My PC is slower than its specs
- Thread starter Hendrix14
- Start date
Bump! Is combofix safe? the log:
ComboFix 09-08-01.06 - Administrator 02/08/2009 16:59:20.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.1023.525 [GMT 3:00]
Running from: D:\Users\Administrator\Desktop\Firefox Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090801-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\Users\Administrator\Local Settings\Temporary Internet Files\ijjistarter_verinfo.dat
.
((((((((((((((((((((((((( Files Created from 2009-07-02 to 2009-08-02 )))))))))))))))))))))))))))))))
.
2009-08-02 13:53:23 . 2009-08-02 13:53:24 0 d-----w- D:\Users\All Users\Application Data\SITEguard
2009-08-02 13:51:49 . 2009-08-02 13:51:52 0 d-----w- D:\Program Files\STOPzilla!
2009-08-02 13:51:47 . 2009-08-02 13:51:47 0 d-----w- D:\Program Files\Common Files\iS3
2009-08-02 13:51:45 . 2009-08-02 13:55:34 0 d-----w- D:\Users\All Users\Application Data\STOPzilla!
2009-08-01 12:38:16 . 2009-08-01 12:38:16 0 d-----w- D:\WINDOWS\5888428E699C4E71BF7194EE06B497DA.TMP
2009-08-01 10:51:15 . 2009-08-01 12:22:12 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\mIRC
2009-08-01 10:51:14 . 2009-08-01 12:18:24 0 d-----w- D:\Program Files\mIRC
2009-08-01 07:11:02 . 1998-06-10 10:07:10 1053184 ----a-w- D:\WINDOWS\system32\SierraNW.dll
2009-08-01 07:11:02 . 1998-06-10 10:05:42 231936 ----a-w- D:\WINDOWS\system32\SNWValid.dll
2009-08-01 07:11:00 . 2009-08-01 07:11:00 0 d-----w- D:\WINDOWS\solcache
2009-08-01 07:09:39 . 2009-08-02 13:21:59 0 d-----w- D:\Program Files\Sierra On-Line
2009-08-01 07:09:27 . 1998-01-23 09:20:34 305664 ----a-w- D:\WINDOWS\IsUn0407.exe
2009-08-01 07:09:13 . 2009-08-01 07:09:13 0 d-----w- D:\Users\Administrator\WINDOWS
2009-08-01 07:04:33 . 2009-08-01 07:04:35 0 d-----w- D:\Program Files\PowerISO
2009-08-01 04:22:54 . 2009-08-01 04:24:39 0 d-----w- D:\Program Files\SHOUTcast
2009-08-01 04:05:45 . 2009-08-01 04:05:45 0 d-----w- D:\Program Files\uTorrent
2009-08-01 04:05:32 . 2009-08-01 13:12:55 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\uTorrent
2009-08-01 04:01:47 . 2009-08-01 12:45:40 0 d-----w- D:\Program Files\SpacialAudio
2009-08-01 04:01:43 . 2007-10-16 07:07:34 442368 ----a-w- D:\WINDOWS\system32\GDS32.DLL
2009-08-01 04:01:34 . 2005-09-22 21:05:58 626688 ----a-w- D:\WINDOWS\system32\msvcr80.dll
2009-08-01 04:01:34 . 2005-09-22 21:05:58 548864 ----a-w- D:\WINDOWS\system32\msvcp80.dll
2009-08-01 04:01:25 . 2009-08-01 04:01:25 0 d-----w- D:\Program Files\Firebird
2009-08-01 00:46:00 . 2009-04-28 20:20:06 9072 ------w- D:\WINDOWS\system32\drivers\cdr4_xp.sys
2009-08-01 00:46:00 . 2009-04-28 20:20:06 44944 ------w- D:\WINDOWS\system32\drivers\PxHelp20.sys
2009-08-01 00:18:31 . 2009-08-01 00:18:32 0 d-----w- D:\Program Files\Microsoft Works
2009-08-01 00:12:11 . 2009-08-01 00:17:36 0 d-----w- D:\WINDOWS\SHELLNEW
2009-08-01 00:11:47 . 2009-08-01 00:11:47 0 d-----w- D:\Users\Administrator\Local Settings\Application Data\Microsoft Help
2009-08-01 00:11:28 . 2009-08-01 00:20:52 0 d-----w- D:\Users\All Users\Application Data\Microsoft Help
2009-08-01 00:10:55 . 2009-08-01 00:10:55 0 d--h--r- D:\MSOCache
2009-08-01 00:03:22 . 2009-08-01 00:24:17 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\GetRightToGo
2009-07-31 06:39:07 . 2009-07-31 06:39:07 23 --sha-w- D:\WINDOWS\system32\abedaebd.dat
2009-07-31 06:38:50 . 2009-07-31 06:39:04 0 d-----w- D:\Program Files\jv16 PowerTools 2009
2009-07-31 06:25:43 . 2009-06-01 06:25:45 32 ----a-r- D:\Users\Administrator\hash.dat
2009-07-31 06:23:51 . 2009-07-31 06:23:51 0 d-----w- D:\Users\Administrator\.narya
2009-07-31 06:18:49 . 2009-07-31 06:18:49 0 d-----w- D:\Program Files\Three Rings Design
2009-07-29 11:35:40 . 2009-07-29 11:35:40 0 d-----w- D:\Users\All Users\Application Data\NVIDIA
2009-07-27 10:27:23 . 2009-07-27 10:27:46 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\gtk-2.0
2009-07-27 10:27:23 . 2009-07-27 10:27:23 0 d-----w- D:\Users\Administrator\.thumbnails
2009-07-27 10:10:42 . 2009-07-27 10:27:52 0 d-----w- D:\Users\Administrator\.gimp-2.6
2009-07-27 10:10:38 . 2009-07-27 10:10:41 0 d-----w- D:\Users\Administrator\.gegl-0.0
2009-07-27 10:07:55 . 2009-07-27 10:08:06 0 d-----w- D:\Program Files\GIMP-2.0
2009-07-27 07:55:53 . 2009-07-27 08:09:08 0 d-----w- D:\Program Files\DarKGunZ
2009-07-26 15:55:44 . 2009-07-26 15:55:44 0 d-----w- D:\WINDOWS\Sun
2009-07-26 15:55:22 . 2009-07-26 15:54:59 410984 ----a-w- D:\WINDOWS\system32\deploytk.dll
2009-07-26 15:54:54 . 2009-07-26 15:54:54 0 d-----w- D:\Program Files\Java
2009-07-26 15:54:35 . 2009-07-26 15:54:35 0 d-----w- D:\Users\All Users\Application Data\McAfee
2009-07-25 18:47:09 . 2009-07-25 18:47:09 0 d-----w- D:\Program Files\Trend Micro
