Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Disk Drive Icon [Closed]


  • This topic is locked This topic is locked

#1
Surprise1993

Surprise1993

    Member

  • Member
  • PipPip
  • 11 posts
I noticed after doing a virus scan (the virus can didnt find any viruses just so you know). I restarted the computer and now whenever i put a disk in the little icon doesnt show anymore. I have a picture to show what i'm talking about.

Image: http://imgur.com/EWMPWQs

I'm not sure if there is a fix but its kind of annoying and i hope to get my icons back instead of this drive + disk icon.

Like for example it should show my Call of duty 4 disk icon. I'm sure you'll know what I'm talking about.

Thanks for the help in advance!
  • 0

Advertisements


#2
SpywareDr

SpywareDr

    Member 3k

  • Member
  • PipPipPipPipPipPip
  • 3,115 posts
Have you tried using Windows' "System Restore" to roll Windows back to a previous state when your computer was functioning correctly? It allows you to undo system changes without affecting your personal files, such as e-mail, documents, or photos.

Microsoft.com > Windows 7


  • 0

#3
Surprise1993

Surprise1993

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
I could try that yeah. I was thinking about it last night actually.
  • 0

#4
Surprise1993

Surprise1993

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
System Restore did NOT make the icons come back on the cd drive icon when a disk is inserted.
  • 0

#5
SpywareDr

SpywareDr

    Member 3k

  • Member
  • PipPipPipPipPipPip
  • 3,115 posts
Sorry to hear that. Hopefully someone else will be along soon with some other ideas.
  • 0

#6
Surprise1993

Surprise1993

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Yeah hopefully. Thanks for the help though! anything is appreciated!
  • 0

#7
SpywareDr

SpywareDr

    Member 3k

  • Member
  • PipPipPipPipPipPip
  • 3,115 posts
You're welcome. Got my fingers crossed for you.
  • 0

#8
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
What virus scan did you run?
  • 0

#9
Surprise1993

Surprise1993

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
I used the program called ComboFix. It was recommended by a friend. The thing is i had no viruses.
  • 0

#10
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
What made you decide to run ComboFix (besides the recommendation)? Was your computer having trouble?

How do you know your computer is not infected? Combofix is not meant to be run as an ordinary virus scanner and does not function like one. It produces a log that is meant to be analyzed by someone with experience in malware removal. It is very powerful and can cause damage to your computer if not used correctly.

If you suspect malware on your PC, I would recommend starting a topic in the Malware Removal Forum.
  • 0

Advertisements


#11
Surprise1993

Surprise1993

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
I've used MalwareBytes and ran my Avast scan they say my computer is clean. I DID have a virus a few weeks ago but I KNOW i got rid of it. He just said to use this to "make sure". Apparently ComboFix must have done something..?
  • 0

#12
Buddierdl

Buddierdl

    Trusted Helper

  • Malware Removal
  • 2,524 posts
Hi Surprise,

Let's take a look at something:


Please download MiniRegTool64.zip and unzip it.
  • Run the tool.
  • Copy and paste the following into the edit box:

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom

  • Check Export keys radio button.
  • Press Go button and post the result.

  • 0

#13
Surprise1993

Surprise1993

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Hello! Sorry for the late reply. With the Holidays and what not. Been busy! Anyways I did what you asked and heres the result!




Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDrives"=dword:00000000

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\run]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDrives"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom]
"Start"=dword:00000001
"Type"=dword:00000001
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,\
52,00,49,00,56,00,45,00,52,00,53,00,5c,00,63,00,64,00,72,00,6f,00,6d,00,2e,\
00,73,00,79,00,73,00,00,00
"DisplayName"="CD-ROM Driver"
"Group"="SCSI CDROM Class"
"DriverPackageId"="cdrom.inf_amd64_neutral_8363d00ecae4322d"
"AutoRun"=dword:00000001
"AutoRunAlwaysDisable"=hex(7):4e,00,45,00,43,00,20,00,20,00,20,00,20,00,20,00,\
4d,00,42,00,52,00,2d,00,37,00,20,00,20,00,20,00,00,00,4e,00,45,00,43,00,20,\
00,20,00,20,00,20,00,20,00,4d,00,42,00,52,00,2d,00,37,00,2e,00,34,00,20,00,\
00,00,50,00,49,00,4f,00,4e,00,45,00,45,00,52,00,20,00,43,00,48,00,41,00,4e,\
00,47,00,52,00,20,00,44,00,52,00,4d,00,2d,00,31,00,38,00,30,00,34,00,58,00,\
00,00,50,00,49,00,4f,00,4e,00,45,00,45,00,52,00,20,00,43,00,44,00,2d,00,52,\
00,4f,00,4d,00,20,00,44,00,52,00,4d,00,2d,00,36,00,33,00,32,00,34,00,58,00,\
00,00,50,00,49,00,4f,00,4e,00,45,00,45,00,52,00,20,00,43,00,44,00,2d,00,52,\
00,4f,00,4d,00,20,00,44,00,52,00,4d,00,2d,00,36,00,32,00,34,00,58,00,20,00,\
00,00,54,00,4f,00,52,00,69,00,53,00,41,00,4e,00,20,00,43,00,44,00,2d,00,52,\
00,4f,00,4d,00,20,00,43,00,44,00,52,00,5f,00,43,00,33,00,36,00,00,00,00,00
"Tag"=dword:00000003

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Parameters]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Parameters\Wdf]
"WdfMajorVersion"=dword:00000001
"WdfMinorVersion"=dword:00000009
"TimeOfLastSqmLog"=hex(b):a0,f1,6a,9c,38,03,cf,01

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\Enum]
"0"="IDE\\CdRomLITE-ON_DVDRW_LH-20A1P__________________KL0N____\\5&84e948c&0&0.0.0"
"Count"=dword:00000002
"NextInstance"=dword:00000002
"1"="SCSI\\CdRom&Ven_HL-DT-ST&Prod_DVDRAM_GH15F\\4&3197298a&0&010100"
  • 0

#14
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,962 posts
Moved by moderator to the Malware Removal forum. Please post the contents of the C:\Combofix.txt file. It will be reviewed by an expert.
  • 0

#15
Surprise1993

Surprise1993

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
I'm curious about my previous post and what you guys are looking for in that? Since Buddierdl never replied.

But anyways here is my combofix.txt file.


Combofix Log:


ComboFix 13-12-18.01 - Curtis 12/19/2013 15:24:26.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2046.842 [GMT -6:00]
Running from: c:\users\Curtis\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2013-11-19 to 2013-12-19 )))))))))))))))))))))))))))))))
.
.
2013-12-19 21:58 . 2013-12-19 21:58 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-12-19 21:58 . 2013-12-19 21:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-12-14 20:05 . 2013-12-14 20:05 -------- d-----w- c:\windows\Migration
2013-12-14 19:20 . 2013-11-18 07:28 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1536777F-1B3E-4DDF-B8BB-0B4F30B39E92}\mpengine.dll
2013-12-14 19:15 . 2013-07-20 10:33 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-12-14 19:15 . 2013-07-20 10:33 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-10 21:39 . 2013-12-10 21:39 9293192 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-12-06 19:54 . 2013-12-06 19:54 -------- d-----w- c:\users\Curtis\AppData\Roaming\Malwarebytes
2013-12-06 19:54 . 2013-12-06 19:54 -------- d-----w- c:\programdata\Malwarebytes
2013-12-06 19:54 . 2013-12-06 19:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-12-06 19:54 . 2013-04-04 20:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-12-06 08:22 . 2013-12-06 08:24 -------- d-----w- c:\program files (x86)\MyPC Backup
2013-12-06 08:22 . 2013-12-06 22:14 -------- d-----w- c:\programdata\Conduit
2013-12-06 08:21 . 2013-12-06 08:21 -------- d-----w- c:\users\Curtis\AppData\Local\NativeMessaging
2013-12-06 08:21 . 2013-12-06 08:25 -------- d-----w- c:\users\Curtis\AppData\Local\Conduit
2013-12-06 08:21 . 2013-12-06 08:21 -------- d-----w- c:\users\Curtis\AppData\Local\CRE
2013-12-06 08:21 . 2013-12-06 08:22 -------- d-----w- c:\program files (x86)\Conduit
2013-12-04 05:45 . 2013-12-04 05:47 -------- d-----w- c:\program files (x86)\Call of Duty Game of the Year Edition
2013-11-28 22:10 . 2013-11-28 22:10 -------- d-----w- c:\users\Curtis\AppData\Local\IsolatedStorage
2013-11-28 22:09 . 2013-11-28 22:17 -------- d-----w- c:\program files (x86)\TunnelBear
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-10 21:39 . 2013-03-01 05:34 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-10 21:39 . 2013-03-01 05:34 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-06 19:45 . 2013-03-01 23:38 151552 ----a-w- c:\windows\KMSEmulator.exe
2013-11-19 09:33 . 2010-11-21 03:27 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-16 22:20 . 2013-02-28 18:56 65264 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-11-16 22:20 . 2013-02-28 18:56 1032416 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-16 22:20 . 2013-02-28 18:56 205320 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-11-16 22:20 . 2013-02-28 18:56 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-11-16 22:20 . 2013-02-28 18:56 409832 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-11-16 22:20 . 2013-02-28 18:56 38984 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-11-16 22:20 . 2013-02-28 18:56 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-11-16 22:20 . 2013-02-28 18:56 84328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-16 22:20 . 2013-02-28 18:56 334648 ----a-w- c:\windows\system32\aswBoot.exe
2013-11-16 22:20 . 2013-02-28 18:56 43152 ----a-w- c:\windows\avastSS.scr
2013-11-01 06:51 . 2013-11-01 06:51 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2013-11-01 06:51 . 2013-11-01 06:51 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-11-01 06:51 . 2013-11-01 06:51 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2013-11-01 06:51 . 2013-11-01 06:51 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-10-23 19:04 . 2013-10-23 19:05 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-10-23 19:04 . 2013-10-23 19:05 312744 ----a-w- c:\windows\system32\javaws.exe
2013-10-23 19:04 . 2013-10-23 19:05 189352 ----a-w- c:\windows\system32\javaw.exe
2013-10-23 19:04 . 2013-10-23 19:05 189352 ----a-w- c:\windows\system32\java.exe
2013-10-23 18:57 . 2013-10-23 18:57 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Razer Blackwidow Driver"="c:\program files (x86)\Razer\BlackWidow Ultimate\BlackWidowUltimateTray.exe" [2011-05-16 887712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-15 152392]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-16 3568312]
"20131121"="c:\program files\AVAST Software\Avast\setup\emupdate\56fadd09-8506-485e-a94a-e42eb327ca74.exe" [2013-11-23 180184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ArcService;Arc Service;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 RTL8023x64;Realtek 10/100 NIC Family NDIS x64 Driver;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys;c:\windows\SYSNATIVE\DRIVERS\RzSynapse.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 01:38 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-01 21:39]
.
2013-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-28 18:56]
.
2013-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-28 18:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-16 22:20 326944 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-27 12681320]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-BattlEye for OA - c:\program files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\Expansion\BattlEye\UnInstallBE.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2343603387-3551117450-3383419963-1000\Software\SecuROM\License information*]
"datasecu"=hex:fc,72,f3,8b,19,97,f8,2e,4a,3e,9d,3f,40,9f,66,29,e8,39,57,f1,20,
35,1f,18,81,98,7e,fe,f2,dc,ae,19,ef,57,58,00,23,d1,bc,9a,2f,00,75,e8,42,d7,\
"rkeysecu"=hex:02,01,55,15,91,15,0d,4c,0b,89,50,e8,49,db,71,7e
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-12-19 16:09:29
ComboFix-quarantined-files.txt 2013-12-19 22:09
.
Pre-Run: 331,367,985,152 bytes free
Post-Run: 334,953,881,600 bytes free
.
- - End Of File - - 6FED894FFC0D41A8FF5BB7F274BDDF82
A36C5E4F47E84449FF07ED3517B43A31




I've already taken care of the Conduit and MyPC Backup stuff.

Edited by Surprise1993, 28 December 2013 - 04:04 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP