Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

combo fix help


  • This topic is locked This topic is locked
3 replies to this topic

#1 red987

red987

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:34 AM

Posted 17 May 2013 - 03:16 PM

I ran combo fix for the first time, all I got were some text and a folder in my C-drive labeled "Qoobox"  I really don't know what to do next as my pc seems to be woorking ok?  I have know idea on how to read the text doc?

Thanks for any help...

 

ComboFix 13-05-16.02 - dan 05/17/2013  12:42:29.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8160.6440 [GMT -5:00]
Running from: c:\users\dan\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\dan\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk
c:\users\dan\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk
.
.
(((((((((((((((((((((((((   Files Created from 2013-04-17 to 2013-05-17  )))))))))))))))))))))))))))))))
.
.
2013-05-17 17:45 . 2013-05-17 17:45    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-05-17 16:44 . 2013-05-17 16:44    --------    d-----w-    c:\program files (x86)\Hewlett-Packard
2013-05-17 01:45 . 2013-05-13 06:37    9460464    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D8356F56-584B-47FB-888C-3A9BFA06D3DF}\mpengine.dll
2013-05-16 13:35 . 2013-05-13 06:37    9460464    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-05-14 21:01 . 2013-04-10 06:01    265064    ----a-w-    c:\windows\system32\drivers\dxgmms1.sys
2013-05-07 22:02 . 2013-05-17 16:05    --------    d-----w-    c:\users\UpdatusUser
2013-05-07 22:02 . 2013-05-07 22:02    --------    d-----w-    c:\programdata\NVIDIA
2013-05-07 22:02 . 2013-03-15 04:16    3477280    ----a-w-    c:\windows\system32\nvsvc64.dll
2013-05-07 22:02 . 2013-03-15 04:16    6398240    ----a-w-    c:\windows\system32\nvcpl.dll
2013-05-07 22:02 . 2013-03-15 04:16    877856    ----a-w-    c:\windows\system32\nvvsvc.exe
2013-05-07 22:02 . 2013-03-15 04:16    63776    ----a-w-    c:\windows\system32\nvshext.dll
2013-05-07 22:02 . 2013-03-15 04:16    237856    ----a-w-    c:\windows\system32\nvmctray.dll
2013-05-07 22:02 . 2013-03-13 16:24    3065455    ----a-w-    c:\windows\system32\nvcoproc.bin
2013-05-07 22:02 . 2013-03-15 05:53    61216    ----a-w-    c:\windows\system32\OpenCL.dll
2013-05-07 22:02 . 2013-03-15 05:53    53024    ----a-w-    c:\windows\SysWow64\OpenCL.dll
2013-05-07 22:02 . 2013-05-07 22:02    --------    d-----w-    c:\programdata\NVIDIA Corporation
2013-04-23 23:26 . 2013-04-23 23:26    905296    ------w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2A64400C-255A-4A89-AA81-E97977F7D358}\gapaengine.dll
2013-04-23 23:16 . 2013-03-18 04:43    2155688    ----a-w-    c:\windows\system32\Incinerator64.dll
2013-04-23 17:18 . 2013-04-12 14:45    1656680    ----a-w-    c:\windows\system32\drivers\ntfs.sys
2013-04-22 00:38 . 2013-04-22 00:38    311200    ----a-w-    c:\windows\system32\javaws.exe
2013-04-22 00:38 . 2013-04-22 00:38    188832    ----a-w-    c:\windows\system32\javaw.exe
2013-04-22 00:38 . 2013-04-22 00:38    108448    ----a-w-    c:\windows\system32\WindowsAccessBridge-64.dll
2013-04-22 00:38 . 2013-04-22 00:38    188320    ----a-w-    c:\windows\system32\java.exe
2013-04-21 20:47 . 2013-04-21 20:47    --------    d-----w-    c:\users\dan\AppData\Roaming\Oracle
2013-04-21 19:38 . 2013-04-21 19:38    --------    d-----w-    c:\program files (x86)\Common Files\Java
2013-04-21 19:32 . 2013-04-21 19:32    95648    ----a-w-    c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-15 01:22 . 2012-03-16 18:42    75016696    ----a-w-    c:\windows\system32\MRT.exe
2013-05-14 22:03 . 2012-03-30 21:55    692104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-14 22:03 . 2012-03-16 21:46    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-02 15:29 . 2012-03-16 18:18    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-05-01 00:00 . 2011-03-28 23:36    22240    ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-22 00:38 . 2012-06-27 14:10    971680    ----a-w-    c:\windows\system32\deployJava1.dll
2013-04-22 00:38 . 2012-06-27 14:10    1092512    ----a-w-    c:\windows\system32\npDeployJava1.dll
2013-04-21 19:32 . 2012-06-16 02:57    866720    ----a-w-    c:\windows\SysWow64\npdeployJava1.dll
2013-04-21 19:32 . 2012-03-16 19:18    788896    ----a-w-    c:\windows\SysWow64\deployJava1.dll
2013-04-13 05:49 . 2013-05-14 21:01    135168    ----a-w-    c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-14 21:01    350208    ----a-w-    c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-14 21:01    308736    ----a-w-    c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-14 21:01    111104    ----a-w-    c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-14 21:01    474624    ----a-w-    c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-14 21:01    2176512    ----a-w-    c:\windows\apppatch\AcGenral.dll
2013-03-31 23:32 . 2013-03-31 23:32    82600    ----a-w-    c:\windows\system32\drivers\amd_sata.sys
2013-03-31 23:32 . 2013-03-31 23:32    42664    ----a-w-    c:\windows\system32\drivers\amd_xata.sys
2013-03-19 06:04 . 2013-04-10 11:42    5550424    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 11:42    43520    ----a-w-    c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 11:42    3968856    ----a-w-    c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 11:42    3913560    ----a-w-    c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 11:42    6656    ----a-w-    c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 11:42    112640    ----a-w-    c:\windows\system32\smss.exe
2013-03-18 04:59 . 2012-06-05 01:00    57584    ----a-w-    c:\windows\system32\iolobtdfg.exe
2013-03-18 04:58 . 2012-06-05 01:00    26184    ----a-w-    c:\windows\system32\smrgdf.exe
2013-03-18 04:43 . 2012-06-05 01:07    2097472    ----a-w-    c:\windows\SysWow64\Incinerator32.dll
2013-03-17 20:05 . 2013-03-17 20:05    719360    ----a-w-    c:\windows\SysWow64\mshtmlmedia.dll
2013-03-17 20:05 . 2013-03-17 20:05    226304    ----a-w-    c:\windows\system32\elshyph.dll
2013-03-17 20:05 . 2013-03-17 20:05    185344    ----a-w-    c:\windows\SysWow64\elshyph.dll
2013-03-17 20:05 . 2013-03-17 20:05    158720    ----a-w-    c:\windows\SysWow64\msls31.dll
2013-03-17 20:05 . 2013-03-17 20:05    150528    ----a-w-    c:\windows\SysWow64\iexpress.exe
2013-03-17 20:05 . 2013-03-17 20:05    138752    ----a-w-    c:\windows\SysWow64\wextract.exe
2013-03-17 20:05 . 2013-03-17 20:05    1054720    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-17 20:05 . 2013-03-17 20:05    73728    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-17 20:05 . 2013-03-17 20:05    61952    ----a-w-    c:\windows\SysWow64\tdc.ocx
2013-03-17 20:05 . 2013-03-17 20:05    523264    ----a-w-    c:\windows\SysWow64\vbscript.dll
2013-03-17 20:05 . 2013-03-17 20:05    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2013-03-17 20:05 . 2013-03-17 20:05    38400    ----a-w-    c:\windows\SysWow64\imgutil.dll
2013-03-17 20:05 . 2013-03-17 20:05    361984    ----a-w-    c:\windows\SysWow64\html.iec
2013-03-17 20:05 . 2013-03-17 20:05    23040    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2013-03-17 20:05 . 2013-03-17 20:05    1441280    ----a-w-    c:\windows\SysWow64\inetcpl.cpl
2013-03-17 20:05 . 2013-03-17 20:05    137216    ----a-w-    c:\windows\SysWow64\ieUnatt.exe
2013-03-17 20:05 . 2013-03-17 20:05    12800    ----a-w-    c:\windows\SysWow64\mshta.exe
2013-03-17 20:05 . 2013-03-17 20:05    110592    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2013-03-17 20:05 . 2013-03-17 20:05    97280    ----a-w-    c:\windows\system32\mshtmled.dll
2013-03-17 20:05 . 2013-03-17 20:05    92160    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-03-17 20:05 . 2013-03-17 20:05    905728    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2013-03-17 20:05 . 2013-03-17 20:05    81408    ----a-w-    c:\windows\system32\icardie.dll
2013-03-17 20:05 . 2013-03-17 20:05    762368    ----a-w-    c:\windows\system32\ieapfltr.dll
2013-03-17 20:05 . 2013-03-17 20:05    62976    ----a-w-    c:\windows\system32\pngfilt.dll
2013-03-17 20:05 . 2013-03-17 20:05    599552    ----a-w-    c:\windows\system32\vbscript.dll