2009-07-25 14:51:18 . 2009-07-25 14:51:18 98304 ----a-w- D:\WINDOWS\system32\qttask.exe
2009-07-25 14:48:58 . 2004-10-30 12:39:52 761856 ----a-w- D:\WINDOWS\system32\xvidcore.dll
2009-07-25 14:48:47 . 2009-07-25 14:50:00 0 d-----w- D:\Program Files\ACE Mega CoDecS Pack
2009-07-25 03:50:24 . 2009-07-25 03:50:24 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\Malwarebytes
2009-07-25 03:50:18 . 2009-07-13 10:36:34 38160 ----a-w- D:\WINDOWS\system32\drivers\mbamswissarmy.sys
2009-07-25 03:50:14 . 2009-07-25 03:50:22 0 d-----w- D:\Program Files\Malwarebytes' Anti-Malware
2009-07-25 03:50:14 . 2009-07-25 03:50:14 0 d-----w- D:\Users\All Users\Application Data\Malwarebytes
2009-07-25 03:50:14 . 2009-07-13 10:36:12 19096 ----a-w- D:\WINDOWS\system32\drivers\mbam.sys
2009-07-24 12:16:28 . 2009-07-24 12:16:59 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\Canon
2009-07-24 12:16:20 . 2006-03-29 05:05:20 32768 ------w- D:\WINDOWS\system32\IJRMF.exe
2009-07-24 12:15:48 . 2008-04-13 10:17:38 25856 ----a-w- D:\WINDOWS\system32\drivers\usbprint.sys
2009-07-24 12:15:33 . 2008-04-13 10:15:36 15104 ----a-w- D:\WINDOWS\system32\drivers\usbscan.sys
2009-07-24 12:15:23 . 2008-04-13 10:15:40 32128 ----a-w- D:\WINDOWS\system32\drivers\usbccgp.sys
2009-07-24 12:09:32 . 1995-08-01 01:44:46 212480 ----a-w- D:\WINDOWS\PCDLIB32.DLL
2009-07-24 12:09:31 . 2009-07-24 12:09:31 0 d-----w- D:\Program Files\ArcSoft
2009-07-24 12:08:31 . 1998-10-29 13:45:06 306688 ----a-w- D:\WINDOWS\IsUninst.exe
2009-07-24 11:43:19 . 2009-07-24 11:43:19 0 d-----w- D:\Users\All Users\Application Data\InstallShield
2009-07-24 11:43:18 . 2009-07-24 11:43:18 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\ScanSoft
2009-07-24 11:43:11 . 2009-07-24 11:43:20 0 d-----w- D:\Users\All Users\Application Data\ScanSoft
2009-07-24 11:43:11 . 2009-07-24 11:43:11 0 d-----w- D:\Program Files\Common Files\ScanSoft Shared
2009-07-24 11:42:47 . 2009-07-24 11:42:47 0 d-----w- D:\Program Files\ScanSoft
2009-07-24 11:19:08 . 2009-07-24 11:19:08 0 d--h--w- D:\Users\All Users\Application Data\CanonBJ
2009-07-24 11:19:02 . 2006-03-26 20:00:00 161792 ----a-w- D:\WINDOWS\system32\CNMLM83.DLL
2009-07-24 11:18:58 . 2009-07-24 11:18:58 0 d--h--w- D:\WINDOWS\system32\CanonIJ Uninstaller Information
2009-07-24 11:18:48 . 2006-02-17 06:44:46 106496 ----a-w- D:\WINDOWS\system32\cnco160.dll
2009-07-24 11:18:47 . 2006-03-24 06:29:44 135168 ----a-w- D:\WINDOWS\system32\CNCL160.DLL
2009-07-24 11:18:47 . 2006-03-15 06:27:00 57344 ----a-w- D:\WINDOWS\system32\CNCI160.DLL
2009-07-24 11:18:47 . 2006-03-15 06:27:00 1134592 ----a-w- D:\WINDOWS\system32\CNCC160.DLL
2009-07-24 11:18:39 . 2009-07-24 11:18:39 0 d--h--w- D:\Program Files\CanonBJ
2009-07-24 11:17:49 . 2009-07-24 12:08:35 0 d-----w- D:\Program Files\Canon
2009-07-24 11:14:50 . 2009-07-24 11:14:58 0 d-----w- D:\Program Files\RocketDock
2009-07-24 11:02:41 . 2009-07-24 11:02:41 0 d-----w- D:\Program Files\IObit
2009-07-23 14:32:17 . 2003-06-25 13:05:08 266360 ----a-w- D:\WINDOWS\system32\TweakUI.exe
2009-07-23 10:42:15 . 2008-05-29 06:28:54 28416 ----a-w- D:\WINDOWS\system32\uxtuneup.dll
2009-07-23 10:42:14 . 2009-07-23 10:42:14 355584 ----a-w- D:\WINDOWS\system32\TuneUpDefragService.exe
2009-07-23 10:42:14 . 2009-07-23 10:42:14 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\TuneUp Software
2009-07-23 10:41:56 . 2009-07-23 10:41:56 0 d-----w- D:\Users\All Users\Application Data\TuneUp Software
2009-07-23 10:41:45 . 2009-07-23 10:42:09 0 d-----w- D:\Program Files\TuneUp Utilities 2008
2009-07-23 10:41:19 . 2009-07-23 10:41:19 0 d-----w- D:\Program Files\Common Files\Wise Installation Wizard
2009-07-23 08:21:04 . 2009-07-23 08:21:05 0 d-----w- D:\Program Files\HD Tune
2009-07-23 06:34:12 . 2009-07-03 14:49:07 15688 ----a-w- D:\WINDOWS\system32\lsdelete.exe
2009-07-23 06:28:42 . 2009-07-23 06:28:42 0 dc----w- D:\WINDOWS\system32\DRVSTORE
2009-07-23 06:28:42 . 2009-07-03 14:49:08 64160 ----a-w- D:\WINDOWS\system32\drivers\Lbd.sys
2009-07-23 06:28:23 . 2009-07-23 06:28:23 0 dc-h--w- D:\Users\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-07-23 06:28:23 . 2009-07-08 17:28:49 2920112 -c--a-w- D:\Users\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe
2009-07-23 06:28:17 . 2009-07-23 06:28:40 0 d-----w- D:\Users\All Users\Application Data\Lavasoft
2009-07-23 06:28:17 . 2009-07-23 06:28:17 0 d-----w- D:\Program Files\Lavasoft
2009-07-22 12:38:15 . 2009-07-22 12:38:29 0 d-----w- D:\Program Files\CCleaner
2009-07-22 06:54:55 . 2009-07-22 06:54:55 0 d-----w- D:\Users\Administrator\Local Settings\Application Data\Yahoo
2009-07-22 06:52:33 . 2009-07-25 12:53:26 0 d-----w- D:\Users\All Users\Application Data\Yahoo! Companion
2009-07-22 06:52:33 . 2009-07-22 06:53:02 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\Yahoo!
