Inactive [A] IE9 stopped working error, Chrome times out, can't get online

[Jason_618]

Checked in the c drive folder like it said but its not there

 

[Broni]

Redo rKill and Combofix one more time.

 

[Jason_618]

Will do sorry

 

[Broni]

Not your fault. It happens sometimes.

 

[Jason_618]

RKILL Log


Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/26/2013 04:18:18 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Base Filtering Engine (BFE) is not Running.
Startup Type set to: Automatic

* DHCP Client (Dhcp) is not Running.
Startup Type set to: Automatic

* DNS Client (Dnscache) is not Running.
Startup Type set to: Automatic

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Automatic

* Windows Firewall (MpsSvc) is not Running.
Startup Type set to: Automatic

* Network Connections (Netman) is not Running.
Startup Type set to: Manual

* Network Store Interface Service (nsi) is not Running.
Startup Type set to: Automatic

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)

* Ancillary Function Driver for Winsock (AFD) is not Running.
Startup Type set to: System

* Windows Firewall Authorization Driver (mpsdrv) is not Running.
Startup Type set to: Manual

* NetBT (NetBT) is not Running.
Startup Type set to: System

* NSI proxy service driver. (nsiproxy) is not Running.
Startup Type set to: System

* NetIO Legacy TDI Support Driver (tdx) is not Running.
Startup Type set to: System

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 02/26/2013 04:18:24 PM
Execution time: 0 hours(s), 0 minute(s), and 6 seconds(s)

 

[Jason_618]

ComboFix Log



ComboFix 13-02-26.01 - jrybak 02/26/2013 16:20:26.2.8 - x64 MINIMAL
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8124.7191 [GMT -6:00]
Running from: c:\users\jrybak\Desktop\Jason_rybak.exe
AV: COMODO Antivirus *Enabled/Updated* {458BB331-2324-0753-3D5F-1472EB102AC0}
SP: COMODO Antivirus *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2013-01-26 to 2013-02-26 )))))))))))))))))))))))))))))))
.
.
2013-02-26 22:23 . 2013-02-26 22:23--------d-----w-c:\users\Default\AppData\Local\temp
2013-02-26 21:31 . 2013-02-26 21:56--------d-----w-C:\ComboFix
2013-02-26 05:53 . 2013-02-26 05:53--------d-----w-C:\VTRoot
2013-02-26 05:51 . 2013-02-26 05:51--------d-----w-c:\program files (x86)\Common Files\COMODO
2013-02-26 05:36 . 2013-02-26 05:37--------d-s---w-c:\programdata\Shared Space
2013-02-26 05:34 . 2013-02-26 05:34--------d-----w-c:\program files\COMODO
2013-02-26 05:34 . 2013-02-26 05:35--------d-----w-c:\programdata\COMODO
2013-02-26 05:33 . 2013-02-26 05:33--------d-----w-c:\users\jrybak\AppData\Local\Comodo
2013-02-26 05:32 . 2013-02-26 05:3856072----a-w-c:\windows\system32\certsentry.dll
2013-02-26 05:32 . 2013-02-26 05:3847368----a-w-c:\windows\SysWow64\certsentry.dll
2013-02-26 05:32 . 2013-02-26 05:38--------d-----w-c:\program files (x86)\Comodo
2013-02-26 05:32 . 2013-02-26 05:321700352----a-w-c:\windows\SysWow64\gdiplus.dll
2013-02-26 05:32 . 2013-02-26 05:32--------d-----w-c:\programdata\Comodo Downloader
2013-02-25 16:46 . 2013-01-09 01:10996352----a-w-c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-25 16:46 . 2013-01-08 22:01768000----a-w-c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-25 16:40 . 2013-01-05 05:535553512----a-w-c:\windows\system32\ntoskrnl.exe
2013-02-25 16:40 . 2013-01-05 05:003967848----a-w-c:\windows\SysWow64\ntkrnlpa.exe
2013-02-25 16:40 . 2013-01-05 05:003913064----a-w-c:\windows\SysWow64\ntoskrnl.exe
2013-02-25 16:40 . 2013-01-04 03:263153408----a-w-c:\windows\system32\win32k.sys
2013-02-25 16:40 . 2013-01-03 06:001913192----a-w-c:\windows\system32\drivers\tcpip.sys
2013-02-25 16:40 . 2013-01-03 06:00288088----a-w-c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-25 16:39 . 2013-01-04 05:46215040----a-w-c:\windows\system32\winsrv.dll
2013-02-25 16:39 . 2013-01-04 04:515120----a-w-c:\windows\SysWow64\wow32.dll
2013-02-25 16:39 . 2013-01-04 02:4725600----a-w-c:\windows\SysWow64\setup16.exe
2013-02-25 16:39 . 2013-01-04 02:477680----a-w-c:\windows\SysWow64\instnm.exe
2013-02-25 16:39 . 2013-01-04 02:472048----a-w-c:\windows\SysWow64\user.exe
2013-02-25 16:39 . 2013-01-04 02:4714336----a-w-c:\windows\SysWow64\ntvdm64.dll
2013-02-24 10:26 . 2013-02-08 00:289162192----a-w-c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE2E3824-54E6-43E2-A4D7-D90871E9E8B7}\mpengine.dll
2013-01-31 18:44 . 2012-07-26 04:55785512----a-w-c:\windows\system32\drivers\Wdf01000.sys
2013-01-31 18:44 . 2012-07-26 04:5554376----a-w-c:\windows\system32\drivers\WdfLdr.sys
2013-01-31 18:44 . 2012-07-26 04:472560----a-w-c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-01-31 18:44 . 2012-07-26 02:369728----a-w-c:\windows\system32\Wdfres.dll
2013-01-31 18:18 . 2012-12-16 17:1146080----a-w-c:\windows\system32\atmlib.dll
2013-01-31 18:18 . 2012-12-16 14:45367616----a-w-c:\windows\system32\atmfd.dll
2013-01-31 18:18 . 2012-12-16 14:13295424----a-w-c:\windows\SysWow64\atmfd.dll
2013-01-31 18:18 . 2012-12-16 14:1334304----a-w-c:\windows\SysWow64\atmlib.dll
2013-01-31 18:17 . 2012-07-26 02:2687040----a-w-c:\windows\system32\drivers\WUDFPf.sys
2013-01-31 18:17 . 2012-07-26 02:26198656----a-w-c:\windows\system32\drivers\WUDFRd.sys
2013-01-31 18:17 . 2012-07-26 03:0884992----a-w-c:\windows\system32\WUDFSvc.dll
2013-01-31 18:17 . 2012-07-26 03:08194048----a-w-c:\windows\system32\WUDFPlatform.dll
2013-01-31 18:17 . 2012-07-26 03:0845056----a-w-c:\windows\system32\WUDFCoinstaller.dll
2013-01-31 18:17 . 2012-07-26 03:08229888----a-w-c:\windows\system32\WUDFHost.exe
2013-01-31 18:17 . 2012-07-26 03:08744448----a-w-c:\windows\system32\WUDFx.dll
2013-01-31 17:47 . 2012-11-01 05:432002432----a-w-c:\windows\system32\msxml6.dll
2013-01-31 17:44 . 2012-08-24 18:13154480----a-w-c:\windows\system32\drivers\ksecpkg.sys
2013-01-31 17:44 . 2012-08-24 18:09458712----a-w-c:\windows\system32\drivers\cng.sys
2013-01-31 17:44 . 2012-08-24 18:05340992----a-w-c:\windows\system32\schannel.dll
2013-01-31 17:44 . 2012-08-24 18:031448448----a-w-c:\windows\system32\lsasrv.dll
2013-01-31 17:44 . 2012-08-24 16:57247808----a-w-c:\windows\SysWow64\schannel.dll
2013-01-31 17:44 . 2012-08-24 16:5722016----a-w-c:\windows\SysWow64\secur32.dll
2013-01-31 17:44 . 2012-08-24 16:5396768----a-w-c:\windows\SysWow64\sspicli.dll
2013-01-31 17:43 . 2012-10-03 17:44216576----a-w-c:\windows\system32\ncsi.dll
2013-01-31 17:43 . 2012-10-03 17:44246272----a-w-c:\windows\system32\netcorehc.dll
2013-01-31 17:43 . 2012-10-03 16:42156672----a-w-c:\windows\SysWow64\ncsi.dll
2013-01-31 17:43 . 2012-10-03 17:4470656----a-w-c:\windows\system32\nlaapi.dll
2013-01-31 17:43 . 2012-10-03 17:44303104----a-w-c:\windows\system32\nlasvc.dll
2013-01-31 17:43 . 2012-10-03 17:4418944----a-w-c:\windows\system32\netevent.dll
2013-01-31 17:43 . 2012-10-03 17:42569344----a-w-c:\windows\system32\iphlpsvc.dll
2013-01-31 17:43 . 2012-10-03 16:4218944----a-w-c:\windows\SysWow64\netevent.dll
2013-01-31 17:43 . 2012-10-03 16:42175104----a-w-c:\windows\SysWow64\netcorehc.dll
2013-01-31 17:43 . 2012-10-03 16:0745568----a-w-c:\windows\system32\drivers\tcpipreg.sys
2013-01-31 17:43 . 2012-01-13 07:1252224----a-w-c:\windows\SysWow64\nlaapi.dll
2013-01-31 17:42 . 2012-11-20 05:48307200----a-w-c:\windows\system32\ncrypt.dll
2013-01-31 17:42 . 2012-11-20 04:51220160----a-w-c:\windows\SysWow64\ncrypt.dll
2013-01-31 17:42 . 2012-08-21 21:01245760----a-w-c:\windows\system32\OxpsConverter.exe
2013-01-31 17:42 . 2012-08-31 18:191659760----a-w-c:\windows\system32\drivers\ntfs.sys
2013-01-31 17:42 . 2012-08-11 00:56715776----a-w-c:\windows\system32\kerberos.dll
2013-01-31 17:42 . 2012-08-10 23:56542208----a-w-c:\windows\SysWow64\kerberos.dll
2013-01-31 17:42 . 2012-11-22 05:44800768----a-w-c:\windows\system32\usp10.dll
2013-01-31 17:42 . 2012-11-22 04:45626688----a-w-c:\windows\SysWow64\usp10.dll
2013-01-31 17:41 . 2012-10-09 18:1755296----a-w-c:\windows\system32\dhcpcsvc6.dll
2013-01-31 17:41 . 2012-10-09 18:17226816----a-w-c:\windows\system32\dhcpcore6.dll
2013-01-31 17:41 . 2012-10-09 17:4044032----a-w-c:\windows\SysWow64\dhcpcsvc6.dll
2013-01-31 17:41 . 2012-10-09 17:40193536----a-w-c:\windows\SysWow64\dhcpcore6.dll
2013-01-31 17:41 . 2012-08-24 18:05220160----a-w-c:\windows\system32\wintrust.dll
2013-01-31 17:41 . 2012-08-24 16:57172544----a-w-c:\windows\SysWow64\wintrust.dll
2013-01-31 17:41 . 2012-11-09 05:45750592----a-w-c:\windows\system32\win32spl.dll
2013-01-31 17:41 . 2012-11-09 04:43492032----a-w-c:\windows\SysWow64\win32spl.dll
2013-01-31 17:41 . 2012-11-02 05:59478208----a-w-c:\windows\system32\dpnet.dll
2013-01-31 17:41 . 2012-11-02 05:11376832----a-w-c:\windows\SysWow64\dpnet.dll
2013-01-31 17:39 . 2012-06-02 05:41184320----a-w-c:\windows\system32\cryptsvc.dll
2013-01-31 17:39 . 2012-06-02 05:41140288----a-w-c:\windows\system32\cryptnet.dll
2013-01-31 17:39 . 2012-06-02 05:411464320----a-w-c:\windows\system32\crypt32.dll
2013-01-31 17:39 . 2012-06-02 04:36140288----a-w-c:\windows\SysWow64\cryptsvc.dll
2013-01-31 17:39 . 2012-06-02 04:361159680----a-w-c:\windows\SysWow64\crypt32.dll
2013-01-31 17:39 . 2012-06-02 04:36103936----a-w-c:\windows\SysWow64\cryptnet.dll
2013-01-31 17:39 . 2012-11-23 03:1368608----a-w-c:\windows\system32\taskhost.exe
2013-01-31 17:39 . 2012-09-25 22:4778336----a-w-c:\windows\SysWow64\synceng.dll
2013-01-31 17:39 . 2012-09-25 22:4695744----a-w-c:\windows\system32\synceng.dll
2013-01-31 16:48 . 2013-01-31 16:48--------d-----w-c:\users\jrybak\AppData\Local\Lenovo
2013-01-31 16:43 . 2013-01-31 16:4353248----a-r-c:\users\jrybak\AppData\Roaming\Microsoft\Installer\{0369F866-2CE0-4EB9-B426-88FA122C6E82}\ARPPRODUCTICON.exe
2013-01-31 16:43 . 2013-01-31 16:4353248----a-r-c:\users\jrybak\AppData\Roaming\Microsoft\Installer\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}\ARPPRODUCTICON.exe
2013-01-31 16:37 . 2012-12-06 03:0539792----a-w-c:\windows\system32\tpinspm.dll
2013-01-31 16:37 . 2012-12-06 03:0560272----a-w-c:\windows\system32\ibmpmsvc.exe
2013-01-31 16:37 . 2012-12-06 03:0542824----a-w-c:\windows\system32\drivers\ibmpmdrv.sys
2013-01-31 16:37 . 2012-12-06 03:0572048----a-w-c:\windows\system32\ibmpmctl.exe
2013-01-31 16:35 . 2010-10-15 01:261395760----a-w-c:\windows\system32\drivers\SynTP.sys
2013-01-31 16:35 . 2010-10-15 01:24107816----a-w-c:\windows\SysWow64\SynTPCOM.dll
2013-01-31 16:35 . 2010-10-15 01:24215336----a-w-c:\windows\system32\SynTPAPI.dll
2013-01-31 16:35 . 2010-10-15 01:24273704----a-w-c:\windows\system32\SynCtrl.dll
2013-01-31 16:35 . 2010-10-15 01:24218408----a-w-c:\windows\SysWow64\SynCtrl.dll
2013-01-31 16:35 . 2010-10-15 01:24400168----a-w-c:\windows\system32\SynCOM.dll
2013-01-31 16:35 . 2010-10-15 01:24173352----a-w-c:\windows\SysWow64\SynCOM.dll
2013-01-31 16:35 . 2013-01-31 16:35--------d-----w-c:\program files\Synaptics
2013-01-31 16:33 . 2009-08-07 15:491721576----a-w-c:\windows\system32\WdfCoInstaller01009.dll
2013-01-31 16:33 . 2012-10-18 05:19177976----a-w-c:\windows\system32\SynTPCo14.dll
2013-01-31 16:33 . 2011-09-15 00:111048576----a-w-c:\windows\system32\syndata.bin
2013-01-31 16:33 . 2012-10-18 05:1944344----a-w-c:\windows\system32\drivers\Smb_driver_Intel.sys
2013-01-30 03:01 . 2013-02-25 16:08--------dc----w-c:\users\jrybak\AppData\Local\MigWiz
2013-01-29 21:26 . 2013-01-29 21:26--------d-----w-c:\program files\Common Files\SPBA
2013-01-29 21:26 . 2013-01-29 21:26--------d-----w-c:\program files (x86)\Common Files\SPBA
2013-01-29 21:26 . 2013-01-29 21:30--------d-----w-c:\program files\ThinkVantage Fingerprint Software
2013-01-29 20:49 . 2013-02-26 22:07--------d-----r-c:\users\Public
2013-01-28 16:48 . 2012-01-14 04:4168864----a-w-c:\windows\system32\drivers\stream.sys
2013-01-28 16:40 . 2013-01-28 16:40--------d-----w-c:\programdata\Intel
2013-01-28 16:37 . 2013-01-28 16:37--------d-----w-c:\program files (x86)\Cisco
2013-01-28 16:31 . 2013-01-28 16:31--------d-----w-c:\program files\AuthenTec
2013-01-28 16:30 . 2012-05-30 19:42569152----a-w-c:\windows\system32\drivers\iaStor.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-26 21:13 . 2012-03-29 15:30691568----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-26 21:13 . 2011-05-19 13:5871024----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-25 17:00 . 2010-03-25 04:5770004024----a-w-c:\windows\system32\MRT.exe
2013-02-23 15:12 . 2012-05-29 13:43861088----a-w-c:\windows\SysWow64\npDeployJava1.dll
2013-02-23 15:12 . 2010-05-18 15:18782240----a-w-c:\windows\SysWow64\deployJava1.dll
2013-01-25 04:43 . 2013-01-25 04:4343216----a-w-c:\windows\system32\cmdcsr.dll
2013-01-25 04:43 . 2013-01-25 04:43461384----a-w-c:\windows\system32\guard64.dll
2013-01-25 04:43 . 2013-01-25 04:43354752----a-w-c:\windows\SysWow64\guard32.dll
2013-01-25 04:42 . 2013-01-25 04:4245776----a-w-c:\windows\system32\cmdkbd64.dll
2013-01-25 04:42 . 2013-01-25 04:42326352----a-w-c:\windows\system32\cmdvrt64.dll
2013-01-25 04:42 . 2013-01-25 04:4240656----a-w-c:\windows\SysWow64\cmdkbd32.dll
2013-01-25 04:42 . 2013-01-25 04:42263888----a-w-c:\windows\SysWow64\cmdvrt32.dll
2013-01-17 07:28 . 2010-03-24 23:55273840------w-c:\windows\system32\MpSigStub.exe
2013-01-17 01:51 . 2013-01-17 01:5195752----a-w-c:\windows\system32\drivers\inspect.sys
2013-01-17 01:51 . 2013-01-17 01:51699880----a-w-c:\windows\system32\drivers\cmdguard.sys
2013-01-17 01:51 . 2013-01-17 01:5148360----a-w-c:\windows\system32\drivers\cmdhlp.sys
2013-01-17 01:51 . 2013-01-17 01:5123176----a-w-c:\windows\system32\drivers\cmderd.sys
2013-01-04 04:43 . 2013-02-25 16:3944032----a-w-c:\windows\apppatch\acwow64.dll
2012-12-14 22:49 . 2010-06-03 04:4624176----a-w-c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32129272----a-w-c:\users\jrybak\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32129272----a-w-c:\users\jrybak\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32129272----a-w-c:\users\jrybak\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32129272----a-w-c:\users\jrybak\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2012-09-24 5998144]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2010-05-03 112152]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"gbrspcontrol"="c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe" [2013-01-15 1851088]
.
c:\users\jrybak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\jrybak\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-1-20 28539272]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2011-6-13 1090848]
Start GeekBuddy.lnk - c:\program files (x86)\Comodo\GeekBuddy\launcher.exe [2013-2-14 49360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification PackagesREG_MULTI_SZ scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-03-25 834544]
R1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys [x]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2013-01-17 699880]
R1 dqBridge;dqBridge;c:\windows\system32\DRIVERS\dqbridge.sys [2010-01-19 57408]
R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys [2010-09-07 15472]
R2 AMPPALR3;IntelÆ CentrinoÆ Wireless BluetoothÆ + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-03-15 659976]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-04-23 135952]
R2 CLPSLauncher;COMODO LPS Launcher;c:\program files (x86)\Common Files\COMODO\launcher_service.exe [2013-02-14 70352]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 DragonUpdater;COMODO Dragon Update Service;c:\program files (x86)\Comodo\Dragon\dragon_updater.exe [2013-01-24 2074256]
R2 GeekBuddyRSP;GeekBuddyRSP Service;c:\program files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-01-15 1851088]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2010-09-22 165032]
R2 KjsUpdateService2;AppLife Update Service 2.0;c:\program files (x86)\Common Files\AppLifeUpdateService2\kjsausvc.exe [2011-08-02 12800]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [2010-07-27 50536]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [2011-07-12 101736]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [2010-07-27 74088]
R2 NVIDIA Performance Driver Service;NVIDIA Performance Driver Service;c:\program files\NVIDIA Corporation\Performance Drivers\nvPDsvc.exe [2010-04-30 6237800]
R2 OKI OPHG DCS Loader;OKI OPHG DCS Loader;c:\windows\system32\spool\DRIVERS\x64\3\OPHGLDCS.EXE [2007-05-30 20480]
R2 QDLService2kLenovo;Qualcomm Gobi 2000 Download Service (Lenovo);c:\program files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [2011-05-23 1688384]
R2 ScrProj;Lenovo USB Display Screen Projector;c:\program files\Lenovo\ThinkPad USB Port Replicator with Digital Video\dqscrproj.exe [2010-01-15 88576]
R2 smihlp;SMI Helper Driver (smihlp);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [2011-05-31 13128]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [2011-07-12 145256]
R2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [2011-07-12 142696]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-09-30 12728]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-03 2533400]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [2012-06-25 3325232]
R3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys [2009-12-14 163072]
R3 AMPPAL;IntelÆ CentrinoÆ Wireless BluetoothÆ + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2012-03-15 198144]
R3 AMPPALP;IntelÆ CentrinoÆ Wireless BluetoothÆ + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2012-03-15 198144]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-04-29 32768]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2011-09-19 54824]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-12-02 35104]
R3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2009-06-30 292864]
R3 cmdvirth;COMODO Virtual Service Manager;c:\program files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-01-25 158928]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [2009-12-18 17864]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2012-09-24 320576]
R3 dqusb;Driver for dCute_Lenovo;c:\windows\system32\DRIVERS\dqusb.sys [2009-08-06 29688]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2012-02-02 509104]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-08-21 1436424]
R3 LenovoRd;LenovoRd;c:\windows\system32\Drivers\LenovoRd.sys [2009-05-11 118016]
R3 lvlddrv;Lenovo DsplyFltDrv Filter Driver;c:\windows\system32\DRIVERS\lvlddrv.sys [2010-01-19 94784]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys [2010-04-20 22528]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys [2010-03-13 38536]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2012-09-24 1666112]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [2012-09-24 1665088]
R3 qcusbnetlno2k;Gobi 2000 USB-NDIS miniport(05C6-9205);c:\windows\system32\DRIVERS\qcusbnetlno2k.sys [2011-05-23 444416]
R3 qcusbserlno2k;Gobi 2000 USB Device for Legacy Serial Communication(05C6-9205);c:\windows\system32\DRIVERS\qcusbserlno2k.sys [2011-05-23 231040]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-09-30 126392]
R3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys [2009-09-24 41536]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 UsbFltr;WayTech USB Filter Driver;c:\windows\system32\Drivers\UsbFltr.sys [2007-04-09 12288]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-27 1255736]
S0 ALvldr;ALvldr;c:\windows\system32\DRIVERS\ALvldr.sys [2010-01-19 28736]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys [2012-09-24 29512]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys [2011-03-30 23664]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2013-01-17 23176]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys [2009-10-26 61952]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
S3 qcfilterlno2k;Gobi 2000 USB Composite Device Filter Driver(05C6-9205);c:\windows\system32\DRIVERS\qcfilterlno2k.sys [2009-12-08 6400]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-10-18 44344]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-02-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 21:13]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-18 17:33]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-18 17:33]
.
2013-02-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3105217994-110608102-3963826688-1868Core.job
- c:\users\jrybak\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-29 13:52]
.
2013-02-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3105217994-110608102-3963826688-1868UA.job
- c:\users\jrybak\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-29 13:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32162552----a-w-c:\users\jrybak\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32162552----a-w-c:\users\jrybak\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32162552----a-w-c:\users\jrybak\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32162552----a-w-c:\users\jrybak\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-15 307768]
"PSQLLauncher"="c:\program files\ThinkVantage Fingerprint Software\launcher.exe" [2012-09-21 85864]
"Lenovo dCute"="c:\program files\Lenovo\ThinkPad USB Port Replicator with Digital Video\dCute.exe" [2010-01-15 686080]
"cssauth"="c:\program files\Lenovo\Client Security Solution\cssauth.exe" [2011-06-10 5990200]
"AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2012-09-07 63376]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-01-25 1451728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\acaptuser64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig?hl=en&source=iglk
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
DPF: {A6616B31-4860-41E2-98E3-CA7649AF172F} - file:///E:/launch.ocx
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
WebBrowser-{BA14329E-9550-4989-B3F2-9732E92D17CC} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-02-26 16:25:45
ComboFix-quarantined-files.txt 2013-02-26 22:25
ComboFix2.txt 2013-02-26 22:07
.
Pre-Run: 25,675,624,448 bytes free
Post-Run: 25,609,347,072 bytes free
.
- - End Of File - - 760B19B372981D016DD74C7014A6D3E4

