Jump to content

Google redirect virus


Recommended Posts

So I somehow got the redirect virus *sigh*. Have been trying all day to figure it out. My only current symptoms are the redirects on the google search engine (i haven't tried using any other engine) and Windows Security Center refuses to stay on. I can get it to turn on after going into admin tools, but it turns off again after only a minute. I only use FireFox with No Script, so the redirects haven't appeared to be too harmful. It tries to redirect me to whatever page and then quickly just redirects to google's homepage.

Below are the first results of my Malwarebytes scan. (Second scan did not find anything new). Below that are the results of the scan with TDSSKiller.

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Database version: 7291

Windows 6.1.7600

Internet Explorer 9.0.8112.16421

7/26/2011 7:04:36 PM

mbam-log-2011-07-26 (19-04-36).txt

Scan type: Quick scan

Objects scanned: 167464

Time elapsed: 3 minute(s), 32 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 4

Registry Values Infected: 0

Registry Data Items Infected: 1

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CURRENT_USER\SOFTWARE\8DDYX0ZBPZ (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\XMZH42I4GI (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\VB AND VBA PROGRAM SETTINGS\Micronsoft (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell.Gen.A) -> Bad: (Explorer.exe "C:\Users\Jo\AppData\Roaming\smss.exe") Good: (Explorer.exe) -> Quarantined and deleted successfully.

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

2011/07/26 20:26:34.0924 2572 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56

2011/07/26 20:26:35.0482 2572 ================================================================================

2011/07/26 20:26:35.0483 2572 SystemInfo:

2011/07/26 20:26:35.0483 2572

2011/07/26 20:26:35.0483 2572 OS Version: 6.1.7600 ServicePack: 0.0

2011/07/26 20:26:35.0483 2572 Product type: Workstation

2011/07/26 20:26:35.0483 2572 ComputerName: JOHNI-PC

2011/07/26 20:26:35.0484 2572 UserName: Jo

2011/07/26 20:26:35.0484 2572 Windows directory: C:\Windows

2011/07/26 20:26:35.0484 2572 System windows directory: C:\Windows

2011/07/26 20:26:35.0484 2572 Running under WOW64

2011/07/26 20:26:35.0484 2572 Processor architecture: Intel x64

2011/07/26 20:26:35.0484 2572 Number of processors: 2

2011/07/26 20:26:35.0484 2572 Page size: 0x1000

2011/07/26 20:26:35.0484 2572 Boot type: Normal boot

2011/07/26 20:26:35.0484 2572 ================================================================================

2011/07/26 20:26:36.0371 2572 Initialize success

2011/07/26 20:26:50.0452 1092 ================================================================================

2011/07/26 20:26:50.0452 1092 Scan started

2011/07/26 20:26:50.0453 1092 Mode: Manual;

2011/07/26 20:26:50.0453 1092 ================================================================================

2011/07/26 20:26:51.0109 1092 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

2011/07/26 20:26:51.0193 1092 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

2011/07/26 20:26:51.0303 1092 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

2011/07/26 20:26:51.0439 1092 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

2011/07/26 20:26:51.0580 1092 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

2011/07/26 20:26:51.0652 1092 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

2011/07/26 20:26:51.0892 1092 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

2011/07/26 20:26:52.0028 1092 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

2011/07/26 20:26:52.0158 1092 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

2011/07/26 20:26:52.0231 1092 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

2011/07/26 20:26:52.0309 1092 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

2011/07/26 20:26:52.0364 1092 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

2011/07/26 20:26:52.0415 1092 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys

2011/07/26 20:26:52.0470 1092 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

2011/07/26 20:26:52.0521 1092 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys

2011/07/26 20:26:52.0604 1092 AmUStor (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS

2011/07/26 20:26:52.0720 1092 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

2011/07/26 20:26:52.0894 1092 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

2011/07/26 20:26:52.0948 1092 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

2011/07/26 20:26:53.0044 1092 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys

2011/07/26 20:26:53.0117 1092 aswFsBlk (55353cd0da287b2c3782485740965b54) C:\Windows\system32\drivers\aswFsBlk.sys

2011/07/26 20:26:53.0247 1092 aswMonFlt (b38061cdefb71361e0c7547ac60527e8) C:\Windows\system32\drivers\aswMonFlt.sys

2011/07/26 20:26:53.0294 1092 aswRdr (91e7aca95933633b2557f47cdfdb74c3) C:\Windows\system32\drivers\aswRdr.sys

2011/07/26 20:26:53.0472 1092 aswSnx (2b15499f68fad60ce69264a327e9b0f0) C:\Windows\system32\drivers\aswSnx.sys

2011/07/26 20:26:53.0546 1092 aswSP (4d939ecb19dc930056593390d1c87c43) C:\Windows\system32\drivers\aswSP.sys

2011/07/26 20:26:53.0620 1092 aswTdi (d633426c5a207ce21767569aa4946891) C:\Windows\system32\drivers\aswTdi.sys

2011/07/26 20:26:53.0752 1092 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/07/26 20:26:53.0817 1092 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

2011/07/26 20:26:53.0928 1092 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys

2011/07/26 20:26:54.0263 1092 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

2011/07/26 20:26:54.0377 1092 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

2011/07/26 20:26:54.0456 1092 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

2011/07/26 20:26:54.0546 1092 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

2011/07/26 20:26:54.0727 1092 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

2011/07/26 20:26:54.0795 1092 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

2011/07/26 20:26:54.0839 1092 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

2011/07/26 20:26:54.0900 1092 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

2011/07/26 20:26:54.0949 1092 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

2011/07/26 20:26:55.0002 1092 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

2011/07/26 20:26:55.0044 1092 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

2011/07/26 20:26:55.0109 1092 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys

2011/07/26 20:26:55.0214 1092 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

2011/07/26 20:26:55.0311 1092 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

2011/07/26 20:26:55.0399 1092 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys

2011/07/26 20:26:55.0479 1092 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys

2011/07/26 20:26:55.0569 1092 btwampfl (7a2ce8c1bf4daa1f2766e21e9ca11078) C:\Windows\system32\drivers\btwampfl.sys

2011/07/26 20:26:55.0671 1092 btwaudio (a75bf6802a967f5aacecc3c67febdf55) C:\Windows\system32\drivers\btwaudio.sys

2011/07/26 20:26:55.0766 1092 btwavdt (d895dc213edbda5fcc53aad1f1e0e63b) C:\Windows\system32\DRIVERS\btwavdt.sys

2011/07/26 20:26:55.0926 1092 btwl2cap (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys

2011/07/26 20:26:55.0972 1092 btwrchid (6d7aa2bde0135599c5f230d69db3b420) C:\Windows\system32\DRIVERS\btwrchid.sys

2011/07/26 20:26:56.0029 1092 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/07/26 20:26:56.0126 1092 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

2011/07/26 20:26:56.0263 1092 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

2011/07/26 20:26:56.0329 1092 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

2011/07/26 20:26:56.0476 1092 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

2011/07/26 20:26:56.0520 1092 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

2011/07/26 20:26:56.0583 1092 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys

2011/07/26 20:26:56.0729 1092 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

2011/07/26 20:26:56.0760 1092 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

2011/07/26 20:26:56.0818 1092 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

2011/07/26 20:26:56.0951 1092 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

2011/07/26 20:26:57.0021 1092 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

2011/07/26 20:26:57.0083 1092 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

2011/07/26 20:26:57.0223 1092 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

2011/07/26 20:26:57.0333 1092 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

2011/07/26 20:26:57.0440 1092 easytether (aa549702f028fa66cfaa8f4853bb5787) C:\Windows\system32\DRIVERS\easytthr.sys

2011/07/26 20:26:57.0580 1092 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

2011/07/26 20:26:57.0910 1092 ElbyCDIO (9a47ac3dfcf81d30922cdaaf1c2d579f) C:\Windows\system32\Drivers\ElbyCDIO.sys

2011/07/26 20:26:57.0989 1092 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

2011/07/26 20:26:58.0090 1092 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

2011/07/26 20:26:58.0223 1092 ETD (1299d1ea00b7a4bf69c5869dca31e0f6) C:\Windows\system32\DRIVERS\ETD.sys

2011/07/26 20:26:58.0300 1092 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

2011/07/26 20:26:58.0344 1092 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

2011/07/26 20:26:58.0415 1092 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

2011/07/26 20:26:58.0540 1092 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

2011/07/26 20:26:58.0576 1092 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

2011/07/26 20:26:58.0638 1092 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

2011/07/26 20:26:58.0701 1092 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

2011/07/26 20:26:58.0773 1092 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

2011/07/26 20:26:58.0848 1092 fssfltr (5814011b2f6e088e29d689b5fcd49b8f) C:\Windows\system32\DRIVERS\fssfltr.sys

2011/07/26 20:26:58.0918 1092 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

2011/07/26 20:26:58.0989 1092 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

2011/07/26 20:26:59.0036 1092 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

2011/07/26 20:26:59.0091 1092 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

2011/07/26 20:26:59.0301 1092 hcw72ADFilter (1081923159a00b1c834ce3643da68238) C:\Windows\system32\DRIVERS\hcw72ADFilter.sys

2011/07/26 20:26:59.0423 1092 hcw72ATV (428b7ca6d0cbfa2b8143bcafd0aae1ab) C:\Windows\system32\DRIVERS\hcw72ATV.sys

2011/07/26 20:26:59.0591 1092 hcw72DTV (f46f6ef98ded9575a350a152b1089c68) C:\Windows\system32\DRIVERS\hcw72DTV.sys

2011/07/26 20:26:59.0714 1092 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

2011/07/26 20:26:59.0773 1092 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

2011/07/26 20:26:59.0875 1092 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

2011/07/26 20:26:59.0911 1092 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

2011/07/26 20:26:59.0958 1092 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

2011/07/26 20:26:59.0998 1092 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

2011/07/26 20:27:00.0092 1092 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

2011/07/26 20:27:00.0190 1092 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

2011/07/26 20:27:00.0266 1092 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

2011/07/26 20:27:00.0336 1092 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

2011/07/26 20:27:00.0465 1092 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

2011/07/26 20:27:00.0538 1092 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys

2011/07/26 20:27:00.0638 1092 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys

2011/07/26 20:27:01.0086 1092 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys

2011/07/26 20:27:01.0404 1092 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

2011/07/26 20:27:01.0579 1092 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys

2011/07/26 20:27:01.0710 1092 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys

2011/07/26 20:27:01.0754 1092 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

2011/07/26 20:27:01.0815 1092 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

2011/07/26 20:27:01.0894 1092 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/07/26 20:27:01.0952 1092 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

2011/07/26 20:27:01.0995 1092 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

2011/07/26 20:27:02.0085 1092 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

2011/07/26 20:27:02.0133 1092 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

2011/07/26 20:27:02.0189 1092 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

2011/07/26 20:27:02.0258 1092 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

2011/07/26 20:27:02.0346 1092 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

2011/07/26 20:27:02.0420 1092 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys

2011/07/26 20:27:02.0487 1092 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys

2011/07/26 20:27:02.0547 1092 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys

2011/07/26 20:27:02.0618 1092 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

2011/07/26 20:27:02.0710 1092 L1C (ad88105efddc55877ea8d06346d75989) C:\Windows\system32\DRIVERS\L1C62x64.sys

2011/07/26 20:27:02.0822 1092 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

2011/07/26 20:27:02.0987 1092 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

2011/07/26 20:27:03.0067 1092 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

2011/07/26 20:27:03.0203 1092 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

2011/07/26 20:27:03.0243 1092 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

2011/07/26 20:27:03.0315 1092 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

2011/07/26 20:27:03.0366 1092 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

2011/07/26 20:27:03.0426 1092 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

2011/07/26 20:27:03.0578 1092 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

2011/07/26 20:27:03.0635 1092 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

2011/07/26 20:27:03.0709 1092 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

2011/07/26 20:27:03.0818 1092 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

2011/07/26 20:27:03.0879 1092 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

2011/07/26 20:27:03.0942 1092 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

2011/07/26 20:27:04.0000 1092 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

2011/07/26 20:27:04.0065 1092 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

2011/07/26 20:27:04.0132 1092 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/07/26 20:27:04.0182 1092 mrxsmb10 (a8c2d7673c8a010569390c826a0efaf4) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/07/26 20:27:04.0225 1092 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/07/26 20:27:04.0288 1092 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

2011/07/26 20:27:04.0727 1092 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

2011/07/26 20:27:04.0861 1092 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

2011/07/26 20:27:04.0909 1092 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

2011/07/26 20:27:04.0973 1092 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

2011/07/26 20:27:05.0117 1092 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

2011/07/26 20:27:05.0150 1092 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/07/26 20:27:05.0190 1092 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

2011/07/26 20:27:05.0243 1092 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

2011/07/26 20:27:05.0299 1092 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

2011/07/26 20:27:05.0361 1092 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

2011/07/26 20:27:05.0395 1092 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

2011/07/26 20:27:05.0447 1092 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys

2011/07/26 20:27:05.0503 1092 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

2011/07/26 20:27:05.0647 1092 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

2011/07/26 20:27:05.0736 1092 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

2011/07/26 20:27:05.0865 1092 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

2011/07/26 20:27:05.0932 1092 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/07/26 20:27:06.0025 1092 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/07/26 20:27:06.0082 1092 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/07/26 20:27:06.0159 1092 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

2011/07/26 20:27:06.0230 1092 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

2011/07/26 20:27:06.0298 1092 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

2011/07/26 20:27:06.0419 1092 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

2011/07/26 20:27:06.0493 1092 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

2011/07/26 20:27:06.0539 1092 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

2011/07/26 20:27:06.0638 1092 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys

2011/07/26 20:27:06.0742 1092 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

2011/07/26 20:27:06.0796 1092 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys

2011/07/26 20:27:06.0859 1092 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys

2011/07/26 20:27:06.0917 1092 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

2011/07/26 20:27:07.0089 1092 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

2011/07/26 20:27:07.0191 1092 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

2011/07/26 20:27:07.0237 1092 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

2011/07/26 20:27:07.0291 1092 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

2011/07/26 20:27:07.0327 1092 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

2011/07/26 20:27:07.0376 1092 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

2011/07/26 20:27:07.0423 1092 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

2011/07/26 20:27:07.0475 1092 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

2011/07/26 20:27:07.0714 1092 pneteth (fe74ba87cdaa80ac9261f49167f0608a) C:\Windows\system32\DRIVERS\pneteth.sys

2011/07/26 20:27:07.0805 1092 pnetmdm (06841f5cd8410b6bdc0b5a631b8f8787) C:\Windows\system32\DRIVERS\pnetmdm64.sys

2011/07/26 20:27:07.0970 1092 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

2011/07/26 20:27:08.0024 1092 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

2011/07/26 20:27:08.0122 1092 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

2011/07/26 20:27:08.0202 1092 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

2011/07/26 20:27:08.0362 1092 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

2011/07/26 20:27:08.0418 1092 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

2011/07/26 20:27:08.0457 1092 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

2011/07/26 20:27:08.0518 1092 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

2011/07/26 20:27:08.0586 1092 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/07/26 20:27:08.0644 1092 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/07/26 20:27:08.0715 1092 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

2011/07/26 20:27:08.0759 1092 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

2011/07/26 20:27:08.0803 1092 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

2011/07/26 20:27:08.0843 1092 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/07/26 20:27:08.0913 1092 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

2011/07/26 20:27:09.0007 1092 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

2011/07/26 20:27:09.0063 1092 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

2011/07/26 20:27:09.0145 1092 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

2011/07/26 20:27:09.0311 1092 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys

2011/07/26 20:27:09.0398 1092 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

2011/07/26 20:27:09.0509 1092 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys

2011/07/26 20:27:09.0637 1092 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

2011/07/26 20:27:09.0688 1092 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

2011/07/26 20:27:09.0749 1092 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

2011/07/26 20:27:09.0858 1092 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

2011/07/26 20:27:09.0954 1092 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

2011/07/26 20:27:10.0017 1092 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

2011/07/26 20:27:10.0055 1092 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

2011/07/26 20:27:10.0163 1092 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

2011/07/26 20:27:10.0220 1092 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

2011/07/26 20:27:10.0257 1092 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys

2011/07/26 20:27:10.0300 1092 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

2011/07/26 20:27:10.0388 1092 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys

2011/07/26 20:27:10.0427 1092 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

2011/07/26 20:27:10.0472 1092 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

2011/07/26 20:27:10.0536 1092 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

2011/07/26 20:27:10.0775 1092 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys

2011/07/26 20:27:10.0865 1092 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

2011/07/26 20:27:10.0979 1092 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

2011/07/26 20:27:11.0032 1092 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

2011/07/26 20:27:11.0081 1092 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

2011/07/26 20:27:11.0166 1092 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

2011/07/26 20:27:11.0251 1092 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

2011/07/26 20:27:11.0506 1092 Tcpip (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\drivers\tcpip.sys

2011/07/26 20:27:11.0748 1092 TCPIP6 (61dc720bb065d607d5823f13d2a64321) C:\Windows\system32\DRIVERS\tcpip.sys

2011/07/26 20:27:11.0835 1092 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

2011/07/26 20:27:11.0955 1092 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

2011/07/26 20:27:11.0991 1092 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

2011/07/26 20:27:12.0036 1092 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

2011/07/26 20:27:12.0080 1092 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

2011/07/26 20:27:12.0216 1092 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/07/26 20:27:12.0277 1092 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

2011/07/26 20:27:12.0361 1092 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

2011/07/26 20:27:12.0443 1092 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

2011/07/26 20:27:12.0551 1092 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

2011/07/26 20:27:12.0618 1092 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

2011/07/26 20:27:12.0678 1092 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

2011/07/26 20:27:12.0778 1092 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys

2011/07/26 20:27:12.0834 1092 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/07/26 20:27:12.0898 1092 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

2011/07/26 20:27:12.0941 1092 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys

2011/07/26 20:27:13.0012 1092 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys

2011/07/26 20:27:13.0064 1092 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys

2011/07/26 20:27:13.0125 1092 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

2011/07/26 20:27:13.0180 1092 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

2011/07/26 20:27:13.0240 1092 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/07/26 20:27:13.0338 1092 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys

2011/07/26 20:27:13.0477 1092 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

2011/07/26 20:27:13.0549 1092 usb_rndisx (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

2011/07/26 20:27:13.0652 1092 VClone (84bb306b7863883018d7f3eb0c453bd5) C:\Windows\system32\DRIVERS\VClone.sys

2011/07/26 20:27:13.0749 1092 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

2011/07/26 20:27:13.0824 1092 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/07/26 20:27:13.0876 1092 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

2011/07/26 20:27:13.0927 1092 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

2011/07/26 20:27:13.0969 1092 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

2011/07/26 20:27:14.0012 1092 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

2011/07/26 20:27:14.0060 1092 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

2011/07/26 20:27:14.0103 1092 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

2011/07/26 20:27:14.0159 1092 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

2011/07/26 20:27:14.0219 1092 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

2011/07/26 20:27:14.0256 1092 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

2011/07/26 20:27:14.0323 1092 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

2011/07/26 20:27:14.0385 1092 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

2011/07/26 20:27:14.0457 1092 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/07/26 20:27:14.0579 1092 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

2011/07/26 20:27:14.0713 1092 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

2011/07/26 20:27:14.0793 1092 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

2011/07/26 20:27:15.0047 1092 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

2011/07/26 20:27:15.0127 1092 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys

2011/07/26 20:27:15.0189 1092 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

2011/07/26 20:27:15.0427 1092 WinUSB (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUSB.sys

2011/07/26 20:27:15.0492 1092 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

2011/07/26 20:27:15.0682 1092 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

2011/07/26 20:27:15.0777 1092 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

2011/07/26 20:27:15.0843 1092 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/07/26 20:27:16.0017 1092 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

2011/07/26 20:27:16.0064 1092 Boot (0x1200) (20eb6e243af038482c91af4cc9ef8027) \Device\Harddisk0\DR0\Partition0

2011/07/26 20:27:16.0105 1092 Boot (0x1200) (7ee1d42655f4e786ff96816c39123b60) \Device\Harddisk0\DR0\Partition1

2011/07/26 20:27:16.0118 1092 ================================================================================

2011/07/26 20:27:16.0118 1092 Scan finished

2011/07/26 20:27:16.0118 1092 ================================================================================

2011/07/26 20:27:16.0146 3808 Detected object count: 0

2011/07/26 20:27:16.0146 3808 Actual detected object count: 0

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Link to post
Share on other sites

Here you go:

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Database version: 7320

Windows 6.1.7600

Internet Explorer 9.0.8112.16421

7/29/2011 10:01:27 AM

mbam-log-2011-07-29 (10-01-27).txt

Scan type: Quick scan

Objects scanned: 168375

Time elapsed: 5 minute(s), 44 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

===============================================================================================================

.

DDS (Ver_2011-06-23.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Jo at 10:04:08 on 2011-07-29

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4061.1964 [GMT -7:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

C:\Program Files\ATKGFNEX\GFNEXSrv.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\rundll32.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

D:\Program Files (x86)\Advanced SystemCare 4\ASCService.exe

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe

C:\Program Files (x86)\Google\Update\1.3.21.57\GoogleCrashHandler.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe

D:\Program Files (x86)\xmarkssync.exe

C:\Program Files (x86)\Syncdocs\Syncdocs.exe

D:\Program Files (x86)\Advanced SystemCare 4\ASCTray.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Jo\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\PowerMenu\PowerMenu.exe

C:\Windows\SysWOW64\RunDll32.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

C:\Windows\system32\wuauclt.exe

D:\Program Files (x86)\firefox.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

D:\Program Files (x86)\plugin-container.exe

D:\Program Files (x86)\plugin-container.exe

D:\Program Files (x86)\MozillaThunderbird\thunderbird.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Windows\system32\taskeng.exe

C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearch Page = hxxp://www.google.com

uDefault_Page_URL = hxxp://asus.msn.com

uSearch Bar = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

mWinlogon: Userinit=userinit.exe,

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - D:\Program Files (x86)\bin\jp2ssv.dll

BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

uRun: [EasyTether] "C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe"

uRun: [Xmarks] D:\Program Files (x86)\xmarkssync.exe -q

uRun: [Google Update] "C:\Users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [syncDocs] C:\Program Files (x86)\Syncdocs\Syncdocs.exe

uRun: [Advanced SystemCare 4] D:\Program Files (x86)\Advanced SystemCare 4\ASCTray.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

mRun: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

StartupFolder: C:\Users\Jo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Jo\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\Jo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\POWERM~1.LNK - C:\Program Files (x86)\PowerMenu\PowerMenu.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files (x86)\DownloadPDF.exe

IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{17B250F4-B001-4EED-BF6D-9FD0760B822E} : DhcpNameServer = 172.20.23.254

TCP: Interfaces\{BDBEB722-E9E4-430B-A278-A40794044C4C} : DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{BDBEB722-E9E4-430B-A278-A40794044C4C}\36C657 : DhcpNameServer = 199.107.196.47 199.107.196.38 4.2.2.1

TCP: Interfaces\{BDBEB722-E9E4-430B-A278-A40794044C4C}\A49627961637 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{BDBEB722-E9E4-430B-A278-A40794044C4C}\C416E6963702E4564777F627B6D27657563747 : DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11

TCP: Interfaces\{BDBEB722-E9E4-430B-A278-A40794044C4C}\D427E22456C6675646562756 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{BDBEB722-E9E4-430B-A278-A40794044C4C}\E4544574541425 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{C2D4846C-DFCC-4DCA-AF79-9B9CB75A368C} : DhcpNameServer = 8.8.8.8 8.8.4.4

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

AppInit_DLLs: C:\PROGRA~2\Google\GOOGLE~2\GO36F4~1.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

BHO-X64: Search Helper - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\bin\jp2ssv.dll

BHO-X64: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

BHO-X64: Google Gears Helper - No File

BHO-X64: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB-X64: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

mRun-x64: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

mRun-x64: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE-X64: {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files (x86)\DownloadPDF.exe

IE-X64: {638F11AA-DF27-433b-BA2E-7281CE561D71} - D:\Program Files (x86)\xmarkssync.exe

AppInit_DLLs-X64: C:\PROGRA~2\Google\GOOGLE~2\GO36F4~1.DLL

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\gvxux4al.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Jo\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\gvxux4al.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\plugins\npietab2.dll

FF - plugin: C:\Users\Jo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Jo\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: D:\Program Files (x86)\bin\new_plugin\npdeployJava1.dll

FF - plugin: D:\Program Files (x86)\bin\new_plugin\npjp2.dll

FF - plugin: D:\Program Files (x86)\Picasa\Picasa3\npPicasa3.dll

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdvancedSystemCareService;Advanced SystemCare Service;D:\Program Files (x86)\Advanced SystemCare 4\ASCService.exe [2011-7-22 353168]

R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]

R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2009-11-9 14904]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-7-14 42184]

R2 OberonGameConsoleService;Oberon Media Game Console service;C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe [2009-11-9 44312]

R3 easytether;easytether;C:\Windows\system32\DRIVERS\easytthr.sys --> C:\Windows\system32\DRIVERS\easytthr.sys [?]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-25 136176]

S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]

S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-2-9 30192]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-25 136176]

S3 hcw72ADFilter;WinTV HVR-950 USB Audio Filter Driver;C:\Windows\system32\DRIVERS\hcw72ADFilter.sys --> C:\Windows\system32\DRIVERS\hcw72ADFilter.sys [?]

S3 hcw72ATV;WinTV HVR-950 NTSC;C:\Windows\system32\DRIVERS\hcw72ATV.sys --> C:\Windows\system32\DRIVERS\hcw72ATV.sys [?]

S3 hcw72DTV;WinTV HVR-950 ATSC/QAM;C:\Windows\system32\DRIVERS\hcw72DTV.sys --> C:\Windows\system32\DRIVERS\hcw72DTV.sys [?]

S3 pneteth;PdaNet Broadband;C:\Windows\system32\DRIVERS\pneteth.sys --> C:\Windows\system32\DRIVERS\pneteth.sys [?]

S3 pnetmdm;PdaNet Modem;C:\Windows\system32\DRIVERS\pnetmdm64.sys --> C:\Windows\system32\DRIVERS\pnetmdm64.sys [?]

S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2011-07-28 15:46:59 23112 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys

2011-07-28 15:45:54 -------- d-----w- C:\ProgramData\Hitman Pro

2011-07-27 02:00:04 -------- d-----w- C:\Users\Jo\AppData\Roaming\Malwarebytes

2011-07-27 01:59:56 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-27 01:59:55 -------- d-----w- C:\ProgramData\Malwarebytes

2011-07-27 01:59:51 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-07-27 01:59:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-07-23 23:38:10 -------- d-----w- C:\Windows\SysWow64\Wat

2011-07-23 23:38:10 -------- d-----w- C:\Windows\System32\Wat

2011-07-23 23:28:54 -------- d-----w- C:\Program Files\iPod

2011-07-23 23:28:53 -------- d-----w- C:\Program Files\iTunes

2011-07-23 23:25:21 -------- d-----w- C:\Program Files\Bonjour

2011-07-23 01:56:37 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2011-07-23 01:56:37 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2011-07-23 01:56:37 362496 ----a-w- C:\Windows\System32\wow64win.dll

2011-07-23 01:56:37 338944 ----a-w- C:\Windows\System32\conhost.exe

2011-07-23 01:56:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2011-07-23 01:56:37 243200 ----a-w- C:\Windows\System32\wow64.dll

2011-07-23 01:56:37 214528 ----a-w- C:\Windows\System32\winsrv.dll

2011-07-23 01:56:37 2048 ----a-w- C:\Windows\SysWow64\user.exe

2011-07-23 01:56:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2011-07-23 01:56:37 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2011-07-23 01:56:37 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2011-07-23 01:53:16 3134464 ----a-w- C:\Windows\System32\win32k.sys

2011-07-23 01:51:55 64512 ----a-w- C:\Windows\SysWow64\devobj.dll

2011-07-23 01:51:55 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll

2011-07-23 01:51:55 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll

2011-07-23 01:51:55 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe

2011-07-23 01:51:55 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll

2011-07-23 01:46:42 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll

2011-07-23 01:46:42 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2011-07-23 01:46:42 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2011-07-23 01:46:42 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2011-07-23 01:44:01 461312 ----a-w- C:\Windows\System32\drivers\srv.sys

2011-07-23 01:44:01 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys

2011-07-23 01:44:01 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2011-07-23 01:43:04 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys

2011-07-23 01:42:09 499712 ----a-w- C:\Windows\System32\drivers\afd.sys

2011-07-23 01:42:09 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2011-07-23 01:41:03 861184 ----a-w- C:\Windows\System32\oleaut32.dll

2011-07-23 01:41:03 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-07-23 01:37:29 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

2011-07-23 01:37:29 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2011-07-23 01:37:29 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2011-07-23 01:36:33 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2011-07-23 01:36:33 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll

2011-07-23 01:35:37 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys

2011-07-23 01:35:04 142336 ----a-w- C:\Windows\System32\poqexec.exe

2011-07-23 01:35:04 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe

2011-07-23 01:33:54 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe

2011-07-23 01:33:54 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2011-07-23 01:33:54 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2011-07-23 01:32:46 662528 ----a-w- C:\Windows\System32\XpsPrint.dll

2011-07-23 01:32:46 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll

2011-07-23 01:29:49 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe

2011-07-23 01:29:49 31232 ----a-w- C:\Windows\System32\prevhost.exe

2011-07-23 01:28:55 2870272 ----a-w- C:\Windows\explorer.exe

2011-07-23 01:28:55 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe

2011-07-23 01:27:59 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe

2011-07-23 01:27:59 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe

2011-07-23 01:27:59 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll

2011-07-23 01:26:58 46080 ----a-w- C:\Windows\System32\atmlib.dll

2011-07-23 01:26:58 367104 ----a-w- C:\Windows\System32\atmfd.dll

2011-07-23 01:26:58 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2011-07-23 01:26:58 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll

2011-07-23 01:25:15 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe

2011-07-23 01:24:18 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys

2011-07-23 01:23:04 1395712 ----a-w- C:\Windows\System32\mfc42.dll

2011-07-23 01:23:04 1359872 ----a-w- C:\Windows\System32\mfc42u.dll

2011-07-23 01:23:04 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll

2011-07-23 01:23:04 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll

2011-07-23 01:22:05 640896 ----a-w- C:\Windows\System32\winload.efi

2011-07-23 01:22:05 603976 ----a-w- C:\Windows\System32\winload.exe

2011-07-23 01:22:05 556928 ----a-w- C:\Windows\System32\winresume.efi

2011-07-23 01:22:05 518160 ----a-w- C:\Windows\System32\winresume.exe

2011-07-23 01:22:05 20352 ----a-w- C:\Windows\System32\kdusb.dll

2011-07-23 01:22:05 19328 ----a-w- C:\Windows\System32\kd1394.dll

2011-07-23 01:22:05 17792 ----a-w- C:\Windows\System32\kdcom.dll

2011-07-23 01:21:00 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2011-07-23 01:21:00 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll

2011-07-23 01:20:05 902656 ----a-w- C:\Windows\System32\d2d1.dll

2011-07-23 01:20:05 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2011-07-23 01:20:05 1544192 ----a-w- C:\Windows\System32\DWrite.dll

2011-07-23 01:20:05 1139200 ----a-w- C:\Windows\System32\FntCache.dll

2011-07-23 01:20:05 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll

2011-07-23 01:19:12 3138048 ----a-w- C:\Windows\System32\mstscax.dll

2011-07-23 01:19:12 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll

2011-07-23 01:19:12 1097216 ----a-w- C:\Windows\System32\mstsc.exe

2011-07-23 01:19:12 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe

2011-07-23 01:18:20 961024 ----a-w- C:\Windows\System32\CPFilters.dll

2011-07-23 01:18:20 850432 ----a-w- C:\Windows\SysWow64\sbe.dll

2011-07-23 01:18:20 723968 ----a-w- C:\Windows\System32\EncDec.dll

2011-07-23 01:18:20 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll

2011-07-23 01:18:20 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll

2011-07-23 01:18:20 259072 ----a-w- C:\Windows\System32\mpg2splt.ax

2011-07-23 01:18:20 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax

2011-07-23 01:18:20 1118720 ----a-w- C:\Windows\System32\sbe.dll

2011-07-23 01:17:14 1739176 ----a-w- C:\Windows\System32\ntdll.dll

2011-07-23 01:17:14 1293120 ----a-w- C:\Windows\SysWow64\ntdll.dll

2011-07-23 01:14:27 367104 ----a-w- C:\Windows\System32\wcncsvc.dll

2011-07-23 01:14:27 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll

2011-07-23 01:12:02 714752 ----a-w- C:\Windows\System32\kerberos.dll

2011-07-23 01:12:02 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll

2011-07-23 01:11:13 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll

2011-07-23 01:11:13 720896 ----a-w- C:\Windows\System32\odbc32.dll

2011-07-23 01:11:13 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll

2011-07-23 01:11:13 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll

2011-07-23 01:11:13 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll

2011-07-23 01:11:13 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll

2011-07-23 01:11:13 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll

2011-07-23 01:11:13 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll

2011-07-23 01:11:13 208896 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll

2011-07-23 01:11:13 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll

2011-07-23 01:09:54 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2011-07-23 01:09:54 2048 ----a-w- C:\Windows\System32\tzres.dll

2011-07-23 01:09:02 148992 ----a-w- C:\Windows\System32\t2embed.dll

2011-07-23 01:09:02 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll

2011-07-23 01:08:22 4582912 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe

2011-07-23 01:08:22 4247040 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe

2011-07-23 01:08:22 2085376 ----a-w- C:\Windows\System32\ole32.dll

2011-07-23 01:08:22 1413632 ----a-w- C:\Windows\SysWow64\ole32.dll

2011-07-23 01:07:36 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll

2011-07-23 01:07:36 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll

2011-07-23 01:06:50 633856 ----a-w- C:\Windows\System32\comctl32.dll

2011-07-23 01:06:50 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll

2011-07-23 01:06:11 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll

2011-07-23 01:06:11 1024512 ----a-w- C:\Windows\System32\wmpmde.dll

2011-07-23 01:05:29 340992 ----a-w- C:\Windows\System32\schannel.dll

2011-07-23 01:05:29 224256 ----a-w- C:\Windows\SysWow64\schannel.dll

2011-07-23 01:04:52 112000 ----a-w- C:\Windows\System32\consent.exe

2011-07-23 01:04:15 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe

2011-07-23 01:04:15 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe

2011-07-23 01:04:15 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll

2011-07-23 01:03:31 395776 ----a-w- C:\Windows\System32\webio.dll

2011-07-23 01:03:31 314368 ----a-w- C:\Windows\SysWow64\webio.dll

2011-07-23 01:02:40 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll

2011-07-23 01:02:40 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll

2011-07-23 01:02:40 473600 ----a-w- C:\Windows\System32\taskcomp.dll

2011-07-23 01:02:40 464384 ----a-w- C:\Windows\System32\taskeng.exe

2011-07-23 01:02:40 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll

2011-07-23 01:02:40 285696 ----a-w- C:\Windows\System32\schtasks.exe

2011-07-23 01:02:40 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe

2011-07-23 01:02:40 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe

2011-07-23 01:02:40 1169408 ----a-w- C:\Windows\System32\taskschd.dll

2011-07-23 01:02:40 1114624 ----a-w- C:\Windows\System32\schedsvc.dll

2011-07-23 01:00:44 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe

2011-07-23 01:00:44 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

2011-07-23 01:00:44 12625920 ----a-w- C:\Windows\System32\wmploc.DLL

2011-07-23 01:00:44 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL

2011-07-23 00:59:52 9728 ----a-w- C:\Windows\SysWow64\sscore.dll

2011-07-23 00:59:52 236032 ----a-w- C:\Windows\System32\srvsvc.dll

2011-07-23 00:59:07 483840 ----a-w- C:\Windows\System32\StructuredQuery.dll

2011-07-23 00:59:07 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll

2011-07-23 00:58:27 243712 ----a-w- C:\Windows\System32\drivers\ks.sys

2011-07-23 00:58:27 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys

2011-07-23 00:57:48 558592 ----a-w- C:\Windows\System32\spoolsv.exe

2011-07-23 00:56:24 52224 ----a-w- C:\Windows\System32\rtutils.dll

2011-07-23 00:56:24 37376 ----a-w- C:\Windows\SysWow64\rtutils.dll

2011-07-23 00:55:45 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll

2011-07-23 00:54:34 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll

2011-07-23 00:54:34 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll

2011-07-23 00:54:34 48960 ----a-w- C:\Windows\System32\netfxperf.dll

2011-07-23 00:54:34 444752 ----a-w- C:\Windows\System32\mscoree.dll

2011-07-23 00:54:34 320352 ----a-w- C:\Windows\System32\PresentationHost.exe

2011-07-23 00:54:34 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll

2011-07-23 00:54:34 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe

2011-07-23 00:54:34 1942856 ----a-w- C:\Windows\System32\dfshim.dll

2011-07-23 00:54:34 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll

2011-07-23 00:54:34 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll

2011-07-23 00:53:11 84992 ----a-w- C:\Windows\System32\asycfilt.dll

2011-07-23 00:53:11 67584 ----a-w- C:\Windows\SysWow64\asycfilt.dll

2011-07-23 00:52:45 2080256 ----a-w- C:\Program Files\Windows Mail\msoe.dll

2011-07-23 00:52:45 1619968 ----a-w- C:\Program Files (x86)\Windows Mail\msoe.dll

2011-07-23 00:52:13 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2011-07-23 00:52:13 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2011-07-23 00:52:13 153160 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2011-07-23 00:52:13 1446912 ----a-w- C:\Windows\System32\lsasrv.dll

2011-07-23 00:50:58 91648 ----a-w- C:\Windows\SysWow64\avifil32.dll

2011-07-23 00:49:42 1975296 ----a-w- C:\Windows\System32\CertEnroll.dll

2011-07-23 00:49:42 1320960 ----a-w- C:\Windows\SysWow64\CertEnroll.dll

2011-07-22 18:58:02 66048 --sha-r- C:\Windows\SysWow64\drtprovc.dll

2011-07-22 18:45:44 8873296 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{28C75F9C-4D66-4DC7-8678-3E674C65ACBE}\mpengine.dll

2011-07-12 18:34:00 96104 ----a-w- C:\Windows\System32\dns-sd.exe

2011-07-12 18:34:00 85864 ----a-w- C:\Windows\System32\dnssd.dll

2011-07-12 18:34:00 61288 ----a-w- C:\Windows\System32\jdns_sd.dll

2011-07-12 18:34:00 212840 ----a-w- C:\Windows\System32\dnssdX.dll

2011-07-12 18:20:54 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe

2011-07-12 18:20:54 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll

2011-07-12 18:20:54 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll

2011-07-12 18:20:54 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll

.

==================== Find3M ====================

.

2011-07-23 01:56:37 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2011-07-23 01:50:42 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe

2011-07-23 01:45:25 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-07-23 01:45:24 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-07-23 01:45:24 2303488 ----a-w- C:\Windows\System32\jscript9.dll

2011-07-23 01:45:24 1797632 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-07-23 01:30:54 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2011-07-23 01:30:54 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2011-07-23 00:51:50 223448 ----a-w- C:\Windows\System32\drivers\fvevol.sys

2011-07-23 00:50:58 84480 ----a-w- C:\Windows\SysWow64\mciavi32.dll

2011-07-16 15:03:29 45056 ----a-w- C:\Windows\System32\acovcnt.exe

2011-07-04 11:43:53 40112 ----a-w- C:\Windows\avastSS.scr

2011-07-04 11:36:56 600920 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2011-07-04 11:32:24 64856 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2011-05-25 02:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe

.

============= FINISH: 10:13:09.71 ===============

Link to post
Share on other sites

  • Staff

Hi,

I see you have IOBit software installed.

Please read this:

http://forums.malwarebytes.org/index.php?showtopic=33217

I highly recommend uninstalling their software.

Please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

-screen317

Link to post
Share on other sites

As instructed, I disabled Avast before running ComboFix, but it stated that Avast was not disabled. I triple checked and it was disabled.

ComboFix 11-08-02.02 - Jo 08/02/2011 8:19.1.2 - x64

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4061.2616 [GMT -7:00]

Running from: c:\users\Jo\Desktop\ComboFix.exe

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\FullRemove.exe

.

.

((((((((((((((((((((((((( Files Created from 2011-07-02 to 2011-08-02 )))))))))))))))))))))))))))))))

.

.

2011-08-02 15:30 . 2011-08-02 15:30 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-07-28 15:46 . 2011-07-28 15:46 23112 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2011-07-28 15:45 . 2011-07-28 15:46 -------- d-----w- c:\programdata\Hitman Pro

2011-07-27 02:00 . 2011-07-27 02:00 -------- d-----w- c:\users\Jo\AppData\Roaming\Malwarebytes

2011-07-27 01:59 . 2011-07-07 02:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-27 01:59 . 2011-07-27 01:59 -------- d-----w- c:\programdata\Malwarebytes

2011-07-27 01:59 . 2011-07-27 01:59 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-07-27 01:59 . 2011-07-07 02:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-23 23:38 . 2011-07-23 23:38 -------- d-----w- c:\windows\SysWow64\Wat

2011-07-23 23:38 . 2011-07-23 23:38 -------- d-----w- c:\windows\system32\Wat

2011-07-23 23:28 . 2011-07-23 23:28 -------- d-----w- c:\program files\iPod

2011-07-23 23:28 . 2011-07-23 23:29 -------- d-----w- c:\program files\iTunes

2011-07-23 23:25 . 2011-07-23 23:25 -------- d-----w- c:\program files\Bonjour

2011-07-23 01:56 . 2011-07-23 01:56 7680 ----a-w- c:\windows\SysWow64\instnm.exe

2011-07-23 01:56 . 2011-07-23 01:56 5120 ----a-w- c:\windows\SysWow64\wow32.dll

2011-07-23 01:56 . 2011-07-23 01:56 362496 ----a-w- c:\windows\system32\wow64win.dll

2011-07-23 01:56 . 2011-07-23 01:56 338944 ----a-w- c:\windows\system32\conhost.exe

2011-07-23 01:56 . 2011-07-23 01:56 25600 ----a-w- c:\windows\SysWow64\setup16.exe

2011-07-23 01:56 . 2011-07-23 01:56 243200 ----a-w- c:\windows\system32\wow64.dll

2011-07-23 01:56 . 2011-07-23 01:56 214528 ----a-w- c:\windows\system32\winsrv.dll

2011-07-23 01:56 . 2011-07-23 01:56 2048 ----a-w- c:\windows\SysWow64\user.exe

2011-07-23 01:56 . 2011-07-23 01:56 16384 ----a-w- c:\windows\system32\ntvdm64.dll

2011-07-23 01:56 . 2011-07-23 01:56 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll

2011-07-23 01:56 . 2011-07-23 01:56 13312 ----a-w- c:\windows\system32\wow64cpu.dll

2011-07-23 01:53 . 2011-07-23 01:53 3134464 ----a-w- c:\windows\system32\win32k.sys

2011-07-23 01:51 . 2011-07-23 01:51 64512 ----a-w- c:\windows\SysWow64\devobj.dll

2011-07-23 01:51 . 2011-07-23 01:51 44544 ----a-w- c:\windows\SysWow64\devrtl.dll

2011-07-23 01:51 . 2011-07-23 01:51 404992 ----a-w- c:\windows\system32\umpnpmgr.dll

2011-07-23 01:51 . 2011-07-23 01:51 252928 ----a-w- c:\windows\SysWow64\drvinst.exe

2011-07-23 01:51 . 2011-07-23 01:51 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll

2011-07-23 01:46 . 2011-07-23 01:46 320512 ----a-w- c:\windows\system32\d3d10_1core.dll

2011-07-23 01:46 . 2011-07-23 01:46 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll

2011-07-23 01:46 . 2011-07-23 01:46 197120 ----a-w- c:\windows\system32\d3d10_1.dll

2011-07-23 01:46 . 2011-07-23 01:46 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll

2011-07-23 01:44 . 2011-07-23 01:44 461312 ----a-w- c:\windows\system32\drivers\srv.sys

2011-07-23 01:44 . 2011-07-23 01:44 399872 ----a-w- c:\windows\system32\drivers\srv2.sys

2011-07-23 01:44 . 2011-07-23 01:44 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys

2011-07-23 01:43 . 2011-07-23 01:43 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys

2011-07-23 01:42 . 2011-07-23 01:42 499712 ----a-w- c:\windows\system32\drivers\afd.sys

2011-07-23 01:42 . 2011-07-23 01:42 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys

2011-07-23 01:41 . 2011-07-23 01:41 861184 ----a-w- c:\windows\system32\oleaut32.dll

2011-07-23 01:41 . 2011-07-23 01:41 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll

2011-07-23 01:37 . 2011-07-23 01:37 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

2011-07-23 01:37 . 2011-07-23 01:37 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-07-23 01:37 . 2011-07-23 01:37 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys

2011-07-23 01:36 . 2011-07-23 01:36 976896 ----a-w- c:\windows\system32\inetcomm.dll

2011-07-23 01:36 . 2011-07-23 01:36 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll

2011-07-23 01:35 . 2011-07-23 01:35 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2011-07-23 01:35 . 2011-07-23 01:35 142336 ----a-w- c:\windows\system32\poqexec.exe

2011-07-23 01:35 . 2011-07-23 01:35 123904 ----a-w- c:\windows\SysWow64\poqexec.exe

2011-07-23 01:33 . 2011-07-23 01:33 5509504 ----a-w- c:\windows\system32\ntoskrnl.exe

2011-07-23 01:33 . 2011-07-23 01:33 3957632 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2011-07-23 01:33 . 2011-07-23 01:33 3901824 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2011-07-23 01:32 . 2011-07-23 01:32 662528 ----a-w- c:\windows\system32\XpsPrint.dll

2011-07-23 01:32 . 2011-07-23 01:32 442880 ----a-w- c:\windows\SysWow64\XpsPrint.dll

2011-07-23 01:29 . 2011-07-23 01:29 31232 ----a-w- c:\windows\SysWow64\prevhost.exe

2011-07-23 01:29 . 2011-07-23 01:29 31232 ----a-w- c:\windows\system32\prevhost.exe

2011-07-23 01:28 . 2011-07-23 01:28 2870272 ----a-w- c:\windows\explorer.exe

2011-07-23 01:28 . 2011-07-23 01:28 2614784 ----a-w- c:\windows\SysWow64\explorer.exe

2011-07-23 01:27 . 2011-07-23 01:27 30208 ----a-w- c:\windows\system32\dnscacheugc.exe

2011-07-23 01:27 . 2011-07-23 01:27 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe

2011-07-23 01:27 . 2011-07-23 01:27 182272 ----a-w- c:\windows\system32\dnsrslvr.dll

2011-07-23 01:26 . 2011-07-23 01:26 46080 ----a-w- c:\windows\system32\atmlib.dll

2011-07-23 01:26 . 2011-07-23 01:26 367104 ----a-w- c:\windows\system32\atmfd.dll

2011-07-23 01:26 . 2011-07-23 01:26 34304 ----a-w- c:\windows\SysWow64\atmlib.dll

2011-07-23 01:26 . 2011-07-23 01:26 294912 ----a-w- c:\windows\SysWow64\atmfd.dll

2011-07-23 01:25 . 2011-07-23 01:25 267776 ----a-w- c:\windows\system32\FXSCOVER.exe

2011-07-23 01:24 . 2011-07-23 01:24 90624 ----a-w- c:\windows\system32\drivers\bowser.sys

2011-07-23 01:23 . 2011-07-23 01:23 1395712 ----a-w- c:\windows\system32\mfc42.dll

2011-07-23 01:23 . 2011-07-23 01:23 1359872 ----a-w- c:\windows\system32\mfc42u.dll

2011-07-23 01:23 . 2011-07-23 01:23 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll

2011-07-23 01:23 . 2011-07-23 01:23 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll

2011-07-23 01:22 . 2011-07-23 01:22 640896 ----a-w- c:\windows\system32\winload.efi

2011-07-23 01:22 . 2011-07-23 01:22 603976 ----a-w- c:\windows\system32\winload.exe

2011-07-23 01:22 . 2011-07-23 01:22 556928 ----a-w- c:\windows\system32\winresume.efi

2011-07-23 01:22 . 2011-07-23 01:22 518160 ----a-w- c:\windows\system32\winresume.exe

2011-07-23 01:22 . 2011-07-23 01:22 20352 ----a-w- c:\windows\system32\kdusb.dll

2011-07-23 01:22 . 2011-07-23 01:22 19328 ----a-w- c:\windows\system32\kd1394.dll

2011-07-23 01:22 . 2011-07-23 01:22 17792 ----a-w- c:\windows\system32\kdcom.dll

2011-07-23 01:21 . 2011-07-23 01:21 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-07-23 01:21 . 2011-07-23 01:21 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll

2011-07-23 01:20 . 2011-07-23 01:20 902656 ----a-w- c:\windows\system32\d2d1.dll

2011-07-23 01:20 . 2011-07-23 01:20 739840 ----a-w- c:\windows\SysWow64\d2d1.dll

2011-07-23 01:20 . 2011-07-23 01:20 1544192 ----a-w- c:\windows\system32\DWrite.dll

2011-07-23 01:20 . 2011-07-23 01:20 1139200 ----a-w- c:\windows\system32\FntCache.dll

2011-07-23 01:20 . 2011-07-23 01:20 1076736 ----a-w- c:\windows\SysWow64\DWrite.dll

2011-07-23 01:19 . 2011-07-23 01:19 3138048 ----a-w- c:\windows\system32\mstscax.dll

2011-07-23 01:19 . 2011-07-23 01:19 2690560 ----a-w- c:\windows\SysWow64\mstscax.dll

2011-07-23 01:19 . 2011-07-23 01:19 1097216 ----a-w- c:\windows\system32\mstsc.exe

2011-07-23 01:19 . 2011-07-23 01:19 1034240 ----a-w- c:\windows\SysWow64\mstsc.exe

2011-07-23 01:18 . 2011-07-23 01:18 961024 ----a-w- c:\windows\system32\CPFilters.dll

2011-07-23 01:18 . 2011-07-23 01:18 850432 ----a-w- c:\windows\SysWow64\sbe.dll

2011-07-23 01:18 . 2011-07-23 01:18 723968 ----a-w- c:\windows\system32\EncDec.dll

2011-07-23 01:18 . 2011-07-23 01:18 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll

2011-07-23 01:18 . 2011-07-23 01:18 534528 ----a-w- c:\windows\SysWow64\EncDec.dll

2011-07-23 01:18 . 2011-07-23 01:18 259072 ----a-w- c:\windows\system32\mpg2splt.ax

2011-07-23 01:18 . 2011-07-23 01:18 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax

2011-07-23 01:18 . 2011-07-23 01:18 1118720 ----a-w- c:\windows\system32\sbe.dll

2011-07-23 01:17 . 2011-07-23 01:17 1739176 ----a-w- c:\windows\system32\ntdll.dll

2011-07-23 01:17 . 2011-07-23 01:17 1293120 ----a-w- c:\windows\SysWow64\ntdll.dll

2011-07-23 01:14 . 2011-07-23 01:14 367104 ----a-w- c:\windows\system32\wcncsvc.dll

2011-07-23 01:14 . 2011-07-23 01:14 276992 ----a-w- c:\windows\SysWow64\wcncsvc.dll

2011-07-23 01:12 . 2011-07-23 01:12 714752 ----a-w- c:\windows\system32\kerberos.dll

2011-07-23 01:12 . 2011-07-23 01:12 541184 ----a-w- c:\windows\SysWow64\kerberos.dll

2011-07-23 01:11 . 2011-07-23 01:11 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll

2011-07-23 01:11 . 2011-07-23 01:11 720896 ----a-w- c:\windows\system32\odbc32.dll

2011-07-23 01:11 . 2011-07-23 01:11 573440 ----a-w- c:\windows\SysWow64\odbc32.dll

2011-07-23 01:11 . 2011-07-23 01:11 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll

2011-07-23 01:11 . 2011-07-23 01:11 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll

2011-07-23 01:11 . 2011-07-23 01:11 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll

2011-07-23 01:11 . 2011-07-23 01:11 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll

2011-07-23 01:11 . 2011-07-23 01:11 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll

2011-07-23 01:11 . 2011-07-23 01:11 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll

2011-07-23 01:11 . 2011-07-23 01:11 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll

2011-07-23 01:09 . 2011-07-23 01:09 2048 ----a-w- c:\windows\SysWow64\tzres.dll

2011-07-23 01:09 . 2011-07-23 01:09 2048 ----a-w- c:\windows\system32\tzres.dll

2011-07-23 01:09 . 2011-07-23 01:09 148992 ----a-w- c:\windows\system32\t2embed.dll

2011-07-23 01:09 . 2011-07-23 01:09 109056 ----a-w- c:\windows\SysWow64\t2embed.dll

2011-07-23 01:08 . 2011-07-23 01:08 4582912 ----a-w- c:\program files\Windows NT\Accessories\wordpad.exe

2011-07-23 01:08 . 2011-07-23 01:08 4247040 ----a-w- c:\program files (x86)\Windows NT\Accessories\wordpad.exe

2011-07-23 01:08 . 2011-07-23 01:08 2085376 ----a-w- c:\windows\system32\ole32.dll

2011-07-23 01:08 . 2011-07-23 01:08 1413632 ----a-w- c:\windows\SysWow64\ole32.dll

2011-07-23 01:07 . 2011-07-23 01:07 954752 ----a-w- c:\windows\SysWow64\mfc40.dll

2011-07-23 01:07 . 2011-07-23 01:07 954288 ----a-w- c:\windows\SysWow64\mfc40u.dll

2011-07-23 01:06 . 2011-07-23 01:06 633856 ----a-w- c:\windows\system32\comctl32.dll

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-07-23 01:56 . 2011-07-23 01:56 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2011-07-23 01:30 . 2011-07-23 01:30 347648 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll

2011-07-23 01:30 . 2011-07-23 01:30 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll

2011-07-16 15:03 . 2010-02-23 02:45 45056 ----a-w- c:\windows\system32\acovcnt.exe

2011-07-04 11:43 . 2010-07-20 19:20 40112 ----a-w- c:\windows\avastSS.scr

2011-07-04 11:43 . 2010-07-20 19:20 199304 ----a-w- c:\windows\SysWow64\aswBoot.exe

2011-07-04 11:43 . 2011-01-19 17:38 253888 ----a-w- c:\windows\system32\aswBoot.exe

2011-07-04 11:36 . 2011-03-25 18:55 600920 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-07-04 11:36 . 2010-07-20 19:20 288088 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-07-04 11:35 . 2010-07-20 19:20 45400 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-07-04 11:32 . 2010-07-20 19:20 31064 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-07-04 11:32 . 2010-07-20 19:20 64856 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2011-07-04 11:32 . 2010-07-20 19:20 22360 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-05-25 02:14 . 2010-02-06 22:49 270720 ------w- c:\windows\system32\MpSigStub.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 94208 ----a-w- c:\users\Jo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 94208 ----a-w- c:\users\Jo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 94208 ----a-w- c:\users\Jo\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"EasyTether"="c:\program files (x86)\Mobile Stream\EasyTether\easytthr.exe" [2010-06-21 41984]

"Xmarks"="d:\program files (x86)\xmarkssync.exe" [2011-02-05 1092808]

"SyncDocs"="c:\program files (x86)\Syncdocs\Syncdocs.exe" [2011-07-23 2993944]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]

"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]

"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]

"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2011-02-10 30192]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-07-20 421736]

.

c:\users\Jo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Jo\AppData\Roaming\Dropbox\bin\Dropbox.exe [2011-5-25 24176560]

PowerMenu.lnk - c:\program files (x86)\PowerMenu\PowerMenu.exe [2002-12-19 57344]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-7-29 1132320]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\progra~2\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

.

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-26 136176]

R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]

R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-02-10 30192]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-26 136176]

R3 hcw72ADFilter;WinTV HVR-950 USB Audio Filter Driver;c:\windows\system32\DRIVERS\hcw72ADFilter.sys [x]

R3 hcw72ATV;WinTV HVR-950 NTSC;c:\windows\system32\DRIVERS\hcw72ATV.sys [x]

R3 hcw72DTV;WinTV HVR-950 ATSC/QAM;c:\windows\system32\DRIVERS\hcw72DTV.sys [x]

R3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys [x]

R3 pnetmdm;PdaNet Modem;c:\windows\system32\DRIVERS\pnetmdm64.sys [x]

R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [x]

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S1 aswSnx;aswSnx; [x]

S1 aswSP;aswSP; [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]

S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]

S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]

S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys [x]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]

S3 IntcHdmiAddService;Intel® High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]

S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys [x]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

.

.

Contents of the 'Scheduled Tasks' folder

.

2011-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-26 04:54]

.

2011-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-26 04:54]

.

2011-08-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1301075224-2184419868-4284179741-1001Core.job

- c:\users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-28 22:57]

.

2011-08-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1301075224-2184419868-4284179741-1001UA.job

- c:\users\Jo\AppData\Local\Google\Update\GoogleUpdate.exe [2010-04-28 22:57]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2011-07-04 11:43 134384 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 97792 ----a-w- c:\users\Jo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 97792 ----a-w- c:\users\Jo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 97792 ----a-w- c:\users\Jo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2010-10-06 23:36 97792 ----a-w- c:\users\Jo\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]

@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"

[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]

2011-07-23 00:54 444752 ----a-w- c:\windows\System32\mscoree.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]

@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"

[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]

2011-07-23 00:54 444752 ----a-w- c:\windows\System32\mscoree.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-08-12 323072]

"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 617856]

"EeeStorageBackup"="c:\program files (x86)\ASUS\Asus WebStorage\BackupService.exe" [2009-08-25 947472]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

FF - ProfilePath - c:\users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\gvxux4al.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: network.proxy.type - 0

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Toolbar-Locked - (no file)

AddRemove-Asus_ULSeries_ScreenSaver - c:\windows\system32\Asus_ULSeries_ScreenSaver.scr

AddRemove-VirtualCloneDrive - d:\program files (x86)\VirtualCloneDrive\vcd-uninst.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]

@Denied: (A 2) (Everyone)

@="IFlashBroker3"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2011-08-02 08:36:06

ComboFix-quarantined-files.txt 2011-08-02 15:36

.

Pre-Run: 74,950,422,528 bytes free

Post-Run: 74,490,540,032 bytes free

.

- - End Of File - - E41265EAE5D5AC8DDB7E6ACCC7F247D8

==========================================================================================================================================

.

DDS (Ver_2011-06-23.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Jo at 8:39:15 on 2011-08-02

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4061.2151 [GMT -7:00]

.

AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\FBAgent.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

C:\Program Files\ATKGFNEX\GFNEXSrv.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

C:\Program Files\P4G\BatteryLife.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe

C:\Windows\SysWOW64\ACEngSvr.exe

C:\Program Files (x86)\Google\Update\1.3.21.57\GoogleCrashHandler.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe

D:\Program Files (x86)\xmarkssync.exe

C:\Program Files (x86)\Syncdocs\Syncdocs.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Jo\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\PowerMenu\PowerMenu.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\wuauclt.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

D:\Program Files (x86)\uTorrent.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Windows\system32\notepad.exe

D:\Program Files (x86)\MozillaThunderbird\thunderbird.exe

D:\Program Files (x86)\firefox.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - D:\Program Files (x86)\bin\jp2ssv.dll

BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

uRun: [EasyTether] "C:\Program Files (x86)\Mobile Stream\EasyTether\easytthr.exe"

uRun: [Xmarks] D:\Program Files (x86)\xmarkssync.exe -q

uRun: [syncDocs] C:\Program Files (x86)\Syncdocs\Syncdocs.exe

mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

mRun: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

StartupFolder: C:\Users\Jo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Jo\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\Jo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\POWERM~1.LNK - C:\Program Files (x86)\PowerMenu\PowerMenu.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files (x86)\DownloadPDF.exe

IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

TCP: DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{17B250F4-B001-4EED-BF6D-9FD0760B822E} : DhcpNameServer = 172.20.23.254

TCP: Interfaces\{BDBEB722-E9E4-430B-A278-A40794044C4C} : DhcpNameServer = 209.18.47.61 209.18.47.62

TCP: Interfaces\{BDBEB722-E9E4-430B-A278-A40794044C4C}\36C657 : DhcpNameServer = 199.107.196.47 199.107.196.38 4.2.2.1

TCP: Interfaces\{BDBEB722-E9E4-430B-A278-A40794044C4C}\A49627961637 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{BDBEB722-E9E4-430B-A278-A40794044C4C}\C416E6963702E4564777F627B6D27657563747 : DhcpNameServer = 68.105.28.12 68.105.29.12 68.105.28.11

TCP: Interfaces\{BDBEB722-E9E4-430B-A278-A40794044C4C}\D427E22456C6675646562756 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{BDBEB722-E9E4-430B-A278-A40794044C4C}\E4544574541425 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{C2D4846C-DFCC-4DCA-AF79-9B9CB75A368C} : DhcpNameServer = 8.8.8.8 8.8.4.4

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

AppInit_DLLs: C:\PROGRA~2\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

BHO-X64: Search Helper - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files (x86)\bin\jp2ssv.dll

BHO-X64: Google Gears Helper: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll

BHO-X64: Google Gears Helper - No File

BHO-X64: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB-X64: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

mRun-x64: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE-X64: {FB858B22-55E2-413f-87F5-30ADC5552151} - D:\Program Files (x86)\DownloadPDF.exe

IE-X64: {638F11AA-DF27-433b-BA2E-7281CE561D71} - D:\Program Files (x86)\xmarkssync.exe

AppInit_DLLs-X64: C:\PROGRA~2\Google\GOOGLE~2\GoogleDesktopNetwork3.dll

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\gvxux4al.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Jo\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Users\Jo\AppData\Roaming\Mozilla\Firefox\Profiles\gvxux4al.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\plugins\npietab2.dll

FF - plugin: C:\Users\Jo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Jo\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: D:\Program Files (x86)\bin\new_plugin\npdeployJava1.dll

FF - plugin: D:\Program Files (x86)\bin\new_plugin\npjp2.dll

FF - plugin: D:\Program Files (x86)\Picasa\Picasa3\npPicasa3.dll

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?]

R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2009-11-9 14904]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-7-14 42184]

R2 OberonGameConsoleService;Oberon Media Game Console service;C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe [2009-11-9 44312]

R3 easytether;easytether;C:\Windows\system32\DRIVERS\easytthr.sys --> C:\Windows\system32\DRIVERS\easytthr.sys [?]

R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-25 136176]

S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]

S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-8 533344]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-2-9 30192]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-25 136176]

S3 hcw72ADFilter;WinTV HVR-950 USB Audio Filter Driver;C:\Windows\system32\DRIVERS\hcw72ADFilter.sys --> C:\Windows\system32\DRIVERS\hcw72ADFilter.sys [?]

S3 hcw72ATV;WinTV HVR-950 NTSC;C:\Windows\system32\DRIVERS\hcw72ATV.sys --> C:\Windows\system32\DRIVERS\hcw72ATV.sys [?]

S3 hcw72DTV;WinTV HVR-950 ATSC/QAM;C:\Windows\system32\DRIVERS\hcw72DTV.sys --> C:\Windows\system32\DRIVERS\hcw72DTV.sys [?]

S3 pneteth;PdaNet Broadband;C:\Windows\system32\DRIVERS\pneteth.sys --> C:\Windows\system32\DRIVERS\pneteth.sys [?]

S3 pnetmdm;PdaNet Modem;C:\Windows\system32\DRIVERS\pnetmdm64.sys --> C:\Windows\system32\DRIVERS\pnetmdm64.sys [?]

S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?]

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2011-08-02 15:16:47 98816 ----a-w- C:\Windows\sed.exe

2011-08-02 15:16:47 518144 ----a-w- C:\Windows\SWREG.exe

2011-08-02 15:16:47 256000 ----a-w- C:\Windows\PEV.exe

2011-08-02 15:16:47 208896 ----a-w- C:\Windows\MBR.exe

2011-07-28 15:46:59 23112 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys

2011-07-28 15:45:54 -------- d-----w- C:\ProgramData\Hitman Pro

2011-07-27 02:00:04 -------- d-----w- C:\Users\Jo\AppData\Roaming\Malwarebytes

2011-07-27 01:59:56 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-27 01:59:55 -------- d-----w- C:\ProgramData\Malwarebytes

2011-07-27 01:59:51 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-07-27 01:59:51 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-07-23 23:38:10 -------- d-----w- C:\Windows\SysWow64\Wat

2011-07-23 23:38:10 -------- d-----w- C:\Windows\System32\Wat

2011-07-23 23:28:54 -------- d-----w- C:\Program Files\iPod

2011-07-23 23:28:53 -------- d-----w- C:\Program Files\iTunes

2011-07-23 23:25:21 -------- d-----w- C:\Program Files\Bonjour

2011-07-23 01:56:37 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2011-07-23 01:56:37 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2011-07-23 01:56:37 362496 ----a-w- C:\Windows\System32\wow64win.dll

2011-07-23 01:56:37 338944 ----a-w- C:\Windows\System32\conhost.exe

2011-07-23 01:56:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2011-07-23 01:56:37 243200 ----a-w- C:\Windows\System32\wow64.dll

2011-07-23 01:56:37 214528 ----a-w- C:\Windows\System32\winsrv.dll

2011-07-23 01:56:37 2048 ----a-w- C:\Windows\SysWow64\user.exe

2011-07-23 01:56:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2011-07-23 01:56:37 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2011-07-23 01:56:37 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2011-07-23 01:53:16 3134464 ----a-w- C:\Windows\System32\win32k.sys

2011-07-23 01:51:55 64512 ----a-w- C:\Windows\SysWow64\devobj.dll

2011-07-23 01:51:55 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll

2011-07-23 01:51:55 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll

2011-07-23 01:51:55 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe

2011-07-23 01:51:55 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll

2011-07-23 01:46:42 320512 ----a-w- C:\Windows\System32\d3d10_1core.dll

2011-07-23 01:46:42 218624 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2011-07-23 01:46:42 197120 ----a-w- C:\Windows\System32\d3d10_1.dll

2011-07-23 01:46:42 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2011-07-23 01:44:01 461312 ----a-w- C:\Windows\System32\drivers\srv.sys

2011-07-23 01:44:01 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys

2011-07-23 01:44:01 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2011-07-23 01:43:04 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys

2011-07-23 01:42:09 499712 ----a-w- C:\Windows\System32\drivers\afd.sys

2011-07-23 01:42:09 1896832 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2011-07-23 01:41:03 861184 ----a-w- C:\Windows\System32\oleaut32.dll

2011-07-23 01:41:03 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-07-23 01:37:29 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

2011-07-23 01:37:29 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2011-07-23 01:37:29 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2011-07-23 01:36:33 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2011-07-23 01:36:33 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll

2011-07-23 01:35:37 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys

2011-07-23 01:35:04 142336 ----a-w- C:\Windows\System32\poqexec.exe

2011-07-23 01:35:04 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe

2011-07-23 01:33:54 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe

2011-07-23 01:33:54 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2011-07-23 01:33:54 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2011-07-23 01:32:46 662528 ----a-w- C:\Windows\System32\XpsPrint.dll

2011-07-23 01:32:46 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll

2011-07-23 01:29:49 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe

2011-07-23 01:29:49 31232 ----a-w- C:\Windows\System32\prevhost.exe

2011-07-23 01:28:55 2870272 ----a-w- C:\Windows\explorer.exe

2011-07-23 01:28:55 2614784 ----a-w- C:\Windows\SysWow64\explorer.exe

2011-07-23 01:27:59 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe

2011-07-23 01:27:59 28672 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe

2011-07-23 01:27:59 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll

2011-07-23 01:26:58 46080 ----a-w- C:\Windows\System32\atmlib.dll

2011-07-23 01:26:58 367104 ----a-w- C:\Windows\System32\atmfd.dll

2011-07-23 01:26:58 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2011-07-23 01:26:58 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll

2011-07-23 01:25:15 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe

2011-07-23 01:24:18 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys

2011-07-23 01:23:04 1395712 ----a-w- C:\Windows\System32\mfc42.dll

2011-07-23 01:23:04 1359872 ----a-w- C:\Windows\System32\mfc42u.dll

2011-07-23 01:23:04 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll

2011-07-23 01:23:04 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll

2011-07-23 01:22:05 640896 ----a-w- C:\Windows\System32\winload.efi

2011-07-23 01:22:05 603976 ----a-w- C:\Windows\System32\winload.exe

2011-07-23 01:22:05 556928 ----a-w- C:\Windows\System32\winresume.efi

2011-07-23 01:22:05 518160 ----a-w- C:\Windows\System32\winresume.exe

2011-07-23 01:22:05 20352 ----a-w- C:\Windows\System32\kdusb.dll

2011-07-23 01:22:05 19328 ----a-w- C:\Windows\System32\kd1394.dll

2011-07-23 01:22:05 17792 ----a-w- C:\Windows\System32\kdcom.dll

2011-07-23 01:21:00 476160 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2011-07-23 01:21:00 288256 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll

2011-07-23 01:20:05 902656 ----a-w- C:\Windows\System32\d2d1.dll

2011-07-23 01:20:05 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll

2011-07-23 01:20:05 1544192 ----a-w- C:\Windows\System32\DWrite.dll

2011-07-23 01:20:05 1139200 ----a-w- C:\Windows\System32\FntCache.dll

2011-07-23 01:20:05 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll

2011-07-23 01:19:12 3138048 ----a-w- C:\Windows\System32\mstscax.dll

2011-07-23 01:19:12 2690560 ----a-w- C:\Windows\SysWow64\mstscax.dll

2011-07-23 01:19:12 1097216 ----a-w- C:\Windows\System32\mstsc.exe

2011-07-23 01:19:12 1034240 ----a-w- C:\Windows\SysWow64\mstsc.exe

2011-07-23 01:18:20 961024 ----a-w- C:\Windows\System32\CPFilters.dll

2011-07-23 01:18:20 850432 ----a-w- C:\Windows\SysWow64\sbe.dll

2011-07-23 01:18:20 723968 ----a-w- C:\Windows\System32\EncDec.dll

2011-07-23 01:18:20 642048 ----a-w- C:\Windows\SysWow64\CPFilters.dll

2011-07-23 01:18:20 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll

2011-07-23 01:18:20 259072 ----a-w- C:\Windows\System32\mpg2splt.ax

2011-07-23 01:18:20 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax

2011-07-23 01:18:20 1118720 ----a-w- C:\Windows\System32\sbe.dll

2011-07-23 01:17:14 1739176 ----a-w- C:\Windows\System32\ntdll.dll

2011-07-23 01:17:14 1293120 ----a-w- C:\Windows\SysWow64\ntdll.dll

2011-07-23 01:14:27 367104 ----a-w- C:\Windows\System32\wcncsvc.dll

2011-07-23 01:14:27 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll

2011-07-23 01:12:02 714752 ----a-w- C:\Windows\System32\kerberos.dll

2011-07-23 01:12:02 541184 ----a-w- C:\Windows\SysWow64\kerberos.dll

2011-07-23 01:11:13 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll

2011-07-23 01:11:13 720896 ----a-w- C:\Windows\System32\odbc32.dll

2011-07-23 01:11:13 573440 ----a-w- C:\Windows\SysWow64\odbc32.dll

2011-07-23 01:11:13 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll

2011-07-23 01:11:13 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll

2011-07-23 01:11:13 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll

2011-07-23 01:11:13 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll

2011-07-23 01:11:13 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll

2011-07-23 01:11:13 208896 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll

2011-07-23 01:11:13 1425408 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll

2011-07-23 01:09:54 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2011-07-23 01:09:54 2048 ----a-w- C:\Windows\System32\tzres.dll

2011-07-23 01:09:02 148992 ----a-w- C:\Windows\System32\t2embed.dll

2011-07-23 01:09:02 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll

2011-07-23 01:08:22 4582912 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe

2011-07-23 01:08:22 4247040 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe

2011-07-23 01:08:22 2085376 ----a-w- C:\Windows\System32\ole32.dll

2011-07-23 01:08:22 1413632 ----a-w- C:\Windows\SysWow64\ole32.dll

2011-07-23 01:07:36 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll

2011-07-23 01:07:36 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll

2011-07-23 01:06:50 633856 ----a-w- C:\Windows\System32\comctl32.dll

2011-07-23 01:06:50 530432 ----a-w- C:\Windows\SysWow64\comctl32.dll

2011-07-23 01:06:11 738816 ----a-w- C:\Windows\SysWow64\wmpmde.dll

2011-07-23 01:06:11 1024512 ----a-w- C:\Windows\System32\wmpmde.dll

2011-07-23 01:05:29 340992 ----a-w- C:\Windows\System32\schannel.dll

2011-07-23 01:05:29 224256 ----a-w- C:\Windows\SysWow64\schannel.dll

2011-07-23 01:04:52 112000 ----a-w- C:\Windows\System32\consent.exe

2011-07-23 01:04:15 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe

2011-07-23 01:04:15 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe

2011-07-23 01:04:15 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll

2011-07-23 01:03:31 395776 ----a-w- C:\Windows\System32\webio.dll

2011-07-23 01:03:31 314368 ----a-w- C:\Windows\SysWow64\webio.dll

2011-07-23 01:02:40 524288 ----a-w- C:\Windows\System32\wmicmiplugin.dll

2011-07-23 01:02:40 496128 ----a-w- C:\Windows\SysWow64\taskschd.dll

2011-07-23 01:02:40 473600 ----a-w- C:\Windows\System32\taskcomp.dll

2011-07-23 01:02:40 464384 ----a-w- C:\Windows\System32\taskeng.exe

2011-07-23 01:02:40 305152 ----a-w- C:\Windows\SysWow64\taskcomp.dll

2011-07-23 01:02:40 285696 ----a-w- C:\Windows\System32\schtasks.exe

2011-07-23 01:02:40 192000 ----a-w- C:\Windows\SysWow64\taskeng.exe

2011-07-23 01:02:40 179712 ----a-w- C:\Windows\SysWow64\schtasks.exe

2011-07-23 01:02:40 1169408 ----a-w- C:\Windows\System32\taskschd.dll

2011-07-23 01:02:40 1114624 ----a-w- C:\Windows\System32\schedsvc.dll

2011-07-23 01:00:44 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe

2011-07-23 01:00:44 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

2011-07-23 01:00:44 12625920 ----a-w- C:\Windows\System32\wmploc.DLL

2011-07-23 01:00:44 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL

2011-07-23 00:59:52 9728 ----a-w- C:\Windows\SysWow64\sscore.dll

2011-07-23 00:59:52 236032 ----a-w- C:\Windows\System32\srvsvc.dll

2011-07-23 00:59:07 483840 ----a-w- C:\Windows\System32\StructuredQuery.dll

2011-07-23 00:59:07 363520 ----a-w- C:\Windows\SysWow64\StructuredQuery.dll

2011-07-23 00:58:27 243712 ----a-w- C:\Windows\System32\drivers\ks.sys

2011-07-23 00:58:27 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys

2011-07-23 00:57:48 558592 ----a-w- C:\Windows\System32\spoolsv.exe

2011-07-23 00:56:24 52224 ----a-w- C:\Windows\System32\rtutils.dll

2011-07-23 00:56:24 37376 ----a-w- C:\Windows\SysWow64\rtutils.dll

2011-07-23 00:55:45 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll

2011-07-23 00:54:34 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll

2011-07-23 00:54:34 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll

2011-07-23 00:54:34 48960 ----a-w- C:\Windows\System32\netfxperf.dll

2011-07-23 00:54:34 444752 ----a-w- C:\Windows\System32\mscoree.dll

2011-07-23 00:54:34 320352 ----a-w- C:\Windows\System32\PresentationHost.exe

2011-07-23 00:54:34 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll

2011-07-23 00:54:34 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe

2011-07-23 00:54:34 1942856 ----a-w- C:\Windows\System32\dfshim.dll

2011-07-23 00:54:34 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll

2011-07-23 00:54:34 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll

2011-07-23 00:53:11 84992 ----a-w- C:\Windows\System32\asycfilt.dll

2011-07-23 00:53:11 67584 ----a-w- C:\Windows\SysWow64\asycfilt.dll

2011-07-23 00:52:45 2080256 ----a-w- C:\Program Files\Windows Mail\msoe.dll

2011-07-23 00:52:45 1619968 ----a-w- C:\Program Files (x86)\Windows Mail\msoe.dll

2011-07-23 00:52:13 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2011-07-23 00:52:13 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2011-07-23 00:52:13 153160 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2011-07-23 00:52:13 1446912 ----a-w- C:\Windows\System32\lsasrv.dll

2011-07-23 00:50:58 91648 ----a-w- C:\Windows\SysWow64\avifil32.dll

2011-07-23 00:49:42 1975296 ----a-w- C:\Windows\System32\CertEnroll.dll

2011-07-23 00:49:42 1320960 ----a-w- C:\Windows\SysWow64\CertEnroll.dll

2011-07-22 18:58:02 66048 --sha-r- C:\Windows\SysWow64\drtprovc.dll

2011-07-22 18:45:44 8873296 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{28C75F9C-4D66-4DC7-8678-3E674C65ACBE}\mpengine.dll

2011-07-12 18:34:00 96104 ----a-w- C:\Windows\System32\dns-sd.exe

2011-07-12 18:34:00 85864 ----a-w- C:\Windows\System32\dnssd.dll

2011-07-12 18:34:00 61288 ----a-w- C:\Windows\System32\jdns_sd.dll

2011-07-12 18:34:00 212840 ----a-w- C:\Windows\System32\dnssdX.dll

2011-07-12 18:20:54 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe

2011-07-12 18:20:54 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll

2011-07-12 18:20:54 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll

2011-07-12 18:20:54 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll

.

==================== Find3M ====================

.

2011-07-23 01:56:37 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2011-07-23 01:50:42 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe

2011-07-23 01:45:25 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-07-23 01:45:24 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-07-23 01:45:24 2303488 ----a-w- C:\Windows\System32\jscript9.dll

2011-07-23 01:45:24 1797632 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-07-23 01:30:54 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2011-07-23 01:30:54 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2011-07-23 00:51:50 223448 ----a-w- C:\Windows\System32\drivers\fvevol.sys

2011-07-23 00:50:58 84480 ----a-w- C:\Windows\SysWow64\mciavi32.dll

2011-07-16 15:03:29 45056 ----a-w- C:\Windows\System32\acovcnt.exe

2011-07-04 11:43:53 40112 ----a-w- C:\Windows\avastSS.scr

2011-07-04 11:36:56 600920 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2011-07-04 11:32:24 64856 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2011-05-25 02:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe

.

============= FINISH: 8:40:16.90 ===============

Link to post
Share on other sites

  • Staff

Hi,

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  8. Copy and paste that log as a reply to this topic

Next, download my Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites

So far I don't see any problems any more. My Windows Security seems to be working appropriately and google search is normal. Hopefully the issue has been fully resolved. Thank you for all your help!

ESETSmartInstaller@High as CAB hook log:

OnlineScanner64.ocx - registred OK

OnlineScanner.ocx - registred OK

===================================================================

Results of screen317's Security Check version 0.99.18

Windows 7 (UAC is enabled)

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

avast! Free Antivirus

ESET Online Scanner v3

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Flash Player Out of Date!

Adobe Flash Player 10.0.32.18

Mozilla Firefox (x86 en-US..)

Mozilla Thunderbird (3.1.10) Thunderbird Out of Date!

````````````````````````````````

Process Check:

objlist.exe by Laurent

system32 AvastSvc.exe -?-

``````````End of Log````````````

Link to post
Share on other sites

  • Staff

Hi,

Great!

Navigate to Start --> Run, and type Combofix /uninstall in the box that appears. Click OK afterward. Notice the space between the X and the /uninstall

This uninstalls all of ComboFix's components.

Delete SecurityCheck.

After that, navigate to Start --> Control Panel --> Add or Remove Programs, and uninstall the following program (if present):

ESET Online Scanner v3

Adobe Flash Player 10.0.32.18

Restart your computer.

Get the latest version of Adobe Flash Player.

Also update your version of Thunderbird. Reboot.

Let me know what issues remain.

-screen317

Link to post
Share on other sites

  • Staff

Great!

I highly recommend the PRO version of MBAM; with it, it's likely that this issue would have been prevented in the first place.

Now that your computer seems to be in proper working order, please take the following steps to help prevent reinfection:

1) Download and install Javacool's SpywareBlaster, which will prevent malware from being installed on your computer. A tutorial on it can be found here.

2) Go to Windows Update frequently to get all of the latest updates (security or otherwise) for Windows.

3) Make sure your programs are up to date! Older versions may contain security risks. To find out what programs need to be updated, please run Secunia's Software Inspector.

4) WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

  • Green to go
  • Yellow for caution
  • Red to stop

WOT has an addon available for both Firefox and IE.

5) Be sure to update your Antivirus and Antispyware programs often!

Finally, please also take the time to read Tony Klein's excellent article on: So How Did I Get Infected in the First Place?

Safe surfing,

-screen317

Link to post
Share on other sites

  • 2 weeks later...
  • Staff

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.