offline
- Thompson
- Novi MyCity građanin
- Pridružio: 04 Avg 2008
- Poruke: 10
|
Evo dobijenog fajla
ComboFix 08-12-23.01 - pc 2008-12-23 19:57:04.13 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1636 [GMT 1:00]
Running from: c:\documents and settings\pc\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\drivers\TDSSoexh.sys
c:\windows\system32\Drivers\TDSSpaxt.sys
c:\windows\system32\msiconf.exe
c:\windows\system32\TDSSosvd.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_TDSSSERV.SYS
-------\Legacy_TDSSSERV.SYS
((((((((((((((((((((((((( Files Created from 2008-11-23 to 2008-12-23 )))))))))))))))))))))))))))))))
.
2008-12-21 20:40 . 2008-12-21 20:40 <DIR> d-------- c:\documents and settings\All Users\Application Data\MiKTeX
2008-12-21 20:37 . 2008-12-21 20:39 <DIR> d-------- c:\program files\MiKTeX 2.7
2008-12-21 20:32 . 2008-12-21 20:32 <DIR> d-------- c:\program files\WinEdt Team
2008-12-21 20:32 . 2008-12-22 23:41 <DIR> d-------- c:\documents and settings\pc\Application Data\WinEdt
2008-12-18 21:09 . 2008-12-22 19:47 83,968 --a------ c:\program files\Common Files\ThfLE25I.exe
2008-12-17 22:10 . 2008-12-21 17:58 155 ---h----- c:\windows\system32\msnasec.dIl
2008-12-17 22:10 . 2008-12-21 17:58 22 --a------ c:\windows\MathMagic Personal 3.64.INI
2008-12-17 22:05 . 2008-12-18 21:05 <DIR> d-------- c:\program files\MathMagic Personal Edition
2008-12-01 20:05 . 1998-09-02 09:02 194,320 --a------ c:\windows\system32\qcut.dll
2008-12-01 20:05 . 1998-08-27 05:51 182,032 --a------ c:\windows\system32\dxtmsft3.dll
2008-12-01 20:05 . 1998-08-20 12:02 140,800 --a------ c:\windows\system32\tm20dec.ax
2008-12-01 20:05 . 1998-09-02 09:28 63,488 --a------ c:\windows\system32\unam4ie.exe
2008-12-01 20:05 . 1998-09-02 09:28 38,160 --a------ c:\windows\system32\LMRTREND.dll
2008-12-01 20:05 . 1998-08-17 10:21 11,776 --a------ c:\windows\system32\mciqtz.drv
2008-12-01 20:05 . 1998-08-17 10:21 10,240 --a------ c:\windows\system32\vidx16.dll
2008-12-01 20:05 . 1998-08-17 10:21 5,672 --a------ c:\windows\system32\quartz.vxd
2008-12-01 20:05 . 2008-12-01 20:05 4,608 --a------ c:\windows\system32\w95inf32.dll
2008-12-01 20:05 . 2008-12-01 20:05 2,272 --a------ c:\windows\system32\w95inf16.dll
2008-12-01 20:04 . 2008-12-01 20:04 <DIR> d-------- c:\program files\Auralog
2008-12-01 20:04 . 2008-12-15 20:24 11 --a------ C:\trace.ini
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-23 18:11 --------- d-----w c:\documents and settings\pc\Application Data\U3
2008-12-18 20:05 16,287 ----a-w c:\program files\setuplog.txt
2008-12-18 20:05 15,789 ----a-w c:\program files\uninstall.log
2008-12-15 20:49 --------- d-----w c:\documents and settings\pc\Application Data\Design Science
2008-12-15 20:48 --------- d-----w c:\program files\MathType
2008-12-14 17:42 --------- d-----w c:\program files\Common Files\Adobe
2008-11-17 20:23 2,516 --sha-w c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2008-11-15 21:15 --------- d-----w c:\program files\Microsoft ActiveSync
2008-11-15 21:13 --------- d-----w c:\program files\Microsoft.NET
2008-11-15 21:09 --------- d-----w c:\program files\Corel
2008-11-13 16:55 8 --sh--r c:\documents and settings\All Users\Application Data\A1F035FC9A.sys
2008-11-13 16:52 --------- d-----w c:\program files\Common Files\Protexis
2008-11-13 16:52 --------- d-----w c:\documents and settings\All Users\Application Data\Corel
2008-11-13 16:39 --------- d-----w c:\program files\Common Files\Corel
2008-11-11 21:11 4,299 ----a-w c:\documents and settings\pc\Application Data\rchars32b.bin
2008-10-23 17:05 --------- d-----w c:\program files\PowerISO
2008-10-23 17:01 --------- d-----w c:\program files\Quark
2008-02-07 20:17 4,299 ----a-w c:\documents and settings\pc\Application Data\rchars32a.bin
2006-06-23 22:48 32,768 ----a-r c:\windows\inf\UpdateUSB.exe
2008-01-18 15:04 60,516 ----a-w c:\program files\mozilla firefox\components\jar50.dll
2008-01-18 15:04 49,246 ----a-w c:\program files\mozilla firefox\components\jsd3250.dll
2008-01-18 15:04 165,990 ----a-w c:\program files\mozilla firefox\components\xpinstal.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-09-01 15360]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-07-02 220544]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-06-01 7618560]
"Adobe Version Cue CS2"="c:\program files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [2005-04-04 856064]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 483328]
"FineReader7NewsReaderPro"="c:\program files\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe" [2003-08-05 278528]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2008-03-07 782336]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SecurDisc"="c:\program files\Nero\Nero 7\InCD\NBHGui.exe" [2007-05-15 1628208]
"InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2007-05-15 1057328]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"RAMDrive"="c:\program files\FarStone\VirtualDrive\VHD\RDTask.exe" [2004-09-22 36864]
"VirtualDrive"="c:\program files\FarStone\VirtualDrive\VDTask.exe" [2004-09-30 139264]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2006-02-23 35328]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2006-03-18 184320]
"nwiz"="nwiz.exe" [2006-06-01 c:\windows\system32\nwiz.exe]
"NvMediaCenter"="NvMCTray.dll" [2006-06-01 c:\windows\system32\nvmctray.dll]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 c:\windows\RTHDCPL.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnsc"="c:\windows\system32\msnsc.exe" [2006-01-06 62054]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlsf"="move" [X]
"tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-09-01 44544]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2008-01-19 25214]
