0nIQ23cFNJUo8r3

Ok thanks Ron. So nothing to worry about at the moment. Normal operations. That would explain why MB does not find anything. Thanks for your time in looking into this.

Here is the link. http://we.tl/kBWRvhRrta

I have installed Wireshark, but its way over my head to understand what I am looking at. I will run it again and see it its there.

I use Zone Alarm Internet Security Suite. I do not see anything in ZAP because I believe Peer Block is stopping it ahead of ZAP. I have turned off Peer Block to see if ZAP shows anything in the log but did not see anything. I'm not sure what the problem is or where it developed from.

Peer Block software is blocking it outbound.

Ron, Here are both files. Addition.txt FRST.txt

To my knowledge and experience, it does not.

Ron, Here is the App Log. AppLog.txt

Protection log? I am not sure what you are referring to.

Thats OK. Its never been fixed. I just live with it until such time that I have to reformat my drive or MB can remove it from my system. Thanks for your concern.

Microsoft Windows [Version 6.1.7601] Copyright © 2009 Microsoft Corporation. All rights reserved. C:\Windows\system32>netstat -a Active Connections Proto Local Address Foreign Address State TCP 0.0.0.0:135 ALPHA:0 LISTENING TCP 0.0.0.0:445 ALPHA:0 LISTENING TCP 0.0.0.0:2968 ALPHA:0 LISTENING TCP 0.0.0.0:5050 ALPHA:0 LISTENING TCP 0.0.0.0:5060 ALPHA:0 LISTENING TCP 0.0.0.0:5063 ALPHA:0 LISTENING TCP 0.0.0.0:5065 ALPHA:0 LISTENING TCP 0.0.0.0:5066 ALPHA:0 LISTENING TCP 0.0.0.0:5067 ALPHA:0 LISTENING TCP 0.0.0.0:5068 ALPHA:0 LISTENING TCP 0.0.0.0:5069 ALPHA:0 LISTENING TCP 0.0.0.0:5080 ALPHA:0 LISTENING TCP 0.0.0.0:5357 ALPHA:0 LISTENING TCP 0.0.0.0:8070 ALPHA:0 LISTENING TCP 0.0.0.0:49152 ALPHA:0 LISTENING TCP 0.0.0.0:49153 ALPHA:0 LISTENING TCP 0.0.0.0:49154 ALPHA:0 LISTENING TCP 0.0.0.0:49155 ALPHA:0 LISTENING TCP 0.0.0.0:49179 ALPHA:0 LISTENING TCP 127.0.0.1:1234 ALPHA:0 LISTENING TCP 127.0.0.1:5080 www:49272 ESTABLISHED TCP 127.0.0.1:5939 ALPHA:0 LISTENING TCP 127.0.0.1:9990 ALPHA:0 LISTENING TCP 127.0.0.1:23401 ALPHA:0 LISTENING TCP 127.0.0.1:37483 ALPHA:0 LISTENING TCP 127.0.0.1:49207 www:49208 ESTABLISHED TCP 127.0.0.1:49208 www:49207 ESTABLISHED TCP 127.0.0.1:49272 www:5080 ESTABLISHED TCP 127.0.0.1:59243 ALPHA:0 LISTENING TCP 169.254.235.250:139 ALPHA:0 LISTENING TCP 192.168.1.107:139 ALPHA:0 LISTENING TCP 192.168.1.107:49209 74.125.22.125:5222 ESTABLISHED TCP 192.168.1.107:49477 64.233.171.188:5228 ESTABLISHED TCP 192.168.1.107:49483 qc-in-f125:5222 ESTABLISHED TCP 192.168.1.107:49748 ntt-19:https ESTABLISHED TCP 192.168.1.107:49765 coral:http TIME_WAIT TCP 192.168.1.107:49766 coral:http TIME_WAIT TCP 192.168.1.107:49771 coral:http TIME_WAIT TCP 192.168.1.107:49772 coral:http TIME_WAIT TCP 192.168.1.107:49773 coral:http TIME_WAIT TCP 192.168.1.107:49774 coral:http TIME_WAIT TCP 192.168.1.107:49775 coral:http TIME_WAIT TCP 192.168.1.107:49776 coral:http TIME_WAIT TCP 192.168.1.107:49780 lga15s42-in-f7:https ESTABLISHED TCP 192.168.1.107:49781 lga15s35-in-f9:http TIME_WAIT TCP 192.168.1.107:49782 lga15s35-in-f9:http TIME_WAIT TCP 192.168.1.107:49783 lga15s35-in-f9:http TIME_WAIT TCP 192.168.1.107:49810 lga15s42-in-f2:https ESTABLISHED TCP 192.168.1.107:49837 lga15s35-in-f21:https ESTABLISHED TCP 192.168.1.107:49839 64.233.171.84:https ESTABLISHED TCP 192.168.1.107:49840 lga15s35-in-f15:https ESTABLISHED TCP 192.168.1.107:49844 lga15s35-in-f9:https ESTABLISHED TCP 192.168.1.107:49845 lga15s35-in-f11:https ESTABLISHED TCP 192.168.1.107:49852 iad23s05-in-f19:https ESTABLISHED TCP 192.168.1.107:49853 lga15s35-in-f2:https ESTABLISHED TCP 192.168.1.107:49855 lga15s35-in-f29:https ESTABLISHED TCP 192.168.1.107:49856 lga15s43-in-f7:https ESTABLISHED TCP 192.168.1.107:49868 tg-in-f94:https ESTABLISHED TCP 192.168.1.107:49883 a23-62-6-65:http SYN_SENT TCP [::]:135 ALPHA:0 LISTENING TCP [::]:445 ALPHA:0 LISTENING TCP [::]:5357 ALPHA:0 LISTENING TCP [::]:8070 ALPHA:0 LISTENING TCP [::]:49152 ALPHA:0 LISTENING TCP [::]:49153 ALPHA:0 LISTENING TCP [::]:49154 ALPHA:0 LISTENING TCP [::]:49155 ALPHA:0 LISTENING TCP [::]:49179 ALPHA:0 LISTENING TCP [::1]:49161 ALPHA:0 LISTENING UDP 0.0.0.0:68 *:* UDP 0.0.0.0:500 *:* UDP 0.0.0.0:2968 *:* UDP 0.0.0.0:3702 *:* UDP 0.0.0.0:3702 *:* UDP 0.0.0.0:3702 *:* UDP 0.0.0.0:3702 *:* UDP 0.0.0.0:4500 *:* UDP 0.0.0.0:5070 *:* UDP 0.0.0.0:5355 *:* UDP 0.0.0.0:56911 *:* UDP 0.0.0.0:56913 *:* UDP 0.0.0.0:56915 *:* UDP 0.0.0.0:59285 *:* UDP 0.0.0.0:59286 *:* UDP 0.0.0.0:59287 *:* UDP 0.0.0.0:59288 *:* UDP 0.0.0.0:59289 *:* UDP 0.0.0.0:59290 *:* UDP 127.0.0.1:1900 *:* UDP 127.0.0.1:48200 *:* UDP 127.0.0.1:48201 *:* UDP 127.0.0.1:51459 *:* UDP 169.254.235.250:137 *:* UDP 169.254.235.250:138 *:* UDP 192.168.1.107:137 *:* UDP 192.168.1.107:138 *:* UDP 192.168.1.107:1900 *:* UDP 192.168.1.107:51458 *:* UDP 192.168.1.107:52054 *:* UDP [::]:500 *:* UDP [::]:3702 *:* UDP [::]:3702 *:* UDP [::]:3702 *:* UDP [::]:3702 *:* UDP [::]:4500 *:* UDP [::]:5355 *:* UDP [::]:56912 *:* UDP [::]:56914 *:* UDP [::]:56916 *:* UDP [::1]:1900 *:* UDP [::1]:51457 *:* UDP [fe80::8d42:f169:3767:701e%11]:546 *:* UDP [fe80::8d42:f169:3767:701e%11]:1900 *:* UDP [fe80::8d42:f169:3767:701e%11]:51456 *:* C:\Windows\system32>

Here is the output. Microsoft Windows [Version 6.1.7601]Copyright © 2009 Microsoft Corporation. All rights reserved. C:\Windows\system32>IPCONFIG /FLUSHDNS Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Windows\system32>arp -d * C:\Windows\system32>ipconfig /renew Windows IP Configuration No operation can be performed on Wireless Network Connection while it has its media disconnected. C:\Windows\system32>C:\Windows\system32>nbtstat -a Displays protocol statistics and current TCP/IP connections using NBT(NetBIOS over TCP/IP). NBTSTAT [ [-a RemoteName] [-A IP address] [-c] [-n] [-r] [-R] [-RR] [-s] [-S] [interval] ] -a (adapter status) Lists the remote machine's name table given its name -A (Adapter status) Lists the remote machine's name table given its IP address. -c (cache) Lists NBT's cache of remote [machine] names and their IP addresses -n (names) Lists local NetBIOS names. -r (resolved) Lists names resolved by broadcast and via WINS -R (Reload) Purges and reloads the remote cache name table -S (Sessions) Lists sessions table with the destination IP addresses -s (sessions) Lists sessions table converting destination IP addresses to computer NETBIOS names. -RR (ReleaseRefresh) Sends Name Release packets to WINS and then, starts Refresh RemoteName Remote host machine name. IP address Dotted decimal representation of the IP address. interval Redisplays selected statistics, pausing interval seconds between each display. Press Ctrl+C to stop redisplaying statistics.

I doubt it very much.

I have done this again as requested but the instant I bring up Chrome or any browser for that matter, I immediately see the blocking on Peer Block.

Hey in another thread on this group there was some information about body4u. I tried disabling UPNP using Gibson Research tool and that seems to have stopped the body4u stuff. While that is a step forward in that regard, what does disabling UPNP do to the rest of the system?