Jump to content

I think I'm infected :(


ryncops

Recommended Posts

Hello!

This is the first time I post on any forum regarding my pc issues. I think I might be infected with some malware/spyware, I honestly don't know what it is, but I will be as detailed as I can. It all started when I foolishly downloaded a software that I believe wasn't quite clean. I installed it, and when I tried running it, windows crashed and it couldn't reset. I managed to recover windows and reset it one hour earlier, I think. Everything looked fine, except my web browser. It wouldn't work... Internet was ok, but that web browser wouldn't load anything.I downloaded another web browser, didn't work either. Surprisingly, Internet Explorer worked! I downloaded Malwarebytes and spybot S&D afterwards. Spybot found nothing, malwarebytes found something in the Internet Temporary files and I deleted it hoping that would be all. My antivirus(Avira Trial) found nothing either by the way. After all the scans, my web browsers worked again, but only when I wasn't doing anything else. I mean, when I played an online game for example, it would take forever for my browser to load the search engine.

My problem now is that malwarebytes keeps telling me *blocked potentially malicious website* + random IP + outgoing: skype.exe, avira.exe, for example. I guess it's not good right?

I've looked other forums and I saw it's required for me to post a log. So here is my ComboFix log:

ComboFix 11-12-18.01 - Delux 18/12/2011 21:18:31.1.2 - x64

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.44.1033.18.2046.1062 [GMT 2:00]

Running from: c:\users\Delux\Downloads\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Delux\AppData\Local\assembly\tmp

.

.

((((((((((((((((((((((((( Files Created from 2011-11-18 to 2011-12-18 )))))))))))))))))))))))))))))))

.

.

2011-12-18 19:01 . 2011-12-18 19:01 -------- d-----w- c:\program files\CCleaner

2011-12-18 13:47 . 2011-12-18 13:47 -------- d-----w- c:\users\Delux\AppData\Local\WMTools Downloaded Files

2011-12-18 13:46 . 2011-12-18 13:46 -------- d-----w- c:\program files (x86)\Movie Maker 2.6

2011-12-18 13:37 . 2011-12-18 13:37 -------- d-----w- c:\programdata\regid.1986-12.com.adobe

2011-12-18 13:14 . 2011-12-18 13:14 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2C26D9DB-055D-4AAA-9D77-63821C6E8EB6}\offreg.dll

2011-12-18 10:22 . 2011-12-18 10:22 -------- d-----w- c:\program files (x86)\SmartSound Software

2011-12-18 10:21 . 2011-12-18 10:22 -------- d-----w- c:\programdata\SmartSound Software Inc

2011-12-18 10:17 . 2009-10-20 01:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys

2011-12-18 10:17 . 2009-10-20 01:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys

2011-12-18 10:17 . 2010-03-19 01:00 55856 ------w- c:\windows\system32\drivers\PxHlpa64.sys

2011-12-18 10:15 . 2011-12-18 10:15 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared

2011-12-18 10:15 . 2011-12-18 10:15 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine

2011-12-18 10:15 . 2011-12-18 10:21 -------- d-----w- c:\program files\Common Files\Adobe

2011-12-18 09:41 . 2011-12-18 09:41 -------- d-----w- c:\users\Delux\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2011-12-18 09:41 . 2011-12-18 09:41 -------- d-----w- c:\program files (x86)\Adobe Download Assistant

2011-12-16 15:37 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2C26D9DB-055D-4AAA-9D77-63821C6E8EB6}\mpengine.dll

2011-12-15 01:03 . 2011-11-04 01:48 887296 ----a-w- c:\program files\Internet Explorer\iedvtool.dll

2011-12-15 01:03 . 2011-11-03 22:42 678912 ----a-w- c:\program files (x86)\Internet Explorer\iedvtool.dll

2011-12-14 21:33 . 2011-12-18 19:03 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2011-12-14 21:33 . 2011-12-14 21:33 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy

2011-12-14 21:33 . 2011-10-26 05:19 43520 ----a-w- c:\windows\system32\csrsrv.dll

2011-12-14 21:32 . 2011-11-24 05:00 3141632 ----a-w- c:\windows\system32\win32k.sys

2011-12-14 21:32 . 2011-10-15 06:25 723456 ----a-w- c:\windows\system32\EncDec.dll

2011-12-14 21:32 . 2011-10-15 05:48 534528 ----a-w- c:\windows\SysWow64\EncDec.dll

2011-12-14 21:31 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll

2011-12-14 21:31 . 2011-11-05 04:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2011-12-14 19:37 . 2009-06-30 08:37 33800 ----a-w- c:\windows\system32\drivers\pavboot64.sys

2011-12-14 19:37 . 2011-12-14 19:37 -------- d-----w- c:\program files (x86)\Panda Security

2011-12-14 19:33 . 2011-12-14 19:33 -------- d-----w- c:\users\Delux\AppData\Roaming\Malwarebytes

2011-12-14 19:33 . 2011-12-14 19:33 -------- d-----w- c:\programdata\Malwarebytes