2013-03-17 20:05 . 2013-03-17 20:05    52224    ----a-w-    c:\windows\system32\msfeedsbs.dll
2013-03-17 20:05 . 2013-03-17 20:05    51200    ----a-w-    c:\windows\system32\imgutil.dll
2013-03-17 20:05 . 2013-03-17 20:05    452096    ----a-w-    c:\windows\system32\dxtmsft.dll
2013-03-17 20:05 . 2013-03-17 20:05    441856    ----a-w-    c:\windows\system32\html.iec
2013-03-17 20:05 . 2013-03-17 20:05    281600    ----a-w-    c:\windows\system32\dxtrans.dll
2013-03-17 20:05 . 2013-03-17 20:05    27648    ----a-w-    c:\windows\system32\licmgr10.dll
2013-03-17 20:05 . 2013-03-17 20:05    270848    ----a-w-    c:\windows\system32\iedkcs32.dll
2013-03-17 20:05 . 2013-03-17 20:05    247296    ----a-w-    c:\windows\system32\webcheck.dll
2013-03-17 20:05 . 2013-03-17 20:05    235008    ----a-w-    c:\windows\system32\url.dll
2013-03-17 20:05 . 2013-03-17 20:05    216064    ----a-w-    c:\windows\system32\msls31.dll
2013-03-17 20:05 . 2013-03-17 20:05    197120    ----a-w-    c:\windows\system32\msrating.dll
2013-03-17 20:05 . 2013-03-17 20:05    173568    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-03-17 20:05 . 2013-03-17 20:05    167424    ----a-w-    c:\windows\system32\iexpress.exe
2013-03-17 20:05 . 2013-03-17 20:05    1509376    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-03-17 20:05 . 2013-03-17 20:05    149504    ----a-w-    c:\windows\system32\occache.dll
2013-03-17 20:05 . 2013-03-17 20:05    144896    ----a-w-    c:\windows\system32\wextract.exe
2013-03-17 20:05 . 2013-03-17 20:05    1400416    ----a-w-    c:\windows\system32\ieapfltr.dat
2013-03-17 20:05 . 2013-03-17 20:05    13824    ----a-w-    c:\windows\system32\mshta.exe
2013-03-17 20:05 . 2013-03-17 20:05    136192    ----a-w-    c:\windows\system32\iepeers.dll
2013-03-17 20:05 . 2013-03-17 20:05    135680    ----a-w-    c:\windows\system32\IEAdvpack.dll
2013-03-17 20:05 . 2013-03-17 20:05    12800    ----a-w-    c:\windows\system32\msfeedssync.exe
2013-03-17 20:05 . 2013-03-17 20:05    102912    ----a-w-    c:\windows\system32\inseng.dll
2013-03-17 20:05 . 2013-03-17 20:05    77312    ----a-w-    c:\windows\system32\tdc.ocx
2013-03-17 20:05 . 2013-03-17 20:05    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2012-03-17 19:08 . 2012-03-17 19:09    709968    ----a-w-    c:\program files (x86)\unins000.exe
2012-01-13 19:53 . 2012-03-17 19:09    39496    ----a-w-    c:\program files (x86)\mbampt.exe
2012-01-13 19:53 . 2012-03-17 19:09    92232    ----a-w-    c:\program files (x86)\mbamext.dll
2012-01-13 19:53 . 2012-03-17 19:09    652360    ----a-w-    c:\program files (x86)\mbamservice.exe
2012-01-13 19:53 . 2012-03-17 19:09    460872    ----a-w-    c:\program files (x86)\mbamgui.exe
2012-01-13 19:53 . 2012-03-17 19:09    2227784    ----a-w-    c:\program files (x86)\mbamnet.dll
2012-01-13 19:53 . 2012-03-17 19:09    1081416    ----a-w-    c:\program files (x86)\mbamcore.dll
2012-01-13 19:53 . 2012-03-17 19:09    472136    ----a-w-    c:\program files (x86)\mbam.dll
2011-06-01 14:16 . 2012-03-17 19:09    46416    ----a-w-    c:\program files (x86)\ssubtmr6.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-02-04 21:50    1197448    ----a-w-    c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"BootEventQueryFailed"="1 (0x1)" [X]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-11-26 573024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-11-26 659040]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-06-02 17864]
R3 DCamUSBSTK03N;Standard_Camera;c:\windows\system32\DRIVERS\STK03NW2.sys [2010-01-05 113288]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 OXSDIDRV_x64;Oxford Semi eSATA Filter (x64);c:\windows\system32\DRIVERS\OXSDIDRV_x64.sys [2009-09-28 51760]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-16 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2013-03-31 82600]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2013-03-31 42664]
S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2012-04-17 31432]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
S2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2013-03-18 1070080]
