Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

All File transfers hang. No virus!


  • Please log in to reply

#196
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,168 posts
  • MVP

Yes please.


  • 0

Advertisements


#197
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

Do you want me to Filter the results like you instructed me to in this earlier post?


  • 0

#198
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

I went with default values, instead of adding explorer.exe to the Filter.

for both devices:

Scanner PML

TableMike PML

 


  • 0

#199
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,168 posts
  • MVP

Perfect.  I'll be off-line for a few hours.  Will try to get this done today as we are flying tomorrow.


  • 0

#200
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,168 posts
  • MVP

Can you export your whole registry, zip it up and upload it.  That way I won't have to keep asking you to export keys.


  • 0

#201
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

The regedit is around 600gb large, I'll have to find a large enough free upload server.

Oops it's mb not gb haha. I will upload it now.


Edited by phickspc, 24 September 2018 - 11:38 AM.

  • 0

#202
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

PM'd the file to you to avoid broadcasting my entire regedit to the whole world.


  • 0

#203
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,168 posts
  • MVP
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&17fcda82&0]
"Capabilities"=dword:00000080
"HardwareID"=hex(7):55,00,53,00,42,00,5c,00,52,00,4f,00,4f,00,54,00,5f,00,48,\
  00,55,00,42,00,26,00,56,00,49,00,44,00,31,00,30,00,32,00,32,00,26,00,50,00,\
  49,00,44,00,37,00,38,00,30,00,39,00,26,00,52,00,45,00,56,00,30,00,30,00,31,\
  00,31,00,00,00,55,00,53,00,42,00,5c,00,52,00,4f,00,4f,00,54,00,5f,00,48,00,\
  55,00,42,00,26,00,56,00,49,00,44,00,31,00,30,00,32,00,32,00,26,00,50,00,49,\
  00,44,00,37,00,38,00,30,00,39,00,00,00,55,00,53,00,42,00,5c,00,52,00,4f,00,\
  4f,00,54,00,5f,00,48,00,55,00,42,00,00,00,00,00
"ContainerID"="{00000000-0000-0000-ffff-ffffffffffff}"
"Service"="usbhub"
"ClassGUID"="{36fc9e60-c465-11cf-8056-444553540000}"
"ConfigFlags"=dword:00000000
"Driver"="{36fc9e60-c465-11cf-8056-444553540000}\\0005"
"Class"="USB"
"Mfg"="@usbport.inf,%generic.mfg%;(Standard USB Host Controller)"
"DeviceDesc"="@usbport.inf,%usb\\root_hub.devicedesc%;USB Root Hub"
"InstallFlags"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&17fcda82&0\Device Parameters]
"SymbolicName"="\\??\\USB#ROOT_HUB#4&17fcda82&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&17fcda82&0\Device Parameters\uxd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&17fcda82&0\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&17fcda82&0\Control]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&192f3c3e&0]
"Capabilities"=dword:00000080
"HardwareID"=hex(7):55,00,53,00,42,00,5c,00,52,00,4f,00,4f,00,54,00,5f,00,48,\
  00,55,00,42,00,26,00,56,00,49,00,44,00,31,00,30,00,32,00,32,00,26,00,50,00,\
  49,00,44,00,37,00,38,00,30,00,37,00,26,00,52,00,45,00,56,00,30,00,30,00,31,\
  00,31,00,00,00,55,00,53,00,42,00,5c,00,52,00,4f,00,4f,00,54,00,5f,00,48,00,\
  55,00,42,00,26,00,56,00,49,00,44,00,31,00,30,00,32,00,32,00,26,00,50,00,49,\
  00,44,00,37,00,38,00,30,00,37,00,00,00,55,00,53,00,42,00,5c,00,52,00,4f,00,\
  4f,00,54,00,5f,00,48,00,55,00,42,00,00,00,00,00
"ContainerID"="{00000000-0000-0000-ffff-ffffffffffff}"
"Service"="usbhub"
"ClassGUID"="{36fc9e60-c465-11cf-8056-444553540000}"
"ConfigFlags"=dword:00000000
"Driver"="{36fc9e60-c465-11cf-8056-444553540000}\\0006"
"Class"="USB"
"Mfg"="@usbport.inf,%generic.mfg%;(Standard USB Host Controller)"
"DeviceDesc"="@usbport.inf,%usb\\root_hub.devicedesc%;USB Root Hub"
"InstallFlags"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&192f3c3e&0\Device Parameters]
"SymbolicName"="\\??\\USB#ROOT_HUB#4&192f3c3e&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&192f3c3e&0\Device Parameters\uxd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&192f3c3e&0\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&192f3c3e&0\Control]
"ActiveService"="usbhub"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&568b4dc&0]
"Capabilities"=dword:00000080
"HardwareID"=hex(7):55,00,53,00,42,00,5c,00,52,00,4f,00,4f,00,54,00,5f,00,48,\
  00,55,00,42,00,26,00,56,00,49,00,44,00,31,00,30,00,32,00,32,00,26,00,50,00,\
  49,00,44,00,37,00,38,00,30,00,37,00,26,00,52,00,45,00,56,00,30,00,30,00,31,\
  00,31,00,00,00,55,00,53,00,42,00,5c,00,52,00,4f,00,4f,00,54,00,5f,00,48,00,\
  55,00,42,00,26,00,56,00,49,00,44,00,31,00,30,00,32,00,32,00,26,00,50,00,49,\
  00,44,00,37,00,38,00,30,00,37,00,00,00,55,00,53,00,42,00,5c,00,52,00,4f,00,\
  4f,00,54,00,5f,00,48,00,55,00,42,00,00,00,00,00
"ContainerID"="{00000000-0000-0000-ffff-ffffffffffff}"
"Service"="usbhub"
"ClassGUID"="{36fc9e60-c465-11cf-8056-444553540000}"
"ConfigFlags"=dword:00000000
"ParentIdPrefix"="5&35b36244&0"
"Driver"="{36fc9e60-c465-11cf-8056-444553540000}\\0007"
"Class"="USB"
"Mfg"="@usbport.inf,%generic.mfg%;(Standard USB Host Controller)"
"DeviceDesc"="@usbport.inf,%usb\\root_hub.devicedesc%;USB Root Hub"
"InstallFlags"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&568b4dc&0\Device Parameters]
"SymbolicName"="\\??\\USB#ROOT_HUB#4&568b4dc&0#{f18a0e88-c30c-11d0-8815-00a0c906bed8}"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&568b4dc&0\Device Parameters\uxd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&568b4dc&0\LogConf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB\4&568b4dc&0\Control]

