Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Claro home page hijack [Solved]

Started by GoingMod , Nov 13 2012 12:04 PM

  • This topic is locked This topic is locked

#16
GoingMod
Posted 14 November 2012 - 01:49 PM

GoingMod

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
i dont see that so ill run it again
  • 0

Advertisements

#17
GoingMod
Posted 14 November 2012 - 07:43 PM

GoingMod

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
sorry it took so long somthing came up here it is. Probs I had 1. seems like it stopped at 48 so I restarted it thats was about it. My pc seems fine now like before claro.

ComboFix 12-11-14.01 - Archetype 11/14/2012 20:09:45.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.16339.13325 [GMT -5:00]
Running from: c:\users\Archetype\Desktop\ComboFix.exe
AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\ARCHET~1\AppData\Local\Temp\acc98a83-4789-42d6-8c8f-ba0c09eb1879\CliSecureRT.dll
c:\users\Archetype\AppData\Local\Temp\acc98a83-4789-42d6-8c8f-ba0c09eb1879\CliSecureRT.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-10-15 to 2012-11-15 )))))))))))))))))))))))))))))))
.
.
2012-11-15 01:24 . 2012-11-15 01:24 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-11-15 01:24 . 2012-11-15 01:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-14 20:00 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-14 20:00 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-14 20:00 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-14 20:00 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-14 19:56 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-14 19:56 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-14 19:56 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-14 19:56 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-14 19:56 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-14 19:56 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-14 19:56 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-12 21:55 . 2012-11-12 21:55 -------- d-----w- c:\users\Archetype\AppData\Roaming\Malwarebytes
2012-11-12 21:55 . 2012-11-12 21:55 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-12 21:55 . 2012-11-12 21:55 -------- d-----w- c:\programdata\Malwarebytes
2012-11-12 21:55 . 2012-09-30 00:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-12 21:33 . 2012-11-12 21:33 -------- d-----w- c:\programdata\Browser Manager
2012-11-12 20:56 . 2012-11-13 00:23 -------- d-----w- c:\users\Archetype\AppData\Local\Doom Builder
2012-11-12 20:53 . 2012-08-23 15:09 3072 ----a-w- c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2012-11-12 20:36 . 2012-11-12 20:36 -------- d-----w- c:\users\Archetype\AppData\Local\gamemaker_studio
2012-11-12 20:36 . 2012-11-12 20:36 -------- d-----w- c:\programdata\gamemaker_studio
2012-11-08 05:15 . 2012-11-08 05:15 -------- d-----w- c:\users\Archetype\AppData\Local\{55061FB0-05F6-4AE4-939C-2227AD5B7953}
2012-11-07 01:50 . 2012-08-21 18:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-11-07 01:50 . 2012-11-07 01:50 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-11-07 01:50 . 2012-11-07 01:50 -------- d-----w- c:\program files\iTunes
2012-11-07 01:50 . 2012-11-07 01:50 -------- d-----w- c:\program files\iPod
2012-11-02 00:58 . 2012-11-02 00:58 -------- d-----w- c:\users\Archetype\AppData\Roaming\CadSoft
2012-11-01 16:48 . 2012-11-01 16:48 289768 ----a-w- c:\windows\system32\javaws.exe
2012-11-01 16:48 . 2012-11-01 16:48 189416 ----a-w- c:\windows\system32\javaw.exe
2012-11-01 16:48 . 2012-11-01 16:48 188904 ----a-w- c:\windows\system32\java.exe
2012-11-01 16:48 . 2012-11-01 16:48 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-11-01 16:48 . 2012-11-01 16:48 -------- d-----w- c:\program files\Java
2012-11-01 16:48 . 2012-11-01 16:48 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-11-01 16:17 . 2012-11-01 16:45 -------- d-----w- c:\users\Archetype\AppData\Local\ESN Sonar
2012-10-30 02:11 . 2012-10-30 02:11 -------- d-----w- c:\users\Archetype\AppData\Local\FalloutNV
2012-10-29 02:19 . 2012-10-29 02:19 148480 ----a-w- c:\windows\SysWow64\rztouchdll.dll
2012-10-29 02:18 . 2012-10-29 02:18 617472 ----a-w- c:\windows\SysWow64\rzdevicedll.dll
2012-10-29 02:18 . 2012-10-29 02:18 165888 ----a-w- c:\windows\SysWow64\rzaudiodll.dll
2012-10-25 14:20 . 2012-11-09 20:26 -------- d-----w- c:\users\Archetype\.gimp-2.8
2012-10-25 14:20 . 2012-10-25 14:20 -------- d-----w- c:\users\Archetype\AppData\Local\gegl-0.2
2012-10-25 14:20 . 2012-10-25 14:20 -------- d-----w- c:\users\Archetype\AppData\Local\fontconfig
2012-10-25 02:18 . 2012-10-25 02:18 113664 ----a-w- c:\windows\system32\drivers\rzudd.sys
