Jump to content

khanted

Honorary Members
  • Posts

    22
  • Joined

  • Last visited

Everything posted by khanted

  1. ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=4a726e4d165dde4fb9ad67abc40d529b # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-08-21 02:27:51 # local_time=2012-08-22 12:27:51 (+1000, E. Australia Standard Time) # country="Australia" # lang=1033 # osver=6.0.6001 NT Service Pack 1 # compatibility_mode=5892 16776574 100 100 419302 183082949 0 0 # compatibility_mode=8192 67108863 100 0 437 437 0 0 # scanned=258384 # found=1 # cleaned=1 # scan_time=5449 C:\ProgramData\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
  2. I have tried 3 times now..... Cant get it to work. I click the yes box. Then I install that activex thing and it says I have to retry. I do and then it takes ages and then comes up with a little ex at the top left corner. Am i doing something wrong?
  3. Yes well I see what you are saying. But I have used Utorrent for years without problems, I do not download pirate movies. I download underground heavy metal music mainly, who do not copyright their cds... They want it spread, I don't violate the law from my downloading. I have kids and I look at unauthorized downloading as theft. But anyway that is semantics I completely understand what you are saying. Your help really has been appreciated. So do you think I got the virus from downloading a cd or from just downloading the utorrent program itself? And do you think the virus/trojan was actually deleted last time or hidden somewhere?
  4. Thanks Yes, I am really sorry mate. I didnt see the rules. I thought my computer may have been clean though. Yes I think the popups came back after reinstalling U torrent, but the virus must have still been on my computer if the pop ups are back. Anyway I am really sorry about that. I will uninstall now and wait till you give me the OK to reinstall.
  5. Oh stuff, it just popped up the original message again.... About blocking a malicious website. I just downloaded U Torrent again.
  6. Oh also I just ran Malware bytes and this is what it said afterwards Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.16.10 Windows Vista Service Pack 1 x86 NTFS Internet Explorer 8.0.6001.19088 Paul :: PAUL-PC [administrator] Protection: Enabled 17/08/2012 7:47:28 AM mbam-log-2012-08-17 (07-47-28).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 453421 Time elapsed: 1 hour(s), 35 minute(s), 32 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  7. OK, done. Thanks Here is the log: ComboFix 12-08-15.01 - Paul 16/08/2012 10:28:18.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.61.1033.18.3325.2251 [GMT 10:00] Running from: c:\users\Paul\Downloads\ComboFix.exe SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Paul\AppData\Roaming\inst.exe c:\users\Paul\AppData\Roaming\vso_ts_preview.xml c:\users\Paul\videos\family slide show.exe c:\windows\security\Database\tmp.edb . . ((((((((((((((((((((((((( Files Created from 2012-07-16 to 2012-08-16 ))))))))))))))))))))))))))))))) . . 2012-08-16 00:33 . 2012-08-16 00:33 -------- d-----w- c:\users\Guest\AppData\Local\temp 2012-08-16 00:33 . 2012-08-16 00:33 -------- d-----w- c:\users\ANNE\AppData\Local\temp 2012-08-15 10:15 . 2012-08-15 10:15 -------- d-----w- C:\_OTL 2012-08-14 15:45 . 2012-06-29 08:44 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{234D1F02-403B-44FD-B4EF-CF715E5FD0FA}\mpengine.dll 2012-08-13 00:15 . 2012-08-13 00:15 -------- d-----w- c:\users\Paul\AppData\Roaming\Philipp Winterberg 2012-08-13 00:15 . 2012-08-13 00:15 -------- d-----w- c:\program files\Free RAR Extract Frog 2012-08-11 02:50 . 2012-08-11 02:50 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll 2012-08-11 02:50 . 2012-08-11 02:50 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll 2012-08-04 09:31 . 2012-08-04 09:32 -------- d-----w- c:\users\Guest\AppData\Local\Google 2012-08-04 08:39 . 2012-08-04 08:39 -------- d-----w- c:\users\Guest\AppData\Local\Facebook 2012-08-04 00:46 . 2012-08-15 21:22 -------- d-----w- c:\users\Paul\AppData\Roaming\Skype 2012-08-01 00:01 . 2012-08-01 00:01 -------- d-----w- c:\users\Guest\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 2012-07-30 07:30 . 2012-08-15 01:19 -------- d-----w- c:\users\Guest\AppData\Roaming\Skype 2012-07-30 07:29 . 2012-07-30 07:29 -------- d-----w- c:\program files\Common Files\Skype 2012-07-30 07:29 . 2012-07-30 07:30 -------- d-----r- c:\program files\Skype 2012-07-30 07:29 . 2012-08-07 12:38 -------- d-----w- c:\programdata\Skype . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-03 03:46 . 2012-06-15 21:55 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-06 10:59 . 2012-06-06 10:59 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2012-05-31 02:25 . 2009-10-02 20:13 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-05-21 22:14 . 2012-05-21 22:14 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-21 22:14 . 2012-05-21 22:14 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-12 23:52 . 2012-05-30 20:43 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-19 62768] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-01-08 13584928] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-26 421736] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2008-11-18 914224] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled] "NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime "HP Health Check Scheduler"=c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\program files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\program files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" "UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\program files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" "UpdatePSTShortCut"="c:\program files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\program files\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" "TVAgent"="c:\program files\Hewlett-Packard\Media\TV\TVAgent.exe" "DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" "TSMAgent"="c:\program files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" "CLMLServer for HP TouchSmart"="c:\program files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" "SmartMenu"=%ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc HPService REG_MULTI_SZ HPSLPSVC . Contents of the 'Scheduled Tasks' folder . 2012-08-15 c:\windows\Tasks\GlaryInitialize.job - c:\program files\Glary Utilities\initialize.exe [2009-08-07 00:30] . . ------- Supplementary Scan ------- . uStart Page = hxxp://ninemsn.com.au/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_au&c=92&bd=Pavilion&pf=cndt uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html TCP: DhcpNameServer = 10.1.1.1 FF - ProfilePath - c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\y0hnske5.default\ FF - prefs.js: browser.startup.homepage - hxxp://unitab.com/ . - - - - ORPHANS REMOVED - - - - . HKCU-Run-uTorrent - c:\program files\uTorrent\uTorrent.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-08-16 10:34 Windows 6.0.6001 Service Pack 1 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . . c:\windows\TEMP\TMP0000006CC8F6DD0E59949B7B 524288 bytes . scan completed successfully hidden files: 1 . ************************************************************************** . Completion time: 2012-08-16 10:35:51 ComboFix-quarantined-files.txt 2012-08-16 00:35 . Pre-Run: 194,436,403,200 bytes free Post-Run: 197,867,941,888 bytes free . - - End Of File - - B0F433F94E8BAC2DE9BE5CADB781E24B
  8. Yes done now. I couldnt figure out how to attach it, but here it is copied and pasted..... By the way Maniac, thanks sooooo much for your help! All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{687578b9-7132-4a7a-80e4-30ee31099e03} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578b9-7132-4a7a-80e4-30ee31099e03}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{687578B9-7132-4A7A-80E4-30EE31099E03} not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}\ not found. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Could not flush the DNS Resolver Cache: Function failed during execution. C:\Users\Paul\Downloads\cmd.bat deleted successfully. C:\Users\Paul\Downloads\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: ANNE ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temporary Internet Files folder emptied: 0 bytes User: Guest ->Temp folder emptied: 50266 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 111108608 bytes ->Google Chrome cache emptied: 25043362 bytes ->Flash cache emptied: 228333 bytes User: Paul ->Temp folder emptied: 16194636 bytes ->Temporary Internet Files folder emptied: 76085414 bytes ->Java cache emptied: 268800 bytes ->FireFox cache emptied: 112646384 bytes ->Apple Safari cache emptied: 0 bytes ->Flash cache emptied: 3274 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 6047786 bytes RecycleBin emptied: 162 bytes Total Files Cleaned = 332.00 mb OTL by OldTimer - Version 3.2.57.0 log created on 08152012_235957 Files\Folders moved on Reboot... PendingFileRenameOperations files... Registry entries deleted on Reboot...
  9. God dammit, it keeps stopping halfway through and saying that a problem caused the program to stop working correctly!
  10. So should I be pasting everything? Like even the OTL at the top and stuff? And like the emptytemp at the bottom? I just did it and it said OTC Has Stopped Working: A problem caused the program to stop working correctly. And then all my desktop icons disappeared till I logged out and came back in.
  11. OTL logfile created on: 14/08/2012 11:52:59 PM - Run 1 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Guest\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19088) Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy 3.25 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 59.15% Memory free 6.70 Gb Paging File | 5.25 Gb Available in Paging File | 78.29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 455.30 Gb Total Space | 178.96 Gb Free Space | 39.31% Space Free | Partition Type: NTFS Drive D: | 10.46 Gb Total Space | 1.51 Gb Free Space | 14.46% Space Free | Partition Type: NTFS Computer Name: PAUL-PC | User Name: Paul | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/08/14 23:49:50 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Guest\Downloads\OTL.exe PRC - [2012/08/04 18:39:06 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Guest\AppData\Local\Facebook\Update\FacebookUpdate.exe PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/06/14 22:03:48 | 000,639,352 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe PRC - [2012/03/07 10:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe PRC - [2012/03/07 10:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe PRC - [2012/02/15 10:32:12 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe PRC - [2009/04/22 22:53:22 | 000,296,320 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe PRC - [2009/04/22 22:53:22 | 000,116,104 | ---- | M] () -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe PRC - [2008/11/20 09:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe PRC - [2008/11/18 18:35:44 | 000,914,224 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe PRC - [2008/01/21 12:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe ========== Modules (No Company Name) ========== MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/06/16 03:44:53 | 001,712,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\1be8df00c8573200093245985e75a660\Microsoft.VisualBasic.ni.dll MOD - [2011/06/16 03:43:04 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll MOD - [2011/06/16 03:41:36 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll MOD - [2011/06/16 03:41:22 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll MOD - [2011/06/16 03:41:15 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll MOD - [2011/06/16 03:41:00 | 006,616,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ca69ec9d6589d3526ee38212ef28e2bb\System.Data.ni.dll MOD - [2011/06/16 03:40:52 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6bebfe5b7776c84cb38efdb2a7c9d447\PresentationFramework.Aero.ni.dll MOD - [2011/06/16 03:40:50 | 014,327,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\415ef2ec8cbd9f3368da6ade10beae26\PresentationFramework.ni.dll MOD - [2011/06/16 03:40:37 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\c1498ba4652483d5adddd4c5d3927170\PresentationCore.ni.dll MOD - [2011/06/16 03:40:26 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\29d729043903b7b4b2ea695db220d866\WindowsBase.ni.dll MOD - [2011/06/16 03:40:23 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll MOD - [2011/06/16 03:40:03 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll MOD - [2008/07/28 04:03:15 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ========== Win32 Services (SafeList) ========== SRV - [2012/08/13 09:52:36 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/03/07 10:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2009/04/22 22:53:22 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) SRV - [2009/04/22 22:53:22 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) SRV - [2008/01/21 12:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Paul\AppData\Local\Temp\aswMBR.sys -- (aswMBR) DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector) DRV - [2012/03/07 10:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012/03/07 10:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012/03/07 10:02:00 | 000,035,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr) DRV - [2012/03/07 10:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012/03/07 10:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2012/03/07 10:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010/07/29 00:25:22 | 000,025,112 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ivusb.sys -- (ivusb) DRV - [2009/01/08 11:17:00 | 007,396,448 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008/12/05 07:32:40 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5) DRV - [2008/10/25 21:37:38 | 000,318,080 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVer888RC.sys -- (AVER_H193) DRV - [2008/10/25 21:37:06 | 000,032,256 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVer888RCIR.sys -- (CXCIR) DRV - [2008/08/01 22:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD) DRV - [2008/05/22 19:39:34 | 000,015,360 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu) DRV - [2008/02/27 03:17:30 | 000,493,568 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys -- (netr73) DRV - [2007/02/15 14:14:28 | 000,019,840 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\StMp3Rec.sys -- (StMp3Rec) DRV - [2005/12/13 03:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2) DRV - [1999/09/10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI32) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_au&c=92&bd=Pavilion&pf=cndt IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_au&c=92&bd=Pavilion&pf=cndt IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 IE - HKLM\..\SearchScopes\{B867709F-3C2A-424C-980E-0C6E9BB690C0}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1347&query={searchTerms}&invocationType=tb50hpcndtie7-en-au IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_au&c=92&bd=Pavilion&pf=cndt IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ninemsn.com.au/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MOOI_en IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3072253 IE - HKCU\..\SearchScopes\{B867709F-3C2A-424C-980E-0C6E9BB690C0}: "URL" = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1347&query={searchTerms}&invocationType=tb50hpcndtie7-en-au IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://unitab.com/" FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.5 FF - prefs.js..extensions.enabledItems: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:0.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..network.proxy.no_proxies_on: "*.local" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\support@predictad.com: C:\Program Files\AutocompletePro\support@predictad.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/04/10 15:52:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/06/17 10:21:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/13 09:52:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/31 06:43:14 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/04/10 15:52:48 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/08/13 09:52:37 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/31 06:43:14 | 000,000,000 | ---D | M] [2010/04/22 22:33:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Extensions [2012/08/09 00:18:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\y0hnske5.default\extensions [2010/06/09 17:06:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\y0hnske5.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2012/08/09 00:18:40 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\y0hnske5.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2011/04/12 19:33:51 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\y0hnske5.default\extensions\personas@christopher.beard [2012/06/03 19:02:01 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\y0hnske5.default\extensions\plugin@yontoo.com [2011/04/12 19:33:51 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\y0hnske5.default\extensions\YoutubeDownloader@PeterOlayev.com [2012/05/31 06:43:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/08/13 09:52:37 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2009/11/07 02:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll [2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2009/11/07 02:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll [2012/08/11 12:50:52 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012/08/11 12:50:52 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2006/09/19 07:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - No CLSID value found. O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [hpsysdrv] c:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [smartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard) O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.) O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D14D3BE-7A1F-4FF8-A758-3404D107D407}: DhcpNameServer = 10.1.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Paul\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Paul\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/19 07:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/08/13 10:15:59 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Philipp Winterberg [2012/08/13 10:15:54 | 000,000,000 | ---D | C] -- C:\Program Files\Free RAR Extract Frog [2012/08/04 10:46:34 | 000,000,000 | ---D | C] -- C:\Users\Paul\AppData\Roaming\Skype [2012/07/30 17:30:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012/07/30 17:29:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2012/07/30 17:29:58 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2012/07/30 17:29:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010/10/14 14:49:52 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Paul\AppData\Roaming\pcouffin.sys ========== Files - Modified Within 30 Days ========== [2012/08/14 23:45:05 | 000,000,512 | ---- | M] () -- C:\Users\Paul\Desktop\MBR.dat [2012/08/14 23:34:26 | 000,000,512 | ---- | M] () -- C:\Users\Paul\Documents\MBR.dat [2012/08/14 22:11:58 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/14 22:11:58 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/14 12:58:52 | 000,617,044 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/08/14 12:58:52 | 000,112,156 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/08/14 04:59:24 | 000,031,776 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012/08/14 04:59:14 | 000,000,310 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job [2012/08/14 00:10:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/08/14 00:10:52 | 3487,662,080 | -HS- | M] () -- C:\hiberfil.sys [2012/08/13 21:42:51 | 000,031,776 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012/08/13 15:37:51 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/08/13 10:15:55 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Free RAR Extract Frog.lnk [2012/08/07 22:38:03 | 000,002,487 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2012/07/18 02:00:00 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job ========== Files Created - No Company Name ========== [2012/08/14 23:42:24 | 000,000,512 | ---- | C] () -- C:\Users\Paul\Desktop\MBR.dat [2012/08/14 23:34:26 | 000,000,512 | ---- | C] () -- C:\Users\Paul\Documents\MBR.dat [2012/08/13 10:15:55 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Free RAR Extract Frog.lnk [2012/07/30 17:30:00 | 000,002,487 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2012/06/20 20:28:46 | 000,002,048 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\ThePhotobookClub.com.au Prefs [2011/04/10 15:39:26 | 000,205,323 | ---- | C] () -- C:\Windows\hphins34.dat [2011/01/08 11:42:54 | 000,641,021 | ---- | C] () -- C:\Windows\unins000.exe [2011/01/08 11:42:54 | 000,187,904 | ---- | C] () -- C:\Windows\System32\Lame.exe [2011/01/08 11:42:54 | 000,166,912 | ---- | C] () -- C:\Windows\System32\Lame_enc.dll [2011/01/08 11:42:54 | 000,001,664 | ---- | C] () -- C:\Windows\unins000.dat [2010/10/14 16:49:46 | 000,000,034 | -H-- | C] () -- C:\Windows\System32\Converter_sysquict.dat [2010/10/14 14:49:52 | 000,087,608 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\inst.exe [2010/10/14 14:49:52 | 000,007,887 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\pcouffin.cat [2010/10/14 14:49:52 | 000,001,144 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\pcouffin.inf [2010/10/14 14:36:24 | 000,001,057 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\vso_ts_preview.xml [2010/06/08 19:42:33 | 000,000,000 | ---- | C] () -- C:\Users\Paul\AppData\Roaming\wklnhst.dat [2009/10/11 12:32:48 | 000,083,968 | ---- | C] () -- C:\Users\Paul\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009/04/27 19:01:24 | 000,007,592 | ---- | C] () -- C:\Users\Paul\AppData\Local\d3d9caps.dat [2009/03/13 11:34:09 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009/03/13 11:07:40 | 000,031,776 | ---- | C] () -- C:\ProgramData\nvModes.dat ========== LOP Check ========== [2009/08/06 19:35:42 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\BSD [2010/06/23 10:48:20 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Free AVI MPEG WMV MP4 FLV Video Joiner [2010/04/23 08:34:55 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\FreeFLVConverter [2012/05/19 20:52:46 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\GlarySoft [2010/10/14 14:58:15 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\HamsterSoft [2012/08/13 10:15:59 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Philipp Winterberg [2012/07/02 11:47:18 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\PhotoScape [2010/06/08 19:42:36 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Template [2012/06/20 20:28:38 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\ThePhotobookClub.com.au [2012/08/14 00:07:27 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\uTorrent [2010/10/14 14:49:52 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\Vso [2009/10/24 16:01:40 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\WinBatch [2009/08/06 20:10:23 | 000,000,000 | ---D | M] -- C:\Users\Paul\AppData\Roaming\WindSolutions [2012/08/14 04:59:14 | 000,000,310 | ---- | M] () -- C:\Windows\Tasks\GlaryInitialize.job [2012/07/18 02:00:00 | 000,000,456 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job [2012/08/14 00:07:44 | 000,032,616 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:A2947BEA < End of report > OTL Extras logfile created on: 14/08/2012 11:52:59 PM - Run 1 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Guest\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19088) Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy 3.25 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 59.15% Memory free 6.70 Gb Paging File | 5.25 Gb Available in Paging File | 78.29% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 455.30 Gb Total Space | 178.96 Gb Free Space | 39.31% Space Free | Partition Type: NTFS Drive D: | 10.46 Gb Total Space | 1.51 Gb Free Space | 14.46% Space Free | Partition Type: NTFS Computer Name: PAUL-PC | User Name: Paul | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{627C7F45-5F05-4432-9369-A2C046ECC691}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{CA606D98-46E7-4888-A0BA-C911FAA0EE31}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00D3CED5-5E4C-4DC2-82DB-D35A79A583F9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe | "{062D04C9-524B-499A-A900-A91A646AD644}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartphoto.exe | "{141274EF-F5FD-44FD-B2EC-10202372FCF5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | "{1912E961-BF87-4BF0-A0AE-96A8FBBA44EF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | "{1A2F60A3-67B5-473D-AB4E-C77B04DA1AE6}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe | "{23604696-5D8E-47BD-8CE3-23ACFB3B055D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | "{2EA97FA6-BE5E-4FBE-A54E-3071AFE8A53E}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{336037C5-B698-4E31-AB36-FE04EB022CB1}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartmusic.exe | "{3976A692-4493-4C6A-99A4-9495F94D6DFB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | "{39D2488B-0A66-41FB-8C78-6F2213B2A2A2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{43678AE6-B61B-4366-8579-BC0F0B648BAB}" = dir=in | app=e:\setup\hpznui01.exe | "{451A1FE2-A865-4AB1-9261-CDC37404B39A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | "{473AAB67-8F72-4EF1-841E-12328CA087C3}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{47B19B9F-8C57-40D3-B3E8-9CBB70217589}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | "{5994065F-28DA-4DFA-B9AB-89E2F843D77B}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe | "{62C8CD4D-FA75-4E2D-87B6-0A5C616826AA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe | "{6CFC7E96-3A50-4903-BB15-6EA9E83B5752}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe | "{6DE3A23D-9973-4E57-AC1D-6CC35660E709}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | "{7038CEDB-BEC2-4702-846B-2EA1FC541387}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{7603679B-7E72-41F7-BC57-89D6B4A52E47}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartvideo.exe | "{7AAA1650-3148-458B-833C-E569A7F4E18F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe | "{7C34E23F-EFB4-4F79-AD16-15BC80D8F690}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartmusic.exe | "{8797ED6B-0B33-4D1D-A0B2-EF86EDCF0D60}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qpservice.exe | "{888D52D0-97B1-4A77-9B4B-C8242482A253}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | "{8A7CF87D-2087-4D19-9878-FC0ED41690B4}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qpservice.exe | "{8A7E8C6A-07AF-47FA-8DF1-38E8BA5F8B38}" = dir=in | app=c:\program files\itunes\itunes.exe | "{904E9D54-7309-431D-AB12-42B76F8F27B9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe | "{B0FE510D-40E4-41A1-AA90-B8314A905785}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | "{B3141CE7-63C9-4C6F-9D0B-6FD7A1B8D0C9}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qp.exe | "{BA3D86DC-F04C-4D10-8CA8-EBF90C38FDCA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | "{BB2F6599-32CB-4F7C-9204-0376A4A73B24}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | "{C3F5E2F2-0BE3-4982-BF20-09668E267615}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{CAF8FBAD-DCF6-46CB-89E0-D0F6D540B415}" = dir=in | app=c:\program files\hewlett-packard\media\tv\qp.exe | "{CE977067-B604-438C-B5FE-A55F12425A0A}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | "{D0689DB4-20AD-4157-95CB-4BDA440BFFC2}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | "{D15C5FA7-D682-413E-ACE9-494D5B4F02E1}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | "{D420D72A-34DC-4D4B-8F85-B096D86D0D93}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartvideo.exe | "{D7F5E99E-8257-489F-8560-F4FFEE3CB242}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe | "{DB0D0559-2B72-4497-A86C-8E95EB7D9554}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe | "{DBEC9205-2295-448E-BCE3-50C0E3534EE4}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hpdvdsmart.exe | "{DF85D54D-C501-4122-8D46-A4F4763ADDCD}" = dir=in | app=c:\program files\skype\phone\skype.exe | "{DF94642D-F3DD-424D-97FC-4261041DCADB}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\hptouchsmartphoto.exe | "{E02D693B-AF76-4622-9F9B-B2F0180BC921}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | "{E27BC3A9-F044-464A-9A2A-4AF520E67BEB}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{E316FA34-DD9C-453D-AD8C-E758BCA0525E}" = dir=in | app=c:\program files\hewlett-packard\touchsmart\media\tsmagent.exe | "{E3C76CC7-512D-44B4-8574-B0F29DF15E95}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqscnvw.exe | "{E673A310-3BFB-4D33-82DD-0134F0E769A5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe | "{EB55CB95-C9AE-4207-8A39-6D0D69D78294}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\tsmagent.exe | "{F51F50CC-2666-4C46-B507-D0A86752BE62}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe | "{FB98A1A6-CF6D-4579-B26E-28CDE76AF59C}" = dir=in | app=c:\program files\hewlett-packard\media\dvd\tsmagent.exe | "{FC35B1E1-5D9A-42CD-9E25-CB0C5CA359D4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "TCP Query User{18E80906-5392-422D-9516-1AF65CB230C6}C:\program files\pfportchecker\pfportchecker.exe" = protocol=6 | dir=in | app=c:\program files\pfportchecker\pfportchecker.exe | "TCP Query User{3A22994A-81CB-4E56-838C-7379C25D5D9C}C:\users\guest\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=6 | dir=in | app=c:\users\guest\appdata\local\facebook\video\skype\facebookvideocalling.exe | "TCP Query User{FACC2A1E-F2E8-4F62-B550-B66339B832BA}C:\thc-chat\mirc.exe" = protocol=6 | dir=in | app=c:\thc-chat\mirc.exe | "UDP Query User{0DC3F30C-2B43-4C37-B05D-1D316F08F280}C:\thc-chat\mirc.exe" = protocol=17 | dir=in | app=c:\thc-chat\mirc.exe | "UDP Query User{715D19EF-9512-4C77-B659-BF3EC4595C6E}C:\users\guest\appdata\local\facebook\video\skype\facebookvideocalling.exe" = protocol=17 | dir=in | app=c:\users\guest\appdata\local\facebook\video\skype\facebookvideocalling.exe | "UDP Query User{7482BB42-9A48-4F63-BDC2-9A726EEBF7A0}C:\program files\pfportchecker\pfportchecker.exe" = protocol=17 | dir=in | app=c:\program files\pfportchecker\pfportchecker.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{0295F89F-F698-4101-9A7D-49F407EC2D82}" = HP Active Support Library "{03BF5CB1-B72E-4CA6-A278-F65680F05420}" = HP Picasso Media Center Add-In "{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network "{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan "{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery "{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 24 "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com "{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox "{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status "{3324A5DC-C7F6-430A-ACC8-F251CD8F4FC7}" = Motorola Driver Installation "{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext "{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter "{5F2930B9-20C7-4E84-85AB-8A333B617833}" = D5500 "{60FFB3E0-6D5B-4D73-AE5B-07E58B83AF0C}" = 32 Bit HP CIO Components Installer "{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV "{69EEF1DC-DE38-46DB-AA2A-5D1D8D81E850}" = NavDesk 2008 "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour "{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security "{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159 "{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02 "{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg "{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{919F3D91-8374-410F-932B-A126F2C85426}" = e-tax 2009 "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{95A747E0-DF19-46CB-A622-20A0107201BD}" = HP Total Care Setup "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9CC89170-000B-457D-91F1-53691F85B223}" = Python 2.6.1 "{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A5436728-2DFD-4221-B4D7-F49F740134C9}" = c5100_Help "{A7AC8E69-01FF-494E-9A2C-423B82CEA604}" = HP MediaSmart SmartMenu "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply "{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2 "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{ADC7FA12-E165-428a-AF13-4CE686E030AA}" = C5100 "{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2 "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C716522C-3731-4667-8579-40B098294500}" = Toolbox "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CB8CA439-DA83-419C-A4CF-5A0A50025144}" = Windows Mobile Device Center Driver Update "{CBCA600F-6B90-416D-9D19-477758C40946}" = DJ_SF_06_D5500_SW_Min "{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component "{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch "{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility "{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport "{E1591139-8B44-411B-A81B-D35F83A0565A}" = HP Customer Experience Enhancements "{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004) "{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10 "{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax "{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm "{FBE569CA-BFEB-4E57-A674-F94D938E1AEF}" = e-tax 2010 "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "avast" = avast! Free Antivirus "Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows "ExtractNow_is1" = ExtractNow "Free RAR Extract Frog" = Free RAR Extract Frog "Glary Utilities_is1" = Glary Utilities 2.15.0.728 "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP Photo Creations" = HP Photo Creations "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIA Drivers" = NVIDIA Drivers "PFPortChecker" = PFPortChecker 1.0.39 "PhotoScape" = PhotoScape "PROHYBRIDR" = 2007 Microsoft Office system "pywin32-py2.6" = Python 2.6 pywin32-212 "uTorrent" = µTorrent "VLC media player" = VLC media player 1.0.1 "WildTangent hp Master Uninstall" = My HP Games "XviD & MP3 Codec Pack_is1" = XviD & MP3 Codec Pack (remove only) "XviD_is1" = XviD MPEG-4 Video Codec ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "THC-Chat" = THC-Chat "ThePhotobookClub.com.au" = ThePhotobookClub.com.au ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 12/08/2012 8:13:21 PM | Computer Name = Paul-PC | Source = Application Hang | ID = 1002 Description = The program wmplayer.exe version 11.0.6001.7010 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 1180 Start Time: 01cd78e85ad9a050 Termination Time: 7 Error - 12/08/2012 8:35:49 PM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 3013 Description = Error - 12/08/2012 8:36:23 PM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 3013 Description = Error - 12/08/2012 8:36:23 PM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 3013 Description = Error - 12/08/2012 8:36:28 PM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 3013 Description = Error - 12/08/2012 8:37:58 PM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 3013 Description = Error - 12/08/2012 8:38:39 PM | Computer Name = Paul-PC | Source = Windows Search Service | ID = 3013 Description = Error - 13/08/2012 2:02:18 AM | Computer Name = Paul-PC | Source = WinMgmt | ID = 10 Description = Error - 13/08/2012 2:04:55 AM | Computer Name = Paul-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 13/08/2012 10:12:34 AM | Computer Name = Paul-PC | Source = WinMgmt | ID = 10 Description = [ System Events ] Error - 21/07/2012 8:51:19 PM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7009 Description = Error - 21/07/2012 8:51:19 PM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7000 Description = Error - 25/07/2012 2:07:22 AM | Computer Name = Paul-PC | Source = Dhcp | ID = 1002 Description = The IP address lease 10.1.1.3 for the Network Card with network address 0022684B316D has been denied by the DHCP server 10.1.1.1 (The DHCP Server sent a DHCPNACK message). Error - 25/07/2012 2:25:02 AM | Computer Name = Paul-PC | Source = Dhcp | ID = 1002 Description = The IP address lease 10.1.1.3 for the Network Card with network address 0022684B316D has been denied by the DHCP server 10.1.1.1 (The DHCP Server sent a DHCPNACK message). Error - 7/08/2012 7:20:36 PM | Computer Name = Paul-PC | Source = HTTP | ID = 15016 Description = Error - 13/08/2012 2:00:42 AM | Computer Name = Paul-PC | Source = HTTP | ID = 15016 Description = Error - 13/08/2012 10:10:57 AM | Computer Name = Paul-PC | Source = HTTP | ID = 15016 Description = Error - 13/08/2012 10:14:35 AM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7009 Description = Error - 13/08/2012 10:14:35 AM | Computer Name = Paul-PC | Source = Service Control Manager | ID = 7000 Description = Error - 13/08/2012 8:12:44 PM | Computer Name = Paul-PC | Source = Dhcp | ID = 1002 Description = The IP address lease 10.1.1.3 for the Network Card with network address 0022684B316D has been denied by the DHCP server 10.1.1.1 (The DHCP Server sent a DHCPNACK message). < End of report >
  12. What the hell, I have done that and saved the log to desktop and documents and it isnt showing up anywhere man! This is sucking so bad right now! i have had 2 do 2 screenshots mate, sorry about this. Please dont give up on me mate. this is driving me bananas! PIC 1 : http://i.imgur.com/czLZb.jpg PIC 2 : http://i.imgur.com/Vcu3t.jpg
  13. was that right? Or this one? Sorry Im a noob Malwarebytes Anti-Malware (Trial) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.13.05 Windows Vista Service Pack 1 x86 NTFS Internet Explorer 8.0.6001.19088 Guest :: PAUL-PC [limited] Protection: Enabled 14/08/2012 11:20:59 PM mbam-log-2012-08-14 (23-20-59).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 166708 Time elapsed: 4 minute(s), 48 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end)
  14. 2012/08/14 00:06:38 +1000 PAUL-PC Paul IP-BLOCK 81.198.148.4 (Type: outgoing, Port: 24666, Process: utorrent.exe) 2012/08/14 00:15:44 +1000 PAUL-PC Guest MESSAGE Starting protection 2012/08/14 00:15:59 +1000 PAUL-PC Guest MESSAGE Protection started successfully 2012/08/14 00:16:02 +1000 PAUL-PC Guest MESSAGE Starting IP protection 2012/08/14 00:16:03 +1000 PAUL-PC Guest MESSAGE IP Protection started successfully 2012/08/14 00:48:52 +1000 PAUL-PC Guest IP-BLOCK 89.28.18.243 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 01:05:32 +1000 PAUL-PC Guest IP-BLOCK 121.125.153.88 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 01:28:23 +1000 PAUL-PC Guest IP-BLOCK 89.28.83.142 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 01:35:39 +1000 PAUL-PC Guest IP-BLOCK 212.113.33.194 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 02:32:04 +1000 PAUL-PC Guest IP-BLOCK 89.28.85.35 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 02:34:05 +1000 PAUL-PC Guest MESSAGE Executing scheduled update: Daily 2012/08/14 02:34:19 +1000 PAUL-PC Guest MESSAGE Starting database refresh 2012/08/14 02:34:19 +1000 PAUL-PC Guest MESSAGE Stopping IP protection 2012/08/14 02:34:19 +1000 PAUL-PC Guest MESSAGE Scheduled update executed successfully: database updated from version v2012.08.13.01 to version v2012.08.13.05 2012/08/14 02:34:20 +1000 PAUL-PC Guest MESSAGE IP Protection stopped 2012/08/14 02:34:22 +1000 PAUL-PC Guest MESSAGE Database refreshed successfully 2012/08/14 02:34:22 +1000 PAUL-PC Guest MESSAGE Starting IP protection 2012/08/14 02:34:24 +1000 PAUL-PC Guest MESSAGE IP Protection started successfully 2012/08/14 02:48:15 +1000 PAUL-PC Guest IP-BLOCK 77.78.230.131 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 02:48:23 +1000 PAUL-PC Guest IP-BLOCK 89.28.54.46 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 02:58:32 +1000 PAUL-PC Guest IP-BLOCK 89.28.18.243 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 03:05:12 +1000 PAUL-PC Guest IP-BLOCK 79.135.136.88 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 03:28:01 +1000 PAUL-PC Guest IP-BLOCK 77.78.217.128 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 03:30:49 +1000 PAUL-PC Guest IP-BLOCK 196.205.162.202 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 03:36:01 +1000 PAUL-PC Guest IP-BLOCK 91.188.48.170 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 03:51:46 +1000 PAUL-PC Guest IP-BLOCK 89.28.18.243 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 03:52:10 +1000 PAUL-PC Guest IP-BLOCK 91.188.34.198 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 04:17:39 +1000 PAUL-PC Guest IP-BLOCK 79.135.147.210 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 04:19:15 +1000 PAUL-PC Guest IP-BLOCK 89.209.91.226 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 04:23:47 +1000 PAUL-PC Guest IP-BLOCK 89.28.24.123 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 04:24:19 +1000 PAUL-PC Guest IP-BLOCK 178.152.13.215 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 04:24:19 +1000 PAUL-PC Guest IP-BLOCK 222.70.225.246 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 04:34:03 +1000 PAUL-PC Guest IP-BLOCK 218.9.127.236 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 05:15:43 +1000 PAUL-PC Guest IP-BLOCK 83.128.17.61 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 05:15:51 +1000 PAUL-PC Guest IP-BLOCK 117.205.48.6 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 05:19:36 +1000 PAUL-PC Guest IP-BLOCK 79.135.147.210 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 05:34:02 +1000 PAUL-PC Guest IP-BLOCK 77.78.240.21 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 05:52:44 +1000 PAUL-PC Guest IP-BLOCK 91.188.49.16 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 05:55:48 +1000 PAUL-PC Guest IP-BLOCK 79.135.147.210 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 06:02:12 +1000 PAUL-PC Guest IP-BLOCK 46.21.146.169 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 06:31:57 +1000 PAUL-PC Guest IP-BLOCK 94.23.250.51 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 07:31:27 +1000 PAUL-PC Guest IP-BLOCK 77.78.225.139 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 07:32:55 +1000 PAUL-PC Guest IP-BLOCK 220.189.253.218 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 07:47:11 +1000 PAUL-PC Guest IP-BLOCK 83.128.61.124 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 07:47:43 +1000 PAUL-PC Guest IP-BLOCK 89.28.18.243 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 08:17:38 +1000 PAUL-PC Guest IP-BLOCK 89.28.104.29 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 09:44:40 +1000 PAUL-PC Guest IP-BLOCK 178.152.13.215 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 09:47:20 +1000 PAUL-PC Guest IP-BLOCK 222.69.183.108 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 09:47:20 +1000 PAUL-PC Guest IP-BLOCK 222.69.183.108 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 09:59:05 +1000 PAUL-PC Guest IP-BLOCK 178.152.13.215 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 10:01:37 +1000 PAUL-PC Guest IP-BLOCK 222.69.183.108 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 10:01:37 +1000 PAUL-PC Guest IP-BLOCK 222.69.183.108 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 10:33:39 +1000 PAUL-PC Guest IP-BLOCK 222.76.155.67 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 10:33:39 +1000 PAUL-PC Guest IP-BLOCK 94.23.250.51 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 10:34:51 +1000 PAUL-PC Guest IP-BLOCK 218.9.133.81 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 10:49:08 +1000 PAUL-PC Guest IP-BLOCK 213.186.115.237 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 12:18:07 +1000 PAUL-PC Guest IP-BLOCK 178.152.13.215 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 12:53:13 +1000 PAUL-PC Guest IP-BLOCK 195.244.135.186 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 13:02:50 +1000 PAUL-PC Guest IP-BLOCK 58.241.217.206 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 13:09:46 +1000 PAUL-PC Guest IP-BLOCK 91.188.36.168 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 13:10:02 +1000 PAUL-PC Guest IP-BLOCK 58.241.42.2 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 13:21:28 +1000 PAUL-PC Guest IP-BLOCK 178.152.13.215 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 13:27:04 +1000 PAUL-PC Guest IP-BLOCK 117.205.48.131 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 13:28:24 +1000 PAUL-PC Guest IP-BLOCK 89.28.6.199 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 13:32:48 +1000 PAUL-PC Guest IP-BLOCK 89.28.65.200 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 13:41:04 +1000 PAUL-PC Guest IP-BLOCK 79.135.142.133 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 13:54:01 +1000 PAUL-PC Guest IP-BLOCK 79.135.136.96 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 13:56:01 +1000 PAUL-PC Guest IP-BLOCK 178.152.13.215 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 14:10:18 +1000 PAUL-PC Guest IP-BLOCK 94.23.250.51 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 14:11:30 +1000 PAUL-PC Guest IP-BLOCK 89.209.91.88 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 14:18:10 +1000 PAUL-PC Guest IP-BLOCK 79.135.142.133 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 14:19:38 +1000 PAUL-PC Guest IP-BLOCK 81.163.138.42 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 14:30:11 +1000 PAUL-PC Guest IP-BLOCK 89.28.6.199 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 14:34:27 +1000 PAUL-PC Guest IP-BLOCK 79.135.142.133 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 14:36:35 +1000 PAUL-PC Guest IP-BLOCK 91.212.124.155 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 14:37:07 +1000 PAUL-PC Guest IP-BLOCK 222.76.121.20 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 14:54:04 +1000 PAUL-PC Guest IP-BLOCK 59.34.60.80 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 14:57:24 +1000 PAUL-PC Guest IP-BLOCK 59.34.60.80 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 14:57:32 +1000 PAUL-PC Guest IP-BLOCK 59.34.60.80 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 15:10:28 +1000 PAUL-PC Guest IP-BLOCK 79.135.142.133 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 15:11:00 +1000 PAUL-PC Guest IP-BLOCK 58.241.9.30 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 15:20:53 +1000 PAUL-PC Guest IP-BLOCK 79.135.142.133 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 15:35:01 +1000 PAUL-PC Guest IP-BLOCK 79.135.142.133 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 15:38:45 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 15:39:33 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 15:39:49 +1000 PAUL-PC Guest IP-BLOCK 222.70.185.60 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 15:49:42 +1000 PAUL-PC Guest IP-BLOCK 79.135.142.133 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 15:52:30 +1000 PAUL-PC Guest IP-BLOCK 195.244.128.245 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 16:01:58 +1000 PAUL-PC Guest IP-BLOCK 146.185.18.98 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 16:11:43 +1000 PAUL-PC Guest IP-BLOCK 77.78.227.65 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 16:20:57 +1000 PAUL-PC Guest IP-BLOCK 31.31.76.180 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 16:41:46 +1000 PAUL-PC Guest IP-BLOCK 122.227.135.236 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 16:46:19 +1000 PAUL-PC Guest IP-BLOCK 178.152.13.225 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:01:47 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:02:27 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:02:27 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:03:39 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:03:39 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:03:39 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:03:39 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:03:55 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:03:55 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:04:35 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:04:35 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:06:27 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:06:27 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:06:43 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:06:43 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:06:59 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:06:59 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:07:23 +1000 PAUL-PC Guest IP-BLOCK 178.152.13.215 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:09:31 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:09:31 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:10:11 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:10:19 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:10:19 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:10:51 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:10:51 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:11:07 +1000 PAUL-PC Guest IP-BLOCK 222.71.229.24 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:25:53 +1000 PAUL-PC Guest IP-BLOCK 218.10.51.18 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 17:37:10 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:37:18 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:37:26 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:37:34 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:37:34 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:39:18 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:39:42 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:46:15 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:46:55 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:47:43 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:48:15 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:49:27 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 17:53:27 +1000 PAUL-PC Guest IP-BLOCK 178.152.13.215 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 18:02:00 +1000 PAUL-PC Guest IP-BLOCK 58.240.144.28 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 18:08:00 +1000 PAUL-PC Guest IP-BLOCK 178.152.13.215 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 18:11:53 +1000 PAUL-PC Guest IP-BLOCK 58.241.89.2 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 18:24:01 +1000 PAUL-PC Guest IP-BLOCK 178.152.13.215 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 18:30:02 +1000 PAUL-PC Guest IP-BLOCK 222.75.167.97 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 18:54:51 +1000 PAUL-PC Guest IP-BLOCK 89.28.115.147 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 19:03:40 +1000 PAUL-PC Guest IP-BLOCK 213.55.114.175 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 19:03:48 +1000 PAUL-PC Guest IP-BLOCK 213.55.114.31 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 19:09:49 +1000 PAUL-PC Guest IP-BLOCK 89.28.83.124 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 19:09:57 +1000 PAUL-PC Guest IP-BLOCK 89.28.94.165 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 19:13:09 +1000 PAUL-PC Guest IP-BLOCK 77.78.213.119 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 19:51:20 +1000 PAUL-PC Guest IP-BLOCK 89.28.6.195 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 20:04:49 +1000 PAUL-PC Guest IP-BLOCK 194.165.0.5 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 20:16:34 +1000 PAUL-PC Guest IP-BLOCK 222.69.183.108 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 20:16:34 +1000 PAUL-PC Guest IP-BLOCK 222.69.183.108 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 20:22:51 +1000 PAUL-PC Guest IP-BLOCK 219.146.114.67 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 20:22:51 +1000 PAUL-PC Guest IP-BLOCK 219.146.114.67 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 20:33:16 +1000 PAUL-PC Guest IP-BLOCK 213.186.121.164 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 20:46:29 +1000 PAUL-PC Guest IP-BLOCK 222.69.183.108 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 21:05:43 +1000 PAUL-PC Guest IP-BLOCK 222.69.96.85 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 21:06:15 +1000 PAUL-PC Guest IP-BLOCK 121.125.153.88 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 21:33:30 +1000 PAUL-PC Guest IP-BLOCK 83.128.107.112 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 21:34:58 +1000 PAUL-PC Guest IP-BLOCK 222.186.78.204 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 21:36:02 +1000 PAUL-PC Guest IP-BLOCK 83.128.100.139 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 21:39:39 +1000 PAUL-PC Guest IP-BLOCK 83.128.82.173 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 21:47:07 +1000 PAUL-PC Guest IP-BLOCK 89.28.9.230 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 21:51:40 +1000 PAUL-PC Guest IP-BLOCK 89.28.74.106 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 21:52:44 +1000 PAUL-PC Guest IP-BLOCK 222.69.15.108 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 22:09:02 +1000 PAUL-PC Guest IP-BLOCK 222.71.83.181 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 22:09:02 +1000 PAUL-PC Guest IP-BLOCK 222.65.198.158 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 22:16:38 +1000 PAUL-PC Guest IP-BLOCK 89.28.9.230 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 22:20:38 +1000 PAUL-PC Guest IP-BLOCK 222.69.15.108 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 22:53:38 +1000 PAUL-PC Guest IP-BLOCK 79.135.146.72 (Type: incoming, Port: 15402, Process: utorrent.exe) 2012/08/14 22:54:27 +1000 PAUL-PC Guest IP-BLOCK 121.10.80.229 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 23:24:55 +1000 PAUL-PC Guest IP-BLOCK 222.70.220.66 (Type: outgoing, Port: 15402, Process: utorrent.exe) 2012/08/14 23:25:36 +1000 PAUL-PC Guest IP-BLOCK 77.78.209.154 (Type: outgoing, Port: 15402, Process: utorrent.exe)
  15. Yes I have downloaded the DDS thing but can not run it. When I click on it it flashes a up a lil black box for a split second and then it disappears! I have tried several times..... Any ideas?
  16. Hi guys, please help me, I have been using MBAM for years now and always liked it. Yesterday I got a phone call from an Indian and he was saying he was from Microsoft saying that we had virusses on the computer. When he told me his name was David Watson I thought he was a scammer and hung up (Not a very indian name) Anyway I ran MBAM afterwards and like 20 threats were removed. But now I keep getting this message from MBAM "malwarebytes successfully blocked access to a potentially malicious website type outgoing". It says its from Utorrent and names a port.<br /> I was reading a little about this and have downloaded TDSSkiller and this is the log. It doesnt have the option for cure. http://imgur.com/lhbsR Can someone please help me. Thanks</p>
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.