remove fbi "system failure" virus help

Page 3 of 4 FirstFirst 1234 LastLast

  1. cottonball
    Posts : 2,470
    Windows 7 Home Premium
       New #21

    drmax,

    Don't understand what problem there is with the USB drive. It is showing in Disk Management as G:\ in Disk Management...


    Let's see if the following get you going with the Safe Mode issue...

    please do the following Pefore moving on to the next step: https://www.sevenforums.com/tutorials/697-system-restore-point-create.html


    Now, download ComboFix:
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Save ComboFix.exe to the Desktop <<---


    Please disable your AntiVirus and AntiSpyware applications, as they may interfere with this tool.
    Info: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides


    Double-click combofix.exe and follow the prompts.

    There are several stages processed by CF. Please be patient, as it may take a while to run. (Estimated time: o/a 1 hour)


    When done, ComboFix produces a log: C:\ComboFix.txt


    Please attach the ComboFix.txt in your reply. <<---

    Also, post on whether you can boot to Safe Mode.


    Notes:
    1. Please do not mouse-click the ComboFix window while it is running. This action may cause a stall.
    2. ComboFix may reset a number of Internet Explorer's settings, including making IE the default browser.
    3. It also disconnects the computer from the Internet. However, the connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your computer.
    4. If ComboFix detects any Rootkit/Bootkit activity, it gives a warning and prompts for a reboot. Please allow it to do so. The screen may stay black for several minutes on reboot, however, this is normal.
    5. If the following message appears, please reboot to resolve the issue:
    "Illegal operation attempted on Registry key that has been marked for deletion."
      My Computer
    Quote Quote

  3. drmax
    Posts : 314
    W7 premium 64
    Thread Starter
       New #22

    C/F results


    (have not tried safe mode. will wait until after you have a look at this. thx CottonBall)

    ComboFix 13-06-01.01 - greg 06/01/2013 9:38.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7656.6084 [GMT -4:00]
    Running from: c:\users\greg\Desktop\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
    SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\greg\AppData\Roaming\inst.exe
    c:\users\greg\AppData\Roaming\vso_ts_preview.xml
    .
    .
    ((((((((((((((((((((((((( Files Created from 2013-05-01 to 2013-06-01 )))))))))))))))))))))))))))))))
    .
    .
    2013-06-01 13:44 . 2013-06-01 13:44 -------- d-----w- c:\users\Default\AppData\Local\temp
    2013-06-01 13:09 . 2013-06-01 13:09 -------- d-----w- c:\program files (x86)\Common Files\Java
    2013-06-01 13:09 . 2013-06-01 13:09 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2013-06-01 12:49 . 2013-06-01 12:49 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FFD3EB84-90FA-4CE3-9C50-B9D4E035C430}\offreg.dll
    2013-06-01 00:56 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FFD3EB84-90FA-4CE3-9C50-B9D4E035C430}\mpengine.dll
    2013-05-31 22:26 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2013-05-31 18:32 . 2013-05-31 23:30 -------- d-----w- c:\users\greg\AppData\Roaming\wabEventSupport16
    2013-05-21 18:50 . 2013-05-21 18:49 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3EDA82C7-29AA-40C7-87EE-91B47A464654}\gapaengine.dll
    2013-05-18 15:46 . 2013-05-18 15:46 -------- d-----w- c:\programdata\Cisco Systems
    2013-05-15 07:02 . 2013-05-05 21:36 17818624 ----a-w- c:\windows\system32\mshtml.dll
    2013-05-15 07:02 . 2013-05-05 21:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2013-05-15 07:02 . 2013-05-05 19:12 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2013-05-15 04:51 . 2013-04-10 06:01 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
    2013-05-15 04:51 . 2013-04-10 06:01 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
    2013-05-15 04:51 . 2011-02-03 11:25 144384 ----a-w- c:\windows\system32\cdd.dll
    2013-05-15 04:50 . 2013-02-27 05:52 14172672 ----a-w- c:\windows\system32\shell32.dll
    2013-05-15 04:50 . 2013-02-27 05:52 197120 ----a-w- c:\windows\system32\shdocvw.dll
    2013-05-15 04:50 . 2013-02-27 05:48 1930752 ----a-w- c:\windows\system32\authui.dll
    2013-05-15 04:50 . 2013-02-27 06:02 111448 ----a-w- c:\windows\system32\consent.exe
    2013-05-15 04:50 . 2013-02-27 04:49 1796096 ----a-w- c:\windows\SysWow64\authui.dll
    2013-05-15 04:50 . 2013-02-27 05:47 70144 ----a-w- c:\windows\system32\appinfo.dll
    2013-05-15 04:50 . 2013-03-19 05:53 48640 ----a-w- c:\windows\system32\wwanprotdim.dll
    2013-05-15 04:50 . 2013-03-19 05:53 230400 ----a-w- c:\windows\system32\wwansvc.dll
    2013-05-15 04:50 . 2013-04-10 03:30 3153920 ----a-w- c:\windows\system32\win32k.sys
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-06-01 13:09 . 2012-06-27 20:52 866720 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
    2013-06-01 13:09 . 2012-02-14 22:11 788896 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2013-05-15 11:02 . 2013-01-23 13:36 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-05-15 11:02 . 2013-01-23 13:36 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2013-05-15 07:29 . 2011-03-28 22:36 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2013-05-15 07:07 . 2011-09-04 19:42 75016696 ----a-w- c:\windows\system32\MRT.exe
    2013-05-02 15:29 . 2011-09-04 16:35 278800 ------w- c:\windows\system32\MpSigStub.exe
    2013-04-24 07:28 . 2011-09-14 19:42 905296 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
    2013-04-13 05:49 . 2013-05-15 04:50 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
    2013-04-13 05:49 . 2013-05-15 04:50 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
    2013-04-13 05:49 . 2013-05-15 04:50 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
    2013-04-13 05:49 . 2013-05-15 04:50 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
    2013-04-13 04:45 . 2013-05-15 04:50 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
    2013-04-13 04:45 . 2013-05-15 04:50 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
    2013-04-12 14:45 . 2013-04-23 21:49 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
    2013-04-04 18:50 . 2011-11-01 17:48 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-03-19 06:04 . 2013-04-10 19:35 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-03-19 05:46 . 2013-04-10 19:35 43520 ----a-w- c:\windows\system32\csrsrv.dll
    2013-03-19 05:04 . 2013-04-10 19:35 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
    2013-03-19 05:04 . 2013-04-10 19:35 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
    2013-03-19 04:47 . 2013-04-10 19:35 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
    2013-03-19 03:06 . 2013-04-10 19:35 112640 ----a-w- c:\windows\system32\smss.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "cdloader"="c:\users\greg\AppData\Roaming\mjusbsp\cdloader2.exe" [2012-02-01 50592]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-08 336384]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
    "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
    "AllShareAgent"="c:\program files (x86)\Samsung\AllShare\AllShareAgent.exe" [2012-03-02 285072]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
    .
    c:\users\greg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    magicBlock.lnk - c:\program files (x86)\magicBlock\magicBlock.exe [2008-5-3 479232]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
    R3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
    R3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
    R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys [2013-01-26 32152]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
    R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
    R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2011-09-25 82816]
    R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712]
    R3 vna_ap;Check Point Virtual Network Adapter - Apollo;c:\windows\system32\DRIVERS\vnaap.sys [2011-09-15 161256]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-04 1255736]
    S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys [2011-03-23 36448]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-09-17 140672]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-10-26 204288]
    S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-08 365568]
    S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
    S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-04-23 3574624]
    S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
    S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
    S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-02-24 126952]
    S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-02-24 389608]
    S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
    S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]
    S3 LVUVC64;Logitech QuickCam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-06-01 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-23 11:02]
    .
    2013-05-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2872747093-637173786-3556813959-1000Core.job
    - c:\users\greg\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-12 12:42]
    .
    2013-06-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2872747093-637173786-3556813959-1000UA.job
    - c:\users\greg\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-12 12:42]
    .
    2013-05-26 c:\windows\Tasks\ParetoLogic Registration.job
    - c:\windows\system32\rundll32.exe [2009-07-13 01:14]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = https://login.yahoo.com/config/login_verify2?&.src=ym
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: &ieSpell Options - c:\program files (x86)\ieSpell\iespell.dll/SPELLOPTION.HTM
    IE: Check &Spelling - c:\program files (x86)\ieSpell\iespell.dll/SPELLCHECK.HTM
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
    IE: Lookup on Merriam Webster - file://c:\program files (x86)\ieSpell\Merriam Webster.HTM
    IE: Lookup on Wikipedia - file://c:\program files (x86)\ieSpell\wikipedia.HTM
    IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
    Trusted Zone: fedex.com\*.fw
    Trusted Zone: microsoft.com\update
    TCP: DhcpNameServer = 192.168.0.1
    DPF: {414FB93D-DEDD-4FEF-AD7F-167992EBDB52} - hxxps://portal.sca-vip.fw.fedex.com//SNX/CSHELL/extender.cab
    .
    - - - - ORPHANS REMOVED - - - -
    .
    URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\S-1-5-21-2872747093-637173786-3556813959-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*0*#*7*&*c*4*2*b*8*f*8*&*0*&*a*9*2 *1*0*5*0*2*0*7*0*“÷D\OpenWithList]
    @Class="Shell"
    "a"="vlc.exe"
    "MRUList"="a"
    .
    [HKEY_USERS\S-1-5-21-2872747093-637173786-3556813959-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.Email.1"
    .
    [HKEY_USERS\S-1-5-21-2872747093-637173786-3556813959-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
    @Denied: (2) (LocalSystem)
    "Progid"="WindowsLiveMail.VCard.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe ,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe ,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2013-06-01 09:46:28
    ComboFix-quarantined-files.txt 2013-06-01 13:46
    .
    Pre-Run: 61,657,530,368 bytes free
    Post-Run: 62,283,771,904 bytes free
    .
    - - End Of File - - 88BF95641D2840588C94C7E589BAE0BB
      My Computer
    Quote Quote

  4. drmax
    Posts : 314
    W7 premium 64
    Thread Starter
       New #23

    I could use msconfig to boot into safe mode (or anyways try that) if need be. I didn't know that option existed. I'll hang back and await your response
      My Computer
    Quote Quote

  6. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #24

    Reboot the PC and tab on F8 and see if you could get into safe mode
      My Computer
    Quote Quote

  7. drmax
    Posts : 314
    W7 premium 64
    Thread Starter
       New #25

    VistaKing said:
    Reboot the PC and tab on F8 and see if you could get into safe mode
    no, as it did yesterday...takes me to the boot sequence page, as in which drive I want to start the pc in.
    this is also where my thumb drive would not work. the option was there, but would not go to my drive. i was able to select my dvd drive and start windows with the system disk, however. DM
      My Computer
    Quote Quote

  8. drmax
    Posts : 314
    W7 premium 64
    Thread Starter
       New #26

    welp, now pc will not boot up. it was working. came back to it and monitor has power, but not activated. Manually turn off pc and when turn on, the monitor don't come alive and don't hear the normal chatter of hard drive coming to life. it's 3 yrs old. possibly something happened after combo fix? dunno. it was working after combo fix, however. unsure how to go about getting life into this, other than ordering another h/d and starting over.
    even sliding windows disk into dvd does notta. dm
    Last edited by drmax; 01 Jun 2013 at 13:46.
      My Computer
    Quote Quote

  10. drmax
    Posts : 314
    W7 premium 64
    Thread Starter
       New #27

    drmax said:
    welp, now pc will not boot up. it was working. came back to it and monitor has power, but not activated. Manually turn off pc and when turn on, the monitor don't come alive and don't hear the normal chatter of hard drive coming to life. it's 3 yrs old. possibly something happened after combo fix? dunno. it was working after combo fix, however. unsure how to go about getting life into this, other than ordering another h/d and starting over.
    even sliding windows disk into dvd does notta. dm
    unplugged pc from power altogether. plugged back in and she started right up. ok, so i went into msconfig and in the boot section, had the pc start in safe mode this way. currently running mbar now to see if there is anything there and will try hitman pro again. will report back. dm
      My Computer
    Quote Quote

  11. drmax
    Posts : 314
    W7 premium 64
    Thread Starter
       New #28

    In safemode...Malwarebytes antfimalware found nothing in full scan. Hitman pro has a suspicious file pev.exe. Further reading mentions since I ran combo fix, this could be the cause so I ignored it. MBAR antiroot kit scanned and nothing found. Outside of the pc not F8 into safemode, I appear to be clean. If this all looks clean to you then please mark the solved box for me and I appreciate all of your help. DM
      My Computer
    Quote Quote

  12. VistaKing
    Posts : 6,830
    Windows 7 Ultimate 32-Bit & Windows 7 Ultimate 64-Bit
       New #29

    When you press F8 can you get into Safe Mode , Safe Mode with Networking and Safe Mode with Command Prompt ?

    I could not mark this thread solved. That would be done either by you or Admin or the Moderators
      My Computer
    Quote Quote

  13. drmax
    Posts : 314
    W7 premium 64
    Thread Starter
       New #30

    VistaKing said:
    When you press F8 can you get into Safe Mode , Safe Mode with Networking and Safe Mode with Command Prompt ?

    I could not mark this thread solved. That would be done either by you or Admin or the Moderators
    read post #27 and then onward. I may have been typing when you asked this. as it stands, F8 only takes me into my boot configuration. unless there is another button to push, the only way for me to get into safemode is through msconfig.
      My Computer
    Quote Quote

 
Page 3 of 4 FirstFirst 1234 LastLast

  Related Discussions
Hello im unsure where to place this thread. " Disc boot failure, insert system disc and press enter " Is the error i get after i took out an IDE 80GB HDD. The primary boot drive is a OCZ vertex 2 120GB. Somehow my pc will not boot unless the 80GB HDD is in. Im unsure how they are related so...
Okay so I've just did a system image restore onto a brand new hard drive that i've purchased. My intentions were to basically transfer everything from my old HD to the new one. I had saved the System Image on an external HD. I disconnected my old HD before starting up the system image recovery...
How to Add or Remove "System Configuration" (msconfig) from Control Panel in Windows System Configuration (msconfig) is a tool that can help identify problems that might prevent Windows from starting correctly. This tutorial will show you how to add System Configuration (msconfig) to the...
BSOD "System Power Device Failure"
in BSOD Help and Support

I'm running a few days old HP Pavilion dv6-6047cl laptop with the original OEM version of Windows 7 Home Premium x64. I brought the laptop with me walking from my apartment to college (about 10-15min) and when I arrived I found I had a blue screen about System Device Power Failure. Over the past...
My laptop got infected with "Personal Security". I tried to remove it manually following instructions but I could not find "psecurity.exe" in my system which needs to be deleted. I could not find a free REMOVAL (not just Scan and ask for purchase) tool to get rid of it. I do not want to pay....
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 20:38.
Find Us