S2 LaCieDesktopManagerService;LaCieDesktopManagerService;c:\program files\LaCie\Desktop Manager\lacie_dm_service.exe [2012-04-05 1227776]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 PDFsFilter;PDFsFilter;c:\windows\system32\DRIVERS\PDFsFilter.sys [2012-07-26 82160]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-11-26 1225312]
S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-09-20 1157056]
S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-09-20 248248]
S2 WDRulesService;WD Rules;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-09-20 1177536]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [2011-11-24 21568]
S3 HCW723x;Hauppauge WinTV 723x PCIe Card;c:\windows\system32\DRIVERS\HCW723x.sys [2012-08-17 1847680]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 23152]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-02-16 676968]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys [2011-09-28 136000]
S3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys [2011-09-28 409408]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 22:03]
.
2013-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23 13:32]
.
2013-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-23 13:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2011-08-24 37888]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-25 1425408]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11\WLTRAY.exe" [2011-11-24 7172096]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-24 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-24 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-24 363544]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - LocalService
FontCache
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.com/
uInternet Settings,ProxyOverride = <local>
Trusted Zone: secunia.com
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\users\dan\AppData\Roaming\Mozilla\Firefox\Profiles\ivr6b5tc.default\
FF - prefs.js: browser.startup.homepage - hxxp://ca.yahoo.com/
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2013-03-27 18:22; toolbar@ask.com; c:\users\dan\AppData\Roaming\Mozilla\Firefox\Profiles\ivr6b5tc.default\extensions\toolbar@ask.com
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE "%1"
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1817088653-1468705960-1948110262-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-1817088653-1468705960-1948110262-1000)
@Denied: (2) (LocalSystem)
"Progid"="Applications\\WLXPhotoViewer.dll"
.
[HKEY_USERS\S-1-5-21-1817088653-1468705960-1948110262-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-05-17  13:40:22
ComboFix-quarantined-files.txt  2013-05-17 18:40
.
Pre-Run: 56,555,679,744 bytes free
Post-Run: 56,256,020,480 bytes free
.
- - End Of File - - 87BF2CDDD08DBB80C8FCD875BD648D48
 

Attached Files


Edited by Noviciate, 18 May 2013 - 04:43 PM.
Log added from attachment.


BC AdBot (Login to Remove)

 


#2 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:01:34 PM

Posted 18 May 2013 - 04:47 PM

Good evening. :)

It's isn't recommended that you run ComboFix without supervision as there may be unexpected repercussions from doing so.

 

I really don't know what to do next as my pc seems to be woorking ok?

 

What  was the reason that you had for running ComboFix?


So long, and thanks for all the fish.

 

 


#3 red987

red987
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:34 AM

Posted 18 May 2013 - 05:21 PM

Well, I thought I had a virus as my pc was acting strangely, So I goggled combo fix and got to this forum. The instructions that were posted had me believing that I would be able to get help?? But apparently not, so sorry to bother you!



#4 Noviciate

Noviciate

  • Malware Response Team
  • 5,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Numpty HQ
  • Local time:01:34 PM

Posted 19 May 2013 - 02:27 PM

Not at all, it's been my pleasure. As this issue appears to have been resolved, this thread is now closed.

 


So long, and thanks for all the fish.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users