Author Topic: Good product but killed my word  (Read 13135 times)

0 Members and 1 Guest are viewing this topic.

Offline cdm

  • Newbie
  • *
  • Join Date: Sep 2013
  • Posts: 4
  • Karma: 0
    • View Profile
Good product but killed my word
« on: September 14, 2013, 10:29:44 am »
it worked good on my computer but created a glitch in my office word will open for 3 seconds and then close imidiatly any one else have this isue.

I will have to get my teck friend look to see if he can find what was deleted and reinstall to fix cant open any of my documents now

Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: Good product but killed my word
« Reply #1 on: September 16, 2013, 02:39:59 pm »
Odd, I run my Repairs on a ton of computers with office and never had a problem, plus none of the repairs target Office.

I wonder if it is a middle man type thing causing the problem.

Lets see if we can get it fixed :-)

What version of Word do you have?

Shane

Offline cdm

  • Newbie
  • *
  • Join Date: Sep 2013
  • Posts: 4
  • Karma: 0
    • View Profile
Re: Good product but killed my word
« Reply #2 on: September 16, 2013, 08:14:21 pm »
Thanks I use ms office starter but I used combofix.org and it solved it as well would not let me update but combofix corrected that lol now Thunderbird wont send but ill find the fix

cheers

Chris

Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: Good product but killed my word
« Reply #3 on: September 17, 2013, 11:17:37 am »
Glad you got it fixed, can you tell me which one you did to make it work? I would like to see if I can find the reason for it breaking int he first place :wink:

Shane

Offline cdm

  • Newbie
  • *
  • Join Date: Sep 2013
  • Posts: 4
  • Karma: 0
    • View Profile
Re: Good product but killed my word
« Reply #4 on: September 17, 2013, 11:52:30 am »
Code: [Select]
ComboFix 13-09-16.01 - Chris Ma 16/09/2013  19:39:51.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.2.1033.18.3559.2467 [GMT -7:00]
Running from: c:\users\Chris Ma\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Desktop\Install
c:\program files (x86)\Google\Desktop\Install\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\9519~1\A535~1\E628~1\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\@
c:\program files (x86)\Google\Desktop\Install\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\9519~1\A535~1\E628~1\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\L\00000004.@
c:\program files (x86)\Google\Desktop\Install\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\9519~1\A535~1\E628~1\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\L\201d3dde
c:\program files (x86)\Google\Desktop\Install\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\9519~1\A535~1\E628~1\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\L\6715e287
c:\program files (x86)\Google\Desktop\Install\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\9519~1\A535~1\E628~1\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\L\76603ac3
c:\program files (x86)\Google\Desktop\Install\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\9519~1\A535~1\E628~1\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\U\00000008.@
c:\program files (x86)\Google\Desktop\Install\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\9519~1\A535~1\E628~1\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\U\80000000.@
c:\program files (x86)\Google\Desktop\Install\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\9519~1\A535~1\E628~1\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\U\80000064.@
c:\programdata\DSearchLink
c:\programdata\DSearchLink\DSearchLink.exe
c:\users\Chris Ma\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Chris Ma\AppData\Local\Google\Desktop\Install
c:\users\Chris Ma\AppData\Local\Google\Desktop\Install\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\2E2F~1\28F0~1\E628~1\{7fac9988-b3d5-ca06-9741-b95369cb9b19}\@
c:\users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_DefaultTabSearch
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-17 to 2013-09-17  )))))))))))))))))))))))))))))))
.
.
2013-09-17 02:49 . 2013-09-17 02:49    --------    d-----w-  c:\users\Public\AppData\Local\temp
2013-09-17 02:49 . 2013-09-17 02:49    --------    d-----w-  c:\users\Default\AppData\Local\temp
2013-09-17 02:49 . 2013-09-17 02:49    --------    d-----w-  c:\users\user\AppData\Local\temp
2013-09-16 21:17 . 2013-09-16 21:17    --------    d-----w-  c:\program files (x86)\Mozilla Maintenance Service
2013-09-16 20:35 . 2013-09-16 20:35    --------    d-----w-  c:\users\Chris Ma\AppData\Local\Opera Software
2013-09-16 20:35 . 2013-09-16 20:35    --------    d-----w-  c:\users\Chris Ma\AppData\Roaming\Opera Software
2013-09-16 20:35 . 2013-09-16 20:35    --------    d-----w-  c:\program files (x86)\Opera
2013-09-16 20:20 . 2013-09-16 20:20    --------    d-----w-  c:\programdata\Babylon
2013-09-16 20:20 . 2013-09-16 20:20    --------    d-----w-  c:\users\Chris Ma\AppData\Roaming\Babylon
2013-09-16 19:26 . 2013-09-16 19:26    --------    d-----w-  c:\programdata\Oracle
2013-09-16 19:26 . 2013-09-16 19:26    --------    d-----w-  c:\program files (x86)\Common Files\Java
2013-09-16 19:25 . 2013-09-16 19:25    96168    ----a-w-  c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-16 19:23 . 2013-09-16 19:23    --------    d-----w-  c:\programdata\McAfee
2013-09-16 17:51 . 2013-08-30 07:48    378944    ----a-w-  c:\windows\system32\drivers\aswSP.sys
2013-09-16 17:51 . 2013-08-30 07:48    33400    ----a-w-  c:\windows\system32\drivers\aswFsBlk.sys
2013-09-16 17:51 . 2013-08-30 07:48    72016    ----a-w-  c:\windows\system32\drivers\aswRdr2.sys
2013-09-16 17:51 . 2013-08-30 07:48    64288    ----a-w-  c:\windows\system32\drivers\aswTdi.sys
2013-09-16 17:51 . 2013-08-30 07:48    204880    ----a-w-  c:\windows\system32\drivers\aswVmm.sys
2013-09-16 17:51 . 2013-08-30 07:48    1030952    ----a-w-  c:\windows\system32\drivers\aswSnx.sys
2013-09-16 17:51 . 2013-08-30 07:48    65336    ----a-w-  c:\windows\system32\drivers\aswRvrt.sys
2013-09-16 17:51 . 2013-08-30 07:48    80816    ----a-w-  c:\windows\system32\drivers\aswMonFlt.sys
2013-09-16 17:51 . 2013-09-16 17:51    --------    d-----w-  c:\program files\Windows Sidebar
2013-09-16 17:51 . 2013-08-30 07:47    41664    ----a-w-  c:\windows\avastSS.scr
2013-09-16 17:50 . 2013-09-16 17:50    --------    d-----w-  c:\program files\AVAST Software
2013-09-16 17:49 . 2013-09-16 17:50    --------    d-----w-  c:\programdata\AVAST Software
2013-09-16 10:20 . 2013-09-16 10:20    22752    ----a-w-  c:\windows\system32\autochk.exe
2013-09-15 15:10 . 2013-09-15 15:10    --------    d-----w-  c:\users\user\AppData\Roaming\Malwarebytes
2013-09-15 00:47 . 2013-09-15 00:47    --------    d-----w-  C:\Panda Software
2013-09-14 16:30 . 2013-09-14 17:20    --------    d-----w-  c:\program files (x86)\Browsersafeguard
2013-09-14 05:11 . 2013-09-14 17:55    --------    d-----w-  c:\users\Chris Ma\AppData\Roaming\redsn0w
2013-09-13 17:01 . 2013-09-15 00:48    --------    d-----w-  c:\windows\system32\catroot2
2013-09-13 16:45 . 2013-09-13 16:59    181064    ----a-w-  c:\windows\PSEXESVC.EXE
2013-09-13 16:40 . 2013-09-13 16:40    --------    d-----w-  C:\RegBackup
2013-09-13 16:30 . 2013-09-13 16:30    --------    d-----w-  C:\found.000
2013-09-13 16:16 . 2013-09-13 16:16    --------    d-----w-  c:\program files\Windows Portable Devices
2013-09-13 16:16 . 2013-09-13 16:16    --------    d-----w-  c:\program files\Windows Defender
2013-09-13 16:16 . 2013-09-13 16:16    --------    d-----w-  c:\program files (x86)\Windows Portable Devices
2013-09-13 15:32 . 2013-09-13 15:32    --------    d-----w-  c:\program files (x86)\Tweaking.com
2013-09-13 04:15 . 2013-09-13 04:15    --------    d-----w-  c:\programdata\Paessler
2013-09-13 04:15 . 2013-09-13 04:15    --------    d-----w-  C:\usr
2013-09-13 04:15 . 2013-09-13 04:15    --------    d-----w-  c:\programdata\Logs
2013-09-13 04:15 . 2013-09-13 04:15    --------    d-----w-  c:\programdata\Licenses
2013-09-12 21:27 . 2013-09-12 21:27    --------    d-----w-  c:\windows\Options
2013-09-12 21:27 . 2011-05-31 23:38    443040    ----a-w-  c:\windows\system32\athihvs.dll
2013-09-12 17:49 . 2013-06-12 21:10    33512    ----a-w-  c:\windows\system32\drivers\DasPtct.SYS
2013-09-12 17:45 . 2013-04-08 23:30    22752    ----a-w-  c:\windows\system32\PCloudBroom64.exe
2013-09-12 03:49 . 2013-08-05 02:25    155584    ----a-w-  c:\windows\system32\drivers\ataport.sys
2013-09-10 18:03 . 2013-09-10 18:03    9430408    ----a-w-  c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-09-10 17:46 . 2013-09-10 17:46    --------    d-----w-  c:\program files (x86)\Xirrus
2013-09-10 17:44 . 2013-09-10 17:44    --------    d-----w-  c:\users\Chris Ma\AppData\Roaming\Xirrus
2013-09-02 23:03 . 2013-09-02 23:03    --------    d-----w-  c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-02 23:03 . 2013-09-02 23:03    --------    d-----w-  c:\program files\iTunes
2013-09-02 23:03 . 2013-09-02 23:03    --------    d-----w-  c:\program files (x86)\iTunes
2013-09-01 16:58 . 2013-09-12 17:26    --------    d-----w-  c:\users\Chris Ma\AppData\Roaming\SurDoc
2013-09-01 16:56 . 2013-09-01 16:56    --------    d-----w-  c:\programdata\SVG_Client
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-16 19:25 . 2012-09-02 12:55    868264    ----a-w-  c:\windows\SysWow64\npDeployJava1.dll
2013-09-16 19:25 . 2011-04-28 03:04    790440    ----a-w-  c:\windows\SysWow64\deployJava1.dll
2013-09-16 19:12 . 2012-07-12 22:46    692616    ----a-w-  c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-16 19:12 . 2012-07-12 22:46    71048    ----a-w-  c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-12 14:27 . 2012-06-22 03:27    79143768    ----a-w-  c:\windows\system32\MRT.exe
2013-08-30 07:47 . 2012-06-26 06:00    287840    ----a-w-  c:\windows\system32\aswBoot.exe
2013-08-02 01:48 . 2013-09-12 03:28    44032    ----a-w-  c:\windows\apppatch\acwow64.dll
2013-07-27 14:57 . 2013-07-27 14:57    76232    ----a-w-  c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8F81C06F-8A1B-4D5A-9E4D-455DB696082D}\offreg.dll
2013-07-25 09:25 . 2013-08-14 19:55    1888768    ----a-w-  c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 19:55    1620992    ----a-w-  c:\windows\SysWow64\WMVDECOD.DLL
2013-07-21 13:44 . 2011-01-07 22:02    829264    ----a-w-  c:\windows\system32\msvcr100.dll
2013-07-21 13:44 . 2011-01-07 22:02    608080    ----a-w-  c:\windows\system32\msvcp100.dll
2013-07-19 01:58 . 2013-08-14 19:55    2048    ----a-w-  c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 19:55    2048    ----a-w-  c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-14 19:56    224256    ----a-w-  c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 19:55    1217024    ----a-w-  c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 19:56    1472512    ----a-w-  c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 19:56    184320    ----a-w-  c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 19:56    139776    ----a-w-  c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 19:55    663552    ----a-w-  c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 19:56    175104    ----a-w-  c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 19:56    1166848    ----a-w-  c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 19:56    140288    ----a-w-  c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 19:56    103936    ----a-w-  c:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03 . 2013-08-14 19:55    1910208    ----a-w-  c:\windows\system32\drivers\tcpip.sys
2013-07-02 08:34 . 2013-07-26 14:49    9460976    ------w-  c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8F81C06F-8A1B-4D5A-9E4D-455DB696082D}\mpengine.dll
2013-06-27 02:21 . 2013-06-27 02:21    23208    ----a-w-  c:\windows\system32\drivers\Sftvolwin7.sys
2013-06-27 02:21 . 2013-06-27 02:21    29352    ----a-w-  c:\windows\system32\drivers\Sftredirwin7.sys
2013-06-27 02:21 . 2013-06-27 02:21    768680    ----a-w-  c:\windows\system32\drivers\Sftfswin7.sys
2013-06-27 02:21 . 2013-06-27 02:21    273576    ----a-w-  c:\windows\system32\drivers\Sftplaywin7.sys
2013-06-27 02:21 . 2013-06-27 02:21    1777320    ----a-w-  c:\windows\system32\sftldr.dll
2013-06-27 02:21 . 2013-06-27 02:21    1130664    ----a-w-  c:\windows\SysWow64\sftldr_wow64.dll
2013-06-19 04:50 . 2013-06-19 04:50    247216    ----a-w-  c:\windows\system32\drivers\MpFilter.sys
2013-06-19 04:50 . 2013-01-20 22:59    139616    ------w-  c:\windows\system32\drivers\NisDrvWFP.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute    REG_MULTI_SZ       autocheck autochk *\0PCloudBroom64.exe \systemroot\system32\BroomData.bit\0PCloudBroom64.exe \systemroot\system32\BroomData.bit
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 dealplylive;DealPly Live Service (dealplylive); [x]
R2 SecureUpdateSvc;SecureUpdate; [x]
R2 WajamUpdater;WajamUpdater; [x]
R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
R3 dealplylivem;DealPly Live Service (dealplylivem); [x]
R3 Prot6Flt;Prot6Flt;c:\windows\system32\DRIVERS\Prot6Flt.sys;c:\windows\SYSNATIVE\DRIVERS\Prot6Flt.sys [x]
R3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys;c:\windows\SYSNATIVE\DRIVERS\PSKMAD.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RSUSBVSTOR;RTSUVSTOR.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RTSUVSTOR.sys;c:\windows\SYSNATIVE\Drivers\RTSUVSTOR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 IObitUnlocker;IObitUnlocker;c:\program files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys;c:\program files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys;c:\windows\SYSNATIVE\DRIVERS\QIOMem.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfswin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfswin7.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaywin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaywin7.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirwin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirwin7.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvolwin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvolwin7.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-09 20:10    1177552    ----a-w-    c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-12 19:12]
.
2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-23 18:12]
.
2013-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-23 18:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47    133840    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 23:11    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 23:11    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 23:11    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 23:11    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 23:11    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 23:11    778704    ----a-w-    c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=82AAE89A8F4A8EA9&affID=119357&tsp=5007
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://mysearch.sweetpacks.com/?src=10&st=12&crg=3.5000006.10068&did=10703&barid=33861896492693066159722273712999403177
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{48A789BF-F6D6-4930-9C8B-77855A63EDE1} - (no file)
BHO-{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - (no file)
Toolbar-Locked - (no file)
Toolbar-{a8177b71-ee19-4e0f-b2f9-02d533eb946e} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\IObit\Advanced SystemCare 6\Monitor.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
.
**************************************************************************
.
Completion time: 2013-09-16  19:58:37 - machine was rebooted
ComboFix-quarantined-files.txt  2013-09-17 02:58
.
Pre-Run: 319,599,845,376 bytes free
Post-Run: 319,386,300,416 bytes free
.
- - End Of File - - 557DD4B921A8029ADA846838CAF2BE7C
5B5E648D12FCADC244C1EC30318E1EB9
« Last Edit: September 17, 2013, 11:55:39 am by Shane »

Offline cdm

  • Newbie
  • *
  • Join Date: Sep 2013
  • Posts: 4
  • Karma: 0
    • View Profile
Re: Good product but killed my word
« Reply #5 on: September 17, 2013, 11:54:26 am »
As for thunderbird must have been a glitch it was solved next time I logged in

Offline Shane

  • Administrator
  • Hero Member
  • *****
  • Join Date: Sep 2011
  • Posts: 9281
  • Location: USA
  • Karma: 137
  • "Knowledge should be shared not hidden."
    • View Profile
Re: Good product but killed my word
« Reply #6 on: September 17, 2013, 11:58:18 am »
Only thing I see is

BHO-{48A789BF-F6D6-4930-9C8B-77855A63EDE1} - (no file)
BHO-{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66} - (no file)
Toolbar-Locked - (no file)
Toolbar-{a8177b71-ee19-4e0f-b2f9-02d533eb946e} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

And it removed some other toolbar crap and add ons. It looks like there was a 3rd party add on that was causing the problem and combofix got rid of it :-)

Shane