Welcome to Smokey's Security Forums.
Guests only have limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Advanced search  

News:

Adobe patches security flaws in Acrobat and Reader

Adobe has released a set of security updates for Adobe Acrobat and Reader for Windows and Mac, patching vulnerabilities that could allow an attacker to take control of the affected system.

Adobe patches security flaws in Acrobat and Reader

Malware Log Analysis & Removal Help * Ransomware Encryption & Decrytion Techniques * Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on RedditShare this topic on TwitterAuthorTopic: Something's up with my Dell Inspiron win7  (Read 6703 times)

0 Members and 1 Guest are viewing this topic.

Starbuck

  • Site Owner
  • *
  • Offline Offline
  • location: Midlands. UK
  • Posts: 3403
  • .: Leader Malware Analysis & Removal Team
  • -: Site Help Desk - Support Department
    • WWW
Re: Something's up with my Dell Inspiron win7
« Reply #8 on: August 28, 2013, 11:24:10 PM »
Can you remember exactly when the problems started? (day... time)

Starbuck

  • Site Owner
  • *
  • Offline Offline
  • location: Midlands. UK
  • Posts: 3403
  • .: Leader Malware Analysis & Removal Team
  • -: Site Help Desk - Support Department
    • WWW
Re: Something's up with my Dell Inspiron win7
« Reply #7 on: August 28, 2013, 09:38:26 PM »
That is odd.
Have you tried to post the reply again?

Have attached the files to this post.

mikehendeTopic starter

  • Full Member
  • **
  • Offline Offline
  • Posts: 71
Re: Something's up with my Dell Inspiron win7
« Reply #6 on: August 28, 2013, 06:34:46 PM »
No idea why I am getting this message when trying to paste the log here?

Starbuck

  • Site Owner
  • *
  • Offline Offline
  • location: Midlands. UK
  • Posts: 3403
  • .: Leader Malware Analysis & Removal Team
  • -: Site Help Desk - Support Department
    • WWW
Re: Something's up with my Dell Inspiron win7
« Reply #5 on: August 28, 2013, 06:23:18 PM »
Well, nothing there to shout about.  :)

It may just be a coincidence that this happened around the time you transferred the files over.
Let's see if FRST shows us anything.

Note:
There are both 32-bit and 64-bit versions of Farbar Recovery Scan Tool available. Please pick the version that matches your operating system's bit type.

For x32 bit systems download Farbar Recovery Scan Tool and save it to your Desktop.


  • Double-click the downloaded icon to run the tool.


  • When the tool opens click Yes to disclaimer.



  • Press Scan button.



  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also.
Thanks

mikehendeTopic starter

  • Full Member
  • **
  • Offline Offline
  • Posts: 71
Re: Something's up with my Dell Inspiron win7
« Reply #4 on: August 28, 2013, 03:01:36 PM »
Hi Pete, here it is:

RogueKiller V8.6.7 [Aug 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : mike [Admin rights]
Mode : Remove -- Date : 08/28/2013 09:00:25
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3250310AS ATA Device +++++
--- User ---
[MBR] 56b4ef2a006ffc4d7895c39d0e1d27df
[BSP] acbff0650422c537e769a078b5148611 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 62 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 129024 | Size: 10240 Mo
2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 21100544 | Size: 228114 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_08282013_090025.txt >>
RKreport[0]_S_08282013_090012.txt



Starbuck

  • Site Owner
  • *
  • Offline Offline
  • location: Midlands. UK
  • Posts: 3403
  • .: Leader Malware Analysis & Removal Team
  • -: Site Help Desk - Support Department
    • WWW
Re: Something's up with my Dell Inspiron win7
« Reply #3 on: August 28, 2013, 12:25:07 AM »
Hi Mike,

See if this runs ok:

Download RogueKiller and save it to your desktop.
  • Close all the running processes
  • Double click RogueKiller icon to run the program
Vista/Win7 users should right click the icon and select Run as Administrator.
  • Wait for the Prescan to finish.
  • Now click the Scan button.
  • Please copy and paste the report in your next reply.
A copy of the RKreport.txt can be found on your desktop.

Note:
If RogueKiller is blocked, do not hesitate to try running it again.
If it still fails to run, right click on the downloaded icon and select 'Rename'.....rename it to winlogon and try again.

mikehendeTopic starter

  • Full Member
  • **
  • Offline Offline
  • Posts: 71
Re: Something's up with my Dell Inspiron win7
« Reply #2 on: August 27, 2013, 01:28:18 AM »
About the only scan which produced anything is combofix, I will see if I can run OTL from the flash drive tomorrow:

ComboFix 13-08-25.01 - mike 08/26/2013  18:57:34.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.1525.561 [GMT -4:00]
Running from: c:\users\mike\Downloads\ComboFix.exe
AV: Bitdefender Antivirus *Disabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
FW: Bitdefender Firewall *Enabled* {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
SP: Bitdefender Antispyware *Disabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1376496338.bdinstall.bin
c:\programdata\Amazon.ico
c:\programdata\Booking.ico
.
.
(((((((((((((((((((((((((   Files Created from 2013-07-26 to 2013-08-26  )))))))))))))))))))))))))))))))
.
.
2013-08-26 23:08 . 2013-08-26 23:08   --------   d-----w-   c:\users\Default\AppData\Local\temp
2013-08-26 22:49 . 2013-08-26 22:49   --------   d-----w-   C:\AdwCleaner
2013-08-26 19:00 . 2013-08-26 19:00   --------   d-----w-   c:\windows\system32\RTCOM
2013-08-26 18:59 . 2012-08-24 17:05   136560   ----a-w-   c:\windows\system32\drivers\ksecpkg.sys
2013-08-26 18:59 . 2012-08-24 17:02   369856   ----a-w-   c:\windows\system32\drivers\cng.sys
2013-08-26 18:59 . 2012-08-24 16:57   247808   ----a-w-   c:\windows\system32\schannel.dll
2013-08-26 18:59 . 2012-08-24 16:56   1039360   ----a-w-   c:\windows\system32\lsasrv.dll
2013-08-26 18:59 . 2012-05-04 09:59   514560   ----a-w-   c:\windows\system32\qdvd.dll
2013-08-24 20:28 . 2013-08-24 20:28   737072   ----a-w-   c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2013-08-24 20:27 . 2013-08-24 20:27   2876528   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2013-08-24 20:26 . 2013-08-24 20:26   42776   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2013-08-24 20:26 . 2013-08-24 20:26   539984   ----a-w-   c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2013-08-24 13:16 . 2013-08-24 13:17   --------   d-----w-   c:\programdata\WindSolutions
2013-08-24 13:09 . 2009-07-01 07:16   94854   ----a-w-   c:\windows\system32\HKCU_GNU.reg
2013-08-24 13:09 . 2009-02-26 08:34   2004   ----a-w-   c:\windows\system32\HKLM_GNU.reg
2013-08-24 13:09 . 2008-12-17 17:22   57344   ----a-w-   c:\windows\system32\ff_vfw.dll
2013-08-24 13:09 . 2008-06-15 13:13   6144   ----a-w-   c:\windows\system32\ff_acm.acm
2013-08-24 13:09 . 2008-06-15 02:01   60273   ----a-w-   c:\windows\system32\pthreadGC2.dll
2013-08-24 13:09 . 2008-06-15 02:01   258352   ----a-w-   c:\windows\system32\unicows.dll
2013-08-24 13:08 . 2006-07-17 13:42   14909   ----a-w-   c:\windows\system32\A_reg.reg
2013-08-24 13:08 . 2003-03-24 22:49   98304   ----a-w-   c:\windows\system32\L3CODECX.AX
2013-08-24 13:08 . 2003-03-18 14:20   1060864   ----a-w-   c:\windows\system32\MFC71.DLL
2013-08-24 13:08 . 2003-03-18 13:14   499712   ----a-w-   c:\windows\system32\MSVCP71.DLL
2013-08-24 13:08 . 2003-02-20 21:42   348160   ----a-w-   c:\windows\system32\MSVCR71.DLL
2013-08-24 13:08 . 2013-08-24 13:08   --------   d-----w-   c:\program files\Cucusoft
2013-08-23 21:11 . 2013-08-24 13:54   --------   d-----w-   C:\tony
2013-08-21 11:31 . 2013-08-21 11:31   --------   dc-h--w-   c:\programdata\{E54DB1D4-CC7D-414E-8BED-584C447836EA}
2013-08-21 11:27 . 2013-08-21 11:27   --------   dc-h--w-   c:\programdata\{9477ED15-E4A3-4984-9B76-31F573D8EAAF}
