Jump to content

superwow_rl

Honorary Members
 View Profile  See their activity

  • Posts

    91

  • Joined

  • Last visited

Reputation

0 Neutral
  1. superwow_rl
    Okay, I tried to attach the minidump file, & my computer says I don't have permission to open it. I tried sending it to a zip folder, & it said the file could not be found. I sent the file to my dropbox & tried attaching it from there, & the forum gives me the error You aren't permitted to upload this kind of file. If I just get rid of all the MBAM crap on my computer, will this problem go away? I really don't know what else to do here. If I email support, will it take 3-4 days for EACH response, or just the initial response?
  2. superwow_rl
    I tried the 2nd method you shared, & it did not work, either. The name of the prompt window does change, but no log ever appears. EDIT: I forgot to mention, only the 2nd minidump file appears anywhere on my computer, but as I explained before, I have no idea how to open it. I don't know what happened to the first one.
  3. superwow_rl
    I'm sorry, i did understand that you need the dump logs themselves. I just don't understand how to get them...sorry, that's kind of embarrassing. I did do some Googling but everything says install this or install that, & I'm not really sure what I'm doing. I don't think it's a malware problem, I think it's an MBAM problem.
  4. superwow_rl
    Ahh, I see. Well, I attached the FRST & Addition logs. MBAM-check did not produce a log, or do anything, that I could tell. The dump logs, I'm not sure how to access them. The logs I have are Notepad files. I just copied each BSOD error message into Notepad & saved it to my desktop when it happened. It tells me there are files that I can look out, but my computer says the files are not found. But I attached the Notepad files anyway, in case you can find some other way to get the logs you actually want. Thank you. FRST.txt Addition.txt Blue Screen 6.29.2014 @ 2145.txt Blue Screen 7.14.2014 @ 2243.txt
  5. superwow_rl
    Sorry, are you asking for the logs from the blue screens? I apologize if my post wasn't clear. I meant that I had the error logs from the blue screens.
  6. superwow_rl
    Hi, I still need some help with this issue. I have had 2 more BSOD instances, & my MBAM is not running again. I saved the logs to my desktop in case they are needed. Please advise. Thank you!
  7. superwow_rl
    Nope, nothing else. Computer has been running much better & no blue screens. Thank you again.
  8. superwow_rl
    I uninstalled it & reinstalled it before you replied. Seems to be working now. Not sure what the problem was. Thank you anyway.
  9. superwow_rl
    Oh, I have to take it back...My IE is not working at all. I don't even get an error message. It won't navigate to ANY page at all. It's just a white page. My Firefox is working fine, so I don't think it's an internet problem. Is there some setting I need to change back? I tried restarting with no luck.
  10. superwow_rl
    Great! I did the Windows Updates & removed Flash. Everything seems to be working fine! Thank you again.
  11. superwow_rl
    Awesome! Thank you so much! The only problem I've had is my Flash Player crashing all the time & Firefox eating up lots of memory, but I don't think those are malware problems. I do have MBAM Premium, & I'm glad to have it working again. It's okay to do Windows Updates, Flash updates, run CCleaner, etc. now, right?
  12. superwow_rl
    Thank you for explaining that! Here is the log. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 6/21/2014 Scan Time: 10:13:53 PM Logfile: Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.06.21.10 Rootkit Database: v2014.06.20.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: lil nippers Scan Type: Threat Scan Result: Completed Objects Scanned: 304552 Time Elapsed: 12 min, 6 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  13. superwow_rl
    No, no more BSODs. Aside from not being able to run MBAM, I never did notice anything wrong with my computer. It's running the same now as it did before. I haven't run any MBAM scans (or any other scans) so I can only assume that it's working correctly. It hasn't disappeared from my notification area, though. May I ask what you found wrong with my computer? If I understand correctly, you don't use ComboFix unless other things haven't worked, so I'm pretty concerned about what might have been wrong. Here is the log. Results of screen317's Security Check version 0.99.85 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Norton 360 WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 13.0.0.214 Flash Player out of Date! Adobe Reader XI Mozilla Firefox (30.0) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1% ````````````````````End of Log``````````````````````
  14. superwow_rl
    ComboFix 14-06-19.01 - lil nippers 06/20/2014 17:52:55.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3980.2377 [GMT -6:00] Running from: c:\users\lil nippers\Desktop\ComboFix.exe AV: Norton 360 *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} FW: Norton 360 *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} SP: Norton 360 *Disabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\wininit.ini . . ((((((((((((((((((((((((( Files Created from 2014-05-21 to 2014-06-21 ))))))))))))))))))))))))))))))) . . 2014-06-21 00:03 . 2014-06-21 00:03 -------- d-----w- c:\users\Public\AppData\Local\temp 2014-06-21 00:03 . 2014-06-21 00:03 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-06-18 05:13 . 2014-06-18 05:13 -------- d-----w- c:\program files (x86)\ESET 2014-06-18 04:38 . 2014-06-18 04:38 -------- d-----w- c:\windows\ERUNT 2014-06-17 03:08 . 2014-06-17 03:08 -------- d-----w- c:\programdata\RogueKiller 2014-06-17 02:50 . 2014-06-20 23:31 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-06-17 02:49 . 2014-06-17 02:49 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2014-06-17 02:49 . 2014-06-17 02:49 -------- d-----w- c:\programdata\Malwarebytes 2014-06-17 02:49 . 