2009-07-22 06:51:25 . 2009-07-22 06:54:55 0 d-----w- D:\Users\All Users\Application Data\Yahoo!
2009-07-22 06:51:25 . 2009-05-26 16:50:14 607472 ----a-w- D:\Users\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2009-07-22 06:51:18 . 2009-07-22 06:52:57 0 d-----w- D:\Program Files\Yahoo!
2009-07-22 03:42:44 . 2009-07-22 03:42:44 16520 ----a-w- D:\Users\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-22 03:41:55 . 2005-01-01 09:43:08 4682 ----a-w- D:\WINDOWS\system32\npptNT2.sys
2009-07-22 03:41:47 . 2009-07-22 03:41:47 0 d-----w- D:\Program Files\Common Files\INCA Shared
2009-07-22 03:35:44 . 2009-07-22 03:40:01 0 d--h--w- D:\Users\ADMINI~1\APPLIC~1\ijjigame
2009-07-22 03:35:04 . 2009-06-03 14:48:58 779720 ----a-w- D:\Users\All Users\Application Data\ijjigame\PurpleBean.exe
2009-07-22 03:35:04 . 2009-05-27 15:08:10 591320 ----a-w- D:\Users\All Users\Application Data\ijjigame\ExLauncher.exe
2009-07-22 03:35:04 . 2008-08-20 07:46:08 632280 ----a-w- D:\Users\All Users\Application Data\ijjigame\PLauncher.exe
2009-07-22 03:35:03 . 2008-09-04 13:34:38 112048 ----a-w- D:\Users\All Users\Application Data\ijjigame\ijjiPrePLauncher.exe
2009-07-22 03:35:03 . 2008-08-28 09:50:52 480688 ----a-w- D:\Users\All Users\Application Data\ijjigame\ijjistarter2FxB.exe
2009-07-22 03:35:03 . 2008-08-28 09:50:48 83376 ----a-w- D:\Users\All Users\Application Data\ijjigame\ijjiPreStarter2FxB.exe
2009-07-22 03:35:03 . 2008-08-28 09:50:46 79280 ----a-w- D:\Users\All Users\Application Data\ijjigame\ijjiPreNotify2FxB.exe
2009-07-22 03:35:03 . 2008-08-28 09:50:42 50608 ----a-w- D:\Users\All Users\Application Data\ijjigame\ijjiNotify2FxB.exe
2009-07-22 03:35:02 . 2009-07-22 03:35:05 0 d-----w- D:\Users\All Users\Application Data\ijjigame
2009-07-22 03:33:04 . 2008-06-11 20:01:48 58800 ----a-w- D:\WINDOWS\system32\ijjiPlugin2.dll
2009-07-22 03:33:04 . 2008-04-23 11:02:12 157152 ----a-w- D:\WINDOWS\system32\PubPlugin.dll
2009-07-22 03:33:03 . 2009-07-22 03:33:03 0 d-----w- D:\Program Files\NHN USA
2009-07-22 03:33:03 . 2009-05-26 14:31:26 58800 ----a-w- D:\WINDOWS\system32\ijjiProcessRestarter.exe
2009-07-22 03:33:03 . 2009-05-12 17:48:28 710064 ----a-w- D:\WINDOWS\system32\ijjiSetup.exe
2009-07-22 01:24:17 . 2009-07-22 01:24:17 0 ----a-w- D:\WINDOWS\nsreg.dat
2009-07-22 01:24:14 . 2009-07-22 01:24:14 0 d-----w- D:\Users\Administrator\Local Settings\Application Data\Mozilla
2009-07-21 21:20:58 . 2001-08-17 02:59:44 3072 ----a-w- D:\WINDOWS\system32\drivers\audstub.sys
2009-07-21 21:19:59 . 2008-04-13 13:10:28 57600 ----a-w- D:\WINDOWS\system32\drivers\redbook.sys
2009-07-21 21:17:41 . 2001-08-17 01:13:08 27165 ----a-w- D:\WINDOWS\system32\drivers\fetnd5.sys
2009-07-21 21:17:36 . 2008-04-13 18:42:10 81920 ----a-w- D:\WINDOWS\system32\usbui.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-02 13:54:43 . 2009-08-02 13:54:43 224 ----a-w- D:\WINDOWS\system32\drivers\kgpcpy.cfg
2009-08-01 12:47:34 . 2009-08-01 00:45:49 0 d-----w- D:\Program Files\Winamp
2009-08-01 04:54:08 . 2009-08-01 00:45:49 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\Winamp
2009-07-27 10:50:22 . 2009-07-21 11:29:06 86327 ----a-w- D:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
2009-07-24 12:09:31 . 2009-07-21 18:46:39 0 d--h--w- D:\Program Files\InstallShield Installation Information
2009-07-24 12:09:19 . 2009-07-21 11:43:51 0 d-----w- D:\Program Files\Common Files\InstallShield
2009-07-21 18:54:00 . 2009-07-21 18:53:19 0 d-----w- D:\Program Files\VIA
2009-07-21 18:48:29 . 2009-07-21 18:48:29 0 d-----w- D:\Program Files\Alwil Software
2009-07-21 18:46:49 . 2009-07-21 18:46:49 0 d-----w- D:\Program Files\My Company Name
2009-07-21 11:32:06 . 2009-07-21 11:32:06 0 d-----w- D:\Program Files\Windows Sidebar
2009-07-21 11:31:32 . 2009-07-21 11:31:32 0 d-----w- D:\Program Files\Alky for Applications
2009-07-21 11:24:12 . 2009-07-21 11:24:12 21640 ----a-w- D:\WINDOWS\system32\emptyregdb.dat
2009-07-21 11:23:35 . 2009-07-21 11:23:32 0 d-----w- D:\Program Files\Windows Media Connect 2
2009-07-20 11:57:28 . 2009-07-20 11:57:28 17408 ----a-r- D:\WINDOWS\system32\SZIO5.dll
2009-07-20 11:56:28 . 2009-07-20 11:56:28 311296 ----a-r- D:\WINDOWS\system32\SZBase5.dll
2009-07-20 11:56:04 . 2009-07-20 11:56:04 540672 ----a-r- D:\WINDOWS\system32\SZComp5.dll
2009-07-09 12:52:32 . 2009-07-09 12:52:32 126976 ----a-r- D:\WINDOWS\system32\IS3HTUI5.dll
2009-07-09 12:52:22 . 2009-07-09 12:52:22 393216 ----a-r- D:\WINDOWS\system32\IS3DBA5.dll
2009-07-09 12:51:40 . 2009-07-09 12:51:40 385024 ----a-r- D:\WINDOWS\system32\IS3UI5.dll
2009-07-09 12:51:24 . 2009-07-09 12:51:24 61440 ----a-r- D:\WINDOWS\system32\IS3Hks5.dll
2009-07-09 12:51:06 . 2009-07-09 12:51:06 23040 ----a-r- D:\WINDOWS\system32\IS3XDat5.dll
2009-07-09 12:50:48 . 2009-07-09 12:50:48 225280 ----a-r- D:\WINDOWS\system32\IS3Win325.dll
2009-07-09 12:50:28 . 2009-07-09 12:50:28 94208 ----a-r- D:\WINDOWS\system32\IS3Inet5.dll
2009-07-09 12:50:16 . 2009-07-09 12:50:16 90112 ----a-r- D:\WINDOWS\system32\IS3Svc5.dll
2009-07-09 12:47:06 . 2009-07-09 12:47:06 724992 ----a-r- D:\WINDOWS\system32\IS3Base5.dll
2009-05-12 11:13:12 . 2009-05-12 11:13:12 61328 ----a-r- D:\WINDOWS\system32\drivers\SZKG.sys
2009-07-15 21:41:54 . 2009-07-22 01:24:10 137208 ----a-w- D:\Program Files\mozilla firefox\components\brwsrcmp.dll
.
