Jump to content

Recommended Posts

Hi and thanks in advance for your help.

I'm running Windows 7 64 bit. Just a while ago I was downloading a .exe file. When I ran it, nothing happened and it suddenly disappeared from my desktop. After assuming it was a virus, I ran Macafee and began a quick scan. In the middle of the scan, Macafee shut down and the flag of messages in my task bar appeared, saying that Windows Security Center was turned off. I tried to turn it on, but a message saying "The Windows Security Center service can't be started" appeared. I restarted my computer but everything was the same, no Network Firewall and no Windows Defender.

I also tried to do a restore, but the restore service was also disabled. Also every ten minutes an Internet Explorer pop-up appears (even when my default browser is Google Chrome).

My HijackThis logs:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:31:02 AM, on 18/06/2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Josh\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Splashtop Connect SearchHook - {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: (no name) - {00000000-0000-0000-0000-000000000000} - c:\windows\syswow64\wpheqswj.dll (file missing)
O2 - BHO: Splashtop Connect VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110527092432.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [SmartViewAgent] "C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe"
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKLM\..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Josh\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{EF8ECF94-677F-4124-84E3-005496908A8F}: NameServer = 10.0.0.138
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\The Games\Hi-Rez Studios\HiPatchService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: Smart View Service (SmartViewService) - Unknown owner - C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11059 bytes

I also did a malwarebytes scan, it found 9 infections and quarantined and deleted all but one. When I did a restart and rescanned with malwarebytes there was nothing found. Then I downloaded Combofix and tried to run it but Macafee kept popping up saying it had found a threat, archimedes!qa. something or other, and at this point every time Combofix was closed and deleted from it's place on the desktop. Any advice on the matter would be greatly appreciated.

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

Hey, thanks for your reply and sorry for my late one. I know you guys don't like people playing around with their computers after asking for help, but my cousin is better with computers than me so he got on and did something, and now none of the symptoms are there and all scans are clean. There was apparently a file called Authoir.dll or something (with that spelling) in my sysWOW64 folder which had hidden itself, and is now gone. One thing I did notice though is that the sound on any internet flash video will not work. It just won't do it. Works fine in WMP, VLC, games and everything just not flash. I've been through many fixes like checking the volume levels on everything, adding the wavemapper files to drivers32 in both System32 and sysWOW64(msacm32.drv etc), reinstalling browsers and Adobe Flash, system restore..... which was a bad idea because i didn't realise that the system restore point was a few minutes after I got the virus in the first place? Apparently just after I installed DirectX....hmmm.....Anyway, if you guys have had any dealings with this in the past I'd appreciate the help bigtime.

Link to post
Share on other sites

For the sake of doing it, here's the logs you asked for:

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6902

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

20/06/2011 11:58:22 PM
mbam-log-2011-06-20 (23-58-22).txt

Scan type: Quick scan
Objects scanned: 163901
Time elapsed: 2 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

.
DDS (Ver_2011-06-12.02) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Josh at 0:20:56 on 2011-06-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.4079.2753 [GMT 10:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\GIGABYTE\SMART6\Recovery\RPMDaemon.exe
C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Users\Josh\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Josh\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uURLSearchHooks: Splashtop Connect SearchHook: {0f3dc9e0-c459-4a40-bcf8-747bd9322e10} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\AddressBarSearch.dll
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
mWinlogon: Userinit=userinit.exe,
BHO: : {00000000-0000-0000-0000-000000000000} - c:\windows\syswow64\wpheqswj.dll
BHO: Splashtop Connect VisualBookmark: {0e5680d1-bf44-4929-94af-fd30d784ad1d} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110527092432.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
uRun: [Google Update] "C:\Users\Josh\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [SmartViewAgent] "C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
mRun: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
mRunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
mRunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{EF8ECF94-677F-4124-84E3-005496908A8F} : NameServer = 10.0.0.138
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
BHO-X64: : {00000000-0000-0000-0000-000000000000} - c:\windows\syswow64\wpheqswj.dll
BHO-X64: Splashtop Connect VisualBookmark: {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110527092432.dll
BHO-X64: scriptproxy - No File
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll
TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
mRun-x64: [SmartViewAgent] "C:\Program Files (x86)\DeviceVM\SmartView\SmartViewAgent.exe"
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
mRun-x64: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
mRunOnce-x64: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
mRunOnce-x64: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 DES2 Service;DES2 Service for Energy Saving.;C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2011-5-27 68136]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-5-27 249936]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-5-27 249936]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-5-27 249936]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-5-27 249936]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-5-27 197960]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-5-27 208272]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 SCBackService;Splashtop Connect Service;C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
R2 Smart TimeLock;Smart TimeLock Service;C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe [2011-5-27 114688]
R2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-3-22 497480]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2011-5-27 30528]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 rt61x64;RT61 Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr6164.sys --> C:\Windows\system32\DRIVERS\netr6164.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\The Games\Hi-Rez Studios\HiPatchService.exe [2011-4-21 23680]
S2 SmartViewService;Smart View Service;C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe --> C:\Program Files (x86)\DeviceVM\SmartView\SmartViewService.exe [?]
S2 yjukmftz;SFF Storage Protocol for MMCController;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-14 20992]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 etdrv;etdrv;C:\Windows\etdrv.sys [2011-6-17 25640]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-5-27 249936]
.
=============== Created Last 30 ================
.
2011-06-20 10:35:53 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-06-17 15:25:20 -------- d-----w- C:\Users\Josh\AppData\Roaming\Malwarebytes
2011-06-17 15:25:16 39984 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-17 15:25:15 -------- d-----w- C:\ProgramData\Malwarebytes
2011-06-17 15:25:12 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-06-17 15:25:11 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-06-17 09:24:10 25640 ----a-w- C:\Windows\etdrv.sys
2011-06-17 09:17:27 93240 ----a-w- C:\Windows\System32\drivers\scdemu.sys
2011-06-17 09:17:27 -------- d-----w- C:\Program Files (x86)\PowerISO
2011-06-17 08:58:04 809472 ----a-w- C:\Windows\SysWow64\wpheqswj.dll.bak
2011-06-17 08:42:14 -------- d-----w- C:\Users\Josh\AppData\Roaming\DAEMON Tools Pro
2011-06-17 08:42:14 -------- d-----w- C:\ProgramData\DAEMON Tools Pro
2011-06-15 04:23:08 499200 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-06-15 04:23:08 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-06-15 04:23:07 289280 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-06-15 04:23:07 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-06-15 04:23:06 3135488 ----a-w- C:\Windows\System32\win32k.sys
2011-06-15 04:23:06 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-06-15 04:23:00 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-06-15 04:23:00 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-06-15 04:23:00 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-06-15 04:22:42 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-06-15 04:22:41 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-06-15 04:22:40 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-06-15 04:22:39 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-06-08 02:55:36 84480 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPA7.DLL
2011-06-08 02:55:36 28672 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDA7.DLL
2011-06-08 02:55:24 344064 ----a-w- C:\Windows\System32\CNMLMA7.DLL
2011-06-08 02:18:57 -------- d-----w- C:\Users\Josh\AppData\Roaming\PFStaticIP
2011-06-08 02:18:36 -------- d-----w- C:\Program Files (x86)\PF
2011-06-04 12:24:45 -------- d-----w- C:\Users\Josh\AppData\Roaming\Splashtop
2011-05-31 22:46:52 -------- d--h--w- C:\Windows\msdownld.tmp
2011-05-31 22:46:51 -------- d-----w- C:\Windows\SysWow64\directx
2011-05-31 22:46:42 -------- d-----w- C:\Windows\SysWow64\AGEIA
2011-05-31 22:46:30 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2011-05-29 07:29:07 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2011-05-29 06:40:11 -------- d-----w- C:\Users\Josh\AppData\Local\The Witcher
2011-05-29 05:09:59 508264 ----a-w- C:\Windows\System32\d3dx10_36.dll
2011-05-29 00:21:31 197120 ----a-w- C:\Windows\System32\d3d10_1.dll
2011-05-29 00:21:21 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2011-05-27 10:35:39 -------- d-----w- C:\Users\Josh\AppData\Local\Diagnostics
2011-05-27 07:49:38 -------- d-----w- C:\Windows\Panther
2011-05-27 01:58:37 -------- d-----w- C:\Users\Josh\AppData\Roaming\Hi-Rez Studios
2011-05-27 01:57:18 -------- d-----w- C:\ProgramData\Hi-Rez Studios
2011-05-27 01:39:50 -------- d-----w- C:\Program Files (x86)\Conduit
2011-05-27 01:39:48 -------- d-----w- C:\Program Files (x86)\ConduitEngine
2011-05-27 01:39:46 -------- d-----w- C:\Program Files (x86)\uTorrentBar
2011-05-27 01:39:45 -------- d-----w- C:\extensions
2011-05-27 01:38:39 -------- d-----w- C:\Program Files (x86)\uTorrent
2011-05-27 01:37:52 -------- d-----w- C:\Users\Josh\AppData\Roaming\uTorrent
2011-05-26 23:24:43 -------- d-----w- C:\Program Files (x86)\McAfee.com
2011-05-26 23:24:31 9984 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys
2011-05-26 23:24:31 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2011-05-26 15:47:10 -------- d-----w- C:\Windows\SysWow64\Wat
2011-05-26 15:47:10 -------- d-----w- C:\Windows\System32\Wat
2011-05-26 15:24:59 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-05-26 15:24:59 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-05-26 15:23:37 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2011-05-26 15:23:37 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2011-05-26 15:23:36 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-05-26 15:03:42 -------- d-----w- C:\Program Files (x86)\The Games
2011-05-26 14:58:51 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-05-26 14:54:23 -------- d-----w- C:\Users\Josh\AppData\Local\Google
2011-05-26 14:50:54 -------- d-----w- C:\ProgramData\Splashtop
2011-05-26 14:50:51 -------- d-----w- C:\Program Files (x86)\Splashtop
2011-05-26 14:47:46 -------- d-----w- C:\ProgramData\ASUS Driver
2011-05-26 14:45:03 -------- d-----w- C:\Users\Josh\AppData\Local\ATI
2011-05-26 14:42:47 0 ----a-w- C:\Windows\ativpsrm.bin
2011-05-26 14:40:56 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2011-05-26 14:40:28 -------- d-----w- C:\Program Files\Common Files\ATI Technologies
2011-05-26 14:40:23 116752 ----a-w- C:\Windows\System32\drivers\AtihdW76.sys
2011-05-26 14:39:49 58880 ----a-w- C:\Windows\System32\coinst.dll
2011-05-26 14:39:29 -------- d-----w- C:\Program Files (x86)\ATI Technologies
2011-05-26 14:39:05 -------- d-----w- C:\Program Files\ATI Technologies
2011-05-26 14:39:02 -------- d-----w- C:\Program Files\ATI
2011-05-26 14:30:03 30528 ----a-w- C:\Windows\GVTDrv64.sys
2011-05-26 14:29:23 25640 ----a-w- C:\Windows\gdrv.sys
2011-05-26 14:25:20 -------- d-----w- C:\Program Files (x86)\AMD
2011-05-26 14:23:27 -------- d-----w- C:\ProgramData\DeviceVM
2011-05-26 14:19:57 -------- d-----w- C:\Windows\SysWow64\RTCOM
2011-05-26 14:18:54 53248 ----a-r- C:\Windows\SysWow64\CSVer.dll
2011-05-26 14:18:46 -------- d-----w- C:\Intel
2011-05-26 14:18:41 -------- d--h--w- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
2011-05-26 14:18:40 -------- d-----w- C:\Users\Josh\AppData\Roaming\DeviceVm
2011-05-26 14:18:24 -------- d-sh--w- C:\Windows\Installer
2011-05-26 14:15:00 -------- d-----w- C:\Users\Josh\AppData\Local\VirtualStore
.
==================== Find3M ====================
.
2011-04-23 01:29:25 2303488 ----a-w- C:\Windows\System32\jscript9.dll
2011-04-23 01:19:19 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-04-22 23:35:56 1797632 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-04-22 23:25:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-04-22 22:15:29 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-04-19 16:44:50 9319936 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2011-04-19 16:30:18 22900736 ----a-w- C:\Windows\System32\atio6axx.dll
2011-04-19 16:09:20 151552 ----a-w- C:\Windows\System32\atiapfxx.exe
2011-04-19 16:09:06 676864 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2011-04-19 16:07:48 795648 ----a-w- C:\Windows\System32\aticfx64.dll
2011-04-19 16:07:04 17693184 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2011-04-19 16:05:08 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll
2011-04-19 16:04:56 480256 ----a-w- C:\Windows\System32\atieclxx.exe
2011-04-19 16:04:20 203776 ----a-w- C:\Windows\System32\atiesrxx.exe
2011-04-19 16:03:06 120320 ----a-w- C:\Windows\System32\atitmm64.dll
2011-04-19 16:02:50 423424 ----a-w- C:\Windows\System32\atipdl64.dll
2011-04-19 16:02:44 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll
2011-04-19 16:02:32 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll
2011-04-19 16:02:26 16384 ----a-w- C:\Windows\System32\atimuixx.dll
2011-04-19 16:02:22 59392 ----a-w- C:\Windows\System32\atiedu64.dll
2011-04-19 16:02:18 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll
2011-04-19 15:59:22 4161536 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2011-04-19 15:49:32 4951552 ----a-w- C:\Windows\System32\atidxx64.dll
2011-04-19 15:46:18 51200 ----a-w- C:\Windows\System32\aticalrt64.dll
2011-04-19 15:46:16 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll
2011-04-19 15:46:06 44544 ----a-w- C:\Windows\System32\aticalcl64.dll
2011-04-19 15:46:04 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll
2011-04-19 15:45:54 7768064 ----a-w- C:\Windows\System32\aticaldd64.dll
2011-04-19 15:42:06 6389760 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2011-04-19 15:40:50 1222656 ----a-w- C:\Windows\System32\atiumd6v.dll
2011-04-19 15:40:16 1923584 ----a-w- C:\Windows\SysWow64\atiumdmv.dll
2011-04-19 15:40:04 3868672 ----a-w- C:\Windows\System32\atiumd6a.dll
2011-04-19 15:38:06 4286464 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2011-04-19 15:31:14 5440000 ----a-w- C:\Windows\System32\atiumd64.dll
2011-04-19 15:30:38 4056576 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2011-04-19 15:23:14 366080 ----a-w- C:\Windows\System32\atiadlxx.dll
2011-04-19 15:23:08 262144 ----a-w- C:\Windows\SysWow64\atiadlxy.dll
2011-04-19 15:22:56 14848 ----a-w- C:\Windows\System32\atig6pxx.dll
2011-04-19 15:22:54 12800 ----a-w- C:\Windows\SysWow64\atiglpxx.dll
2011-04-19 15:22:54 12800 ----a-w- C:\Windows\System32\atiglpxx.dll
2011-04-19 15:22:50 39936 ----a-w- C:\Windows\System32\atig6txx.dll
2011-04-19 15:22:42 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll
2011-04-19 15:22:34 306176 ----a-w- C:\Windows\System32\drivers\atikmpag.sys
2011-04-19 15:21:46 40960 ----a-w- C:\Windows\System32\atiuxp64.dll
2011-04-19 15:21:40 31232 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2011-04-19 15:21:34 38912 ----a-w- C:\Windows\System32\atiu9p64.dll
2011-04-19 15:21:26 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2011-04-19 15:20:52 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll
2011-04-19 15:13:38 53760 ----a-w- C:\Windows\System32\atimpc64.dll
2011-04-19 15:13:38 53760 ----a-w- C:\Windows\System32\amdpcom64.dll
2011-04-19 15:13:30 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll
2011-04-19 15:13:30 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll
2011-04-09 07:02:55 5562240 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-04-09 06:58:56 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-04-09 06:02:25 3967872 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:02:25 3912576 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-04-09 05:56:38 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
.
============= FINISH: 0:21:09.98 ===============

and the thing from dds that it tells me to attach, by the looks of it you want the errors?

==== Event Viewer Messages From Past Week ========
.
21/06/2011 12:11:58 AM, Error: Service Control Manager [7034] - The Hi-Rez Studios Authenticate and Update Service service terminated unexpectedly. It has done this 1 time(s).
20/06/2011 11:05:45 PM, Error: Service Control Manager [7000] - The SFF Storage Protocol for MMCController service failed to start due to the following error: The executable program that this service is configured to run in does not implement the service.
20/06/2011 11:05:35 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
18/06/2011 9:59:52 AM, Error: Service Control Manager [7034] - The McAfee Firewall Core Service service terminated unexpectedly. It has done this 1 time(s).
18/06/2011 9:59:47 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
18/06/2011 9:59:44 AM, Error: Service Control Manager [7034] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 3 time(s).
18/06/2011 9:59:44 AM, Error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 2 time(s).
18/06/2011 9:59:44 AM, Error: Service Control Manager [7034] - The McAfee Services service terminated unexpectedly. It has done this 3 time(s).
18/06/2011 9:59:44 AM, Error: Service Control Manager [7034] - The McAfee Proxy Service service terminated unexpectedly. It has done this 3 time(s).
18/06/2011 9:59:44 AM, Error: Service Control Manager [7034] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 3 time(s).
18/06/2011 9:59:44 AM, Error: Service Control Manager [7034] - The McAfee Network Agent service terminated unexpectedly. It has done this 3 time(s).
18/06/2011 9:59:44 AM, Error: Service Control Manager [7034] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 3 time(s).
18/06/2011 9:59:35 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
18/06/2011 9:15:04 AM, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
18/06/2011 9:15:04 AM, Error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
18/06/2011 9:15:04 AM, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
18/06/2011 9:15:04 AM, Error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
18/06/2011 9:15:04 AM, Error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
18/06/2011 9:15:04 AM, Error: Service Control Manager [7031] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
18/06/2011 9:13:24 AM, Error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s).
18/06/2011 9:13:24 AM, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
18/06/2011 9:13:24 AM, Error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
18/06/2011 9:13:24 AM, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
18/06/2011 9:13:24 AM, Error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
18/06/2011 9:13:24 AM, Error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
18/06/2011 9:13:24 AM, Error: Service Control Manager [7031] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
18/06/2011 10:02:02 AM, Error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 6 time(s).
18/06/2011 10:01:18 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
18/06/2011 10:00:18 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
18/06/2011 10:00:06 AM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
.
==== End Of File ===========================

Link to post
Share on other sites

  • 1 month later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.