Jump to content

Welcome Guest to Geeks to Go - Register now for FREE
Geeks To Go is a helpful hub, where thousands of friendly volunteers serve up answers and support. Get free advice from the experts. Feel free to browse the site as a guest. However, you must log in to reply to existing topics or start a new topic of your own, and enjoy all this forum has to offer. Additionally, if you can assist another member by sharing your knowledge, please post a reply! Best of all - Registration and all assistance, is FREE! Learn more about How it Works. Infected? Malware Cleaning Guide. What are you waiting for?
Create an Account Login to Account

Day 3 of dropping offline


  • Please log in to reply

#1
navymandan

navymandan

    Member

  • Member
  • PipPip
  • 18 posts
My desktop has been running fine, up until the past week or so. I play an online game, and it has been disconnecting me from the server at random times, for no reason. This hasn't happened before, and seems to happen continuously for hours, then not at all for days. Yes, I have checked, and nothing appears to be running in the background.

Not sure where to start.
  • 0

Similar Topics: Day 3 of dropping offline     x


#2
navymandan

navymandan

    Member

  • Member
  • PipPip
  • 18 posts
ComboFix 14-02-20.01 - Daniel Benton 02/22/2014 18:26:10.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8119.6139 [GMT -6:00]
Running from: C:\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\DRM\6084.tmp
c:\programdata\Microsoft\Windows\DRM\60F4.tmp
c:\programdata\Microsoft\Windows\DRM\9B86.tmp
c:\programdata\Microsoft\Windows\DRM\9BB7.tmp
c:\programdata\Microsoft\Windows\DRM\E71E.tmp
c:\programdata\Microsoft\Windows\DRM\E760.tmp
.
.
((((((((((((((((((((((((( Files Created from 2014-01-23 to 2014-02-23 )))))))))))))))))))))))))))))))
.
.
2014-02-23 00:33 . 2014-02-23 00:33 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-02-23 00:33 . 2014-02-23 00:33 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-02-23 00:33 . 2014-02-23 00:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-22 20:29 . 2014-02-17 08:36 17088 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys
2014-02-22 01:01 . 2014-02-22 01:01 -------- d-----w- c:\windows\Migration
2014-02-22 00:59 . 2014-02-22 00:59 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-02-22 00:59 . 2014-02-22 00:59 -------- d-----r- c:\program files (x86)\Skype
2014-02-12 09:01 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 09:01 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-11 22:38 . 2013-12-06 02:30 1882112 ----a-w- c:\windows\system32\msxml3.dll
2014-02-11 22:38 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-02-11 22:38 . 2013-12-06 02:02 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2014-02-11 22:38 . 2013-12-06 02:02 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-02-08 20:31 . 2014-02-20 03:10 -------- d-----w- c:\users\Daniel Benton\AppData\Roaming\Mumble
2014-02-08 18:12 . 2014-02-08 18:12 -------- d-----w- c:\program files (x86)\sweetpacks bundle uninstaller
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-23 00:16 . 2013-05-30 17:04 5183886 ------r- C:\ComboFix.exe
2014-02-21 01:13 . 2012-04-12 11:54 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-21 01:13 . 2011-05-21 12:58 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-17 08:40 . 2014-01-02 22:15 117024 ----a-w- c:\windows\system32\BootDefrag.exe
2014-02-15 09:00 . 2010-08-06 14:11 88567024 ----a-w- c:\windows\system32\MRT.exe
2013-12-03 09:01 . 2013-12-03 09:01 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-03 09:01 . 2013-12-03 09:01 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-03 09:01 . 2013-12-03 09:01 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-03 09:01 . 2013-12-03 09:01 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-03 09:01 . 2013-12-03 09:01 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-03 09:01 . 2013-12-03 09:01 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-03 09:01 . 2013-12-03 09:01 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-03 09:01 . 2013-12-03 09:01 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-03 09:01 . 2013-12-03 09:01 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-03 09:01 . 2013-12-03 09:01 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-03 09:01 . 2013-12-03 09:01 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-03 09:01 . 2013-12-03 09:01 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-03 09:01 . 2013-12-03 09:01 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-03 09:01 . 2013-12-03 09:01 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-03 09:01 . 2013-12-03 09:01 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-03 09:01 . 2013-12-03 09:01 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-03 09:01 . 2013-12-03 09:01 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-03 09:01 . 2013-12-03 09:01 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-03 09:01 . 2013-12-03 09:01 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-03 09:01 . 2013-12-03 09:01 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-03 09:01 . 2013-12-03 09:01 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-03 09:01 . 2013-12-03 09:01 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-03 09:01 . 2013-12-03 09:01 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-03 09:01 . 2013-12-03 09:01 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-03 09:01 . 2013-12-03 09:01 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-03 09:01 . 2013-12-03 09:01 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-03 09:01 . 2013-12-03 09:01 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-03 09:01 . 2013-12-03 09:01 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-03 09:01 . 2013-12-03 09:01 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-03 09:01 . 2013-12-03 09:01 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-03 09:01 . 2013-12-03 09:01 413696 ----a-w- c:\windows\system32\html.iec
2013-12-03 09:01 . 2013-12-03 09:01 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 09:01 . 2013-12-03 09:01 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-03 09:01 . 2013-12-03 09:01 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-03 09:01 . 2013-12-03 09:01 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-03 09:01 . 2013-12-03 09:01 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-03 09:01 . 2013-12-03 09:01 235520 ----a-w- c:\windows\system32\url.dll
2013-12-03 09:01 . 2013-12-03 09:01 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-03 09:01 . 2013-12-03 09:01 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-03 09:01 . 2013-12-03 09:01 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-03 09:01 . 2013-12-03 09:01 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-03 09:01 . 2013-12-03 09:01 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-03 09:01 . 2013-12-03 09:01 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-03 09:01 . 2013-12-03 09:01 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-03 09:01 . 2013-12-03 09:01 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-03 09:01 . 2013-12-03 09:01 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-03 09:01 . 2013-12-03 09:01 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-03 09:01 . 2013-12-03 09:01 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-03 09:01 . 2013-12-03 09:01 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-03 09:01 . 2013-12-03 09:01 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-03 09:01 . 2013-12-03 09:01 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-03 09:01 . 2013-12-03 09:01 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-27 01:41 . 2014-01-15 18:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-11-27 01:41 . 2014-01-15 18:29 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-11-27 01:41 . 2014-01-15 18:29 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-11-27 01:41 . 2014-01-15 18:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-11-27 01:41 . 2014-01-15 18:29 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-11-26 11:40 . 2014-01-15 18:29 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2013-11-26 10:32 . 2014-01-15 18:29 3156480 ----a-w- c:\windows\system32\win32k.sys
2013-11-26 03:47 . 2013-11-26 03:47 196376 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2013-11-26 03:47 . 2013-11-26 03:47 243480 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-11-26 03:47 . 2013-11-26 03:47 150808 ----a-w- c:\windows\system32\drivers\avgdiska.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Daniel Benton\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Daniel Benton\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Daniel Benton\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Daniel Benton\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Amazon Cloud Player"="c:\users\Daniel Benton\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe" [2013-12-12 3145536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RunAIShell"="c:\program files (x86)\ASUS\AI Manager\AsShellApplication.exe" [2009-12-23 232064]
"ASUS VIBE"="c:\program files (x86)\ASUS\ASUS VIBE\ASUS VIBE.exe" [2010-03-02 102400]
"Rocket Live! Central 2"="d:\rocketfish\Live! Central\RFLVCentral2.exe" [2010-02-24 430247]
"V0650Mon.exe"="c:\windows\V0650Mon.exe" [2010-02-23 28672]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-01-22 4962320]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2013-09-02 295512]
.
c:\users\Daniel Benton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Daniel Benton\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-2 30714328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk * \0BootDefrag.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"QuickTime Task"="d:\quicktime\QTTask.exe" -atboottime
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 SecStore;Secure Storage;c:\windows\SysWOW64\secpro.exe;c:\windows\SysWOW64\secpro.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 BootDefragDriver;BootDefragDriver;c:\windows\System32\drivers\BootDefragDriver.sys;c:\windows\SYSNATIVE\drivers\BootDefragDriver.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 Device Handle Service;Device Handle Service;c:\windows\SysWOW64\AsHookDevice.exe;c:\windows\SysWOW64\AsHookDevice.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 V0650Vid;Rocketfish HD Webcam Driver;c:\windows\system32\DRIVERS\V0650Vid.sys;c:\windows\SYSNATIVE\DRIVERS\V0650Vid.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [BU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-21 23:20 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 01:13]
.
2014-02-23 c:\windows\Tasks\GlaryInitialize 4.job
- c:\program files (x86)\Glary Utilities 4\Initialize.exe [2014-02-12 08:23]
.
2014-02-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-06 02:10]
.
2014-02-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-06 02:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-19 8067616]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AVG-Secure-Search-Update_0913a - c:\users\Daniel Benton\AppData\Roaming\AVG 0913a Campaign\AVG-Secure-Search-Update-0913a.exe
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-02-22 18:36:03
ComboFix-quarantined-files.txt 2014-02-23 00:36
ComboFix2.txt 2013-05-27 17:00
.
Pre-Run: 331,139,964,928 bytes free
Post-Run: 331,350,265,856 bytes free
.
- - End Of File - - E1E2F50F93E5FB3295953F18A553738C
4976D4A7A40B83FC7F06EE4BDD84EB9B
  • 0


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

featured