2011-12-14 19:33 . 2011-12-14 19:33 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-12-14 19:33 . 2011-08-31 15:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-12-12 07:54 . 2011-12-18 19:03 -------- d-----w- c:\program files (x86)\Steam

2011-12-12 07:46 . 2011-12-12 07:46 -------- d-----w- c:\users\Delux\AppData\Roaming\Avira

2011-12-12 07:45 . 2011-12-12 09:46 130760 ----a-w- c:\windows\system32\drivers\avipbb.sys

2011-12-12 07:45 . 2011-10-11 13:06 27760 ----a-w- c:\windows\system32\drivers\avkmgr.sys

2011-12-12 07:45 . 2011-10-11 13:06 97312 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2011-12-12 07:45 . 2011-12-12 07:45 -------- d-----w- c:\programdata\Avira

2011-12-12 07:45 . 2011-12-12 07:45 -------- d-----w- c:\program files (x86)\Avira

2011-12-12 07:30 . 2011-12-12 07:30 -------- d-----w- c:\program files\Symantec

2011-12-12 07:30 . 2011-12-12 17:36 -------- d-----w- c:\program files (x86)\Norton AntiVirus

2011-12-12 07:30 . 2011-12-12 17:36 -------- d-----w- c:\programdata\Norton

2011-12-12 07:29 . 2011-12-12 07:29 -------- d-----w- c:\program files (x86)\NortonInstaller

2011-12-11 11:32 . 2011-12-11 11:32 -------- d-----w- c:\program files (x86)\Safari

2011-12-11 11:29 . 2011-12-11 11:29 -------- d-----w- c:\program files\iTunes

2011-12-11 11:29 . 2011-12-11 11:29 -------- d-----w- c:\program files (x86)\iTunes

2011-12-11 11:29 . 2011-12-11 11:29 -------- d-----w- c:\program files\iPod

2011-12-08 06:25 . 2011-12-08 06:25 -------- d-----w- c:\windows\system32\Macromed

2011-12-06 18:41 . 2011-12-06 19:49 -------- d-----w- c:\users\Delux\Calibre Library

2011-12-06 18:41 . 2011-12-06 18:43 -------- d-----w- c:\users\Delux\AppData\Roaming\calibre

2011-12-06 18:40 . 2011-12-06 18:40 -------- d-----w- c:\program files (x86)\Calibre2

2011-12-03 11:21 . 2011-12-03 11:21 -------- d-----w- c:\program files (x86)\Hamster Soft

2011-11-25 21:18 . 2011-11-25 22:20 -------- d-----w- c:\users\Delux\AppData\Local\Ubisoft Game Launcher

2011-11-25 21:13 . 2011-11-25 22:20 -------- d-----w- c:\programdata\Ubisoft

2011-11-25 21:09 . 2011-11-25 21:09 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2011-11-25 21:09 . 2011-11-25 21:09 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2011-11-25 21:09 . 2011-11-25 21:09 -------- d-----w- c:\users\Delux\AppData\Roaming\PunkBuster

2011-11-25 20:53 . 2011-11-25 22:15 -------- d-----w- c:\program files (x86)\Ubisoft

2011-11-24 19:56 . 2011-11-24 19:56 -------- d-----w- c:\users\Delux\AppData\Local\XboxMB

2011-11-24 19:55 . 2011-11-24 19:55 -------- d-----w- c:\users\Delux\AppData\Local\Xenocode

2011-11-24 08:26 . 2011-11-26 10:08 -------- d-----w- c:\users\Delux\AppData\Local\FLVService

2011-11-24 08:26 . 2011-11-24 08:26 -------- d-----w- c:\program files (x86)\Freecorder

2011-11-23 20:23 . 2011-11-23 20:23 -------- d-----w- c:\program files (x86)\AP Tuner

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-12-08 06:25 . 2011-09-05 07:54 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-11-15 12:29 . 2011-09-05 07:55 270720 ------w- c:\windows\system32\MpSigStub.exe

2011-10-15 08:53 . 2011-10-31 19:57 7581504 ----a-w- c:\windows\system32\nvcuda.dll

2011-10-15 08:53 . 2011-10-31 19:57 7041856 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2011-10-15 08:53 . 2011-10-31 19:57 68928 ----a-w- c:\windows\system32\OpenCL.dll

2011-10-15 08:53 . 2011-10-31 19:57 61248 ----a-w- c:\windows\SysWow64\OpenCL.dll

2011-10-15 08:53 . 2011-10-31 19:57 5578560 ----a-w- c:\windows\SysWow64\nvcuda.dll

2011-10-15 08:53 . 2011-10-31 19:57 2542912 ----a-w- c:\windows\system32\nvcuvid.dll

2011-10-15 08:53 . 2011-10-31 19:57 24796992 ----a-w- c:\windows\system32\nvcompiler.dll

2011-10-15 08:53 . 2011-10-31 19:57 24742720 ----a-w- c:\windows\system32\nvoglv64.dll

2011-10-15 08:53 . 2011-10-31 19:57 2458432 ----a-w- c:\windows\SysWow64\nvapi.dll

