Data Realms Fan Forums - View topic

Page 306 of 1336

[ 20039 posts ]

Go to page Previous 1 ... 303, 304, 305, 306, 307, 308, 309 ... 1336 Next

The Lounge

Author	Message
Ragdollmaster Joined: Sun Dec 16, 2007 12:09 am Posts: 1115 Location: Being The Great Juju	Re: The Lounge Miggles: Beat the ♥♥♥♥ out of your friend.
Sun Feb 26, 2012 7:15 pm

Miggles Data Realms Elite Joined: Mon Jul 12, 2010 5:39 am Posts: 4558	Re: The Lounge weeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
Sun Feb 26, 2012 7:44 pm

caekdaemon Data Realms Elite Joined: Sun Nov 01, 2009 3:00 pm Posts: 4144 Location: Hell.	Re: The Lounge @Miggles Run combofix in safemode. I've never seen a virus that thing could not stomp.
Sun Feb 26, 2012 8:15 pm

Miggles Data Realms Elite Joined: Mon Jul 12, 2010 5:39 am Posts: 4558	Re: The Lounge ComboFix 12-02-25.02 - Name 02/26/2012 13:29:27.1.2 - x64 NETWORK Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.2506 [GMT -6:00] Running from: c:\users\Name\Documents\ComboFix.exe AV: avast! Antivirus Enabled/Updated {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Trend Micro Titanium Disabled/Updated {68F968AC-2AA0-091D-848C-803E83E35902} SP: avast! Antivirus Enabled/Updated {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Trend Micro Titanium Disabled/Updated {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Install.exe c:\program files (x86)\Object c:\program files (x86)\Object\bhO_project.dll c:\program files (x86)\Object\ChromeAddon.pem c:\program files (x86)\Object\chromeaddon\._included.js c:\program files (x86)\Object\chromeaddon\background.html c:\program files (x86)\Object\chromeaddon\included.js c:\program files (x86)\Object\chromeaddon\manifest.json c:\program files (x86)\Object\config.ini c:\program files (x86)\Object\enable.txt c:\program files (x86)\Object\facetheme\build.sh c:\program files (x86)\Object\facetheme\chrome.manifest c:\program files (x86)\Object\facetheme\config_build.sh c:\program files (x86)\Object\facetheme\content\.DS_Store c:\program files (x86)\Object\facetheme\content\firefoxOverlay.xul c:\program files (x86)\Object\facetheme\content\installid.js c:\program files (x86)\Object\facetheme\content\overlay.js c:\program files (x86)\Object\facetheme\content\sudoku.js c:\program files (x86)\Object\facetheme\defaults\.DS_Store c:\program files (x86)\Object\facetheme\defaults\preferences\._sudoku.js c:\program files (x86)\Object\facetheme\defaults\preferences\.DS_Store c:\program files (x86)\Object\facetheme\defaults\preferences\sudoku.js c:\program files (x86)\Object\facetheme\files c:\program files (x86)\Object\facetheme\install.rdf c:\program files (x86)\Object\facetheme\locale\.DS_Store c:\program files (x86)\Object\facetheme\locale\en-US\.DS_Store c:\program files (x86)\Object\facetheme\locale\en-US\sudoku.dtd c:\program files (x86)\Object\facetheme\locale\en-US\sudoku.properties c:\program files (x86)\Object\facetheme\readme.txt c:\program files (x86)\Object\facetheme\skin\overlay.css c:\program files (x86)\Object\facetheme_uninstall.exe c:\program files (x86)\Object\status.txt c:\program files (x86)\Object\status2.txt c:\users\Name\AppData\Local\.# c:\users\Name\AppData\Local\assembly\tmp c:\windows\security\Database\tmp.edb c:\windows\SwSys1.bmp c:\windows\SwSys2.bmp c:\windows\system32\Thumbs.db . . ((((((((((((((((((((((((( Files Created from 2012-01-26 to 2012-02-26 ))))))))))))))))))))))))))))))) . . 2012-02-26 07:21 . 2012-02-26 07:17 169912 ----a-w- c:\program files (x86)\4wres.dll 2012-02-26 07:21 . 2012-02-26 07:17 693648 ----a-w- c:\program files (x86)\4wUninstall Retrogamer.dll 2012-02-26 07:18 . 2012-02-26 07:22 -------- d-----w- c:\programdata\GameTap Web Player 2012-02-26 07:18 . 2012-02-26 07:22 -------- d-----w- c:\program files (x86)\GameTap Web Player 2012-02-26 07:18 . 2010-10-12 01:08 819200 ----a-w- c:\windows\SysWow64\GameTapWebPlayer_4_4_0_7.ocx 2012-02-26 07:18 . 2010-10-12 01:00 749568 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\GameTapPlayer@gametap.com\plugins\npGameTapWebPlayer.dll 2012-02-26 07:16 . 2012-02-26 07:16 -------- d-----w- c:\program files (x86)\Retrogamer_4wEI 2012-02-19 06:34 . 2012-02-19 06:34 -------- d-----w- c:\windows\Warhammer 40,000 Boltgun 2012-02-15 23:27 . 2012-02-15 23:27 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi 2012-02-14 01:21 . 2012-02-17 00:41 -------- d-----w- c:\users\Name\AppData\Roaming\.techniclauncher 2012-02-04 19:34 . 2012-02-04 19:34 -------- d-----w- c:\program files (x86)\Pineapple Smash Crew 2012-02-04 01:59 . 2012-02-04 01:59 -------- d-----w- C:\crabsystem 2012-02-03 06:07 . 2012-02-03 06:07 -------- d-----w- c:\users\Name\AppData\Roaming\RenPy 2012-02-03 04:50 . 2012-02-03 04:51 -------- d-----w- c:\program files (x86)\Katawa Shoujo . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-26 07:27 . 2011-04-04 04:03 119296 ----a-w- c:\windows\SysWow64\zlib.dll 2011-12-17 21:31 . 2010-12-15 01:10 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2011-12-17 21:31 . 2010-12-15 01:10 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2011-12-17 21:31 . 