2012-10-19 19:29 . 2012-10-24 17:50 96224 ----a-w- c:\program files (x86)\Mozilla Firefox\webapprt-stub.exe
2012-10-19 19:29 . 2012-10-24 17:50 157272 ----a-w- c:\program files (x86)\Mozilla Firefox\webapp-uninstaller.exe
2012-10-19 19:29 . 2012-10-24 17:50 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-10-17 17:01 . 2012-10-17 17:59 -------- d-----w- c:\programdata\dl_Cats
2012-10-17 17:00 . 2009-07-02 16:43 177664 ----a-w- c:\windows\system32\Spool\prtprocs\x64\dldtdrpp.dll
2012-10-16 20:35 . 2012-10-16 23:00 -------- d-----w- c:\program files (x86)\StarCraft II
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-15 01:05 . 2012-08-04 23:45 1048576 ----a-w- c:\windows\PE_Rom.dll
2012-11-14 19:56 . 2012-08-05 00:16 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-01 16:48 . 2012-10-06 00:20 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-01 16:48 . 2012-10-06 00:20 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-01 16:19 . 2012-08-05 22:51 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-11-01 16:19 . 2012-08-05 12:23 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-10-29 22:27 . 2012-08-05 12:23 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-10-14 19:23 . 2012-08-05 12:23 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-10-12 00:35 . 2012-10-12 22:39 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe
2012-10-09 12:34 . 2012-08-05 02:42 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-09 12:34 . 2012-08-05 02:42 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-02 22:21 . 2012-09-15 01:58 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-02 22:21 . 2012-08-05 01:01 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-02 22:21 . 2012-08-05 01:01 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-02 22:21 . 2012-08-05 01:01 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-02 22:21 . 2012-08-05 01:01 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-02 22:21 . 2012-08-05 01:01 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-02 22:21 . 2012-08-05 01:01 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-02 22:21 . 2012-08-05 01:01 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-02 22:21 . 2012-08-05 01:01 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-10-02 20:09 . 2012-10-02 20:09 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-02 20:09 . 2012-10-02 20:09 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-02 19:51 . 2012-08-05 01:02 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-10-02 19:51 . 2012-08-05 01:02 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2012-08-05 01:02 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2012-08-05 01:02 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2012-08-05 01:02 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:50 . 2012-08-05 01:02 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 17:15 . 2012-10-02 17:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-09-14 19:19 . 2012-10-10 02:18 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 02:18 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-10 01:07 . 2012-09-10 01:07 560184 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-09-02 23:49 . 2012-09-02 23:50 1560168 ----a-w- c:\windows\system32\RTSnMg64.cpl
2012-09-02 23:49 . 2012-09-02 23:50 1706640 ----a-w- c:\windows\RtlExUpd.dll
2012-08-31 18:19 . 2012-10-10 02:18 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 02:18 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 02:18 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 02:18 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-28 21:01 . 2009-08-18 16:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2012-08-28 21:00 . 2009-08-18 15:24 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-08-24 18:05 . 2012-10-10 02:18 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 02:18 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-23 08:03 . 2012-08-23 08:03 644400 ----a-w- c:\windows\SysWow64\mscomct2.ocx
