Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ran ComboFix need help now please


  • This topic is locked This topic is locked
4 replies to this topic

#1 roshrrr

roshrrr

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 22 April 2015 - 08:10 PM

hi all,

 

I had a trjoan 2/3 weeks ago, avast detected it, but I don't know whether it removed/quarantined or what.

 

I have messed my security settings, took over C drive ownership few months back. now I have lots of repeated folders under my C drive like, local settings, my doc, my pictures, my music, my videos and, as I try open them gives me access denied.

 

However these are old folders I don't use, which belonged to my old user name. where the laptop had different pc name, different user name, different password.

 

I had 3 factory restores via F8, and have no external  back up. Laptop use 3 years. bought new from Currys - homepremium win 7 - sony vaio nw26m.

 

I ran ComboFix but have no idea on what to do next. I have deleted some registry keys as I felt Google chrome was infected. then re-downloaded chrome, after deleting all keys for chrome. and deleted some keys under HKLM & HKeyusers from 3rd party software.  

 

I read that kanji_1.uce is harmful and found it located under C , so I deleted that too. I am really exhausted with this laptop.

 

Would appreciate that someone could TRULLY help me.

 

HERE'S THE LOG FROM COMBO FIX

 

ComboFix 15-04-19.01 - ROSHNI 23/04/2015   1:17.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.3935.2257 [GMT 1:00]
Running from: c:\users\ROSHNI\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2015-03-23 to 2015-04-23  )))))))))))))))))))))))))))))))
.
.
2015-04-23 00:27 . 2015-04-23 00:27 -------- d-----w- c:\users\Guest\AppData\Local\temp
2015-04-23 00:27 . 2015-04-23 00:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-04-21 22:42 . 2015-04-21 22:43 264846772 ----a-w- C:\registrybackupapriltwentieth.reg
2015-04-21 22:28 . 2015-04-04 06:25 12032440 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34EA1EA9-9529-4440-ADA8-9FDAB2E252A9}\mpengine.dll
2015-04-21 13:33 . 2015-04-21 13:43 -------- d-----w- c:\users\ROSHNI\AppData\Local\Google
2015-04-21 13:33 . 2015-04-21 13:33 -------- d-----w- c:\program files (x86)\Google
2015-04-21 00:34 . 2015-04-21 00:34 -------- d-----w- c:\programdata\FreeDownloadManager.ORG
2015-04-21 00:34 . 2015-04-21 00:34 -------- d-----w- c:\programdata\Free Download Manager
2015-04-16 02:38 . 2015-04-16 02:38 -------- d-s---w- c:\windows\system32\CompatTel
2015-04-16 02:38 . 2015-04-16 02:38 -------- d-----w- c:\windows\system32\appraiser
2015-04-15 15:36 . 2015-03-25 03:24 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-04-15 15:30 . 2015-03-23 03:25 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-04-15 15:30 . 2015-03-23 03:24 419840 ----a-w- c:\windows\system32\devinv.dll
2015-04-15 15:30 . 2015-03-23 03:24 30720 ----a-w- c:\windows\system32\acmigration.dll
2015-04-15 15:30 . 2015-01-27 23:36 1239720 ----a-w- c:\windows\system32\aitstatic.exe
2015-04-15 15:30 . 2015-03-23 03:25 769536 ----a-w- c:\windows\system32\invagent.dll
2015-04-15 15:30 . 2015-03-23 03:24 192000 ----a-w- c:\windows\system32\aepic.dll
2015-04-15 15:30 . 2015-03-23 03:17 1111552 ----a-w- c:\windows\system32\aeinv.dll
2015-04-15 15:30 . 2015-03-23 03:24 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-04-15 15:01 . 2015-03-05 05:12 404480 ----a-w- c:\windows\system32\gdi32.dll
2015-04-15 15:01 . 2015-03-05 04:05 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-04-15 14:54 . 2015-02-25 03:18 754688 ----a-w- c:\windows\system32\drivers\http.sys
2015-04-15 14:49 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-04-15 14:49 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-04-15 14:49 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-04-10 17:41 . 2015-04-10 17:41 -------- d-----w- c:\program files (x86)\WinPcap
2015-04-05 22:58 . 2015-04-05 22:59 260181148 ----a-w- C:\registrybackupapril15.reg
2015-04-05 01:52 . 2015-04-05 01:52 -------- d-----w- C:\Downloads
2015-04-05 01:38 . 2015-04-21 01:35 -------- d-----w- c:\users\ROSHNI\AppData\Roaming\Free Download Manager
2015-04-05 01:38 . 2015-04-05 01:38 -------- d-----w- c:\users\ROSHNI\AppData\Roaming\FreeDownloadManager.ORG
2015-04-05 01:37 . 2015-04-05 01:37 -------- d-----w- c:\program files (x86)\Free Download Manager
2015-04-05 01:09 . 2015-04-05 01:09 -------- d-s---w- c:\windows\SysWow64\GWX
2015-04-05 01:09 . 2015-04-05 01:09 -------- d-s---w- c:\windows\system32\GWX
2015-04-05 00:59 . 2015-04-05 01:00 -------- d-----w- c:\programdata\Package Cache
2015-04-04 22:45 . 2015-04-04 22:45 -------- d-sh--w- c:\users\Guest\AppData\Local\EmieUserList
2015-04-04 22:45 . 2015-04-04 22:45 -------- d-sh--w- c:\users\Guest\AppData\Local\EmieSiteList
2015-04-04 22:45 . 2015-04-04 22:45 -------- d-sh--w- c:\users\Guest\AppData\Local\EmieBrowserModeList
2015-04-04 22:32 . 2015-04-04 22:32 -------- d-----w- c:\users\Guest\AppData\Local\Apple Computer
2015-04-04 22:32 . 2015-04-04 22:35 -------- d-----w- c:\users\Guest\AppData\Roaming\Apple Computer
2015-04-03 01:17 . 2015-04-04 22:34 -------- d-----w- c:\program files (x86)\iTunes
2015-04-03 01:17 . 2015-04-03 01:17 -------- d-----w- c:\program files\iPod
2015-04-03 01:17 . 2015-04-03 01:17 -------- d-----w- c:\program files\iTunes