2010-12-15 01:10 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2011-12-17 21:31 . 2010-12-15 01:10 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{86ef8bd1-47f3-4322-923f-f29cdf477eb0}] 2010-07-01 15:31 462848 ----a-w- c:\program files (x86)\CAJ Media\Browser Enhancer\adxloader.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-24 39408] "Steam"="c:\program files (x86)\Steam\steam.exe" [2011-08-02 1242448] "RegistryBooster"="c:\program files (x86)\Uniblue\RegistryBooster\launcher.exe" [2011-07-12 67456] "Desura"="c:\program files (x86)\Desura\desura.exe" [2011-12-26 2529096] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-15 98304] "ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736] "TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-23 402432] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "WTClient"="WTClient.exe" [2009-10-30 32768] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-07 1987976] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Best Buy Software Installer.lnk - c:\program files\Best Buy Software Installer\Best Buy Software Installer.exe [2010-2-15 1135560] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . R1 aswSnx;aswSnx; [x] R1 aswSP;aswSP; [x] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] R2 aswFsBlk;aswFsBlk; [x] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 135664] R2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144] R2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-02-26 252928] R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x] R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x] R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe [2011-12-26 131912] R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2011-11-15 21712] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 135664] R3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x] R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560] R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-24 835952] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-07 2343816] S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x] S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys [x] S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [x] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x] . . --- Other Services/Drivers In Memory --- . NewlyCreated - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 21:51] . 2012-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 21:51] . 2012-02-26 c:\windows\Tasks\ParetoLogic Registration3.job - c:\windows\system32\rundll32.exe [2009-07-13 01:14] . 2012-02-25 c:\windows\Tasks\RegClean Pro_DEFAULT.job - c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2011-08-09 18:26] . 2011-12-28 c:\windows\Tasks\RegClean Pro_UPDATES.job - c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2011-08-09 18:26] . 2012-02-26 c:\windows\Tasks\RegistryBooster.job - c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2011-08-09 06:47] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{86ef8bd1-47f3-4322-923f-f29cdf477eb0}] 2010-07-01 15:31 662016 ----a-w- c:\program files (x86)\CAJ Media\Browser Enhancer\adxloader64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-01-29 517176] "SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768] "TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376] "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-03-19 191784] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.youcansearch.com mStart Page = hxxp://www.youcansearch.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = .local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} - hxxp://archives.gametap.com/static/cab_ ... Player.cab FF - ProfilePath - c:\users\Name\AppData\Roaming\Mozilla\Firefox\Profiles\g0ydgt3c.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.minecraftforum.net/index.php FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =382950&p= FF - user.js: yahoo.ytff.general.dontshowhpoffer - true . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\Name\AppData\Local\Akamai\netsession_win.exe Toolbar-Locked - (no file) HKLM-Run-(Default) - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe AddRemove-dBpoweramp Music Converter - c:\windows\system32\SpoonUninstall.exe AddRemove-Desura - c:\program files (x86)\Common Files\Desura\\Desura_Uninstaller.exe AddRemove-facetheme - c:\program files (x86)\Object\facetheme_uninstall.exe AddRemove-Warhammer 40,000 Boltgun1.0 - c:\windows\Warhammer 40 . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2419581893-93509629-496460323-1000\Software\SecuROM\License information] "datasecu"=hex:f4,52,cb,34,9e,60,1e,fe,d0,62,30,94,aa,91,74,d7,c9,2e,d7,12,e8, 18,3b,40,52,94,ab,d7,ee,d3,03,61,03,95,2e,fd,05,ac,89,92,95,cc,6e,da,b4,5a,\ "rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-02-26 13:46:34 - machine was rebooted ComboFix-quarantined-files.txt 2012-02-26 19:46 . Pre-Run: 102,351,392,768 bytes free Post-Run: 102,337,802,240 bytes free . - - End Of File - - 39E40917BC5A0BF61BD5476B9D887B06 It told me to show this to you.
Sun Feb 26, 2012 8:53 pm

