Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Programs not starting, can't remove programs, etc....


  • This topic is locked This topic is locked
2 replies to this topic

#1 selfmade64856

selfmade64856

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Waikiki, Hawaii
  • Local time:03:08 PM

Posted 10 July 2011 - 01:31 AM

So I went to bed last night and everything was ok on my pc. I rarely turn it off so left it on as usual. I have Comodo Firewall, AVG and AdAware running in the background which normally gives me a heads-up when something is trying to get in.

This morning when I got on my computer I noticed that I could not click on links within certain websites. I rebooted thinking that that would be the problem......but something more sinister was lurking around the corner.

After the reboot I noticed that comodo was no longer working.....in fact, none of my "normally running" protection was. Also, I can no longer get online. I tried running spybot, mbam, avg, adaware and superantispyware in safemode but couldn't get some of them to run at all.

mbam gives me a "vbAccelerator SGrid II runtime error '0' and the run-time error '440': Automation Error." error.

avg gives me a "Problem with Shortcut" The item 'avgui.exe' that this shortcut refers to has been changed or moved, so this shortcut will no longer work properly." error

I tried to remove a program from the Control Panel/Programs/Uninstall a Program but when I click on the "Uninstall a Program" link, it does nothing.

My "Help and Support" does nothing when I click on it either.

I tried the System Restore but once it opens I cannot click on anything to restore, all i have access to is the cancel button, I cannot even turn it on or off.

I also attempted to push the f11 button on a reboot to get to the system restore but that doesn't work either.

I also tried accessing the f8 on reboot, which allowed me into the menu so I tried both "last known good configuration" and "Directory Services Restore Mode" which the latter booted me in safe mode which does me no good either.

This is my system info.

OS - Windows 7 Ultimate
Processor - Intel® Pentium® Dual CPU E2160 @ 1.80 GHz 1.80 GHz
RAM - 2.50 GB (for some reason the system will not take 4GB's)
System - 64-bit

I've tossed around the idea of reformatting but I would hate to have to re-install all my programs and transfer all my files to my external drive.....so hopefully someone knows a more powerful Kung Foo ;)

I ran combofix and have attached the log.

Also, I still have my regsvr32.exe file too.....I saw that some of those mbam "vbAccelerator SGrid II runtime error '0' and the run-time error '440': Automation Error." errors were fixed by pasting the missing file in the windows/system32 folder....but mine is still there.

Any help would be greatly appreciated! Thanks!!!

Here is the combofix log

"ComboFix 11-07-09.03 - Courtney 07/09/2011 6:44.3.2 - x64
Running from: c:\users\Courtney\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-06-09 to 2011-07-09 )))))))))))))))))))))))))))))))
.
.
2011-07-09 17:57 . 2011-07-09 17:57 -------- d-----w- C:\VritualRoot
2011-07-09 16:56 . 2011-07-09 16:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-07-09 16:56 . 2011-07-09 16:56 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-07-09 16:56 . 2011-07-09 16:56 -------- d-----w- c:\users\Administrator.Mojojojo-PC\AppData\Local\temp
2011-07-09 00:34 . 2011-07-09 00:34 -------- d-----w- c:\program files (x86)\Easy Video Splitter
2011-07-05 02:54 . 2011-07-05 02:54 -------- d-----w- c:\users\Courtney\AppData\Roaming\Artisteer
2011-07-05 02:50 . 2011-07-05 02:50 -------- d-----w- c:\program files (x86)\Artisteer 3
2011-07-03 05:05 . 2011-07-03 05:05 -------- dc-h--w- c:\programdata\{8CDCFFBC-79B4-4652-900A-66E63C63D942}
2011-07-03 05:04 . 2011-07-03 05:04 -------- d-----w- c:\program files (x86)\BackToTheBeach
2011-07-03 05:04 . 2011-07-03 05:04 -------- d-----w- c:\users\Courtney\AppData\Roaming\BackToTheBeach
2011-07-03 03:54 . 2011-07-03 03:54 1301854 ----a-w- c:\windows\XSitePro2 Uninstaller.exe
2011-07-03 03:45 . 2011-07-03 03:45 -------- d-----w- c:\program files\Common Files\Thraex Software
2011-07-03 03:45 . 2011-07-03 03:48 -------- d-----w- c:\program files\XSitePro2
2011-07-02 01:38 . 2011-07-02 01:38 -------- d-----w- c:\program files (x86)\Common Files\Java
2011-06-16 20:40 . 2011-06-16 20:58 -------- d-----w- c:\programdata\Vivitar Experience Image Manager
2011-06-16 20:40 . 2011-06-16 20:58 -------- d-----w- c:\users\Courtney\AppData\Local\Vivitar Experience Image Manager
2011-06-16 20:40 . 2011-06-16 20:40 -------- d-----w- c:\programdata\Vivitar
2011-06-16 20:20 . 2011-06-16 20:21 -------- d-----w- c:\program files (x86)\ffdshow
2011-06-16 20:20 . 2011-06-16 20:20 -------- d-----w- c:\program files\Vivitar Experience Image Manager
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-07-02 15:43 . 2010-12-18 12:32 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-06-19 02:26 . 2011-01-13 05:39 5018 --sha-w- c:\programdata\KGyGaAvL.sys
2011-06-07 03:26 . 2011-06-07 03:26 53248 ----a-r- c:\users\Courtney\AppData\Roaming\Microsoft\Installer\{F97272B4-82C4-46B2-BCF1-C4D6E8CAB3E6}\ARPPRODUCTICON.exe
2011-05-29 19:11 . 2010-12-11 21:57 25912 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-04 14:52 . 2010-12-17 09:25 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll
2011-05-02 03:24 . 2011-05-02 03:24 98304 ----a-r- c:\users\Courtney\AppData\Roaming\Microsoft\Installer\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}\icons.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-09_14.46.11 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-12-12 00:18 . 2011-07-09 16:23 55066 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2011-07-09 16:23 41454 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2010-12-11 21:56 . 2011-07-09 16:23 15862 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1731239807-2173069937-3117974597-1000_UserData.bin
- 2010-12-11 21:48 . 2011-07-09 14:44 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-11 21:48 . 2011-07-09 16:57 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-11 21:48 . 2011-07-09 14:44 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2010-12-11 21:48 . 2011-07-09 16:57 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2011-07-09 16:57 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2011-07-09 14:44 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-12-11 21:52 . 2011-07-09 17:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2010-12-11 21:52 . 2011-07-09 22:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2010-12-11 21:52 . 2011-07-09 17:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2010-12-11 21:52 . 2011-07-09 22:03 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-07-09 16:57 . 2011-07-09 16:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-07-09 14:45 . 2011-07-09 14:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2011-07-09 16:57 . 2011-07-09 16:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2011-07-09 14:45 . 2011-07-09 14:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:12 . 2011-07-09 14:44 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-07-14 05:12 . 2011-07-09 16:57 262144 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 04:45 . 2011-05-21 18:44 5155536 c:\windows\system32\FNTCACHE.DAT
+ 2009-07-14 04:45 . 2011-07-09 16:07 5155536 c:\windows\system32\FNTCACHE.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Web Studio 5.0 Update Setup for All Users"="c:\programdata\{8CDCFFBC-79B4-4652-900A-66E63C63D942}\WebStudio5Install.exe" [2010-05-05 2916202]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"MP3 Computer Alarm Clock"="c:\progra~2\MP3COM~1\mp3alarmclock.exe" [2009-03-10 1440256]
"Clearwire Connection Manager"="c:\program files (x86)\Clearwire\Connection Manager\ClearwireCM.exe" [2010-11-18 54608]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-12 288088]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-04 00:21 548352 ----a-w- c:\program files (x86)\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
R1 SASDIFSV;SASDIFSV;c:\program files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [2010-01-05 9968]
R1 SASKUTIL;SASKUTIL;c:\program files (x86)\SUPERAntiSpyware\SASKUTIL.sys [2010-01-05 74480]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-19 138576]
R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x]
R3 bcm;WiMAX Network Adapter;c:\windows\system32\DRIVERS\drxvi314_64.sys [x]
R3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\DRIVERS\BcmBusCtr_64.sys [x]
R3 CACLEARWIRE;Clearwire Con App Svc;c:\program files (x86)\Clearwire\Connection Manager\ConAppsSvc.exe [2010-11-18 124240]
R3 CLEARWIRERcAppSvc;Clearwire RcAppSvc;c:\program files (x86)\Clearwire\Connection Manager\RcAppSvc.exe [2010-11-18 120144]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2010-12-12 21712]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R3 FLASHSYS;FLASHSYS; [x]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-06-28 2151640]
R3 MsDepSvc;Web Deployment Agent Service;c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe [2011-01-08 63304]
R3 MsibiosDevice;MsibiosDevice; [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [x]
R3 SASENUM;SASENUM;c:\program files (x86)\SUPERAntiSpyware\SASENUM.SYS [2010-01-05 7408]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VST64_DPV;VST64_DPV;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 VST64HWBS2;VST64HWBS2;c:\windows\system32\DRIVERS\VSTBS26.SYS [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [x]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [x]
S2 Cepstral License Server;Cepstral License Server;c:\program files (x86)\Cepstral\bin\CepstralLicSrv.exe [2007-03-15 57344]
S2 clearwireDeviceDiagnosticsService;Clearwire Device Diagnostics Service;c:\program files (x86)\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe [2010-06-18 398848]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-28 1253376]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-08 197976]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 SMSI Device Launch Service;Clearwire Device Launch Service;c:\program files (x86)\Clearwire\Connection Manager\DeviceLaunchSvc.exe [2010-11-18 107856]
S3 CAXHWBS2;CAXHWBS2;c:\windows\system32\DRIVERS\CAXHWBS2.sys [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [x]
S3 LVUVC64;Logitech Webcam 120(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - cmderd
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-04-16 22:07 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-03 c:\windows\Tasks\Driver Robot.job
- c:\program files (x86)\Driver Robot\Driver Robot.lnk [2010-12-12 00:24]
.
2011-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1731239807-2173069937-3117974597-1000Core.job
- c:\users\Courtney\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-11 23:59]
.
2011-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1731239807-2173069937-3117974597-1000UA.job
- c:\users\Courtney\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-11 23:59]
.
2011-07-09 c:\windows\Tasks\RegCure Program Check.job
- c:\program files (x86)\RegCure\RegCure.exe [2010-05-19 22:45]
.
2011-07-07 c:\windows\Tasks\RegCure.job
- c:\program files (x86)\RegCure\RegCure.exe [2010-05-19 22:45]
.
2011-07-09 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files (x86)\Spybot - Search & Destroy\SpybotSD.exe [2010-12-12 01:31]
.
2011-07-09 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
- c:\program files (x86)\Spybot - Search & Destroy\SDUpdate.exe [2010-12-12 01:31]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-12 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-12 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-12 363544]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-30 8866120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\guard64.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.conduit.com/?SearchSource=10&ctid=CT2704262
mStart Page = hxxp://www.yahoo.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Open using &Advanced JPEG Compressor - c:\program files (x86)\Advanced JPEG Compressor\ajcieex.htm
TCP: DhcpNameServer = 192.168.15.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
FF - ProfilePath - c:\users\Courtney\AppData\Roaming\Mozilla\Firefox\Profiles\bkuii44z.default\
FF - prefs.js: browser.startup.homepage - hxxp://360islandtours.com
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4d0419cd&v=7.004.022.004&i=23&tp=ab&iy=&ychte=us&lng=en-US&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
FF - Ext: Firebug: firebug@software.joehewitt.com - %profile%\extensions\firebug@software.joehewitt.com
FF - Ext: FlashFirebug: flashfirebug@o-minds.com - %profile%\extensions\flashfirebug@o-minds.com
FF - Ext: YSlow: yslow@yahoo-inc.com - %profile%\extensions\yslow@yahoo-inc.com
FF - Ext: S3 Firefox Organizer(S3Fox): {7CEA821D-3DAB-4238-B424-BF7324531750} - %profile%\extensions\{7CEA821D-3DAB-4238-B424-BF7324531750}
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MsDepSvc]
"ImagePath"="\"c:\program files\IIS\Microsoft Web Deploy\MsDepSvc.exe\" -runService:MsDepSvc"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MySQL]
"ImagePath"="\"c:\program files\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.1\my.ini\" MySQL"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:aa,81,97,3d,d4,3e,58,04,1e,92,ea,42,d7,b1,62,67,76,1e,da,3d,ed,
0b,af,86,77,f9,68,56,f9,68,8a,39,dc,dc,88,cf,ce,60,81,68,6e,01,8e,31,5b,bf,\
.
[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:aa,81,97,3d,d4,3e,58,04,1e,92,ea,42,d7,b1,62,67,76,1e,da,3d,ed,
0b,af,86,77,f9,68,56,f9,68,8a,39,dc,dc,88,cf,ce,60,81,68,6e,01,8e,31,5b,bf,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\IObit\Game Booster\GameBox.exe
.
**************************************************************************
.
Completion time: 2011-07-09 07:36:43 - machine was rebooted
ComboFix-quarantined-files.txt 2011-07-09 17:36
ComboFix2.txt 2011-07-09 15:34
ComboFix3.txt 2011-07-09 14:52
.
Pre-Run: 15,234,957,312 bytes free
Post-Run: 15,149,948,928 bytes free
.
- - End Of File - - 86F2EA61FABCF197580CE9D789E51D1D
"

Edited by selfmade64856, 10 July 2011 - 01:40 AM.

Surround yourself with those that are smarter then you, otherwise you'll end up just as dumb as those around you.

BC AdBot (Login to Remove)

 


#2 selfmade64856

selfmade64856
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Waikiki, Hawaii
  • Local time:03:08 PM

Posted 10 July 2011 - 05:00 AM

I figured out how to get everything back to normal.........and I feel like a complete idiot.

I forget sometimes that this is Windows 7 and not XP. All I had to do was to reboot with F8 (which I had done numerous times but failed to see) and then select "REPAIR COMPUTER"! Voila! Now everything is back to normal and I am running Mbam which should get rid of whatever caused this in the first place.

Thanks!!

Courtney
Surround yourself with those that are smarter then you, otherwise you'll end up just as dumb as those around you.

#3 hamluis

hamluis

    Moderator


  • Moderator
  • 55,754 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:08 PM

Posted 10 July 2011 - 05:25 AM

Thank you for posting your self-resolution.

To avoid confusion, this topic is now closed.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users