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2008-04-01 118784]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i263_32.drv
"msacm.imc"= imc32.acm
"msacm.l3codecp"= l3codecp.acm
"VIDC.i263"= i263_32.drv
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Adobe\\Adobe Version Cue CS2\\bin\\VersionCueCS2.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"24654:UDP"= 24654:UDP:Enfocus Port
"20486:UDP"= 20486:UDP:Enfocus Port
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\atl01_xp.sys [2008-01-18 38656]
R3 FVDSCSI;FVDSCSI;c:\windows\system32\DRIVERS\fvdscsi.sys [2008-03-31 72478]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{29f8aa36-ff62-11dc-84f3-001e8c0892c2}]
\Shell\AutoRun\command - Q:\AUTORUN.EXE
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98008527-2a8f-11dd-8550-001e8c0892c2}]
\Shell\AutoRun\command - G:\LaunchU3.exe -a
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-msiexec.exe - msiconf.exe
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
LSP: imon.dll
FF - ProfilePath - c:\documents and settings\pc\Application Data\Mozilla\Firefox\Profiles\4rngln3m.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
ATTENTION: FIREFOX POLICES IS IN FORCE
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("general.useragent.contentlocale", "chrome://navigator-region/locale/region.properties");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("accessibility.typeaheadfind.soundURL", "default");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("browser.tabs.warnOnCloseOther", true);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("browser.tabs.loadGroup", 1);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("browser.tabs.loadOnNewTab", 0);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("browser.windows.loadOnNewWindow", 1);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.HTMLDocument.close.get", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.HTMLDocument.open.get", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Location.reload.get", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Window.closed", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Window.Components", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Window.document", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Window.frames", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Window.history", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Window.length", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Window.opener", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Window.parent", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Window.self", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Window.top", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("capability.policy.default.Window.window", "allAccess");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("dom.disable_window_open_feature.resizable", false);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.http.max-connections", 24);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.http.max-connections-per-server",  ;
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.http.max-persistent-connections-per-server", 2);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.http.max-persistent-connections-per-proxy", 4);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.http.accept.default", "application/x-shockwave-flash,text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.dns.ipv4OnlyDomains", ".doubleclick.net");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.standard-url.encode-utf8", false);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.image.warnAboutImages", false);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.proxy.autoconfig_url", "");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.cookie.p3p", "ffffaaaa");
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.cookie.p3plevel", 1); // 0=low, 1=medium, 2=high, 3=custom
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("network.enablePad", false); // Allow client to do proxy autodiscovery
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("ime.password.onFocus.dontCare", false);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("ime.password.onBlur.dontCare", false);
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("ui.key.generalAccessKey", 1;
c:\program files\Mozilla Firefox\\greprefs\all.js - pref("dom.max_script_run_time", 5);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.enable_ssl2", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl2.rc4_128", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl2.rc2_128", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl2.des_ede3_192", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl2.des_64", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl2.rc4_40", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl2.rc2_40", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.rsa_fips_des_sha", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.rsa_des_sha", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.rsa_1024_rc4_56_sha", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.rsa_1024_des_cbc_sha", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.rsa_rc4_40_md5", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.rsa_rc2_40_md5", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.dhe_rsa_des_sha", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ssl3.dhe_dss_des_sha", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.default_personal_cert", "Select Automatically");
