TechSpot

[Closed] Firefox and TrojanDownloader.FraudLoad.NAC trojan

By 1wraith1
Feb 24, 2012
  1. Hello,

    The last few days when using Firefox and (most probably) Google's sites, ESET Smart Security 5 and Malwarebytes Anti-Malware intercepts the following trojan:

    ESET Smart Security 5:
    24/2/2012 12:17:14 πμ HTTP filter archive http://www2.bestptholder.net.tf/xty...W1NDN05dmdJtdmJnt59DJmKe03c+UnprS25dVnXyXlLGS HTML/TrojanDownloader.FraudLoad.NAC trojan connection terminated - quarantined psygeio\Θεωρητικώς Φυσικός Threat was detected upon access to web by the application: C:\Program Files (x86)\Aurora\firefox.exe.

    Malwarebytes Anti-Malware:
    2012/02/24 23:37:11 +0200 PSYGEIO Θεωρητικώς Φυσικός IP-BLOCK 79.133.196.104 (Type: outgoing, Port: 52222, Process: firefox.exe)

    Following are the logs according to the 5 steps.

    Thanks for your help!

    P.S. Due to a national holiday I may not be able to answer untill Monday 27/2.

    Malwarebytes Anti-Malware (Trial) 1.60.1.1000
    www.malwarebytes.org

    Database version: v2012.02.23.05

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Θεωρητικώς Φυσικός :: PSYGEIO [administrator]

    Protection: Enabled

    24/2/2012 11:32:35 μμ
    mbam-log-2012-02-24 (23-32-35).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 271119
    Time elapsed: 5 minute(s), 42 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)


    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-02-24 23:13:20
    Windows 6.1.7601 Service Pack 1
    Running: tgoy3uqh.exe


    ---- Registry - GMER 1.0.15 ----

    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001167716dcb
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001167716dcb@30694b2f2717 0x5D 0xC4 0x22 0xF9 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x10 0x93 0x95 0xA6 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001167716dcb (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001167716dcb@30694b2f2717 0x5D 0xC4 0x22 0xF9 ...
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x10 0x93 0x95 0xA6 ...