2014-05-12 13:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-06-17 02:49 . 2014-05-12 13:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-06-17 02:49 . 2014-05-12 13:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-06-17 02:39 . 2014-06-17 02:39 -------- d-----w- c:\program files (x86)\ERUNT 2014-06-10 01:59 . 2014-06-20 03:09 -------- d-----w- C:\FRST 2014-06-09 04:27 . 2014-06-09 04:27 -------- d-----w- c:\program files (x86)\Hp . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-06-05 03:01 . 2013-10-02 00:52 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-06-05 03:01 . 2013-10-02 00:52 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-05-14 03:57 . 2013-02-01 23:04 93223848 ----a-w- c:\windows\system32\MRT.exe 2014-05-09 06:14 . 2014-05-14 03:55 477184 ----a-w- c:\windows\system32\aepdu.dll 2014-05-09 06:11 . 2014-05-14 03:55 424448 ----a-w- c:\windows\system32\aeinv.dll 2014-05-06 04:40 . 2014-05-14 04:01 23544320 ----a-w- c:\windows\system32\mshtml.dll 2014-05-06 04:17 . 2014-05-14 04:01 2724864 ----a-w- c:\windows\system32\mshtml.tlb 2014-05-06 03:07 . 2014-05-14 04:01 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb 2014-05-06 03:00 . 2014-05-14 04:01 84992 ----a-w- c:\windows\system32\mshtmled.dll 2014-04-12 02:22 . 2014-05-14 03:55 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2014-04-12 02:22 . 2014-05-14 03:55 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2014-04-12 02:19 . 2014-05-14 03:55 29184 ----a-w- c:\windows\system32\sspisrv.dll 2014-04-12 02:19 . 2014-05-14 03:55 136192 ----a-w- c:\windows\system32\sspicli.dll 2014-04-12 02:19 . 2014-05-14 03:55 28160 ----a-w- c:\windows\system32\secur32.dll 2014-04-12 02:19 . 2014-05-14 03:55 1460736 ----a-w- c:\windows\system32\lsasrv.dll 2014-04-12 02:19 . 2014-05-14 03:55 31232 ----a-w- c:\windows\system32\lsass.exe 2014-04-12 02:12 . 2014-05-14 03:55 22016 ----a-w- c:\windows\SysWow64\secur32.dll 2014-04-12 02:10 . 2014-05-14 03:55 96768 ----a-w- c:\windows\SysWow64\sspicli.dll 2014-04-02 00:05 . 2014-04-02 00:06 659440 ----a-w- c:\windows\couponprinter_x64.ocx 2014-04-02 00:05 . 2014-04-02 00:06 444912 ----a-w- c:\windows\CouponPrinter.ocx 2014-03-25 02:43 . 2014-05-14 03:55 14175744 ----a-w- c:\windows\system32\shell32.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\lil nippers\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\lil nippers\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\lil nippers\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\lil nippers\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2014-01-17 759496] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" [2012-03-01 56088] "USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-05-15 290688] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904] "File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2012-08-07 12313720] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2013-06-05 683656] "HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2013-04-23 185144] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-13 43848] "Virtual Account Numbers"="c:\progra~2\VIRTUA~1\CitiVAN.exe" [2013-10-09 435712] "QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2013-07-31 337184] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP] 2012-01-31 21:19 75648 ----a-w- c:\windows\System32\DeviceNP.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ DPPassFilter scecli . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140606.001\BHDrvx64.sys;c:\program files (x86)\Norton 360\NortonData\21.0.1.3\Definitions\BASHDefs\20140606.001\BHDrvx64.sys [x] S1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\N360x64\1503000.00C\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1503000.00C\ccSetx64.sys [x] S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - MBAMSWISSARMY . Contents of the 'Scheduled Tasks' folder . 2014-06-20 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-02 03:01] . 2014-06-20 c:\windows\Tasks\HPCeeScheduleForlil nippers.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 11:43] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\lil nippers\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\lil nippers\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\lil nippers\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\lil nippers\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2012-03-14 15232] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-03-22 1664000] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-11-07 171992] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-11-07 399832] "Persistence"="c:\windows\system32\igfxpers.exe" [2013-11-07 442328] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" [2014-05-28 21720] . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - c:\users\lil nippers\AppData\Roaming\Mozilla\Firefox\Profiles\hketneyy.default-1371613521138\ FF - prefs.js: browser.search.selectedEngine - Swagbucks FF - prefs.js: browser.startup.homepage - about:home . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start HKLM-Run-MfeEpePcMonitor - c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360] "ImagePath"="\"c:\program files (x86)\Norton 360\Engine\21.3.0.12\N360.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\21.3.0.12\diMaster.dll\" /prefetch:1" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" "ImagePath"="\SystemRoot\System32\Drivers\N360x64\1503000.00C\SYMNETS.SYS" "TrustedImagePaths"="c:\program files (x86)\Norton 360\Engine\21.3.0.12;c:\program files (x86)\Norton 360\Engine64\21.3.0.12" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.13" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2014-06-20 18:07:41 ComboFix-quarantined-files.txt 2014-06-21 00:07 . Pre-Run: 231,637,041,152 bytes free Post-Run: 231,040,675,840 bytes free . - - End Of File - - A6C5341D2B8B1B817A1E7E49D982A593
  15. superwow_rl