------- Sigcheck -------
[-] 2009-03-08 09:12:20 575488 99C1ACB1B8F0F2CECC56515E502B5120 D:\WINDOWS\system32\user32.dll
[-] 2009-03-08 09:12:29 884224 E7552D59A876B0E6919F05E500937993 D:\WINDOWS\system32\wininet.dll
[-] 2009-03-08 09:04:23 361600 FF267FF1D773BEA5522295E3A79701E9 D:\WINDOWS\system32\drivers\tcpip.sys
[-] 2009-03-08 09:12:29 568832 3D1ABDC3009D6B7CA7F9E66769C126CA D:\WINDOWS\system32\winlogon.exe
[-] 2009-03-08 09:16:44 2185216 BEC5D7EF52E385F457E7C20EDBB1C5E7 D:\WINDOWS\system32\ntkrnlpa.exe
[-] 2008-11-18 00:45:41 2292224 CCF64982AD1B27461A5B85401657B29A D:\WINDOWS\system32\ntoskrnl.exe
[-] 2009-03-08 09:10:05 1723904 E1F5F729264C8AF1D6A95ECD1C8086DD D:\WINDOWS\explorer.exe
[-] 2009-03-08 09:09:56 37376 CBF5945651C96E471B3A004BBDC36864 D:\WINDOWS\system32\ctfmon.exe
[-] 2009-03-08 09:10:54 3736576 0797D8DAD6DD09CF7437C4F3132E82A6 D:\WINDOWS\system32\mshtml.dll
[-] 2009-03-08 09:09:52 1443840 403EBA8EE2967BA93E07138400972EE3 D:\WINDOWS\system32\comres.dll
[-] 2009-03-08 09:09:48 652800 EA032FC150B9C6276C98EB3DED3B75C6 D:\WINDOWS\system32\comctl32.dll
[7] 2009-03-08 09:08:13 921088 AEF3D788DBF40C7C4D204EA45EB0C505 D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2009-03-08 09:08:12 1054208 BD38D1EBE24A46BD3EDA059560AFBA12 D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\ctfmon.exe" [2009-03-08 09:09:56 37376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="D:\WINDOWS\system32\NvCpl.dll" [2006-06-01 09:22:00 7618560]
"avast!"="D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 20:08:45 81000]
"SSBkgdUpdate"="D:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 21:14:58 155648]
"OpwareSE4"="D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 10:19:40 69632]
"MSConfig"="D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2009-03-08 09:10:48 191488]
"QuickTime Task"="D:\WINDOWS\system32\qttask.exe" [2009-07-25 14:51:18 98304]
"SunJavaUpdateSched"="D:\Program Files\Java\jre6\bin\jusched.exe" [2009-07-26 15:55:01 148888]
"PWRISOVM.EXE"="D:\Program Files\PowerISO\PWRISOVM.EXE" [2009-03-15 10:15:16 180224]
"nwiz"="nwiz.exe" - D:\WINDOWS\system32\nwiz.exe [2006-06-01 09:22:00 1519616]
"NvMediaCenter"="NvMCTray.dll" - D:\WINDOWS\system32\nvmctray.dll [2006-06-01 09:22:00 86016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2009-03-08 09:09:56 37376]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" - D:\WINDOWS\system32\advpack.dll [2009-03-08 09:03:36 124928]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\ijji\\ENGLISH\\u_gunz.exe"=
"C:\\ijji\\ENGLISH\\Gunz\\Gunz.exe"=
"D:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"D:\\Program Files\\DarKGunZ\\Gunz.exe"=
"D:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"D:\\Program Files\\uTorrent\\uTorrent.exe"=
"D:\\Program Files\\SHOUTcast\\sc_serv.exe"=
"D:\\Program Files\\mIRC\\mirc.exe"=
R0 Lbd;Lbd;D:\WINDOWS\system32\drivers\Lbd.sys [23/07/2009 9:28:42 AM 64160]
R0 szkg5;szkg;D:\WINDOWS\system32\drivers\SZKG.sys [12/05/2009 2:13:12 PM 61328]
R1 aswSP;avast! Self Protection;D:\WINDOWS\system32\drivers\aswSP.sys [21/07/2009 9:49:20 PM 114768]
R2 aswFsBlk;aswFsBlk;D:\WINDOWS\system32\drivers\aswFsBlk.sys [21/07/2009 9:49:20 PM 20560]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;D:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -s DefaultInstance --> D:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -s DefaultInstance [?]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;D:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance --> D:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance [?]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [3/07/2009 5:49:06 PM 1029456]
S3 npggsvc;nProtect GameGuard Service;D:\WINDOWS\system32\GameMon.des -service --> D:\WINDOWS\system32\GameMon.des -service [?]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - SCDEMU
*NewlyCreated* - SZKG5
*NewlyCreated* - SZSERVER
*NewlyCreated* - WS2IFSL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
2009-08-02 D:\WINDOWS\Tasks\1-Click Maintenance.job
- D:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 06:09:12 . 2008-06-20 06:09:12]
2009-07-27 D:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
- D:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 14:49:06 . 2009-07-03 14:49:06]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
TCP: {D0880D54-E39F-431F-AE20-DB26101D0F0A} = 193.231.252.1 213.154.124.1
FF - ProfilePath - D:\Users\ADMINI~1\APPLIC~1\Mozilla\Firefox\Profiles\2due3c2t.default\
FF - plugin: D:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll
FF - plugin: D:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll
FF - plugin: D:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: D:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - trueD:\Program Files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
D:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
D:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.
ComboFix 09-08-01.06 - Administrator 02/08/2009 16:59:20.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.61.1033.18.1023.525 [GMT 3:00]
Running from: D:\Users\Administrator\Desktop\Firefox Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090801-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\Users\Administrator\Local Settings\Temporary Internet Files\ijjistarter_verinfo.dat
.
((((((((((((((((((((((((( Files Created from 2009-07-02 to 2009-08-02 )))))))))))))))))))))))))))))))
.