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.warn_entering_secure", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.warn_leaving_secure", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.warn_submit_insecure", true);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.OCSP.enabled", 0);
c:\program files\Mozilla Firefox\\greprefs\security-prefs.js - pref("security.ui.enable", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("startup.homepage_override_url","chrome://browser-region/locale/region.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("xpinstall.dialog.progress.skin", "chrome://mozapps/content/extensions/extensions.xul?type=themes");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("xpinstall.dialog.progress.chrome", "chrome://mozapps/content/extensions/extensions.xul?type=extensions");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("xpinstall.dialog.progress.type.skin", "Extension:Manager-themes");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("xpinstall.dialog.progress.type.chrome", "Extension:Manager-extensions");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("extensions.getMoreExtensionsURL", "chrome://mozapps/locale/extensions/extensions.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("extensions.getMoreThemesURL", "chrome://mozapps/locale/extensions/extensions.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("app.update.url.manual", "http://www.mozilla.org/products/firefox/");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("app.update.url.details", "chrome://browser-region/locale/region.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("app.update.nagTimer.download", 86400);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("app.update.nagTimer.restart", 1800);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("extensions.update.url", "chrome://mozapps/locale/extensions/extensions.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("extensions.getMoreExtensionsURL", "chrome://mozapps/locale/extensions/extensions.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("extensions.getMoreThemesURL", "chrome://mozapps/locale/extensions/extensions.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("keyword.URL", "http://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.startup.homepage", "resource:/browserconfig.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.search.defaulturl", "chrome://browser-region/locale/region.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.search.param.Google.1.default", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.search.param.Google.1.custom", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.search.order.Yahoo.1", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.search.order.Yahoo.2", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.search.order.Yahoo", "chrome://branding/content/searchconfig.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.search.basic.min_ver", "0.0");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.link.open_newwindow", 2);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.tabs.opentabfor.urlbar", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.related.enabled", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.related.autoload", 1); // 0 = Always, 1 = After first use, 2 = Never
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.related.provider", "http://www-rl.netscape.com/wtgn?");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.related.disabledForDomains", "");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.goBrowsing.enabled", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("dom.disable_window_open_feature.location", false);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("dom.disable_window_flip", false);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.trim_user_and_password", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.history", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.formdata", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.passwords", false);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.downloads", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.cookies", false);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.cache", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.siteprefs", false);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("privacy.item.sessions", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("network.cookie.enableForCurrentSessionOnly", false);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("network.cookie.denyRemovedCookies", false);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.throbber.url","chrome://browser-region/locale/region.properties");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("alerts.height", 50);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("signon.SignonFileName", "signons.txt");
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("security.warn_entering_secure.show_once", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("security.warn_leaving_secure.show_once", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("security.warn_submit_insecure.show_once", true);
c:\program files\Mozilla Firefox\\defaults\pref\firefox.js - pref("browser.display.screen_resolution", 96);
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net
Rootkit scan 2008-12-23 20:01:31
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\TDSSserv.sys]
"imagepath"="\systemroot\system32\drivers\TDSSoexh.sys"
.
Completion time: 2008-12-23 20:02:42
ComboFix-quarantined-files.txt 2008-12-23 19:02:38
ComboFix2.txt 2008-08-04 20:35:38
Pre-Run: 27,727,171,584 bytes free
Post-Run: 31,939,809,280 bytes free
270
|
