Jump to content

kenyit

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. i got infected by an autorun virus a few days ago. All the folders in my external drives became shortcuts. After trying to remove it using pretty much every method that can be found using google, the virus keeps coming back. Finally a friend introduced me to ComboFix and after running it the virus seems to have been gone from my computer. However there are Recycle.Bin folders left around and I need help to make sure if my computer is clean Here is the log from Combo fix ComboFix 13-09-01.02 - Kenyit 09/02/2013 14:05:47.6.4 - x64Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3983.2766 [GMT 8:00]Running from: c:\users\Kenyit\Desktop\abah.exe.exeAV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..C:\abah.exec:\abah.exe\NIRKMD.3XE..((((((((((((((((((((((((( Files Created from 2013-08-02 to 2013-09-02 )))))))))))))))))))))))))))))))..2013-09-02 06:10 . 2013-09-02 06:10 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp2013-09-02 06:10 . 2013-09-02 06:10 -------- d-----w- c:\users\Default\AppData\Local\temp2013-09-01 10:00 . 2013-09-01 10:10 37562 ----a-w- c:\users\Kenyit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\33b1.js2013-09-01 09:40 . 2013-09-01 09:59 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)2013-08-31 16:04 . 2013-08-31 16:04 -------- d-----w- c:\users\Kenyit\AppData\Roaming\Malwarebytes2013-08-31 16:04 . 2013-08-31 16:04 -------- d-----w- c:\programdata\Malwarebytes2013-08-31 16:04 . 2013-08-31 16:06 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware2013-08-31 16:04 . 2013-04-04 06:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys2013-08-30 14:53 . 2013-08-30 14:54 657209 ----a-w- c:\windows\Condition Zero Uninstaller.exe2013-08-30 14:53 . 2013-08-30 14:53 -------- d-----w- C:\Valve2013-08-29 15:54 . 2013-08-29 15:56 -------- d-----w- c:\users\Kenyit\AppData\Roaming\redsn0w2013-08-29 12:48 . 2013-08-29 12:48 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF692013-08-29 12:48 . 2013-08-29 12:48 -------- d-----w- c:\program files\iTunes2013-08-29 12:48 . 2013-08-29 12:48 -------- d-----w- c:\program files (x86)\iTunes2013-08-29 12:48 . 2013-08-29 12:48 -------- d-----w- c:\program files\iPod2013-08-28 11:22 . 2013-08-28 11:23 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys2013-08-28 11:22 . 2013-05-09 08:59 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2013-08-28 11:22 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2013-08-28 07:43 . 2013-08-28 07:43 -------- d-----w- C:\7942013-08-28 07:43 . 2013-08-28 07:43 -------- d-sh--w- c:\users\Kenyit\AppData\Roaming\78e572013-08-27 17:54 . 2013-08-27 17:54 -------- d-----w- c:\program files (x86)\FreeTime2013-08-27 16:46 . 2013-08-27 16:46 -------- d-----w- c:\users\Kenyit\AppData\Roaming\Corel2013-08-27 16:40 . 2013-08-27 16:40 -------- d-----w- c:\programdata\InterVideo2013-08-27 16:39 . 2013-08-27 16:39 -------- d-----w- c:\program files (x86)\Common Files\Protexis2013-08-27 16:39 . 2013-08-27 16:39 -------- d-----w- c:\programdata\Corel2013-08-27 16:37 . 2013-08-27 16:37 -------- d-----w- c:\program files (x86)\Corel2013-08-27 13:26 . 1998-10-29 08:45 306688 ----a-w- c:\windows\IsUninst.exe2013-08-27 13:00 . 2013-08-27 13:00 -------- d-----w- c:\users\Kenyit\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant2013-08-27 13:00 . 2013-08-27 13:00 -------- d-----w- c:\program files (x86)\Adobe Download Assistant2013-08-27 13:00 . 2013-08-27 13:00 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR2013-08-26 14:14 . 2013-09-01 09:30 -------- d-----w- c:\program files\Recuva2013-08-04 05:25 . 2013-08-04 05:25 -------- d-----w- c:\users\Kenyit\AppData\Local\ElevatedDiagnostics2013-08-03 14:20 . 2013-08-03 15:14 -------- d-----w- c:\users\Kenyit\AppData\Local\Ubisoft Game Launcher2013-08-03 09:30 . 2013-08-03 09:30 -------- d-----w- c:\users\Kenyit\AppData\Roaming\Theta...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2013-08-28 11:23 . 2013-07-09 06:29 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys2013-08-28 11:23 . 2013-07-09 06:29 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys2013-08-02 06:54 . 2013-08-02 06:54 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe2013-08-02 06:54 . 2013-08-02 06:54 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe2013-07-29 08:46 . 2013-07-29 08:46 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2013-07-29 08:46 . 2013-07-09 06:27 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-07-10 17:05 . 2013-07-10 17:05 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2013-07-10 17:05 . 2013-07-10 17:05 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll2013-07-10 17:05 . 2013-07-10 17:05 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll2013-06-27 09:57 . 2013-07-26 12:55 172920 ----a-w- c:\windows\system32\drivers\idmwfp.sys..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"6ef"="c:\users\Kenyit\AppData\Roaming\78e57\6ef.js" [X]"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2013-07-29 3624528]"uTorrent"="c:\users\Kenyit\AppData\Roaming\uTorrent\uTorrent.exe" [2013-08-14 888152].