    ---- EOF - GMER 1.0.15 ----


    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
    Run by Θεωρητικώς Φυσικός at 23:23:19 on 2012-02-24
    Microsoft Windows 7 Professional 6.1.7601.1.1253.30.1033.18.4087.1585 [GMT 2:00]
    .
    AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
    SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
    C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
    C:\Windows\SysWOW64\XSrvSetup.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files (x86)\Common Files\Mediafour\iPod\M4iPodWPDService.exe
    C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
    C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE
    C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe
    C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
    C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
    C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
    C:\Windows\SysWOW64\vmnat.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Windows\SysWOW64\vmnetdhcp.exe
    C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Windows\system32\svchost.exe -k WindowsMobile
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Windows\WindowsMobile\wmdc.exe
    C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe
    C:\Program Files\Mediafour\XPlay 3\XPlay.exe
    C:\Program Files\Logitech\SetPointP\SetPoint.exe
    C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
    C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
    C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe
    C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
    C:\Windows\SysWOW64\Ctxfihlp.exe
    C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Windows\SysWOW64\CTXFISPI.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\notepad.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Θεωρητικώς Φυσικός\Desktop\dds.scr
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\SysWOW64\cscript.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.gr/
    uInternet Settings,ProxyOverride = *.local
    mWinlogon: Userinit=userinit.exe,
    BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [Google Update] "C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    uRun: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
    uRun: [WLSync] C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe /background
    uRun: [011004DFE4DB614BF6A0C2585926100B3190CE98._service_run] "C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Google\Chrome\Application\chrome.exe" --type=service
    uRun: [<NO NAME>]
    mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
    mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    mRun: [CTxfiHlp] CTXFIHLP.EXE
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [<NO NAME>]
    mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    mRun: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
    mRun: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
    mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    StartupFolder: C:\Users\8F72~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Θεωρητικώς Φυσικός\AppData\Roaming\Dropbox\bin\Dropbox.exe
    StartupFolder: C:\Users\8F72~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe
    StartupFolder: C:\Users\8F72~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LIMEWI~1.LNK - C:\Program Files (x86)\LimeWire\LimeWire.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AVERHI~1.LNK - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\AVERQU~1.LNK - C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Add to Evernote 4.0 - C:\Users\Θεωρητικώς Φυσικός\AppData\Local\Apps\Evernote\Evernote\EvernoteIE.dll/204
    IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: E&ξαγωγή στο Microsoft Excel - C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
    IE: Απ&οστολή στο OneNote - C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    LSP: %SystemRoot%\system32\vsocklib.dll
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
    DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} - hxxp://mobileapps.blackberry.com/devicesoftware/AxLoader.cab
    DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
    TCP: DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{4513784B-B413-4714-B369-6457A8383590} : DhcpNameServer = 192.168.2.1
    TCP: Interfaces\{C5155F9F-E308-4F85-96FB-5115D7378BBB} : DhcpNameServer = 192.168.2.1
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
    BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    BHO-X64: SmartSelect - No File
    TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
    TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
    mRun-x64: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
    mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
    mRun-x64: [CTxfiHlp] CTXFIHLP.EXE
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [(Default)]
    mRun-x64: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
    mRun-x64: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
    mRun-x64: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
    mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
    mRun-x64: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
    mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Users\‡œΰ¨ž«*΅ι ”¬©*΅ζ\AppData\Local\Apps\Evernote\Evernote\EvernoteIE.dll/204
    SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Θεωρητικώς Φυσικός\AppData\Roaming\Mozilla\Firefox\Profiles\2zowhpek.default\
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys --> C:\Windows\system32\DRIVERS\epfwwfp.sys [?]
    R0 MDFSYSNT;MacDrive file system driver;C:\Windows\system32\drivers\MDFSYSNT.sys --> C:\Windows\system32\drivers\MDFSYSNT.sys [?]
    R0 MDPMGRNT;MacDrive Partition Driver;C:\Windows\system32\DRIVERS\MDPMGRNT.SYS --> C:\Windows\system32\DRIVERS\MDPMGRNT.SYS [?]
    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
    R1 AppleCharger;AppleCharger;C:\Windows\system32\DRIVERS\AppleCharger.sys --> C:\Windows\system32\DRIVERS\AppleCharger.sys [?]
    R1 CBDisk;CBDisk;\??\C:\Windows\system32\drivers\CBDisk.sys --> C:\Windows\system32\drivers\CBDisk.sys [?]
    R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\system32\DRIVERS\EpfwLWF.sys --> C:\Windows\system32\DRIVERS\EpfwLWF.sys [?]
    R2 AVerRemote;AVerRemote;C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2011-3-9 344064]
    R2 AVerScheduleService;AVerScheduleService;C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2011-3-9 405504]
    R2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?]
    R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-9-22 974944]
    R2 JMB36X;JMB36X;C:\Windows\SysWOW64\XSrvSetup.exe [2010-11-21 72304]
    R2 LVPrcS64;Process Monitor;C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-7 191000]
    R2 M4iPodWPDService;M4iPodWPDService;C:\Program Files (x86)\Common Files\Mediafour\iPod\M4iPodWPDService.exe [2010-11-15 211968]
    R2 M4LIC;Mediafour M4LIC service;C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE [2009-7-29 205312]
    R2 MacDrive8Service;MacDrive 8 service;C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe [2010-5-4 218112]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-24 652360]
    R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2009-12-8 5009920]
    R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
    R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2011-8-21 846448]
    R3 AVerBDA6x_x64;AVerMedia SAA716x BDA Service;C:\Windows\system32\DRIVERS\AVerBDA716x_x64.sys --> C:\Windows\system32\DRIVERS\AVerBDA716x_x64.sys [?]
    R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
    R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
    R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
    R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\system32\DRIVERS\LEqdUsb.Sys --> C:\Windows\system32\DRIVERS\LEqdUsb.Sys [?]
    R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\system32\DRIVERS\LHidEqd.Sys --> C:\Windows\system32\DRIVERS\LHidEqd.Sys [?]
    R3 LVPr2M64;Logitech LVPr2M64 Driver;C:\Windows\system32\DRIVERS\LVPr2M64.sys --> C:\Windows\system32\DRIVERS\LVPr2M64.sys [?]
    R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]
    R3 LVUVC64;Logitech QuickCam E3500(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 RSUSBCCID;Realtek Smartcard Reader Driver;C:\Windows\System32\drivers\RtsUCcid.sys [2010-12-19 50176]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-12-19 222720]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 EauthSrv;ESET Zone Authentication Service;C:\Program Files (x86)\ESET\ESET Authentication Server\EHttpSrv.exe [2010-4-1 33560]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-23 136176]
    S2 MySQL2;MySQL2;"C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld" --defaults-file="C:\Program Files\MySQL\MySQL Server 5.1\my.ini" MySQL2 --> C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld [?]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-1-31 158856]
    S2 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2011-8-22 11837440]
    S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
    S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-5-11 79360]
    S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-5-11 79360]
    S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]
    S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]
    S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]
    S3 gupdatem;Υπηρεσία Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-23 136176]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
    S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
    S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2012-02-24 21:23:23 -------- d-----w- C:\Users\?ί?±ύΪώΆ?? ?Ϋ?ώΆ??\AppData\Local\Microsoft
    2012-02-24 19:47:19 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AD8CDE5C-7250-4DA0-AA61-0AE13C39DE1F}\offreg.dll
    2012-02-24 19:35:39 -------- d-----w- C:\Program Files (x86)\Bigasoft
    2012-02-24 19:10:33 8643640 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AD8CDE5C-7250-4DA0-AA61-0AE13C39DE1F}\mpengine.dll
    2012-02-23 22:18:00 -------- d-----w- C:\Users\Θεωρητικώς Φυσικός\AppData\Roaming\Malwarebytes
    2012-02-23 22:17:55 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-02-23 22:17:54 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2012-02-23 22:17:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-02-14 20:29:55 515584 ----a-w- C:\Windows\System32\timedate.cpl
    2012-02-14 20:29:55 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
    2012-02-14 20:29:41 509952 ----a-w- C:\Windows\System32\ntshrui.dll
    2012-02-14 20:29:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
    2012-02-14 20:29:29 634880 ----a-w- C:\Windows\System32\msvcrt.dll
    2012-02-14 20:29:28 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
    2012-02-14 20:28:54 3145728 ----a-w- C:\Windows\System32\win32k.sys
    2012-02-14 20:28:50 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
    2012-01-26 15:09:12 -------- d-----w- C:\Program Files\iPod
    2012-01-26 15:09:11 -------- d-----w- C:\Program Files\iTunes
    2012-01-26 15:09:11 -------- d-----w- C:\Program Files (x86)\iTunes
    .
    ==================== Find3M ====================
    .
    2012-02-21 17:37:09 101680 ----a-w- C:\Windows\System32\stkMonitor.dll
    2012-02-19 09:49:47 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-01-29 03:10:42 279656 ------w- C:\Windows\System32\MpSigStub.exe
    2011-12-17 18:19:26 1002728 ----a-w- C:\Windows\System32\WinUSBCoInstaller2.dll
    2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
    2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
    2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
    2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-12-02 20:27:19 627600 ----a-w- C:\Windows\System32\deployJava1.dll
    2011-01-21 21:12:34 8192 --sha-w- C:\Windows\SysWOW64\srvany.exe
    .
    ============= FINISH: 23:24:24,24 ===============


    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Professional
    Boot Device: \Device\HarddiskVolume8
    Install Date: 11/5/2010 4:30:15 πμ
    System Uptime: 24/2/2012 9:00:52 μμ (2 hours ago)
    .
    Motherboard: Gigabyte Technology Co., Ltd. | | P55-UD3L
    Processor: Intel(R) Core(TM) i5 CPU 760 @ 2.80GHz | Socket 1156 | 2394/133mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 368 GiB total, 64,189 GiB free.
    D: is FIXED (NTFS) - 932 GiB total, 12,71 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID:
    Description: pcouffin device ...
    Device ID: ROOT\PCOUFFIN\0000
    Manufacturer:
    Name: pcouffin device ...
    PNP Device ID: ROOT\PCOUFFIN\0000
    Service:
    .
    ==== System Restore Points ===================
    .
    RP428: 23/2/2012 - Scheduled Checkpoint
    RP429: 23/2/2012 2:30:33 πμ - Windows Update
    .
    ==== Installed Programs ======================
    .
    @BIOS
    µTorrent
    abgx360 v1.0.4
    Adobe Acrobat X Pro - English, Franηais, Deutsch
    Adobe AIR
    Adobe Community Help
    Adobe Content Viewer
    Adobe Creative Suite 5.5 Master Collection
    Adobe Download Assistant
    Adobe Media Player
    Adobe Shockwave Player 11.6
    Adobe Story
    Adobe Widget Browser
    Advanced PDF Password Recovery
    Amazon Kindle For PC
    Amazon Send to Kindle
    Android SDK Tools
    Apple Application Support
    Apple Software Update
    AVer Media Center
    AVS Document Converter 2.1.2
    AVS Update Manager 1.0
    AVS4YOU Software Navigator 1.4
    Bigasoft Audio Converter 3.6.7.4419
    BlackBerry App World Browser Plugin
    BlackBerry Desktop Software 6.1
    BlackBerry Device Software Updater
    BlackBerry Device Software v6.0.0 for the BlackBerry 9700 smartphone
    BlackBerry Theme Studio 6.0
    Blogg-X
    calibre
    Canon My Printer
    cGPSmapper Free 0100d
    Command & Conquer Tiberian Sun
    Creative ALchemy
    Creative Audio Control Panel
    Creative Console Launcher
    Creative MediaSource 5
    Creative Software AutoUpdate
    Creative Sound Blaster Properties x64 Edition
    Creative WaveStudio 7
    D3DX10
    Dropbox
    Dual-Core Optimizer
    DVDFab 8.0.0.5 (25/08/2010)
    eReg
    ESET Authentication Server
    EVEREST Ultimate Edition v5.50
    Evernote v. 4.5.3
    Facebook Plug-In
    FBReader for Windows
    Feedback Tool
    FileZilla Client 3.4.0
    Garmin HomePort
    Garmin MapSource
    Garmin USB Drivers
    Gigabyte Raid Configurer
    GmapTool 0.4.8
    GMATPrep(TM)
    Google Books Downloader version 1.6
    Google Chrome
    Google Earth
    Google Talk Plugin
    Google Update Helper
    GSAK 7.7.3.53 (Final)
    GTK2-Runtime
    Guitar Pro 6
    ImgBurn
    Java Auto Updater
    Java(TM) 6 Update 20
    Java(TM) 6 Update 22
    Java(TM) 6 Update 29
    LibreOffice 3.3
    LibreOffice 3.3 Help Pack (Greek)
    LimeWire 5.5.14
    Lizardtech DjVu Control
    Lunascape6 (All Users)
    Malwarebytes Anti-Malware version 1.60.1.1000
    Media Go
    Media Go Video Playback Engine 1.32.107.05130
    Microsoft Flight Simulator X
    Microsoft Flight Simulator X Service Pack 1
    Microsoft Office Live Add-in 1.5
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Microsoft_VC100_CRT_SP1_x86
    Microsoft_VC80_ATL_x86
    Microsoft_VC80_CRT_x86
    Microsoft_VC80_MFC_x86
    Microsoft_VC80_MFCLOC_x86
    Microsoft_VC90_ATL_x86
    Microsoft_VC90_CRT_x86
    Microsoft_VC90_MFC_x86
    Microsoft_VC90_MFCLOC_x86
    Mozilla Firefox 11.0 (x86 en-US)
    Mozilla Thunderbird (3.1.4)
    Mp3tag v2.49b
    MSVC80_x86_v2
    MSVC90_x86
    MSVCRT
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    MySQL Workbench 5.2 CE
    Native Instruments Controller Editor
    Native Instruments Service Center
    Native Instruments Traktor
    Nero Burning ROM 10
    Nero BurningROM 10 Help (CHM)
    Nero BurnRights 10
    Nero BurnRights 10 Help (CHM)
    Nero Control Center 10
    Nero ControlCenter 10 Help (CHM)
    Nero Core Components 10
    Nokia Connectivity Cable Driver
    Nokia Suite
    NVIDIA PhysX
    NVIDIA Stereoscopic 3D Driver
    ON_OFF Charge B11.0110.1
    OpenAL
    OpenOffice.org 3.3
    OpenVPN 2.1.4
    Opera 11.52
    Outlook Setup Tool
    OziExplorer 3.95
    PC Connectivity Solution
    PDF Settings CS5
    PE Builder 3.1.10a
    Pidgin
    PlayStation(R)Network Downloader
    PlayStation(R)Store
    Plex Media Server
    PxMergeModule
    QuickTime
    RAR Password Recovery Magic v6.1.1.393
    Realtek Ethernet Controller Driver
    Realtek USB 2.0 Card Reader
    Safari
    ScummVM 1.2.0
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Skype™ 5.8
    SoundFont Bank Manager
    StarCraft II
    Stellarium 0.10.6.1
    swMSM
    SyncMate 2
    System Requirements Lab for Intel
    tools-freebsd
    tools-linux
    tools-netware
    tools-solaris
    tools-windows
    tools-winPre2k
    Total Commander (Remove or Repair)
    Ubuntu
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Urban Terror 4.1
    VLC media player 2.0.0
    VMware Workstation
    WebM Media Foundation Components
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Photo Common
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Media Player Firefox Plugin
    Wolfram Notebook Indexer 2.0
    X3 Terran Conflict v2.1
    XBMC
    .
    ==== Event Viewer Messages From Past Week ========
    .
    24/2/2012 9:08:43 μμ, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    24/2/2012 9:01:29 μμ, Error: Service Control Manager [7034] - The MySQL2 service terminated unexpectedly. It has done this 1 time(s).
    24/2/2012 9:01:29 μμ, Error: Service Control Manager [7034] - The MySQL service terminated unexpectedly. It has done this 1 time(s).
    24/2/2012 9:01:21 μμ, Error: Service Control Manager [7024] - The VMware Workstation Server service terminated with service-specific error %%-1.
    24/2/2012 8:01:56 πμ, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    24/2/2012 8:00:21 πμ, Error: Service Control Manager [7034] - The MySQL2 service terminated unexpectedly. It has done this 1 time(s).
    24/2/2012 8:00:21 πμ, Error: Service Control Manager [7034] - The MySQL service terminated unexpectedly. It has done this 1 time(s).
    24/2/2012 8:00:14 πμ, Error: Service Control Manager [7024] - The VMware Workstation Server service terminated with service-specific error %%-1.
    24/2/2012 11:14:06 μμ, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    23/2/2012 4:08:28 μμ, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    23/2/2012 4:06:58 μμ, Error: Service Control Manager [7034] - The MySQL2 service terminated unexpectedly. It has done this 1 time(s).
    23/2/2012 4:06:58 μμ, Error: Service Control Manager [7034] - The MySQL service terminated unexpectedly. It has done this 1 time(s).
    23/2/2012 4:06:48 μμ, Error: Service Control Manager [7024] - The VMware Workstation Server service terminated with service-specific error %%-1.
    22/2/2012 4:52:14 μμ, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    22/2/2012 2:31:13 πμ, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.121.61.0).
    22/2/2012 10:43:05 μμ, Error: Disk [11] - The driver detected a controller error on \...\DR3.
    21/2/2012 7:33:27 μμ, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.121.61.0).
    20/2/2012 7:31:11 μμ, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    20/2/2012 7:29:42 μμ, Error: Service Control Manager [7034] - The MySQL2 service terminated unexpectedly. It has done this 1 time(s).
    20/2/2012 7:29:42 μμ, Error: Service Control Manager [7034] - The MySQL service terminated unexpectedly. It has done this 1 time(s).
    20/2/2012 7:29:39 μμ, Error: Service Control Manager [7024] - The VMware Workstation Server service terminated with service-specific error %%-1.
    20/2/2012 5:19:28 μμ, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    20/2/2012 5:17:49 μμ, Error: Service Control Manager [7034] - The MySQL2 service terminated unexpectedly. It has done this 1 time(s).
    20/2/2012 5:17:49 μμ, Error: Service Control Manager [7034] - The MySQL service terminated unexpectedly. It has done this 1 time(s).
    20/2/2012 5:17:47 μμ, Error: Service Control Manager [7024] - The VMware Workstation Server service terminated with service-specific error %%-1.
    19/2/2012 8:45:33 μμ, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    19/2/2012 8:43:44 μμ, Error: Service Control Manager [7034] - The MySQL2 service terminated unexpectedly. It has done this 1 time(s).
    19/2/2012 8:43:44 μμ, Error: Service Control Manager [7034] - The MySQL service terminated unexpectedly. It has done this 1 time(s).
    19/2/2012 8:43:42 μμ, Error: Service Control Manager [7024] - The VMware Workstation Server service terminated with service-specific error %%-1.
    19/2/2012 5:48:32 μμ, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    19/2/2012 4:32:56 πμ, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    19/2/2012 4:31:33 πμ, Error: Service Control Manager [7034] - The MySQL2 service terminated unexpectedly. It has done this 1 time(s).
    19/2/2012 4:31:33 πμ, Error: Service Control Manager [7034] - The MySQL service terminated unexpectedly. It has done this 1 time(s).
    19/2/2012 4:30:32 πμ, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the VMware Workstation Server service to connect.
    19/2/2012 4:30:32 πμ, Error: Service Control Manager [7000] - The VMware Workstation Server service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    19/2/2012 2:54:52 μμ, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
    19/2/2012 2:01:49 μμ, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    19/2/2012 2:00:46 μμ, Error: Service Control Manager [7034] - The MySQL2 service terminated unexpectedly. It has done this 1 time(s).
    19/2/2012 2:00:46 μμ, Error: Service Control Manager [7034] - The MySQL service terminated unexpectedly. It has done this 1 time(s).
    19/2/2012 2:00:45 μμ, Error: Service Control Manager [7024] - The VMware Workstation Server service terminated with service-specific error %%-1.
    19/2/2012 2:00:29 μμ, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x0000000000041790, 0xfffffa80007aa7b0, 0x000000000000ffff, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 021912-26192-01.
    19/2/2012 12:40:58 μμ, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    19/2/2012 12:39:32 μμ, Error: Service Control Manager [7034] - The MySQL2 service terminated unexpectedly. It has done this 1 time(s).
    19/2/2012 12:39:32 μμ, Error: Service Control Manager [7034] - The MySQL service terminated unexpectedly. It has done this 1 time(s).
    19/2/2012 12:38:32 μμ, Error: Service Control Manager [7024] - The VMware Workstation Server service terminated with service-specific error %%-1.
    19/2/2012 12:35:03 μμ, Error: Service Control Manager [7000] - The PORTIO64 service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
    19/2/2012 11:45:58 πμ, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    19/2/2012 11:45:40 πμ, Error: Service Control Manager [7034] - The MySQL2 service terminated unexpectedly. It has done this 1 time(s).
    19/2/2012 11:45:40 πμ, Error: Service Control Manager [7034] - The MySQL service terminated unexpectedly. It has done this 1 time(s).
    19/2/2012 11:45:34 πμ, Error: Service Control Manager [7024] - The VMware Workstation Server service terminated with service-specific error %%-1.
    17/2/2012 5:20:30 μμ, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    17/2/2012 5:18:33 μμ, Error: Service Control Manager [7034] - The MySQL2 service terminated unexpectedly. It has done this 1 time(s).
    17/2/2012 5:18:33 μμ, Error: Service Control Manager [7034] - The MySQL service terminated unexpectedly. It has done this 1 time(s).
    17/2/2012 5:18:33 μμ, Error: Service Control Manager [7024] - The VMware Workstation Server service terminated with service-specific error %%-1.
    .
    ==== End Of File ===========================
     
  2. Broni

    Broni Malware Annihilator Posts: 52,890   +344

    Do NOT double post.
    This topic is closed.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...