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-06-2014 Ran by lil nippers at 2014-06-19 21:09:36 Run:1 Running from C:\Users\lil nippers\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = C:\Users\lil nippers\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfxlmj7.dll C:\Users\lil nippers\AppData\Local\Temp\Quarantine.exe AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\d6c2584e1532c4506eb2eaff913cae95.600x.jpg:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare (2).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(1)(1).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(1)(2).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(1)(3).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(1)(4).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(1)(5).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(1).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(10).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(11).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(12).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(13).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(14).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(15).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(16).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(17).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(18).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(19).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(2)(1).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(2)(2).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(2)(3).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(2).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(20).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(21).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(22).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(23).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(24).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(25).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(26).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(27).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(28).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(29).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(3)(1).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(3)(2).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(3).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(4)(1).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(4).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(5).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(6).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(7).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(8).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare(9).png:com.dropbox.attributes AlternateDataStreams: C:\Users\lil nippers\Dropbox\Documents\PhotoShare.png:com.dropbox.attributes S2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [X] ***************** HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. 'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}' => Key deleted successfully. 'HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}'=> Key not found. "C:\Users\lil nippers\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfxlmj7.dll" => File/Directory not found. C:\Users\lil nippers\AppData\Local\Temp\Quarantine.exe => Moved successfully. C:\Users\lil nippers\Dropbox\Documents\d6c2584e1532c4506eb2eaff913cae95.600x.jpg => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare (2).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(1)(1).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(1)(2).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(1)(3).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(1)(4).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(1)(5).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(1).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(10).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(11).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(12).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(13).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(14).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(15).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(16).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(17).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(18).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(19).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(2)(1).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(2)(2).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(2)(3).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(2).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(20).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(21).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(22).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(23).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(24).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(25).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(26).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(27).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(28).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(29).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(3)(1).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(3)(2).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(3).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(4)(1).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(4).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(5).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(6).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(7).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(8).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare(9).png => ":com.dropbox.attributes" ADS removed successfully. C:\Users\lil nippers\Dropbox\Documents\PhotoShare.png => ":com.dropbox.attributes" ADS removed successfully. CouponPrinterService => Service deleted successfully. ==== End of Fixlog ====
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.