Jump to content

trojen cleared desktop and stops mccafee firewall


Recommended Posts

i had a trojen which has cleared my desktop and causing my mccafee firewall to not stay on i need help to get all my stuff on my desktop back and have my firewal stay on here are my files

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29

Run by mech at 10:44:55 on 2012-03-30

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3874.2314 [GMT -4:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\mfevtps.exe

C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

C:\Program Files (x86)\TightVNC\tvnserver.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe

C:\Program Files\ASUS\P4G\BatteryLife.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\syncables\syncables desktop\syncables.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe

C:\Program Files (x86)\TightVNC\tvnserver.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Ask.com\Updater\Updater.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\McAfee\Core\mchost.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://asus.msn.com

uDefault_Page_URL = hxxp://asus.msn.com

mStart Page = hxxp://asus.msn.com

uInternet Settings,ProxyOverride = *.local;192.168.*.*

uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar

\prxtbuTor.dll

mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar

\prxtbuTor.dll

mWinlogon: Userinit=userinit.exe,

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute

CS5.1\Plugins\IEPlugin\contributeieplugin.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat

\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore

\ScriptSn.20110902144342.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files

\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows

Live\Companion\companioncore.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar

\GoogleToolbar_32.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files

\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

BHO: ooVoo toolbar, powered by Ask.com: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com

\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin

\jp2ssv.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat

\ActiveX\AcroIEFavClient.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\PROGRA~2\Yahoo!\Companion\Installs

\cpn0\YTSingleInstance.dll

TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX

\AcroIEFavClient.dll

TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute

CS5.1\Plugins\IEPlugin\contributeieplugin.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

TB: ooVoo toolbar, powered by Ask.com: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com

\GenericAskToolbar.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar

\GoogleToolbar_32.dll

uRun: [syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe

uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files

(x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files

(x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF

Reader\Ereg\Ereg.ini"

mRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe /S

mRun: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [<NO NAME>]

mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

dRun: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe

StartupFolder: C:\Users\mech\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\mech

\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe

\AsusVibeLauncher.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-

48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: SoftwareSASGeneration = 1 (0x1)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live

\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live

\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft

Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft

Office\Office14\ONBttnIELinkedNotes.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 207.159.251.11 207.159.192.183

TCP: Interfaces\{02B7364A-4C61-442A-8B7F-A32F2EF117BA} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{02B7364A-4C61-442A-8B7F-A32F2EF117BA}\152405C4F575942554C4543535 : DhcpNameServer = 207.159.192.182

207.159.192.183

TCP: Interfaces\{02B7364A-4C61-442A-8B7F-A32F2EF117BA}\152607C6F5C61626 : DhcpNameServer = 207.159.251.11 207.159.192.183

TCP: Interfaces\{02B7364A-4C61-442A-8B7F-A32F2EF117BA}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1 167.206.254.2

167.206.254.1

TCP: Interfaces\{02B7364A-4C61-442A-8B7F-A32F2EF117BA}\6796E627F63673D27657563747 : DhcpNameServer = 167.206.254.1

167.206.254.2

TCP: Interfaces\{02B7364A-4C61-442A-8B7F-A32F2EF117BA}\E4F68496649667563705C656163756 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{A56E295F-9532-4E6D-A5DB-1FD2D8FF92DE} : DhcpNameServer = 207.159.251.11 207.159.192.183

TCP: Interfaces\{A56E295F-9532-4E6D-A5DB-1FD2D8FF92DE}\152405C4F575942554C4543535 : DhcpNameServer = 207.159.192.182

207.159.192.183

TCP: Interfaces\{A56E295F-9532-4E6D-A5DB-1FD2D8FF92DE}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1 167.206.254.1

167.206.254.2

TCP: Interfaces\{A56E295F-9532-4E6D-A5DB-1FD2D8FF92DE}\E4544574541425 : DhcpNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared

\OFFICE14\MSOXMLMF.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery

\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs

\cpn0\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute

CS5.1\Plugins\IEPlugin\contributeieplugin.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe

\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore

\ScriptSn.20110902144342.dll

BHO-X64: scriptproxy - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files

\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows

Live\Companion\companioncore.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar

\GoogleToolbar_32.dll

BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common

Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:

\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

BHO-X64: uTorrentBar - No File

BHO-X64: ooVoo toolbar, powered by Ask.com: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com

\GenericAskToolbar.dll

BHO-X64: Ask Toolbar BHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin

\jp2ssv.dll

BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat

\ActiveX\AcroIEFavClient.dll

BHO-X64: SmartSelect - No File

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs

\cpn0\YTSingleInstance.dll

TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll

TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX

\AcroIEFavClient.dll

TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute

CS5.1\Plugins\IEPlugin\contributeieplugin.dll

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

TB-X64: ooVoo toolbar, powered by Ask.com: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com

\GenericAskToolbar.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar

\GoogleToolbar_32.dll

mRun-x64: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files

(x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun-x64: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files

(x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance

\PDF Reader\Ereg\Ereg.ini"

mRun-x64: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun-x64: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe /S

mRun-x64: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [(Default)]

mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"

mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:

\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

Hosts: 94.63.147.16 www.google.com

Hosts: 94.63.147.17 www.bing.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\mech\AppData\Roaming\Mozilla\Firefox\Profiles\u66xabv0.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys

[?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS

\vwififlt.sys [?]

R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-29 652360]

R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-2 355440]

R2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-9-2 200056]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-9-2 245352]

R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe

[?]

R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]

R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-8-30 2358656]

R2 tvnserver;TightVNC Server;C:\Program Files (x86)\TightVNC\tvnserver.exe [2011-8-3 828944]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel®

Management Engine Components\UNS\UNS.exe [2011-5-12 2655768]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys

[?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys

--> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS

\HECIx64.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows

\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework

\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET

\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-3 135664]

S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-2 355440]

S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-2 355440]

S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23

1493352]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-3 135664]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files

(x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared

\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows

\system32\DRIVERS\SiSG664.sys [?]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers

\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows

\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-03-30 07:37:16 -------- d-----w- C:\TDSSKiller_Quarantine

2012-03-30 01:18:18 -------- d-----w- C:\Users\mech\AppData\Local\{752F8BDD-7A01-11E1-826D-B8AC6F996F26}

2012-03-30 00:43:51 -------- d-----w- C:\Users\mech\AppData\Roaming\Malwarebytes

2012-03-30 00:43:44 90112 ----a-w- C:\Windows\SysWow64\compgMgr.dll

2012-03-30 00:43:44 100352 ----a-w- C:\Windows\System32\compgMgr64.dll

2012-03-30 00:43:16 -------- d-----w- C:\ProgramData\Malwarebytes

2012-03-30 00:43:15 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-03-30 00:43:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-03-29 10:39:57 -------- d-sh--w- C:\found.000

2012-03-29 01:18:46 5120 ------w- C:\ProgramData\Microsoft\Windows\DRM\B281.tmp

2012-03-29 01:18:46 5120 ------w- C:\ProgramData\Microsoft\Windows\DRM\B280.tmp

2012-03-27 07:09:42 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-03-27 07:09:41 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-03-27 07:09:40 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-03-26 23:41:16 3145728 ----a-w- C:\Windows\System32\win32k.sys

2012-03-26 23:41:05 1544192 ----a-w- C:\Windows\System32\DWrite.dll

2012-03-26 23:41:04 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-03-26 23:40:33 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-03-26 23:40:32 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-03-26 23:40:32 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-03-26 23:39:30 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-03-26 23:39:28 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-03-26 23:39:28 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-03-26 23:39:27 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

.

==================== Find3M ====================

.

2012-03-30 07:40:04 45056 ----a-w- C:\Windows\System32\acovcnt.exe

2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll

2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll

.

============= FINISH: 10:47:27.95 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 7/31/2011 8:05:28 PM

System Uptime: 3/30/2012 9:56:16 AM (1 hours ago)

.

Motherboard: ASUSTeK Computer Inc. | | K53E

Processor: Intel® Pentium® CPU B940 @ 2.00GHz | CPU 1 | 1400/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 186 GiB total, 11.768 GiB free.

D: is FIXED (NTFS) - 254 GiB total, 254.323 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

??????? Windows Live Mesh ActiveX ??(????)

??????? Windows Live Mesh ActiveX ???

µTorrent

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe After Effects CS5.5 Third Party Content

Adobe AIR

Adobe Community Help

Adobe Content Viewer

Adobe Creative Suite 5.5 Master Collection

Adobe Flash Player 11 ActiveX

Adobe Story

Adobe Widget Browser

Alcor Micro USB Card Reader

Android SDK Tools

Apple Application Support

Apple Software Update

Ask Toolbar

ASUS AI Recovery

ASUS FaceLogon

ASUS FancyStart

ASUS LifeFrame3

ASUS Live Update

ASUS Splendid Video Enhancement Technology

ASUS Virtual Camera

ASUS WebStorage

AsusScr_K3 Series_ENG

AsusVibe2.0

ATK Package

calibre

City of Heroes

Complemento Messenger

Complément Messenger

Contrôle ActiveX Windows Live Mesh pour connexions à distance

Control ActiveX de Windows Live Mesh para conexiones remotas

Controlo ActiveX do Windows Live Mesh para Ligações Remotas

CyberLink BD_3D Advisor 2.0

CyberLink LabelPrint

CyberLink Power2Go

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dropbox

Galeria de Fotografias do Windows Live

Galerie de photos Windows Live

Galería fotográfica de Windows Live

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

HexEdit

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

iTunes DB Cloner

Java Auto Updater

Java 6 Update 29

Junk Mail filter update

LiveUSB Creator (remove only)

Malwarebytes Anti-Malware version 1.60.1.1000

McAfee SecurityCenter

Mesh Runtime

Messenger ????

Messenger ?????

Messenger Companion

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

MotoHelper 2.1.32 Driver 5.4.0

MotoHelper MergeModules

Mozilla Firefox 10.0.2 (x86 en-US)

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP3 Parser (KB973685)

NCsoft Launcher

Nuance PDF Reader

ooVoo

ooVoo toolbar, powered by Ask.com Updater

PDF Settings CS5

PxMergeModule

QuickTime

Realtek High Definition Audio Driver

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition

Sonic Focus

Star Trek Online

syncables desktop SE

System Requirements Lab CYRI

TeamViewer 6

TightVNC 2.0.4

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

Update for Microsoft Outlook Social Connector (KB2583935)

uTorrentBar Toolbar

VLC media player 1.1.11

Windows Live

Windows Live ???

Windows Live ????

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinFlash

WinRAR 4.01 (32-bit)

Wireless Console 3

Yahoo! Messenger

Yahoo! Software Update

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

3/30/2012 9:56:36 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following

error: The specified service does not exist as an installed service.

3/30/2012 9:56:36 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following

service: BFE. This service might not be installed.

3/30/2012 9:56:36 AM, Error: Service Control Manager [7003] - The Internet Connection Sharing (ICS) service depends the

following service: BFE. This service might not be installed.

3/30/2012 9:56:36 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the

following service: BFE. This service might not be installed.

3/30/2012 8:38:59 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the

service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

3/30/2012 8:38:59 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the

service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

3/30/2012 8:38:55 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the

service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

3/30/2012 8:38:49 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the

service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

3/30/2012 8:30:00 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the

service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

3/30/2012 8:25:57 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed

to load: ATKWMIACPIIO discache spldr Wanarpv6

3/30/2012 8:25:53 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service

which failed to start because of the following error: The dependency service or group failed to start.

3/30/2012 5:02:33 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

3/30/2012 4:55:55 AM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-

specific error %%-2147023143.

3/30/2012 4:23:40 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective

action (Restart the service) after the unexpected termination of the McAfee VirusScan Announcer service, but this action

failed with the following error: An instance of the service is already running.

3/30/2012 4:23:40 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective

action (Restart the service) after the unexpected termination of the McAfee Services service, but this action failed with

the following error: An instance of the service is already running.

3/30/2012 10:18:36 AM, Error: Service Control Manager [7034] - The McAfee VirusScan Announcer service terminated

unexpectedly. It has done this 3 time(s).

3/30/2012 10:18:36 AM, Error: Service Control Manager [7034] - The McAfee Services service terminated unexpectedly. It

has done this 3 time(s).

3/30/2012 10:18:36 AM, Error: Service Control Manager [7034] - The McAfee Proxy Service service terminated unexpectedly.

It has done this 3 time(s).

3/30/2012 10:18:36 AM, Error: Service Control Manager [7034] - The McAfee Network Agent service terminated unexpectedly.

It has done this 3 time(s).

3/30/2012 10:06:13 AM, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the

following service: MpsSvc. This service might not be installed.

3/30/2012 10:05:07 AM, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated

unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart

the service.

3/30/2012 10:05:07 AM, Error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It

has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/30/2012 10:05:07 AM, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly.

It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/30/2012 10:05:07 AM, Error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly.

It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/30/2012 10:03:56 AM, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated

unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart

the service.

3/30/2012 10:03:56 AM, Error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It

has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/30/2012 10:03:56 AM, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly.

It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/30/2012 10:03:56 AM, Error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly.

It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/30/2012 1:37:06 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage

could not grow due to a user imposed limit.

3/29/2012 8:05:32 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the

chkdsk utility on the volume OS.

3/29/2012 7:00:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting

for a transaction response from the TeamViewer6 service.

3/29/2012 7:00:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting

for a transaction response from the ShellHWDetection service.

3/29/2012 6:13:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting

for a transaction response from the McODS service.

3/29/2012 10:13:32 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 207.159.251.21 with

the system having network hardware address 00-14-38-E6-41-9D. Network operations on this system may be disrupted as a

result.

3/29/2012 1:11:25 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the

chkdsk utility on the volume C:.

3/28/2012 6:49:51 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{A56E295F-

9532-4E6D-A5DB-1FD2D8FF92DE} because another computer on the network has the same name. The server could not start.

3/28/2012 6:49:51 PM, Error: NetBT [4321] - The name "MECH-PC :20" could not be registered on the interface with

IP address 192.168.1.12. The computer with the IP address 192.168.2.30 did not allow the name to be claimed by this

computer.

3/28/2012 6:49:51 PM, Error: NetBT [4321] - The name "MECH-PC :0" could not be registered on the interface with IP

address 192.168.1.12. The computer with the IP address 192.168.2.30 did not allow the name to be claimed by this computer.

3/28/2012 6:49:37 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0

bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an

internal error.

3/28/2012 5:47:12 PM, Error: Service Control Manager [7022] - The McAfee VirusScan Announcer service hung on starting.

3/28/2012 11:09:21 PM, Error: Service Control Manager [7022] - The Internet Connection Sharing (ICS) service hung on

starting.

3/27/2012 12:05:33 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting

for a transaction response from the mcmscsvc service.

3/24/2012 11:25:28 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 207.159.251.23 with

the system having network hardware address 00-17-08-81-B6-FD. Network operations on this system may be disrupted as a

result.

.

==== End Of File ===========================

Link to post
Share on other sites

Hello mechanic1978 and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Please uninstall the following applications:

µTorrent - It is against our policy. Take a look: here

Ask Toolbar - Bundled with many third party applications - also see this note

uTorrentBar Toolbar - A Conduit "Community Toolbar" - modifies the default IE URL search hook. Conduit toolbars are reputed to have a certain trackware functionality.

ooVoo toolbar, powered by Ask.com Updater - VMN Toolbar variant by Visicom Media, detected by some as AdWare.Win32.MegaSearch or Adware.VMN hailing from zugo.com, bundled with various third party software.

Step 2

Please download unhide.exe from here and save it to your Desktop. Double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.

Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Malwarebytes' Anti-Malware log
  • a new fresh DDS log file

Link to post
Share on other sites

thank you for your help almost all my icons are back thought my mccafee firewall is still not able to stay on and i just found out windows security center is disabled and not able to be reactivated

here are the log files you requested

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29

Run by mech at 7:49:28 on 2012-03-31

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3874.2041 [GMT -4:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\mfevtps.exe

C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

C:\Program Files (x86)\TightVNC\tvnserver.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe

C:\Program Files\ASUS\P4G\BatteryLife.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\syncables\syncables desktop\syncables.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe

C:\Program Files\Elantech\ETDCtrlHelper.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\TightVNC\tvnserver.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Users\mech\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\UI0Detect.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\notepad.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://asus.msn.com

uDefault_Page_URL = hxxp://asus.msn.com

mStart Page = hxxp://asus.msn.com

uInternet Settings,ProxyOverride = *.local;192.168.*.*

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110902144342.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File

uRun: [syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe

uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"

mRun: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe /S

mRun: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

dRun: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe

StartupFolder: C:\Users\mech\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\mech\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: SoftwareSASGeneration = 1 (0x1)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{02B7364A-4C61-442A-8B7F-A32F2EF117BA} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{02B7364A-4C61-442A-8B7F-A32F2EF117BA}\152405C4F575942554C4543535 : DhcpNameServer = 207.159.192.182 207.159.192.183

TCP: Interfaces\{02B7364A-4C61-442A-8B7F-A32F2EF117BA}\152607C6F5C61626 : DhcpNameServer = 207.159.251.11 207.159.192.183

TCP: Interfaces\{02B7364A-4C61-442A-8B7F-A32F2EF117BA}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1 167.206.254.2 167.206.254.1

TCP: Interfaces\{02B7364A-4C61-442A-8B7F-A32F2EF117BA}\6796E627F63673D27657563747 : DhcpNameServer = 167.206.254.1 167.206.254.2

TCP: Interfaces\{02B7364A-4C61-442A-8B7F-A32F2EF117BA}\E4F68496649667563705C656163756 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{A56E295F-9532-4E6D-A5DB-1FD2D8FF92DE} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{A56E295F-9532-4E6D-A5DB-1FD2D8FF92DE}\152405C4F575942554C4543535 : DhcpNameServer = 207.159.192.182 207.159.192.183

TCP: Interfaces\{A56E295F-9532-4E6D-A5DB-1FD2D8FF92DE}\152607C6F5C61626 : DhcpNameServer = 207.159.251.11 207.159.192.183

TCP: Interfaces\{A56E295F-9532-4E6D-A5DB-1FD2D8FF92DE}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1 167.206.254.2 167.206.254.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110902144342.dll

BHO-X64: scriptproxy - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO-X64: SmartSelect - No File

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn0\yt.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB-X64: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File

mRun-x64: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

mRun-x64: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

mRun-x64: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"

mRun-x64: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe

mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe

mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe

mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe

mRun-x64: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe /S

mRun-x64: [tvncontrol] "C:\Program Files (x86)\TightVNC\tvnserver.exe" -controlservice -slave

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

Hosts: 94.63.147.16 www.google.com

Hosts: 94.63.147.17 www.bing.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\mech\AppData\Roaming\Mozilla\Firefox\Profiles\u66xabv0.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-7-26 17024]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]

R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-3-29 652360]

R2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-9-2 200056]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-9-2 245352]

R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]

R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]

R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-8-30 2358656]

R2 tvnserver;TightVNC Server;C:\Program Files (x86)\TightVNC\tvnserver.exe [2011-8-3 828944]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-5-12 2655768]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-3 135664]

S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-2 355440]

S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-2 355440]

S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-9-2 355440]

S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-2-3 135664]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-03-30 07:37:16 -------- d-----w- C:\TDSSKiller_Quarantine

2012-03-30 01:18:18 -------- d-----w- C:\Users\mech\AppData\Local\{752F8BDD-7A01-11E1-826D-B8AC6F996F26}

2012-03-30 00:43:51 -------- d-----w- C:\Users\mech\AppData\Roaming\Malwarebytes

2012-03-30 00:43:44 90112 ----a-w- C:\Windows\SysWow64\compgMgr.dll

2012-03-30 00:43:44 100352 ----a-w- C:\Windows\System32\compgMgr64.dll

2012-03-30 00:43:16 -------- d-----w- C:\ProgramData\Malwarebytes

2012-03-30 00:43:15 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-03-30 00:43:14 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-03-29 10:39:57 -------- d-sh--w- C:\found.000

2012-03-29 01:18:46 5120 ------w- C:\ProgramData\Microsoft\Windows\DRM\B281.tmp

2012-03-29 01:18:46 5120 ------w- C:\ProgramData\Microsoft\Windows\DRM\B280.tmp

2012-03-27 07:09:42 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-03-27 07:09:41 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-03-27 07:09:40 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-03-26 23:41:16 3145728 ----a-w- C:\Windows\System32\win32k.sys

2012-03-26 23:41:05 1544192 ----a-w- C:\Windows\System32\DWrite.dll

2012-03-26 23:41:04 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-03-26 23:40:33 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-03-26 23:40:32 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-03-26 23:40:32 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-03-26 23:39:30 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-03-26 23:39:28 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-03-26 23:39:28 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-03-26 23:39:27 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

.

==================== Find3M ====================

.

2012-03-31 10:15:33 45056 ----a-w- C:\Windows\System32\acovcnt.exe

2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll

2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll

.

============= FINISH: 7:51:37.23 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 7/31/2011 8:05:28 PM

System Uptime: 3/31/2012 7:24:32 AM (0 hours ago)

.

Motherboard: ASUSTeK Computer Inc. | | K53E

Processor: Intel® Pentium® CPU B940 @ 2.00GHz | CPU 1 | 2000/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 186 GiB total, 11.41 GiB free.

D: is FIXED (NTFS) - 254 GiB total, 254.323 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP67: 3/31/2012 7:31:42 AM - Removed ooVoo

.

==== Installed Programs ======================

.

??????? Windows Live Mesh ActiveX ??(????)

??????? Windows Live Mesh ActiveX ???

Adobe Acrobat X Pro - English, Français, Deutsch

Adobe After Effects CS5.5 Third Party Content

Adobe AIR

Adobe Community Help

Adobe Content Viewer

Adobe Creative Suite 5.5 Master Collection

Adobe Flash Player 11 ActiveX

Adobe Story

Adobe Widget Browser

Alcor Micro USB Card Reader

Android SDK Tools

Apple Application Support

Apple Software Update

ASUS AI Recovery

ASUS FaceLogon

ASUS FancyStart

ASUS LifeFrame3

ASUS Live Update

ASUS Splendid Video Enhancement Technology

ASUS Virtual Camera

ASUS WebStorage

AsusScr_K3 Series_ENG

AsusVibe2.0

ATK Package

calibre

City of Heroes

Complemento Messenger

Complément Messenger

Contrôle ActiveX Windows Live Mesh pour connexions à distance

Control ActiveX de Windows Live Mesh para conexiones remotas

Controlo ActiveX do Windows Live Mesh para Ligações Remotas

CyberLink BD_3D Advisor 2.0

CyberLink LabelPrint

CyberLink Power2Go

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dropbox

Galeria de Fotografias do Windows Live

Galerie de photos Windows Live

Galería fotográfica de Windows Live

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

HexEdit

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

iTunes DB Cloner

Java Auto Updater

Java 6 Update 29

Junk Mail filter update

LiveUSB Creator (remove only)

Malwarebytes Anti-Malware version 1.60.1.1000

McAfee SecurityCenter

Mesh Runtime

Messenger ????

Messenger ?????

Messenger Companion

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

MotoHelper 2.1.32 Driver 5.4.0

MotoHelper MergeModules

Mozilla Firefox 10.0.2 (x86 en-US)

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP3 Parser (KB973685)

NCsoft Launcher

Nuance PDF Reader

PDF Settings CS5

PxMergeModule

QuickTime

Realtek High Definition Audio Driver

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition

Sonic Focus

Star Trek Online

syncables desktop SE

System Requirements Lab CYRI

TeamViewer 6

TightVNC 2.0.4

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

Update for Microsoft Outlook Social Connector (KB2583935)

VLC media player 1.1.11

Windows Live

Windows Live ???

Windows Live ????

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinFlash

WinRAR 4.01 (32-bit)

Wireless Console 3

Yahoo! Messenger

Yahoo! Software Update

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

3/31/2012 7:33:06 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.

3/31/2012 7:32:23 AM, Error: Service Control Manager [7034] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 3 time(s).

3/31/2012 7:32:23 AM, Error: Service Control Manager [7034] - The McAfee Services service terminated unexpectedly. It has done this 3 time(s).

3/31/2012 7:32:23 AM, Error: Service Control Manager [7034] - The McAfee Proxy Service service terminated unexpectedly. It has done this 3 time(s).

3/31/2012 7:32:23 AM, Error: Service Control Manager [7034] - The McAfee Network Agent service terminated unexpectedly. It has done this 3 time(s).

3/31/2012 7:31:07 AM, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/31/2012 7:31:07 AM, Error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/31/2012 7:31:07 AM, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/31/2012 7:31:07 AM, Error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/31/2012 7:29:53 AM, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/31/2012 7:29:53 AM, Error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/31/2012 7:29:53 AM, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/31/2012 7:29:53 AM, Error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

3/31/2012 7:26:01 AM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.

3/31/2012 7:24:55 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

3/31/2012 7:24:55 AM, Error: Service Control Manager [7003] - The Internet Connection Sharing (ICS) service depends the following service: BFE. This service might not be installed.

3/31/2012 7:24:54 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

3/31/2012 7:24:54 AM, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

3/31/2012 7:24:54 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

3/30/2012 8:38:59 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

3/30/2012 8:38:59 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

3/30/2012 8:38:55 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

3/30/2012 8:38:49 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

3/30/2012 8:30:00 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}

3/30/2012 8:25:57 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ATKWMIACPIIO discache spldr Wanarpv6

3/30/2012 8:25:53 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

3/30/2012 10:13:17 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee VirusScan Announcer service, but this action failed with the following error: An instance of the service is already running.

3/30/2012 10:13:17 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Services service, but this action failed with the following error: An instance of the service is already running.

3/30/2012 1:37:06 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

3/29/2012 8:05:32 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume OS.

3/29/2012 7:00:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer6 service.

3/29/2012 7:00:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

3/29/2012 6:13:07 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McODS service.

3/29/2012 10:13:32 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 207.159.251.21 with the system having network hardware address 00-14-38-E6-41-9D. Network operations on this system may be disrupted as a result.

3/29/2012 1:11:25 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.

3/28/2012 6:49:51 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{A56E295F-9532-4E6D-A5DB-1FD2D8FF92DE} because another computer on the network has the same name. The server could not start.

3/28/2012 6:49:51 PM, Error: NetBT [4321] - The name "MECH-PC :20" could not be registered on the interface with IP address 192.168.1.12. The computer with the IP address 192.168.2.30 did not allow the name to be claimed by this computer.

3/28/2012 6:49:51 PM, Error: NetBT [4321] - The name "MECH-PC :0" could not be registered on the interface with IP address 192.168.1.12. The computer with the IP address 192.168.2.30 did not allow the name to be claimed by this computer.

3/28/2012 6:49:37 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.

3/28/2012 5:47:12 PM, Error: Service Control Manager [7022] - The McAfee VirusScan Announcer service hung on starting.

3/28/2012 11:09:21 PM, Error: Service Control Manager [7022] - The Internet Connection Sharing (ICS) service hung on starting.

3/27/2012 12:05:33 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mcmscsvc service.

3/24/2012 11:25:28 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 207.159.251.23 with the system having network hardware address 00-17-08-81-B6-FD. Network operations on this system may be disrupted as a result.

.

==== End Of File ===========================

Malwarebytes Anti-Malware (PRO) 1.60.1.1000

www.malwarebytes.org

Database version: v2012.03.31.05

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

mech :: MECH-PC [administrator]

Protection: Enabled

3/31/2012 7:40:46 AM

mbam-log-2012-03-31 (07-40-46).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 237680

Time elapsed: 4 minute(s), 57 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Because your system is still infected.

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 2

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

In your next reply, post the following log files:

  • TDSSKiller log
  • ComboFix log

Link to post
Share on other sites

here are the logs

09:04:04.0053 4128 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18

09:04:04.0492 4128 ============================================================

09:04:04.0492 4128 Current date / time: 2012/03/31 09:04:04.0492

09:04:04.0492 4128 SystemInfo:

09:04:04.0492 4128

09:04:04.0492 4128 OS Version: 6.1.7601 ServicePack: 1.0

09:04:04.0492 4128 Product type: Workstation

09:04:04.0493 4128 ComputerName: MECH-PC

09:04:04.0493 4128 UserName: mech

09:04:04.0493 4128 Windows directory: C:\Windows

09:04:04.0493 4128 System windows directory: C:\Windows

09:04:04.0493 4128 Running under WOW64

09:04:04.0493 4128 Processor architecture: Intel x64

09:04:04.0493 4128 Number of processors: 2

09:04:04.0493 4128 Page size: 0x1000

09:04:04.0493 4128 Boot type: Normal boot

09:04:04.0493 4128 ============================================================

09:04:05.0175 4128 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

09:04:05.0182 4128 \Device\Harddisk0\DR0:

09:04:05.0182 4128 MBR used

09:04:05.0182 4128 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x1749B9A8

09:04:05.0205 4128 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A69D000, BlocksNum 0x1FCE4030

09:04:05.0312 4128 Initialize success

09:04:05.0312 4128 ============================================================

09:04:13.0427 1764 ============================================================

09:04:13.0428 1764 Scan started

09:04:13.0428 1764 Mode: Manual; SigCheck; TDLFS;

09:04:13.0428 1764 ============================================================

09:04:14.0498 1764 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

09:04:14.0767 1764 1394ohci - ok

09:04:14.0885 1764 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

09:04:14.0925 1764 ACPI - ok

09:04:14.0981 1764 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

09:04:15.0105 1764 AcpiPmi - ok

09:04:15.0208 1764 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

09:04:15.0237 1764 adp94xx - ok

09:04:15.0280 1764 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

09:04:15.0300 1764 adpahci - ok

09:04:15.0318 1764 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

09:04:15.0334 1764 adpu320 - ok

09:04:15.0364 1764 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

09:04:15.0532 1764 AeLookupSvc - ok

09:04:15.0648 1764 AFBAgent (6e79a119b0ce418fe44e0c824bf3f039) C:\Windows\system32\FBAgent.exe

09:04:15.0818 1764 AFBAgent - ok

09:04:15.0925 1764 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

09:04:16.0043 1764 AFD - ok

09:04:16.0168 1764 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

09:04:16.0192 1764 agp440 - ok

09:04:16.0259 1764 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

09:04:16.0335 1764 ALG - ok

09:04:16.0447 1764 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

09:04:16.0473 1764 aliide - ok

09:04:16.0504 1764 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

09:04:16.0517 1764 amdide - ok

09:04:16.0581 1764 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

09:04:16.0643 1764 AmdK8 - ok

09:04:16.0694 1764 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

09:04:16.0733 1764 AmdPPM - ok

09:04:16.0836 1764 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

09:04:16.0858 1764 amdsata - ok

09:04:16.0967 1764 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

09:04:16.0998 1764 amdsbs - ok

09:04:17.0124 1764 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

09:04:17.0148 1764 amdxata - ok

09:04:17.0251 1764 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

09:04:17.0447 1764 AppID - ok

09:04:17.0535 1764 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

09:04:17.0636 1764 AppIDSvc - ok

09:04:17.0750 1764 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

09:04:17.0851 1764 Appinfo - ok

09:04:17.0934 1764 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

09:04:17.0956 1764 Apple Mobile Device - ok

09:04:18.0030 1764 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

09:04:18.0054 1764 arc - ok

09:04:18.0072 1764 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

09:04:18.0086 1764 arcsas - ok

09:04:18.0163 1764 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

09:04:18.0191 1764 ASLDRService - ok

09:04:18.0198 1764 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

09:04:18.0208 1764 ASMMAP64 - ok

09:04:18.0320 1764 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

09:04:18.0345 1764 aspnet_state - ok

09:04:18.0413 1764 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

09:04:18.0502 1764 AsyncMac - ok

09:04:18.0570 1764 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

09:04:18.0583 1764 atapi - ok

09:04:18.0677 1764 athr (b4174564ad5834a1680610572477878c) C:\Windows\system32\DRIVERS\athrx.sys

09:04:18.0873 1764 athr - ok

09:04:18.0934 1764 ATKGFNEXSrv (7910158929571214a959d5a6d16dd9c0) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

09:04:18.0959 1764 ATKGFNEXSrv - ok

09:04:19.0001 1764 ATKWMIACPIIO (1f7238a37389ed92e9d8eee975cabd54) C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

09:04:19.0023 1764 ATKWMIACPIIO - ok

09:04:19.0143 1764 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

09:04:19.0261 1764 AudioEndpointBuilder - ok

09:04:19.0293 1764 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

09:04:19.0338 1764 AudioSrv - ok

09:04:19.0399 1764 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

09:04:19.0521 1764 AxInstSV - ok

09:04:19.0641 1764 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

09:04:19.0724 1764 b06bdrv - ok

09:04:19.0819 1764 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

09:04:19.0874 1764 b57nd60a - ok

09:04:19.0977 1764 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

09:04:20.0046 1764 BDESVC - ok

09:04:20.0108 1764 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

09:04:20.0208 1764 Beep - ok

09:04:20.0265 1764 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

09:04:20.0405 1764 BITS - ok

09:04:20.0501 1764 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

09:04:20.0561 1764 blbdrive - ok

09:04:20.0641 1764 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

09:04:20.0692 1764 Bonjour Service - ok

09:04:20.0793 1764 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

09:04:20.0876 1764 bowser - ok

09:04:20.0960 1764 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

09:04:21.0066 1764 BrFiltLo - ok

09:04:21.0158 1764 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

09:04:21.0224 1764 BrFiltUp - ok

09:04:21.0282 1764 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

09:04:21.0386 1764 Browser - ok

09:04:21.0434 1764 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

09:04:21.0521 1764 Brserid - ok

09:04:21.0581 1764 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

09:04:21.0618 1764 BrSerWdm - ok

09:04:21.0668 1764 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

09:04:21.0711 1764 BrUsbMdm - ok

09:04:21.0775 1764 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

09:04:21.0821 1764 BrUsbSer - ok

09:04:21.0922 1764 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

09:04:22.0015 1764 BthEnum - ok

09:04:22.0108 1764 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

09:04:22.0181 1764 BTHMODEM - ok

09:04:22.0267 1764 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

09:04:22.0324 1764 BthPan - ok

09:04:22.0429 1764 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

09:04:22.0505 1764 BTHPORT - ok

09:04:22.0608 1764 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

09:04:22.0706 1764 bthserv - ok

09:04:22.0760 1764 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

09:04:22.0824 1764 BTHUSB - ok

09:04:22.0869 1764 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

09:04:22.0952 1764 cdfs - ok

09:04:23.0023 1764 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

09:04:23.0071 1764 cdrom - ok

09:04:23.0141 1764 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

09:04:23.0230 1764 CertPropSvc - ok

09:04:23.0286 1764 cfwids (676535b3156fecf7133cf80b4d2f6cf7) C:\Windows\system32\drivers\cfwids.sys

09:04:23.0308 1764 cfwids - ok

09:04:23.0344 1764 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

09:04:23.0398 1764 circlass - ok

09:04:23.0448 1764 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

09:04:23.0481 1764 CLFS - ok

09:04:23.0538 1764 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:04:23.0563 1764 clr_optimization_v2.0.50727_32 - ok

09:04:23.0626 1764 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

09:04:23.0641 1764 clr_optimization_v2.0.50727_64 - ok

09:04:23.0718 1764 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:04:23.0773 1764 clr_optimization_v4.0.30319_32 - ok

09:04:23.0883 1764 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

09:04:23.0911 1764 clr_optimization_v4.0.30319_64 - ok

09:04:23.0988 1764 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

09:04:24.0037 1764 CmBatt - ok

09:04:24.0071 1764 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

09:04:24.0087 1764 cmdide - ok

09:04:24.0182 1764 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

09:04:24.0256 1764 CNG - ok

09:04:24.0358 1764 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

09:04:24.0384 1764 Compbatt - ok

09:04:24.0424 1764 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

09:04:24.0496 1764 CompositeBus - ok

09:04:24.0517 1764 COMSysApp - ok

09:04:24.0552 1764 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

09:04:24.0566 1764 crcdisk - ok

09:04:24.0613 1764 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

09:04:24.0708 1764 CryptSvc - ok

09:04:24.0832 1764 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

09:04:24.0961 1764 DcomLaunch - ok

09:04:25.0009 1764 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

09:04:25.0100 1764 defragsvc - ok

09:04:25.0205 1764 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

09:04:25.0288 1764 DfsC - ok

09:04:25.0386 1764 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

09:04:25.0464 1764 Dhcp - ok

09:04:25.0528 1764 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

09:04:25.0623 1764 discache - ok

09:04:25.0736 1764 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

09:04:25.0760 1764 Disk - ok

09:04:25.0789 1764 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

09:04:25.0876 1764 Dnscache - ok

09:04:25.0907 1764 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

09:04:25.0978 1764 dot3svc - ok

09:04:26.0009 1764 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

09:04:26.0074 1764 DPS - ok

09:04:26.0122 1764 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

09:04:26.0170 1764 drmkaud - ok

09:04:26.0229 1764 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

09:04:26.0300 1764 DXGKrnl - ok

09:04:26.0331 1764 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

09:04:26.0395 1764 EapHost - ok

09:04:26.0512 1764 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

09:04:26.0663 1764 ebdrv - ok

09:04:26.0705 1764 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

09:04:26.0785 1764 EFS - ok

09:04:26.0862 1764 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

09:04:26.0981 1764 ehRecvr - ok

09:04:27.0012 1764 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

09:04:27.0101 1764 ehSched - ok

09:04:27.0237 1764 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

09:04:27.0285 1764 elxstor - ok

09:04:27.0337 1764 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

09:04:27.0368 1764 ErrDev - ok

09:04:27.0461 1764 ETD (4c120d2b2ea269eae7a5744794eb6db1) C:\Windows\system32\DRIVERS\ETD.sys

09:04:27.0494 1764 ETD - ok

09:04:27.0531 1764 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

09:04:27.0609 1764 EventSystem - ok

09:04:27.0653 1764 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

09:04:27.0721 1764 exfat - ok

09:04:27.0753 1764 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

09:04:27.0812 1764 fastfat - ok

09:04:27.0905 1764 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

09:04:28.0001 1764 Fax - ok

09:04:28.0052 1764 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

09:04:28.0095 1764 fdc - ok

09:04:28.0171 1764 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

09:04:28.0251 1764 fdPHost - ok

09:04:28.0279 1764 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

09:04:28.0341 1764 FDResPub - ok

09:04:28.0392 1764 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

09:04:28.0420 1764 FileInfo - ok

09:04:28.0442 1764 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

09:04:28.0499 1764 Filetrace - ok

09:04:28.0528 1764 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

09:04:28.0574 1764 flpydisk - ok

09:04:28.0616 1764 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

09:04:28.0644 1764 FltMgr - ok

09:04:28.0698 1764 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

09:04:28.0832 1764 FontCache - ok

09:04:28.0933 1764 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:04:28.0957 1764 FontCache3.0.0.0 - ok

09:04:29.0040 1764 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

09:04:29.0066 1764 FsDepends - ok

09:04:29.0140 1764 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

09:04:29.0165 1764 fssfltr - ok

09:04:29.0269 1764 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

09:04:29.0343 1764 fsssvc - ok

09:04:29.0438 1764 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

09:04:29.0458 1764 Fs_Rec - ok

09:04:29.0511 1764 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

09:04:29.0532 1764 fvevol - ok

09:04:29.0562 1764 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

09:04:29.0576 1764 gagp30kx - ok

09:04:29.0616 1764 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

09:04:29.0628 1764 GEARAspiWDM - ok

09:04:29.0673 1764 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

09:04:29.0754 1764 gpsvc - ok

09:04:29.0883 1764 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

09:04:29.0904 1764 gupdate - ok

09:04:29.0937 1764 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

09:04:29.0953 1764 gupdatem - ok

09:04:29.0975 1764 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

09:04:29.0994 1764 gusvc - ok

09:04:30.0088 1764 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

09:04:30.0157 1764 hcw85cir - ok

09:04:30.0269 1764 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

09:04:30.0333 1764 HdAudAddService - ok

09:04:30.0445 1764 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

09:04:30.0498 1764 HDAudBus - ok

09:04:30.0530 1764 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

09:04:30.0551 1764 HidBatt - ok

09:04:30.0578 1764 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

09:04:30.0613 1764 HidBth - ok

09:04:30.0647 1764 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

09:04:30.0681 1764 HidIr - ok

09:04:30.0715 1764 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

09:04:30.0772 1764 hidserv - ok

09:04:30.0931 1764 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

09:04:30.0969 1764 HidUsb - ok

09:04:31.0003 1764 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

09:04:31.0066 1764 hkmsvc - ok

09:04:31.0123 1764 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

09:04:31.0212 1764 HomeGroupListener - ok

09:04:31.0275 1764 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

09:04:31.0334 1764 HomeGroupProvider - ok

09:04:31.0422 1764 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

09:04:31.0454 1764 HpSAMD - ok

09:04:31.0530 1764 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

09:04:31.0619 1764 HTTP - ok

09:04:31.0697 1764 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

09:04:31.0722 1764 hwpolicy - ok

09:04:31.0848 1764 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

09:04:31.0880 1764 i8042prt - ok

09:04:31.0933 1764 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\DRIVERS\iaStor.sys

09:04:31.0952 1764 iaStor - ok

09:04:32.0024 1764 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

09:04:32.0058 1764 iaStorV - ok

09:04:32.0166 1764 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

09:04:32.0235 1764 idsvc - ok

09:04:32.0586 1764 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys

09:04:32.0991 1764 igfx - ok

09:04:33.0088 1764 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

09:04:33.0112 1764 iirsp - ok

09:04:33.0175 1764 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

09:04:33.0283 1764 IKEEXT - ok

09:04:33.0419 1764 IntcAzAudAddService (02c93ebaa4421418411448fe7fdfd815) C:\Windows\system32\drivers\RTKVHD64.sys

09:04:33.0534 1764 IntcAzAudAddService - ok

09:04:33.0643 1764 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys

09:04:33.0708 1764 IntcDAud - ok

09:04:33.0802 1764 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

09:04:33.0827 1764 intelide - ok

09:04:33.0880 1764 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

09:04:33.0915 1764 intelppm - ok

09:04:33.0960 1764 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

09:04:34.0050 1764 IPBusEnum - ok

09:04:34.0147 1764 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:04:34.0228 1764 IpFilterDriver - ok

09:04:34.0271 1764 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

09:04:34.0306 1764 IPMIDRV - ok

09:04:34.0400 1764 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

09:04:34.0470 1764 IPNAT - ok

09:04:34.0573 1764 iPod Service (4472c8825b5e41d8697d5962f47ab1c9) C:\Program Files\iPod\bin\iPodService.exe

09:04:34.0623 1764 iPod Service - ok

09:04:34.0714 1764 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

09:04:34.0819 1764 IRENUM - ok

09:04:34.0934 1764 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

09:04:34.0960 1764 isapnp - ok

09:04:35.0017 1764 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

09:04:35.0048 1764 iScsiPrt - ok

09:04:35.0102 1764 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

09:04:35.0125 1764 kbdclass - ok

09:04:35.0164 1764 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

09:04:35.0204 1764 kbdhid - ok

09:04:35.0303 1764 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys

09:04:35.0325 1764 kbfiltr - ok

09:04:35.0377 1764 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:04:35.0403 1764 KeyIso - ok

09:04:35.0426 1764 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

09:04:35.0439 1764 KSecDD - ok

09:04:35.0466 1764 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

09:04:35.0481 1764 KSecPkg - ok

09:04:35.0523 1764 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

09:04:35.0576 1764 ksthunk - ok

09:04:35.0673 1764 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

09:04:35.0787 1764 KtmRm - ok

09:04:35.0884 1764 L1C (a4a9ca24e54e81c6c3e469eaeb4b3f42) C:\Windows\system32\DRIVERS\L1C62x64.sys

09:04:35.0911 1764 L1C - ok

09:04:35.0971 1764 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

09:04:36.0060 1764 LanmanServer - ok

09:04:36.0102 1764 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

09:04:36.0183 1764 LanmanWorkstation - ok

09:04:36.0248 1764 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

09:04:36.0331 1764 lltdio - ok

09:04:36.0422 1764 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

09:04:36.0514 1764 lltdsvc - ok

09:04:36.0539 1764 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

09:04:36.0580 1764 lmhosts - ok

09:04:36.0681 1764 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

09:04:36.0710 1764 LMS - ok

09:04:36.0856 1764 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

09:04:36.0883 1764 LSI_FC - ok

09:04:36.0907 1764 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

09:04:36.0921 1764 LSI_SAS - ok

09:04:36.0937 1764 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

09:04:36.0949 1764 LSI_SAS2 - ok

09:04:36.0976 1764 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

09:04:36.0990 1764 LSI_SCSI - ok

09:04:37.0031 1764 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

09:04:37.0088 1764 luafv - ok

09:04:37.0203 1764 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

09:04:37.0224 1764 MBAMProtector - ok

09:04:37.0323 1764 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

09:04:37.0368 1764 MBAMService - ok

09:04:37.0462 1764 McMPFSvc (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

09:04:37.0493 1764 McMPFSvc - ok

09:04:37.0502 1764 mcmscsvc (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

09:04:37.0519 1764 mcmscsvc - ok

09:04:37.0528 1764 McNaiAnn (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

09:04:37.0542 1764 McNaiAnn - ok

09:04:37.0557 1764 McNASvc (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

09:04:37.0573 1764 McNASvc - ok

09:04:37.0627 1764 McODS (3809b77eb1734cd5fb317425f188abc1) C:\Program Files\McAfee\VirusScan\mcods.exe

09:04:37.0674 1764 McODS - ok

09:04:37.0802 1764 McProxy (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

09:04:37.0824 1764 McProxy - ok

09:04:37.0881 1764 McShield (87cc32f90123313a3febe6a71fc62dad) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

09:04:37.0902 1764 McShield - ok

09:04:37.0968 1764 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

09:04:38.0003 1764 Mcx2Svc - ok

09:04:38.0059 1764 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

09:04:38.0084 1764 megasas - ok

09:04:38.0113 1764 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

09:04:38.0131 1764 MegaSR - ok

09:04:38.0172 1764 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys

09:04:38.0185 1764 MEIx64 - ok

09:04:38.0288 1764 mfeapfk (fb752feb1ed4e660ff51712892905c04) C:\Windows\system32\drivers\mfeapfk.sys

09:04:38.0315 1764 mfeapfk - ok

09:04:38.0373 1764 mfeavfk (5822e70233218bcf22a65fcea74d012d) C:\Windows\system32\drivers\mfeavfk.sys

09:04:38.0398 1764 mfeavfk - ok

09:04:38.0418 1764 mfeavfk01 - ok

09:04:38.0518 1764 mfefire (ad2b622b46b78f212eb82330073b79e0) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

09:04:38.0552 1764 mfefire - ok

09:04:38.0645 1764 mfefirek (5a24e7c834576313d8c5eaf0825da844) C:\Windows\system32\drivers\mfefirek.sys

09:04:38.0686 1764 mfefirek - ok

09:04:38.0833 1764 mfehidk (39030c98198f02a2f3a1c3166bf56253) C:\Windows\system32\drivers\mfehidk.sys

09:04:38.0873 1764 mfehidk - ok

09:04:38.0938 1764 mfenlfk (50c3a9d7465d385061c0601deefb5a8e) C:\Windows\system32\DRIVERS\mfenlfk.sys

09:04:38.0953 1764 mfenlfk - ok

09:04:39.0017 1764 mferkdet (edf5ee799a0b3ed6dce8bb16a51f3d1f) C:\Windows\system32\drivers\mferkdet.sys

09:04:39.0032 1764 mferkdet - ok

09:04:39.0068 1764 mfevtp (bfcdf65f8513e396889a62dc1397273f) C:\Windows\system32\mfevtps.exe

09:04:39.0087 1764 mfevtp - ok

09:04:39.0128 1764 mfewfpk (9182faf9addd5ea6308d155ceb502c6f) C:\Windows\system32\drivers\mfewfpk.sys

09:04:39.0150 1764 mfewfpk - ok

09:04:39.0209 1764 Microsoft SharePoint Workspace Audit Service - ok

09:04:39.0301 1764 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

09:04:39.0410 1764 MMCSS - ok

09:04:39.0450 1764 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

09:04:39.0504 1764 Modem - ok

09:04:39.0542 1764 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

09:04:39.0612 1764 monitor - ok

09:04:39.0757 1764 MotoHelper (9dfd34e6841c460b5d992a1c5327ae69) C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

09:04:39.0786 1764 MotoHelper - ok

09:04:39.0908 1764 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

09:04:39.0935 1764 mouclass - ok

09:04:40.0048 1764 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

09:04:40.0085 1764 mouhid - ok

09:04:40.0155 1764 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

09:04:40.0186 1764 mountmgr - ok

09:04:40.0227 1764 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

09:04:40.0250 1764 mpio - ok

09:04:40.0286 1764 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

09:04:40.0356 1764 mpsdrv - ok

09:04:40.0405 1764 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

09:04:40.0428 1764 MRxDAV - ok

09:04:40.0472 1764 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

09:04:40.0543 1764 mrxsmb - ok

09:04:40.0584 1764 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:04:40.0634 1764 mrxsmb10 - ok

09:04:40.0740 1764 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:04:40.0790 1764 mrxsmb20 - ok

09:04:40.0828 1764 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

09:04:40.0845 1764 msahci - ok

09:04:40.0898 1764 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

09:04:40.0918 1764 msdsm - ok

09:04:40.0947 1764 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

09:04:40.0985 1764 MSDTC - ok

09:04:41.0018 1764 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

09:04:41.0075 1764 Msfs - ok

09:04:41.0112 1764 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

09:04:41.0174 1764 mshidkmdf - ok

09:04:41.0210 1764 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

09:04:41.0223 1764 msisadrv - ok

09:04:41.0278 1764 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

09:04:41.0361 1764 MSiSCSI - ok

09:04:41.0370 1764 msiserver - ok

09:04:41.0418 1764 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

09:04:41.0498 1764 MSKSSRV - ok

09:04:41.0535 1764 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

09:04:41.0627 1764 MSPCLOCK - ok

09:04:41.0675 1764 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

09:04:41.0734 1764 MSPQM - ok

09:04:41.0768 1764 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

09:04:41.0789 1764 MsRPC - ok

09:04:41.0842 1764 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

09:04:41.0858 1764 mssmbios - ok

09:04:41.0895 1764 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

09:04:41.0953 1764 MSTEE - ok

09:04:41.0965 1764 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

09:04:41.0989 1764 MTConfig - ok

09:04:42.0020 1764 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

09:04:42.0033 1764 Mup - ok

09:04:42.0077 1764 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

09:04:42.0182 1764 napagent - ok

09:04:42.0256 1764 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

09:04:42.0320 1764 NativeWifiP - ok

09:04:42.0421 1764 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys

09:04:42.0483 1764 NDIS - ok

09:04:42.0527 1764 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

09:04:42.0626 1764 NdisCap - ok

09:04:42.0734 1764 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

09:04:42.0810 1764 NdisTapi - ok

09:04:42.0860 1764 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

09:04:42.0938 1764 Ndisuio - ok

09:04:42.0987 1764 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

09:04:43.0048 1764 NdisWan - ok

09:04:43.0088 1764 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

09:04:43.0145 1764 NDProxy - ok

09:04:43.0190 1764 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

09:04:43.0275 1764 NetBIOS - ok

09:04:43.0332 1764 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

09:04:43.0414 1764 NetBT - ok

09:04:43.0456 1764 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:04:43.0487 1764 Netlogon - ok

09:04:43.0531 1764 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

09:04:43.0596 1764 Netman - ok

09:04:43.0686 1764 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:04:43.0708 1764 NetMsmqActivator - ok

09:04:43.0714 1764 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:04:43.0730 1764 NetPipeActivator - ok

09:04:43.0802 1764 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

09:04:43.0852 1764 netprofm - ok

09:04:43.0939 1764 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:04:43.0964 1764 NetTcpActivator - ok

09:04:43.0982 1764 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:04:43.0993 1764 NetTcpPortSharing - ok

09:04:44.0070 1764 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

09:04:44.0099 1764 nfrd960 - ok

09:04:44.0145 1764 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

09:04:44.0234 1764 NlaSvc - ok

09:04:44.0319 1764 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

09:04:44.0376 1764 Npfs - ok

09:04:44.0412 1764 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

09:04:44.0495 1764 nsi - ok

09:04:44.0520 1764 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

09:04:44.0580 1764 nsiproxy - ok

09:04:44.0748 1764 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

09:04:44.0853 1764 Ntfs - ok

09:04:44.0946 1764 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

09:04:45.0027 1764 Null - ok

09:04:45.0092 1764 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

09:04:45.0109 1764 nvraid - ok

09:04:45.0142 1764 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

09:04:45.0158 1764 nvstor - ok

09:04:45.0216 1764 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

09:04:45.0245 1764 nv_agp - ok

09:04:45.0295 1764 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

09:04:45.0339 1764 ohci1394 - ok

09:04:45.0433 1764 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:04:45.0457 1764 ose - ok

09:04:45.0634 1764 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

09:04:45.0832 1764 osppsvc - ok

09:04:45.0920 1764 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

09:04:45.0994 1764 p2pimsvc - ok

09:04:46.0024 1764 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

09:04:46.0064 1764 p2psvc - ok

09:04:46.0107 1764 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

09:04:46.0151 1764 Parport - ok

09:04:46.0198 1764 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

09:04:46.0215 1764 partmgr - ok

09:04:46.0256 1764 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

09:04:46.0298 1764 PcaSvc - ok

09:04:46.0357 1764 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

09:04:46.0388 1764 pci - ok

09:04:46.0404 1764 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

09:04:46.0417 1764 pciide - ok

09:04:46.0463 1764 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

09:04:46.0490 1764 pcmcia - ok

09:04:46.0518 1764 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

09:04:46.0531 1764 pcw - ok

09:04:46.0561 1764 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

09:04:46.0630 1764 PEAUTH - ok

09:04:46.0736 1764 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

09:04:46.0786 1764 PerfHost - ok

09:04:46.0879 1764 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

09:04:46.0985 1764 pla - ok

09:04:47.0055 1764 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

09:04:47.0163 1764 PlugPlay - ok

09:04:47.0219 1764 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

09:04:47.0273 1764 PNRPAutoReg - ok

09:04:47.0308 1764 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

09:04:47.0345 1764 PNRPsvc - ok

09:04:47.0388 1764 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

09:04:47.0438 1764 PolicyAgent - ok

09:04:47.0483 1764 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

09:04:47.0544 1764 Power - ok

09:04:47.0635 1764 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

09:04:47.0689 1764 PptpMiniport - ok

09:04:47.0778 1764 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

09:04:47.0826 1764 Processor - ok

09:04:47.0894 1764 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

09:04:47.0985 1764 ProfSvc - ok

09:04:48.0067 1764 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:04:48.0093 1764 ProtectedStorage - ok

09:04:48.0151 1764 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

09:04:48.0214 1764 Psched - ok

09:04:48.0322 1764 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

09:04:48.0346 1764 PxHlpa64 - ok

09:04:48.0425 1764 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

09:04:48.0494 1764 ql2300 - ok

09:04:48.0540 1764 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

09:04:48.0554 1764 ql40xx - ok

09:04:48.0610 1764 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

09:04:48.0637 1764 QWAVE - ok

09:04:48.0707 1764 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

09:04:48.0768 1764 QWAVEdrv - ok

09:04:48.0854 1764 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

09:04:48.0943 1764 RasAcd - ok

09:04:48.0996 1764 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

09:04:49.0041 1764 RasAgileVpn - ok

09:04:49.0091 1764 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

09:04:49.0173 1764 RasAuto - ok

09:04:49.0226 1764 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

09:04:49.0317 1764 Rasl2tp - ok

09:04:49.0401 1764 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

09:04:49.0474 1764 RasMan - ok

09:04:49.0550 1764 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

09:04:49.0643 1764 RasPppoe - ok

09:04:49.0755 1764 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

09:04:49.0844 1764 RasSstp - ok

09:04:49.0944 1764 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

09:04:50.0033 1764 rdbss - ok

09:04:50.0081 1764 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

09:04:50.0125 1764 rdpbus - ok

09:04:50.0154 1764 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

09:04:50.0225 1764 RDPCDD - ok

09:04:50.0307 1764 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

09:04:50.0398 1764 RDPENCDD - ok

09:04:50.0422 1764 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

09:04:50.0522 1764 RDPREFMP - ok

09:04:50.0602 1764 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

09:04:50.0652 1764 RDPWD - ok

09:04:50.0742 1764 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

09:04:50.0773 1764 rdyboost - ok

09:04:50.0865 1764 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

09:04:50.0950 1764 RemoteAccess - ok

09:04:50.0986 1764 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

09:04:51.0044 1764 RemoteRegistry - ok

09:04:51.0113 1764 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

09:04:51.0178 1764 RFCOMM - ok

09:04:51.0216 1764 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

09:04:51.0276 1764 RpcEptMapper - ok

09:04:51.0309 1764 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

09:04:51.0359 1764 RpcLocator - ok

09:04:51.0396 1764 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

09:04:51.0451 1764 RpcSs - ok

09:04:51.0503 1764 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

09:04:51.0564 1764 rspndr - ok

09:04:51.0610 1764 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:04:51.0627 1764 SamSs - ok

09:04:51.0716 1764 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

09:04:51.0733 1764 sbp2port - ok

09:04:51.0774 1764 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

09:04:51.0836 1764 SCardSvr - ok

09:04:51.0867 1764 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

09:04:51.0906 1764 scfilter - ok

09:04:51.0957 1764 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

09:04:52.0047 1764 Schedule - ok

09:04:52.0075 1764 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

09:04:52.0114 1764 SCPolicySvc - ok

09:04:52.0144 1764 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

09:04:52.0206 1764 SDRSVC - ok

09:04:52.0293 1764 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

09:04:52.0355 1764 secdrv - ok

09:04:52.0398 1764 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

09:04:52.0479 1764 seclogon - ok

09:04:52.0539 1764 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

09:04:52.0623 1764 SENS - ok

09:04:52.0660 1764 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

09:04:52.0726 1764 SensrSvc - ok

09:04:52.0813 1764 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

09:04:52.0873 1764 Serenum - ok

09:04:52.0980 1764 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

09:04:53.0027 1764 Serial - ok

09:04:53.0140 1764 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

09:04:53.0179 1764 sermouse - ok

09:04:53.0240 1764 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

09:04:53.0315 1764 SessionEnv - ok

09:04:53.0372 1764 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

09:04:53.0426 1764 sffdisk - ok

09:04:53.0448 1764 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

09:04:53.0487 1764 sffp_mmc - ok

09:04:53.0519 1764 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

09:04:53.0574 1764 sffp_sd - ok

09:04:53.0611 1764 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

09:04:53.0654 1764 sfloppy - ok

09:04:53.0749 1764 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

09:04:53.0829 1764 SharedAccess - ok

09:04:53.0875 1764 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

09:04:53.0955 1764 ShellHWDetection - ok

09:04:54.0020 1764 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys

09:04:54.0071 1764 SiSGbeLH - ok

09:04:54.0150 1764 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

09:04:54.0180 1764 SiSRaid2 - ok

09:04:54.0221 1764 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

09:04:54.0250 1764 SiSRaid4 - ok

09:04:54.0289 1764 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

09:04:54.0364 1764 Smb - ok

09:04:54.0453 1764 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

09:04:54.0499 1764 SNMPTRAP - ok

09:04:54.0547 1764 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

09:04:54.0570 1764 spldr - ok

09:04:54.0612 1764 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

09:04:54.0678 1764 Spooler - ok

09:04:54.0800 1764 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

09:04:54.0966 1764 sppsvc - ok

09:04:55.0044 1764 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

09:04:55.0143 1764 sppuinotify - ok

09:04:55.0217 1764 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

09:04:55.0289 1764 srv - ok

09:04:55.0359 1764 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

09:04:55.0425 1764 srv2 - ok

09:04:55.0492 1764 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

09:04:55.0550 1764 srvnet - ok

09:04:55.0635 1764 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

09:04:55.0708 1764 SSDPSRV - ok

09:04:55.0719 1764 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

09:04:55.0774 1764 SstpSvc - ok

09:04:55.0841 1764 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

09:04:55.0869 1764 stexstor - ok

09:04:55.0937 1764 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

09:04:55.0999 1764 stisvc - ok

09:04:56.0060 1764 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

09:04:56.0087 1764 swenum - ok

09:04:56.0237 1764 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

09:04:56.0316 1764 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning

09:04:56.0316 1764 SwitchBoard - detected UnsignedFile.Multi.Generic (1)

09:04:56.0400 1764 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

09:04:56.0473 1764 swprv - ok

09:04:56.0557 1764 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

09:04:56.0660 1764 SysMain - ok

09:04:56.0699 1764 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

09:04:56.0726 1764 TabletInputService - ok

09:04:56.0755 1764 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

09:04:56.0816 1764 TapiSrv - ok

09:04:56.0851 1764 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

09:04:56.0906 1764 TBS - ok

09:04:57.0016 1764 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

09:04:57.0099 1764 Tcpip - ok

09:04:57.0169 1764 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

09:04:57.0222 1764 TCPIP6 - ok

09:04:57.0254 1764 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

09:04:57.0312 1764 tcpipreg - ok

09:04:57.0394 1764 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

09:04:57.0464 1764 TDPIPE - ok

09:04:57.0510 1764 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

09:04:57.0539 1764 TDTCP - ok

09:04:57.0583 1764 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

09:04:57.0639 1764 tdx - ok

09:04:57.0738 1764 TeamViewer6 (1c46c27e9f1938b9589859c70450d275) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

09:04:57.0837 1764 TeamViewer6 - ok

09:04:57.0945 1764 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

09:04:57.0975 1764 TermDD - ok

09:04:58.0024 1764 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

09:04:58.0103 1764 TermService - ok

09:04:58.0154 1764 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

09:04:58.0208 1764 Themes - ok

09:04:58.0252 1764 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

09:04:58.0311 1764 THREADORDER - ok

09:04:58.0331 1764 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

09:04:58.0387 1764 TrkWks - ok

09:04:58.0425 1764 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

09:04:58.0490 1764 TrustedInstaller - ok

09:04:58.0550 1764 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

09:04:58.0635 1764 tssecsrv - ok

09:04:58.0708 1764 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

09:04:58.0786 1764 TsUsbFlt - ok

09:04:58.0879 1764 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

09:04:58.0970 1764 tunnel - ok

09:04:59.0060 1764 tvnserver (aaf458cc200326bef602b5339400bf86) C:\Program Files (x86)\TightVNC\tvnserver.exe

09:04:59.0091 1764 tvnserver - ok

09:04:59.0188 1764 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

09:04:59.0206 1764 uagp35 - ok

09:04:59.0252 1764 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

09:04:59.0313 1764 udfs - ok

09:04:59.0348 1764 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

09:04:59.0381 1764 UI0Detect - ok

09:04:59.0467 1764 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

09:04:59.0494 1764 uliagpkx - ok

09:04:59.0528 1764 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

09:04:59.0561 1764 umbus - ok

09:04:59.0606 1764 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

09:04:59.0657 1764 UmPass - ok

09:04:59.0799 1764 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

09:04:59.0916 1764 UNS - ok

09:04:59.0988 1764 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

09:05:00.0065 1764 upnphost - ok

09:05:00.0133 1764 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

09:05:00.0189 1764 USBAAPL64 - ok

09:05:00.0296 1764 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

09:05:00.0348 1764 usbaudio - ok

09:05:00.0392 1764 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

09:05:00.0432 1764 usbccgp - ok

09:05:00.0515 1764 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

09:05:00.0564 1764 usbcir - ok

09:05:00.0608 1764 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

09:05:00.0660 1764 usbehci - ok

09:05:00.0752 1764 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

09:05:00.0812 1764 usbhub - ok

09:05:00.0836 1764 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

09:05:00.0865 1764 usbohci - ok

09:05:00.0898 1764 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

09:05:00.0929 1764 usbprint - ok

09:05:00.0963 1764 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:05:01.0043 1764 USBSTOR - ok

09:05:01.0132 1764 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

09:05:01.0174 1764 usbuhci - ok

09:05:01.0254 1764 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

09:05:01.0301 1764 usbvideo - ok

09:05:01.0332 1764 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

09:05:01.0376 1764 UxSms - ok

09:05:01.0428 1764 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:05:01.0464 1764 VaultSvc - ok

09:05:01.0543 1764 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

09:05:01.0569 1764 vdrvroot - ok

09:05:01.0617 1764 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

09:05:01.0722 1764 vds - ok

09:05:01.0788 1764 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

09:05:01.0809 1764 vga - ok

09:05:01.0837 1764 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

09:05:01.0893 1764 VgaSave - ok

09:05:01.0942 1764 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

09:05:01.0974 1764 vhdmp - ok

09:05:02.0009 1764 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

09:05:02.0026 1764 viaide - ok

09:05:02.0063 1764 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

09:05:02.0082 1764 volmgr - ok

09:05:02.0114 1764 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

09:05:02.0133 1764 volmgrx - ok

09:05:02.0185 1764 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

09:05:02.0220 1764 volsnap - ok

09:05:02.0264 1764 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

09:05:02.0281 1764 vsmraid - ok

09:05:02.0354 1764 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

09:05:02.0438 1764 VSS - ok

09:05:02.0492 1764 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

09:05:02.0557 1764 vwifibus - ok

09:05:02.0591 1764 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

09:05:02.0630 1764 vwififlt - ok

09:05:02.0757 1764 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

09:05:02.0804 1764 vwifimp - ok

09:05:02.0838 1764 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

09:05:02.0886 1764 W32Time - ok

09:05:02.0912 1764 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

09:05:02.0944 1764 WacomPen - ok

09:05:03.0048 1764 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:05:03.0136 1764 WANARP - ok

09:05:03.0141 1764 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:05:03.0180 1764 Wanarpv6 - ok

09:05:03.0297 1764 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

09:05:03.0362 1764 WatAdminSvc - ok

09:05:03.0427 1764 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

09:05:03.0574 1764 wbengine - ok

09:05:03.0643 1764 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

09:05:03.0692 1764 WbioSrvc - ok

09:05:03.0737 1764 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

09:05:03.0826 1764 wcncsvc - ok

09:05:03.0858 1764 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

09:05:03.0924 1764 WcsPlugInService - ok

09:05:04.0009 1764 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

09:05:04.0020 1764 Wd - ok

09:05:04.0078 1764 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

09:05:04.0118 1764 Wdf01000 - ok

09:05:04.0167 1764 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

09:05:04.0321 1764 WdiServiceHost - ok

09:05:04.0329 1764 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

09:05:04.0356 1764 WdiSystemHost - ok

09:05:04.0390 1764 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

09:05:04.0457 1764 WebClient - ok

09:05:04.0507 1764 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

09:05:04.0574 1764 Wecsvc - ok

09:05:04.0599 1764 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

09:05:04.0664 1764 wercplsupport - ok

09:05:04.0700 1764 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

09:05:04.0759 1764 WerSvc - ok

09:05:04.0843 1764 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

09:05:04.0898 1764 WfpLwf - ok

09:05:04.0964 1764 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys

09:05:04.0997 1764 WimFltr - ok

09:05:05.0038 1764 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

09:05:05.0052 1764 WIMMount - ok

09:05:05.0060 1764 WinHttpAutoProxySvc - ok

09:05:05.0127 1764 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

09:05:05.0213 1764 Winmgmt - ok

09:05:05.0351 1764 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

09:05:05.0485 1764 WinRM - ok

09:05:05.0578 1764 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

09:05:05.0622 1764 WinUsb - ok

09:05:05.0706 1764 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

09:05:05.0794 1764 Wlansvc - ok

09:05:05.0860 1764 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

09:05:05.0881 1764 wlcrasvc - ok

09:05:05.0982 1764 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:05:06.0087 1764 wlidsvc - ok

09:05:06.0194 1764 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

09:05:06.0249 1764 WmiAcpi - ok

09:05:06.0321 1764 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

09:05:06.0376 1764 wmiApSrv - ok

09:05:06.0440 1764 WMPNetworkSvc - ok

09:05:06.0516 1764 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

09:05:06.0572 1764 WPCSvc - ok

09:05:06.0608 1764 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

09:05:06.0670 1764 WPDBusEnum - ok

09:05:06.0737 1764 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

09:05:06.0817 1764 ws2ifsl - ok

09:05:06.0826 1764 WSearch - ok

09:05:06.0924 1764 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

09:05:07.0075 1764 wuauserv - ok

09:05:07.0123 1764 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

09:05:07.0199 1764 WudfPf - ok

09:05:07.0277 1764 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

09:05:07.0351 1764 WUDFRd - ok

09:05:07.0400 1764 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

09:05:07.0472 1764 wudfsvc - ok

09:05:07.0506 1764 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

09:05:07.0547 1764 WwanSvc - ok

09:05:07.0681 1764 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

09:05:07.0727 1764 YahooAUService - ok

09:05:07.0789 1764 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

09:05:07.0976 1764 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

09:05:07.0976 1764 \Device\Harddisk0\DR0 - detected TDSS File System (1)

09:05:07.0984 1764 Boot (0x1200) (9d7a4ccc8d7f611b7f9205abd9283a4d) \Device\Harddisk0\DR0\Partition0

09:05:07.0987 1764 \Device\Harddisk0\DR0\Partition0 - ok

09:05:08.0021 1764 Boot (0x1200) (642afc9d6ea8b3d7842e6e6b4fc2c2cd) \Device\Harddisk0\DR0\Partition1

09:05:08.0024 1764 \Device\Harddisk0\DR0\Partition1 - ok

09:05:08.0025 1764 ============================================================

09:05:08.0025 1764 Scan finished

09:05:08.0025 1764 ============================================================

09:05:08.0044 2276 Detected object count: 2

09:05:08.0044 2276 Actual detected object count: 2

09:07:23.0395 2276 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user

09:07:23.0395 2276 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

09:07:23.0397 2276 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

09:07:23.0397 2276 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

09:18:20.0258 4452 Deinitialize success

ComboFix 12-03-31.02 - mech 03/31/2012 9:36.1.2 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3874.2115 [GMT -4:00]

Running from: c:\users\mech\Desktop\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\mech\AppData\Local\assembly\tmp

c:\windows\assembly\temp\@

c:\windows\assembly\temp\cfg.ini

c:\windows\security\Database\tmp.edb

c:\windows\system32\drivers\etc\hosts.ics

c:\windows\TEMP\sxyprt.dll

c:\windows\TEMP\wiget.dll

D:\install.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-02-28 to 2012-03-31 )))))))))))))))))))))))))))))))

.

.

2012-03-30 07:37 . 2012-03-30 07:37 -------- d-----w- C:\TDSSKiller_Quarantine

2012-03-30 01:18 . 2012-03-30 01:18 -------- d-----w- c:\users\mech\AppData\Local\{752F8BDD-7A01-11E1-826D-B8AC6F996F26}

2012-03-30 00:43 . 2012-03-30 00:43 -------- d-----w- c:\users\mech\AppData\Roaming\Malwarebytes

2012-03-30 00:43 . 2012-03-30 00:43 90112 ----a-w- c:\windows\SysWow64\compgMgr.dll

2012-03-30 00:43 . 2012-03-30 00:43 100352 ----a-w- c:\windows\system32\compgMgr64.dll

2012-03-30 00:43 . 2012-03-30 00:43 -------- d-----w- c:\programdata\Malwarebytes

2012-03-30 00:43 . 2011-12-10 19:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-30 00:43 . 2012-03-30 00:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-03-29 10:39 . 2012-03-29 10:39 -------- d-----w- C:\found.000

2012-03-29 04:20 . 2012-03-29 04:20 -------- d-----w- c:\windows\Sun

2012-03-29 01:18 . 2012-03-29 01:18 5120 ------w- c:\programdata\Microsoft\Windows\DRM\B281.tmp

2012-03-29 01:18 . 2012-03-29 01:18 5120 ------w- c:\programdata\Microsoft\Windows\DRM\B280.tmp

2012-03-27 07:09 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-03-27 07:09 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-03-27 07:09 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-03-26 23:41 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys

2012-03-26 23:41 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll

2012-03-26 23:41 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-03-26 23:40 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-03-26 23:40 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll

2012-03-26 23:40 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-03-26 23:39 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-03-26 23:39 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-03-26 23:39 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-03-26 23:39 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-31 14:11 . 2011-05-12 08:56 45056 ----a-w- c:\windows\system32\acovcnt.exe

2012-01-04 10:44 . 2012-02-17 14:17 509952 ----a-w- c:\windows\system32\ntshrui.dll

2012-01-04 08:58 . 2012-02-17 14:17 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\mech\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\mech\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\mech\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]

"Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2011-08-22 6276408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]

"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]

"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]

"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]

"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]

"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]

"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSPanel.exe" [2011-07-05 737104]

"tvncontrol"="c:\program files (x86)\TightVNC\tvnserver.exe" [2011-08-03 828944]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-06-28 1486392]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]

"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2011-09-05 36760]

"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2011-09-05 2904984]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-11-13 421736]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-10-18 2319536]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]

.

c:\users\mech\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\mech\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-2-3 549040]

FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2011-7-31 12862]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"SoftwareSASGeneration"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-03 135664]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-03 135664]

R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [x]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]

S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-04-14 245352]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]

S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-06 214896]

S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]

S2 tvnserver;TightVNC Server;c:\program files (x86)\TightVNC\tvnserver.exe [2011-08-03 828944]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

*Deregistered* - mfeavfk01

.

Contents of the 'Scheduled Tasks' folder

.

2012-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-03 13:57]

.

2012-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-02-03 13:57]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]

@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"

[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]

2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]

@="{64174815-8D98-4CE6-8646-4C039977D808}"

[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]

2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.104.216\AsusWSShellExt64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\mech\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\mech\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\mech\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\mech\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-09-01 167704]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-09-01 392472]

"Persistence"="c:\windows\system32\igfxpers.exe" [2011-09-01 416024]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://asus.msn.com

mStart Page = hxxp://asus.msn.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local;192.168.*.*

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\mech\AppData\Roaming\Mozilla\Firefox\Profiles\u66xabv0.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: network.proxy.type - 0

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)

Toolbar-Locked - (no file)

Wow6432Node-HKU-Default-Run-dplaysvr - c:\windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe

Toolbar-Locked - (no file)

WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)

HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe

HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd

HKLM-Run-sxyprt - c:\windows\TEMP\sxyprt.dll

HKLM-Run-wiget - c:\windows\TEMP\wiget.dll

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\program files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe

c:\program files (x86)\TeamViewer\Version6\TeamViewer.exe

c:\program files (x86)\ASUS\Splendid\ACMON.exe

c:\program files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe

c:\program files (x86)\ASUS\FaceLogon\sensorsrv.exe

.

**************************************************************************

.

Completion time: 2012-03-31 10:28:33 - machine was rebooted

ComboFix-quarantined-files.txt 2012-03-31 14:28

.

Pre-Run: 12,096,794,624 bytes free

Post-Run: 19,475,136,512 bytes free

.

- - End Of File - - D44CD4A5B3F9A468C22085A48CDCA0BD

Link to post
Share on other sites

Glad is okay now! :)

After starting the ComboFix was removed malware that blocked your firewall. What I asked you to do was send me a copy of what was removed from ComboFix, be analyzed and added to the definitions of Malwarebytes' Anti-Malware, in order to prevent future problems with it. Thanks for your cooperation!

How are things running now?

Link to post
Share on other sites

so can i get rid of that that folder now and thank you very much for all your help

This will happen after the ComboFix uninstall.

and oh yes what about those dll files

They are sent to our researchers for analysis. They will take care for them. :)

Please uninstall ComboFix on this way:

www.bleepingcomputer.com/combofix/how-to-use-combofix#uninstall

Next, manually delete DDS, TDSSKiller and unhide.exe .

Some malware prevention tips:

http://forums.malwarebytes.org/index.php?showtopic=104379&pid=515983&st=0entry515983

Safe surfing! :)

Link to post
Share on other sites

Please run this scan just check if everything is fine:

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  • Copy and paste that log as a reply to this topic

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.