2015-03-30 18:12 . 2015-04-16 21:15 -------- d-----w- c:\users\ROSHNI\AppData\Local\ElevatedDiagnostics
2015-03-29 23:25 . 2015-03-29 23:25 -------- d-----w- C:\SPLASH.SYS
2015-03-24 02:06 . 2015-03-24 02:06 -------- d-----w- c:\users\ROSHNI\AppData\Local\Programs
2015-03-24 01:32 . 2015-03-24 01:34 -------- d-----w- C:\Jumpshot
2015-03-24 01:22 . 2015-03-26 17:13 -------- d-----w- c:\windows\jumpshot.com
2015-03-24 01:14 . 2015-03-24 01:14 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-03-24 00:57 . 2015-03-24 00:57 364472 ----a-w- c:\windows\system32\aswBoot.exe
2015-03-24 00:57 . 2015-03-24 00:57 43112 ----a-w- c:\windows\avastSS.scr
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-21 13:02 . 2014-04-17 02:45 895088 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2015-04-21 13:02 . 2014-04-17 02:45 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2015-04-21 13:02 . 2014-04-24 02:17 710992 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2015-04-18 14:45 . 2014-04-24 02:17 895088 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2015-04-18 14:43 . 2014-04-24 02:17 42168 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2015-04-17 15:43 . 2014-04-17 02:45 710992 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2015-04-16 02:05 . 2014-11-24 02:03 128913832 ----a-w- c:\windows\system32\MRT.exe
2015-03-24 01:13 . 2014-08-16 15:50 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-03-24 00:57 . 2014-05-13 23:27 29168 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-03-24 00:57 . 2014-04-14 01:27 93528 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2015-03-24 00:57 . 2014-04-14 01:27 88408 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-03-24 00:57 . 2014-04-14 01:27 65736 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-03-24 00:57 . 2014-04-14 01:27 442264 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-03-24 00:57 . 2014-04-14 01:27 271200 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-03-24 00:57 . 2014-04-14 01:27 136752 ----a-w- c:\windows\system32\drivers\aswStm.sys
2015-03-24 00:57 . 2014-04-14 01:27 1047320 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2015-03-24 00:01 . 2014-10-01 10:50 778928 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-03-24 00:01 . 2014-10-01 10:50 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-17 04:56 . 2015-04-15 14:56 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-02-27 13:59 . 2015-02-27 13:59 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2015-02-27 13:58 . 2015-02-27 13:58 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-02-27 13:58 . 2015-02-27 13:58 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2015-02-27 13:58 . 2015-02-27 13:58 235008 ----a-w- c:\windows\system32\elshyph.dll
2015-02-27 13:58 . 2015-02-27 13:58 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2015-02-27 13:58 . 2015-02-27 13:58 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2015-02-27 13:58 . 2015-02-27 13:58 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2015-02-27 13:58 . 2015-02-27 13:58 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2015-02-27 13:58 . 2015-02-27 13:58 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2015-02-27 13:58 . 2015-02-27 13:58 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2015-02-27 13:58 . 2015-02-27 13:58 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2015-02-27 13:58 . 2015-02-27 13:58 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2015-02-27 13:58 . 2015-02-27 13:58 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2015-02-27 13:58 . 2015-02-27 13:58 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2015-02-27 13:58 . 2015-02-27 13:58 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2015-02-27 13:58 . 2015-02-27 13:58 942592 ----a-w- c:\windows\system32\jsIntl.dll
2015-02-27 13:58 . 2015-02-27 13:58 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2015-02-27 13:58 . 2015-02-27 13:58 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2015-02-27 13:58 . 2015-02-27 13:58 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2015-02-27 13:58 . 2015-02-27 13:58 48640 ----a-w- c:\windows\system32\mshtmler.dll
2015-02-27 13:58 . 2015-02-27 13:58 247808 ----a-w- c:\windows\system32\msls31.dll
2015-02-27 13:58 . 2015-02-27 13:58 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2015-02-27 13:58 . 2015-02-27 13:58 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2015-02-27 13:58 . 2015-02-27 13:58 105984 ----a-w- c:\windows\system32\iesysprep.dll
2015-02-27 13:58 . 2015-02-27 13:58 81408 ----a-w- c:\windows\system32\icardie.dll
2015-02-27 13:58 . 2015-02-27 13:58 77312 ----a-w- c:\windows\system32\tdc.ocx
2015-02-27 13:58 . 2015-02-27 13:58 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2015-02-27 13:58 . 2015-02-27 13:58 30208 ----a-w- c:\windows\system32\licmgr10.dll
2015-02-27 13:58 . 2015-02-27 13:58 243200 ----a-w- c:\windows\system32\webcheck.dll
2015-02-27 13:58 . 2015-02-27 13:58 235520 ----a-w- c:\windows\system32\url.dll
2015-02-27 13:58 . 2015-02-27 13:58 167424 ----a-w- c:\windows\system32\iexpress.exe
2015-02-27 13:58 . 2015-02-27 13:58 143872 ----a-w- c:\windows\system32\wextract.exe
2015-02-27 13:58 . 2015-02-27 13:58 101376 ----a-w- c:\windows\system32\inseng.dll
2015-02-27 13:58 . 2015-02-27 13:58 774144 ----a-w- c:\windows\system32\jscript.dll
2015-02-27 13:58 . 2015-02-27 13:58 62464 ----a-w- c:\windows\system32\pngfilt.dll
