ComboFix 13-08-22.01 - Kev 24/08/2013  14:02:50.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.65.1033.18.4061.2453 [GMT 8:00]
Running from: c:\users\Kev\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\Local Settings\Temp
c:\users\Kev\AppData\Local\Microsoft\Windows\Temporary Internet Files\{985A4AF8-C323-4B03-9AE2-C0D1D711DBBC}.xps
c:\users\Kev\AppData\Roaming\433
c:\users\Kev\AppData\Roaming\Microsoft\Installer\Update.exe
c:\users\Kev\AppData\Roaming\update.exe
c:\users\Kev\AppData\Roaming\windows
c:\users\Kev\AppData\Roaming\windows\pcEamB.exe
c:\windows\Install
c:\windows\Install\Officeupdate
c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
c:\windows\SysWow64\404Fix.exe
c:\windows\SysWow64\dumphive.exe
c:\windows\SysWow64\funshion.ini
c:\windows\SysWow64\IEDFix.C.exe
c:\windows\SysWow64\IEDFix.exe
c:\windows\SysWow64\o4Patch.exe
c:\windows\SysWow64\Process.exe
c:\windows\SysWow64\SrchSTS.exe
c:\windows\SysWow64\tmp.reg
c:\windows\SysWow64\VACFix.exe
c:\windows\SysWow64\VCCLSID.exe
c:\windows\SysWow64\WS2Fix.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-07-24 to 2013-08-24  )))))))))))))))))))))))))))))))
.
.
2013-08-24 19:59 . 2013-08-24 13:28	--------	d-----w-	C:\bd_logs
2013-08-24 19:25 . 2013-08-24 19:34	--------	d---a-w-	C:\Kaspersky Rescue Disk 10.0
2013-08-24 09:38 . 2010-04-29 07:39	38224	----a-w-	c:\windows\SysWow64\drivers\mbamswissarmy.sys
2013-08-24 09:38 . 2010-04-29 07:39	20952	----a-w-	c:\windows\SysWow64\drivers\mbam.sys
2013-08-24 06:15 . 2013-08-24 06:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-08-24 01:37 . 2013-08-06 08:58	9515512	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F2F355B6-4CA9-402C-BD83-D2853C6A26FC}\mpengine.dll
2013-08-23 18:59 . 2013-08-06 08:58	9515512	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-23 02:15 . 2013-08-23 02:29	--------	d-----w-	c:\programdata\SpeedBit
2013-08-23 02:13 . 2013-08-23 02:13	--------	d-----w-	c:\program files (x86)\Common Files\SpeedBit
2013-08-22 15:45 . 2013-08-11 00:59	941720	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-08-22 15:45 . 2013-08-22 15:44	941720	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2CB6592B-93D6-4411-99EE-D98395A6DFAA}\gapaengine.dll
2013-08-21 10:06 . 2013-08-21 10:06	--------	d-----w-	c:\programdata\Malwarebytes
2013-08-21 00:26 . 2013-08-21 00:26	--------	d-----w-	c:\windows\PCHEALTH
2013-08-21 00:14 . 2013-08-21 00:14	--------	d-----w-	c:\program files (x86)\Microsoft Analysis Services
2013-08-20 11:19 . 2013-08-20 11:24	--------	d-----w-	c:\program files\KMSpico
2013-08-20 11:19 . 2013-08-24 06:11	--------	d-----w-	c:\programdata\Local Settings
2013-08-20 11:17 . 2013-08-20 11:17	268896	----a-w-	c:\windows\system32\drivers\BazisPortableCDBus.sys
2013-08-20 10:29 . 2013-08-20 11:33	--------	d-----w-	c:\program files (x86)\Microsoft Office 2013
2013-08-20 10:04 . 2013-08-20 10:04	--------	d-----w-	C:\downloads
2013-08-17 10:04 . 2013-08-22 13:06	--------	d-----w-	c:\users\Public\Fundata
2013-08-17 01:17 . 2007-05-16 08:45	506728	----a-w-	c:\windows\system32\d3dx10_34.dll
2013-08-17 01:12 . 2013-08-17 01:16	--------	d--h--w-	c:\windows\msdownld.tmp
2013-08-14 08:09 . 2013-07-26 05:12	53760	----a-w-	c:\windows\system32\jsproxy.dll
2013-08-14 08:09 . 2013-07-26 03:13	1767936	----a-w-	c:\windows\SysWow64\wininet.dll
2013-08-14 08:09 . 2013-07-26 05:13	2241024	----a-w-	c:\windows\system32\wininet.dll
2013-08-14 08:09 . 2013-07-26 05:12	15405056	----a-w-	c:\windows\system32\ieframe.dll
2013-08-14 08:09 . 2013-07-26 05:12	19239424	----a-w-	c:\windows\system32\mshtml.dll
2013-08-11 10:07 . 2013-04-17 07:02	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2013-08-11 10:07 . 2013-04-17 06:24	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2013-08-11 10:02 . 2013-04-09 23:34	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2013-08-11 10:02 . 2013-04-02 22:51	1643520	----a-w-	c:\windows\system32\DWrite.dll
2013-08-11 05:39 . 2012-08-23 15:09	3072	----a-w-	c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2013-08-11 05:22 . 2013-01-04 06:11	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2013-08-11 05:18 . 2013-05-27 05:50	1011712	----a-w-	c:\program files\Windows Defender\MpSvc.dll
2013-08-11 05:17 . 2013-02-27 05:52	14172672	----a-w-	c:\windows\system32\shell32.dll
2013-08-11 05:16 . 2013-05-10 05:49	30720	----a-w-	c:\windows\system32\cryptdlg.dll
2013-08-11 05:15 . 2013-05-13 05:50	52224	----a-w-	c:\windows\system32\certenc.dll
2013-08-11 05:15 . 2013-05-13 03:08	43008	----a-w-	c:\windows\SysWow64\certenc.dll
2013-08-11 05:05 . 2013-04-25 23:30	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2013-08-11 05:05 . 2013-03-31 22:52	1887232	----a-w-	c:\windows\system32\d3d11.dll
2013-08-11 03:01 . 2013-08-20 08:55	--------	d-----w-	C:\_acestream_cache_
2013-08-11 02:00 . 2013-08-11 02:00	--------	d-----w-	c:\windows\system32\SPReview
2013-08-11 01:26 . 2013-08-11 01:26	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2013-08-11 01:16 . 2013-08-11 04:34	--------	d-----w-	c:\program files\Microsoft Silverlight
2013-08-11 01:16 . 2013-08-11 04:34	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2013-08-11 00:51 . 2013-08-11 00:51	--------	d-----w-	c:\users\Default\AppData\Local\Microsoft Help
2013-08-10 14:07 . 2013-08-10 14:07	--------	d-----w-	c:\windows\system32\EventProviders
2013-08-10 13:36 . 2013-08-10 13:36	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2013-08-10 13:36 . 2013-08-10 13:36	--------	d-----w-	c:\program files\Microsoft Security Client
2013-08-10 12:57 . 2010-11-20 13:27	750080	----a-w-	c:\windows\system32\TSWorkspace.dll
2013-08-10 12:56 . 2010-11-20 13:14	7680	----a-w-	c:\windows\system32\spwizres.dll
2013-08-10 12:55 . 2010-11-20 13:27	529408	----a-w-	c:\windows\system32\wbemcomn.dll
2013-08-10 12:55 . 2010-11-20 13:27	244736	----a-w-	c:\program files\Windows Portable Devices\sqmapi.dll
2013-08-10 12:55 . 2010-11-20 13:27	244736	----a-w-	c:\windows\system32\sqmapi.dll
2013-08-10 11:38 . 2012-07-06 20:07	552960	----a-w-	c:\windows\system32\drivers\bthport.sys
2013-08-10 11:38 . 2011-04-28 03:54	80384	----a-w-	c:\windows\system32\drivers\BTHUSB.SYS
2013-08-10 11:38 . 2010-11-20 13:24	229376	----a-w-	c:\windows\system32\fsquirt.exe
2013-08-10 11:37 . 2011-03-25 03:29	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2013-08-10 11:37 . 2011-03-25 03:29	98816	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2013-08-10 11:37 . 2011-03-25 03:29	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2013-08-10 11:37 . 2011-03-25 03:29	52736	----a-w-	c:\windows\system32\drivers\usbehci.sys
2013-08-10 11:37 . 2011-03-25 03:29	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2013-08-10 11:37 . 2011-03-25 03:29	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2013-08-10 11:37 . 2011-03-25 03:28	7936	----a-w-	c:\windows\system32\drivers\usbd.sys
2013-08-10 10:24 . 2013-08-21 00:19	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2013-08-10 10:22 . 2013-08-21 00:14	--------	d-----w-	c:\program files\Microsoft Office
2013-08-10 10:21 . 2013-08-10 10:21	--------	d-----r-	C:\MSOCache
2013-08-10 10:02 . 2013-08-10 10:02	--------	d-----w-	c:\windows\SysWow64\Wat
2013-08-10 10:02 . 2013-08-10 10:02	--------	d-----w-	c:\windows\system32\Wat
2013-08-10 09:08 . 2013-08-10 09:08	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2013-08-10 09:08 . 2013-08-10 09:08	--------	d-----r-	c:\program files (x86)\Skype
2013-08-10 09:05 . 2013-08-10 09:05	--------	d-----w-	c:\programdata\Garena
2013-08-10 08:51 . 2013-08-10 08:51	--------	d-----w-	c:\program files\WinRAR
2013-08-10 08:42 . 2013-08-23 12:49	--------	d-----w-	c:\program files (x86)\Garena Plus
2013-08-10 08:41 . 2013-08-10 08:41	--------	d-----w-	c:\program files (x86)\VideoLAN
2013-08-10 08:36 . 2013-08-10 08:36	--------	d-----w-	c:\program files (x86)\TeamViewer
2013-08-10 08:15 . 2013-08-10 08:15	--------	d-----w-	c:\program files (x86)\Funshion Online
2013-08-10 08:12 . 2013-08-10 08:12	--------	d-----w-	c:\program files (x86)\WinPcap
2013-08-10 08:06 . 2013-08-10 09:08	--------	d-----w-	c:\programdata\Skype
2013-08-10 08:02 . 2013-08-23 01:47	--------	d-----w-	c:\programdata\Microsoft Help
2013-08-10 07:53 . 2013-08-10 07:53	--------	d-----w-	c:\program files (x86)\Notepad++
2013-08-10 07:52 . 2013-08-14 08:03	--------	d-----w-	c:\windows\system32\MRT
2013-08-10 07:50 . 2013-08-10 07:50	--------	d-----w-	c:\program files\NVIDIA Corporation
2013-08-10 07:47 . 2012-07-04 22:16	73216	----a-w-	c:\windows\system32\netapi32.dll
2013-08-10 07:47 . 2012-07-04 22:13	136704	----a-w-	c:\windows\system32\browser.dll
2013-08-10 07:47 . 2012-07-04 22:13	59392	----a-w-	c:\windows\system32\browcli.dll
2013-08-10 07:47 . 2012-07-04 21:14	41984	----a-w-	c:\windows\SysWow64\browcli.dll
2013-08-10 07:46 . 2013-01-24 06:01	223752	----a-w-	c:\windows\system32\drivers\fvevol.sys
2013-08-10 07:44 . 2013-08-10 07:44	--------	d-----w-	c:\windows\Sun
2013-08-10 06:27 . 2009-06-05 10:16	42176	----a-w-	c:\windows\system32\drivers\sncduvc.sys
2013-08-10 06:27 . 2009-06-05 10:16	1806400	----a-w-	c:\windows\system32\drivers\snp2uvc.sys
2013-08-10 06:27 . 2009-06-05 10:16	19008	----a-w-	c:\windows\DrvInst.exe
2013-08-10 06:27 . 2009-05-27 07:41	2266	----a-w-	c:\windows\Uninstvga.bat
2013-08-10 06:27 . 2009-02-02 01:57	2008	----a-w-	c:\windows\Uninstsxga.bat
2013-08-10 06:27 . 2008-06-25 11:00	1682	----a-w-	c:\windows\Uninstuxga.bat
2013-08-10 06:27 . 2008-03-21 13:44	384	----a-w-	c:\windows\Uninstvga.reg
2013-08-10 06:27 . 2008-03-21 13:44	386	----a-w-	c:\windows\Uninstsxga.reg
2013-08-10 06:27 . 2008-03-21 13:38	386	----a-w-	c:\windows\Uninstuxga.reg
2013-08-10 06:25 . 2009-09-19 10:53	1048576	---h--r-	C:\UL80VT.BIN
2013-08-10 06:25 . 2009-07-20 09:29	15416	----a-w-	c:\windows\system32\drivers\kbfiltr.sys
2013-08-10 06:25 . 2009-05-13 01:07	15928	----a-w-	c:\windows\system32\drivers\ATK64AMD.sys
2013-08-10 06:05 . 2012-07-26 05:39	2560	----a-w-	c:\windows\system32\drivers\tr-TR\wdf01000.sys.mui
2013-08-10 06:05 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2013-08-10 06:05 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2013-08-10 06:05 . 2012-07-26 04:47	2560	----a-w-	c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-08-10 06:05 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2013-08-10 05:56 . 2013-08-09 15:03	824	----a-w-	c:\windows\system32\drivers\etc\tmvsthfud.bin
2013-08-10 05:56 . 2013-08-09 15:02	824	----a-w-	c:\windows\system32\drivers\etc\tmvsthfss.bin
2013-08-10 05:53 . 2013-08-10 05:53	--------	d-----w-	c:\program files (x86)\Common Files\Adobe AIR
2013-08-10 05:53 . 2013-08-10 08:44	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2013-08-10 05:53 . 2013-08-09 15:23	--------	d-----w-	c:\windows\SysWow64\ASUS_UL_Series_Screensaver dir
2013-08-10 05:53 . 2013-08-10 05:53	--------	d-----w-	c:\windows\SysWow64\Macromed
2013-08-10 05:53 . 2013-08-10 05:53	3058304	----a-w-	c:\windows\AsScrPro.exe
2013-08-10 05:52 . 2013-08-10 05:52	--------	d-----w-	c:\programdata\P4G
2013-08-10 05:52 . 2013-08-10 05:52	--------	d-----w-	c:\program files\P4G
2013-08-10 05:51 . 2013-08-09 15:26	--------	d-----w-	c:\program files (x86)\Downloaded Installations
2013-08-10 05:50 . 2013-08-10 05:50	--------	d-----w-	c:\program files\ATKGFNEX
2013-08-10 05:49 . 2013-08-10 05:49	--------	d-----w-	c:\program files\WIDCOMM
2013-08-10 05:49 . 2013-08-10 05:49	--------	d-----w-	c:\program files (x86)\Atheros
2013-08-10 05:49 . 2011-05-20 02:48	1582080	----a-w-	c:\windows\system32\athrx.sys
2013-08-10 05:48 . 2013-08-10 05:49	--------	d-----w-	c:\programdata\Atheros
2013-08-10 05:48 . 2013-08-09 15:16	--------	d-----w-	c:\program files\Elantech
2013-08-10 05:48 . 2013-08-10 05:48	--------	d-----w-	c:\programdata\AmUStor
2013-08-10 05:48 . 2013-08-10 05:48	--------	d-----w-	c:\program files (x86)\AmIcoSingLun
2013-08-10 05:48 . 2013-08-09 15:36	--------	d-----w-	c:\windows\SysWow64\Atheros_L1e
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-11 02:54 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2013-08-11 02:54 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2013-08-10 10:15 . 2013-03-11 03:00	3880960	----a-w-	c:\windows\system32\drivers\athrx.sys
2013-08-10 02:33 . 2012-05-30 05:42	569152	----a-w-	c:\windows\system32\drivers\iaStor.sys
2013-07-09 04:45 . 2013-08-14 07:01	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-07-08 07:18 . 2013-07-08 07:18	91264	----a-w-	c:\windows\SysWow64\EasyHook32.dll
2013-06-18 13:50 . 2013-06-18 13:50	247216	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2013-06-18 13:50 . 2013-06-18 13:50	139616	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-07-25 20684656]
"GarenaPlus"="c:\program files (x86)\Garena Plus\GarenaMessenger.exe" [2013-08-23 9740080]
"MusicManager"="c:\users\Kev\AppData\Local\Programs\Google\MusicManager\MusicManager.exe" [2013-06-20 7345664]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-08-20 170624]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-11-30 56128]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2013-08-10 3058304]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-11 253816]
.
c:\users\Kev\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CloudStation.lnk - c:\users\Kev\AppData\Local\CloudStation\bin\cloud.exe [2013-4-12 2998144]
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2013-1-8 228448]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 FunshionSvr;FSServicePlatform;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys;c:\program files\ATKGFNEX\ASMMAP64.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
FunshionServiceTools	REG_MULTI_SZ   	FunshionSvr
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-08-23 01:45	1177552	----a-w-	c:\program files (x86)\Google\Chrome\Application\29.0.1547.57\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-09 16:25]
.
2013-08-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-09 16:25]
.
2013-08-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-879918844-1026431189-592061858-1000Core.job
- c:\users\Kev\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-10 08:06]
.
2013-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-879918844-1026431189-592061858-1000UA.job
- c:\users\Kev\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-10 08:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01UnsuppModule]
@="{AEB16659-2125-4ADA-A4AB-45EE21E86469}"
[HKEY_CLASSES_ROOT\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}]
2013-04-12 11:40	2327552	----a-w-	c:\users\Kev\AppData\Local\CloudStation\iconoverlay_v2\IconOverlayDLLs_x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02SyncingModule]
@="{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}"
[HKEY_CLASSES_ROOT\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}]
2013-04-12 11:40	2327552	----a-w-	c:\users\Kev\AppData\Local\CloudStation\iconoverlay_v2\IconOverlayDLLs_x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03SyncedModule]
@="{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}"
[HKEY_CLASSES_ROOT\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}]
2013-04-12 11:40	2327552	----a-w-	c:\users\Kev\AppData\Local\CloudStation\iconoverlay_v2\IconOverlayDLLs_x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\FunOverlay]
@="{A5662DF9-0C2E-4A56-9FE1-BACFF6966D88}"
[HKEY_CLASSES_ROOT\CLSID\{A5662DF9-0C2E-4A56-9FE1-BACFF6966D88}]
2013-08-16 07:41	233096	----a-w-	c:\users\Public\Fundata\FunSeed64V237.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-07-30 617856]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-05 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-05 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-05 365592]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-06-20 1356240]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2000-01-01 13425224]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 202.65.242.50 202.65.242.46
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-NERcLK - c:\users\Kev\AppData\Roaming\windows\pcEamB.exe
Wow6432Node-HKCU-Run-Win Update Service - c:\users\Kev\AppData\Roaming\Microsoft\Installer\Install.exe
Wow6432Node-HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
Wow6432Node-HKLM-Explorer_Run-60699 - c:\progra~3\LOCALS~1\Temp\mswwoyk.com
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe /f=srs_premium_sound_nopreset.zip /h
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-08-24  14:30:28
ComboFix-quarantined-files.txt  2013-08-24 06:30
.
Pre-Run: 197,618,298,880 bytes free
Post-Run: 198,140,076,032 bytes free
.
- - End Of File - - 3E9B46CC1322A6DEF911282B9CC45315
A36C5E4F47E84449FF07ED3517B43A31