2009-08-02 13:53:23 . 2009-08-02 13:53:24 0 d-----w- D:\Users\All Users\Application Data\SITEguard
2009-08-02 13:51:49 . 2009-08-02 13:51:52 0 d-----w- D:\Program Files\STOPzilla!
2009-08-02 13:51:47 . 2009-08-02 13:51:47 0 d-----w- D:\Program Files\Common Files\iS3
2009-08-02 13:51:45 . 2009-08-02 13:55:34 0 d-----w- D:\Users\All Users\Application Data\STOPzilla!
2009-08-01 12:38:16 . 2009-08-01 12:38:16 0 d-----w- D:\WINDOWS\5888428E699C4E71BF7194EE06B497DA.TMP
2009-08-01 10:51:15 . 2009-08-01 12:22:12 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\mIRC
2009-08-01 10:51:14 . 2009-08-01 12:18:24 0 d-----w- D:\Program Files\mIRC
2009-08-01 07:11:02 . 1998-06-10 10:07:10 1053184 ----a-w- D:\WINDOWS\system32\SierraNW.dll
2009-08-01 07:11:02 . 1998-06-10 10:05:42 231936 ----a-w- D:\WINDOWS\system32\SNWValid.dll
2009-08-01 07:11:00 . 2009-08-01 07:11:00 0 d-----w- D:\WINDOWS\solcache
2009-08-01 07:09:39 . 2009-08-02 13:21:59 0 d-----w- D:\Program Files\Sierra On-Line
2009-08-01 07:09:27 . 1998-01-23 09:20:34 305664 ----a-w- D:\WINDOWS\IsUn0407.exe
2009-08-01 07:09:13 . 2009-08-01 07:09:13 0 d-----w- D:\Users\Administrator\WINDOWS
2009-08-01 07:04:33 . 2009-08-01 07:04:35 0 d-----w- D:\Program Files\PowerISO
2009-08-01 04:22:54 . 2009-08-01 04:24:39 0 d-----w- D:\Program Files\SHOUTcast
2009-08-01 04:05:45 . 2009-08-01 04:05:45 0 d-----w- D:\Program Files\uTorrent
2009-08-01 04:05:32 . 2009-08-01 13:12:55 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\uTorrent
2009-08-01 04:01:47 . 2009-08-01 12:45:40 0 d-----w- D:\Program Files\SpacialAudio
2009-08-01 04:01:43 . 2007-10-16 07:07:34 442368 ----a-w- D:\WINDOWS\system32\GDS32.DLL
2009-08-01 04:01:34 . 2005-09-22 21:05:58 626688 ----a-w- D:\WINDOWS\system32\msvcr80.dll
2009-08-01 04:01:34 . 2005-09-22 21:05:58 548864 ----a-w- D:\WINDOWS\system32\msvcp80.dll
2009-08-01 04:01:25 . 2009-08-01 04:01:25 0 d-----w- D:\Program Files\Firebird
2009-08-01 00:46:00 . 2009-04-28 20:20:06 9072 ------w- D:\WINDOWS\system32\drivers\cdr4_xp.sys
2009-08-01 00:46:00 . 2009-04-28 20:20:06 44944 ------w- D:\WINDOWS\system32\drivers\PxHelp20.sys
2009-08-01 00:18:31 . 2009-08-01 00:18:32 0 d-----w- D:\Program Files\Microsoft Works
2009-08-01 00:12:11 . 2009-08-01 00:17:36 0 d-----w- D:\WINDOWS\SHELLNEW
2009-08-01 00:11:47 . 2009-08-01 00:11:47 0 d-----w- D:\Users\Administrator\Local Settings\Application Data\Microsoft Help
2009-08-01 00:11:28 . 2009-08-01 00:20:52 0 d-----w- D:\Users\All Users\Application Data\Microsoft Help
2009-08-01 00:10:55 . 2009-08-01 00:10:55 0 d--h--r- D:\MSOCache
2009-08-01 00:03:22 . 2009-08-01 00:24:17 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\GetRightToGo
2009-07-31 06:39:07 . 2009-07-31 06:39:07 23 --sha-w- D:\WINDOWS\system32\abedaebd.dat
2009-07-31 06:38:50 . 2009-07-31 06:39:04 0 d-----w- D:\Program Files\jv16 PowerTools 2009
2009-07-31 06:25:43 . 2009-06-01 06:25:45 32 ----a-r- D:\Users\Administrator\hash.dat
2009-07-31 06:23:51 . 2009-07-31 06:23:51 0 d-----w- D:\Users\Administrator\.narya
2009-07-31 06:18:49 . 2009-07-31 06:18:49 0 d-----w- D:\Program Files\Three Rings Design
2009-07-29 11:35:40 . 2009-07-29 11:35:40 0 d-----w- D:\Users\All Users\Application Data\NVIDIA
2009-07-27 10:27:23 . 2009-07-27 10:27:46 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\gtk-2.0
2009-07-27 10:27:23 . 2009-07-27 10:27:23 0 d-----w- D:\Users\Administrator\.thumbnails
2009-07-27 10:10:42 . 2009-07-27 10:27:52 0 d-----w- D:\Users\Administrator\.gimp-2.6
2009-07-27 10:10:38 . 2009-07-27 10:10:41 0 d-----w- D:\Users\Administrator\.gegl-0.0
2009-07-27 10:07:55 . 2009-07-27 10:08:06 0 d-----w- D:\Program Files\GIMP-2.0
2009-07-27 07:55:53 . 2009-07-27 08:09:08 0 d-----w- D:\Program Files\DarKGunZ
2009-07-26 15:55:44 . 2009-07-26 15:55:44 0 d-----w- D:\WINDOWS\Sun
2009-07-26 15:55:22 . 2009-07-26 15:54:59 410984 ----a-w- D:\WINDOWS\system32\deploytk.dll
2009-07-26 15:54:54 . 2009-07-26 15:54:54 0 d-----w- D:\Program Files\Java
2009-07-26 15:54:35 . 2009-07-26 15:54:35 0 d-----w- D:\Users\All Users\Application Data\McAfee
2009-07-25 18:47:09 . 2009-07-25 18:47:09 0 d-----w- D:\Program Files\Trend Micro
2009-07-25 14:51:18 . 2009-07-25 14:51:18 98304 ----a-w- D:\WINDOWS\system32\qttask.exe
2009-07-25 14:48:58 . 2004-10-30 12:39:52 761856 ----a-w- D:\WINDOWS\system32\xvidcore.dll
2009-07-25 14:48:47 . 2009-07-25 14:50:00 0 d-----w- D:\Program Files\ACE Mega CoDecS Pack
2009-07-25 03:50:24 . 2009-07-25 03:50:24 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\Malwarebytes
2009-07-25 03:50:18 . 2009-07-13 10:36:34 38160 ----a-w- D:\WINDOWS\system32\drivers\mbamswissarmy.sys
