Jump to content

Vinny

Members
  • Posts

    5
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Malaware is no longer blocking sites that im not on so what im gonna do is take off my Malaware Protection and see how it does for the rest of the day if it comes back or not in the next 2 days without Malawares protection then im sure its fixed if it comes back i reply as soon as it happens
  2. ComboFix 11-09-09.04 - Vincent 09/09/2011 19:35:09.3.1 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.1979.864 [GMT -4:00] Running from: c:\users\Vincent\Desktop\ComboFix.exe AV: Norton Internet Security *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2011-08-09 to 2011-09-09 ))))))))))))))))))))))))))))))) . . 2011-09-09 23:52 . 2011-09-09 23:52 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-08-29 23:56 . 2011-08-29 23:56 -------- d-----w- c:\program files (x86)\Common Files\Spigot 2011-08-29 23:56 . 2011-08-29 23:56 -------- d-----w- c:\program files (x86)\Application Updater 2011-08-24 17:16 . 2011-07-09 05:14 2048 ----a-w- c:\windows\system32\tzres.dll 2011-08-24 17:16 . 2011-07-09 04:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2011-08-12 22:28 . 2011-08-12 22:28 -------- d-----w- c:\programdata\KingsIsle Entertainment . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-14 23:20 . 2010-05-07 19:27 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2011-08-14 23:20 . 2010-05-07 19:26 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2011-08-14 23:19 . 2010-06-02 19:55 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll 2011-07-23 04:14 . 2010-12-29 17:16 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll 2011-07-22 05:45 . 2010-05-19 18:52 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll 2011-07-22 05:45 . 2010-05-19 18:52 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2011-07-22 05:45 . 2010-12-09 22:50 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2011-07-22 05:35 . 2011-08-10 14:14 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-07-22 04:56 . 2011-08-10 14:14 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb 2011-07-20 18:39 . 2011-06-12 20:17 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-07-16 05:26 . 2011-08-10 14:15 362496 ----a-w- c:\windows\system32\wow64win.dll 2011-07-16 05:26 . 2011-08-10 14:15 243200 ----a-w- c:\windows\system32\wow64.dll 2011-07-16 05:26 . 2011-08-10 14:15 13312 ----a-w- c:\windows\system32\wow64cpu.dll 2011-07-16 05:26 . 2011-08-10 14:15 214528 ----a-w- c:\windows\system32\winsrv.dll 2011-07-16 05:24 . 2011-08-10 14:15 16384 ----a-w- c:\windows\system32\ntvdm64.dll 2011-07-16 05:21 . 2011-08-10 14:15 422400 ----a-w- c:\windows\system32\KernelBase.dll 2011-07-16 05:17 . 2011-08-10 14:15 338432 ----a-w- c:\windows\system32\conhost.exe 2011-07-16 05:04 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll 2011-07-16 05:04 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll 2011-07-16 04:36 . 2011-08-10 14:15 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2011-07-16 04:32 . 2011-08-10 14:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2011-07-16 04:31 . 2011-08-10 14:15 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2011-07-16 04:30 . 2011-08-10 14:15 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2011-07-16 04:30 . 2011-08-10 14:15 272384 ----a-w- c:\windows\SysWow64\KernelBase.dll 2011-07-16 04:19 . 2011-08-10 14:15 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll 2011-07-16 04:19 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll 2011-07-16 02:26 . 2011-08-10 14:15 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2011-07-16 02:26 . 2011-08-10 14:15 2048 ----a-w- c:\windows\SysWow64\user.exe 2011-07-16 02:21 . 2011-08-10 14:15 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2011-07-16 02:21 . 2011-08-10 14:15 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2011-07-16 02:21 . 2011-08-10 14:15 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2011-07-16 02:21 . 2011-08-10 14:15 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2011-07-09 02:44 . 2011-08-10 14:15 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-07-06 23:52 . 2010-09-03 15:43 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys 2011-07-06 23:52 . 2010-09-03 15:43 25912 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-23 05:29 . 2011-08-10 14:14 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-06-23 04:38 . 2011-08-10 14:14 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2011-06-23 04:38 . 2011-08-10 14:14 3902336 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2011-06-21 06:27 . 2011-08-10 14:15 1896832 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-06-21 06:20 . 2011-08-10 14:14 1197056 ----a-w- c:\windows\system32\wininet.dll 2011-06-21 06:20 . 2011-08-10 14:14 57856 ----a-w- c:\windows\system32\licmgr10.dll 2011-06-21 05:36 . 2011-08-10 14:14 981504 ----a-w- c:\windows\SysWow64\wininet.dll 2011-06-21 05:35 . 2011-08-10 14:14 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll 2011-06-21 05:05 . 2011-08-10 14:14 482816 ----a-w- c:\windows\system32\html.iec 2011-06-21 04:26 . 2011-08-10 14:14 386048 ----a-w- c:\windows\SysWow64\html.iec 2011-06-15 09:58 . 2011-08-10 14:15 212992 ----a-w- c:\windows\system32\odbctrac.dll 2011-06-15 09:58 . 2011-08-10 14:15 163840 ----a-w- c:\windows\system32\odbccp32.dll 2011-06-15 09:58 . 2011-08-10 14:15 106496 ----a-w- c:\windows\system32\odbccu32.dll 2011-06-15 09:58 . 2011-08-10 14:15 106496 ----a-w- c:\windows\system32\odbccr32.dll 2011-06-15 09:04 . 2011-08-10 14:15 319488 ----a-w- c:\windows\SysWow64\odbcjt32.dll 2011-06-15 09:04 . 2011-08-10 14:15 86016 ----a-w- c:\windows\SysWow64\odbccu32.dll 2011-06-15 09:04 . 2011-08-10 14:15 81920 ----a-w- c:\windows\SysWow64\odbccr32.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{59c6f12b-f004-43e5-9997-08f2123119b6}] 2011-04-24 05:25 81920 ----a-w- c:\program files (x86)\oovootoolbar\oovootoolbarX.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-05-26 19:23 1385864 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864] "{59c6f12b-f004-43e5-9997-08f2123119b6}"= "c:\program files (x86)\oovootoolbar\oovootoolbarX.dll" [2011-04-24 81920] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{59c6f12b-f004-43e5-9997-08f2123119b6}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files (x86)\Steam\Steam.exe" [2011-08-02 1242448] "HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048] "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760] "DW6"="c:\program files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe" [2010-06-04 822384] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-06 39408] "EADM"="c:\program files (x86)\Electronic Arts\EADM\EADMUI\EADMUI.exe" [2011-02-17 11509760] "ooVoo.exe"="c:\program files (x86)\ooVoo\oovoo.exe" [2011-01-25 22504120] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104] "NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 600936] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760] "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744] "CarboniteSetupLite"="c:\program files (x86)\Carbonite\CarbonitePreinstaller.exe" [2010-01-12 283792] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-03-18 421888] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-08 1157976] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "SSDMonitor"="c:\program files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe" [2010-08-05 104408] "SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2011-08-17 534880] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-06 449584] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 136176] R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-16 183560] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 136176] R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [x] R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1106000.020\SYMDS64.SYS [x] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1106000.020\SYMEFA64.SYS [x] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100429.001\BHDrvx64.sys [2010-04-29 678448] S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NISx64\1106000.020\ccHPx64.sys [x] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100505.001\IDSvia64.sys [2009-10-28 466992] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1106000.020\Ironx64.SYS [x] S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NISx64\1106000.020\SYMTDIV.SYS [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [2011-08-17 402328] S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-06 366640] S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe [2010-02-25 126392] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2010-08-05 583640] S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [x] S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-08-04 136824] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2011-09-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 16:34] . 2011-09-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-06 16:34] . 2011-09-05 c:\windows\Tasks\Norton Security Scan for Vincent.job - c:\progra~2\NORTON~3\Engine\301~1.8\Nss.exe [2011-01-16 08:19] . 2011-09-09 c:\windows\Tasks\RMSchedule.job - c:\program files (x86)\Registry Mechanic\RegMech.exe [2011-06-12 12:46] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2009-07-14 495104] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-01 171520] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584] "Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uStart Page = hxxp://www.yahoo.com/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html TCP: DhcpNameServer = 167.206.251.130 167.206.251.129 FF - ProfilePath - c:\users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\e83hqmlg.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=135963&p= . . ------- File Associations ------- . exefile="c:\users\Vincent\AppData\Local\kij.exe" -a "%1" %* . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe Wow6432Node-HKCU-Run-Cyayileyocoz - c:\users\Vincent\AppData\Local\MasiSDI.dll Wow6432Node-HKCU-Run-Dzalaquvac - c:\users\Vincent\AppData\Local\inalirikijiraz.dll WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe AddRemove-alotToolbar - c:\program files (x86)\alot\alotUninst.exe AddRemove-Search Toolbar - c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe AddRemove-blinkx beat - c:\program files (x86)\Blinkx\templates\uninstall.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS] "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\17.6.0.32\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-4221632374-1255749598-3973000205-1001\Software\SecuROM\License information*] "datasecu"=hex:62,4e,15,bd,ad,45,3c,2d,31,9c,10,3c,45,89,fc,8c,ee,8a,2c,87,46, 4c,29,2d,e1,c7,f2,e1,d1,65,dc,45,b7,bc,cb,ba,eb,0f,f7,af,c6,8c,83,c2,84,ec,\ "rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10s_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10s.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Bonjour\mDNSResponder.exe c:\program files (x86)\CyberLink\Shared files\RichVideo.exe c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe . ************************************************************************** . Completion time: 2011-09-09 20:36:29 - machine was rebooted ComboFix-quarantined-files.txt 2011-09-10 00:36 . Pre-Run: 147,017,203,712 bytes free Post-Run: 146,419,163,136 bytes free . - - End Of File - - FD1D9149D573E9D927C4B321FE2365D2
  3. Here is what malawarebytes found when i did the scan when the virus was on my computer and i had to use safe mode to get rid of it. Within a few hours like i said it came back. After that i started the trial and it has been blocking a site that im not going on and blocking my ip from it. As you asked i did a scan now aswell with the new updates and it appears to be diffrent stuff since the actual security protection hasnt taken its spot into my laptop again since Malaware is blocking it but when my trial is done im afraid that it will come back since it is constantly blocking it. So here is what i found in safe mode when i initially got the virus,the scan i did today when the malaware is being blocked by malaware bytes and the logs of protection Malaware bytes has been doing starting with the initial first scan getting rid of Security Protection Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7626 Windows 6.1.7600 (Safe Mode) Internet Explorer 8.0.7600.16385 9/1/2011 1:49:27 AM mbam-log-2011-09-01 (01-49-27).txt Scan type: Quick scan Objects scanned: 175888 Time elapsed: 4 minute(s), 11 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 2 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 18 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\2095206190 (Trojan.Tracur) -> Value: 2095206190 -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Security Protection (Rogue.SecurityProtection) -> Value: Security Protection -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\Users\Vincent\AppData\Local\Temp\thpm888135831639786186.tmp (Trojan.Tracur) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Roaming\defender.exe (Rogue.SecurityProtection) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\7D18.tmp (Malware.Gen) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\8708.tmp (Malware.Gen) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\89C7.tmp (Malware.Gen) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\97EC.tmp (Malware.Gen) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\AA54.tmp (Malware.Gen) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\AA73.tmp (Malware.Gen) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\AC48.tmp (Malware.Gen) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\B878.tmp (Malware.Gen) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\dealiotoolbarinstall.exe (PUP.Dealio.TB) -> Not selected for removal. c:\Users\Vincent\AppData\Local\Temp\jucheck.exe (Trojan.Tracur) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\tmph1008687216489251088.tmp (Trojan.Tracur) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\tmph3971046404673208101.tmp (Trojan.Tracur) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\tmph5676184399610406905.tmp (Trojan.Tracur.SGen) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\tmph8390675259824106178.tmp (Trojan.Tracur.SGen) -> Quarantined and deleted successfully. c:\Users\Vincent\local settings\xex.exe (Trojan.FakeAlert.VGen) -> Quarantined and deleted successfully. c:\Users\Vincent\local settings\application data\xex.exe (Trojan.FakeAlert.VGen) -> Quarantined and deleted successfully. Now here is the protection logs that MalawareBytes have been protecting me from today 02:24:40 Vincent DETECTION C:\Users\Vincent\AppData\Local\Temp\setup228407284.exe Rootkit.TDSS ALLOW 02:24:40 Vincent DETECTION C:\Users\Vincent\AppData\Local\Temp\setup228407284.exe Rootkit.TDSS ALLOW 11:31:32 Vincent MESSAGE Protection started successfully 11:31:38 Vincent MESSAGE IP Protection started successfully 11:32:40 Vincent IP-BLOCK 95.64.61.75 (Type: outgoing, Port: 49262, Process: win4036e0.dat) 11:36:42 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 49398, Process: win4036e0.dat) 11:36:42 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 49400, Process: win4036e0.dat) 11:36:50 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49431, Process: win4036e0.dat) 11:36:50 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49432, Process: win4036e0.dat) 11:36:50 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49451, Process: win4036e0.dat) 11:36:50 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49452, Process: win4036e0.dat) 11:36:58 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49517, Process: win4036e0.dat) 11:36:58 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49518, Process: win4036e0.dat) 11:36:58 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 49520, Process: win4036e0.dat) 11:36:58 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 49525, Process: win4036e0.dat) 11:37:31 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49672, Process: win4036e0.dat) 11:37:31 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49673, Process: win4036e0.dat) 11:37:39 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49693, Process: win4036e0.dat) 11:37:39 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49698, Process: win4036e0.dat) 11:37:39 Vincent IP-BLOCK 109.236.82.48 (Type: outgoing, Port: 49716, Process: win4036e0.dat) 11:37:39 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49717, Process: win4036e0.dat) 11:37:39 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49718, Process: win4036e0.dat) 11:37:47 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 49725, Process: win4036e0.dat) 11:37:47 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 49730, Process: win4036e0.dat) 11:37:47 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49731, Process: win4036e0.dat) 11:37:47 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49741, Process: win4036e0.dat) 11:37:47 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49743, Process: win4036e0.dat) 11:37:55 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49751, Process: win4036e0.dat) 11:37:55 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49767, Process: win4036e0.dat) 11:38:03 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49784, Process: win4036e0.dat) 11:38:03 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49821, Process: win4036e0.dat) 11:38:12 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49827, Process: win4036e0.dat) 11:38:20 Vincent IP-BLOCK 109.236.82.48 (Type: outgoing, Port: 49872, Process: win4036e0.dat) 11:42:38 Vincent IP-BLOCK 95.64.61.74 (Type: outgoing, Port: 50316, Process: win4036e0.dat) 11:44:55 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50409, Process: win4036e0.dat) 11:44:55 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50410, Process: win4036e0.dat) 11:45:03 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50412, Process: win4036e0.dat) 11:45:03 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50413, Process: win4036e0.dat) 11:45:03 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50415, Process: win4036e0.dat) 11:45:03 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50416, Process: win4036e0.dat) 11:45:27 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 50419, Process: win4036e0.dat) 11:45:27 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 50420, Process: win4036e0.dat) 11:45:44 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50466, Process: win4036e0.dat) 11:45:44 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 50467, Process: win4036e0.dat) 11:45:44 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50486, Process: win4036e0.dat) 11:45:44 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50488, Process: win4036e0.dat) 11:45:44 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 50489, Process: win4036e0.dat) 11:45:44 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50491, Process: win4036e0.dat) 11:45:52 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50498, Process: win4036e0.dat) 11:45:52 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50505, Process: win4036e0.dat) 11:46:00 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50664, Process: win4036e0.dat) 11:46:00 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50676, Process: win4036e0.dat) 11:46:08 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50715, Process: win4036e0.dat) 11:46:08 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50721, Process: win4036e0.dat) 11:46:16 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50766, Process: win4036e0.dat) 11:46:16 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50781, Process: win4036e0.dat) 11:46:16 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50788, Process: win4036e0.dat) 11:46:24 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50795, Process: win4036e0.dat) 11:46:24 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50816, Process: win4036e0.dat) 11:46:24 Vincent IP-BLOCK 109.236.82.48 (Type: outgoing, Port: 50845, Process: win4036e0.dat) 11:52:39 Vincent IP-BLOCK 95.64.61.74 (Type: outgoing, Port: 51638, Process: win4036e0.dat) 12:08:40 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52032, Process: win4036e0.dat) 12:08:40 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52033, Process: win4036e0.dat) 12:08:40 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52035, Process: win4036e0.dat) 12:08:40 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52036, Process: win4036e0.dat) 12:08:40 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52038, Process: win4036e0.dat) 12:08:40 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52039, Process: win4036e0.dat) 12:08:48 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52042, Process: win4036e0.dat) 12:08:48 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52043, Process: win4036e0.dat) 12:08:48 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52045, Process: win4036e0.dat) 12:08:48 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52046, Process: win4036e0.dat) 12:08:56 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52048, Process: win4036e0.dat) 12:08:56 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52049, Process: win4036e0.dat) 12:09:04 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52051, Process: win4036e0.dat) 12:09:04 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52052, Process: win4036e0.dat) 12:09:04 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52054, Process: win4036e0.dat) 12:09:05 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52055, Process: win4036e0.dat) 12:09:05 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52057, Process: win4036e0.dat) 12:09:05 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52058, Process: win4036e0.dat) 12:09:13 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52060, Process: win4036e0.dat) 12:09:13 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52061, Process: win4036e0.dat) 12:09:21 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52064, Process: win4036e0.dat) 12:09:21 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52065, Process: win4036e0.dat) 12:09:21 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52067, Process: win4036e0.dat) 12:09:21 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52068, Process: win4036e0.dat) 12:09:29 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52070, Process: win4036e0.dat) 12:09:29 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52071, Process: win4036e0.dat) 12:09:29 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52079, Process: win4036e0.dat) 12:09:29 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52080, Process: win4036e0.dat) 12:09:37 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52104, Process: win4036e0.dat) 12:09:37 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52105, Process: win4036e0.dat) 12:09:45 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52168, Process: win4036e0.dat) 12:09:45 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52172, Process: win4036e0.dat) 12:09:53 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52221, Process: win4036e0.dat) 12:09:53 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52222, Process: win4036e0.dat) 12:10:01 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52225, Process: win4036e0.dat) 12:10:01 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52229, Process: win4036e0.dat) 12:10:01 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52230, Process: win4036e0.dat) 12:14:35 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52616, Process: win4036e0.dat) 12:14:35 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52623, Process: win4036e0.dat) 12:14:43 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52674, Process: win4036e0.dat) 12:14:43 Vincent IP-BLOCK 95.163.66.179 (Type: outgoing, Port: 52676, Process: java.exe) 12:14:43 Vincent IP-BLOCK 95.163.66.179 (Type: outgoing, Port: 52677, Process: java.exe) 12:14:43 Vincent IP-BLOCK 95.163.66.179 (Type: outgoing, Port: 52678, Process: java.exe) 12:14:43 Vincent IP-BLOCK 95.163.66.179 (Type: outgoing, Port: 52679, Process: java.exe) 12:14:43 Vincent IP-BLOCK 95.163.66.179 (Type: outgoing, Port: 52682, Process: java.exe) 12:14:43 Vincent IP-BLOCK 95.163.66.179 (Type: outgoing, Port: 52683, Process: java.exe) 12:14:43 Vincent IP-BLOCK 95.163.66.179 (Type: outgoing, Port: 52684, Process: java.exe) 12:14:43 Vincent IP-BLOCK 95.163.66.179 (Type: outgoing, Port: 52685, Process: java.exe) 12:14:43 Vincent IP-BLOCK 95.163.66.179 (Type: outgoing, Port: 52686, Process: java.exe) 12:14:43 Vincent IP-BLOCK 