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-10 35736]"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-02-09 2621440]"UIExec"="c:\program files (x86)\Celcom Broadband\UIExec.exe" [2010-07-23 138552]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-11 253816]"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2013-08-14 1601488]"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2008-09-06 413696]"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-05-20 450560]"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-08-16 152392].c:\users\Kenyit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\33b1.js [2013-9-1 37562].c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2013-8-27 113664]TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe -nogui [2013-7-16 841216].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]"mixer2"=wdmaud.drv.R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R3 bmusbser;Network Connect USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\bmusbser.sys;c:\windows\SYSNATIVE\DRIVERS\bmusbser.sys [x]R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbdev.sys [x]R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]S0 aswRvrt;aswRvrt; [x]S0 aswVmm;aswVmm; [x]S1 aswSnx;aswSnx; [x]S1 aswSP;aswSP; [x]S2 APNMCP;Ask Update Service;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]S2 aswFsBlk;aswFsBlk; [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]S2 UI Assistant Service;UI Assistant Service;c:\program files (x86)\Celcom Broadband\AssistantServices.exe;c:\program files (x86)\Celcom Broadband\AssistantServices.exe [x]S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2013-08-30 01:34 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2013-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-01 15:27].2013-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-01 15:27]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]2012-11-15 23:07 23496 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-05-14 165872]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-05-14 407536]"Persistence"="c:\windows\system32\igfxpers.exe" [2013-05-14 444400].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmuInternet Settings,ProxyOverride = *.localIE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htmIE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htmIE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000TCP: DhcpNameServer = 192.168.1.1FF - ProfilePath - c:\users\Kenyit\AppData\Roaming\Mozilla\Firefox\Profiles\4phf8rjq.default\FF - prefs.js: browser.search.selectedEngine - GoogleFF - prefs.js: browser.startup.homepage - about:homeFF - ExtSQL: 2013-07-09 14:28; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FFFF - ExtSQL: 2013-07-29 17:56; py3j_oqut@ioyclv-.edu; c:\users\Kenyit\AppData\Roaming\Mozilla\Firefox\Profiles\4phf8rjq.default\extensions\py3j_oqut@ioyclv-.edu.- - - - ORPHANS REMOVED - - - -.AddRemove-DMC Devi May Cry © Capcom_is1 - d:\dmc devi may cry\unins000.exeAddRemove-football manager 2012_is1 - d:\football manager 2012\unins000.exeAddRemove-Pro Evolution Soccer 2013_is1 - d:\pro evolution soccer 2013\unins000.exeAddRemove-SP_4e24eecb - c:\program files (x86)\WebSearch\uninstall.exeAddRemove-SP_703c874a - c:\program files (x86)\SaveShare\uninstall.exeAddRemove-{8B7IL77L-LKS1-AC3-BATAC-18CD6E6334R1}_is1 - d:\batman arkham city\uninstall\unins000.exeAddRemove-{B810D852-DFD6-FIFA13-89A5-CC4D47756DAF}_is1 - d:\fifa 13\unins000.exe...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]"ImagePath"="c:\windows\system32\GameMon.des -service".--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10a.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10a.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.10".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10a.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]@Denied: (A 2) (Everyone)@="IFlashBroker2".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]@Denied: (A) (Everyone)"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}".[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]@Denied: (A) (Everyone).[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]"Key"="ActionsPane3""Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]@Denied: (A) (Users)@Denied: (A) (Everyone)@Allowed: (B 1 2 3 4 5) (S-1-5-20)"BlindDial"=dword:00000000.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\program files\AVAST Software\Avast\AvastSvc.exec:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exec:\windows\SysWOW64\PnkBstrA.exec:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe.**************************************************************************.Completion time: 2013-09-02 14:13:20 - machine was rebootedComboFix-quarantined-files.txt 2013-09-02 06:13ComboFix2.txt 2013-09-02 05:55ComboFix3.txt 2013-09-02 05:38ComboFix4.txt 2013-09-01 11:48ComboFix5.txt 2013-09-02 06:04.Pre-Run: 108,651,200,512 bytes freePost-Run: 108,578,914,304 bytes free.- - End Of File - - F0398A1508694AA0D04BE5D9642281D4A36C5E4F47E84449FF07ED3517B43A31
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.