HKLM\.\Run: => c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) HKLM\.\Run: => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) (If an entry is included in the fixlist, the registry item will be restored to default or removed. (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmmon32.exe (Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe (Microsoft Corporation) C:\Windows\SysWOW64\systray.exe (Microsoft Corporation) C:\Windows\SysWOW64\wiaacmgr.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhst3g.exe (Microsoft Corporation) C:\Windows\SysWOW64\dvdupgrd.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (AltiGen) C:\Program Files (x86)\AltiGen\MaxCommunicator\MaxCommunicator.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Adobe Systems Incorporated) C:\Config.Msi\313ed9.rbf (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PrivacyIconClient.exe (Mozy, Inc.) C:\Program Files\MozyPro\mozyprobackup.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (Mozy, Inc.) C:\Program Files\MozyPro\mozyprostat.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe (DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Hewlett-Packard Company) C:\Windows\SysWOW64\flcdlock.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe (DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (If an entry is included in the fixlist, the process will be closed. Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States) Loaded Profile: stat011 (Available profiles: stat011) Scan result of Farbar Recovery Scan Tool (FRST.txt) (圆4) Version: 11-12-2014 01 Can you please help? Here are the Farbar results: I continuously get the block access message above, and a scan turns up the Powessere Trojan.
0 Comments
Leave a Reply. |