2013-08-21 11:26 . 2013-08-21 11:26   --------   dc-h--w-   c:\programdata\{F2610326-6A40-4BBC-9FBC-7F05356A912A}
2013-08-21 11:26 . 2013-08-21 11:27   --------   d-----w-   c:\program files\Common Files\Native Instruments
2013-08-21 11:26 . 2013-08-21 11:27   --------   d-----w-   c:\programdata\Native Instruments
2013-08-21 11:26 . 2013-08-21 11:27   --------   d-----w-   c:\program files\Native Instruments
2013-08-19 23:24 . 2012-08-21 17:01   26840   ----a-w-   c:\windows\system32\drivers\GEARAspiWDM.sys
2013-08-19 23:23 . 2013-08-19 23:23   --------   d-----w-   c:\program files\iPod
2013-08-19 23:23 . 2013-08-19 23:24   --------   d-----w-   c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-08-19 23:23 . 2013-08-19 23:24   --------   d-----w-   c:\program files\iTunes
2013-08-19 20:26 . 2013-08-20 21:50   --------   d-----w-   C:\mp3
2013-08-19 20:20 . 2013-08-19 20:20   --------   d-----w-   c:\program files\VirtualDJ
2013-08-19 17:18 . 2013-08-19 17:18   --------   d-----w-   c:\program files\IrfanView
2013-08-19 17:08 . 2013-08-19 17:08   --------   d-----w-   c:\program files\MPC-HC
2013-08-19 16:57 . 2013-08-19 16:57   --------   d-----w-   c:\programdata\APN
2013-08-19 16:54 . 2013-08-19 16:54   --------   d-----w-   c:\program files\MP3Gain
2013-08-19 16:53 . 2013-08-19 16:53   --------   d-----w-   c:\program files\Abyssmedia
2013-08-19 16:25 . 2013-08-19 16:25   --------   d-----w-   c:\program files\Free YouTube Downloader
2013-08-19 16:14 . 2013-08-19 16:14   --------   d-----w-   c:\programdata\Canneverbe Limited
2013-08-19 16:14 . 2013-08-19 16:14   --------   d-----w-   c:\program files\CDBurnerXP
2013-08-19 16:12 . 2013-08-19 16:12   --------   d-----w-   c:\program files\ImgBurn
2013-08-19 13:35 . 2013-08-19 13:35   --------   d-----w-   c:\windows\ERUNT
2013-08-18 23:16 . 2013-08-18 23:13   95232   ----a-w-   c:\windows\system32\E_TLBHSA.DLL
2013-08-18 23:16 . 2013-08-18 23:13   81408   ----a-w-   c:\windows\system32\E_TD4BHSA.DLL
2013-08-18 23:15 . 2009-12-09 04:00   341504   ----a-w-   c:\windows\system32\esw2ud.dll
2013-08-18 23:15 . 2009-10-16 04:00   132560   ----a-w-   c:\windows\system32\esdevapp.exe
2013-08-18 23:15 . 2009-10-16 04:00   12800   ----a-w-   c:\windows\system32\escdev.dll
2013-08-18 23:15 . 2013-08-18 23:15   --------   d-----w-   c:\program files\epson
2013-08-18 23:12 . 2013-04-17 07:02   1230336   ----a-w-   c:\windows\system32\WindowsCodecs.dll
2013-08-18 23:01 . 2013-08-18 23:01   --------   d-----w-   c:\program files\Common Files\EPSON
2013-08-18 23:01 . 2013-08-18 23:15   --------   d-----w-   c:\programdata\EPSON
2013-08-18 16:06 . 2013-08-18 16:57   --------   d-----w-   c:\program files\GoldWave
2013-08-18 14:09 . 2013-04-09 23:34   1247744   ----a-w-   c:\windows\system32\DWrite.dll
2013-08-18 13:12 . 2013-08-18 13:12   49152   ----a-w-   c:\windows\system32\taskhost.exe
2013-08-18 13:09 . 2013-08-18 13:09   1505280   ----a-w-   c:\windows\system32\d3d11.dll
2013-08-18 12:58 . 2013-07-09 04:50   652800   ----a-w-   c:\windows\system32\rpcrt4.dll
2013-08-18 12:58 . 2012-08-22 17:16   712048   ----a-w-   c:\windows\system32\drivers\ndis.sys
2013-08-18 12:58 . 2012-07-04 19:45   33280   ----a-w-   c:\windows\system32\drivers\RNDISMP.sys
2013-08-18 12:58 . 2013-07-09 04:52   175104   ----a-w-   c:\windows\system32\wintrust.dll
2013-08-18 12:58 . 2013-07-09 04:46   140288   ----a-w-   c:\windows\system32\cryptsvc.dll
2013-08-18 12:58 . 2013-07-09 04:46   1166848   ----a-w-   c:\windows\system32\crypt32.dll
2013-08-18 12:58 . 2013-07-09 04:46   103936   ----a-w-   c:\windows\system32\cryptnet.dll
2013-08-18 12:56 . 2012-08-21 20:12   245760   ----a-w-   c:\windows\system32\OxpsConverter.exe
2013-08-18 12:56 . 2013-07-09 05:03   3913664   ----a-w-   c:\windows\system32\ntoskrnl.exe
2013-08-18 12:56 . 2013-07-09 05:03   3968960   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2013-08-18 12:56 . 2013-07-09 04:53   1289096   ----a-w-   c:\windows\system32\ntdll.dll
2013-08-18 12:56 . 2013-03-19 04:53   186368   ----a-w-   c:\windows\system32\wwansvc.dll
2013-08-18 12:56 . 2013-03-19 03:33   40960   ----a-w-   c:\windows\system32\wwanprotdim.dll
2013-08-18 12:56 . 2013-05-10 03:20   24576   ----a-w-   c:\windows\system32\cryptdlg.dll
2013-08-18 12:56 . 2013-04-26 04:55   492544   ----a-w-   c:\windows\system32\win32spl.dll
2013-08-18 12:54 . 2013-04-10 05:03   936448   ----a-w-   c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-08-18 12:54 . 2013-04-10 05:03   988672   ----a-w-   c:\program files\Windows Journal\JNTFiltr.dll
2013-08-18 12:54 . 2013-04-10 05:04   1221632   ----a-w-   c:\program files\Windows Journal\NBDoc.DLL
2013-08-18 12:54 . 2013-04-10 05:03   969216   ----a-w-   c:\program files\Windows Journal\JNWDRV.dll
2013-08-18 12:54 . 2013-04-10 05:18   728424   ----a-w-   c:\windows\system32\drivers\dxgkrnl.sys
2013-08-18 12:54 . 2013-04-10 05:18   218984   ----a-w-   c:\windows\system32\drivers\dxgmms1.sys
2013-08-18 12:54 . 2012-10-09 17:40   44032   ----a-w-   c:\windows\system32\dhcpcsvc6.dll
2013-08-18 12:54 . 2012-10-09 17:40   193536   ----a-w-   c:\windows\system32\dhcpcore6.dll
2013-08-18 12:54 . 2013-07-19 01:41   2048   ----a-w-   c:\windows\system32\tzres.dll
2013-08-18 12:53 . 2013-05-27 04:57   680960   ----a-w-   c:\program files\Windows Defender\MpSvc.dll
2013-08-18 12:53 . 2013-05-27 04:57   392704   ----a-w-   c:\program files\Windows Defender\MpClient.dll
2013-08-18 12:53 . 2013-05-27 04:57   224768   ----a-w-   c:\program files\Windows Defender\MpCommu.dll
2013-08-18 12:53 . 2013-06-15 03:38   31232   ----a-w-   c:\windows\system32\drivers\tssecsrv.sys
2013-08-18 12:53 . 2013-02-27 05:05   101720   ----a-w-   c:\windows\system32\consent.exe
2013-08-18 12:53 . 2013-02-27 04:49   1796096   ----a-w-   c:\windows\system32\authui.dll
2013-08-18 12:53 . 2013-02-27 04:49   47104   ----a-w-   c:\windows\system32\appinfo.dll
2013-08-17 16:52 . 2013-08-17 16:52   --------   d-----w-   c:\windows\system32\SPReview
2013-08-17 16:51 . 2013-08-17 16:51   --------   d-----w-   c:\windows\system32\EventProviders
2013-08-17 12:20 . 2010-11-20 12:32   5066752   ----a-w-   c:\windows\system32\AuthFWSnapin.dll
2013-08-17 12:19 . 2010-11-20 12:21   307712   ----a-w-   c:\windows\system32\scesrv.dll
2013-08-17 12:18 . 2010-11-20 12:21   189952   ----a-w-   c:\windows\system32\wdscore.dll
2013-08-17 12:18 . 2010-11-20 12:21   363008   ----a-w-   c:\windows\system32\wbemcomn.dll
2013-08-17 12:18 . 2010-11-20 12:21   189952   ----a-w-   c:\program files\Windows Portable Devices\sqmapi.dll
2013-08-17 12:18 . 2010-11-20 12:19   606208   ----a-w-   c:\windows\system32\wbem\fastprox.dll
2013-08-17 12:18 . 2010-11-20 12:21   189952   ----a-w-   c:\windows\system32\sqmapi.dll
2013-08-17 01:26 . 2013-08-17 01:26   --------   d-----w-   c:\windows\system32\Wat
2013-08-15 19:14 . 2013-08-15 19:14   --------   d-----w-   c:\program files\Common Files\Adobe
2013-08-15 12:36 . 2013-08-15 12:36   --------   d-----w-   c:\program files\Inzomia Viewer
2013-08-15 11:40 . 2013-08-19 23:24   --------   dc----w-   c:\windows\system32\DRVSTORE
2013-08-15 11:39 . 2013-08-15 11:39   --------   d-----w-   c:\programdata\Apple Computer
2013-08-15 11:37 . 2013-08-15 11:37   --------   d-----w-   c:\program files\Apple Software Update
2013-08-15 11:37 . 2013-08-15 11:37   --------   d-----w-   c:\program files\Bonjour
2013-08-15 11:36 . 2013-08-19 23:23   --------   d-----w-   c:\program files\Common Files\Apple
