Jump to content

Whitespace

Members
  • Posts

    8
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I see. Thank you for your help and explanation.
  2. These are the logs from the last three days. 23/9/2013 2013/09/23 00:08:44 +0800 HP-HP gfdghhshdhfg IP-BLOCK 210.205.6.66 (Type: incoming, Port: 5994, Process: svchost.exe)2013/09/23 00:12:45 +0800 HP-HP gfdghhshdhfg IP-BLOCK 89.248.168.224 (Type: incoming, Port: 123, Process: svchost.exe)2013/09/23 00:12:45 +0800 HP-HP gfdghhshdhfg IP-BLOCK 89.248.168.224 (Type: incoming, Port: 123, Process: svchost.exe)2013/09/23 00:12:45 +0800 HP-HP gfdghhshdhfg IP-BLOCK 89.248.168.224 (Type: incoming, Port: 123, Process: svchost.exe)2013/09/23 01:06:51 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.246 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 08:17:00 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/23 08:17:00 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/23 08:28:35 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 08:48:35 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.88 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 09:38:54 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 09:38:54 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 10:02:44 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 10:47:31 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.69 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/23 10:47:32 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.69 (Type: incoming, Port: 1174, Process: svchost.exe)2013/09/23 11:02:51 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.233 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/23 11:26:47 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.239 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/23 11:38:43 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 11:38:43 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 12:14:31 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/23 12:14:33 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/23 13:01:45 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/23 14:00:16 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 14:36:08 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.233 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/23 15:11:30 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.239 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 15:58:15 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 16:33:31 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/23 18:32:33 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/23 18:44:41 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 18:45:45 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.57 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 18:45:45 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.57 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/23 19:49:07 +0800 HP-HP gfdghhshdhfg IP-BLOCK 94.102.51.196 (Type: incoming, Port: 19, Process: svchost.exe)2013/09/23 20:01:12 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 20:01:12 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 20:14:30 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/23 20:22:15 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.11.211 (Type: incoming, Port: 1433, Process: svchost.exe)2013/09/23 20:22:16 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.11.211 (Type: incoming, Port: 1433, Process: svchost.exe)2013/09/23 20:30:19 +0800 HP-HP gfdghhshdhfg IP-BLOCK 42.2.151.79 (Type: incoming, Port: 7466, Process: svchost.exe)2013/09/23 20:30:19 +0800 HP-HP gfdghhshdhfg IP-BLOCK 42.2.151.79 (Type: incoming, Port: 7466, Process: svchost.exe)2013/09/23 20:30:27 +0800 HP-HP gfdghhshdhfg IP-BLOCK 42.2.151.79 (Type: incoming, Port: 7466, Process: svchost.exe)2013/09/23 22:40:57 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.88 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 22:48:03 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.233 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/23 23:03:51 +0800 HP-HP gfdghhshdhfg IP-BLOCK 46.166.168.105 (Type: incoming, Port: 3389, Process: svchost.exe)2013/09/23 23:47:29 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/23 23:59:14 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.239 (Type: incoming, Port: 1998, Process: svchost.exe) 22/9/2013 2013/09/22 08:55:25 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.239 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/22 09:07:06 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/22 09:18:36 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/22 09:30:15 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.239 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/22 10:16:57 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.233 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/22 10:52:24 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.233 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/22 11:18:21 +0800 HP-HP gfdghhshdhfg IP-BLOCK 218.8.55.109 (Type: outgoing, Port: 57345, Process: chrome.exe)2013/09/22 11:18:21 +0800 HP-HP gfdghhshdhfg IP-BLOCK 218.8.55.109 (Type: outgoing, Port: 57346, Process: chrome.exe)2013/09/22 11:18:21 +0800 HP-HP gfdghhshdhfg IP-BLOCK 218.8.55.109 (Type: outgoing, Port: 57347, Process: chrome.exe)2013/09/22 11:18:21 +0800 HP-HP gfdghhshdhfg IP-BLOCK 218.8.55.109 (Type: outgoing, Port: 57354, Process: chrome.exe)2013/09/22 14:01:29 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.239 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/22 15:25:23 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.239 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/22 17:00:57 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.233 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/22 17:12:47 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/22 17:13:11 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.88 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/22 17:24:45 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/22 17:36:46 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/22 17:48:41 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/22 18:00:45 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/22 19:10:23 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.69 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/22 19:12:49 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.239 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/22 19:36:50 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.246 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/22 21:22:27 +0800 HP-HP gfdghhshdhfg IP-BLOCK 61.160.250.96 (Type: incoming, Port: 1433, Process: svchost.exe)2013/09/22 22:04:04 +0800 HP-HP gfdghhshdhfg IP-BLOCK 37.221.170.17 (Type: outgoing, Port: 57644, Process: chrome.exe)2013/09/22 23:44:27 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/22 23:56:01 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/22 23:56:01 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 18186, Process: svchost.exe) 21/9/2013 2013/09/21 00:00:22 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 00:00:22 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 00:35:58 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 01:23:06 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.233 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 02:33:42 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 06:00:53 +0800 HP-HP (null) MESSAGE Starting protection2013/09/21 06:00:53 +0800 HP-HP (null) MESSAGE Protection started successfully2013/09/21 06:00:53 +0800 HP-HP (null) MESSAGE Starting IP protection2013/09/21 06:00:55 +0800 HP-HP (null) MESSAGE IP Protection started successfully2013/09/21 06:13:04 +0800 HP-HP gfdghhshdhfg MESSAGE Executing scheduled update: Daily2013/09/21 06:13:09 +0800 HP-HP gfdghhshdhfg MESSAGE Starting database refresh2013/09/21 06:13:09 +0800 HP-HP gfdghhshdhfg MESSAGE Stopping IP protection2013/09/21 06:13:09 +0800 HP-HP gfdghhshdhfg MESSAGE Scheduled update executed successfully: database updated from version v2013.09.20.02 to version v2013.09.20.102013/09/21 06:13:10 +0800 HP-HP gfdghhshdhfg MESSAGE IP Protection stopped successfully2013/09/21 06:13:42 +0800 HP-HP gfdghhshdhfg MESSAGE Database refreshed successfully2013/09/21 06:13:42 +0800 HP-HP gfdghhshdhfg MESSAGE Starting IP protection2013/09/21 06:13:44 +0800 HP-HP gfdghhshdhfg MESSAGE IP Protection started successfully2013/09/21 06:39:46 +0800 HP-HP gfdghhshdhfg IP-BLOCK 37.221.160.203 (Type: incoming, Port: 443, Process: pmb.exe)2013/09/21 06:39:46 +0800 HP-HP gfdghhshdhfg IP-BLOCK 37.221.160.203 (Type: incoming, Port: 443, Process: pmb.exe)2013/09/21 06:39:46 +0800 HP-HP gfdghhshdhfg IP-BLOCK 37.221.160.203 (Type: incoming, Port: 443, Process: pmb.exe)2013/09/21 07:20:57 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 07:32:31 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 07:55:38 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 07:55:38 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 08:41:58 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.246 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 09:05:16 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 09:05:16 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 09:05:48 +0800 HP-HP gfdghhshdhfg IP-BLOCK 93.174.93.176 (Type: incoming, Port: 53, Process: svchost.exe)2013/09/21 09:16:57 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 09:28:13 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.25.44 (Type: incoming, Port: 8088, Process: svchost.exe)2013/09/21 09:28:46 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 09:36:57 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.58 (Type: incoming, Port: 1174, Process: svchost.exe)2013/09/21 09:36:57 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.58 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 09:36:57 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.58 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 09:40:19 +0800 HP-HP gfdghhshdhfg IP-BLOCK 94.102.59.185 (Type: incoming, Port: 19, Process: svchost.exe)2013/09/21 09:44:05 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.10.7 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 09:52:08 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 09:55:29 +0800 HP-HP gfdghhshdhfg IP-BLOCK 94.102.59.185 (Type: incoming, Port: 19, Process: svchost.exe)2013/09/21 10:15:29 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.246 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 10:17:22 +0800 HP-HP gfdghhshdhfg IP-BLOCK 94.102.59.185 (Type: incoming, Port: 19, Process: svchost.exe)2013/09/21 10:38:42 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 10:43:32 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.25.44 (Type: incoming, Port: 8088, Process: svchost.exe)2013/09/21 10:50:22 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.233 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 11:25:48 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.239 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 11:35:43 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.57 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 11:35:43 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.57 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 12:01:23 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.239 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 12:13:12 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 12:13:12 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 12:25:00 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 12:36:49 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 12:43:15 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.25.44 (Type: incoming, Port: 8088, Process: svchost.exe)2013/09/21 13:12:26 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.233 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 14:11:31 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 16:54:56 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.25.44 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 16:56:16 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.246 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 17:29:57 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.88 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 18:18:31 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.248 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 18:30:24 +0800 HP-HP (null) MESSAGE Starting protection2013/09/21 18:30:25 +0800 HP-HP (null) MESSAGE Protection started successfully2013/09/21 18:30:25 +0800 HP-HP (null) MESSAGE Starting IP protection2013/09/21 18:30:27 +0800 HP-HP (null) MESSAGE IP Protection started successfully2013/09/21 19:19:42 +0800 HP-HP gfdghhshdhfg IP-BLOCK 218.8.51.108 (Type: outgoing, Port: 54232, Process: svchost.exe)2013/09/21 19:19:43 +0800 HP-HP gfdghhshdhfg IP-BLOCK 218.8.51.108 (Type: outgoing, Port: 54235, Process: svchost.exe)2013/09/21 21:17:53 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.239 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 21:38:22 +0800 HP-HP gfdghhshdhfg IP-BLOCK 93.174.93.176 (Type: incoming, Port: 53, Process: svchost.exe)2013/09/21 21:53:21 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 22:17:03 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.246 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 22:28:50 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 22:28:50 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.238 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 22:52:24 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.239 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 23:15:51 +0800 HP-HP gfdghhshdhfg IP-BLOCK 60.173.8.247 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 23:37:49 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.58 (Type: incoming, Port: 1174, Process: svchost.exe)2013/09/21 23:37:49 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.58 (Type: incoming, Port: 1174, Process: svchost.exe)2013/09/21 23:37:49 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.58 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 23:37:49 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.58 (Type: incoming, Port: 1998, Process: svchost.exe)2013/09/21 23:37:49 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.58 (Type: incoming, Port: 18186, Process: svchost.exe)2013/09/21 23:37:49 +0800 HP-HP gfdghhshdhfg IP-BLOCK 222.186.34.58 (Type: incoming, Port: 18186, Process: svchost.exe)
  3. Most of the incoming ones are from 60.173.8.2XX (about 30 to 40), with some random ones. The outcoming ones are from 218.8.5X.10X. Should I post the logs?
  4. I followed your instructions and there hasn't been any incoming IPs that are blocked. I noticed two blocked outgoing IPs two hours ago when I was doing those things though. Is that normal?
  5. Thanks for the advice. Here are the logs: AdwCleaner # AdwCleaner v3.004 - Report created 21/09/2013 at 18:28:04 # Updated 15/09/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Dummy - HP-HP # Running from : C:\Users\gfdghhshdhfg\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Deleted : \END ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16686 -\\ Mozilla Firefox v23.0.1 (zh-TW) [ File : C:\Users\gfdghhshdhfg\AppData\Roaming\Mozilla\Firefox\Profiles\w2txq83z.default\prefs.js ] [ File : C:\Users\Trololololololololol\AppData\Roaming\Mozilla\Firefox\Profiles\1xst0whj.default\prefs.js ] [ File : C:\Users\Dummy\AppData\Roaming\Mozilla\Firefox\Profiles\dt45wiuz.default\prefs.js ] [ File : C:\Users\Doppel\AppData\Roaming\Mozilla\Firefox\Profiles\n2kiayro.default\prefs.js ] ************************* AdwCleaner[R0].txt - [2104 octets] - [21/09/2013 18:22:28] AdwCleaner[s0].txt - [2033 octets] - [21/09/2013 18:28:04] ########## EOF - \AdwCleaner\AdwCleaner[s0].txt - [2093 octets] ########## SecurityCheck Results of screen317's Security Check version 0.99.73 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` BullGuard Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.75.0.1300 Java 6 Update 29 Java 7 Update 21 Java version out of Date! Adobe Flash Player 11.8.800.168 Adobe Reader 10.1.8 Adobe Reader out of Date! Mozilla Firefox (23.0.1) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe BullGuard Ltd BullGuard Antivirus BullGuardUpdate.exe BullGuard Ltd BullGuard Antivirus BullGuardScanner.exe BullGuard Ltd BullGuard Antivirus BullGuard.exe gfdghhshdhfg Desktop Malwarebytes' Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log``````````````````````
  6. Thanks for the replies. The scans didn't find anything obvious, but I see something called ALWIL when I'm scanning with the ESET Online Scanner. I'm not sure if this affected the scanner's performance, but I can't find this ALWIL thing so I can't disable it. Anyway, here is the log from Malwarebytes: www.malwarebytes.org Database version: v2013.09.20.02 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 10.0.9200.16686Dummy :: HP-HP [administrator] Protection: Enabled 20/9/2013 17:28:13mbam-log-2013-09-20 (17-28-13).txt Scan type: Full scan (C:\|D:\|E:\|Q:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 735606Time elapsed: 2 hour(s), 13 minute(s), 24 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end)
  7. ComboFix 13-09-17.01 - Dummy 09/2013 週三 18:56:16.1.4 - x64 Microsoft Windows 7 家用進階版 6.1.7601.1.950.852.3076.18.3959.642 [GMT 8:00] 執行位置: c:\users\gfdghhshdhfg\Downloads\ComboFix.exe AV: BullGuard Antivirus *Disabled/Outdated* {504FFF66-3028-EB7E-2E60-62B19ADD791C} SP: BullGuard Antispyware *Disabled/Outdated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( 被刪除的檔案 ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\-\AppData\Local\Google\Chrome\User Data\Default\Preferences c:\users\gfdghhshdhfg\AppData\Local\assembly\tmp c:\users\gfdghhshdhfg\AppData\Local\Google\Chrome\User Data\Default\Preferences c:\users\gfdghhshdhfg\Documents\~WRL4101.tmp c:\users\Guest\AppData\Local\Google\Chrome\User Data\Default\Preferences c:\windows\apppatch\AppLoc.exe . . ((((((((((((((((((((((((( 2013-08-18 至 2013-09-18 的新的檔案 ))))))))))))))))))))))))))))))) . . 2013-09-18 11:06 . 2013-09-18 11:06 -------- d-----w- c:\users\hedev\AppData\Local\temp 2013-09-18 11:06 . 2013-09-18 11:06 -------- d-----w- c:\users\Dummy\AppData\Local\temp 2013-09-18 11:06 . 2013-09-18 11:06 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-09-18 11:06 . 2013-09-18 11:06 -------- d-----w- c:\users\hp.hp-HP\AppData\Local\temp 2013-09-17 15:03 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1C9F920F-15EF-416F-997E-66969C167C17}\mpengine.dll 2013-09-14 11:50 . 2013-09-17 11:01 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable) 2013-09-11 14:50 . 2013-04-04 06:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys 2013-08-31 06:55 . 2013-08-31 06:59 -------- d-----w- c:\users\gfdghhshdhfg\AppData\Roaming\Natural Selection 2 2013-08-31 06:47 . 2013-08-31 06:47 -------- d-----w- c:\users\Dummy\AppData\Local\SCE 2013-08-25 13:34 . 2013-08-25 13:34 -------- d-----w- c:\users\Dummy\AppData\Roaming\RealNetworks 2013-08-25 13:33 . 2013-08-25 13:33 -------- d-----w- c:\program files (x86)\RealNetworks 2013-08-25 13:33 . 2013-08-25 13:33 -------- d-----w- c:\programdata\RealNetworks 2013-08-22 05:54 . 2013-08-22 05:55 -------- d-----w- c:\program files\HitmanPro 2013-08-22 05:40 . 2013-08-22 06:05 -------- d-----w- c:\programdata\HitmanPro 2013-08-22 05:34 . 2013-08-22 05:35 -------- d-----w- c:\programdata\MFAData 2013-08-22 05:34 . 2013-08-22 05:34 -------- d--h--w- c:\programdata\Common Files 2013-08-22 05:34 . 2013-08-22 05:34 -------- d-----w- c:\users\Dummy\AppData\Local\MFAData 2013-08-22 05:34 . 2013-08-22 05:34 -------- d-----w- c:\users\Dummy\AppData\Local\Avg2013 2013-08-21 11:28 . 2013-08-21 11:28 -------- d-----w- c:\users\Dummy\AppData\Local\ApplicationHistory . . . (((((((((((((((((((((((((((((((((((((((( 在三個月內被修改的檔案 )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-09-11 19:16 . 2011-11-27 01:53 79143768 ----a-w- c:\windows\system32\MRT.exe 2013-08-25 13:30 . 2012-06-30 13:35 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2013-08-25 13:30 . 2012-06-30 13:35 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2013-08-06 20:22 . 2011-10-08 06:52 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-08-02 01:48 . 2013-09-11 10:45 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-07-29 19:40 . 2013-07-29 19:40 0 ----a-w- c:\windows\SysWow64\sho650B.tmp 2013-07-28 02:40 . 2012-04-12 02:50 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-07-28 02:40 . 2011-09-27 14:22 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-07-25 09:25 . 2013-08-14 14:45 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-07-25 08:57 . 2013-08-14 14:45 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL 2013-07-20 10:55 . 2010-06-24 18:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2013-07-19 01:58 . 2013-08-14 14:46 2048 ----a-w- c:\windows\system32\tzres.dll 2013-07-19 01:41 . 2013-08-14 14:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2013-07-18 17:16 . 2013-07-18 17:16 0 ----a-w- c:\windows\SysWow64\sho8616.tmp 2013-07-17 19:01 . 2013-07-17 19:01 0 ----a-w- c:\windows\SysWow64\sho66EA.tmp 2013-07-09 05:52 . 2013-08-14 14:47 224256 ----a-w- c:\windows\system32\wintrust.dll 2013-07-09 05:51 . 2013-08-14 14:45 1217024 ----a-w- c:\windows\system32\rpcrt4.dll 2013-07-09 05:46 . 2013-08-14 14:47 1472512 ----a-w- c:\windows\system32\crypt32.dll 2013-07-09 05:46 . 2013-08-14 14:47 184320 ----a-w- c:\windows\system32\cryptsvc.dll 2013-07-09 05:46 . 2013-08-14 14:47 139776 ----a-w- c:\windows\system32\cryptnet.dll 2013-07-09 04:52 . 2013-08-14 14:45 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll 2013-07-09 04:52 . 2013-08-14 14:47 175104 ----a-w- c:\windows\SysWow64\wintrust.dll 2013-07-09 04:46 . 2013-08-14 14:47 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll 2013-07-09 04:46 . 2013-08-14 14:47 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll 2013-07-09 04:46 . 2013-08-14 14:47 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll 2013-07-06 06:03 . 2013-08-14 14:44 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-07-05 18:53 . 2013-07-05 18:53 0 ----a-w- c:\windows\SysWow64\sho702A.tmp 2013-07-04 23:32 . 2013-07-04 23:32 0 ----a-w- c:\windows\SysWow64\sho11DE.tmp 2013-06-30 01:46 . 2013-06-30 01:46 0 ----a-w- c:\windows\SysWow64\shoB46F.tmp 2013-06-26 11:21 . 2013-06-26 11:21 23208 ----a-w- c:\windows\system32\drivers\Sftvollh.sys 2013-06-26 11:21 . 2013-06-26 11:21 28840 ----a-w- c:\windows\system32\drivers\Sftredirlh.sys 2013-06-26 11:21 . 2013-06-26 11:21 273576 ----a-w- c:\windows\system32\drivers\Sftplaylh.sys 2013-06-26 11:21 . 2013-06-26 11:21 1777320 ----a-w- c:\windows\system32\sftldr.dll 2013-06-26 11:21 . 2013-06-26 11:21 1130664 ----a-w- c:\windows\SysWow64\sftldr_wow64.dll 2013-06-26 11:21 . 2013-06-26 11:21 767144 ----a-w- c:\windows\system32\drivers\Sftfslh.sys 2013-06-24 23:17 . 2013-06-24 23:17 0 ----a-w- c:\windows\SysWow64\sho88E6.tmp 2013-06-23 16:26 . 2013-06-23 16:26 0 ----a-w- c:\windows\SysWow64\sho9F5F.tmp 2013-06-22 20:00 . 2013-06-22 20:00 0 ----a-w- c:\windows\SysWow64\shoB822.tmp . . ((((((((((((((((((((((((((((((((((((( 重要登入點 )))))))))))))))))))))))))))))))))))))))))))))))))) . . *注意* 空白與合法缺省登錄將不會被顯示 REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584] "MsgCenterExe"="c:\program files (x86)\real\realplayer\update\RealOneMessageCenter.exe" [2013-08-25 83072] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe" [2010-07-21 2095616] "BATINDICATORHL"="c:\program files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe" [2010-07-23 557056] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-10-22 895512] "IME14 CHT Setup"="c:\progra~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE" [2012-03-13 81200] "EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320] "TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2013-08-25 295512] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-11 253816] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware"="c:\users\gfdghhshdhfg\Desktop\Malwarebytes' Anti-Malware\mbamgui.exe" [2013-04-04 532040] "Malwarebytes Anti-Malware (cleanup)"="c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll" [2013-04-04 1127496] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e00d0404] IME File REG_SZ IMTCC14.IME . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e00e0404] IME File REG_SZ IMTCQ14.IME . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e00f0404] IME File REG_SZ IMTCJ14.IME . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] @="" . R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 BgRaSvc;BgRaSvc;c:\program files\BullGuard Ltd\BullGuard Antivirus\Support\BgRaSvc.exe;c:\program files\BullGuard Ltd\BullGuard Antivirus\Support\BgRaSvc.exe [x] R3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x] R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows 啟用技術服務;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] S1 BdSpy;BdSpy;c:\windows\system32\DRIVERS\BdSpy.sys;c:\windows\SYSNATIVE\DRIVERS\BdSpy.sys [x] S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE;c:\program files\Realtek\Audio\HDA\AERTSr64.EXE [x] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x] S2 BsBrowser;BullGuard antiphishing service;c:\windows\System32\SvcHost.exe;c:\windows\SYSNATIVE\SvcHost.exe [x] S2 BsFileScan;BullGuard on-access service;c:\windows\System32\SvcHost.exe;c:\windows\SYSNATIVE\SvcHost.exe [x] S2 BsMailProxy;BullGuard e-mail monitoring service;c:\windows\System32\SvcHost.exe;c:\windows\SYSNATIVE\SvcHost.exe [x] S2 BsMain;BullGuard main service;c:\windows\System32\SvcHost.exe;c:\windows\SYSNATIVE\SvcHost.exe [x] S2 BsUpdate;BullGuard update service;c:\program files\BullGuard Ltd\BullGuard Antivirus\BullGuardUpdate.exe;c:\program files\BullGuard Ltd\BullGuard Antivirus\BullGuardUpdate.exe [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x] S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe;c:\program files\HitmanPro\hmpsched.exe [x] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x] S2 ImeDictUpdateService;Microsoft IME Dictionary Update;c:\program files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE;c:\program files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE [x] S2 MBAMScheduler;MBAMScheduler;c:\users\gfdghhshdhfg\Desktop\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\users\gfdghhshdhfg\Desktop\Malwarebytes' Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\users\gfdghhshdhfg\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe;c:\users\gfdghhshdhfg\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe [x] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x] S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [x] S3 BsScanner;BullGuard scanning service;c:\program files\BullGuard Ltd\BullGuard Antivirus\BullGuardScanner.exe;c:\program files\BullGuard Ltd\BullGuard Antivirus\BullGuardScanner.exe [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] Akamai REG_MULTI_SZ Akamai . ‘計劃任務’ 文件夾 裡的內容 . 2013-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-05 10:53] . 2013-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-05 10:53] . 2013-09-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423791886-1600473386-2339945710-1001Core.job - c:\users\gfdghhshdhfg\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-05 10:51] . 2013-09-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423791886-1600473386-2339945710-1001UA.job - c:\users\gfdghhshdhfg\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-05 10:51] . 2013-09-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423791886-1600473386-2339945710-1008Core.job - c:\users\-\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-10 16:58] . 2013-09-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423791886-1600473386-2339945710-1008UA.job - c:\users\-\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-10 16:58] . 2013-08-20 c:\windows\Tasks\HPCeeScheduleForgfdghhshdhfg.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . 2013-08-27 c:\windows\Tasks\HPCeeScheduleForHP-HP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-13 11046504] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896] "BullGuard"="c:\program files\BullGuard Ltd\BullGuard Antivirus\bullguard.exe" [2011-10-04 2148664] "IME14 CHT Setup"="c:\progra~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE" [2012-03-13 110896] . ------- 而外的掃描 ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm LSP: c:\windows\system32\BGLsp.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 192.168.8.1 TCP: Interfaces\{2366C26E-B6ED-4F6C-B00D-8F3E71CF3A8E}: NameServer = 203.198.23.208 218.102.32.208 TCP: Interfaces\{2FC9F5EA-3143-44E7-AC3A-069298D7F349}: NameServer = 203.198.23.208 218.102.32.208 FF - ProfilePath - c:\users\Dummy\AppData\Roaming\Mozilla\Firefox\Profiles\dt45wiuz.default\ . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start AddRemove-Katawa Shoujo - c:\users\gfdghhshdhfg\Desktop\Katawa Shoujo\Uninstall Katawa Shoujo.exe AddRemove-Strange Adventures in Infinite Space - c:\users\gfdghhshdhfg\Desktop\uninstall.exe AddRemove-{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8} - c:\program files (x86)\InstallShield Installation Information\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}\setup.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai] "ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . 完成時間: 2013-09-18 19:09:09 ComboFix-quarantined-files.txt 2013-09-18 11:09 . Pre-Run: 745,043,304,448 bytes free Post-Run: 749,323,616,256 bytes free . - - End Of File - - 419ADF378BC2ECA850F5AA4694296E93
  8. Hello. Malwarebytes has blocked multiple incoming IPs with similar addresses and some outgoing IPs from svchost.exe since I downloaded the trial 10 days ago. Scans from my antivirus and Malwarebytes have turned up nothing. I am worried it might be a sign of infection. Could you please take a look at the logs? DDS.txt DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16686 BrowserJavaVersion: 10.21.2Run by Dummy at 15:43:33 on 2013-09-20Microsoft Windows 7 家用進階版 6.1.7601.1.950.852.3076.18.3959.528 [GMT 8:00].AV: BullGuard Antivirus *Enabled/Updated* {504FFF66-3028-EB7E-2E60-62B19ADD791C}SP: BullGuard Antispyware *Enabled/Updated* {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\HitmanPro\hmpsched.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\nvvsvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\Realtek\Audio\HDA\AERTSr64.EXEC:\Windows\SysWOW64\svchost.exe -k AkamaiC:\Windows\System32\SvcHost.exe -k BullGuard_LowPrivC:\Windows\System32\SvcHost.exe -k BullGuardC:\Windows\System32\SvcHost.exe -k BullGuard_MainC:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exeC:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exeC:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXEc:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Users\gfdghhshdhfg\Desktop\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Users\gfdghhshdhfg\Desktop\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\PDF Complete\pdfsvc.exeC:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\System32\svchost.exe -k secsvcsC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardUpdate.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\taskhost.exeC:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exeC:\Users\gfdghhshdhfg\Desktop\Malwarebytes' Anti-Malware\mbamgui.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXEC:\Windows\system32\taskeng.exeC:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardScanner.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exeC:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exeC:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuard.exeC:\Program Files\Windows Sidebar\sidebar.exeC:\Users\gfdghhshdhfg\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\Pando Networks\Media Booster\PMB.exeC:\Users\gfdghhshdhfg\AppData\Local\Akamai\netsession_win.exeC:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exeC:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exeC:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exeC:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exeC:\Program Files (x86)\Real\RealPlayer\Update\realsched.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Program Files (x86)\Steam\Steam.exeC:\Program Files (x86)\Common Files\Steam\SteamService.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Windows\system32\taskmgr.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Users\gfdghhshdhfg\AppData\Local\Google\Chrome\Application\old_chrome.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: BGAntiphishingBHO Class: {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\Files32\Antiphishing\IE\BGAntiphishingIEBHO.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dlluRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunuRun: [MsgCenterExe] "c:\program files (x86)\real\realplayer\update\RealOneMessageCenter.exe" -osbootmRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exemRun: [bATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exemRun: [bATINDICATORHL] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exemRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exemRun: [iME14 CHT Setup] C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /CHT /LogmRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osbootmRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRunOnce: [Malwarebytes Anti-Malware] C:\Users\gfdghhshdhfg\Desktop\Malwarebytes' Anti-Malware\mbamgui.exe /install /silentmRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScriptuPolicies-Explorer: NoDriveTypeAutoRun = dword:145uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\Files32\Antiphishing\IE\BGAntiphishingIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllLSP: C:\Windows\System32\BGLsp.dllTrusted Zone: clonewarsadventures.comTrusted Zone: freerealms.comTrusted Zone: soe.comTrusted Zone: sony.comTCP: NameServer = 192.168.8.1TCP: Interfaces\{2366C26E-B6ED-4F6C-B00D-8F3E71CF3A8E} : NameServer = 203.198.23.208 218.102.32.208TCP: Interfaces\{2FC9F5EA-3143-44E7-AC3A-069298D7F349} : NameServer = 203.198.23.208 218.102.32.208TCP: Interfaces\{A30A7FB0-4481-4DE3-89A5-52BB9855B80C} : DHCPNameServer = 192.168.8.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-BHO: BGAntiphishingBHO Class: {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\Antiphishing\IE\BGAntiphishingIEBHO.dllx64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dllx64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exex64-Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /backgroundx64-Run: [bullGuard] "C:\Program Files\BullGuard Ltd\BullGuard Antivirus\bullguard.exe" -bootx64-Run: [iME14 CHT Setup] C:\PROGRA~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /CHT /Logx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard Antivirus\Antiphishing\IE\BGAntiphishingIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Dummy\AppData\Roaming\Mozilla\Firefox\Profiles\dt45wiuz.default\.============= SERVICES / DRIVERS ===============.R1 BdSpy;BdSpy;C:\Windows\System32\drivers\BdSpy.sys [2010-3-12 63712]R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-5-27 56344]R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2011-5-27 172632]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-9-11 25928]R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-5-27 1002848]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-5-27 408680]R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]S3 clwvd;HP Webcam Splitter;C:\Windows\System32\drivers\clwvd.sys [2010-9-4 31088]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-10-9 59392].=============== Created Last 30 ================.2013-09-19 12:18:12 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C9F920F-15EF-416F-997E-66969C167C17}\offreg.dll2013-09-18 14:05:44 -------- d-sh--w- C:\$RECYCLE.BIN2013-09-18 12:59:32 -------- d-----w- C:\Program Files (x86)\ESET2013-09-18 11:09:11 -------- d-----w- C:\Users\Dummy\AppData\Local\temp2013-09-17 15:03:56 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C9F920F-15EF-416F-997E-66969C167C17}\mpengine.dll2013-09-14 11:50:51 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)2013-09-11 14:50:20 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-09-03 13:53:52 187248 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll2013-08-31 06:47:36 -------- d-----w- C:\Users\Dummy\AppData\Local\SCE2013-08-25 13:34:12 -------- d-----w- C:\Users\Dummy\AppData\Roaming\RealNetworks2013-08-25 13:33:16 -------- d-----w- C:\Program Files (x86)\RealNetworks2013-08-25 13:33:08 -------- d-----w- C:\ProgramData\RealNetworks2013-08-23 15:14:49 91544 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll2013-08-22 05:54:57 -------- d-----w- C:\Program Files\HitmanPro2013-08-22 05:40:23 -------- d-----w- C:\ProgramData\HitmanPro2013-08-22 05:34:02 -------- d--h--w- C:\ProgramData\Common Files2013-08-22 05:34:02 -------- d-----w- C:\Users\Dummy\AppData\Local\MFAData2013-08-22 05:34:02 -------- d-----w- C:\Users\Dummy\AppData\Local\Avg20132013-08-22 05:34:02 -------- d-----w- C:\ProgramData\MFAData2013-08-21 11:28:23 -------- d-----w- C:\Users\Dummy\AppData\Local\ApplicationHistory.==================== Find3M ====================.2013-09-19 20:14:45 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-09-19 20:14:45 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-08-25 13:30:32 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll2013-08-25 13:30:32 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-08-10 03:58:06 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-08-10 03:17:38 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-08-10 03:07:50 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys2013-08-06 20:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll2013-07-29 19:40:55 0 ----a-w- C:\Windows\SysWow64\sho650B.tmp2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-07-18 17:16:44 0 ----a-w- C:\Windows\SysWow64\sho8616.tmp2013-07-17 19:01:44 0 ----a-w- C:\Windows\SysWow64\sho66EA.tmp2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll2013-07-09 05:46:20 1472512 ----a-w- C:\Windows\System32\crypt32.dll2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-07-05 18:53:29 0 ----a-w- C:\Windows\SysWow64\sho702A.tmp2013-07-04 23:32:26 0 ----a-w- C:\Windows\SysWow64\sho11DE.tmp2013-06-30 01:46:01 0 ----a-w- C:\Windows\SysWow64\shoB46F.tmp2013-06-26 11:21:50 23208 ----a-w- C:\Windows\System32\drivers\Sftvollh.sys2013-06-26 11:21:48 28840 ----a-w- C:\Windows\System32\drivers\Sftredirlh.sys2013-06-26 11:21:46 273576 ----a-w- C:\Windows\System32\drivers\Sftplaylh.sys2013-06-26 11:21:46 1777320 ----a-w- C:\Windows\System32\sftldr.dll2013-06-26 11:21:46 1130664 ----a-w- C:\Windows\SysWow64\sftldr_wow64.dll2013-06-26 11:21:44 767144 ----a-w- C:\Windows\System32\drivers\Sftfslh.sys2013-06-24 23:17:55 0 ----a-w- C:\Windows\SysWow64\sho88E6.tmp2013-06-23 16:26:23 0 ----a-w- C:\Windows\SysWow64\sho9F5F.tmp2013-06-22 20:00:41 0 ----a-w- C:\Windows\SysWow64\shoB822.tmp.============= FINISH: 15:44:49.78 =============== Attached.txt .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 家用進階版 Boot Device: \Device\HarddiskVolume1Install Date: 4/8/2011 16:41:08System Uptime: 20/9/2013 6:41:18 (9 hours ago).Motherboard: Hewlett-Packard | | 2AA6Processor: Intel® Core i3 CPU 560 @ 3.33GHz | CPU 1 | 2266/133mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 916 GiB total, 705.631 GiB free.D: is FIXED (NTFS) - 15 GiB total, 1.89 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}Description: USB 視訊裝置Device ID: USB\VID_04F2&PID_B2B2&MI_00\7&2BE61223&0&0000Manufacturer: MicrosoftName: USB WebcamPNP Device ID: USB\VID_04F2&PID_B2B2&MI_00\7&2BE61223&0&0000Service: usbvideo.Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}Description: HP Webcam SplitterDevice ID: ROOT\MEDIA\0000Manufacturer: CyberLinkName: HP Webcam SplitterPNP Device ID: ROOT\MEDIA\0000Service: clwvd.==== System Restore Points ===================.RP260: 18/9/2013 20:55:32 - ComboFix created restore point.==== Installed Programs ======================.7-Zip 9.20 (x64 edition)ABBYY FineReader 9.0 SprintActiveCheck component for HP Active Support LibraryAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Reader X (10.1.8)Agatha Christie - Peril at End HouseAkamai NetSession InterfaceAlien SwarmBejeweled 2 DeluxeBing BarBing Rewards Client InstallerBlackhawk Striker 2Blasterball 3Bounce SymphonyBuild Your Own Net Dream (remove only)BullGuard Antivirus 9.0BYONDCake ManiaChampions Online: Free For AllChuzzle DeluxeCounter-Strike Online 客戶端CyberLink DVD Suite DeluxeD3DX10Definition Update for Microsoft Office 2010 (KB982726) 32-Bit EditionDora's World AdventureDragons ProphetDVD Menu Pack for HP MediaSmart VideoEpson Easy Photo Print 2Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)Epson Event ManagerEPSON ME 330 Series 用?指南EPSON ScanESET Online Scanner v3
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.