-04-21 16:54 1689952 ----a-w- c:\programdata\avg9\update\backup\avgupd.dll
2010-04-21 00:16 . 2010-05-08 23:06 -------- d--h--w- c:\programdata\CanonBJ
2010-04-21 00:16 . 2009-03-24 12:00 70656 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPPA0.DLL
2010-04-21 00:16 . 2009-03-24 12:00 27648 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPDA0.DLL
2010-04-21 00:16 . 2010-04-21 00:16 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information
2010-04-21 00:15 . 2009-03-24 12:00 272384 ----a-w- c:\windows\system32\CNMLMA0.DLL
2010-04-21 00:15 . 2009-03-18 16:09 178176 ----a-w- c:\windows\system32\CNMIUA0.DLL
2010-04-21 00:15 . 2010-05-08 23:06 -------- d--h--w- c:\program files\CanonBJ
2010-04-16 01:26 . 2009-04-27 12:21 28928 ----a-w- c:\windows\system32\uxtuneup.dll
2010-04-16 01:26 . 2010-04-16 01:26 361216 ----a-w- c:\windows\system32\TuneUpDefragService.exe
2010-04-14 01:03 . 2010-02-27 12:07 3899280 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-04-14 01:03 . 2010-02-27 12:07 3954568 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-04-14 01:03 . 2010-03-08 21:33 427520 ----a-w- c:\windows\system32\vbscript.dll
2010-04-14 01:03 . 2010-02-27 07:32 221696 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-04-14 01:03 . 2010-02-27 07:32 95744 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2010-04-14 01:03 . 2010-02-27 07:32 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-04-13 21:10 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2010-04-13 21:10 . 2009-12-29 06:55 172032 ----a-w- c:\windows\system32\wintrust.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-08 23:07 . 2010-02-23 04:59 -------- d-----w- c:\users\ROBIN\AppData\Roaming\vlc
2010-05-08 23:07 . 2009-11-18 07:19 -------- d-----w- c:\program files\Microsoft Works
2010-05-08 23:06 . 2009-11-18 07:45 -------- d-----w- c:\programdata\Hewlett-Packard
2010-05-08 23:06 . 2010-04-21 00:17 -------- d-----w- c:\program files\Canon
2010-05-07 02:41 . 2010-02-26 22:47 -------- d-----w- c:\programdata\Recovery
2010-05-05 16:51 . 2010-02-17 02:24 814 ----a-w- c:\users\ROBIN\AppData\Roaming\wklnhst.dat
2010-04-21 16:56 . 2010-02-23 05:36 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-04-16 01:26 . 2010-02-23 03:44 604416 ----a-w- c:\windows\system32\TUProgSt.exe
2010-04-16 01:25 . 2010-02-23 03:44 -------- d-----w- c:\program files\TuneUp Utilities 2009
2010-04-14 03:26 . 2009-11-18 07:31 -------- d-----w- c:\programdata\Microsoft Help
2010-04-07 15:54 . 2010-04-07 15:54 4255072 ----a-w- c:\programdata\avg9\update\backup\avgcorex.dll
2010-04-03 21:49 . 2010-04-03 21:46 -------- d-----w- c:\users\ROBIN\AppData\Roaming\Yahoo!
2010-04-03 21:46 . 2010-04-03 21:46 -------- d-----w- c:\programdata\Yahoo! Companion
2010-04-03 21:46 . 2010-04-03 21:45 -------- d-----w- c:\programdata\Yahoo!
2010-04-03 21:46 . 2010-04-03 21:41 -------- d-----w- c:\program files\Yahoo!
