Jump to content

ryanc

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

 Content Type 

Everything posted by ryanc

  1. ryanc
    Hello there, I'm a newbie to the forum but have a problem and am hoping someone can help. Basically I downloaded some plugins for Mixcraft 5 and scanned them with Kraspersky 2011. It said they were fine so I installed them only to find they weren't fine and I had Suspicious and infected files now on my laptop. Downloaded Malwarebytes because Kraspersky was frankly doing nothing, and it got rid of 4 of them. After that I kept getting messages saying that it had stopped a potentially malacious website from accessing my laptop - "website: 121.10.137.43 (also the same again except 44 at the end and 83.128.88.141), Type: Incoming, Port: 33193, Process: utorrent.exe" (I have also had processes from svchost.exe and others). I then followed your "im infected - what do i do now" page. Having done everything successfully the GMER Rootkit Scanner came back saying something along the lines of "could not find any changes". As you can tell I am not an expert but the pop ups are still happening, and I have no idea what to do. I shall post everything I can into this post as requested, (although I did not save the scan results because I was a bit shocked that it had said nothing had changed. Really hope someone can help!! . DDS (Ver_2011-06-23.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 Run by Ryan at 21:20:19 on 2011-08-02 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8106.6076 [GMT 1:00] . AV: Kaspersky Anti-Virus *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Kaspersky Anti-Virus *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\Steam\steam.exe C:\Program Files (x86)\Hotkey\Hotkey.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe C:\Windows\SysWOW64\DVAPTray.exe C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe C:\Program Files (x86)\Creative\USB Sound Blaster HD\Volume Panel\VolPanlu.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Hotkey\PowerBiosServer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\x64\klwtblfs.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Windows\system32\sppsvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.bbc.co.uk/news/ uDefault_Page_URL = hxxp://www.pcspecialist.co.uk/ uInternet Settings,ProxyOverride = *.local uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [DVAPTray] C:\Windows\System32\DVAPTray.exe mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r mRun: [updReg] C:\Windows\UpdReg.EXE mRun: [VolPanel] "C:\Program Files (x86)\Creative\USB Sound Blaster HD\Volume Panel\VolPanlu.exe" /r mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Hotkey.lnk - C:\Program Files (x86)\Hotkey\Hotkey.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{B2F92892-BFCC-40E3-AAB4-87F244B53445} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{B2F92892-BFCC-40E3-AAB4-87F244B53445}\05F475F425B43584F405 : DhcpNameServer = 192.168.1.1 Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll, C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll BHO-X64: IEVkbdBHO - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll BHO-X64: link filter bho - No File TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [DVAPTray] C:\Windows\System32\DVAPTray.exe mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r mRun-x64: [updReg] C:\Windows\UpdReg.EXE mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\USB Sound Blaster HD\Volume Panel\VolPanlu.exe" /r mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll, C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952] R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2010-5-7 344736] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-8-2 366640] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-8 2005608] R2 PowerBiosServer;PowerBiosServer;C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [2011-1-27 33792] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-4-24 483688] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-4-8 2656280] R3 FFUsbAudio;Focusrite USB Audio Driver;C:\Windows\system32\DRIVERS\ffusbaudio.sys --> C:\Windows\system32\DRIVERS\ffusbaudio.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?] R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\system32\DRIVERS\rtl8192Ce.sys --> C:\Windows\system32\DRIVERS\rtl8192Ce.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-4-24 209768] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-6-19 79360] S3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2011-6-19 79360] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352] S3 ksaud;Creative USB Audio Driver;C:\Windows\system32\drivers\ksaud.sys --> C:\Windows\system32\drivers\ksaud.sys [?] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240] S3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2011-08-02 20:14:32 0 ----a-w- C:\Windows\SysWow64\sho48C4.tmp 2011-08-02 18:13:25 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Malwarebytes 2011-08-02 18:13:19 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-08-02 18:13:19 -------- d-----w- C:\ProgramData\Malwarebytes 2011-08-02 18:13:16 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-08-02 18:13:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-08-02 14:49:51 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll 2011-08-02 14:49:51 32768 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll 2011-08-02 14:49:51 225280 ------w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll 2011-08-02 14:49:51 176128 ------w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll 2011-08-02 14:49:50 610436 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe 2011-08-02 14:13:35 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Waves 2011-08-02 14:13:34 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Waves Preferences 2011-08-02 14:12:21 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Waves Audio 2011-08-02 14:11:08 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2011-08-02 14:11:08 1060864 ----a-w- C:\Windows\SysWow64\MFC71.dll 2011-08-02 14:11:07 -------- d-----w- C:\Program Files (x86)\Waves 2011-08-02 11:20:07 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FE416E00-C118-46B1-9D57-67B0DBA000BC}\mpengine.dll 2011-08-01 18:17:21 692575 ----a-w- C:\Program Files (x86)\Uninstall Information\{ABAF1232-6213-4062-9D52-04E04A730CEA}\unins000.exe 2011-08-01 11:47:24 710976 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2011-08-01 11:23:42 19000 ----a-w- C:\Windows\System32\nvnusbaudio_coinst.dll 2011-08-01 11:23:42 -------- d-----w- C:\Program Files\Focusrite 2011-07-27 15:52:17 -------- d-----w- C:\Users\Ryan\AppData\Roaming\REAPER 2011-07-27 13:13:25 0 ----a-w- C:\Windows\SysWow64\sho3572.tmp 2011-07-26 12:34:06 -------- d-----w- C:\Users\Ryan\AppData\Local\Adobe 2011-07-26 12:33:35 -------- d-----w- C:\Users\Ryan\AppData\Local\Google 2011-07-26 12:20:58 -------- d-----w- C:\Program Files (x86)\Focusrite Saffire 2011-07-26 12:18:43 50232 ----a-w- C:\Windows\System32\drivers\ffusbaudio.sys 2011-07-26 10:46:36 -------- d-----w- C:\Program Files\iPod 2011-07-26 10:46:35 -------- d-----w- C:\Program Files\iTunes 2011-07-26 10:46:35 -------- d-----w- C:\Program Files (x86)\iTunes 2011-07-26 10:44:09 -------- d-----w- C:\Program Files\Bonjour 2011-07-26 10:44:09 -------- d-----w- C:\Program Files (x86)\Bonjour 2011-07-25 17:20:59 -------- d-----w- C:\Program Files (x86)\Acoustica Shared Effects 2011-07-21 01:54:14 0 ----a-w- C:\Windows\SysWow64\sho22E9.tmp 2011-07-19 13:48:44 1146984 ----a-w- C:\Windows\System32\RTSnMg64.cpl 2011-07-19 13:47:57 1251944 ------r- C:\Windows\RtlExUpd.dll 2011-07-19 13:47:54 65024 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe 2011-07-19 12:05:05 90112 ------w- C:\Windows\Updreg.EXE 2011-07-19 12:04:55 25600 ------w- C:\Windows\System32\THXCfg64.dll 2011-07-19 12:04:55 141312 ------w- C:\Windows\System32\THXCfg64.exe 2011-07-19 12:04:55 11264 ------w- C:\Windows\SysWow64\ResDefA.exe 2011-07-19 12:03:13 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared 2011-07-19 11:57:09 0 ----a-w- C:\Windows\SysWow64\sho2E02.tmp 2011-07-18 21:56:54 0 ----a-w- C:\Windows\SysWow64\sho4100.tmp 2011-07-14 01:16:49 0 ----a-w- C:\Windows\SysWow64\sho6AB8.tmp 2011-07-14 01:14:48 -------- d-----w- C:\Program Files (x86)\MSXML 4.0 2011-07-13 11:40:56 96768 ----a-w- C:\Windows\System32\fsutil.exe 2011-07-12 10:34:00 96104 ----a-w- C:\Windows\System32\dns-sd.exe 2011-07-12 10:34:00 85864 ----a-w- C:\Windows\System32\dnssd.dll 2011-07-12 10:34:00 61288 ----a-w- C:\Windows\System32\jdns_sd.dll 2011-07-12 10:34:00 212840 ----a-w- C:\Windows\System32\dnssdX.dll 2011-07-12 10:20:54 83816 ----a-w- C:\Windows\SysWow64\dns-sd.exe 2011-07-12 10:20:54 73064 ----a-w- C:\Windows\SysWow64\dnssd.dll 2011-07-12 10:20:54 50536 ----a-w- C:\Windows\SysWow64\jdns_sd.dll 2011-07-12 10:20:54 178536 ----a-w- C:\Windows\SysWow64\dnssdX.dll 2011-07-10 13:03:14 -------- d-----w- C:\Users\Ryan\AppData\Local\WinZip 2011-07-09 00:39:53 902656 ----a-w- C:\Windows\System32\d2d1.dll 2011-07-09 00:39:53 1139200 ----a-w- C:\Windows\System32\FntCache.dll 2011-07-09 00:39:53 1076736 ----a-w- C:\Windows\SysWow64\DWrite.dll 2011-07-09 00:39:52 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2011-07-09 00:39:52 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2011-07-08 22:25:02 -------- d-----w- C:\Program Files (x86)\Acoustica Beatcraft 2011-07-08 15:04:38 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Applied Acoustics Systems 2011-07-08 14:48:06 -------- d-----w- C:\Program Files (x86)\Pianissimo 2011-07-08 00:35:05 0 ----a-w- C:\Windows\SysWow64\sho5269.tmp 2011-07-07 18:34:53 -------- d-----w- C:\Program Files (x86)\VST 2011-07-07 18:20:45 -------- d-----w- C:\Program Files (x86)\Acoustica Mixcraft 5 2011-07-07 18:20:38 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2011-07-07 13:24:22 2301208 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2011-07-07 13:24:08 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2011-07-06 17:30:18 -------- d-----w- C:\Users\Ryan\AppData\Roaming\SynthMaker 2011-07-06 17:29:51 57344 ----a-w- C:\Windows\SysWow64\Wnaspint.dll 2011-07-06 17:29:51 -------- d-----w- C:\Users\Ryan\AppData\Roaming\Acoustica 2011-07-06 17:28:42 -------- d-----w- C:\ProgramData\Acoustica 2011-07-04 15:17:05 516096 ----a-w- C:\Windows\SysWow64\MP4Splitter.ax 2011-07-04 15:17:04 8209408 ----a-w- C:\Windows\SysWow64\DVAP_M.exe 2011-07-04 15:17:04 192512 ----a-w- C:\Windows\SysWow64\DVAPTray.exe 2011-07-04 15:17:04 155648 ----a-w- C:\Windows\SysWow64\DVAPfg.exe . ==================== Find3M ==================== . 