2011-10-15 08:53 . 2011-10-31 19:57 2401088 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2011-10-15 08:53 . 2011-10-31 19:57 2232128 ----a-w- c:\windows\system32\nvcuvenc.dll

2011-10-15 08:53 . 2011-10-31 19:57 2099520 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2011-10-15 08:53 . 2011-10-31 19:57 18871616 ----a-w- c:\windows\SysWow64\nvoglv32.dll

2011-10-15 08:53 . 2011-10-31 19:57 17248576 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2011-10-15 08:53 . 2011-10-31 19:57 15693120 ----a-w- c:\windows\system32\nvd3dumx.dll

2011-10-15 08:53 . 2011-10-31 19:57 12971840 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2011-10-15 08:53 . 2011-09-05 09:23 837952 ----a-w- c:\windows\system32\easyupdatusapiu64.dll

2011-10-15 08:53 . 2011-09-05 09:23 5067584 ----a-w- c:\windows\system32\nvsvc64.dll

2011-10-15 08:53 . 2011-09-05 09:23 222528 ----a-w- c:\windows\system32\nvmctray.dll

2011-10-15 08:53 . 2011-09-05 09:23 1640768 ----a-w- c:\windows\system32\nvvsvc.exe

2011-10-15 08:53 . 2011-09-05 09:23 137536 ----a-w- c:\windows\system32\nvshext.dll

2011-10-15 08:53 . 2011-09-05 09:23 10406208 ----a-w- c:\windows\system32\nvcpl.dll

2011-10-15 08:53 . 2011-09-05 09:19 2808128 ----a-w- c:\windows\system32\nvapi64.dll

2011-10-15 08:53 . 2011-09-05 09:19 1533248 ----a-w- c:\windows\system32\nvdispco64.dll

2011-10-15 08:53 . 2011-09-05 09:19 1454400 ----a-w- c:\windows\system32\nvgenco64.dll

2011-10-15 08:53 . 2009-07-13 21:59 8791360 ----a-w- c:\windows\system32\nvwgf2umx.dll

2011-10-15 08:53 . 2009-06-10 20:37 13205312 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2011-10-14 22:54 . 2011-10-14 22:54 321856 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2011-10-06 20:37 . 2009-07-13 23:56 419840 ----a-w- c:\windows\system32\systemcpl.dll

2011-10-06 20:37 . 2009-07-13 23:52 14848 ----a-w- c:\windows\system32\slwga.dll

2011-10-06 20:37 . 2009-07-13 23:38 1008640 ----a-w- c:\windows\system32\user32.dll

2011-10-06 20:37 . 2009-07-13 23:36 13824 ----a-w- c:\windows\SysWow64\slwga.dll

2011-10-06 20:37 . 2009-07-13 23:24 833024 ----a-w- c:\windows\SysWow64\user32.dll

2011-10-03 03:06 . 2011-10-15 19:39 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

2011-09-29 16:24 . 2011-11-09 19:36 1897328 ----a-w- c:\windows\system32\drivers\tcpip.sys

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[7] 2010-11-20 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll

[-] 2011-10-06 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll

.

[-] 2011-10-06 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll

[7] 2010-11-20 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\SoftwareDistribution\Download\488053cdbca3231eeb2c2af7236d09ed\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-10-13 17351304]

"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2011-10-20 641400]

"Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-12-12 1242448]

"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\MESSEN~1\YahooMessenger.exe" [2011-11-23 6497592]

"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-11-12 421736]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2011-10-11 258512]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer1"=wdmaud.drv

.

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;c:\program files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-09-14 169624]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 AntiVirMailService;Avira Mail Protection;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2011-12-12 342480]

S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-10-11 86224]

S2 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2011-10-11 463824]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2011-08-15 2329480]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys [x]

S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2011-06-20 12:05 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

Contents of the 'Scheduled Tasks' folder

.

2011-12-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2206561506-3068261362-3194123025-1001Core.job

- c:\users\Delux\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-13 04:55]

.

2011-12-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2206561506-3068261362-3194123025-1001UA.job

- c:\users\Delux\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-13 04:55]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.ro/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000

LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll

FF - ProfilePath - c:\users\Delux\AppData\Roaming\Mozilla\Firefox\Profiles\9n7h5ip5.default\

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)

AddRemove-NCsoft-AionEU - c:\program files (x86)\ncsoft\launcher\NCLauncher.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2011-12-18 21:28:13

ComboFix-quarantined-files.txt 2011-12-18 19:28

.

Pre-Run: 35,583,893,504 bytes free

Post-Run: 35,455,844,352 bytes free

.

- - End Of File - - 37B8C364076AD9A8D8B742E65747AD3C

Link to post
Share on other sites

  • 1 month later...

Hello,

Would you advise if you have resolved your issues or if you have sought help elsewhere?

If not resolved and you are not already seeking help elsewhere, I'd like for you to rerun a new (fresh) DDS and Copy & Paste the DDS.txt into a new reply into this Topic.

Read and follow the directions >> here << , skipping any steps you are unable to complete.

Anyone other than original-poster who has similar issues, do not reply here. Start your own topic.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.