Sothe Joined: Thu Jul 21, 2011 4:34 am Posts: 2034	Re: The Lounge Miggles wrote: My friend. Downloaded a game toolbar. So he could play Metal Slug. (he did this without my permission btw) For whatever reason he had to restart the comp to install. (obvious virus) So he did this. Then he yells at me from the other room (i was cooking) "Hey bro, your computer screen is all black!" So I rushed in and it was all black. So I turned it off via the power button and forced a safe mode restart. Sure enough there was a virus in sytem32. I got rid of the virus but the problem is still here unless I run safe mode. WHAT DO I DO? Install Gentoo
Sun Feb 26, 2012 10:37 pm

caekdaemon Data Realms Elite Joined: Sun Nov 01, 2009 3:00 pm Posts: 4144 Location: Hell.	Re: The Lounge Miggles wrote: ComboFix 12-02-25.02 - Name 02/26/2012 13:29:27.1.2 - x64 NETWORK Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.2506 [GMT -6:00] Running from: c:\users\Name\Documents\ComboFix.exe AV: avast! Antivirus Enabled/Updated {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Trend Micro Titanium Disabled/Updated {68F968AC-2AA0-091D-848C-803E83E35902} SP: avast! Antivirus Enabled/Updated {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Trend Micro Titanium Disabled/Updated {D3988948-0C9A-0693-BE3C-BB4CF86413BF} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Install.exe c:\program files (x86)\Object c:\program files (x86)\Object\bhO_project.dll c:\program files (x86)\Object\ChromeAddon.pem c:\program files (x86)\Object\chromeaddon\._included.js c:\program files (x86)\Object\chromeaddon\background.html c:\program files (x86)\Object\chromeaddon\included.js c:\program files (x86)\Object\chromeaddon\manifest.json c:\program files (x86)\Object\config.ini c:\program files (x86)\Object\enable.txt c:\program files (x86)\Object\facetheme\build.sh c:\program files (x86)\Object\facetheme\chrome.manifest c:\program files (x86)\Object\facetheme\config_build.sh c:\program files (x86)\Object\facetheme\content\.DS_Store c:\program files (x86)\Object\facetheme\content\firefoxOverlay.xul c:\program files (x86)\Object\facetheme\content\installid.js c:\program files (x86)\Object\facetheme\content\overlay.js c:\program files (x86)\Object\facetheme\content\sudoku.js c:\program files (x86)\Object\facetheme\defaults\.DS_Store c:\program files (x86)\Object\facetheme\defaults\preferences\._sudoku.js c:\program files (x86)\Object\facetheme\defaults\preferences\.DS_Store c:\program files (x86)\Object\facetheme\defaults\preferences\sudoku.js c:\program files (x86)\Object\facetheme\files c:\program files (x86)\Object\facetheme\install.rdf c:\program files (x86)\Object\facetheme\locale\.DS_Store c:\program files (x86)\Object\facetheme\locale\en-US\.DS_Store c:\program files (x86)\Object\facetheme\locale\en-US\sudoku.dtd c:\program files (x86)\Object\facetheme\locale\en-US\sudoku.properties c:\program files (x86)\Object\facetheme\readme.txt c:\program files (x86)\Object\facetheme\skin\overlay.css c:\program files (x86)\Object\facetheme_uninstall.exe c:\program files (x86)\Object\status.txt c:\program files (x86)\Object\status2.txt c:\users\Name\AppData\Local\.# c:\users\Name\AppData\Local\assembly\tmp c:\windows\security\Database\tmp.edb c:\windows\SwSys1.bmp c:\windows\SwSys2.bmp c:\windows\system32\Thumbs.db . . ((((((((((((((((((((((((( Files Created from 2012-01-26 to 2012-02-26 ))))))))))))))))))))))))))))))) . . 2012-02-26 07:21 . 2012-02-26 07:17 169912 ----a-w- c:\program files (x86)\4wres.dll 2012-02-26 07:21 . 2012-02-26 07:17 693648 ----a-w- c:\program files (x86)\4wUninstall Retrogamer.dll 2012-02-26 07:18 . 2012-02-26 07:22 -------- d-----w- c:\programdata\GameTap Web Player 2012-02-26 07:18 . 2012-02-26 07:22 -------- d-----w- c:\program files (x86)\GameTap Web Player 2012-02-26 07:18 . 2010-10-12 01:08 819200 ----a-w- c:\windows\SysWow64\GameTapWebPlayer_4_4_0_7.ocx 2012-02-26 07:18 . 2010-10-12 01:00 749568 ----a-w- c:\program files (x86)\Mozilla Firefox\extensions\GameTapPlayer@gametap.com\plugins\npGameTapWebPlayer.dll 2012-02-26 07:16 . 2012-02-26 07:16 -------- d-----w- c:\program files (x86)\Retrogamer_4wEI 2012-02-19 06:34 . 2012-02-19 06:34 -------- d-----w- c:\windows\Warhammer 40,000 Boltgun 2012-02-15 23:27 . 2012-02-15 23:27 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi 2012-02-14 01:21 . 2012-02-17 00:41 -------- d-----w- c:\users\Name\AppData\Roaming\.techniclauncher 2012-02-04 19:34 . 2012-02-04 19:34 -------- d-----w- c:\program files (x86)\Pineapple Smash Crew 2012-02-04 01:59 . 2012-02-04 01:59 -------- d-----w- C:\crabsystem 2012-02-03 06:07 . 2012-02-03 06:07 -------- d-----w- c:\users\Name\AppData\Roaming\RenPy 2012-02-03 04:50 . 2012-02-03 04:51 -------- d-----w- c:\program files (x86)\Katawa Shoujo . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-26 07:27 . 2011-04-04 04:03 119296 ----a-w- c:\windows\SysWow64\zlib.dll 2011-12-17 21:31 . 2010-12-15 01:10 466456 ----a-w- c:\windows\system32\wrap_oal.dll 2011-12-17 21:31 . 2010-12-15 01:10 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2011-12-17 21:31 . 2010-12-15 01:10 122904 ----a-w- c:\windows\system32\OpenAL32.dll 2011-12-17 21:31 . 2010-12-15 01:10 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{86ef8bd1-47f3-4322-923f-f29cdf477eb0}] 2010-07-01 15:31 462848 ----a-w- c:\program files (x86)\CAJ Media\Browser Enhancer\adxloader.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-03-24 39408] "Steam"="c:\program files (x86)\Steam\steam.exe" [2011-08-02 1242448] "RegistryBooster"="c:\program files (x86)\Uniblue\RegistryBooster\launcher.exe" [2011-07-12 67456] "Desura"="c:\program files (x86)\Desura\desura.exe" [2011-12-26 2529096] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-03-15 98304] "ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-02-11 1295736] "TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-23 402432] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-06-07 421160] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552] "WTClient"="WTClient.exe" [2009-10-30 32768] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-07 1987976] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Best Buy Software Installer.lnk - c:\program files\Best Buy Software Installer\Best Buy Software Installer.exe [2010-2-15 1135560] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . R1 aswSnx;aswSnx; [x] R1 aswSP;aswSP; [x] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x] R2 aswFsBlk;aswFsBlk; [x] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 135664] R2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144] R2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [x] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-02-26 252928] R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x] R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x] R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe [2011-12-26 131912] R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2011-11-15 21712] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-12-09 135584] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 135664] R3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x] R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\system32\DRIVERS\PTSimHid.