Above is an export of the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB from my Win 7 64 (AMD)

 

Note that the Class for each instance is "USB"

 

I don't know if it's significant but on yours you have some odd  characters with funny marks on or in front of them.  Might be worth exporting your HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB\ROOT_HUB key and then making each Class say "USB" 

 

All I have time for today.  Will try again next week if the above doesn't magically cure it.


  • 0

#204
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

Logged in as Amin, under safe mode,
I tried changing the class value to USB but recevied these errors instead.

editing the key to then launching/right click to merge:
Cannot import #.reg: Not all data as successfully written to the registry.
Some keys are open by the system or other processes.

navigating in regedit to manually edit class value:
Cannot edit class: error writing the value's new contents.
 


  • 0

#205
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,168 posts
  • MVP

Try taking ownership of the key:

 

https://www.howtogee...y-in-windows-7/

 

It should then let you change Administrator to Full Control


  • 0

Advertisements


#206
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

Sorry, but got the following errors;

 

Replace owner on subcontainers and objects check box:

"Unable to save permission changes on ROOT HUB. Access is denied."

 

Replace all child object permissions with inheritable permissions from this object check box:

"Unable to save permission changes on ROOT HUB. Access is denied."

or

"Registry Editor could not set the key currently selected, or some of its subkeys." (when choosing SYSTEM)


Edited by phickspc, 26 September 2018 - 04:26 PM.

  • 0

#207
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,168 posts
  • MVP
Enable the hidden administrator account then log in as the administrator and try taking ownership again
  • 0

#208
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

There's no hidden Admin accounts, just 3 admin accounts.


  • 0

#209
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,168 posts
  • MVP

https://www.howtogee...-windows-vista/


  • 0

#210
phickspc

phickspc

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 478 posts

Couldn't change permissions after logging in to hidden admin account:

Replace owner on subcontainers and objects check box:

Replace all child object permissions with inheritable permissions from this object check box:

Error: "Registry Editor could not set the key currently selected, or some of its subkeys." (when choosing SYSTEM)

 

But,

I did manage to merge the altered registry key (where the class=USB).

However, after restarting and re-lpugging the TableMike & Scanner in both hidden admin and my normal account, the speed error still appears.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP