Charade
-
Posts
30 -
Joined
-
Last visited
-
That will be all. Thank you so much for your assistance!
-
Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.08.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 troyswi :: STEVESWI-PC [administrator] 8/8/2012 12:51:34 PM mbam-log-2012-08-08 (12-51-34).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 320708 Time elapsed: 19 minute(s), 6 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
-
Alright, I believe it was deleted successfully. It allowed me to delete it.
-
I'm sorry, but I'm a computer novice. I am not sure exactly how to do what you are telling me to.do.. namely "right click on __________________". Where exactly do I go to right click on this? Thanks for your help thus far!
-
Throwing this back to the top.
-
[safe Scan] Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.30.08 Windows 7 Service Pack 1 x64 NTFS (Safe Mode) Internet Explorer 9.0.8112.16421 troyswi :: STEVESWI-PC [administrator] 7/30/2012 1:20:04 PM mbam-log-2012-07-30 (13-20-04).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 311461 Time elapsed: 6 minute(s), 39 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|25922 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\mshiiai.com -> Delete on reboot. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\troyswi\Downloads\mplayer_tuguu.exe (PUP.BundleOffers.IIQ) -> Quarantined and deleted successfully. (end) [Quick Scan] Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.30.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 troyswi :: STEVESWI-PC [administrator] 7/30/2012 1:30:47 PM mbam-log-2012-07-30 (13-30-47).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 313247 Time elapsed: 10 minute(s), 53 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|25922 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\mshiiai.com -> Delete on reboot. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
-
No rush.
-
O_o lOG.rar
-
Alright, err.. it remained after the second scan. Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.24.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 troyswi :: STEVESWI-PC [administrator] 7/24/2012 9:53:33 AM mbam-log-2012-07-24 (09-53-33).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 302591 Time elapsed: 7 minute(s), 32 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|25922 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\mshiiai.com -> Delete on reboot. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
-
[DDS] . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by troyswi at 9:06:23 on 2012-07-21 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8151.4622 [GMT -4:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Windows\system32\taskhost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Users\troyswi\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe C:\Users\troyswi\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Xfire\Xfire.exe C:\Program Files\Rainmeter\Rainmeter.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Last.fm\LastFM.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Windows\splwow64.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\Ventrilo\Ventrilo.exe C:\Program Files (x86)\Xfire\Xfire.exe C:\Program Files (x86)\Xfire\xfire64.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\taskeng.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local;<local> BHO: {05560ADF-7B25-40FF-B408-3F6E6F512EB4} - No File BHO: Dell Toolbar: {09b71986-2ac5-482d-b6cb-42ea34f4f85b} - C:\Program Files\Dell Printable Web\toolband.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB: Dell Toolbar: {09b71986-2ac5-482d-b6cb-42ea34f4f85b} - C:\Program Files\Dell Printable Web\toolband.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File EB: {A310506F-6BA4-48C4-8887-1F462277AA12} - No File uRun: [Akamai NetSession Interface] "C:\Users\troyswi\AppData\Local\Akamai\netsession_win.exe" uRun: [DW7] "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe" mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [ATICustomerCare] "c:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mExplorerRun: [25922] C:\PROGRA~3\LOCALS~1\Temp\mshiiai.com StartupFolder: C:\Users\troyswi\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe StartupFolder: C:\Users\troyswi\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: SoftwareSASGeneration = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 IE: {0483894E-2422-45E0-8384-021AFF1AF3CD} - {0483894E-2422-45E0-8384-021AFF1AF3CD} IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} - hxxp://bgweb.nowcdn.co.kr/Bin/DownStarter2.cab DPF: {93C449FA-ECFB-402F-A8C7-37E4F8D60E49} - hxxp://dl.pmang.com/common/pmangctl/pmangax.cab DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} - hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76 TCP: Interfaces\{684D61C6-AFC2-4E9E-A94E-3ECE0EB26783} : DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL BHO-X64: {05560ADF-7B25-40FF-B408-3F6E6F512EB4} - No File BHO-X64: Dell Toolbar: {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB-X64: Dell Toolbar: {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File EB-X64: {A310506F-6BA4-48C4-8887-1F462277AA12} - No File mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe mRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r mRun-x64: [updReg] C:\Windows\UpdReg.EXE mRun-x64: [ATICustomerCare] "c:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://www.google.com/search?hl=en-GB&q= FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 64848 FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\troyswi\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false FF - user.js: network.protocol-handler.warn-external.dnupdate - false . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-10 44808] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-30 13336] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-8-30 689472] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-7-5 3048136] R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-5-26 2666880] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 250056] S3 CYUSB;Cypress Generic USB Driver;C:\Windows\system32\Drivers\CYUSB.sys --> C:\Windows\system32\Drivers\CYUSB.sys [?] S3 danewFltr;NewDeathAdder Mouse;C:\Windows\system32\drivers\danew.sys --> C:\Windows\system32\drivers\danew.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-27 113120] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-4-10 25072] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 xsherlock;xsherlock;C:\Windows\System32\xsherlock.xem [2012-7-6 665696] . =============== Created Last 30 ================ . 2012-07-21 13:01:03 -------- dcsh--w- C:\$RECYCLE.BIN 2012-07-20 21:49:48 -------- d-----w- C:\Program Files (x86)\Activision 2012-07-20 18:10:40 -------- d-----w- C:\Users\troyswi\AppData\Local\IW4M 2012-07-18 23:39:14 -------- dc----w- C:\TDSSKiller_Quarantine 2012-07-17 13:15:49 -------- d-----w- C:\Windows\System32\SPReview 2012-07-17 13:13:51 -------- d-----w- C:\Windows\System32\EventProviders 2012-07-16 15:03:47 -------- d-----w- C:\Program Files (x86)\ESET 2012-07-12 17:57:18 -------- d-----w- C:\Program Files (x86)\Oracle 2012-07-12 17:56:23 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-07-12 07:06:09 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 10:19:01 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-07-11 10:19:00 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll 2012-07-11 10:19:00 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2012-07-11 10:19:00 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-07-11 10:19:00 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-07-11 10:19:00 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-07-06 19:54:19 665696 ----a-w- C:\Windows\SysWow64\xsherlock.xem 2012-07-05 22:45:34 5030088 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2012-06-29 11:24:03 18912 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll 2012-06-29 11:24:02 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll 2012-06-29 11:24:02 136672 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll 2012-06-29 11:24:02 117728 ----a-w- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe 2012-06-29 11:24:00 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll 2012-06-26 15:34:54 -------- d-----w- C:\Users\troyswi\AppData\Local\Aeria Games 2012-06-26 15:34:34 -------- d-----w- C:\ProgramData\Aeria Games 2012-06-26 15:29:27 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin 2012-06-26 15:29:27 -------- d-----w- C:\Program Files (x86)\Aeria Games 2012-06-25 23:43:03 -------- d-----w- C:\Users\troyswi\AppData\Roaming\Rainmeter 2012-06-25 21:19:45 -------- dc----w- C:\Program Files\Rainmeter 2012-06-21 16:51:02 -------- d-----w- C:\Users\troyswi\AppData\Local\Macromedia . ==================== Find3M ==================== . 2012-07-17 13:28:28 175616 ----a-w- C:\Windows\System32\msclmd.dll 2012-07-17 13:28:28 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2012-07-11 19:07:11 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-11 19:07:11 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-06 19:30:18 417448 ----a-w- C:\Windows\SysWow64\PMangAX0.dll 2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-07-03 16:21:52 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-07-03 16:21:52 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-07-03 16:21:52 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-07-03 16:21:32 41224 ----a-w- C:\Windows\avastSS.scr 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-04 23:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-04 07:04:00 2174976 ----a-w- C:\Program Files (x86)\Common Files\atimpenc.dll 2012-05-03 02:54:46 42392 ----a-w- C:\Windows\SysWow64\xfcodec.dll 2012-05-03 02:54:46 28056 ----a-w- C:\Windows\System32\xfcodec64.dll 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-25 21:56:04 6908648 ----a-w- C:\Windows\SysWow64\SpoonUninstall.exe 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll . ============= FINISH: 9:08:47.02 =============== log.txt
-
[DDS] . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by troyswi at 19:17:32 on 2012-07-19 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8151.4784 [GMT -4:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\WUDFHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Users\troyswi\AppData\Local\Akamai\netsession_win.exe C:\Users\troyswi\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe C:\Program Files\Rainmeter\Rainmeter.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Xfire\Xfire.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Last.fm\LastFM.exe C:\Program Files (x86)\Ventrilo\Ventrilo.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\splwow64.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\Last.fm\iPodScrobbler.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\Xfire\Xfire.exe C:\Program Files (x86)\Xfire\xfire64.exe C:\Windows\system32\sppsvc.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local;<local> BHO: {05560ADF-7B25-40FF-B408-3F6E6F512EB4} - No File BHO: Dell Toolbar: {09b71986-2ac5-482d-b6cb-42ea34f4f85b} - C:\Program Files\Dell Printable Web\toolband.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB: Dell Toolbar: {09b71986-2ac5-482d-b6cb-42ea34f4f85b} - C:\Program Files\Dell Printable Web\toolband.