2015-02-27 13:58 . 2015-02-27 13:58 48128 ----a-w- c:\windows\system32\imgutil.dll
2015-02-27 13:58 . 2015-02-27 13:58 147968 ----a-w- c:\windows\system32\occache.dll
2015-02-27 13:58 . 2015-02-27 13:58 13824 ----a-w- c:\windows\system32\mshta.exe
2015-02-27 13:58 . 2015-02-27 13:58 135680 ----a-w- c:\windows\system32\iepeers.dll
2015-02-27 13:44 . 2015-02-27 13:44 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2015-02-27 13:44 . 2015-02-27 13:44 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2015-02-27 13:44 . 2015-02-27 13:44 363008 ----a-w- c:\windows\system32\dxgi.dll
2015-02-27 13:44 . 2015-02-27 13:44 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2015-02-27 13:44 . 2015-02-27 13:44 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2015-02-27 13:44 . 2015-02-27 13:44 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2015-02-27 13:44 . 2015-02-27 13:44 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-02-27 13:44 . 2015-02-27 13:44 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2015-02-27 13:44 . 2015-02-27 13:44 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2015-02-27 13:44 . 2015-02-27 13:44 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2015-02-27 13:44 . 2015-02-27 13:44 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2015-02-27 13:44 . 2015-02-27 13:44 296960 ----a-w- c:\windows\system32\d3d10core.dll
2015-02-27 13:44 . 2015-02-27 13:44 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2015-02-27 13:44 . 2015-02-27 13:44 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2015-02-27 13:44 . 2015-02-27 13:44 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2015-02-27 13:44 . 2015-02-27 13:44 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2015-02-27 13:44 . 2015-02-27 13:44 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2015-02-27 13:44 . 2015-02-27 13:44 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2015-02-27 13:44 . 2015-02-27 13:44 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2015-02-27 13:44 . 2015-02-27 13:44 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2015-02-27 13:44 . 2015-02-27 13:44 1238528 ----a-w- c:\windows\system32\d3d10.dll
2015-02-27 13:44 . 2015-02-27 13:44 1175552 ----a-w- c:\windows\system32\FntCache.dll
2015-02-26 03:28 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2015-02-26 03:28 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2015-02-26 03:25 . 2015-03-11 16:22 3204096 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\ROSHNI\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\ROSHNI\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 152544 ----a-w- c:\users\ROSHNI\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"GoogleChromeAutoLaunch_4C3BB2366B1390516BD41322EAC3CAFB"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-04-13 866120]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2014-08-07 43816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-05-26 317288]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-03-24 5512912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-07-01 18:49 98304 ------w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys;c:\windows\SYSNATIVE\DRIVERS\SFEP.sys [x]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe;c:\program files\Sony\VAIO Update Common\VUAgent.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-21 13:33 1307464 ----a-w- c:\program files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2015-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-04-21 13:32]
.
2015-04-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-04-21 13:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-03-24 00:57 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\ROSHNI\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\ROSHNI\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\ROSHNI\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12 185824 ----a-w- c:\users\ROSHNI\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-05 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-05 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-05 365592]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-24 7938080]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-24 1833504]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-02-13 169768]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>;<local>
IE: Download all with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files (x86)\Free Download Manager\dllink.htm
TCP: DhcpNameServer = 172.20.10.1
TCP: Interfaces\{A879E543-118B-4998-A1A4-B8F2EF6738FE}: NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{A879E543-118B-4998-A1A4-B8F2EF6738FE}\244575966496D277964786D264F4E4: NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{A879E543-118B-4998-A1A4-B8F2EF6738FE}\659647162696F675966496: NameServer = 192.168.43.1
TCP: Interfaces\{A879E543-118B-4998-A1A4-B8F2EF6738FE}\844534027796C64666962756023702165313035602: NameServer = 192.168.43.1
TCP: Interfaces\{A88C7279-C640-4C1A-B510-143C7B49D721}: NameServer = 208.67.222.222,208.67.220.220
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2015-04-23  01:30:20
ComboFix-quarantined-files.txt  2015-04-23 00:30
ComboFix2.txt  2015-04-23 00:00
.
Pre-Run: 97,806,569,472 bytes free
Post-Run: 97,739,587,584 bytes free
.
- - End Of File - - 68938D1ACC810CBAF261653B20344593
8F558EB6672622401DA993E1E865C861

THANK YOU IN ADVANCE FOR YOUR TIME. IT IS VERY MUCH APPRECIATED.

ROSHrrr
 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:10 AM

Posted 27 April 2015 - 08:15 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/574116 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 roshrrr

roshrrr
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 30 April 2015 - 02:18 AM

I have been CLOSELLY MONITORING THE VIRUS FORUM AND NOTED THAT MODERATORS ARE PICKING UP NEWER POSTS THEN MINE. And mine has been deliberately ignored. I still have the problem but I don't think I would like to be helped by you anymore. I am new here and have no posts at all and don't think this attitude is welcoming at all. I waited the 5days for both this post and the other one on "am I infected" and got no reply for either of them. Roshrrr

#4 roshrrr

roshrrr
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:10 PM

Posted 01 May 2015 - 05:53 PM

thanks . As I said, I don't think I would like to be helped by you anymore.

 

Why get the help of someone who has seen your posts, AND DELIBERATELY IGNORED THEM A NUMBER OF DAYS?????? I HAVE SEEN FOR 5 DAYS WHO HAS BEEN WORKING AND WHO HAS SEEN MY POST AND IGNORED THEM.

 

WOULD YOU LIKE TO BE HELPED BY SOMEONE WHO HAS DONE THAT TO YOU?????

 

DO YOU ACTUALLY THINK THAT, THE PERSON WHO HAS IGNORED YOUR POST FOR 5 DAYS , WANTS TO HELP YOU???? IF YOU ARE ALL VOLUNTEERS, YOU BETTER HIRE SOME PEOPLE, BECAUSE THE VOLUNTEERS HERE DON'T SEEM TO BE HAPPY AT ALL BY NOT GETTING PAID.



#5 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:10 PM

Posted 02 May 2015 - 12:42 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users