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-02-11 54136] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560] R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-24 835952] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-07 2343816] S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x] S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x] S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x] S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys [x] S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys [x] S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x] . . --- Other Services/Drivers In Memory --- . NewlyCreated - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 21:51] . 2012-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-14 21:51] . 2012-02-26 c:\windows\Tasks\ParetoLogic Registration3.job - c:\windows\system32\rundll32.exe [2009-07-13 01:14] . 2012-02-25 c:\windows\Tasks\RegClean Pro_DEFAULT.job - c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2011-08-09 18:26] . 2011-12-28 c:\windows\Tasks\RegClean Pro_UPDATES.job - c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2011-08-09 18:26] . 2012-02-26 c:\windows\Tasks\RegistryBooster.job - c:\program files (x86)\Uniblue\RegistryBooster\rbmonitor.exe [2011-08-09 06:47] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{86ef8bd1-47f3-4322-923f-f29cdf477eb0}] 2010-07-01 15:31 662016 ----a-w- c:\program files (x86)\CAJ Media\Browser Enhancer\adxloader64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2010-01-29 517176] "SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768] "TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376] "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976] "Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-03-19 191784] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2010-07-21 2327952] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.youcansearch.com mStart Page = hxxp://www.youcansearch.com mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = .local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html DPF: {4F29DE54-5EB7-4D76-B610-A86B5CD2A234} - hxxp://archives.gametap.com/static/cab_ ... Player.cab FF - ProfilePath - c:\users\Name\AppData\Roaming\Mozilla\Firefox\Profiles\g0ydgt3c.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.minecraftforum.net/index.php FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =382950&p= FF - user.js: yahoo.ytff.general.dontshowhpoffer - true . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-Akamai NetSession Interface - c:\users\Name\AppData\Local\Akamai\netsession_win.exe Toolbar-Locked - (no file) HKLM-Run-(Default) - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe AddRemove-dBpoweramp Music Converter - c:\windows\system32\SpoonUninstall.exe AddRemove-Desura - c:\program files (x86)\Common Files\Desura\\Desura_Uninstaller.exe AddRemove-facetheme - c:\program files (x86)\Object\facetheme_uninstall.exe AddRemove-Warhammer 40,000 Boltgun1.0 - c:\windows\Warhammer 40 . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-2419581893-93509629-496460323-1000\Software\SecuROM\License information] "datasecu"=hex:f4,52,cb,34,9e,60,1e,fe,d0,62,30,94,aa,91,74,d7,c9,2e,d7,12,e8, 18,3b,40,52,94,ab,d7,ee,d3,03,61,03,95,2e,fd,05,ac,89,92,95,cc,6e,da,b4,5a,\ "rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-02-26 13:46:34 - machine was rebooted ComboFix-quarantined-files.txt 2012-02-26 19:46 . Pre-Run: 102,351,392,768 bytes free Post-Run: 102,337,802,240 bytes free . - - End Of File - - 39E40917BC5A0BF61BD5476B9D887B06 It told me to show this to you. Does your computer work correctly now?
Sun Feb 26, 2012 10:41 pm