2013-08-15 11:36 . 2013-08-15 11:37   --------   d-----w-   c:\programdata\Apple
2013-08-14 18:51 . 2012-12-16 14:13   295424   ----a-w-   c:\windows\system32\atmfd.dll
2013-08-14 18:51 . 2012-12-16 14:13   34304   ----a-w-   c:\windows\system32\atmlib.dll
2013-08-14 18:51 . 2010-09-30 06:47   70656   ----a-w-   c:\windows\system32\fontsub.dll
2013-08-14 18:40 . 2013-08-14 18:42   --------   d-----w-   c:\windows\system32\MRT
2013-08-14 18:06 . 2012-07-26 03:39   526952   ----a-w-   c:\windows\system32\drivers\Wdf01000.sys
2013-08-14 18:06 . 2012-07-26 03:39   47720   ----a-w-   c:\windows\system32\drivers\WdfLdr.sys
2013-08-14 18:06 . 2012-07-26 02:46   9728   ----a-w-   c:\windows\system32\Wdfres.dll
2013-08-14 18:05 . 2012-07-26 02:33   66560   ----a-w-   c:\windows\system32\drivers\WUDFPf.sys
2013-08-14 18:05 . 2012-07-26 02:32   155136   ----a-w-   c:\windows\system32\drivers\WUDFRd.sys
2013-08-14 18:05 . 2012-07-26 03:21   196608   ----a-w-   c:\windows\system32\WUDFHost.exe
2013-08-14 18:05 . 2012-07-26 03:20   73216   ----a-w-   c:\windows\system32\WUDFSvc.dll
2013-08-14 18:05 . 2012-07-26 03:20   613888   ----a-w-   c:\windows\system32\WUDFx.dll
2013-08-14 18:05 . 2012-07-26 03:20   38912   ----a-w-   c:\windows\system32\WUDFCoinstaller.dll
2013-08-14 18:05 . 2012-07-26 03:20   172032   ----a-w-   c:\windows\system32\WUDFPlatform.dll
2013-08-14 18:03 . 2012-03-01 05:46   19824   ----a-w-   c:\windows\system32\drivers\fs_rec.sys
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-17 17:02 . 2009-07-14 02:05   152576   ----a-w-   c:\windows\system32\msclmd.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox1]
@="{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}"
[HKEY_CLASSES_ROOT\CLSID\{152C96EB-288E-4EDC-B7C6-D21F8250ADF3}]
2013-07-08 19:58   179560   ----a-w-   c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox2]
@="{342DAA0B-D796-460D-8566-901E08A1CCAD}"
[HKEY_CLASSES_ROOT\CLSID\{342DAA0B-D796-460D-8566-901E08A1CCAD}]
2013-07-08 19:58   179560   ----a-w-   c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox3]
@="{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}"
[HKEY_CLASSES_ROOT\CLSID\{57595DAE-1AE1-4D97-A49E-67CBB53B52DF}]
2013-07-08 19:58   179560   ----a-w-   c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\__SafeBox4]
@="{33816773-98AE-4723-ADE0-EBE54C8B5A67}"
[HKEY_CLASSES_ROOT\CLSID\{33816773-98AE-4723-ADE0-EBE54C8B5A67}]
2013-07-08 19:58   179560   ----a-w-   c:\program files\Bitdefender\Bitdefender Safebox\safeboxshell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="c:\program files\Bitdefender\Bitdefender\pmbxag.exe" [2013-08-19 472056]
"Bitdefender Wallet"="c:\program files\Bitdefender\Bitdefender\pwdmanui.exe" [2013-08-19 904168]
"Bitdefender Wallet Application Agent"="c:\program files\Bitdefender\Bitdefender\bdapppassmgr.exe" [2013-08-19 621448]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\W32X86\3\E_TATIHSA.EXE" [2013-08-18 220800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Bdagent"="c:\program files\Bitdefender\Bitdefender\bdagent.exe" [2013-08-19 1834776]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-05-31 152392]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-17 4907008]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="c:\program files\Bitdefender\Bitdefender\pmbxag.exe" [2013-08-19 472056]
"Bitdefender Wallet"="c:\program files\Bitdefender\Bitdefender\pwdmanui.exe" [2013-08-19 904168]
"Bitdefender Wallet Application Agent"="c:\program files\Bitdefender\Bitdefender\bdapppassmgr.exe" [2013-08-19 621448]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-08-17 280576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