2009-07-25 03:50:14 . 2009-07-25 03:50:22 0 d-----w- D:\Program Files\Malwarebytes' Anti-Malware
2009-07-25 03:50:14 . 2009-07-25 03:50:14 0 d-----w- D:\Users\All Users\Application Data\Malwarebytes
2009-07-25 03:50:14 . 2009-07-13 10:36:12 19096 ----a-w- D:\WINDOWS\system32\drivers\mbam.sys
2009-07-24 12:16:28 . 2009-07-24 12:16:59 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\Canon
2009-07-24 12:16:20 . 2006-03-29 05:05:20 32768 ------w- D:\WINDOWS\system32\IJRMF.exe
2009-07-24 12:15:48 . 2008-04-13 10:17:38 25856 ----a-w- D:\WINDOWS\system32\drivers\usbprint.sys
2009-07-24 12:15:33 . 2008-04-13 10:15:36 15104 ----a-w- D:\WINDOWS\system32\drivers\usbscan.sys
2009-07-24 12:15:23 . 2008-04-13 10:15:40 32128 ----a-w- D:\WINDOWS\system32\drivers\usbccgp.sys
2009-07-24 12:09:32 . 1995-08-01 01:44:46 212480 ----a-w- D:\WINDOWS\PCDLIB32.DLL
2009-07-24 12:09:31 . 2009-07-24 12:09:31 0 d-----w- D:\Program Files\ArcSoft
2009-07-24 12:08:31 . 1998-10-29 13:45:06 306688 ----a-w- D:\WINDOWS\IsUninst.exe
2009-07-24 11:43:19 . 2009-07-24 11:43:19 0 d-----w- D:\Users\All Users\Application Data\InstallShield
2009-07-24 11:43:18 . 2009-07-24 11:43:18 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\ScanSoft
2009-07-24 11:43:11 . 2009-07-24 11:43:20 0 d-----w- D:\Users\All Users\Application Data\ScanSoft
2009-07-24 11:43:11 . 2009-07-24 11:43:11 0 d-----w- D:\Program Files\Common Files\ScanSoft Shared
2009-07-24 11:42:47 . 2009-07-24 11:42:47 0 d-----w- D:\Program Files\ScanSoft
2009-07-24 11:19:08 . 2009-07-24 11:19:08 0 d--h--w- D:\Users\All Users\Application Data\CanonBJ
2009-07-24 11:19:02 . 2006-03-26 20:00:00 161792 ----a-w- D:\WINDOWS\system32\CNMLM83.DLL
2009-07-24 11:18:58 . 2009-07-24 11:18:58 0 d--h--w- D:\WINDOWS\system32\CanonIJ Uninstaller Information
2009-07-24 11:18:48 . 2006-02-17 06:44:46 106496 ----a-w- D:\WINDOWS\system32\cnco160.dll
2009-07-24 11:18:47 . 2006-03-24 06:29:44 135168 ----a-w- D:\WINDOWS\system32\CNCL160.DLL
2009-07-24 11:18:47 . 2006-03-15 06:27:00 57344 ----a-w- D:\WINDOWS\system32\CNCI160.DLL
2009-07-24 11:18:47 . 2006-03-15 06:27:00 1134592 ----a-w- D:\WINDOWS\system32\CNCC160.DLL
2009-07-24 11:18:39 . 2009-07-24 11:18:39 0 d--h--w- D:\Program Files\CanonBJ
2009-07-24 11:17:49 . 2009-07-24 12:08:35 0 d-----w- D:\Program Files\Canon
2009-07-24 11:14:50 . 2009-07-24 11:14:58 0 d-----w- D:\Program Files\RocketDock
2009-07-24 11:02:41 . 2009-07-24 11:02:41 0 d-----w- D:\Program Files\IObit
2009-07-23 14:32:17 . 2003-06-25 13:05:08 266360 ----a-w- D:\WINDOWS\system32\TweakUI.exe
2009-07-23 10:42:15 . 2008-05-29 06:28:54 28416 ----a-w- D:\WINDOWS\system32\uxtuneup.dll
2009-07-23 10:42:14 . 2009-07-23 10:42:14 355584 ----a-w- D:\WINDOWS\system32\TuneUpDefragService.exe
2009-07-23 10:42:14 . 2009-07-23 10:42:14 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\TuneUp Software
2009-07-23 10:41:56 . 2009-07-23 10:41:56 0 d-----w- D:\Users\All Users\Application Data\TuneUp Software
2009-07-23 10:41:45 . 2009-07-23 10:42:09 0 d-----w- D:\Program Files\TuneUp Utilities 2008
2009-07-23 10:41:19 . 2009-07-23 10:41:19 0 d-----w- D:\Program Files\Common Files\Wise Installation Wizard
2009-07-23 08:21:04 . 2009-07-23 08:21:05 0 d-----w- D:\Program Files\HD Tune
2009-07-23 06:34:12 . 2009-07-03 14:49:07 15688 ----a-w- D:\WINDOWS\system32\lsdelete.exe
2009-07-23 06:28:42 . 2009-07-23 06:28:42 0 dc----w- D:\WINDOWS\system32\DRVSTORE
2009-07-23 06:28:42 . 2009-07-03 14:49:08 64160 ----a-w- D:\WINDOWS\system32\drivers\Lbd.sys
2009-07-23 06:28:23 . 2009-07-23 06:28:23 0 dc-h--w- D:\Users\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
2009-07-23 06:28:23 . 2009-07-08 17:28:49 2920112 -c--a-w- D:\Users\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe
2009-07-23 06:28:17 . 2009-07-23 06:28:40 0 d-----w- D:\Users\All Users\Application Data\Lavasoft
2009-07-23 06:28:17 . 2009-07-23 06:28:17 0 d-----w- D:\Program Files\Lavasoft
2009-07-22 12:38:15 . 2009-07-22 12:38:29 0 d-----w- D:\Program Files\CCleaner
2009-07-22 06:54:55 . 2009-07-22 06:54:55 0 d-----w- D:\Users\Administrator\Local Settings\Application Data\Yahoo
2009-07-22 06:52:33 . 2009-07-25 12:53:26 0 d-----w- D:\Users\All Users\Application Data\Yahoo! Companion
2009-07-22 06:52:33 . 2009-07-22 06:53:02 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\Yahoo!
2009-07-22 06:51:25 . 2009-07-22 06:54:55 0 d-----w- D:\Users\All Users\Application Data\Yahoo!
2009-07-22 06:51:25 . 2009-05-26 16:50:14 607472 ----a-w- D:\Users\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2009-07-22 06:51:18 . 2009-07-22 06:52:57 0 d-----w- D:\Program Files\Yahoo!
