-
Posts
8 -
Joined
-
Last visited
Reputation
0 Neutral-
Found and deleted the iLivid folder. Seems to be better. I had been experiencing the "Internet Explorer Cannot Display this page" error a lot. After deleting the folder, I got it once for my Google homepage, but it was after i deleted history and rebooted,
-
I ran the Eset Scan. It did find three bugs. The only log file i could find in the EsetOnline Scanner folder was this. ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK However, here are the three items found and cleaned. C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngr.dll a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll probably a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
-
That seems to be correct. I no longer get a blank page when opening a new tab, nor do i get the Malwarebytes pop up that says blocked 207.232.22.60.
-
Here is the log. It appears to have worked. ComboFix 12-08-04.02 - Steve 08/04/2012 19:58:01.2.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3071.1242 [GMT -4:00] Running from: c:\users\Steve\Desktop\ComboFix.exe AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2012-07-05 to 2012-08-05 ))))))))))))))))))))))))))))))) . . 2012-08-05 00:03 . 2012-08-05 00:03 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-07-27 18:50 . 2012-07-27 18:50 -------- d-----w- c:\program files (x86)\Pandora 2012-07-27 14:29 . 2012-07-27 14:29 -------- d-----w- c:\windows\system32\drivers\NSMx64\0203000.016 2012-07-12 07:04 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-06 03:33 . 2012-07-06 03:33 -------- d-----w- c:\windows\en 2012-07-06 03:28 . 2012-03-08 22:40 48488 ----a-w- c:\windows\system32\drivers\fssfltr.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-03 10:23 . 2012-05-08 00:32 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-08-03 10:23 . 2011-08-29 18:01 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-12 07:01 . 2010-01-16 04:32 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-07-03 17:46 . 2010-04-20 03:32 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-25 20:04 . 2012-06-25 20:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll 2012-06-02 22:19 . 2012-06-21 15:08 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 15:08 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-21 15:08 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 15:08 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 15:08 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-21 15:08 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-21 15:08 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 19:19 . 2012-06-21 15:08 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 19:15 . 2012-06-21 15:08 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-05-15 04:01 . 2012-06-13 19:27 1188864 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 03:59 . 2012-06-13 19:27 64512 ----a-w- c:\windows\system32\jsproxy.dll 2012-05-15 03:03 . 2012-06-13 19:27 981504 ----a-w- c:\windows\SysWow64\wininet.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-08-04_21.44.21 ))))))))))))))))))))))))))))))))))))))))) . - 2010-01-09 23:33 . 2012-08-04 21:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-01-09 23:33 . 2012-08-04 23:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2010-01-09 23:33 . 2012-08-04 23:11 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2010-01-09 23:33 . 2012-08-04 21:09 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2012-08-05 00:05 . 2012-08-05 00:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-08-04 21:43 . 2012-08-04 21:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-08-05 00:05 . 2012-08-05 00:05 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2012-08-04 21:43 . 2012-08-04 21:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-07-14 05:01 . 2012-08-05 00:04 316988 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2012-08-04 21:42 316988 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-15 98304] "Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] "HttpWatch_RegIEPlugin"="c:\program files (x86)\HttpWatch\regieplugin.exe" [2012-06-07 2283744] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-07 559616] . c:\users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-9-21 1316192] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\IEBHO.