R3 bdfwfpf_pc;bdfwfpf_pc;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [2013-01-29 96160]
R3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2013-07-23 66832]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-08-17 1343400]
R4 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\Bitdefender\Bitdefender\bdparentalservice.exe [2013-07-05 68344]
S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [2013-07-19 640560]
S0 gzflt;gzflt;c:\windows\system32\DRIVERS\gzflt.sys [2012-10-04 162976]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2013-02-22 78144]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-15 90704]
S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [2012-04-17 72704]
S2 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-05 77824]
S2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE [2013-08-18 130944]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2013-07-11 4927280]
S2 SafeBox;SafeBox;c:\program files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [2013-07-08 81704]
S2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender\updatesrv.exe [2013-08-19 54424]
S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [2012-11-02 242504]
S3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [2013-07-19 490144]
S3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 20480]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 08929232
*Deregistered* - 08929232
*Deregistered* - TrueSight
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-14 00:40]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\mike\AppData\Roaming\Mozilla\Firefox\Profiles\gmdv69d4.default\
FF - prefs.js: browser.startup.homepage - hxxp://us-mg5.mail.yahoo.com/neo/launch?.partner=vz-acs&.rand=dfu0khhqie1qc
FF - ExtSQL: 2013-08-02 15:50; ffpwdman@bitdefender.com; c:\program files\Bitdefender\Bitdefender\ffpwdman
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-08-26  19:11:59
ComboFix-quarantined-files.txt  2013-08-26 23:11
.
Pre-Run: 41,990,823,936 bytes free
Post-Run: 42,182,529,024 bytes free
.
- - End Of File - - 9DF1F7622BBD5BEA92E31E236840C49D
A36C5E4F47E84449FF07ED3517B43A31

mikehendeTopic starter

  • Full Member
  • **
  • Offline Offline
  • Posts: 71
Something's up with my Dell Inspiron win7
« Reply #1 on: August 27, 2013, 12:29:20 AM »
Hey pete, I am pretty sure something's up with my machine which we worked on a short while back. I am thinking I may have transferred something over from the the laptop in my other thread since I had had copied files from that laptop unto my desktop as a backup? I am not 100% sure if my problems with my desktop started immediately after loading the files on it but the timing seems right. The symptoms are I started having problems with pages on the net not loading then I would close FF and reload then they would start to work but this has been happening for a few days now, next problem which jsut developed is the pc is not recognizing either the internal dvd rom or the external dvd drive. I have no problems with a flash drive.

What can I do here please? Since I am not sure when you will get to this, I will try the regular cleaning softwares until I hear from you. BTW, I have Bitdefender on my pc and had scanned the files on my Flash drive before importing into my pc so that is also why I am not sure these files are the cause?
 

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2017 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by Meg&Millie - Emma aka Tinker

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques

    

  

Smokey's also provides free fully qualified FRST (Farbar Recovery Scan Tool) Log / Malware Analysis & Removal Help and System Health Checks
rifle
rifle
rifle
rifle