2009-07-22 03:42:44 . 2009-07-22 03:42:44 16520 ----a-w- D:\Users\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-22 03:41:55 . 2005-01-01 09:43:08 4682 ----a-w- D:\WINDOWS\system32\npptNT2.sys
2009-07-22 03:41:47 . 2009-07-22 03:41:47 0 d-----w- D:\Program Files\Common Files\INCA Shared
2009-07-22 03:35:44 . 2009-07-22 03:40:01 0 d--h--w- D:\Users\ADMINI~1\APPLIC~1\ijjigame
2009-07-22 03:35:04 . 2009-06-03 14:48:58 779720 ----a-w- D:\Users\All Users\Application Data\ijjigame\PurpleBean.exe
2009-07-22 03:35:04 . 2009-05-27 15:08:10 591320 ----a-w- D:\Users\All Users\Application Data\ijjigame\ExLauncher.exe
2009-07-22 03:35:04 . 2008-08-20 07:46:08 632280 ----a-w- D:\Users\All Users\Application Data\ijjigame\PLauncher.exe
2009-07-22 03:35:03 . 2008-09-04 13:34:38 112048 ----a-w- D:\Users\All Users\Application Data\ijjigame\ijjiPrePLauncher.exe
2009-07-22 03:35:03 . 2008-08-28 09:50:52 480688 ----a-w- D:\Users\All Users\Application Data\ijjigame\ijjistarter2FxB.exe
2009-07-22 03:35:03 . 2008-08-28 09:50:48 83376 ----a-w- D:\Users\All Users\Application Data\ijjigame\ijjiPreStarter2FxB.exe
2009-07-22 03:35:03 . 2008-08-28 09:50:46 79280 ----a-w- D:\Users\All Users\Application Data\ijjigame\ijjiPreNotify2FxB.exe
2009-07-22 03:35:03 . 2008-08-28 09:50:42 50608 ----a-w- D:\Users\All Users\Application Data\ijjigame\ijjiNotify2FxB.exe
2009-07-22 03:35:02 . 2009-07-22 03:35:05 0 d-----w- D:\Users\All Users\Application Data\ijjigame
2009-07-22 03:33:04 . 2008-06-11 20:01:48 58800 ----a-w- D:\WINDOWS\system32\ijjiPlugin2.dll
2009-07-22 03:33:04 . 2008-04-23 11:02:12 157152 ----a-w- D:\WINDOWS\system32\PubPlugin.dll
2009-07-22 03:33:03 . 2009-07-22 03:33:03 0 d-----w- D:\Program Files\NHN USA
2009-07-22 03:33:03 . 2009-05-26 14:31:26 58800 ----a-w- D:\WINDOWS\system32\ijjiProcessRestarter.exe
2009-07-22 03:33:03 . 2009-05-12 17:48:28 710064 ----a-w- D:\WINDOWS\system32\ijjiSetup.exe
2009-07-22 01:24:17 . 2009-07-22 01:24:17 0 ----a-w- D:\WINDOWS\nsreg.dat
2009-07-22 01:24:14 . 2009-07-22 01:24:14 0 d-----w- D:\Users\Administrator\Local Settings\Application Data\Mozilla
2009-07-21 21:20:58 . 2001-08-17 02:59:44 3072 ----a-w- D:\WINDOWS\system32\drivers\audstub.sys
2009-07-21 21:19:59 . 2008-04-13 13:10:28 57600 ----a-w- D:\WINDOWS\system32\drivers\redbook.sys
2009-07-21 21:17:41 . 2001-08-17 01:13:08 27165 ----a-w- D:\WINDOWS\system32\drivers\fetnd5.sys
2009-07-21 21:17:36 . 2008-04-13 18:42:10 81920 ----a-w- D:\WINDOWS\system32\usbui.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-02 13:54:43 . 2009-08-02 13:54:43 224 ----a-w- D:\WINDOWS\system32\drivers\kgpcpy.cfg
2009-08-01 12:47:34 . 2009-08-01 00:45:49 0 d-----w- D:\Program Files\Winamp
2009-08-01 04:54:08 . 2009-08-01 00:45:49 0 d-----w- D:\Users\ADMINI~1\APPLIC~1\Winamp
2009-07-27 10:50:22 . 2009-07-21 11:29:06 86327 ----a-w- D:\WINDOWS\pchealth\helpctr\OfflineCache\index.dat
2009-07-24 12:09:31 . 2009-07-21 18:46:39 0 d--h--w- D:\Program Files\InstallShield Installation Information
2009-07-24 12:09:19 . 2009-07-21 11:43:51 0 d-----w- D:\Program Files\Common Files\InstallShield
2009-07-21 18:54:00 . 2009-07-21 18:53:19 0 d-----w- D:\Program Files\VIA
2009-07-21 18:48:29 . 2009-07-21 18:48:29 0 d-----w- D:\Program Files\Alwil Software
2009-07-21 18:46:49 . 2009-07-21 18:46:49 0 d-----w- D:\Program Files\My Company Name
2009-07-21 11:32:06 . 2009-07-21 11:32:06 0 d-----w- D:\Program Files\Windows Sidebar
2009-07-21 11:31:32 . 2009-07-21 11:31:32 0 d-----w- D:\Program Files\Alky for Applications
2009-07-21 11:24:12 . 2009-07-21 11:24:12 21640 ----a-w- D:\WINDOWS\system32\emptyregdb.dat
2009-07-21 11:23:35 . 2009-07-21 11:23:32 0 d-----w- D:\Program Files\Windows Media Connect 2
2009-07-20 11:57:28 . 2009-07-20 11:57:28 17408 ----a-r- D:\WINDOWS\system32\SZIO5.dll
2009-07-20 11:56:28 . 2009-07-20 11:56:28 311296 ----a-r- D:\WINDOWS\system32\SZBase5.dll
2009-07-20 11:56:04 . 2009-07-20 11:56:04 540672 ----a-r- D:\WINDOWS\system32\SZComp5.dll
2009-07-09 12:52:32 . 2009-07-09 12:52:32 126976 ----a-r- D:\WINDOWS\system32\IS3HTUI5.dll
2009-07-09 12:52:22 . 2009-07-09 12:52:22 393216 ----a-r- D:\WINDOWS\system32\IS3DBA5.dll
2009-07-09 12:51:40 . 2009-07-09 12:51:40 385024 ----a-r- D:\WINDOWS\system32\IS3UI5.dll
2009-07-09 12:51:24 . 2009-07-09 12:51:24 61440 ----a-r- D:\WINDOWS\system32\IS3Hks5.dll
2009-07-09 12:51:06 . 2009-07-09 12:51:06 23040 ----a-r- D:\WINDOWS\system32\IS3XDat5.dll
2009-07-09 12:50:48 . 2009-07-09 12:50:48 225280 ----a-r- D:\WINDOWS\system32\IS3Win325.dll
2009-07-09 12:50:28 . 2009-07-09 12:50:28 94208 ----a-r- D:\WINDOWS\system32\IS3Inet5.dll
2009-07-09 12:50:16 . 2009-07-09 12:50:16 90112 ----a-r- D:\WINDOWS\system32\IS3Svc5.dll
2009-07-09 12:47:06 . 2009-07-09 12:47:06 724992 ----a-r- D:\WINDOWS\system32\IS3Base5.dll
2009-05-12 11:13:12 . 2009-05-12 11:13:12 61328 ----a-r- D:\WINDOWS\system32\drivers\SZKG.sys
2009-07-15 21:41:54 . 2009-07-22 01:24:10 137208 ----a-w- D:\Program Files\mozilla firefox\components\brwsrcmp.dll
.