2012-08-22 18:12 . 2012-09-13 01:50 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-13 01:30 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-13 01:30 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-25 19:42 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 20:16 . 2012-08-10 02:06 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-08-21 20:16 . 2012-08-10 02:06 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-08-21 20:16 . 2012-08-10 02:06 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-08-21 20:16 . 2012-08-10 02:06 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-08-21 18:01 . 2012-08-05 02:11 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 18:01 . 2012-08-05 02:11 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-20 18:48 . 2012-10-10 02:18 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-10 02:18 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-10 02:18 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-10 02:18 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-10 02:18 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-10 02:18 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-10 02:18 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-10 02:18 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-10 02:18 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 02:18 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-10 02:18 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-10 02:18 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-10 02:18 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-10 02:18 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-10 02:18 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:32 . 2012-10-10 02:18 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 02:18 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 02:18 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 02:18 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 02:18 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 02:18 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="i:\program files\File Hippo\FileHippo.com\UpdateChecker.exe" [2012-03-26 306688]
"Steam"="i:\program files\Steam\steam.exe" [2012-08-05 1353080]
"DAEMON Tools Lite"="i:\program files\Daemon Tools\DAEMON Tools Lite\DTLite.exe" [2012-08-28 3671904]
"WhatPulse"="i:\program files\What Pulse\WhatPulse\WhatPulse.exe" [2011-11-15 3990528]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-10-19 17875120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-21 291648]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2011-10-31 465536]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"ASUS WiFi GO! FileTransfer Execute"="c:\program files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe" [2012-06-08 1384608]
"Zboard"="c:\program files (x86)\Ideazon\ZEngine\Zboard.exe" [2011-02-22 182784]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"MSUTray"="c:\program files (x86)\Marvell\storage\tray\MarvellTray.exe" [2011-04-07 1202216]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2012-10-19 336304]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-06-25 1073352]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-24 926896]
"iTunesHelper"="i:\program files\iTunes\iTunesHelper.exe" [2012-09-10 421776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-11-28 1338656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 dldtCATSCustConnectService;dldtCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\dldtserv.exe [2009-07-09 33448]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944]
R3 ASUSstpt;ASUS USB 3.0 Boost Storage Driver (Storage Driver);c:\windows\system32\DRIVERS\ASUSstpt.sys [2011-09-15 24648]
R3 ASUSumsc;ASUS USB 3.0 Boost Storage Driver (WDM);c:\windows\system32\DRIVERS\ASUSumsc.sys [2011-09-15 141896]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe [2012-08-28 131912]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2011-05-27 160768]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-08-05 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys [2012-01-06 49760]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-05-21 19264]
S0 mv91cons;Marvell 91xx Config Device Driver;c:\windows\system32\DRIVERS\mv91cons.sys [2011-09-21 25904]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0604000.009\SYMDS64.SYS [2012-03-29 451192]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0604000.009\SYMEFA64.SYS [2012-05-22 1129120]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20121106.001\BHDrvx64.sys [2012-10-23 1384608]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\0604000.009\ccSetx64.sys [2012-06-07 167072]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20121114.001\IDSvia64.sys [2012-09-06 513184]
S1 MfeASKM;McAfee Application Statistics Device Driver;c:\program files\McAfee\AppStats\MfeASKM.sys [2012-08-06 31408]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys [2012-05-31 32400]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0604000.009\Ironx64.SYS [2012-03-29 190072]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0604000.009\SYMNETS.SYS [2012-03-29 405624]