 

[Broni]

Looks good.

Before we proceed I need to know how computer is doing?

 

[Jason_618]

I am still sitting in safe mode should I re boot in reg mode?

 

[Broni]

Go ahead and let me know how it goes.

 

[Jason_618]

In safe mode with networking I can get online

not in safe mode I cannot get online, still getting this error


Files that help describe the problem:
C:\Users\jrybak\AppData\Local\Temp\WERB8D3.tmp.WERInternalMetadata.xml
C:\Users\jrybak\AppData\Local\Temp\WERCD9B.tmp.appcompat.txt
C:\Users\jrybak\AppData\Local\Temp\WERCDFA.tmp.mdmp

Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
C:\Windows\system32\en-US\erofflps.txt

 

[Broni]

Straight safe mode doesn't provide internet connection.
Safe mode with networking does.
What about normal mode?

 

[Jason_618]

Correct safe mode with network I can get online, normal mode I get that same eroor message listed above

 

[Broni]

Please download Farbar Service Scanner Download Link and run it on the computer with the issue.

• Make sure the following options are checked:
  
  • Internet Services
  • Windows Firewall
  • System Restore
  • Security Center/Action Center
  • Windows Update
  • Windows Defender
• Press "Scan".
• It will create a log (FSS.txt) in the same directory the tool is run.
• Please copy and paste the log to your reply.

 

[Jason_618]

Farbar Service Scanner Version: 20-02-2013
Ran by jrybak (administrator) on 26-02-2013 at 17:35:19
Running from "C:\Users\jrybak\Desktop"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

 

[Broni]

That looks good.
When exactly are you getting this?

still getting this error
Files that help describe the problem:
C:\Users\jrybak\AppData\Local\Temp\WERB8D3.tmp.WERInternalMetadata.xml
C:\Users\jrybak\AppData\Local\Temp\WERCD9B.tmp.appcompat.txt
C:\Users\jrybak\AppData\Local\Temp\WERCDFA.tmp.mdmp

 

[Jason_618]

I click on internet explorer, I get a message that says Internet Explorer Has Stopped Working, I click close it just pops back up until I close out the IE window, then this time I got this message

iexplore.exe application error

The instruction at 0x6c1497bc referenced memory at 0x0000000c. The memory could not be read.

click on ok to terminate the program

 

[Broni]

I see....

Are you saying that it works fine in safe mode with networking?

 

[Jason_618]

I did not get that erro this time, I got that error last time when closed the explorer window, this time I got that last error message and I did not get the one you just listed above

 

[Broni]

It's not clear.
Can you use IE in normal mode now?

 

[Jason_618]

Sorry,

I cannot use internet explorer in normal mode
I can use internet explorer in safe mode w/ networking

 

[Jason_618]

I got that last error message while in normal mode, I clicked on internet explorer, got the message that said internet explorer has stopped working, then closed the explorer window and got that memory error message

 

[Broni]

OK, go back to safe mode with networking.

Reset Internet Explorer.
Go here: http://support.microsoft.com/kb/923737 and run "FixIt" procedure.
Make sure you follow ALL steps listed there.

Restart in normal mode and see if IE will work now.

 

[Jason_618]

Ok I am on it, additional info is that Chrome & Firefox will connect to internet either, they both time out

 

[Jason_618]

Followed I fix it manuel as the little program wont work in safe mode

IE still goes immediately to windows explorer has stopped working error when I try to open it in normal mode.

 

[Jason_618]

I know no attachments but I think this needs sent, this is what I get when I click the close button on the windows has stopped working message.....again al in normal mode