95.163.66.179 (Type: outgoing, Port: 52687, Process: java.exe) 12:14:43 Vincent IP-BLOCK 95.163.66.179 (Type: outgoing, Port: 52688, Process: java.exe) 12:14:43 Vincent IP-BLOCK 95.163.66.179 (Type: outgoing, Port: 52689, Process: java.exe) 12:14:43 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52696, Process: win4036e0.dat) 12:15:00 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52744, Process: win4036e0.dat) 12:15:00 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52745, Process: win4036e0.dat) 12:15:00 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52747, Process: win4036e0.dat) 12:15:00 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52748, Process: win4036e0.dat) 12:15:00 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52762, Process: win4036e0.dat) 12:15:00 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52763, Process: win4036e0.dat) 12:15:08 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52765, Process: win4036e0.dat) 12:15:08 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52767, Process: win4036e0.dat) 12:15:24 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52873, Process: win4036e0.dat) 12:15:24 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52874, Process: win4036e0.dat) 12:15:24 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52896, Process: win4036e0.dat) 12:15:24 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52900, Process: win4036e0.dat) 12:15:32 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52908, Process: win4036e0.dat) 12:15:32 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52914, Process: win4036e0.dat) 12:15:32 Vincent IP-BLOCK 109.236.82.48 (Type: outgoing, Port: 52918, Process: win4036e0.dat) 12:15:32 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52919, Process: win4036e0.dat) 12:15:32 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52930, Process: win4036e0.dat) 12:15:40 Vincent IP-BLOCK 109.236.82.48 (Type: outgoing, Port: 52986, Process: win4036e0.dat) 12:23:20 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53417, Process: win4036e0.dat) 12:23:20 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53419, Process: win4036e0.dat) 12:23:20 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 53422, Process: win4036e0.dat) 12:23:20 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 53423, Process: win4036e0.dat) 12:23:28 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 53452, Process: win4036e0.dat) 12:23:28 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 53454, Process: win4036e0.dat) 12:23:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53488, Process: win4036e0.dat) 12:23:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53489, Process: win4036e0.dat) 12:23:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53490, Process: win4036e0.dat) 12:23:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53491, Process: win4036e0.dat) 12:23:36 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53508, Process: win4036e0.dat) 12:23:36 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53509, Process: win4036e0.dat) 12:23:44 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53565, Process: win4036e0.dat) 12:23:44 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53569, Process: win4036e0.dat) 12:23:52 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53575, Process: win4036e0.dat) 12:23:52 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53576, Process: win4036e0.dat) 12:23:52 Vincent IP-BLOCK 94.100.30.163 (Type: outgoing, Port: 53587, Process: win4036e0.dat) 12:23:52 Vincent IP-BLOCK 94.100.30.164 (Type: outgoing, Port: 53588, Process: win4036e0.dat) 12:23:52 Vincent IP-BLOCK 94.100.30.165 (Type: outgoing, Port: 53589, Process: win4036e0.dat) 12:23:52 Vincent IP-BLOCK 94.100.30.166 (Type: outgoing, Port: 53590, Process: win4036e0.dat) 12:23:52 Vincent IP-BLOCK 94.100.30.167 (Type: outgoing, Port: 53591, Process: win4036e0.dat) 12:23:53 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53598, Process: win4036e0.dat) 12:23:53 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53599, Process: win4036e0.dat) 12:24:09 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 53625, Process: win4036e0.dat) 12:24:09 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 53626, Process: win4036e0.dat) 12:24:17 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53629, Process: win4036e0.dat) 12:24:17 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53630, Process: win4036e0.dat) 12:24:17 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53633, Process: win4036e0.dat) 12:24:17 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53634, Process: win4036e0.dat) 12:24:25 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53639, Process: win4036e0.dat) 12:24:25 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53640, Process: win4036e0.dat) 12:24:33 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53643, Process: win4036e0.dat) 12:24:33 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53644, Process: win4036e0.dat) 12:40:17 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 53904, Process: win4036e0.dat) 12:40:17 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 53905, Process: win4036e0.dat) 12:40:25 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53908, Process: win4036e0.dat) 12:40:25 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53909, Process: win4036e0.dat) 12:42:27 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 54130, Process: win4036e0.dat) 12:42:27 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54138, Process: win4036e0.dat) 12:42:27 Vincent IP-BLOCK 82.98.86.163 (Type: outgoing, Port: 54141, Process: win4036e0.dat) 12:42:27 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54144, Process: win4036e0.dat) 12:42:27 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 54147, Process: win4036e0.dat) 12:42:27 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54150, Process: win4036e0.dat) 12:42:27 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 54151, Process: win4036e0.dat) 12:42:27 Vincent IP-BLOCK 82.98.86.163 (Type: outgoing, Port: 54153, Process: win4036e0.dat) 12:42:27 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54156, Process: win4036e0.dat) 12:42:27 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54159, Process: win4036e0.dat) 12:42:27 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54160, Process: win4036e0.dat) 12:42:27 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 54161, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 82.98.86.163 (Type: outgoing, Port: 54162, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54163, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54164, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54165, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54166, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54167, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54169, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54170, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54171, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 82.98.86.163 (Type: outgoing, Port: 54172, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54173, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54174, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54175, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54176, Process: win4036e0.dat) 12:42:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54177, Process: win4036e0.dat) 12:51:12 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54628, Process: win4036e0.dat) 12:51:12 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54629, Process: win4036e0.dat) 12:51:12 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54634, Process: win4036e0.dat) 12:51:12 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54635, Process: win4036e0.dat) 12:51:52 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54883, Process: win4036e0.dat) 12:51:52 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54890, Process: win4036e0.dat) 12:51:52 Vincent IP-BLOCK 95.163.66.184 (Type: outgoing, Port: 54909, Process: win4036e0.dat) 12:57:32 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 55667, Process: win4036e0.dat) 12:57:32 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 55668, Process: win4036e0.dat) 12:57:56 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 55773, Process: win4036e0.dat) 12:57:56 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 55774, Process: win4036e0.dat) 12:58:20 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 55867, Process: win4036e0.dat) 12:58:20 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 55877, Process: win4036e0.dat) 12:58:20 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 55895, Process: win4036e0.dat) 12:58:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 55896, Process: win4036e0.dat) 12:58:29 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 55916, Process: win4036e0.dat) 12:58:53 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 56077, Process: win4036e0.dat) 12:59:01 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 56091, Process: win4036e0.dat) 13:02:38 Vincent IP-BLOCK 95.64.48.39 (Type: outgoing, Port: 56522, Process: win4036e0.dat) 13:02:38 Vincent IP-BLOCK 95.64.61.75 (Type: outgoing, Port: 56523, Process: win4036e0.dat) 13:10:57 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 56559, Process: win4036e0.dat) 13:10:57 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 56560, Process: win4036e0.dat) 13:11:06 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 56593, Process: win4036e0.dat) 13:11:06 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 56594, Process: win4036e0.dat) 13:11:14 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 56596, Process: win4036e0.dat) 13:11:14 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 56597, Process: win4036e0.dat) 13:12:10 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 56903, Process: win4036e0.dat) 13:12:10 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 56906, Process: win4036e0.dat) 13:12:18 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 56923, Process: win4036e0.dat) 13:12:18 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 56936, Process: win4036e0.dat) 13:12:18 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 56960, Process: win4036e0.dat) 13:12:19 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 56962, Process: win4036e0.dat) 13:12:27 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 56994, Process: win4036e0.dat) 13:12:27 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 56997, Process: win4036e0.dat) 13:12:43 Vincent IP-BLOCK 95.64.61.74 (Type: outgoing, Port: 57052, Process: win4036e0.dat) 13:22:39 Vincent IP-BLOCK 95.64.61.74 (Type: outgoing, Port: 57426, Process: win4036e0.dat) 13:24:40 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 57533, Process: win4036e0.dat) 13:24:40 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 57538, Process: win4036e0.dat) 13:24:40 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 57545, Process: win4036e0.dat) 13:24:40 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 57547, Process: win4036e0.dat) 13:24:56 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 57603, Process: win4036e0.dat) 13:24:56 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 57604, Process: win4036e0.dat) 13:25:44 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 57914, Process: win4036e0.dat) 13:25:44 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 57917, Process: win4036e0.dat) 13:25:44 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 57926, Process: win4036e0.dat) 13:25:52 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 57939, Process: win4036e0.dat) 13:28:26 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58225, Process: win4036e0.dat) 13:28:26 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58227, Process: win4036e0.dat) 13:28:26 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58230, Process: win4036e0.dat) 13:28:26 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58231, Process: win4036e0.dat) 13:28:34 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58233, Process: win4036e0.dat) 13:28:34 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58234, Process: win4036e0.dat) 13:28:42 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 58243, Process: win4036e0.dat) 13:28:42 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58244, Process: win4036e0.dat) 13:28:42 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 58245, Process: win4036e0.dat) 13:28:42 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58246, Process: win4036e0.dat) 13:28:50 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58248, Process: win4036e0.dat) 13:28:50 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58249, Process: win4036e0.dat) 13:28:50 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 58252, Process: win4036e0.dat) 13:28:50 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 58253, Process: win4036e0.dat) 13:33:51 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58274, Process: win4036e0.dat) 13:33:52 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58276, Process: win4036e0.dat) 13:34:08 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 58310, Process: win4036e0.dat) 13:34:08 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58312, Process: win4036e0.dat) 13:34:08 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 58313, Process: win4036e0.dat) 13:34:08 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58315, Process: win4036e0.dat) 13:34:08 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58318, Process: win4036e0.dat) 13:34:08 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58319, Process: win4036e0.dat) 13:34:08 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58324, Process: win4036e0.dat) 13:34:08 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58325, Process: win4036e0.dat) 13:34:16 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58326, Process: win4036e0.dat) 13:34:16 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58328, Process: win4036e0.dat) 13:34:40 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58437, Process: win4036e0.dat) 13:34:40 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58439, Process: win4036e0.dat) 13:34:40 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58503, Process: win4036e0.dat) 13:34:40 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 58506, Process: win4036e0.dat) 13:35:20 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 58773, Process: win4036e0.dat) 13:35:20 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 58792, Process: win4036e0.dat) 13:35:37 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 58854, Process: win4036e0.dat) 13:35:37 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 58871, Process: win4036e0.dat) 13:46:55 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 60206, Process: win4036e0.dat) 13:46:55 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 60207, Process: win4036e0.dat) 13:47:19 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 60210, Process: win4036e0.dat) 13:47:19 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 60211, Process: win4036e0.dat) 13:47:44 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60234, Process: win4036e0.dat) 13:47:44 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60235, Process: win4036e0.dat) 13:48:00 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60294, Process: win4036e0.dat) 13:48:00 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60295, Process: win4036e0.dat) 13:48:08 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60320, Process: win4036e0.dat) 13:48:08 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60321, Process: win4036e0.dat) 13:48:08 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 60324, Process: win4036e0.dat) 13:48:08 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 60327, Process: win4036e0.dat) 13:51:05 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60683, Process: win4036e0.dat) 13:51:05 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60684, Process: win4036e0.dat) 13:51:29 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60810, Process: win4036e0.dat) 13:51:29 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60817, Process: win4036e0.dat) 13:51:45 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 60954, Process: win4036e0.dat) 13:51:45 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 60966, Process: win4036e0.dat) 13:51:53 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 61032, Process: win4036e0.dat) 13:52:02 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 61044, Process: win4036e0.dat) 13:52:02 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 61055, Process: win4036e0.dat) 13:52:02 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 61065, Process: win4036e0.dat) 13:52:02 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 61067, Process: win4036e0.dat) 13:52:10 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 61074, Process: win4036e0.dat) 13:52:10 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 61075, Process: win4036e0.dat) 13:52:10 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 61084, Process: win4036e0.dat) 13:52:26 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 61149, Process: win4036e0.dat) 13:52:26 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 61154, Process: win4036e0.dat) 14:01:02 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 61562, Process: win4036e0.dat) 14:01:02 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 61565, Process: win4036e0.dat) 14:01:43 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 61813, Process: win4036e0.dat) 14:01:43 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 61819, Process: win4036e0.dat) 14:01:51 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 61899, Process: win4036e0.dat) 14:01:51 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 61900, Process: win4036e0.dat) 14:05:12 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 62444, Process: win4036e0.dat) 14:05:12 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 62446, Process: win4036e0.dat) 14:05:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 62495, Process: win4036e0.dat) 14:05:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 62498, Process: win4036e0.dat) 14:05:36 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 62536, Process: win4036e0.dat) 14:05:36 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 62543, Process: win4036e0.dat) 14:05:36 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 62569, Process: win4036e0.dat) 14:05:36 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 62570, Process: win4036e0.dat) 14:15:01 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 62839, Process: win4036e0.dat) 14:15:01 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 62840, Process: win4036e0.dat) 14:15:09 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 62842, Process: win4036e0.dat) 14:15:09 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 62843, Process: win4036e0.dat) 14:15:17 Vincent IP-BLOCK 95.163.66.188 (Type: outgoing, Port: 62885, Process: java.exe) 14:15:17 Vincent IP-BLOCK 95.163.66.188 (Type: outgoing, Port: 62886, Process: java.exe) 14:15:17 Vincent IP-BLOCK 95.163.66.188 (Type: outgoing, Port: 62887, Process: java.exe) 14:15:17 Vincent IP-BLOCK 95.163.66.188 (Type: outgoing, Port: 62888, Process: java.exe) 14:15:17 Vincent IP-BLOCK 95.163.66.188 (Type: outgoing, Port: 62889, Process: java.exe) 14:15:17 Vincent IP-BLOCK 95.163.66.188 (Type: outgoing, Port: 62890, Process: java.exe) 14:15:25 Vincent IP-BLOCK 95.163.66.188 (Type: outgoing, Port: 62894, Process: java.exe) 14:15:25 Vincent IP-BLOCK 95.163.66.188 (Type: outgoing, Port: 62895, Process: java.exe) 14:15:25 Vincent IP-BLOCK 95.163.66.188 (Type: outgoing, Port: 62896, Process: java.exe) 14:15:25 Vincent IP-BLOCK 95.163.66.188 (Type: outgoing, Port: 62897, Process: java.exe) 14:15:25 Vincent IP-BLOCK 95.163.66.188 (Type: outgoing, Port: 62898, Process: java.exe) 14:15:25 Vincent IP-BLOCK 95.163.66.188 (Type: outgoing, Port: 62899, Process: java.exe) 14:15:34 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 62994, Process: win4036e0.dat) 14:15:34 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 63002, Process: win4036e0.dat) 14:15:42 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 63103, Process: win4036e0.dat) 14:15:50 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 63114, Process: win4036e0.dat) 14:16:14 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 63262, Process: win4036e0.dat) 14:16:14 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 63269, Process: win4036e0.dat) 14:22:25 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 63710, Process: win4036e0.dat) 14:22:25 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 63712, Process: win4036e0.dat) 14:22:50 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 63900, Process: win4036e0.dat) 14:22:50 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 63903, Process: win4036e0.dat) 14:23:30 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64173, Process: win4036e0.dat) 14:23:30 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64185, Process: win4036e0.dat) 14:42:08 Vincent IP-BLOCK 95.64.61.75 (Type: outgoing, Port: 64700, Process: win4036e0.dat) 14:42:25 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64761, Process: win4036e0.dat) 14:42:25 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64762, Process: win4036e0.dat) 14:42:41 Vincent IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 64806, Process: win4036e0.dat) 14:42:41 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64843, Process: win4036e0.dat) 14:42:49 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64849, Process: win4036e0.dat) 14:42:49 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 64851, Process: win4036e0.dat) 14:42:49 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 64860, Process: win4036e0.dat) 14:42:49 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64863, Process: win4036e0.dat) 14:42:49 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64875, Process: win4036e0.dat) 14:43:05 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64948, Process: win4036e0.dat) 14:43:05 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64950, Process: win4036e0.dat) 14:43:14 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64977, Process: win4036e0.dat) 14:43:14 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64981, Process: win4036e0.dat) 14:43:14 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 65004, Process: win4036e0.dat) 14:43:22 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 65023, Process: win4036e0.dat) 14:52:06 Vincent IP-BLOCK 95.64.61.74 (Type: outgoing, Port: 65403, Process: win4036e0.dat) 14:56:32 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 65474, Process: win4036e0.dat) 14:56:32 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 65477, Process: win4036e0.dat) 14:56:40 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 65483, Process: win4036e0.dat) 14:56:57 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 65527, Process: win4036e0.dat) 14:56:57 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 65528, Process: win4036e0.dat) 14:57:05 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 65530, Process: win4036e0.dat) 14:57:05 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 65531, Process: win4036e0.dat) 14:57:13 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 49158, Process: win4036e0.dat) 14:57:13 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 49159, Process: win4036e0.dat) 14:57:21 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49187, Process: win4036e0.dat) 14:57:21 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49188, Process: win4036e0.dat) 15:02:03 Vincent IP-BLOCK 95.64.61.74 (Type: outgoing, Port: 49450, Process: win4036e0.dat) 15:04:04 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49532, Process: win4036e0.dat) 15:04:04 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49533, Process: win4036e0.dat) 15:04:12 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49556, Process: win4036e0.dat) 15:04:12 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49557, Process: win4036e0.dat) 15:04:20 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49575, Process: win4036e0.dat) 15:04:20 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49579, Process: win4036e0.dat) 15:04:28 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49608, Process: win4036e0.dat) 15:04:28 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 49609, Process: win4036e0.dat) 15:04:36 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49637, Process: win4036e0.dat) 15:04:44 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49640, Process: win4036e0.dat) 15:04:44 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49650, Process: win4036e0.dat) 15:04:44 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 49652, Process: win4036e0.dat) 15:18:04 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 49983, Process: win4036e0.dat) 15:18:04 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 49984, Process: win4036e0.dat) 15:18:12 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50009, Process: win4036e0.dat) 15:18:12 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50010, Process: win4036e0.dat) 15:18:20 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 50077, Process: win4036e0.dat) 15:18:20 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 50078, Process: win4036e0.dat) 15:19:09 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50230, Process: win4036e0.dat) 15:27:53 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50706, Process: win4036e0.dat) 15:27:53 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50707, Process: win4036e0.dat) 15:28:17 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50828, Process: win4036e0.dat) 15:28:17 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50829, Process: win4036e0.dat) 15:28:50 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50964, Process: win4036e0.dat) 15:28:50 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50965, Process: win4036e0.dat) 15:28:58 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51002, Process: win4036e0.dat) 15:28:58 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51003, Process: win4036e0.dat) 15:38:24 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51512, Process: win4036e0.dat) 15:38:24 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51513, Process: win4036e0.dat) 15:38:24 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51516, Process: win4036e0.dat) 15:38:24 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51517, Process: win4036e0.dat) 15:38:32 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51519, Process: win4036e0.dat) 15:38:32 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51520, Process: win4036e0.dat) 15:38:32 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51523, Process: win4036e0.dat) 15:38:32 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51524, Process: win4036e0.dat) 15:38:40 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51526, Process: win4036e0.dat) 15:38:40 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51527, Process: win4036e0.dat) 15:38:40 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51534, Process: win4036e0.dat) 15:38:40 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51535, Process: win4036e0.dat) 15:38:40 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51572, Process: win4036e0.dat) 15:38:40 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51578, Process: win4036e0.dat) 15:39:20 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51707, Process: win4036e0.dat) 15:39:20 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51708, Process: win4036e0.dat) 15:51:41 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52073, Process: win4036e0.dat) 15:51:41 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52074, Process: win4036e0.dat) 15:51:57 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 52176, Process: win4036e0.dat) 15:51:58 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 52177, Process: win4036e0.dat) 16:02:28 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52732, Process: win4036e0.dat) 16:02:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52734, Process: win4036e0.dat) 16:02:28 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 52735, Process: win4036e0.dat) 16:02:28 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52736, Process: win4036e0.dat) 16:02:36 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52738, Process: win4036e0.dat) 16:02:36 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52739, Process: win4036e0.dat) 16:03:16 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52811, Process: win4036e0.dat) 16:03:16 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52812, Process: win4036e0.dat) 16:03:32 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52832, Process: win4036e0.dat) 16:03:32 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52833, Process: win4036e0.dat) 16:03:32 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52847, Process: win4036e0.dat) 16:03:40 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52853, Process: win4036e0.dat) 16:03:57 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52899, Process: win4036e0.dat) 16:03:57 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 52900, Process: win4036e0.dat) 16:08:45 Vincent MESSAGE IP Protection stopped 16:09:06 Vincent MESSAGE Database updated successfully 16:09:10 Vincent MESSAGE IP Protection started successfully 16:13:16 Vincent IP-BLOCK 95.64.61.75 (Type: outgoing, Port: 52994, Process: win4036e0.dat) 16:13:17 Vincent IP-BLOCK 95.64.48.39 (Type: outgoing, Port: 52995, Process: win4036e0.dat) 16:18:47 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53106, Process: win4036e0.dat) 16:18:47 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53110, Process: win4036e0.dat) 16:18:47 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53116, Process: win4036e0.dat) 16:18:47 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53117, Process: win4036e0.dat) 16:19:04 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53172, Process: win4036e0.dat) 16:19:04 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53173, Process: win4036e0.dat) 16:19:20 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 53238, Process: win4036e0.dat) 16:19:20 Vincent IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 53239, Process: win4036e0.dat) 16:19:20 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53241, Process: win4036e0.dat) 16:19:20 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53242, Process: win4036e0.dat) 16:19:28 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53244, Process: win4036e0.dat) 16:19:28 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53245, Process: win4036e0.dat) 16:19:52 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53330, Process: win4036e0.dat) 16:19:52 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53332, Process: win4036e0.dat) 16:23:22 Vincent IP-BLOCK 95.64.61.74 (Type: outgoing, Port: 53407, Process: win4036e0.dat) 16:23:46 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53411, Process: win4036e0.dat) 16:23:46 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53412, Process: win4036e0.dat) 16:23:46 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53414, Process: win4036e0.dat) 16:23:46 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53415, Process: win4036e0.dat) 16:24:02 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53453, Process: win4036e0.dat) 16:24:03 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53454, Process: win4036e0.dat) 16:24:03 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53458, Process: win4036e0.dat) 16:24:03 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53459, Process: win4036e0.dat) 16:24:19 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53500, Process: win4036e0.dat) 16:24:19 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53501, Process: win4036e0.dat) 16:24:27 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53503, Process: win4036e0.dat) 16:24:27 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53504, Process: win4036e0.dat) 16:24:35 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53508, Process: win4036e0.dat) 16:24:35 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53509, Process: win4036e0.dat) 16:24:35 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53526, Process: win4036e0.dat) 16:24:35 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53527, Process: win4036e0.dat) 16:24:51 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53617, Process: win4036e0.dat) 16:24:51 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53618, Process: win4036e0.dat) 16:33:19 Vincent IP-BLOCK 95.64.61.74 (Type: outgoing, Port: 53721, Process: win4036e0.dat) 16:34:31 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53756, Process: win4036e0.dat) 16:34:31 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53757, Process: win4036e0.dat) 16:34:40 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53774, Process: win4036e0.dat) 16:34:40 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53775, Process: win4036e0.dat) 16:34:56 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53825, Process: win4036e0.dat) 16:34:56 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53826, Process: win4036e0.dat) 16:35:12 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53846, Process: win4036e0.dat) 16:35:12 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53847, Process: win4036e0.dat) 16:35:20 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53863, Process: win4036e0.dat) 16:35:20 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53864, Process: win4036e0.dat) 16:35:20 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53868, Process: win4036e0.dat) 16:35:20 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 53869, Process: win4036e0.dat) 16:35:28 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53908, Process: win4036e0.dat) 16:35:28 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53909, Process: win4036e0.dat) 16:42:37 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53983, Process: win4036e0.dat) 16:42:37 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53985, Process: win4036e0.dat) 16:42:53 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54023, Process: win4036e0.dat) 16:42:53 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54024, Process: win4036e0.dat) 16:42:53 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54026, Process: win4036e0.dat) 16:42:53 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54027, Process: win4036e0.dat) 16:43:33 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54045, Process: win4036e0.dat) 16:43:33 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54046, Process: win4036e0.dat) 16:43:42 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54048, Process: win4036e0.dat) 16:43:42 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54049, Process: win4036e0.dat) 16:43:50 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54052, Process: win4036e0.dat) 16:43:50 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54054, Process: win4036e0.dat) 16:43:58 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54097, Process: win4036e0.dat) 16:43:58 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54098, Process: win4036e0.dat) 16:51:21 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54196, Process: win4036e0.dat) 16:51:21 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54197, Process: win4036e0.dat) 16:51:21 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 54199, Process: win4036e0.dat) 16:51:21 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 54200, Process: win4036e0.dat) 16:51:37 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54202, Process: win4036e0.dat) 16:51:38 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54203, Process: win4036e0.dat) 16:51:54 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54206, Process: win4036e0.dat) 16:51:54 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54207, Process: win4036e0.dat) 16:51:54 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 54209, Process: win4036e0.dat) 16:51:54 Vincent IP-BLOCK 69.6.27.100 (Type: outgoing, Port: 54210, Process: win4036e0.dat) 16:52:10 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54212, Process: win4036e0.dat) 16:52:10 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54213, Process: win4036e0.dat) 16:52:18 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54217, Process: win4036e0.dat) 16:52:18 Vincent IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54218, Process: win4036e0.dat) 16:52:18 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54220, Process: win4036e0.dat) 16:52:18 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54221, Process: win4036e0.dat) 16:52:26 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54223, Process: win4036e0.dat) 16:52:26 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54224, Process: win4036e0.dat) 16:52:42 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54226, Process: win4036e0.dat) 16:52:42 Vincent IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 54227, Process: win4036e0.dat) 17:02:20 Vincent MESSAGE IP Protection stopped 17:02:23 Vincent MESSAGE IP Protection started successfully 17:04:52 Vincent MESSAGE IP Protection stopped 17:04:54 Vincent MESSAGE IP Protection started successfully 17:07:33 Vincent IP-BLOCK 109.236.82.48 (Type: outgoing, Port: 54389, Process: win4036e0.dat) and lastly the quick scan i preformed today with the new updates and security protection being blocked by Malaware Bytes Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7645 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 9/3/2011 5:22:40 PM mbam-log-2011-09-03 (17-22-40).txt Scan type: Quick scan Objects scanned: 55322 Time elapsed: 8 minute(s), 16 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 13 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\Users\Vincent\AppData\Local\Temp\18EF.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\dealiotoolbarinstall.exe (PUP.Dealio.TB) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\setup1254225956.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\setup1553776940.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\setup1692634756.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\setup1716341572.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\setup2225150296.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\setup228407284.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\setup3151441536.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\setup3543706336.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\setup3545423152.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\setup695192528.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Vincent\AppData\Local\Temp\setup907943468.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
  4. So i used Malaware Bytes with the updates and it removed Security Protection but then it came back on in about maybe 2-3 hours later. So what i did was i deleted te virus yet again using Malaware Bytes and got the trial for the full version of Malaware Bytes and i restarted the computer. When i got on without me even going on websites Malware Was already blocking websites which im preety sure is Security Protection trying to steal back my computer because when i look in the log of things protected it shows That each time its blocking my IP from this website that im not even on. So my main concern is that once this trial is gone im going to be open up to the virus again i would like to know how to get rid of it for good. Please help me i got a reading report that needs to get done by tuesday and without my computer im in quite the trouble. Any help is greatly appreciated Thank You
  5. So i used Malaware Bytes with the updates and it removed Security Protection but then it came back on in about maybe 2-3 hours later. So what i did was i deleted te virus yet again using Malaware Bytes and got the trial for the full version of Malaware Bytes and i restarted the computer. When i got on without me even going on websites Malware Was already blocking websites which im preety sure is Security Protection trying to steal back my computer because when i look in the log of things protected it shows That each time its blocking my IP from this website that im not even on. So my main concern is that once this trial is gone im going to be open up to the virus again i would like to know how to get rid of it for good. Please help me i got a reading report that needs to get done by tuesday and without my computer im in quite the trouble. Any help is greatly appreciated Thank You
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.