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x] R0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-03 250056] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-24 113120] R3 SYMRDR_{78CA3BF0-9C3B-40e1-B46D-38C877EF059A};Symantec Redirector - Norton Safety Minder;c:\windows\System32\Drivers\NSMx64\0203000.016\SymRdrS.SYS [2011-11-17 218232] R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-26 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS [2011-07-26 451192] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS [2012-03-29 1092728] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120711.002\BHDrvx64.sys [2012-06-19 1161376] S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys [2011-11-29 167048] S1 ccSet_NOF;Norton Online Settings Manager;c:\windows\system32\drivers\NOFx64\0203000.007\ccSetx64.sys [2011-11-04 167048] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120803.002\IDSvia64.sys [2012-07-04 509088] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS [2012-03-29 190072] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1307010.005\SYMNETS.SYS [2012-03-29 405624] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-03-31 92160] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-06-15 203264] S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648] S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-06-11 335888] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944] S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe [2012-03-27 138232] S2 NOF;Norton Online;c:\program files (x86)\Norton Online\Engine\2.3.0.7\ccSvcHst.exe [2011-11-30 138248] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-01-13 705856] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-06-10 138912] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392] . . Contents of the 'Scheduled Tasks' folder . 2012-08-04 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-08 10:23] . 2012-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1753098322-611350664-1751214061-1001Core.job - c:\users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-03 22:54] . 2012-08-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1753098322-611350664-1751214061-1001UA.job - c:\users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-03 22:54] . 2012-08-04 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:09] . 2012-08-04 c:\windows\Tasks\SystemToolsDailyTest.job - c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:09] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\x64\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\x64\IEBHO.dll . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: HttpWatch Basic - c:\program files (x86)\HttpWatch\httpwatch.dll/1351 TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\xexkv5kf.default\ . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Toolbar-10 - (no file) . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.7.1.5\diMaster.dll\" /prefetch:1" -- . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\NOF] "ImagePath"="\"c:\program files (x86)\Norton Online\Engine\2.3.0.7\ccSvcHst.exe\" /s \"NOF\" /m \"c:\program files (x86)\Norton Online\Engine\2.3.0.7\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe c:\program files (x86)\Norton Online\AddOns\Norton Safety Minder\Engine\2.3.0.22\tampmon.exe . ************************************************************************** . Completion time: 2012-08-04 20:11:06 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-05 00:11 ComboFix2.txt 2012-08-04 21:50 . Pre-Run: 152,291,717,120 bytes free Post-Run: 152,203,296,768 bytes free . - - End Of File - - 01D527F740AF61893A23D323E4BCBAD6
-
I redid step 2 and here is the correct log. Still nothing detected. Malwarebytes Anti-Malware (PRO) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.01.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Steve :: MAINHOMEPC [administrator] Protection: Enabled 7/31/2012 11:43:52 PM mbam-log-2012-07-31 (23-43-52).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 198444 Time elapsed: 3 minute(s), 49 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-07-31 23:59:31 ----------------------------- 23:59:31.412 OS Version: Windows x64 6.1.7601 Service Pack 1 23:59:31.412 Number of processors: 2 586 0x170A 23:59:31.412 ComputerName: MAINHOMEPC UserName: Steve 23:59:33.533 Initialize success 23:59:43.316 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 23:59:43.316 Disk 0 Vendor: ST3320418AS CC45 Size: 305245MB BusType: 3 23:59:43.332 Disk 0 MBR read successfully 23:59:43.332 Disk 0 MBR scan 23:59:43.332 Disk 0 Windows VISTA default MBR code 23:59:43.332 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63 23:59:43.347 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920 23:59:43.347 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290204 MB offset 30801920 23:59:43.378 Disk 0 scanning C:\Windows\system32\drivers 23:59:52.317 Service scanning 00:00:08.916 Modules scanning 00:00:08.916 Disk 0 trace - called modules: 00:00:08.947 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys 00:00:08.947 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80033e4610] 00:00:09.462 3 CLASSPNP.SYS[fffff88001bca43f] -> nt!IofCallDriver -> [0xfffffa8002f1f9b0] 00:00:09.462 5 ACPI.sys[fffff88000f487a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8002ef3680] 00:00:09.462 Scan finished successfully 00:00:35.202 Disk 0 MBR has been saved successfully to "C:\Users\Steve\Desktop\Malwarebytes July 2012\7-31\MBR.dat" 00:00:35.202 The log file has been saved successfully to "C:\Users\Steve\Desktop\Malwarebytes July 2012\7-31\aswMBR 7-31-12.txt"
-
Here they are. aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-07-27 12:47:47 ----------------------------- 12:47:47.520 OS Version: Windows x64 6.1.7601 Service Pack 1 12:47:47.520 Number of processors: 2 586 0x170A 12:47:47.520 ComputerName: MAINHOMEPC UserName: Steve 12:47:49.501 Initialize success 12:48:19.090 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 12:48:19.090 Disk 0 Vendor: ST3320418AS CC45 Size: 305245MB BusType: 3 12:48:19.106 Disk 0 MBR read successfully 12:48:19.106 Disk 0 MBR scan 12:48:19.106 Disk 0 Windows VISTA default MBR code 12:48:19.106 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63 12:48:19.106 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920 12:48:19.121 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 290204 MB offset 30801920 12:48:19.137 Disk 0 scanning C:\Windows\system32\drivers 12:48:27.795 Service scanning 12:48:44.222 Modules scanning 12:48:44.222 Disk 0 trace - called modules: 12:48:44.237 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys PCIIDEX.SYS hal.dll atapi.sys 12:48:44.237 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80033e3060] 12:48:44.253 3 CLASSPNP.SYS[fffff88001b4d43f] -> nt!IofCallDriver -> [0xfffffa8002f89520] 12:48:44.253 5 ACPI.sys[fffff88000ed47a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8002ee7060] 12:48:44.253 Scan finished successfully 12:49:13.784 Disk 0 MBR has been saved successfully to "C:\Users\Steve\Desktop\MBR.dat" 12:49:13.784 The log file has been saved successfully to "C:\Users\Steve\Desktop\aswMBR sp 7-27-2012.txt" 2012/07/27 00:20:28 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 56012, Process: ccsvchst.exe) 2012/07/27 00:20:28 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 56014, Process: ccsvchst.exe) 2012/07/27 00:20:28 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 56016, Process: ccsvchst.exe) 2012/07/27 00:20:28 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 56018, Process: ccsvchst.exe) 2012/07/27 00:20:28 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 56020, Process: ccsvchst.exe) 2012/07/27 00:20:28 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 56022, Process: ccsvchst.exe) 2012/07/27 00:20:28 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 56024, Process: ccsvchst.exe) 2012/07/27 00:20:28 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 56026, Process: ccsvchst.exe) 2012/07/27 00:20:28 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 56028, Process: ccsvchst.exe) 2012/07/27 00:20:28 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 56030, Process: ccsvchst.exe) 2012/07/27 00:20:28 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 56032, Process: ccsvchst.exe) 2012/07/27 00:20:28 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 56034, Process: ccsvchst.exe) 2012/07/27 10:39:26 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59457, Process: ccsvchst.exe) 2012/07/27 10:39:26 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59460, Process: ccsvchst.exe) 2012/07/27 10:39:26 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59462, Process: ccsvchst.exe) 2012/07/27 10:39:26 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59464, Process: ccsvchst.exe) 2012/07/27 10:39:26 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59466, Process: ccsvchst.exe) 2012/07/27 10:39:26 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59468, Process: ccsvchst.exe) 2012/07/27 10:39:26 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59470, Process: ccsvchst.exe) 2012/07/27 10:39:26 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59472, Process: ccsvchst.exe) 2012/07/27 10:39:26 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59474, Process: ccsvchst.exe) 2012/07/27 10:39:26 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59476, Process: ccsvchst.exe) 2012/07/27 10:39:26 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59478, Process: ccsvchst.exe) 2012/07/27 10:39:51 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59515, Process: ccsvchst.exe) 2012/07/27 10:39:51 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59517, Process: ccsvchst.exe) 2012/07/27 10:39:51 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59519, Process: ccsvchst.exe) 2012/07/27 10:39:51 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59521, Process: ccsvchst.exe) 2012/07/27 10:39:51 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59523, Process: ccsvchst.exe) 2012/07/27 10:39:51 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59525, Process: ccsvchst.exe) 2012/07/27 10:39:51 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59527, Process: ccsvchst.exe) 2012/07/27 10:39:51 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59529, Process: ccsvchst.exe) 2012/07/27 10:39:51 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 59531, Process: ccsvchst.exe) 2012/07/27 11:12:03 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49723, Process: ccsvchst.exe) 2012/07/27 11:12:03 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49726, Process: ccsvchst.exe) 2012/07/27 11:12:03 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49728, Process: ccsvchst.exe) 2012/07/27 11:12:03 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49730, Process: ccsvchst.exe) 2012/07/27 11:12:03 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49732, Process: ccsvchst.exe) 2012/07/27 11:12:03 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49734, Process: ccsvchst.exe) 2012/07/27 11:12:03 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49736, Process: ccsvchst.exe) 2012/07/27 11:12:03 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49738, Process: ccsvchst.exe) 2012/07/27 11:12:03 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49740, Process: ccsvchst.exe) 2012/07/27 11:12:03 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49742, Process: ccsvchst.exe) 2012/07/27 11:12:03 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49744, Process: ccsvchst.exe) 2012/07/27 11:12:03 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49746, Process: ccsvchst.exe) 2012/07/27 11:12:11 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49838, Process: ccsvchst.exe) 2012/07/27 11:12:11 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49840, Process: ccsvchst.exe) 2012/07/27 11:12:11 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49842, Process: ccsvchst.exe) 2012/07/27 11:12:11 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49844, Process: ccsvchst.exe) 2012/07/27 11:12:11 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49846, Process: ccsvchst.exe) 2012/07/27 11:12:11 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49848, Process: ccsvchst.exe) 2012/07/27 11:12:11 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49850, Process: ccsvchst.exe) 2012/07/27 11:12:11 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49852, Process: ccsvchst.exe) 2012/07/27 11:12:11 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49854, Process: ccsvchst.exe) 2012/07/27 11:12:11 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49856, Process: ccsvchst.exe) 2012/07/27 11:12:11 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49858, Process: ccsvchst.exe) 2012/07/27 11:12:11 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 49860, Process: ccsvchst.exe) 2012/07/27 11:37:13 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53035, Process: ccsvchst.exe) 2012/07/27 11:37:13 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53038, Process: ccsvchst.exe) 2012/07/27 11:37:13 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53040, Process: ccsvchst.exe) 2012/07/27 11:37:13 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53042, Process: ccsvchst.exe) 2012/07/27 11:37:13 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53044, Process: ccsvchst.exe) 2012/07/27 11:37:13 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53046, Process: ccsvchst.exe) 2012/07/27 11:37:13 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53048, Process: ccsvchst.exe) 2012/07/27 11:37:13 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53050, Process: ccsvchst.exe) 2012/07/27 11:37:13 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53052, Process: ccsvchst.exe) 2012/07/27 11:37:13 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53054, Process: ccsvchst.exe) 2012/07/27 11:37:13 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53056, Process: ccsvchst.exe) 2012/07/27 11:37:13 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53058, Process: ccsvchst.exe) 2012/07/27 11:37:21 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53130, Process: ccsvchst.exe) 2012/07/27 11:37:21 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53132, Process: ccsvchst.exe) 2012/07/27 11:37:21 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53134, Process: ccsvchst.exe) 2012/07/27 11:37:21 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53136, Process: ccsvchst.exe) 2012/07/27 11:37:21 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53138, Process: ccsvchst.exe) 2012/07/27 11:37:21 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53140, Process: ccsvchst.exe) 2012/07/27 11:37:21 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53142, Process: ccsvchst.exe) 2012/07/27 11:37:21 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53144, Process: ccsvchst.exe) 2012/07/27 11:37:21 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53146, Process: ccsvchst.exe) 2012/07/27 11:37:21 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53148, Process: ccsvchst.exe) 2012/07/27 11:37:21 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53150, Process: ccsvchst.exe) 2012/07/27 11:37:21 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53152, Process: ccsvchst.exe) 2012/07/27 11:40:01 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53398, Process: ccsvchst.exe) 2012/07/27 11:40:01 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53401, Process: ccsvchst.exe) 2012/07/27 11:40:09 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53405, Process: ccsvchst.exe) 2012/07/27 11:40:09 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53407, Process: ccsvchst.exe) 2012/07/27 11:40:09 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53409, Process: ccsvchst.exe) 2012/07/27 11:40:09 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53411, Process: ccsvchst.exe) 2012/07/27 11:40:09 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53413, Process: ccsvchst.exe) 2012/07/27 11:40:09 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53415, Process: ccsvchst.exe) 2012/07/27 11:40:09 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53417, Process: ccsvchst.exe) 2012/07/27 11:40:09 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53419, Process: ccsvchst.exe) 2012/07/27 11:40:09 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53421, Process: ccsvchst.exe) 2012/07/27 11:40:17 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53479, Process: ccsvchst.exe) 2012/07/27 11:40:17 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53481, Process: ccsvchst.exe) 2012/07/27 11:40:17 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53483, Process: ccsvchst.exe) 2012/07/27 11:40:17 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53485, Process: ccsvchst.exe) 2012/07/27 11:40:17 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53487, Process: ccsvchst.exe) 2012/07/27 11:40:17 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53489, Process: ccsvchst.exe) 2012/07/27 11:40:17 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53491, Process: ccsvchst.exe) 2012/07/27 11:40:17 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53493, Process: ccsvchst.exe) 2012/07/27 11:40:17 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53495, Process: ccsvchst.exe) 2012/07/27 11:40:17 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53497, Process: ccsvchst.exe) 2012/07/27 11:40:17 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53499, Process: ccsvchst.exe) 2012/07/27 11:40:17 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 53501, Process: ccsvchst.exe) 2012/07/27 11:53:46 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 55512, Process: ccsvchst.exe) 2012/07/27 11:53:46 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 55514, Process: ccsvchst.exe) 2012/07/27 11:53:46 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 55516, Process: ccsvchst.exe) 2012/07/27 11:53:46 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 55518, Process: ccsvchst.exe) 2012/07/27 11:53:46 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 55520, Process: ccsvchst.exe) 2012/07/27 11:53:46 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 55522, Process: ccsvchst.exe) 2012/07/27 11:53:46 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 55524, Process: ccsvchst.exe) 2012/07/27 11:53:46 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 55526, Process: ccsvchst.exe) 2012/07/27 11:53:46 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 55528, Process: ccsvchst.exe) 2012/07/27 11:53:46 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 55530, Process: ccsvchst.exe) 2012/07/27 11:53:46 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 55532, Process: ccsvchst.exe) 2012/07/27 11:53:46 -0400 MAINHOMEPC Steve IP-BLOCK 207.232.22.60 (Type: outgoing, Port: 55534, Process: ccsvchst.exe) 2012/07/27 12:36:32 -0400 MAINHOMEPC Steve MESSAGE Starting database refresh 2012/07/27 12:36:32 -0400 MAINHOMEPC Steve MESSAGE Stopping IP protection 2012/07/27 12:38:55 -0400 MAINHOMEPC Steve MESSAGE IP Protection stopped 2012/07/27 12:39:27 -0400 MAINHOMEPC Steve MESSAGE Database refreshed successfully 2012/07/27 12:39:27 -0400 MAINHOMEPC Steve MESSAGE Starting IP protection 2012/07/27 12:39:31 -0400 MAINHOMEPC Steve MESSAGE IP Protection started successfully
-
Thank you for your help. I followed the instructions. The Malwarebytes scan did not detect anything malicious. Attached are the logs. Steve Malewarebytes protection-log-2012-07-27.txt aswMBR sp 7-27-2012.txt
-
I get a blank page when opening a new tab, and a Malwarebytes pop up that says blocked 207.232.22.60. Here are my DDS and Attach reports.. I have Win7 and IE8. Steve DDS sp 7-26-2012.txt Attach sp 7-26-2012.txt