------- Sigcheck -------
[-] 2009-03-08 09:12:20 575488 99C1ACB1B8F0F2CECC56515E502B5120 D:\WINDOWS\system32\user32.dll
[-] 2009-03-08 09:12:29 884224 E7552D59A876B0E6919F05E500937993 D:\WINDOWS\system32\wininet.dll
[-] 2009-03-08 09:04:23 361600 FF267FF1D773BEA5522295E3A79701E9 D:\WINDOWS\system32\drivers\tcpip.sys
[-] 2009-03-08 09:12:29 568832 3D1ABDC3009D6B7CA7F9E66769C126CA D:\WINDOWS\system32\winlogon.exe
[-] 2009-03-08 09:16:44 2185216 BEC5D7EF52E385F457E7C20EDBB1C5E7 D:\WINDOWS\system32\ntkrnlpa.exe
[-] 2008-11-18 00:45:41 2292224 CCF64982AD1B27461A5B85401657B29A D:\WINDOWS\system32\ntoskrnl.exe
[-] 2009-03-08 09:10:05 1723904 E1F5F729264C8AF1D6A95ECD1C8086DD D:\WINDOWS\explorer.exe
[-] 2009-03-08 09:09:56 37376 CBF5945651C96E471B3A004BBDC36864 D:\WINDOWS\system32\ctfmon.exe
[-] 2009-03-08 09:10:54 3736576 0797D8DAD6DD09CF7437C4F3132E82A6 D:\WINDOWS\system32\mshtml.dll
[-] 2009-03-08 09:09:52 1443840 403EBA8EE2967BA93E07138400972EE3 D:\WINDOWS\system32\comres.dll
[-] 2009-03-08 09:09:48 652800 EA032FC150B9C6276C98EB3DED3B75C6 D:\WINDOWS\system32\comctl32.dll
[7] 2009-03-08 09:08:13 921088 AEF3D788DBF40C7C4D204EA45EB0C505 D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[7] 2009-03-08 09:08:12 1054208 BD38D1EBE24A46BD3EDA059560AFBA12 D:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\ctfmon.exe" [2009-03-08 09:09:56 37376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="D:\WINDOWS\system32\NvCpl.dll" [2006-06-01 09:22:00 7618560]
"avast!"="D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 20:08:45 81000]
"SSBkgdUpdate"="D:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-29 21:14:58 155648]
"OpwareSE4"="D:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 10:19:40 69632]
"MSConfig"="D:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2009-03-08 09:10:48 191488]
"QuickTime Task"="D:\WINDOWS\system32\qttask.exe" [2009-07-25 14:51:18 98304]
"SunJavaUpdateSched"="D:\Program Files\Java\jre6\bin\jusched.exe" [2009-07-26 15:55:01 148888]
"PWRISOVM.EXE"="D:\Program Files\PowerISO\PWRISOVM.EXE" [2009-03-15 10:15:16 180224]
"nwiz"="nwiz.exe" - D:\WINDOWS\system32\nwiz.exe [2006-06-01 09:22:00 1519616]
"NvMediaCenter"="NvMCTray.dll" - D:\WINDOWS\system32\nvmctray.dll [2006-06-01 09:22:00 86016]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\system32\CTFMON.EXE" [2009-03-08 09:09:56 37376]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" - D:\WINDOWS\system32\advpack.dll [2009-03-08 09:03:36 124928]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\ijji\\ENGLISH\\u_gunz.exe"=
"C:\\ijji\\ENGLISH\\Gunz\\Gunz.exe"=
"D:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"D:\\Program Files\\DarKGunZ\\Gunz.exe"=
"D:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"D:\\Program Files\\uTorrent\\uTorrent.exe"=
"D:\\Program Files\\SHOUTcast\\sc_serv.exe"=
"D:\\Program Files\\mIRC\\mirc.exe"=
R0 Lbd;Lbd;D:\WINDOWS\system32\drivers\Lbd.sys [23/07/2009 9:28:42 AM 64160]
R0 szkg5;szkg;D:\WINDOWS\system32\drivers\SZKG.sys [12/05/2009 2:13:12 PM 61328]
R1 aswSP;avast! Self Protection;D:\WINDOWS\system32\drivers\aswSP.sys [21/07/2009 9:49:20 PM 114768]
R2 aswFsBlk;aswFsBlk;D:\WINDOWS\system32\drivers\aswFsBlk.sys [21/07/2009 9:49:20 PM 20560]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;D:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -s DefaultInstance --> D:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -s DefaultInstance [?]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;D:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance --> D:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -s DefaultInstance [?]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;D:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [3/07/2009 5:49:06 PM 1029456]
S3 npggsvc;nProtect GameGuard Service;D:\WINDOWS\system32\GameMon.des -service --> D:\WINDOWS\system32\GameMon.des -service [?]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - SCDEMU
*NewlyCreated* - SZKG5
*NewlyCreated* - SZSERVER
*NewlyCreated* - WS2IFSL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contents of the 'Scheduled Tasks' folder
2009-08-02 D:\WINDOWS\Tasks\1-Click Maintenance.job
- D:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe [2008-06-20 06:09:12 . 2008-06-20 06:09:12]
2009-07-27 D:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
- D:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 14:49:06 . 2009-07-03 14:49:06]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: E&xport to Microsoft Excel - D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
TCP: {D0880D54-E39F-431F-AE20-DB26101D0F0A} = 193.231.252.1 213.154.124.1
FF - ProfilePath - D:\Users\ADMINI~1\APPLIC~1\Mozilla\Firefox\Profiles\2due3c2t.default\
FF - plugin: D:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dll
FF - plugin: D:\Program Files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.dll
FF - plugin: D:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
FF - plugin: D:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - trueD:\Program Files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
D:\Program Files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
D:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.
Last edited:
Are you using the administrator account? You shouldn't be. If you are, you are asking for trouble.
Yes, if you have lots of dust inside your computer chances are there is dust blocking the processor fan from cooling off your processor properly.
The only thing I see in the combofix log is a bunch of entries labeled ijjigame. What is this, do you know?
Yes, if you have lots of dust inside your computer chances are there is dust blocking the processor fan from cooling off your processor properly.
The only thing I see in the combofix log is a bunch of entries labeled ijjigame. What is this, do you know?