2011-07-01 15:23:39 0 ----a-w- C:\Windows\SysWow64\sho2980.tmp 2011-06-21 14:12:53 0 ----a-w- C:\Windows\SysWow64\shoE1AB.tmp 2011-06-19 14:57:28 466456 ----a-w- C:\Windows\System32\wrap_oal.dll 2011-06-19 14:57:28 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll 2011-06-19 14:57:28 122904 ----a-w- C:\Windows\System32\OpenAL32.dll 2011-06-19 14:57:28 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll 2011-06-18 17:02:18 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-06-11 03:07:25 3137536 ----a-w- C:\Windows\System32\win32k.sys 2011-06-03 06:57:45 362496 ----a-w- C:\Windows\System32\wow64win.dll 2011-06-03 06:57:45 243200 ----a-w- C:\Windows\System32\wow64.dll 2011-06-03 06:57:45 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2011-06-03 06:57:44 214528 ----a-w- C:\Windows\System32\winsrv.dll 2011-06-03 06:57:38 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2011-06-03 06:56:38 421888 ----a-w- C:\Windows\System32\KernelBase.dll 2011-06-03 06:53:33 338944 ----a-w- C:\Windows\System32\conhost.exe 2011-06-03 06:00:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2011-06-03 05:57:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2011-06-03 05:57:33 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2011-06-03 05:56:12 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2011-06-03 05:56:11 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2011-06-03 03:53:31 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2011-06-03 03:53:31 2048 ----a-w- C:\Windows\SysWow64\user.exe 2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2011-05-28 03:30:09 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-05-28 02:53:58 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-05-24 18:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe 2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll 2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll 2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll 2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll 2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe 2011-05-10 07:06:08 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys 2011-05-10 07:06:08 4517664 ----a-w- C:\Windows\System32\usbaaplrc.dll . ============= FINISH: 21:20:59.39 =============== Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7357 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 02/08/2011 19:23:39 mbam-log-2011-08-02 (19-23-39).txt Scan type: Quick scan Objects scanned: 182087 Time elapsed: 3 minute(s), 24 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 4 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\Users\Ryan\AppData\Local\Temp\euvlp.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\Ryan\AppData\Local\Temp\gmlo.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\Ryan\AppData\Local\Temp\icmlo.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\Users\Ryan\AppData\Local\Temp\rvlos.exe (Trojan.Agent) -> Quarantined and deleted successfully. Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7357 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 02/08/2011 20:23:00 mbam-log-2011-08-02 (20-23-00).txt Scan type: Full scan (C:\|D:\|Q:\|) Objects scanned: 290342 Time elapsed: 55 minute(s), 35 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) 19:14:05 Ryan MESSAGE Protection started successfully 19:14:09 Ryan MESSAGE IP Protection started successfully 19:22:11 Ryan IP-BLOCK 222.70.101.239 (Type: incoming, Port: 33193, Process: utorrent.exe) 19:26:09 Ryan MESSAGE Protection started successfully 19:26:13 Ryan MESSAGE IP Protection started successfully 19:26:47 Ryan IP-BLOCK 212.117.167.73 (Type: outgoing, Port: 33193, Process: utorrent.exe) 19:27:11 Ryan IP-BLOCK 222.68.167.75 (Type: incoming, Port: 33193, Process: utorrent.exe) 19:27:11 Ryan IP-BLOCK 222.68.167.75 (Type: incoming, Port: 33193, Process: svchost.exe) 19:31:13 Ryan IP-BLOCK 79.135.149.100 (Type: incoming, Port: 33193, Process: utorrent.exe) 19:58:03 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:04:08 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:04:08 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: svchost.exe) 20:04:08 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:04:08 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: svchost.exe) 20:16:32 Ryan IP-BLOCK 121.10.137.43 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:16:32 Ryan IP-BLOCK 121.10.137.43 (Type: incoming, Port: 33193, Process: svchost.exe) 20:21:31 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:21:31 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:21:31 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:21:31 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:21:31 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:21:31 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:21:47 Ryan IP-BLOCK 89.28.14.76 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:21:47 Ryan IP-BLOCK 89.28.14.76 (Type: incoming, Port: 33193, Process: svchost.exe) 20:21:47 Ryan IP-BLOCK 89.28.14.76 (Type: incoming, Port: 33193, Process: svchost.exe) 20:23:47 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:23:47 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:24:27 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:24:27 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:24:27 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:24:27 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:29:16 Ryan IP-BLOCK 89.28.118.206 (Type: outgoing, Port: 33193, Process: utorrent.exe) 20:29:56 Ryan IP-BLOCK 222.68.167.75 (Type: outgoing, Port: 33193, Process: utorrent.exe) 20:34:01 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:34:01 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:34:01 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:34:01 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:34:18 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:34:18 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: svchost.exe) 20:34:18 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:34:18 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: svchost.exe) 20:35:06 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:35:06 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:35:06 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:35:14 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:35:14 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:35:14 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:38:24 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:38:24 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:38:24 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:38:24 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:40:50 Ryan IP-BLOCK 222.68.167.75 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:40:50 Ryan IP-BLOCK 222.68.167.75 (Type: incoming, Port: 33193, Process: svchost.exe) 20:41:38 Ryan IP-BLOCK 83.128.82.193 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:41:38 Ryan IP-BLOCK 83.128.82.193 (Type: incoming, Port: 33193, Process: svchost.exe) 20:46:17 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:46:17 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:46:57 Ryan IP-BLOCK 121.10.137.43 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:46:58 Ryan IP-BLOCK 121.10.137.43 (Type: incoming, Port: 33193, Process: svchost.exe) 20:46:58 Ryan IP-BLOCK 121.10.137.43 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:46:58 Ryan IP-BLOCK 121.10.137.43 (Type: incoming, Port: 33193, Process: svchost.exe) 20:47:06 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:47:06 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:47:06 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: utorrent.exe) 20:47:06 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:50:10 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:50:10 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:50:52 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:50:52 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:50:52 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:50:52 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:53:06 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 20:53:06 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 21:04:28 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: svchost.exe) 21:04:28 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: svchost.exe) 21:04:28 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: svchost.exe) 21:04:28 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: svchost.exe) 21:05:17 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 21:05:17 Ryan IP-BLOCK 222.71.19.111 (Type: incoming, Port: 33193, Process: svchost.exe) 21:18:15 Ryan MESSAGE Protection started successfully 21:18:18 Ryan MESSAGE IP Protection started successfully 21:32:13 Ryan IP-BLOCK 58.241.55.100 (Type: outgoing, Port: 33193, Process: utorrent.exe) 21:32:30 Ryan IP-BLOCK 89.28.51.143 (Type: outgoing, Port: 33193, Process: utorrent.exe) 21:34:30 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: utorrent.exe) 22:02:32 Ryan IP-BLOCK 222.68.167.75 (Type: outgoing, Port: 33193, Process: utorrent.exe) 22:04:00 Ryan IP-BLOCK 83.128.88.141 (Type: incoming, Port: 33193, Process: utorrent.exe) 22:04:00 Ryan IP-BLOCK 83.128.88.141 (Type: incoming, Port: 33193, Process: svchost.exe) 22:04:40 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: utorrent.exe) 22:04:40 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: svchost.exe) 22:04:40 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: utorrent.exe) 22:04:40 Ryan IP-BLOCK 121.10.137.44 (Type: incoming, Port: 33193, Process: svchost.exe) 22:09:29 Ryan IP-BLOCK 91.188.57.67 (Type: incoming, Port: 33193, Process: utorrent.exe)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.