S1 VDiskBus;ASUS Disk Unlocker;c:\windows\system32\DRIVERS\VDiskBus64.sys [2010-09-21 43136]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-06-01 920736]
S2 ASDiskUnlocker;ASDiskUnlocker;c:\program files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [2010-12-02 258688]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-06-01 951936]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120]
S2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe [2012-05-18 324608]
S2 dldt_device;dldt_device;c:\windows\system32\dldtcoms.exe [2009-07-09 1044648]
S2 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-01-24 233328]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-30 13592]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-03 628448]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2011-11-09 189608]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-01-20 161560]
S2 Marvell Storage Management;Marvell Storage Management Service;c:\program files (x86)\Marvell\storage\svc\mvraidsvc.exe [2011-04-07 345128]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2012-10-23 103472]
S2 MfeASUM;McAfee Application Statistics Service;c:\program files\McAfee\AppStats\MfeASUM.exe [2012-08-06 200768]
S2 MSUWebService;MSU Web Service;c:\program files (x86)\Marvell\storage\Apache2\bin\httpd.exe [2010-09-02 24645]
S2 N360;Norton 360;c:\program files (x86)\Norton 360 Premier Edition\Engine\6.4.0.9\ccSvcHst.exe [2012-06-16 138272]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2012-11-05 548264]
S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2012-10-17 386920]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-01-20 363800]
S3 AiCharger;AiCharger;SysWow64\drivers\AiCharger.sys [x]
S3 ASFLTDrv.sys;ASFLTDrv.sys;c:\program files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [2010-09-17 16512]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2012-02-21 130536]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2012-02-21 396776]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys [x]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys [2011-11-03 134696]
S3 BcmVWL;Broadcom Virtual Wireless;c:\windows\system32\DRIVERS\bcmvwl64.sys [2012-08-05 21568]
S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys [2011-09-20 620584]
S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys [2011-05-20 89640]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2011-02-13 39976]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-08-15 138912]
S3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);c:\windows\system32\DRIVERS\ICCWDT.sys [2012-05-17 26136]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-05-21 357184]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-05-21 789824]
S3 Mv_Process;Marvell process notification.;c:\windows\syswow64\mv_process.sys [2011-02-25 14376]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-09-29 646248]
S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys [2012-10-25 113664]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-05 12:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2012-08-07 7138816]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-06-07 1212048]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "i:\program files\Stardock\Fences\Stardock\Fences Pro\FencesMenu64.dll" [2011-06-08 464744]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
FF - ProfilePath - c:\users\Archetype\AppData\Roaming\Mozilla\Firefox\Profiles\0jv20tjr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.overclock.net/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-09-16 18:21; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
AddRemove-uTorrent - i:\program files\?Torrent\uTorrent.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
"ImagePath"="\"c:\program files (x86)\Norton 360 Premier Edition\Engine\6.4.0.9\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360 Premier Edition\Engine\6.4.0.9\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2175408307-2540822077-2711986752-1000\Software\SecuROM\License information*]
"datasecu"=hex:57,73,40,cc,5f,f5,6e,ab,7f,d3,29,a4,04,0a,a9,f3,8f,be,cb,f9,e5,
34,c6,de,8f,34,98,ff,33,45,25,25,e9,5e,25,bd,b8,fd,d9,de,22,30,38,1a,41,29,\
"rkeysecu"=hex:7d,40,10,cb,c7,39,e0,67,0a,69,a8,47,07,da,5b,5c
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\rundll32.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
.
**************************************************************************
.
Completion time: 2012-11-14 20:38:15 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-15 01:38
.
Pre-Run: 45,879,492,608 bytes free
Post-Run: 45,520,314,368 bytes free
.
- - End Of File - - AB670D14F097E8C66C68C78C3EAD99D1
  • 0