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File EB: {A310506F-6BA4-48C4-8887-1F462277AA12} - No File uRun: [Akamai NetSession Interface] "C:\Users\troyswi\AppData\Local\Akamai\netsession_win.exe" uRun: [DW7] "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe" mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [ATICustomerCare] "c:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mExplorerRun: [25922] C:\PROGRA~3\LOCALS~1\Temp\mshiiai.com StartupFolder: C:\Users\troyswi\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe StartupFolder: C:\Users\troyswi\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: SoftwareSASGeneration = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 IE: {0483894E-2422-45E0-8384-021AFF1AF3CD} - {0483894E-2422-45E0-8384-021AFF1AF3CD} IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} - hxxp://bgweb.nowcdn.co.kr/Bin/DownStarter2.cab DPF: {93C449FA-ECFB-402F-A8C7-37E4F8D60E49} - hxxp://dl.pmang.com/common/pmangctl/pmangax.cab DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} - hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76 TCP: Interfaces\{684D61C6-AFC2-4E9E-A94E-3ECE0EB26783} : DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL BHO-X64: {05560ADF-7B25-40FF-B408-3F6E6F512EB4} - No File BHO-X64: Dell Toolbar: {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB-X64: Dell Toolbar: {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File EB-X64: {A310506F-6BA4-48C4-8887-1F462277AA12} - No File mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe mRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r mRun-x64: [updReg] C:\Windows\UpdReg.EXE mRun-x64: [ATICustomerCare] "c:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://www.google.com/search?hl=en-GB&q= FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 64848 FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\troyswi\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false FF - user.js: network.protocol-handler.warn-external.dnupdate - false . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-10 44808] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-30 13336] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-8-30 689472] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-6-19 3048136] R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-5-26 2666880] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 250056] S3 CYUSB;Cypress Generic USB Driver;C:\Windows\system32\Drivers\CYUSB.sys --> C:\Windows\system32\Drivers\CYUSB.sys [?] S3 danewFltr;NewDeathAdder Mouse;C:\Windows\system32\drivers\danew.sys --> C:\Windows\system32\drivers\danew.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-27 113120] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-4-10 25072] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 xsherlock;xsherlock;C:\Windows\System32\xsherlock.xem [2012-7-6 665696] . =============== Created Last 30 ================ . 2012-07-19 23:03:52 -------- dcsh--w- C:\$RECYCLE.BIN 2012-07-18 23:39:14 -------- dc----w- C:\TDSSKiller_Quarantine 2012-07-17 13:15:49 -------- d-----w- C:\Windows\System32\SPReview 2012-07-17 13:13:51 -------- d-----w- C:\Windows\System32\EventProviders 2012-07-16 15:03:47 -------- d-----w- C:\Program Files (x86)\ESET 2012-07-12 17:57:18 -------- d-----w- C:\Program Files (x86)\Oracle 2012-07-12 17:56:23 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-07-12 07:06:09 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 10:19:01 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-07-11 10:19:00 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll 2012-07-11 10:19:00 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2012-07-11 10:19:00 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-07-11 10:19:00 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-07-11 10:19:00 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-07-06 19:54:19 665696 ----a-w- C:\Windows\SysWow64\xsherlock.xem 2012-06-29 11:24:03 18912 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll 2012-06-29 11:24:02 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll 2012-06-29 11:24:02 136672 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll 2012-06-29 11:24:02 117728 ----a-w- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe 2012-06-29 11:24:00 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll 2012-06-26 15:34:54 -------- d-----w- C:\Users\troyswi\AppData\Local\Aeria Games 2012-06-26 15:34:34 -------- d-----w- C:\ProgramData\Aeria Games 2012-06-26 15:29:27 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin 2012-06-26 15:29:27 -------- d-----w- C:\Program Files (x86)\Aeria Games 2012-06-25 23:43:03 -------- d-----w- C:\Users\troyswi\AppData\Roaming\Rainmeter 2012-06-25 21:19:45 -------- dc----w- C:\Program Files\Rainmeter 2012-06-21 16:51:02 -------- d-----w- C:\Users\troyswi\AppData\Local\Macromedia 2012-06-21 11:36:38 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-21 11:36:25 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-21 11:36:14 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-21 11:36:14 186752 ----a-w- C:\Windows\System32\wuwebv.dll . ==================== Find3M ==================== . 2012-07-17 13:28:28 175616 ----a-w- C:\Windows\System32\msclmd.dll 2012-07-17 13:28:28 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2012-07-11 19:07:11 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-11 19:07:11 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-06 19:30:18 417448 ----a-w- C:\Windows\SysWow64\PMangAX0.dll 2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-07-03 16:21:52 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-07-03 16:21:52 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-07-03 16:21:52 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-07-03 16:21:32 41224 ----a-w- C:\Windows\avastSS.scr 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-04 23:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-04 07:04:00 2174976 ----a-w- C:\Program Files (x86)\Common Files\atimpenc.dll 2012-05-03 02:54:46 42392 ----a-w- C:\Windows\SysWow64\xfcodec.dll 2012-05-03 02:54:46 28056 ----a-w- C:\Windows\System32\xfcodec64.dll 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-25 21:56:04 6908648 ----a-w- C:\Windows\SysWow64\SpoonUninstall.exe 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll . ============= FINISH: 19:20:26.54 =============== [Attach] . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 9/7/2010 7:49:11 PM System Uptime: 7/19/2012 7:12:27 PM (0 hours ago) . Motherboard: Dell Inc. | | 0G3HR7 Processor: Intel® Core i7 CPU 860 @ 2.80GHz | CPU 1 | 2801/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 921 GiB total, 389.713 GiB free. D: is CDROM () E: is Removable F: is Removable G: is Removable H: is Removable I: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP202: 7/17/2012 9:15:37 AM - Windows 7 Service Pack 1 RP203: 7/17/2012 2:04:50 PM - Removed Adobe Reader 9.4.7. RP204: 7/17/2012 6:23:03 PM - Windows Update RP205: 7/18/2012 8:50:05 PM - Windows Update . ==== Installed Programs ====================== . . Update for Microsoft Office 2007 (KB2508958) ·ç±©Õ½çøTF 4Media iPod to PC Transfer 4Videosoft MKV Video Converter A.V.A ABBYY FineReader 6.0 Sprint Action Replay DSi Code Manager Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) Adobe Shockwave Player 11.6 Aeria Ignite AIM 7 Aimersoft DVD to MP4 Converter(Build 2.2.0.27) Akamai NetSession Interface Akamai NetSession Interface Service Amazon MP3 Downloader 1.0.15 Anti-phishing Domain Advisor Apple Application Support Apple Software Update ATI Catalyst Control Center ATI Catalyst Registration avast! Free Antivirus Call of Duty: Modern Warfare 2 - Multiplayer Call of Duty: Modern Warfare 3 Call of Duty: Modern Warfare 3 - Dedicated Server Call of Duty: Modern Warfare 3 - Multiplayer Canon Easy-PhotoPrint EX Canon Inkjet Printer/Scanner/Fax Extended Survey Program Canon MP Navigator EX 4.1 Canon MX410 series User Registration Canon Solution Menu EX Canon Speed Dial Utility Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Cisco Connect Consumer In-Home Service Agreement Counter-Strike: Source Cross Fire En DAEMON Tools Pro dBpoweramp Music Converter Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Dock Dell Getting Started Guide Dell Toolbar DirectXInstallService Download Updater (AOL LLC) ESET Online Scanner v3 Fraps (remove only) Game Booster 3 Google Chrome GoToAssist 8.0.0.514 Intel® Control Center Intel® Rapid Storage Technology Java Auto Updater Java 7 Update 5 JavaFX 2.1.1 Junk Mail filter update Last.fm 1.5.4.27091 Malwarebytes Anti-Malware version 1.62.0.1300 Microsoft Choice Guard Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 14.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Multimedia Card Reader Mumble 1.2.3 NVIDIA PhysX v8.10.29 QuickTime Rainmeter REACTOR Realtek High Definition Audio Driver Revo Uninstaller 1.92 Safari Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Skins Skype Click to Call Skype™ 5.8 Soldier Front Special Force SpecialForce Spybot - Search & Destroy Steam swMSM System Requirements Lab CYRI Team Fortress 2 TeamViewer 7 The Weather Channel App THX TruStudio PC Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Ventrilo Client Vuze Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer Xfire (remove only) . ==== Event Viewer Messages From Past Week ======== . 7/19/2012 7:14:29 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 7/19/2012 7:14:29 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535 7/19/2012 7:14:29 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801. 7/19/2012 7:13:30 PM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the file specified. 7/19/2012 7:13:16 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service. 7/19/2012 7:03:30 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004 7/19/2012 7:03:12 PM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found. 7/19/2012 7:01:43 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 7/19/2012 6:51:15 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 7/19/2012 6:49:52 PM, Error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s). 7/19/2012 1:06:38 PM, Error: Service Control Manager [7000] - The NPPTNT2 service failed to start due to the following error: The system cannot find the file specified. 7/18/2012 8:37:04 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel® Rapid Storage Technology service to connect. 7/18/2012 8:37:04 PM, Error: Service Control Manager [7000] - The Intel® Rapid Storage Technology service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/17/2012 2:21:42 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 7/13/2012 10:50:20 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioSrv service. 7/12/2012 3:53:04 PM, Error: Service Control Manager [7031] - The Akamai NetSession Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. 7/12/2012 2:01:28 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect. 7/12/2012 2:01:28 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File =========================== ComboFix.txt
-
The ComboFix log, like last time, is too long to copy and paste. log.txt
-
I'm sorry, but what are 'HijackThis' logs? DDS and 'Attach' or Malwarebytes? [TDSSKiller] 19:37:38.0983 6160 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11 19:37:39.0223 6160 ============================================================ 19:37:39.0223 6160 Current date / time: 2012/07/18 19:37:39.0223 19:37:39.0223 6160 SystemInfo: 19:37:39.0223 6160 19:37:39.0223 6160 OS Version: 6.1.7601 ServicePack: 1.0 19:37:39.0223 6160 Product type: Workstation 19:37:39.0223 6160 ComputerName: STEVESWI-PC 19:37:39.0223 6160 UserName: troyswi 19:37:39.0223 6160 Windows directory: C:\Windows 19:37:39.0224 6160 System windows directory: C:\Windows 19:37:39.0224 6160 Running under WOW64 19:37:39.0224 6160 Processor architecture: Intel x64 19:37:39.0224 6160 Number of processors: 8 19:37:39.0224 6160 Page size: 0x1000 19:37:39.0224 6160 Boot type: Normal boot 19:37:39.0224 6160 ============================================================ 19:37:39.0614 6160 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:37:39.0640 6160 ============================================================ 19:37:39.0640 6160 \Device\Harddisk0\DR0: 19:37:39.0641 6160 MBR partitions: 19:37:39.0641 6160 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x15C3000 19:37:39.0641 6160 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x15D7000, BlocksNum 0x7312F000 19:37:39.0641 6160 ============================================================ 19:37:39.0682 6160 C: <-> \Device\Harddisk0\DR0\Partition1 19:37:39.0682 6160 ============================================================ 19:37:39.0682 6160 Initialize success 19:37:39.0682 6160 ============================================================ 19:37:54.0784 8080 ============================================================ 19:37:54.0784 8080 Scan started 19:37:54.0784 8080 Mode: Manual; 19:37:54.0784 8080 ============================================================ 19:37:56.0315 8080 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 19:37:56.0317 8080 1394ohci - ok 19:37:56.0356 8080 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 19:37:56.0361 8080 ACPI - ok 19:37:56.0399 8080 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 19:37:56.0400 8080 AcpiPmi - ok 19:37:56.0613 8080 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 19:37:56.0614 8080 AdobeARMservice - ok 19:37:56.0751 8080 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 19:37:56.0757 8080 AdobeFlashPlayerUpdateSvc - ok 19:37:56.0797 8080 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 19:37:56.0803 8080 adp94xx - ok 19:37:56.0828 8080 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 19:37:56.0834 8080 adpahci - ok 19:37:56.0842 8080 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 19:37:56.0844 8080 adpu320 - ok 19:37:56.0867 8080 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 19:37:56.0869 8080 AeLookupSvc - ok 19:37:56.0914 8080 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 19:37:56.0918 8080 AFD - ok 19:37:57.0004 8080 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 19:37:57.0006 8080 agp440 - ok 19:37:57.0302 8080 Akamai (29584f02a43e427c4227e3b1d9ff1b22) c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll 19:37:57.0302 8080 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22 19:37:57.0306 8080 Akamai ( HiddenFile.Multi.Generic ) - warning 19:37:57.0306 8080 Akamai - detected HiddenFile.Multi.Generic (1) 19:37:57.0484 8080 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 19:37:57.0487 8080 ALG - ok 19:37:57.0677 8080 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 19:37:57.0678 8080 aliide - ok 19:37:57.0735 8080 AMD External Events Utility (3dc106c903c1bd42e2acc3d5deff9367) C:\Windows\system32\atiesrxx.exe 19:37:57.0737 8080 AMD External Events Utility - ok 19:37:57.0757 8080 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 19:37:57.0788 8080 amdide - ok 19:37:57.0822 8080 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 19:37:57.0823 8080 AmdK8 - ok 19:37:58.0158 8080 amdkmdag (bbab5b28253fe0fc7255d8775ba05c1d) C:\Windows\system32\DRIVERS\atikmdag.sys 19:37:58.0258 8080 amdkmdag - ok 19:37:58.0321 8080 amdkmdap (cba35ff4092b91e105d93ed11a0250b6) C:\Windows\system32\DRIVERS\atikmpag.sys 19:37:58.0326 8080 amdkmdap - ok 19:37:58.0339 8080 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 19:37:58.0341 8080 AmdPPM - ok 19:37:58.0401 8080 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 19:37:58.0404 8080 amdsata - ok 19:37:58.0437 8080 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 19:37:58.0441 8080 amdsbs - ok 19:37:58.0454 8080 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 19:37:58.0455 8080 amdxata - ok 19:37:58.0553 8080 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 19:37:58.0556 8080 AppID - ok 19:37:58.0579 8080 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 19:37:58.0579 8080 AppIDSvc - ok 19:37:58.0609 8080 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 19:37:58.0611 8080 Appinfo - ok 19:37:58.0687 8080 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:37:58.0689 8080 Apple Mobile Device - ok 19:37:58.0714 8080 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 19:37:58.0717 8080 arc - ok 19:37:58.0732 8080 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 19:37:58.0734 8080 arcsas - ok 19:37:58.0817 8080 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 19:37:58.0820 8080 aspnet_state - ok 19:37:58.0867 8080 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys 19:37:58.0867 8080 aswFsBlk - ok 19:37:58.0928 8080 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys 19:37:58.0929 8080 aswMonFlt - ok 19:37:58.0967 8080 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys 19:37:58.0968 8080 aswRdr - ok 19:37:59.0014 8080 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys 19:37:59.0026 8080 aswSnx - ok 19:37:59.0070 8080 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys 19:37:59.0074 8080 aswSP - ok 19:37:59.0117 8080 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys 19:37:59.0118 8080 aswTdi - ok 19:37:59.0131 8080 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 19:37:59.0133 8080 AsyncMac - ok 19:37:59.0157 8080 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 19:37:59.0158 8080 atapi - ok 19:37:59.0207 8080 AtiHdmiService (77c149e6d702737b2e372dee166faef8) C:\Windows\system32\drivers\AtiHdmi.sys 19:37:59.0209 8080 AtiHdmiService - ok 19:37:59.0310 8080 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 19:37:59.0317 8080 AudioEndpointBuilder - ok 19:37:59.0324 8080 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 19:37:59.0328 8080 AudioSrv - ok 19:37:59.0412 8080 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe 19:37:59.0413 8080 avast! Antivirus - ok 19:37:59.0457 8080 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 19:37:59.0460 8080 AxInstSV - ok 19:37:59.0517 8080 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 19:37:59.0524 8080 b06bdrv - ok 19:37:59.0618 8080 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 19:37:59.0622 8080 b57nd60a - ok 19:37:59.0650 8080 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 19:37:59.0652 8080 BDESVC - ok 19:37:59.0662 8080 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 19:37:59.0664 8080 Beep - ok 19:37:59.0715 8080 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 19:37:59.0726 8080 BFE - ok 19:37:59.0788 8080 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll 19:37:59.0834 8080 BITS - ok 19:37:59.0858 8080 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 19:37:59.0859 8080 blbdrive - ok 19:37:59.0969 8080 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe 19:37:59.0973 8080 Bonjour Service - ok 19:37:59.0999 8080 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 19:38:00.0000 8080 bowser - ok 19:38:00.0012 8080 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 19:38:00.0014 8080 BrFiltLo - ok 19:38:00.0017 8080 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 19:38:00.0018 8080 BrFiltUp - ok 19:38:00.0047 8080 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 19:38:00.0049 8080 BridgeMP - ok 19:38:00.0110 8080 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 19:38:00.0114 8080 Browser - ok 19:38:00.0136 8080 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 19:38:00.0142 8080 Brserid - ok 19:38:00.0169 8080 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 19:38:00.0172 8080 BrSerWdm - ok 19:38:00.0179 8080 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 19:38:00.0180 8080 BrUsbMdm - ok 19:38:00.0183 8080 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 19:38:00.0184 8080 BrUsbSer - ok 19:38:00.0270 8080 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 19:38:00.0273 8080 BTHMODEM - ok 19:38:00.0336 8080 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 19:38:00.0338 8080 bthserv - ok 19:38:00.0501 8080 catchme - ok 19:38:00.0516 8080 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 19:38:00.0518 8080 cdfs - ok 19:38:00.0540 8080 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 19:38:00.0542 8080 cdrom - ok 19:38:00.0628 8080 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 19:38:00.0629 8080 CertPropSvc - ok 19:38:00.0641 8080 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 19:38:00.0643 8080 circlass - ok 19:38:00.0727 8080 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 19:38:00.0738 8080 CLFS - ok 19:38:00.0900 8080 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:38:00.0903 8080 clr_optimization_v2.0.50727_32 - ok 19:38:01.0001 8080 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 19:38:01.0003 8080 clr_optimization_v2.0.50727_64 - ok 19:38:01.0128 8080 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 19:38:01.0152 8080 clr_optimization_v4.0.30319_32 - ok 19:38:01.0268 8080 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 19:38:01.0290 8080 clr_optimization_v4.0.30319_64 - ok 19:38:01.0339 8080 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 19:38:01.0360 8080 CmBatt - ok 19:38:01.0393 8080 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 19:38:01.0433 8080 cmdide - ok 19:38:01.0529 8080 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 19:38:01.0534 8080 CNG - ok 19:38:01.0573 8080 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 19:38:01.0613 8080 Compbatt - ok 19:38:01.0633 8080 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 19:38:01.0634 8080 CompositeBus - ok 19:38:01.0649 8080 COMSysApp - ok 19:38:01.0686 8080 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 19:38:01.0688 8080 crcdisk - ok 19:38:01.0722 8080 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 19:38:01.0724 8080 CryptSvc - ok 19:38:01.0761 8080 CYUSB (8ec96b753727b380089d66d4ab5869df) C:\Windows\system32\Drivers\CYUSB.sys 19:38:01.0762 8080 CYUSB - ok 19:38:01.0796 8080 danewFltr (003626f7ca17c204f16cd5047af0703a) C:\Windows\system32\drivers\danew.sys 19:38:01.0827 8080 danewFltr - ok 19:38:01.0909 8080 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 19:38:01.0917 8080 DcomLaunch - ok 19:38:02.0045 8080 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 19:38:02.0056 8080 defragsvc - ok 19:38:02.0105 8080 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 19:38:02.0107 8080 DfsC - ok 19:38:02.0264 8080 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 19:38:02.0269 8080 Dhcp - ok 19:38:02.0298 8080 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 19:38:02.0299 8080 discache - ok 19:38:02.0324 8080 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 19:38:02.0325 8080 Disk - ok 19:38:02.0368 8080 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 19:38:02.0372 8080 Dnscache - ok 19:38:02.0419 8080 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 19:38:02.0424 8080 dot3svc - ok 19:38:02.0458 8080 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 19:38:02.0463 8080 DPS - ok 19:38:02.0492 8080 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 19:38:02.0493 8080 drmkaud - ok 19:38:02.0560 8080 dtsoftbus01 (821bf177a24172f5f0ee9b322f58516c) C:\Windows\system32\DRIVERS\dtsoftbus01.sys 19:38:02.0563 8080 dtsoftbus01 - ok 19:38:02.0613 8080 dump_wmimmc - ok 19:38:02.0786 8080 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 19:38:02.0801 8080 DXGKrnl - ok 19:38:02.0804 8080 EagleX64 - ok 19:38:02.0854 8080 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 19:38:02.0857 8080 EapHost - ok 19:38:03.0035 8080 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 19:38:03.0088 8080 ebdrv - ok 19:38:03.0856 8080 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 19:38:03.0858 8080 EFS - ok 19:38:03.0915 8080 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 19:38:03.0921 8080 ehRecvr - ok 19:38:03.0946 8080 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 19:38:03.0947 8080 ehSched - ok 19:38:04.0140 8080 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 19:38:04.0146 8080 elxstor - ok 19:38:04.0171 8080 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 19:38:04.0172 8080 ErrDev - ok 19:38:04.0232 8080 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 19:38:04.0237 8080 EventSystem - ok 19:38:04.0283 8080 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 19:38:04.0285 8080 exfat - ok 19:38:04.0335 8080 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 19:38:04.0340 8080 fastfat - ok 19:38:04.0409 8080 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 19:38:04.0420 8080 Fax - ok 19:38:04.0492 8080 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 19:38:04.0500 8080 fdc - ok 19:38:04.0519 8080 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 19:38:04.0522 8080 fdPHost - ok 19:38:04.0553 8080 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 19:38:04.0556 8080 FDResPub - ok 19:38:04.0568 8080 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 19:38:04.0569 8080 FileInfo - ok 19:38:04.0581 8080 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 19:38:04.0582 8080 Filetrace - ok 19:38:04.0708 8080 FLEXnet Licensing Service (8669be94f63944e4f899c3950b520241) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 19:38:04.0721 8080 FLEXnet Licensing Service - ok 19:38:04.0795 8080 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 19:38:04.0798 8080 flpydisk - ok 19:38:04.0889 8080 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 19:38:04.0892 8080 FltMgr - ok 19:38:05.0040 8080 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 19:38:05.0087 8080 FontCache - ok 19:38:05.0207 8080 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:38:05.0209 8080 FontCache3.0.0.0 - ok 19:38:05.0244 8080 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 19:38:05.0246 8080 FsDepends - ok 19:38:05.0271 8080 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 19:38:05.0273 8080 Fs_Rec - ok 19:38:05.0297 8080 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 19:38:05.0299 8080 fvevol - ok 19:38:05.0368 8080 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 19:38:05.0371 8080 gagp30kx - ok 19:38:05.0428 8080 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 19:38:05.0431 8080 GEARAspiWDM - ok 19:38:05.0530 8080 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe 19:38:05.0532 8080 GoToAssist - ok 19:38:05.0585 8080 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 19:38:05.0598 8080 gpsvc - ok 19:38:05.0627 8080 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 19:38:05.0628 8080 hcw85cir - ok 19:38:05.0671 8080 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 19:38:05.0673 8080 HDAudBus - ok 19:38:05.0698 8080 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 19:38:05.0700 8080 HECIx64 - ok 19:38:05.0712 8080 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 19:38:05.0714 8080 HidBatt - ok 19:38:05.0719 8080 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 19:38:05.0721 8080 HidBth - ok 19:38:05.0726 8080 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 19:38:05.0729 8080 HidIr - ok 19:38:05.0754 8080 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 19:38:05.0755 8080 hidserv - ok 19:38:05.0779 8080 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 19:38:05.0781 8080 HidUsb - ok 19:38:05.0835 8080 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 19:38:05.0840 8080 hkmsvc - ok 19:38:05.0939 8080 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 19:38:05.0950 8080 HomeGroupListener - ok 19:38:05.0972 8080 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 19:38:05.0976 8080 HomeGroupProvider - ok 19:38:06.0045 8080 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 19:38:06.0051 8080 HpSAMD - ok 19:38:06.0217 8080 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 19:38:06.0232 8080 HTTP - ok 19:38:06.0243 8080 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 19:38:06.0243 8080 hwpolicy - ok 19:38:06.0297 8080 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 19:38:06.0298 8080 i8042prt - ok 19:38:06.0437 8080 iaStor (631fa8935163b01fc0c02966cb3adb92) C:\Windows\system32\DRIVERS\iaStor.sys 19:38:06.0443 8080 iaStor - ok 19:38:06.0569 8080 IAStorDataMgrSvc (7493ea4de41348f7d3edbf9db298f56a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 19:38:06.0570 8080 IAStorDataMgrSvc - ok 19:38:06.0645 8080 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 19:38:06.0653 8080 iaStorV - ok 19:38:06.0816 8080 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 19:38:06.0849 8080 idsvc - ok 19:38:06.0886 8080 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 19:38:06.0888 8080 iirsp - ok 19:38:07.0026 8080 IJPLMSVC (f82bc30bb2b608af8b5540cdbaea93a6) C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 19:38:07.0028 8080 IJPLMSVC - ok 19:38:07.0114 8080 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 19:38:07.0129 8080 IKEEXT - ok 19:38:07.0346 8080 IntcAzAudAddService (ee64207f2f5c20bfe5f73db2566c4601) C:\Windows\system32\drivers\RTKVHD64.sys 19:38:07.0391 8080 IntcAzAudAddService - ok 19:38:07.0624 8080 IntcDAud (49072edbc5c2f964917d1b585c90ed0a) C:\Windows\system32\DRIVERS\IntcDAud.sys 19:38:07.0629 8080 IntcDAud - ok 19:38:07.0701 8080 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 19:38:07.0709 8080 intelide - ok 19:38:07.0767 8080 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 19:38:07.0768 8080 intelppm - ok 19:38:07.0835 8080 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 19:38:07.0839 8080 IPBusEnum - ok 19:38:07.0917 8080 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 19:38:07.0923 8080 IpFilterDriver - ok 19:38:08.0018 8080 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 19:38:08.0031 8080 iphlpsvc - ok 19:38:08.0100 8080 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 19:38:08.0102 8080 IPMIDRV - ok 19:38:08.0123 8080 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 19:38:08.0126 8080 IPNAT - ok 19:38:08.0227 8080 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe 19:38:08.0238 8080 iPod Service - ok 19:38:08.0252 8080 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 19:38:08.0253 8080 IRENUM - ok 19:38:08.0276 8080 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 19:38:08.0278 8080 isapnp - ok 19:38:08.0301 8080 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 19:38:08.0305 8080 iScsiPrt - ok 19:38:08.0337 8080 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys 19:38:08.0341 8080 k57nd60a - ok 19:38:08.0406 8080 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 19:38:08.0408 8080 kbdclass - ok 19:38:08.0495 8080 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 19:38:08.0498 8080 kbdhid - ok 19:38:08.0536 8080 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:38:08.0540 8080 KeyIso - ok 19:38:08.0597 8080 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 19:38:08.0599 8080 KSecDD - ok 19:38:08.0655 8080 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 19:38:08.0658 8080 KSecPkg - ok 19:38:08.0675 8080 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 19:38:08.0677 8080 ksthunk - ok 19:38:08.0708 8080 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 19:38:08.0716 8080 KtmRm - ok 19:38:08.0771 8080 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 19:38:08.0777 8080 LanmanServer - ok 19:38:08.0810 8080 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 19:38:08.0816 8080 LanmanWorkstation - ok 19:38:08.0861 8080 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 19:38:08.0863 8080 lltdio - ok 19:38:08.0896 8080 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 19:38:08.0902 8080 lltdsvc - ok 19:38:08.0920 8080 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 19:38:08.0924 8080 lmhosts - ok 19:38:08.0941 8080 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 19:38:08.0943 8080 LSI_FC - ok 19:38:08.0950 8080 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 19:38:08.0951 8080 LSI_SAS - ok 19:38:08.0957 8080 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 19:38:08.0958 8080 LSI_SAS2 - ok 19:38:09.0013 8080 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 19:38:09.0016 8080 LSI_SCSI - ok 19:38:09.0124 8080 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 19:38:09.0127 8080 luafv - ok 19:38:09.0186 8080 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 19:38:09.0192 8080 Mcx2Svc - ok 19:38:09.0198 8080 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 19:38:09.0200 8080 megasas - ok 19:38:09.0327 8080 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 19:38:09.0334 8080 MegaSR - ok 19:38:09.0351 8080 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:38:09.0357 8080 MMCSS - ok 19:38:09.0403 8080 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 19:38:09.0405 8080 Modem - ok 19:38:09.0422 8080 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 19:38:09.0422 8080 monitor - ok 19:38:09.0510 8080 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 19:38:09.0513 8080 mouclass - ok 19:38:09.0598 8080 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 19:38:09.0600 8080 mouhid - ok 19:38:09.0702 8080 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 19:38:09.0703 8080 mountmgr - ok 19:38:09.0879 8080 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 19:38:09.0883 8080 MozillaMaintenance - ok 19:38:10.0005 8080 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 19:38:10.0009 8080 mpio - ok 19:38:10.0116 8080 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 19:38:10.0119 8080 mpsdrv - ok 19:38:10.0223 8080 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 19:38:10.0235 8080 MpsSvc - ok 19:38:10.0355 8080 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 19:38:10.0368 8080 MRxDAV - ok 19:38:10.0462 8080 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 19:38:10.0467 8080 mrxsmb - ok 19:38:10.0566 8080 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 19:38:10.0576 8080 mrxsmb10 - ok 19:38:10.0623 8080 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 19:38:10.0626 8080 mrxsmb20 - ok 19:38:10.0700 8080 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 19:38:10.0702 8080 msahci - ok 19:38:10.0729 8080 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 19:38:10.0733 8080 msdsm - ok 19:38:10.0771 8080 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 19:38:10.0777 8080 MSDTC - ok 19:38:10.0810 8080 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 19:38:10.0811 8080 Msfs - ok 19:38:10.0828 8080 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 19:38:10.0830 8080 mshidkmdf - ok 19:38:10.0854 8080 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 19:38:10.0855 8080 msisadrv - ok 19:38:10.0892 8080 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 19:38:10.0895 8080 MSiSCSI - ok 19:38:10.0897 8080 msiserver - ok 19:38:10.0908 8080 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 19:38:10.0909 8080 MSKSSRV - ok 19:38:10.0926 8080 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 19:38:10.0931 8080 MSPCLOCK - ok 19:38:10.0961 8080 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 19:38:10.0964 8080 MSPQM - ok 19:38:11.0010 8080 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 19:38:11.0015 8080 MsRPC - ok 19:38:11.0058 8080 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 19:38:11.0059 8080 mssmbios - ok 19:38:11.0075 8080 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 19:38:11.0077 8080 MSTEE - ok 19:38:11.0093 8080 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 19:38:11.0094 8080 MTConfig - ok 19:38:11.0105 8080 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 19:38:11.0106 8080 Mup - ok 19:38:11.0153 8080 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 19:38:11.0159 8080 napagent - ok 19:38:11.0194 8080 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 19:38:11.0197 8080 NativeWifiP - ok 19:38:11.0246 8080 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 19:38:11.0253 8080 NDIS - ok 19:38:11.0283 8080 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 19:38:11.0284 8080 NdisCap - ok 19:38:11.0303 8080 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 19:38:11.0304 8080 NdisTapi - ok 19:38:11.0333 8080 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 19:38:11.0335 8080 Ndisuio - ok 19:38:11.0365 8080 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 19:38:11.0367 8080 NdisWan - ok 19:38:11.0419 8080 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 19:38:11.0420 8080 NDProxy - ok 19:38:11.0440 8080 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 19:38:11.0441 8080 NetBIOS - ok 19:38:11.0465 8080 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 19:38:11.0468 8080 NetBT - ok 19:38:11.0515 8080 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:38:11.0519 8080 Netlogon - ok 19:38:11.0561 8080 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 19:38:11.0566 8080 Netman - ok 19:38:11.0755 8080 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:38:11.0758 8080 NetMsmqActivator - ok 19:38:11.0761 8080 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:38:11.0762 8080 NetPipeActivator - ok 19:38:11.0788 8080 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 19:38:11.0794 8080 netprofm - ok 19:38:11.0797 8080 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:38:11.0798 8080 NetTcpActivator - ok 19:38:11.0801 8080 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:38:11.0802 8080 NetTcpPortSharing - ok 19:38:11.0857 8080 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 19:38:11.0860 8080 nfrd960 - ok 19:38:11.0920 8080 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 19:38:11.0929 8080 NlaSvc - ok 19:38:11.0997 8080 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 19:38:11.0999 8080 Npfs - ok 19:38:12.0003 8080 npggsvc - ok 19:38:12.0012 8080 NPPTNT2 - ok 19:38:12.0059 8080 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 19:38:12.0064 8080 nsi - ok 19:38:12.0081 8080 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 19:38:12.0083 8080 nsiproxy - ok 19:38:12.0232 8080 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 19:38:12.0287 8080 Ntfs - ok 19:38:12.0823 8080 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 19:38:12.0824 8080 Null - ok 19:38:12.0869 8080 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 19:38:12.0874 8080 nvraid - ok 19:38:12.0905 8080 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 19:38:12.0908 8080 nvstor - ok 19:38:12.0965 8080 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 19:38:12.0968 8080 nv_agp - ok 19:38:13.0126 8080 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 19:38:13.0133 8080 odserv - ok 19:38:13.0189 8080 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 19:38:13.0192 8080 ohci1394 - ok 19:38:13.0218 8080 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:38:13.0222 8080 ose - ok 19:38:13.0332 8080 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:38:13.0337 8080 ose64 - ok 19:38:13.0745 8080 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 19:38:13.0836 8080 osppsvc - ok 19:38:14.0704 8080 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:38:14.0712 8080 p2pimsvc - ok 19:38:14.0759 8080 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 19:38:14.0770 8080 p2psvc - ok 19:38:14.0804 8080 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 19:38:14.0805 8080 Parport - ok 19:38:14.0833 8080 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 19:38:14.0836 8080 partmgr - ok 19:38:14.0855 8080 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 19:38:14.0862 8080 PcaSvc - ok 19:38:14.0946 8080 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms 19:38:14.0972 8080 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok 19:38:15.0007 8080 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 19:38:15.0010 8080 pci - ok 19:38:15.0036 8080 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 19:38:15.0038 8080 pciide - ok 19:38:15.0065 8080 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 19:38:15.0068 8080 pcmcia - ok 19:38:15.0091 8080 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 19:38:15.0093 8080 pcw - ok 19:38:15.0132 8080 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 19:38:15.0142 8080 PEAUTH - ok 19:38:15.0215 8080 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 19:38:15.0219 8080 PerfHost - ok 19:38:15.0955 8080 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 19:38:15.0977 8080 pla - ok 19:38:16.0081 8080 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 19:38:16.0092 8080 PlugPlay - ok 19:38:16.0128 8080 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 19:38:16.0131 8080 PNRPAutoReg - ok 19:38:16.0152 8080 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 19:38:16.0160 8080 PNRPsvc - ok 19:38:16.0251 8080 Point64 (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys 19:38:16.0253 8080 Point64 - ok 19:38:16.0296 8080 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 19:38:16.0305 8080 PolicyAgent - ok 19:38:16.0349 8080 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 19:38:16.0357 8080 Power - ok 19:38:16.0383 8080 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 19:38:16.0386 8080 PptpMiniport - ok 19:38:16.0412 8080 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 19:38:16.0414 8080 Processor - ok 19:38:16.0449 8080 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 19:38:16.0456 8080 ProfSvc - ok 19:38:16.0477 8080 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:38:16.0481 8080 ProtectedStorage - ok 19:38:16.0517 8080 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 19:38:16.0519 8080 Psched - ok 19:38:16.0555 8080 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 19:38:16.0557 8080 PxHlpa64 - ok 19:38:16.0638 8080 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 19:38:16.0664 8080 ql2300 - ok 19:38:17.0125 8080 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 19:38:17.0128 8080 ql40xx - ok 19:38:17.0162 8080 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 19:38:17.0166 8080 QWAVE - ok 19:38:17.0177 8080 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 19:38:17.0178 8080 QWAVEdrv - ok 19:38:17.0190 8080 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 19:38:17.0191 8080 RasAcd - ok 19:38:17.0221 8080 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 19:38:17.0222 8080 RasAgileVpn - ok 19:38:17.0231 8080 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 19:38:17.0234 8080 RasAuto - ok 19:38:17.0257 8080 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 19:38:17.0259 8080 Rasl2tp - ok 19:38:17.0291 8080 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 19:38:17.0296 8080 RasMan - ok 19:38:17.0313 8080 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 19:38:17.0315 8080 RasPppoe - ok 19:38:17.0324 8080 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 19:38:17.0325 8080 RasSstp - ok 19:38:17.0353 8080 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 19:38:17.0356 8080 rdbss - ok 19:38:17.0370 8080 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 19:38:17.0372 8080 rdpbus - ok 19:38:17.0393 8080 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 19:38:17.0393 8080 RDPCDD - ok 19:38:17.0407 8080 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 19:38:17.0408 8080 RDPENCDD - ok 19:38:17.0415 8080 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 19:38:17.0415 8080 RDPREFMP - ok 19:38:17.0442 8080 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 19:38:17.0444 8080 RDPWD - ok 19:38:17.0477 8080 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 19:38:17.0479 8080 rdyboost - ok 19:38:17.0487 8080 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 19:38:17.0490 8080 RemoteAccess - ok 19:38:17.0548 8080 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 19:38:17.0552 8080 RemoteRegistry - ok 19:38:17.0611 8080 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 19:38:17.0617 8080 RpcEptMapper - ok 19:38:17.0628 8080 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 19:38:17.0632 8080 RpcLocator - ok 19:38:17.0676 8080 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 19:38:17.0685 8080 RpcSs - ok 19:38:17.0698 8080 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 19:38:17.0699 8080 rspndr - ok 19:38:17.0763 8080 RUDWDRVHcQB - ok 19:38:17.0825 8080 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:38:17.0828 8080 SamSs - ok 19:38:17.0857 8080 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 19:38:17.0860 8080 sbp2port - ok 19:38:17.0903 8080 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 19:38:17.0910 8080 SCardSvr - ok 19:38:17.0937 8080 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 19:38:17.0940 8080 scfilter - ok 19:38:18.0074 8080 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 19:38:18.0090 8080 Schedule - ok 19:38:18.0193 8080 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 19:38:18.0195 8080 SCPolicySvc - ok 19:38:18.0224 8080 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 19:38:18.0227 8080 SDRSVC - ok 19:38:18.0282 8080 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 19:38:18.0284 8080 secdrv - ok 19:38:18.0311 8080 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 19:38:18.0314 8080 seclogon - ok 19:38:18.0332 8080 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 19:38:18.0335 8080 SENS - ok 19:38:18.0349 8080 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 19:38:18.0352 8080 SensrSvc - ok 19:38:18.0372 8080 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 19:38:18.0373 8080 Serenum - ok 19:38:18.0380 8080 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 19:38:18.0382 8080 Serial - ok 19:38:18.0409 8080 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 19:38:18.0411 8080 sermouse - ok 19:38:18.0445 8080 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 19:38:18.0452 8080 SessionEnv - ok 19:38:18.0475 8080 SessionLauncher - ok 19:38:18.0501 8080 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 19:38:18.0503 8080 sffdisk - ok 19:38:18.0515 8080 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 19:38:18.0516 8080 sffp_mmc - ok 19:38:18.0526 8080 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 19:38:18.0527 8080 sffp_sd - ok 19:38:18.0545 8080 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 19:38:18.0548 8080 sfloppy - ok 19:38:18.0609 8080 SftService (e1974a92ac0914a3859359a0a8c82c68) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE 19:38:18.0615 8080 SftService - ok 19:38:18.0642 8080 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 19:38:18.0646 8080 SharedAccess - ok 19:38:18.0684 8080 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 19:38:18.0689 8080 ShellHWDetection - ok 19:38:18.0724 8080 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 19:38:18.0725 8080 SiSRaid2 - ok 19:38:18.0743 8080 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 19:38:18.0745 8080 SiSRaid4 - ok 19:38:18.0916 8080 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 19:38:18.0969 8080 Skype C2C Service - ok 19:38:19.0034 8080 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe 19:38:19.0037 8080 SkypeUpdate - ok 19:38:19.0096 8080 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 19:38:19.0099 8080 Smb - ok 19:38:19.0190 8080 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 19:38:19.0196 8080 SNMPTRAP - ok 19:38:19.0222 8080 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 19:38:19.0224 8080 spldr - ok 19:38:19.0273 8080 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 19:38:19.0286 8080 Spooler - ok 19:38:19.0486 8080 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 19:38:19.0647 8080 sppsvc - ok 19:38:20.0662 8080 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 19:38:20.0667 8080 sppuinotify - ok 19:38:20.0706 8080 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 19:38:20.0710 8080 srv - ok 19:38:20.0739 8080 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 19:38:20.0743 8080 srv2 - ok 19:38:20.0764 8080 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 19:38:20.0766 8080 srvnet - ok 19:38:20.0793 8080 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 19:38:20.0797 8080 SSDPSRV - ok 19:38:20.0807 8080 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 19:38:20.0810 8080 SstpSvc - ok 19:38:20.0846 8080 Steam Client Service - ok 19:38:20.0856 8080 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 19:38:20.0857 8080 stexstor - ok 19:38:20.0896 8080 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 19:38:20.0903 8080 stisvc - ok 19:38:20.0939 8080 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 19:38:20.0941 8080 swenum - ok 19:38:20.0978 8080 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 19:38:20.0988 8080 swprv - ok 19:38:21.0133 8080 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 19:38:21.0194 8080 SysMain - ok 19:38:22.0343 8080 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 19:38:22.0349 8080 TabletInputService - ok 19:38:22.0426 8080 taphss (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys 19:38:22.0428 8080 taphss - ok 19:38:22.0469 8080 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 19:38:22.0479 8080 TapiSrv - ok 19:38:22.0509 8080 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 19:38:22.0512 8080 TBS - ok 19:38:22.0610 8080 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 19:38:22.0678 8080 Tcpip - ok 19:38:23.0098 8080 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 19:38:23.0105 8080 TCPIP6 - ok 19:38:23.0437 8080 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 19:38:23.0439 8080 tcpipreg - ok 19:38:23.0469 8080 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 19:38:23.0473 8080 TDPIPE - ok 19:38:23.0491 8080 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 19:38:23.0493 8080 TDTCP - ok 19:38:23.0565 8080 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 19:38:23.0568 8080 tdx - ok 19:38:23.0828 8080 TeamViewer7 (a4d2ce94b028ef1e437cf4ac3d8ff26c) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe 19:38:23.0864 8080 TeamViewer7 - ok 19:38:25.0173 8080 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 19:38:25.0174 8080 TermDD - ok 19:38:25.0222 8080 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 19:38:25.0229 8080 TermService - ok 19:38:25.0275 8080 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 19:38:25.0279 8080 Themes - ok 19:38:25.0310 8080 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 19:38:25.0314 8080 THREADORDER - ok 19:38:25.0353 8080 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 19:38:25.0357 8080 TrkWks - ok 19:38:25.0395 8080 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 19:38:25.0399 8080 TrustedInstaller - ok 19:38:25.0434 8080 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 19:38:25.0435 8080 tssecsrv - ok 19:38:25.0501 8080 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 19:38:25.0504 8080 TsUsbFlt - ok 19:38:25.0537 8080 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 19:38:25.0540 8080 tunnel - ok 19:38:25.0567 8080 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 19:38:25.0571 8080 uagp35 - ok 19:38:25.0605 8080 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 19:38:25.0610 8080 udfs - ok 19:38:25.0633 8080 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 19:38:25.0639 8080 UI0Detect - ok 19:38:25.0669 8080 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 19:38:25.0671 8080 uliagpkx - ok 19:38:25.0694 8080 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 19:38:25.0696 8080 umbus - ok 19:38:25.0701 8080 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 19:38:25.0703 8080 UmPass - ok 19:38:25.0730 8080 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 19:38:25.0740 8080 upnphost - ok 19:38:25.0796 8080 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys 19:38:25.0800 8080 USBAAPL64 - ok 19:38:25.0837 8080 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys 19:38:25.0839 8080 usbaudio - ok 19:38:25.0885 8080 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 19:38:25.0887 8080 usbccgp - ok 19:38:25.0968 8080 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 19:38:25.0971 8080 usbcir - ok 19:38:26.0000 8080 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 19:38:26.0005 8080 usbehci - ok 19:38:26.0194 8080 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 19:38:26.0197 8080 usbhub - ok 19:38:26.0288 8080 usbio (5c4219c10b5887dff85e1d2779aed55b) C:\Windows\system32\Drivers\dsiarhwprog_x64.sys 19:38:26.0290 8080 usbio - ok 19:38:26.0305 8080 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 19:38:26.0307 8080 usbohci - ok 19:38:26.0365 8080 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 19:38:26.0367 8080 usbprint - ok 19:38:26.0430 8080 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 19:38:26.0434 8080 usbscan - ok 19:38:26.0495 8080 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS 19:38:26.0498 8080 USBSTOR - ok 19:38:26.0521 8080 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 19:38:26.0522 8080 usbuhci - ok 19:38:26.0598 8080 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 19:38:26.0604 8080 UxSms - ok 19:38:26.0615 8080 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 19:38:26.0619 8080 VaultSvc - ok 19:38:26.0679 8080 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 19:38:26.0682 8080 vdrvroot - ok 19:38:26.0774 8080 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 19:38:26.0786 8080 vds - ok 19:38:26.0853 8080 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 19:38:26.0855 8080 vga - ok 19:38:26.0871 8080 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 19:38:26.0873 8080 VgaSave - ok 19:38:26.0946 8080 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 19:38:26.0950 8080 vhdmp - ok 19:38:27.0011 8080 vhidmini (1161acff728d97f75d74d2f1465f8a46) C:\Windows\system32\DRIVERS\vHidDev.sys 19:38:27.0016 8080 vhidmini - ok 19:38:27.0050 8080 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 19:38:27.0052 8080 viaide - ok 19:38:27.0108 8080 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 19:38:27.0110 8080 volmgr - ok 19:38:27.0201 8080 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 19:38:27.0207 8080 volmgrx - ok 19:38:27.0266 8080 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 19:38:27.0271 8080 volsnap - ok 19:38:27.0336 8080 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 19:38:27.0350 8080 vsmraid - ok 19:38:27.0537 8080 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 19:38:27.0584 8080 VSS - ok 19:38:28.0925 8080 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys 19:38:28.0927 8080 vwifibus - ok 19:38:28.0977 8080 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 19:38:28.0986 8080 W32Time - ok 19:38:29.0017 8080 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 19:38:29.0018 8080 WacomPen - ok 19:38:29.0085 8080 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 19:38:29.0087 8080 WANARP - ok 19:38:29.0091 8080 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 19:38:29.0092 8080 Wanarpv6 - ok 19:38:29.0155 8080 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 19:38:29.0175 8080 WatAdminSvc - ok 19:38:29.0238 8080 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 19:38:29.0266 8080 wbengine - ok 19:38:30.0528 8080 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 19:38:30.0536 8080 WbioSrvc - ok 19:38:30.0636 8080 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 19:38:30.0647 8080 wcncsvc - ok 19:38:30.0669 8080 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 19:38:30.0673 8080 WcsPlugInService - ok 19:38:30.0735 8080 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 19:38:30.0737 8080 Wd - ok 19:38:30.0798 8080 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 19:38:30.0807 8080 Wdf01000 - ok 19:38:30.0815 8080 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:38:30.0818 8080 WdiServiceHost - ok 19:38:30.0820 8080 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 19:38:30.0823 8080 WdiSystemHost - ok 19:38:30.0886 8080 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 19:38:30.0895 8080 WebClient - ok 19:38:30.0942 8080 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 19:38:30.0947 8080 Wecsvc - ok 19:38:30.0958 8080 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 19:38:30.0961 8080 wercplsupport - ok 19:38:30.0987 8080 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 19:38:30.0990 8080 WerSvc - ok 19:38:31.0033 8080 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 19:38:31.0035 8080 WfpLwf - ok 19:38:31.0090 8080 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys 19:38:31.0094 8080 WimFltr - ok 19:38:31.0114 8080 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 19:38:31.0115 8080 WIMMount - ok 19:38:31.0182 8080 WinDefend - ok 19:38:31.0190 8080 WinHttpAutoProxySvc - ok 19:38:31.0223 8080 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 19:38:31.0226 8080 Winmgmt - ok 19:38:31.0316 8080 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 19:38:31.0359 8080 WinRM - ok 19:38:32.0754 8080 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 19:38:32.0757 8080 WinUsb - ok 19:38:32.0827 8080 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 19:38:32.0838 8080 Wlansvc - ok 19:38:32.0880 8080 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 19:38:32.0881 8080 WmiAcpi - ok 19:38:32.0961 8080 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 19:38:32.0965 8080 wmiApSrv - ok 19:38:33.0003 8080 WMPNetworkSvc - ok 19:38:33.0046 8080 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 19:38:33.0050 8080 WPCSvc - ok 19:38:33.0089 8080 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 19:38:33.0094 8080 WPDBusEnum - ok 19:38:33.0146 8080 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 19:38:33.0148 8080 ws2ifsl - ok 19:38:33.0181 8080 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 19:38:33.0185 8080 wscsvc - ok 19:38:33.0187 8080 WSearch - ok 19:38:33.0403 8080 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 19:38:33.0435 8080 wuauserv - ok 19:38:35.0279 8080 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 19:38:35.0283 8080 WudfPf - ok 19:38:35.0305 8080 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 19:38:35.0308 8080 WUDFRd - ok 19:38:35.0338 8080 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 19:38:35.0342 8080 wudfsvc - ok 19:38:35.0365 8080 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 19:38:35.0429 8080 WwanSvc - ok 19:38:35.0531 8080 X6va005 - ok 19:38:35.0615 8080 X6va008 - ok 19:38:35.0621 8080 xsherlock - ok 19:38:35.0636 8080 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0 19:38:35.0829 8080 \Device\Harddisk0\DR0 - ok 19:38:35.0832 8080 Boot (0x1200) (bc9a11633259728740939cf0e71a0b4a) \Device\Harddisk0\DR0\Partition0 19:38:35.0833 8080 \Device\Harddisk0\DR0\Partition0 - ok 19:38:35.0858 8080 Boot (0x1200) (49a3865dff989b9ba35ece3357abcccc) \Device\Harddisk0\DR0\Partition1 19:38:35.0861 8080 \Device\Harddisk0\DR0\Partition1 - ok 19:38:35.0862 8080 ============================================================ 19:38:35.0862 8080 Scan finished 19:38:35.0862 8080 ============================================================ 19:38:35.0870 7472 Detected object count: 1 19:38:35.0870 7472 Actual detected object count: 1 19:39:14.0686 7472 c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll - copied to quarantine 19:39:14.0741 7472 HKLM\SYSTEM\ControlSet001\services\Akamai - will be deleted on reboot 19:39:14.0763 7472 HKLM\SYSTEM\ControlSet002\services\Akamai - will be deleted on reboot 19:39:14.0936 7472 c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll - will be deleted on reboot 19:39:14.0936 7472 Akamai ( HiddenFile.Multi.Generic ) - User select action: Delete 19:43:16.0757 1356 Deinitialize success
-
Did you want both the DDS and the 'attach' or.. bleh. I'll do both. [Malwarebytes Quick Scan] Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.07.17.12 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 troyswi :: STEVESWI-PC [administrator] 7/17/2012 2:19:58 PM mbam-log-2012-07-17 (14-19-58).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 324400 Time elapsed: 5 minute(s), 24 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|25922 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\mshiiai.com -> Delete on reboot. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) [DDS] . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by troyswi at 14:27:48 on 2012-07-17 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8151.4827 [GMT -4:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\system32\atieclxx.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\SysWOW64\svchost.exe -k Akamai C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Users\troyswi\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Rainmeter\Rainmeter.exe C:\Users\troyswi\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\splwow64.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Xfire\Xfire.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Last.fm\LastFM.exe C:\Program Files (x86)\Ventrilo\Ventrilo.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Xfire\Xfire.exe C:\Program Files (x86)\Xfire\xfire64.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Windows\system32\wuauclt.exe C:\Windows\notepad.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local;<local> BHO: {05560ADF-7B25-40FF-B408-3F6E6F512EB4} - No File BHO: Dell Toolbar: {09b71986-2ac5-482d-b6cb-42ea34f4f85b} - C:\Program Files\Dell Printable Web\toolband.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB: Dell Toolbar: {09b71986-2ac5-482d-b6cb-42ea34f4f85b} - C:\Program Files\Dell Printable Web\toolband.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File EB: {A310506F-6BA4-48C4-8887-1F462277AA12} - No File uRun: [Akamai NetSession Interface] "C:\Users\troyswi\AppData\Local\Akamai\netsession_win.exe" uRun: [DW7] "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe" mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [ATICustomerCare] "c:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" mRun: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript mExplorerRun: [25922] C:\PROGRA~3\LOCALS~1\Temp\mshiiai.com StartupFolder: C:\Users\troyswi\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe StartupFolder: C:\Users\troyswi\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: SoftwareSASGeneration = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 IE: {0483894E-2422-45E0-8384-021AFF1AF3CD} - {0483894E-2422-45E0-8384-021AFF1AF3CD} IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} - hxxp://bgweb.nowcdn.co.kr/Bin/DownStarter2.cab DPF: {93C449FA-ECFB-402F-A8C7-37E4F8D60E49} - hxxp://dl.pmang.com/common/pmangctl/pmangax.cab DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} - hxxp://www.netgame.com/mplugin/mglaunch_USAv1005.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76 TCP: Interfaces\{684D61C6-AFC2-4E9E-A94E-3ECE0EB26783} : DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL BHO-X64: {05560ADF-7B25-40FF-B408-3F6E6F512EB4} - No File BHO-X64: Dell Toolbar: {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB-X64: Dell Toolbar: {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Program Files\Dell Printable Web\toolband.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File EB-X64: {A310506F-6BA4-48C4-8887-1F462277AA12} - No File mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe mRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r mRun-x64: [updReg] C:\Windows\UpdReg.EXE mRun-x64: [ATICustomerCare] "c:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" mRun-x64: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe" mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: keyword.URL - hxxp://www.google.com/search?hl=en-GB&q= FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 64848 FF - prefs.js: network.proxy.type - 0 FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\troyswi\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: network.protocol-handler.warn-external.dnupdate - false FF - user.js: network.protocol-handler.warn-external.dnupdate - false . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928] R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-7-10 44808] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-30 13336] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-8-30 689472] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-6-19 3048136] R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-5-26 2666880] R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-31 250056] S3 CYUSB;Cypress Generic USB Driver;C:\Windows\system32\Drivers\CYUSB.sys --> C:\Windows\system32\Drivers\CYUSB.sys [?] S3 danewFltr;NewDeathAdder Mouse;C:\Windows\system32\drivers\danew.sys --> C:\Windows\system32\drivers\danew.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-27 113120] S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2012-4-10 25072] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 xsherlock;xsherlock;C:\Windows\System32\xsherlock.xem [2012-7-6 665696] . =============== Created Last 30 ================ . 2012-07-17 13:15:49 -------- d-----w- C:\Windows\System32\SPReview 2012-07-17 13:13:51 -------- d-----w- C:\Windows\System32\EventProviders 2012-07-16 15:03:47 -------- d-----w- C:\Program Files (x86)\ESET 2012-07-12 20:17:28 -------- dcsh--w- C:\$RECYCLE.BIN 2012-07-12 19:53:59 -------- dc----w- C:\ComboFix 2012-07-12 17:57:18 -------- d-----w- C:\Program Files (x86)\Oracle 2012-07-12 17:56:23 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-07-12 07:06:09 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 10:19:01 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-07-11 10:19:00 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll 2012-07-11 10:19:00 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2012-07-11 10:19:00 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-07-11 10:19:00 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-07-11 10:19:00 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-07-06 19:54:19 665696 ----a-w- C:\Windows\SysWow64\xsherlock.xem 2012-06-29 11:24:03 18912 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll 2012-06-29 11:24:02 85472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll 2012-06-29 11:24:02 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll 2012-06-29 11:24:02 117728 ----a-w- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe 2012-06-29 11:24:00 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll 2012-06-26 15:34:54 -------- d-----w- C:\Users\troyswi\AppData\Local\Aeria Games 2012-06-26 15:34:34 -------- d-----w- C:\ProgramData\Aeria Games 2012-06-26 15:29:27 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin 2012-06-26 15:29:27 -------- d-----w- C:\Program Files (x86)\Aeria Games 2012-06-25 23:43:03 -------- d-----w- C:\Users\troyswi\AppData\Roaming\Rainmeter 2012-06-25 21:19:45 -------- dc----w- C:\Program Files\Rainmeter 2012-06-21 16:51:02 -------- d-----w- C:\Users\troyswi\AppData\Local\Macromedia 2012-06-21 11:36:38 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-21 11:36:25 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-21 11:36:14 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-21 11:36:14 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-19 21:35:14 4967624 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll 2012-06-19 15:32:13 -------- d-----w- C:\Users\troyswi\AppData\Local\Chromium 2012-06-19 15:32:08 -------- d-----w- C:\Users\troyswi\AppData\Local\Arktos 2012-06-19 15:01:13 -------- d-----w- C:\Program Files (x86)\War Inc Battlezone 2012-06-18 15:48:34 -------- d-----w- C:\Program Files (x86)\Tiancity . ==================== Find3M ==================== . 2012-07-17 13:28:28 175616 ----a-w- C:\Windows\System32\msclmd.dll 2012-07-17 13:28:28 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll 2012-07-11 19:07:11 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-11 19:07:11 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-06 19:30:18 417448 ----a-w- C:\Windows\SysWow64\PMangAX0.dll 2012-07-03 17:46:44 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-07-03 16:21:52 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2012-07-03 16:21:52 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2012-07-03 16:21:52 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2012-07-03 16:21:32 41224 ----a-w- C:\Windows\avastSS.scr 2012-06-06 06:02:54 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 11:57:08 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 08:16:52 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-04 23:29:16 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-04 07:04:00 2174976 ----a-w- C:\Program Files (x86)\Common Files\atimpenc.dll 2012-05-03 02:54:46 42392 ----a-w- C:\Windows\SysWow64\xfcodec.dll 2012-05-03 02:54:46 28056 ----a-w- C:\Windows\System32\xfcodec64.dll 2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-25 21:56:04 6908648 ----a-w- C:\Windows\SysWow64\SpoonUninstall.exe 2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll . ============= FINISH: 14:31:14.63 =============== [Attach] . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 9/7/2010 7:49:11 PM System Uptime: 7/17/2012 2:15:45 PM (0 hours ago) . Motherboard: Dell Inc. | | 0G3HR7 Processor: Intel® Core i7 CPU 860 @ 2.80GHz | CPU 1 | 2801/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 921 GiB total, 392.788 GiB free. D: is CDROM () E: is Removable F: is Removable G: is Removable H: is Removable I: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP202: 7/17/2012 9:15:37 AM - Windows 7 Service Pack 1 RP203: 7/17/2012 2:04:50 PM - Removed Adobe Reader 9.4.7. . ==== Installed Programs ====================== . . Update for Microsoft Office 2007 (KB2508958) ·ç±©Õ½çøTF 4Media iPod to PC Transfer 4Videosoft MKV Video Converter A.V.A ABBYY FineReader 6.0 Sprint Action Replay DSi Code Manager Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) Adobe Shockwave Player 11.6 Aeria Ignite AIM 7 Aimersoft DVD to MP4 Converter(Build 2.2.0.27) Akamai NetSession Interface Akamai NetSession Interface Service Amazon MP3 Downloader 1.0.15 Anti-phishing Domain Advisor Apple Application Support Apple Software Update ATI Catalyst Control Center ATI Catalyst Registration avast! Free Antivirus Call of Duty: Modern Warfare 2 - Multiplayer Call of Duty: Modern Warfare 3 Call of Duty: Modern Warfare 3 - Dedicated Server Call of Duty: Modern Warfare 3 - Multiplayer Canon Easy-PhotoPrint EX Canon Inkjet Printer/Scanner/Fax Extended Survey Program Canon MP Navigator EX 4.1 Canon MX410 series User Registration Canon Solution Menu EX Canon Speed Dial Utility Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Cisco Connect Consumer In-Home Service Agreement Counter-Strike: Source Cross Fire En DAEMON Tools Pro dBpoweramp Music Converter Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Dock Dell Getting Started Guide Dell Toolbar DirectXInstallService Download Updater (AOL LLC) ESET Online Scanner v3 Fraps (remove only) Game Booster 3 Google Chrome GoToAssist 8.0.0.514 Intel® Control Center Intel® Rapid Storage Technology Java Auto Updater Java 7 Update 5 JavaFX 2.1.1 Junk Mail filter update Last.fm 1.5.4.27091 Malwarebytes Anti-Malware version 1.62.0.1300 Microsoft Choice Guard Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 13.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK Multimedia Card Reader Mumble 1.2.3 NVIDIA PhysX v8.10.29 QuickTime Rainmeter REACTOR Realtek High Definition Audio Driver Revo Uninstaller 1.92 Safari Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Skins Skype Click to Call Skype™ 5.8 Soldier Front Special Force SpecialForce Spybot - Search & Destroy Steam swMSM System Requirements Lab CYRI Team Fortress 2 TeamViewer 7 The Weather Channel App THX TruStudio PC Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Ventrilo Client Vuze Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer Xfire (remove only) . ==== Event Viewer Messages From Past Week ======== . 7/17/2012 2:21:42 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. 7/17/2012 2:17:45 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 7/17/2012 2:17:45 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535 7/17/2012 2:17:45 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801. 7/17/2012 2:16:17 PM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the file specified. 7/17/2012 2:02:16 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: D@01010004 7/17/2012 12:21:47 PM, Error: Service Control Manager [7000] - The NPPTNT2 service failed to start due to the following error: The system cannot find the file specified. 7/13/2012 10:50:20 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioSrv service. 7/12/2012 4:11:04 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 7/12/2012 4:06:01 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 7/12/2012 3:53:04 PM, Error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s). 7/12/2012 3:53:04 PM, Error: Service Control Manager [7031] - The Akamai NetSession Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. 7/12/2012 2:01:28 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect. 7/12/2012 2:01:28 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/11/2012 11:49:53 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service. 7/11/2012 11:49:53 PM, Error: Service Control Manager [7000] - The IP Helper service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. . ==== End Of File ===========================
-
[ESET Online Scanner] ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=e3778748677c154685b00feb2f891a79 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-07-16 06:05:26 # local_time=2012-07-16 02:05:26 (-0500, Eastern Daylight Time) # country="United States" # lang=1033 # osver=6.1.7600 NT # compatibility_mode=5893 16776574 100 94 32335665 93994753 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=320172 # found=134 # cleaned=134 # scan_time=10623 C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{0772bda2-530f-42b7-9717-fb7bd7d5026b}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{0772bda2-530f-42b7-9717-fb7bd7d5026b}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{0823b41f-9676-431a-b2e7-4d360a7b743d}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{0823b41f-9676-431a-b2e7-4d360a7b743d}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{1ab7b2f2-034e-4cfd-aba2-4f5f2878f831}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{1ab7b2f2-034e-4cfd-aba2-4f5f2878f831}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{1dda916b-a2f7-4c9f-a773-dfe5adb23c88}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{1dda916b-a2f7-4c9f-a773-dfe5adb23c88}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{40271a83-fe52-42c9-875b-5aa69ffec208}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{40271a83-fe52-42c9-875b-5aa69ffec208}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{4636f24c-e3f1-4390-87e2-02ba08372da5}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{4636f24c-e3f1-4390-87e2-02ba08372da5}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{4f55d6e9-4cf3-403b-8a77-20413087e102}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{4f55d6e9-4cf3-403b-8a77-20413087e102}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{4fbf8087-30c4-46f6-97e9-d56b8795e341}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{4fbf8087-30c4-46f6-97e9-d56b8795e341}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{6b36e3c7-6f23-4017-b302-04187ec1b696}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{6b36e3c7-6f23-4017-b302-04187ec1b696}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{747fd0e4-ec3c-4356-9960-10e2f4a63739}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{747fd0e4-ec3c-4356-9960-10e2f4a63739}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{77c2c07a-9d90-481d-92ea-84c4f59e4841}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{77c2c07a-9d90-481d-92ea-84c4f59e4841}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{7c926b72-a3c2-4747-a0e3-04b82b926203}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{7c926b72-a3c2-4747-a0e3-04b82b926203}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{907f6615-ca17-4a2e-b168-874b3da349f9}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{907f6615-ca17-4a2e-b168-874b3da349f9}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{a7148e08-9dcc-430c-a305-e8f7b8c0ded5}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{a7148e08-9dcc-430c-a305-e8f7b8c0ded5}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{aaed32ad-1e47-4745-8b74-773216ecc790}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{aaed32ad-1e47-4745-8b74-773216ecc790}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{b4d6a01a-4879-4c28-8a4a-4e244fe73384}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{b4d6a01a-4879-4c28-8a4a-4e244fe73384}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{c014d80a-b4ed-42ca-ac38-a0160cb5066a}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{c014d80a-b4ed-42ca-ac38-a0160cb5066a}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{df28687c-9a39-4e15-854f-af3247fc7fd8}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{df28687c-9a39-4e15-854f-af3247fc7fd8}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{e6b52706-93b9-473f-90fd-3cfb0e53dd4e}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{e6b52706-93b9-473f-90fd-3cfb0e53dd4e}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{eb4dbe48-31c6-41f7-8c39-722171be23ef}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{eb4dbe48-31c6-41f7-8c39-722171be23ef}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{facca4a5-2dc8-4aad-8f8f-5d9ee93d66b9}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steffiswi\AppData\Roaming\Mozilla\Firefox\Profiles\m53ewzf2.default\extensions\{facca4a5-2dc8-4aad-8f8f-5d9ee93d66b9}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{0772bda2-530f-42b7-9717-fb7bd7d5026b}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{0772bda2-530f-42b7-9717-fb7bd7d5026b}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{0823b41f-9676-431a-b2e7-4d360a7b743d}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{0823b41f-9676-431a-b2e7-4d360a7b743d}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{1ab7b2f2-034e-4cfd-aba2-4f5f2878f831}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{1ab7b2f2-034e-4cfd-aba2-4f5f2878f831}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{1dda916b-a2f7-4c9f-a773-dfe5adb23c88}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{1dda916b-a2f7-4c9f-a773-dfe5adb23c88}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{40271a83-fe52-42c9-875b-5aa69ffec208}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{40271a83-fe52-42c9-875b-5aa69ffec208}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{4636f24c-e3f1-4390-87e2-02ba08372da5}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{4636f24c-e3f1-4390-87e2-02ba08372da5}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{4f55d6e9-4cf3-403b-8a77-20413087e102}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{4f55d6e9-4cf3-403b-8a77-20413087e102}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{4fbf8087-30c4-46f6-97e9-d56b8795e341}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{4fbf8087-30c4-46f6-97e9-d56b8795e341}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{6b36e3c7-6f23-4017-b302-04187ec1b696}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{6b36e3c7-6f23-4017-b302-04187ec1b696}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{747fd0e4-ec3c-4356-9960-10e2f4a63739}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{747fd0e4-ec3c-4356-9960-10e2f4a63739}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{77c2c07a-9d90-481d-92ea-84c4f59e4841}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{77c2c07a-9d90-481d-92ea-84c4f59e4841}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{7c926b72-a3c2-4747-a0e3-04b82b926203}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{7c926b72-a3c2-4747-a0e3-04b82b926203}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{907f6615-ca17-4a2e-b168-874b3da349f9}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{907f6615-ca17-4a2e-b168-874b3da349f9}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{a7148e08-9dcc-430c-a305-e8f7b8c0ded5}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{a7148e08-9dcc-430c-a305-e8f7b8c0ded5}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{aaed32ad-1e47-4745-8b74-773216ecc790}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{aaed32ad-1e47-4745-8b74-773216ecc790}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{b4d6a01a-4879-4c28-8a4a-4e244fe73384}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{b4d6a01a-4879-4c28-8a4a-4e244fe73384}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{c014d80a-b4ed-42ca-ac38-a0160cb5066a}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{c014d80a-b4ed-42ca-ac38-a0160cb5066a}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{df28687c-9a39-4e15-854f-af3247fc7fd8}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{df28687c-9a39-4e15-854f-af3247fc7fd8}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{e6b52706-93b9-473f-90fd-3cfb0e53dd4e}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{e6b52706-93b9-473f-90fd-3cfb0e53dd4e}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{eb4dbe48-31c6-41f7-8c39-722171be23ef}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{eb4dbe48-31c6-41f7-8c39-722171be23ef}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{facca4a5-2dc8-4aad-8f8f-5d9ee93d66b9}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\steveswi\AppData\Roaming\Mozilla\Firefox\Profiles\au5x8lco.default\extensions\{facca4a5-2dc8-4aad-8f8f-5d9ee93d66b9}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{0772bda2-530f-42b7-9717-fb7bd7d5026b}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{0772bda2-530f-42b7-9717-fb7bd7d5026b}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{0823b41f-9676-431a-b2e7-4d360a7b743d}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{0823b41f-9676-431a-b2e7-4d360a7b743d}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{1ab7b2f2-034e-4cfd-aba2-4f5f2878f831}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{1ab7b2f2-034e-4cfd-aba2-4f5f2878f831}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{1dda916b-a2f7-4c9f-a773-dfe5adb23c88}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{1dda916b-a2f7-4c9f-a773-dfe5adb23c88}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{40271a83-fe52-42c9-875b-5aa69ffec208}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{40271a83-fe52-42c9-875b-5aa69ffec208}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{4636f24c-e3f1-4390-87e2-02ba08372da5}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{4636f24c-e3f1-4390-87e2-02ba08372da5}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{4f55d6e9-4cf3-403b-8a77-20413087e102}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{4f55d6e9-4cf3-403b-8a77-20413087e102}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{4fbf8087-30c4-46f6-97e9-d56b8795e341}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{4fbf8087-30c4-46f6-97e9-d56b8795e341}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{6b36e3c7-6f23-4017-b302-04187ec1b696}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{6b36e3c7-6f23-4017-b302-04187ec1b696}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{747fd0e4-ec3c-4356-9960-10e2f4a63739}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{747fd0e4-ec3c-4356-9960-10e2f4a63739}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{77c2c07a-9d90-481d-92ea-84c4f59e4841}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{77c2c07a-9d90-481d-92ea-84c4f59e4841}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{7c926b72-a3c2-4747-a0e3-04b82b926203}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{7c926b72-a3c2-4747-a0e3-04b82b926203}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{907f6615-ca17-4a2e-b168-874b3da349f9}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{907f6615-ca17-4a2e-b168-874b3da349f9}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{a7148e08-9dcc-430c-a305-e8f7b8c0ded5}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{a7148e08-9dcc-430c-a305-e8f7b8c0ded5}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{aaed32ad-1e47-4745-8b74-773216ecc790}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{aaed32ad-1e47-4745-8b74-773216ecc790}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{b4d6a01a-4879-4c28-8a4a-4e244fe73384}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{b4d6a01a-4879-4c28-8a4a-4e244fe73384}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{c014d80a-b4ed-42ca-ac38-a0160cb5066a}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{c014d80a-b4ed-42ca-ac38-a0160cb5066a}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{df28687c-9a39-4e15-854f-af3247fc7fd8}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{df28687c-9a39-4e15-854f-af3247fc7fd8}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{e6b52706-93b9-473f-90fd-3cfb0e53dd4e}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{e6b52706-93b9-473f-90fd-3cfb0e53dd4e}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{eb4dbe48-31c6-41f7-8c39-722171be23ef}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{eb4dbe48-31c6-41f7-8c39-722171be23ef}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{facca4a5-2dc8-4aad-8f8f-5d9ee93d66b9}\chrome.manifest.vir Win32/TrojanDownloader.Tracur.F trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Users\troyswi\AppData\Roaming\Mozilla\Firefox\Profiles\mps0nv2i.default\extensions\{facca4a5-2dc8-4aad-8f8f-5d9ee93d66b9}\chrome\xulcache.jar.vir JS/Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\steffiswi\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29\1b0b81d-1188b67e a variant of Java/TrojanDownloader.Agent.NDJ trojan (deleted - quarantined) 00000000000000000000000000000000 C C:\Users\troyswi\Documents\CheatEngine61.exe multiple threats (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\troyswi\Documents\epicbot_520.exe a variant of Win32/InstallIQ application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\troyswi\Documents\installer-for-macro-recorder.exe probably a variant of MSIL/Agent.NGQ trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\troyswi\Documents\Downloads\freeripmp3-setup.exe a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Users\troyswi\Documents\Downloads\gb3-setup.exe a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C [Your Checkup] Results of screen317's Security Check version 0.99.42 Windows 7 x64 (UAC is disabled!) Out of date service pack!! Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.62.0.1300 JavaFX 2.1.1 Java 7 Update 5 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (13.0.1) Google Chrome 20.0.1132.47 Google Chrome 20.0.1132.57 ````````Process Check: objlist.exe by Laurent```````` AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 6% ````````````````````End of Log`````````````````````` -- My system appears to be functioning well. However, the infection I have does not seem to be doing anything that would slow down my computer's performance. After another quick scan with Malwarebytes, the infection remains. (I can give you the log, but it's basically the same as one of the earlier ones you requested).