2010-04-01 16:46 . 2010-04-01 16:46 1035032 ----a-w- c:\programdata\avg9\update\backup\avgupd.exe
2010-03-28 02:02 . 2010-03-26 18:28 -------- d-----w- c:\users\ROBIN\AppData\Roaming\HP Support Assistant
2010-03-28 02:02 . 2010-02-12 01:19 -------- d-----w- c:\users\ROBIN\AppData\Roaming\HpUpdate
2010-03-26 18:39 . 2009-11-18 06:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-26 18:35 . 2009-11-18 06:33 -------- d-----w- c:\program files\Hewlett-Packard
2010-03-26 18:33 . 2010-03-26 18:33 -------- d-----w- c:\programdata\{657095DF-DBDB-4B17-8245-B38845C97069}
2010-03-26 18:32 . 2010-02-12 01:11 80944 ----a-w- c:\users\ROBIN\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-26 00:14 . 2009-11-18 08:06 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-25 06:29 . 2010-03-25 06:29 -------- d-----w- c:\programdata\Office Genuine Advantage
2010-03-23 13:34 . 2010-03-23 13:34 -------- d-----w- c:\users\ROBIN\AppData\Roaming\CyberLink
2010-03-13 00:08 . 2010-03-13 00:08 -------- d-----w- c:\users\ROBIN\AppData\Roaming\AVG9
2010-03-09 21:09 . 2010-03-09 21:09 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-03-09 21:09 . 2010-02-23 05:35 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-03-09 21:09 . 2010-02-23 05:36 25096 ----a-w- c:\windows\system32\drivers\AVGIDSwx.sys
2010-03-09 21:09 . 2010-02-23 05:35 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-03-09 21:09 . 2010-02-23 05:36 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2010-03-04 22:06 . 2010-03-26 18:31 1125640 ----a-w- c:\programdata\Hewlett-Packard\HPSAUpgrade\HpSAUpgrade.exe
2010-02-23 07:56 . 2010-03-30 17:47 977920 ----a-w- c:\windows\system32\wininet.dll
2010-02-23 05:35 . 2010-02-23 05:35 24856 ----a-w- c:\windows\system32\drivers\avgfwd6x.sys
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2009-10-29 01:18 661504 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2009-10-29 01:18 661504 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2009-10-29 01:18 661504 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2009-10-29 01:18 661504 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2009-10-29 01:18 661504 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ShellExt.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-02-13 39408]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-03-20 5248312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"IJNetworkScanUtility"="c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2009-05-20 136544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
c:\users\ROBIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-04-04 05:42 36272 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG9_TRAY]
2010-04-21 16:56 2064736 ----a-w- c:\progra~1\AVG\AVG9\avgtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-10-16 04:21 173592 ----a-w- c:\windows\System32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP]
2009-07-14 11:54 589104 ----a-w- c:\program files\Hewlett-Packard\HP QuickSync\QuickSync.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2008-12-08 22:50 54576 ----a-w- c:\program files\Hp\HP Software Update\hpwuschd2.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2009-06-05 03:03 186904 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-10-16 04:21 141848 ----a-w- c:\windows\System32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-10-16 04:21 150552 ----a-w- c:\windows\System32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-08-20 18:46 322104 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-07-14 01:14 1173504 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Simplify Media]
2009-10-23 19:56 21498376 ----a-w- c:\program files\Hp\HP MediaStream\HPMediaStream.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-11-18 09:16 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-02-13 02:56 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2009-11-03 18:57 1594664 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SysTrayApp]
2009-10-12 06:51 495708 ----a-w- c:\program files\IDT\WDM\sttray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant]
2009-09-01 18:41 499768 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZumoDrive]
2010-02-12 01:01 2038 ----a-w- c:\program files\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2010-03-09 216200]
R1 DVMIO;DVMIO;c:\splash.sys\config\dvmio.sys [2009-09-30 17624]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_5576240ee6baaa25\aestsrv.exe [2009-03-02 81920]
R2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-03-09 916760]
R2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-09 308064]
R2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [2010-03-09 2325816]
R2 AVGIDSAgent;AVG9IDSAgent;c:\program files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe AVGIDSAgent [x]
R2 DvmMDES;DeviceVM Meta Data Export Service;c:\splash.sys\config\DVMExportService.exe [2009-07-09 323584]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-13 135664]
R3 AVGIDSDriverw7x;AVG9IDSDriver;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys [2010-03-09 122376]
R3 AVGIDSFilterw7x;AVG9IDSFilter;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys [2010-03-09 30216]
R3 AVGIDSShimw7x;AVG9IDSShim;c:\program files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys [2010-03-09 20488]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 rcmirror;rcmirror;c:\windows\system32\DRIVERS\rcmirror.sys [2008-10-08 3328]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-09-02 174592]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-10-02 204288]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
S0 AVGIDSErHrw7x;AVG9IDSErHr;c:\windows\System32\Drivers\AVGIDSwx.sys [2010-03-09 25096]
S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [2010-03-09 52872]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2010-02-23 24856]
S1 AvgTdiX;AVG Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2010-04-21 242896]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
2010-04-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-13 02:57]
2010-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-13 02:57]
2010-04-19 c:\windows\Tasks\HPCeeScheduleForROBIN.job
- c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 12:22]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.yahoo.commStart Page =
hxxp://www.yahoo.comIE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
FF - ProfilePath - c:\users\ROBIN\AppData\Roaming\Mozilla\Firefox\Profiles\tmfd1frg.default\
FF - prefs.js: browser.search.defaulturl -
hxxp://search.yahoo.com/search?fr=ffsp1&p=FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage -
hxxp://www.yahoo.comFF - prefs.js: keyword.URL -
hxxp://search.yahoo.com/search?fr=ffds1&p=FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - truec:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
HKLM-RunOnce-
- (no file)
MSConfigStartUp-Sprint SmartView - c:\program files\Sprint\Sprint SmartView\SprintSV.exe
AddRemove-{495A8A3C-8FD0-4C46-9979-95C26181A1AB} - c:\program files\InstallShield Installation Information\{495A8A3C-8FD0-4C46-9979-95C26181A1AB}\setup.exe
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-05-08 15:43:16
ComboFix-quarantined-files.txt 2010-05-08 22:43
Pre-Run: 112,995,975,168 bytes free
Post-Run: 112,673,005,568 bytes free
- - End Of File - - FA9CD23C8375572D5BA970D1DBA85C12