#18
gringo_pr
Posted 14 November 2012 - 07:55 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

I want to make sure I understand that the computer is fine at this time?

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
  • 0

#19
GoingMod
Posted 14 November 2012 - 08:55 PM

GoingMod

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
sorry dident mean to repost

Edited by GoingMod, 14 November 2012 - 08:56 PM.

  • 0

#20
GoingMod
Posted 14 November 2012 - 09:00 PM

GoingMod

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
for killer 499 objects scaned none infected and dont see where to ask for a report is. starting aswMBR
  • 0

#21
gringo_pr
Posted 14 November 2012 - 09:13 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
:thumbsup:
  • 0

#22
GoingMod
Posted 14 November 2012 - 09:15 PM

GoingMod

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
ok so i ran the last one and updated the thing and went to us the restroom and i come back and it says windows blue-screaned so ill try again lol this time ill be there tho heres what windows said


Problem signature:

Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.768.3
Locale ID: 1033

Additional information about the problem:
BCCode: 109
BCP1: A3A039D8B56D87CC
BCP2: B3B7465F07EBC4D2
BCP3: FFFFF880037E25C0
BCP4: 0000000000000002
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1

Files that help describe the problem:
C:\Windows\Minidump\111412-19921-01.dmp
C:\Users\Archetype\AppData\Local\Temp\WER-30154-0.sysdata.xml

Read our privacy statement online:
http://go.microsoft....88&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt
  • 0

#23
GoingMod
Posted 14 November 2012 - 09:20 PM

GoingMod

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
ok it finished. Hey thx again for all this help gringo!!!!


aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-14 22:15:59
-----------------------------
22:15:59.288 OS Version: Windows x64 6.1.7601 Service Pack 1
22:15:59.288 Number of processors: 4 586 0x3A09
22:15:59.289 ComputerName: BIG_BLUE UserName:
22:15:59.434 Initialize success
22:16:04.251 AVAST engine defs: 12111401
22:16:12.583 The log file has been saved successfully to "C:\Users\Archetype\Desktop\aswMBR.txt"
22:16:24.213 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000007d
22:16:24.214 Disk 0 Vendor: OCZ-VERT 2.22 Size: 114473MB BusType: 11
22:16:24.216 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000007e
22:16:24.217 Disk 1 Vendor: WDC_WD10 15.0 Size: 953869MB BusType: 11
22:16:24.218 Disk 0 MBR read successfully
22:16:24.219 Disk 0 MBR scan
22:16:24.222 Disk 0 Windows 7 default MBR code
22:16:24.224 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:16:24.226 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 114371 MB offset 206848
22:16:24.231 Disk 0 scanning C:\Windows\system32\drivers
22:16:26.752 Service scanning
22:16:38.182 Modules scanning
22:16:38.509 Disk 0 trace - called modules:
22:16:38.515 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa800c87b2c0]<<sptd.sys storport.sys hal.dll mvs91xx.sys
22:16:38.517 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800d052060]
22:16:38.519 3 CLASSPNP.SYS[fffff8800201743f] -> nt!IofCallDriver -> \Device\0000007d[0xfffffa800cd7c8b0]
22:16:38.521 \Driver\mvs91xx[0xfffffa800cd784b0] -> IRP_MJ_CREATE -> 0xfffffa800c87b2c0
22:16:38.607 AVAST engine scan C:\Windows
22:16:39.111 AVAST engine scan C:\Windows\system32
22:18:09.501 AVAST engine scan C:\Windows\system32\drivers
22:18:13.868 AVAST engine scan C:\Users\Archetype
22:18:35.201 AVAST engine scan C:\ProgramData
22:18:49.244 Scan finished successfully
22:18:57.284 Disk 0 MBR has been saved successfully to "C:\Users\Archetype\Desktop\MBR.dat"
22:18:57.286 The log file has been saved successfully to "C:\Users\Archetype\Desktop\aswMBR.txt"
22:19:28.984 Disk 0 MBR has been saved successfully to "C:\Users\Archetype\Desktop\MBR.dat"
22:19:28.986 The log file has been saved successfully to "C:\Users\Archetype\Desktop\aswMBR.txt"
  • 0

#24
gringo_pr
Posted 14 November 2012 - 09:24 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
how is the computer doing at this time?


gringo
  • 0

#25
GoingMod
Posted 14 November 2012 - 09:26 PM

GoingMod

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
seems like it was before claro
  • 0

Advertisements

#26
gringo_pr
Posted 14 November 2012 - 10:00 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
  • 0

#27
GoingMod
Posted 14 November 2012 - 10:05 PM

GoingMod

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
I posted it above. Did u want me to run it again?
  • 0