Miggles Data Realms Elite Joined: Mon Jul 12, 2010 5:39 am Posts: 4558	Re: The Lounge @Caek Nope :c @Sothe Uh, ok? What does it do?
Sun Feb 26, 2012 10:58 pm

Mackerel Joined: Thu May 05, 2011 1:30 am Posts: 2876 Location: Rent free in your head. Vacation in your ass.	Re: The Lounge Miggles wrote: @Sothe Uh, ok? What does it do? Solves everything. No, but seriously, throw that trash away.
Sun Feb 26, 2012 11:18 pm

TorrentHKU Loose Canon Joined: Sun Mar 29, 2009 11:07 pm Posts: 2992 Location: --------------->	Re: The Lounge This sounds more like the virus deleted something important, and is now gone along with whatever was important.
Mon Feb 27, 2012 1:15 am

caekdaemon Data Realms Elite Joined: Sun Nov 01, 2009 3:00 pm Posts: 4144 Location: Hell.	Re: The Lounge TorrentHKU wrote: This sounds more like the virus deleted something important, and is now gone along with whatever was important. Indeed. It seems combofix may have removed the virus, but by then the damage is already done. You'll have to wipe and reinstall.
Mon Feb 27, 2012 2:28 am

Sothe Joined: Thu Jul 21, 2011 4:34 am Posts: 2034	Re: The Lounge Mackerel wrote: Miggles wrote: @Sothe Uh, ok? What does it do? Solves everything. No, but seriously, throw that trash away. Stop trashing Gentoo, you plebeian. It's a high functioning safe Linux OS.
Mon Feb 27, 2012 2:32 am

caekdaemon Data Realms Elite Joined: Sun Nov 01, 2009 3:00 pm Posts: 4144 Location: Hell.	Re: The Lounge The man who made these created small buildings and sprinkled them with flour to fuel mould growth. The visual effect is interesting.
Mon Feb 27, 2012 2:34 am

Mackerel Joined: Thu May 05, 2011 1:30 am Posts: 2876 Location: Rent free in your head. Vacation in your ass.	Re: The Lounge .. That reminds me of this picture where you make graffiti moss. Might do. Sothe wrote: Stop trashing Gentoo, you plebeian. It's a high functioning safe Linux OS. Dude. Gentoo is the best thing ever to happen to mankind. I thank Gentoo and our Gentoo overlords. And Reddit. Reddit is awesome. Last edited by Mackerel on Mon Feb 27, 2012 3:53 am, edited 2 times in total.
Mon Feb 27, 2012 3:39 am

Metal Chao Joined: Sat May 05, 2007 6:04 pm Posts: 2901	Re: The Lounge I think he was asking how he could fix the computer he already has, not for a new operating system "Install this operating system" is a terrible answer to a tech question that isn't "Which Operating System should I use?"
Mon Feb 27, 2012 3:41 am

Mackerel Joined: Thu May 05, 2011 1:30 am Posts: 2876 Location: Rent free in your head. Vacation in your ass.	Re: The Lounge metal chao wrote: "Install this operating system" is a terrible answer to a tech question that isn't "Which Operating System should I use?" Wow let's act like we were being serious by telling someone to go get a new OS. Miggles, just reformat your computer by simply taking out the hard-drive and stomping on it. I'm being serious, just incase Metal Chao thought anyone was joking this time.
Mon Feb 27, 2012 3:42 am

Display posts from previous: Sort by

Page 306 of 1336

[ 20039 posts ]

Go to page Previous 1 ... 303, 304, 305, 306, 307, 308, 309 ... 1336 Next

The Lounge

Who is online