#28
gringo_pr
Posted 14 November 2012 - 10:11 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
different report
  • 0

#29
GoingMod
Posted 14 November 2012 - 10:19 PM

GoingMod

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
ok ill do that
  • 0

#30
GoingMod
Posted 14 November 2012 - 10:22 PM

GoingMod

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts
µTorrent
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS6
Adobe Reader XI
Adobe Shockwave Player 11.6
AI Suite II
Alan Wake
Amnesia: The Dark Descent
Apple Application Support
Apple Software Update
Asmedia ASM104x USB 3.0 Host Controller Driver
Asmedia ASM106x SATA Host Controller Driver
Batman: Arkham City GOTY
Battlefield 3™
Bone: Out from Boneville
Call of Duty: Modern Warfare 3
Call of Duty: Modern Warfare 3 - Multiplayer
Check vs. Mate
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Cosmic Osmo
Counter-Strike: Global Offensive Beta
Counter-Strike: Source
Cryostasis
Curse Client
DAEMON Tools Lite
Dead Space
Dear Esther
DeskScapes
Desura
Desura: Black Mesa
Deus Ex: Human Revolution
Diablo III
Disk Unlocker
DOOM 3
DOOM 3: BFG Edition
DOOM 3: Resurrection of Evil
Doom Builder 2.1
DOOM II: [bleep] on Earth
Doomsday Engine 1.9.9
Dual-Core Optimizer
DUNGEONS - Steam Special Edition
Dungeons & Dragons Online®
Dystopia
ESN Sonar
EVGA OC Scanner X 2.1.2
Fallout
Fallout: New Vegas
Fences Pro
FileHippo.com Update Checker
Fraps
GameMaker: Studio
Garry's Mod
Guild Wars 2
Hacker Evolution
Half-Life
Half-Life 2
Half-Life 2: Episode One
Half-Life 2: Episode Two
Half-Life: Source
Hi-Rez Studios Authenticate and Update Service
Hitman: Blood Money
Intel® Control Center
Intel® Management Engine Components
Intel® Rapid Storage Technology
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® Watchdog Timer Driver (Intel® WDT)
Killing Floor
Left 4 Dead 2
Left 4 Dead 2 Add-on Support
Legend of Grimrock
Magic: The Gathering - Duels of the Planeswalkers 2013
Magic: The Gathering – Tactics
Malwarebytes Anti-Malware version 1.65.1.1000
Manhole
marvell 91xx driver
Marvell Storage Utility V4
Master Levels for DOOM II
McAfee SiteAdvisor
Medal of Honor ™
Metro 2033
Microsoft .NET Framework 1.1
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
Norton 360 Premier Edition
Notepad++
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Oddworld: Abe's Oddysee
OpenAL
Origin
PDF Settings CS6
Penumbra: Black Plague
PunkBuster Services
Quake 4
QuickTime
RAGE
Razer Synapse 2.0
realMyst
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Resident Evil™: Operation Raccoon City
RuneScape Launcher 1.2.2
S.T.A.L.K.E.R.: Shadow of Chernobyl
Sam & Max 105: Reality 2.0
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
SketchUp 8
SkinStudio 7
Skype Click to Call
Skype™ 6.0
Sniper: Ghost Warrior
Source SDK Base 2007
Splashtop Streamer
Star Trek Online
Star Wars: Knights of the Old Republic
StarCraft II
Steam
Strong Bad Episode 1: Homestar Ruiner
swMSM
Tales of Monkey Island: Chapter 1 - Launch of the Screaming Narwhal
Team Fortress 2
TechPowerUp GPU-Z
The Elder Scrolls V: Skyrim
The Ship Single Player
The Ultimate DOOM
The Walking Dead
Tribes: Ascend
Unreal Tournament 3: Black Edition
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Uplink
Uru: Complete Chronicles
Wallace & Gromit Ep 1: Fright of the Bumblebees
WhatPulse 1.7.1
WindowBlinds
WindowFX
World of Warcraft
Z Engine
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP