Jump to content

Search the Community

Showing results for tags 'IP Block'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 20 results

  1. We are a technology company which have own servers. One of our customer reported us Malwarebytes - Antimalware detects malicious site blocking. Our research team finds out whole 192.45.171.0/24 is blocked. BUT our servers have 46.45.171.194/27 ip block and your software blocks it too. It is impossible that all of our ips have malicios software because lots of them are unused ips. It is false positive and this situation affects our company's reputation badly. Thank You. protection_log.txt
  2. The IP address belongs to mail[dot]qdteco[dot]com. Please help to whitelist it if it is a false positive.
  3. I'm trying to figure out why Malwarebytes blocks so many IPs when browsing through Google Images, it's a hotbed for IP blocks. I understand the pics all lead to different sites, but why does Malwarebytes block an IP address if the website hasn't even been visited yet??? I haven't tried Bing or Yahoo's images search engines, but I'd imagine they act the same. If you go to http://www.google.com/imghp, search for something and open up a preview on some photo, you've literally got a 25-50% chance of receiving an IP block. It's that ridiculous.
  4. Hello, I am new of the forum so I am not sure this is the right section. Until a few days ago when I went to the website www.drama.net I got a message of an IP block outgoing, the ip was 78.140.143.6 and the same thing happenned when I went to Firedrive (the former putlocker). It said that it block an ougoing ip connection. I have formatted my netbook and I have installed a new antivirus and malwarebytes free trial pro. I have not gone to drama.net or firedrive yet but before I go I want to be sure that they are ok. Could you please check that ip and also the ips, of those other two websites www.koreandrama.tv ip 94.75.210.62 and www.gooddrama.net 154.43.166.85 ? I would like to know if they are safe or not. I have read the Google Diagnostics and they are safe but their hosts have hosted websites that had malware inside. Thanks, Mikaila
  5. I recently downloaded Malwarebytes and i scanned and it found stuff and deleted it. But since then (about a week ago) I've been getting IP-Blocked from a couple of different IP's 80.82.64.121(Type: incoming, Port: 53, Process: svchost.exe), 94.102.56.229 (Type: incoming, Port: 53, Process: svchost.exe), 80.82.64.126 (Type: incoming, Port: 53, Process: svchost.exe), 74.118.193.49 (Type: incoming, Port: 5060, Process: svchost.exe) here are the logs from the dds.scr DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.25.2Run by Jerrysohma at 11:26:47 on 2013-11-22Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.12235.7104 [GMT -6:00].AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\windows\system32\svchost.exe -k DcomLaunchC:\windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\windows\system32\svchost.exe -k RPCSSC:\windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\windows\system32\svchost.exe -k netsvcsC:\windows\system32\svchost.exe -k LocalServiceC:\windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\windows\system32\svchost.exe -k NetworkServiceC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\windows\system32\WLANExt.exeC:\windows\System32\spoolsv.exeC:\windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Elantech\ETDService.exeC:\windows\system32\dashost.exeC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exeC:\Program Files\Intel\iCLS Client\HeciServer.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\windows\system32\mfevtps.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exeC:\Program Files\PC Monitor\PCMonitorSrv.exeC:\windows\SysWOW64\PnkBstrA.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exeC:\windows\system32\svchost.exe -k imgsvcC:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\windows\system32\wbem\unsecapp.exeC:\windows\system32\wbem\wmiprvse.exeC:\windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\System32\WUDFHost.exeC:\windows\system32\wbem\wmiprvse.exeC:\windows\system32\SearchIndexer.exeC:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exeC:\Program Files (x86)\Intel\Bluetooth\obexsrv.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exeC:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exeC:\windows\System32\dwm.exeC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\windows\system32\nvvsvc.exeC:\windows\system32\taskhostex.exeC:\windows\Explorer.EXEC:\Program Files\Elantech\ETDCtrl.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Elantech\ETDCtrlHelper.exeC:\Program Files\Elantech\ETDIntelligent.exeC:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Windows\System32\RuntimeBroker.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files\Realtek\Audio\HDA\RAVBg64.exeC:\Windows\System32\rundll32.exeC:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exeC:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exeC:\Program Files (x86)\Lenovo\Energy Management\utility.exeC:\Program Files\PC Monitor\pcmontask.exeC:\Program Files\TuneClone\TuneClone.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exeC:\Program Files\Logitech Gaming Software\LCore.exeC:\Program Files (x86)\Steam\Steam.exeC:\Users\Jerrysohma\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exeC:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exeC:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exeC:\Program Files (x86)\OpenOffice.org 3\program\soffice.exeC:\Program Files (x86)\OpenOffice.org 3\program\soffice.binC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Common Files\Steam\SteamService.exeC:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\windows\SysWOW64\NOTEPAD.EXEC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\windows\SysWOW64\NOTEPAD.EXEC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\windows\SysWOW64\NOTEPAD.EXEC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\windows\system32\taskeng.exeC:\windows\SysWOW64\ctfmon.exeC:\windows\system32\SearchProtocolHost.exeC:\windows\system32\SearchFilterHost.exeC:\windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dlluRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silentuRun: [PlayNC Launcher] <no file>mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60mRun: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"mRun: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /smRun: [updateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"mRun: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"mRun: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguimRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [Reader Library Launcher] C:\Program Files (x86)\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exemRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"StartupFolder: C:\Users\JERRYS~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Jerrysohma\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\Users\JERRYS~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exeIE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htmIE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001025-0002-0025-ABCDEFFEDCBC} - <orphaned>IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllTrusted Zone: clonewarsadventures.comTrusted Zone: freerealms.comTrusted Zone: soe.comTrusted Zone: sony.comDPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} - TCP: Interfaces\{131C9840-C9FA-4C69-AAE9-07E853A659A2} : DHCPNameServer = 134.129.111.111 165.234.99.100TCP: Interfaces\{7B6AAEF3-ED0F-4F11-9C4D-35F966418F63} : DHCPNameServer = 77.234.40.79TCP: Interfaces\{90ACA19A-3CB8-4609-AC0B-3A2DD85A9007}\7457C6C602430235561637F6E63702255637F62747 : DHCPNameServer = 24.159.193.40 24.205.224.36TCP: Interfaces\{90ACA19A-3CB8-4609-AC0B-3A2DD85A9007}\84F6C6964616970294E6E60264162776F602E444 : DHCPNameServer = 76.10.67.2 64.21.232.212TCP: Interfaces\{90ACA19A-3CB8-4609-AC0B-3A2DD85A9007}\E44435550294E637472757364796F6E637 : DHCPNameServer = 134.129.111.111TCP: Interfaces\{90ACA19A-3CB8-4609-AC0B-3A2DD85A9007}\E4F6274626562776 : DHCPNameServer = 192.168.2.1 192.168.1.1TCP: Interfaces\{90ACA19A-3CB8-4609-AC0B-3A2DD85A9007}\E4F6274626562776D27657563747 : DHCPNameServer = 192.168.2.1 192.168.33.1TCP: Interfaces\{90ACA19A-3CB8-4609-AC0B-3A2DD85A9007}\F42716E6765664943786 : DHCPNameServer = 209.81.96.130 209.81.96.49Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - <orphaned>Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLLHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chromemASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll",CreateReaderUserSettingsx64-BHO: surfe annd keep: {108C106C-90F2-A64E-1E9D-8E906B403927} - x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dllx64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLLx64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dllx64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -sx64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exex64-Run: [bTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayAppx64-Run: [OnekeyStudio] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exex64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exex64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exex64-Run: [PC Monitor Operations] "C:\Program Files\PC Monitor\pcmontask.exe"x64-Run: [TuneClone] C:\Program Files\TuneClone\TuneClone.exe /silencex64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"x64-Run: [shadowPlay] C:\windows\System32\rundll32.exe C:\windows\System32\nvspcap64.dll,ShadowPlayOnSystemStartx64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimizedx64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dllx64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dllx64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - <orphaned>x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>.============= SERVICES / DRIVERS ===============.R0 aswRvrt;aswRvrt;C:\windows\System32\Drivers\aswRvrt.sys [2013-5-31 65336]R0 aswVmm;aswVmm;C:\windows\System32\Drivers\aswVmm.sys [2013-5-31 189936]R0 excsd;ExpressCache Storage Filter Driver;C:\windows\System32\Drivers\excsd.sys [2013-5-18 95024]R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2013-5-18 647736]R0 LHDmgr;LHDmgr;C:\windows\System32\Drivers\LhdX64.sys [2013-5-18 39008]R0 mfehidk;McAfee Inc. mfehidk;C:\windows\System32\Drivers\mfehidk.sys [2012-6-22 771536]R0 mfewfpk;McAfee Inc. mfewfpk;C:\windows\System32\Drivers\mfewfpk.sys [2012-6-22 340216]R0 tclondrv;tclondrv;C:\windows\System32\Drivers\tclondrv.sys [2013-8-9 26856]R1 aswSnx;aswSnx;C:\windows\System32\Drivers\aswSnx.sys [2013-5-31 1030952]R1 aswSP;aswSP;C:\windows\System32\Drivers\aswSP.sys [2013-5-31 378944]R1 excfs;ExpressCache File System Filter Driver;C:\windows\System32\Drivers\excfs.sys [2013-5-18 23344]R2 aswFsBlk;aswFsBlk;C:\windows\System32\Drivers\aswFsBlk.sys [2013-5-31 33400]R2 aswMonFlt;aswMonFlt;C:\windows\System32\Drivers\aswMonFlt.sys [2013-5-31 80816]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-31 46808]R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-9-30 1112000]R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-9-30 1132480]R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2013-1-21 92160]R2 ExpressCache;ExpressCache;C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [2012-3-30 79664]R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-5-18 14904]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-5-18 166720]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-11-17 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-11-17 701512]R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2013-5-18 241456]R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2013-5-18 218760]R2 mfevtp;McAfee Validation Trust Protection Service;C:\windows\System32\mfevtps.exe [2013-5-18 182752]R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-9-19 15122208]R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-11-8 1907896]R2 PC Monitor;PC Monitor;C:\Program Files\PC Monitor\PCMonitorSrv.exe [2013-5-21 585688]R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-15 414496]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-5-18 365376]R2 X5XSEx_Pr148;X5XSEx_Pr148;C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.sys [2013-5-18 56136]R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-8-28 3378416]R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\windows\System32\Drivers\AcpiVpc.sys [2012-5-15 33560]R3 ETD;ELAN PS/2 Port Input Device;C:\windows\System32\Drivers\ETD.sys [2013-1-21 329552]R3 JMCR;JMCR;C:\windows\System32\Drivers\jmcr.sys [2012-7-22 174176]R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\windows\System32\Drivers\L1C63x64.sys [2012-11-8 118936]R3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\windows\System32\Drivers\ladfGSCamd64.sys [2013-4-15 410008]R3 LADF_RenderOnly;LADF Render Filter Driver;C:\windows\System32\Drivers\ladfGSRamd64.sys [2013-4-15 102808]R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\windows\System32\Drivers\LGBusEnum.sys [2009-11-23 22408]R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\windows\System32\Drivers\LGSHidFilt.Sys [2013-5-30 64280]R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\windows\System32\Drivers\LGVirHid.sys [2009-11-23 16008]R3 MBAMProtector;MBAMProtector;C:\windows\System32\Drivers\mbam.sys [2013-11-17 25928]R3 mfeavfk;McAfee Inc. mfeavfk;C:\windows\System32\Drivers\mfeavfk.sys [2012-6-22 309840]R3 mfefirek;McAfee Inc. mfefirek;C:\windows\System32\Drivers\mfefirek.sys [2012-6-22 515968]R3 NETwNe64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\windows\System32\Drivers\NETwew00.sys [2013-10-8 3345376]R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\windows\System32\Drivers\nvvad64v.sys [2013-10-28 39200]R3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]S0 mfeelamk;McAfee Inc. mfeelamk;C:\windows\System32\Drivers\mfeelamk.sys [2012-6-18 69168]S2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [?]S2 McNaiAnn;McAfee VirusScan Announcer;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [?]S2 McProxy;McAfee Proxy Service;"C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [?]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]S3 BRSptSvc;BitRaider Mini-Support Service;C:\ProgramData\BitRaider\BRSptSvc.exe [2013-10-3 484592]S3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]S3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\Drivers\btmaux.sys [2012-10-1 132480]S3 btmhsf;btmhsf;C:\windows\System32\Drivers\btmhsf.sys [2012-10-1 1337216]S3 cfwids;McAfee Inc. cfwids;C:\windows\System32\Drivers\cfwids.sys [2012-6-22 70112]S3 CompFilter64;UVCCompositeFilter;C:\windows\System32\Drivers\lvbflt64.sys [2012-10-26 26784]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\Drivers\ssudbus.sys [2013-8-20 103576]S3 HipShieldK;McAfee Inc. HipShieldK;C:\windows\System32\Drivers\HipShieldK.sys [2013-5-31 196440]S3 ibtfltcoex;ibtfltcoex;C:\windows\System32\Drivers\iBtFltCoex.sys [2012-8-6 68136]S3 LVRS64;Logitech RightSound Filter Driver;C:\windows\System32\Drivers\lvrs64.sys [2012-10-26 351520]S3 LVUVC64;@oem57.inf,%PID_082C_DD%(UVC);Logitech HD Webcam C615(UVC);C:\windows\System32\Drivers\lvuvc64.sys [2012-10-26 4758176]S3 mferkdet;McAfee Inc. mferkdet;C:\windows\System32\Drivers\mferkdet.sys [2012-6-22 106552]S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-8-28 273136]S3 npggsvc;nProtect GameGuard Service;C:\windows\System32\GameMon.des -service --> C:\windows\System32\GameMon.des -service [?]S3 rtsuvc;Lenovo EasyCamera;C:\windows\System32\Drivers\rtsuvc.sys [2013-8-20 8235792]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\Drivers\ssudmdm.sys [2013-8-20 204568]S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\Drivers\wdcsam64.sys [2008-5-6 14464]S3 WSDScan;WSD Scan Support;C:\windows\System32\Drivers\WSDScan.sys [2013-5-18 23552]S3 wsvd;wsvd;C:\windows\System32\Drivers\wsvd.sys [2013-5-18 102376]S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\windows\System32\Drivers\xusb22.sys [2012-7-25 89088].=============== File Associations ===============.FileExt: .txt: txtfile=C:\windows\System32\NOTEPAD.EXE %1 [userChoice].=============== Created Last 30 ================.2013-11-22 06:13:11 -------- d-----w- C:\Users\Jerrysohma\AppData\Roaming\OBS2013-11-22 06:13:08 -------- d-----w- C:\Program Files\OBS2013-11-22 06:13:07 -------- d-----w- C:\Program Files (x86)\OBS2013-11-22 01:12:42 -------- d-----w- C:\Program Files\Common Files\Intel2013-11-22 01:12:42 -------- d-----w- C:\Program Files (x86)\Cisco2013-11-22 01:10:29 -------- d-----w- C:\windows\LastGood.Tmp2013-11-20 21:34:11 -------- d-----w- C:\Users\Jerrysohma\AppData\Local\Logitech2013-11-20 21:33:52 18960 ----a-w- C:\windows\System32\drivers\LNonPnP.sys2013-11-20 21:33:41 -------- d-----w- C:\Program Files\Logitech Gaming Software2013-11-20 21:33:02 -------- d-----w- C:\Users\Jerrysohma\AppData\Roaming\Logishrd2013-11-18 14:44:31 -------- d-----w- C:\windows\SysWow64\xlive2013-11-18 14:44:27 -------- d-----w- C:\Program Files (x86)\Microsoft Games for Windows - LIVE2013-11-18 02:45:25 -------- d-----w- C:\Program Files (x86)\MSECache2013-11-17 07:30:37 -------- d-----w- C:\Users\Jerrysohma\AppData\Roaming\Malwarebytes2013-11-17 07:30:23 -------- d-----w- C:\ProgramData\Malwarebytes2013-11-17 07:30:22 25928 ----a-w- C:\windows\System32\drivers\mbam.sys2013-11-17 07:30:22 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-11-15 22:01:39 -------- d-----w- C:\Users\Jerrysohma\AppData\Roaming\Red Alert 3 Uprising2013-11-14 21:58:35 -------- d-----w- C:\ProgramData\WinterSoft2013-11-14 21:58:25 -------- d-----w- C:\Users\Jerrysohma\AppData\Roaming\SendSpace2013-11-14 21:58:18 -------- d-----w- C:\ProgramData\surfe annd keep2013-11-14 21:58:17 -------- d-----w- C:\Program Files (x86)\surfe annd keep2013-11-14 21:58:14 -------- d-----w- C:\ProgramData\5c06ab9d9ab4ce8f2013-11-14 21:57:49 -------- d-----w- C:\ProgramData\InstallMate2013-11-13 19:57:47 78296 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl2013-11-13 19:57:47 694232 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe2013-11-13 04:04:18 576512 ----a-w- C:\windows\System32\drivers\afd.sys2013-11-13 04:03:27 1160192 ----a-w- C:\windows\System32\IKEEXT.DLL2013-11-13 04:03:15 96600 ----a-w- C:\windows\System32\drivers\wfplwfs.sys2013-11-13 04:03:14 723968 ----a-w- C:\windows\System32\BFE.DLL2013-11-13 04:00:58 2062848 ----a-w- C:\windows\System32\d3d11.dll2013-11-13 04:00:57 1711616 ----a-w- C:\windows\SysWow64\d3d11.dll2013-11-13 04:00:55 419328 ----a-w- C:\windows\System32\schannel.dll2013-11-13 04:00:55 323072 ----a-w- C:\windows\SysWow64\schannel.dll2013-11-13 04:00:48 2304512 ----a-w- C:\windows\System32\authui.dll2013-11-13 04:00:48 2035712 ----a-w- C:\windows\SysWow64\authui.dll2013-11-13 02:37:23 -------- d-----w- C:\ProgramData\Blizzard Entertainment2013-11-13 02:37:23 -------- d-----w- C:\Program Files (x86)\World of Warcraft2013-11-13 02:37:23 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment2013-11-13 02:36:15 -------- d-----w- C:\ProgramData\Battle.net2013-11-13 00:47:51 -------- d-----w- C:\Users\Jerrysohma\AppData\Roaming\WebApp2013-11-12 18:04:55 -------- d-----w- C:\Users\Jerrysohma\AppData\Local\Introversion2013-11-08 07:34:55 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive2013-11-08 07:34:55 -------- d-----r- C:\Users\Jerrysohma\SkyDrive2013-11-08 07:34:52 -------- d-----w- C:\ProgramData\Microsoft SkyDrive2013-11-08 07:32:55 566480 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe2013-11-08 07:31:44 -------- d-----w- C:\Program Files\Microsoft Office 152013-11-08 07:23:27 -------- d-----w- C:\Users\Jerrysohma\AppData\Roaming\VERIZON2013-11-04 21:19:21 30312 ----a-w- C:\windows\System32\aspnet_counters.dll2013-11-04 21:19:18 28776 ----a-w- C:\windows\SysWow64\aspnet_counters.dll2013-11-04 21:01:08 -------- d-----w- C:\Users\Jerrysohma\AppData\Roaming\e-academy Inc2013-11-04 21:01:08 -------- d-----w- C:\Users\Jerrysohma\AppData\Local\e-academy Inc2013-11-02 02:27:54 -------- d-----w- C:\Users\Jerrysohma\AppData\Roaming\Ubisoft2013-11-02 00:18:23 -------- d-----w- C:\GOG Games2013-11-01 23:10:27 -------- d-----w- C:\Users\Jerrysohma\AppData\Local\GOG.com2013-11-01 23:10:23 -------- d-----w- C:\Program Files (x86)\GOG.com2013-10-31 03:27:34 -------- d-----w- C:\Program Files (x86)\The Mighty Quest For Epic Loot2013-10-30 03:34:19 -------- d-----w- C:\Users\Jerrysohma\AppData\Local\Solid State Networks2013-10-30 03:34:14 -------- d-----w- C:\Program Files (x86)\MeteorEntertainment2013-10-29 05:07:18 955168 ----a-w- C:\windows\SysWow64\nvspcap.dll2013-10-29 05:07:18 1063200 ----a-w- C:\windows\System32\nvspcap64.dll2013-10-29 05:06:46 39200 ----a-w- C:\windows\System32\drivers\nvvad64v.sys2013-10-29 05:06:46 28960 ----a-w- C:\windows\SysWow64\nvaudcap32v.dll2013-10-28 02:27:59 -------- d--h--w- C:\windows\msdownld.tmp2013-10-28 02:27:55 -------- d-----w- C:\windows\SysWow64\directx2013-10-26 07:50:53 -------- d-----w- C:\Users\Jerrysohma\AppData\Roaming\BANDISOFT2013-10-26 07:50:45 -------- d-----w- C:\Program Files (x86)\Bandicam2013-10-26 07:50:44 -------- d-----w- C:\Program Files (x86)\BandiMPEG1.==================== Find3M ====================.2013-11-07 07:11:54 280904 ----a-w- C:\windows\SysWow64\PnkBstrB.xtr2013-11-07 07:11:54 280904 ----a-w- C:\windows\SysWow64\PnkBstrB.exe2013-11-05 05:23:56 290184 ----a-w- C:\windows\SysWow64\PnkBstrB.ex02013-10-15 21:54:06 589600 ----a-w- C:\windows\SysWow64\nvStreaming.exe2013-10-15 21:47:39 6665504 ----a-w- C:\windows\System32\nvcpl.dll2013-10-15 21:47:39 3489568 ----a-w- C:\windows\System32\nvsvc64.dll2013-10-15 21:47:36 922912 ----a-w- C:\windows\System32\nvvsvc.exe2013-10-15 21:47:36 63776 ----a-w- C:\windows\System32\nvshext.dll2013-10-15 21:47:36 597280 ----a-w- C:\windows\SysWow64\oemdspif.dll2013-10-15 21:47:36 2559776 ----a-w- C:\windows\System32\nvsvcr.dll2013-10-15 21:47:36 219424 ----a-w- C:\windows\System32\nvmctray.dll2013-10-12 08:45:20 2241536 ----a-w- C:\windows\System32\wininet.dll2013-10-12 08:43:37 3959808 ----a-w- C:\windows\System32\jscript9.dll2013-10-12 07:03:50 1767936 ----a-w- C:\windows\SysWow64\wininet.dll2013-10-12 07:02:33 2877952 ----a-w- C:\windows\SysWow64\jscript9.dll2013-10-09 04:12:50 2193136 ----a-w- C:\windows\System32\Netwuw01.dll2013-10-09 04:12:46 3345376 ----a-w- C:\windows\System32\drivers\NETwew00.sys2013-10-04 18:50:37 76888 ----a-w- C:\windows\SysWow64\PnkBstrA.exe2013-10-02 23:25:41 1300992 ----a-w- C:\windows\System32\gdi32.dll2013-10-01 23:37:57 1569280 ----a-w- C:\windows\SysWow64\crypt32.dll2013-10-01 23:26:49 1890816 ----a-w- C:\windows\System32\crypt32.dll2013-10-01 22:22:19 1022976 ----a-w- C:\windows\SysWow64\gdi32.dll2013-09-27 23:01:38 29984 ----a-w- C:\windows\System32\nvaudcap64v.dll2013-09-17 02:06:25 973736 ----a-w- C:\windows\System32\deployJava1.dll2013-09-17 02:06:25 1095080 ----a-w- C:\windows\System32\npDeployJava1.dll2013-09-17 02:06:25 108968 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll2013-09-13 22:36:37 35328 ----a-w- C:\windows\SysWow64\wuapp.exe2013-09-13 22:36:23 84992 ----a-w- C:\windows\SysWow64\wudriver.dll2013-09-13 22:36:23 126976 ----a-w- C:\windows\SysWow64\wuwebv.dll2013-09-13 22:36:14 247296 ----a-w- C:\windows\SysWow64\ubpm.dll2013-09-13 22:34:14 40448 ----a-w- C:\windows\System32\wuapp.exe2013-09-13 22:33:55 252928 ----a-w- C:\windows\System32\WUSettingsProvider.dll2013-09-13 22:33:55 142848 ----a-w- C:\windows\System32\wuwebv.dll2013-09-13 22:33:54 99328 ----a-w- C:\windows\System32\wudriver.dll2013-09-13 22:33:54 1622016 ----a-w- C:\windows\System32\wucltux.dll2013-09-13 22:33:42 328192 ----a-w- C:\windows\System32\ubpm.dll2013-09-13 22:33:39 175104 ----a-w- C:\windows\System32\storewuauth.dll2013-09-12 08:58:10 1884448 ----a-w- C:\windows\System32\nvdispco6432723.dll2013-09-12 08:58:10 1511712 ----a-w- C:\windows\System32\nvdispgenco6432723.dll2013-09-05 23:06:15 96168 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll2013-09-05 23:06:09 867240 ----a-w- C:\windows\SysWow64\npDeployJava1.dll2013-09-05 23:06:09 789416 ----a-w- C:\windows\SysWow64\deployJava1.dll2013-08-30 05:43:40 61784 ----a-w- C:\windows\System32\drivers\crashdmp.sys2013-08-30 05:20:13 1173504 ----a-w- C:\windows\System32\UIAutomationCore.dll2013-08-29 23:48:12 914432 ----a-w- C:\windows\SysWow64\UIAutomationCore.dll2013-08-28 22:24:46 4262128 ----a-w- C:\windows\System32\wlihvui.dll2013-08-28 22:24:44 2351856 ----a-w- C:\windows\System32\iwmssvc.dll2013-08-27 13:53:24 963152 ----a-w- C:\windows\System32\msvcr120.dll.============= FINISH: 11:27:18.05 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 8Boot Device: \Device\HarddiskVolume3Install Date: 5/31/2013 8:05:35 AMSystem Uptime: 11/21/2013 9:55:58 PM (14 hours ago).Motherboard: LENOVO | | INVALIDProcessor: Intel® Core i7-3630QM CPU @ 2.40GHz | U3E1 | 2401/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 884 GiB total, 275.017 GiB free.D: is FIXED (NTFS) - 25 GiB total, 22.688 GiB free.E: is CDROM ()F: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}Description: avast! SecureLine TAP AdapterDevice ID: ROOT\NET\0000Manufacturer: TAP-Windows Provider V9Name: avast! SecureLine TAP AdapterPNP Device ID: ROOT\NET\0000Service: tap0901.Class GUID: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}Description: Intel® Centrino® Wireless Bluetooth® 4.0 + High Speed AdapterDevice ID: USB\VID_8087&PID_07DA\6&2E2F5DEF&0&3Manufacturer: Intel CorporationName: Intel® Centrino® Wireless Bluetooth® 4.0 + High Speed AdapterPNP Device ID: USB\VID_8087&PID_07DA\6&2E2F5DEF&0&3Service: BTHUSB.==== System Restore Points ===================.RP47: 11/19/2013 5:23:12 PM - Installed DirectXRP48: 11/21/2013 10:05:52 PM - Removed Google Talk Plugin.==== Installed Programs ======================.Adobe AIRAdobe Flash Player 11 PluginAdobe Reader XI (11.0.05)Amnesia: The Dark DescentApple Application SupportApple Mobile Device SupportApple Software UpdateArtemis Artemis DEMOAssassin's CreedAudacity 2.0.3avast! Free AntivirusAwesomenautsBandicamBandisoft MPEG-1 DecoderBatman: Arkham Asylum GOTY EditionBattlefield 1942™Battlefield 3™Battlefield 4™ BetaBattlelog Web PluginsBioShockBioShock InfiniteBitRaider Web ClientBonjourBrothers - A Tale of Two SonsBurnout Paradise: The Ultimate BoxCCleanerChivalry: Medieval WarfareCloudberry KingdomCommand and Conquer: Red Alert 3 - UprisingCompatibility Pack for the 2007 Office systemConverterLite 1.6.3Cry of FearCrysis 2 Maximum EditionD3DX10DamnedDead Space™ 3DefianceDeus Ex: Game of the Year EditionDeus Ex: Human RevolutionDota 2DropboxDust: An Elysian TailElectronic Super JoyElswordEnergy ManagementESN SonarEuro Truck Simulator 2ExpressCacheF.E.A.R.F.E.A.R. 2: Project OriginFallout 3 - Game of the Year EditionFallout: New VegasFar Cry® 3 Blood DragonFEZFINAL FANTASY VIIForgeFrapsFreeRide GamesFTL: Faster Than LightGameMaker-Studio 1.2GeForce Experience NvStream Client ComponentsGOG.com Downloader version 3.6.0Gone HomeGoogle ChromeGoogle Update HelperGrand Theft Auto IIIGrand Theft Auto: San AndreasGrand Theft Auto: Vice CityHalf-LifeHalf-Life 2Half-Life 2: DeathmatchHalf-Life 2: Episode OneHalf-Life 2: Episode TwoHalf-Life 2: Lost CoastHalf-Life Deathmatch: SourceHalf-Life: Blue ShiftHalf-Life: Opposing ForceHalf-Life: SourceHawkenHotline MiamiIntel AppUp(SM) centerIntel Processor Diagnostic Tool 64BitIntel® Control CenterIntel® Management Engine ComponentsIntel® PRO/Wireless DriverIntel® PROSet/Wireless Software for Bluetooth® TechnologyIntel® Rapid Storage TechnologyIntel® PROSet/Wireless SoftwareIntel® PROSet/Wireless WiFi SoftwareIntel® Trusted Connect Service ClientiTunesJava 7 Update 25Java 7 Update 40 (64-bit)Java Auto UpdaterJava SE Development Kit 7 Update 25 (64-bit)Java SE Development Kit 7 Update 40 (64-bit)Java 6 Update 21 (64-bit)JingJMicron Flash Media Controller DriverJust Cause 2Kerbal Space ProgramLAME v3.99.3 (for Windows)League of LegendsLeft 4 Dead 2Lenovo OneKey RecoveryLenovo PhotosLenovo pointing deviceLenovo PowerDVD10Lenovo YouCamLineage IILogitech Gaming SoftwareLogitech Gaming Software 8.50Mafia IIMagickaMalwarebytes Anti-Malware version 1.75.0.1300Mark of the NinjaMcPixelMedal of Honor MultiplayerMedal of Honor Single PlayerMedieval II: Total WarMicrosoft Application Error ReportingMicrosoft Games for Windows - LIVE RedistributableMicrosoft Games for Windows MarketplaceMicrosoft Office 365 Home Premium - en-usMicrosoft Office Basic Edition 2003Microsoft SilverlightMicrosoft SkyDriveMicrosoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.20827Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.20827Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.20827Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20827Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.20827Microsoft Visual Studio Ultimate 2013 RCMicrosoft XNA Framework Redistributable 3.1Microsoft XNA Framework Redistributable 4.0 RefreshMicrosoft Zoo TycoonMirror's EdgeMortal Kombat KollectionMovie MakerMSVCRTMSVCRT110MSVCRT110_amd64MuseScore 1.3NCsoft LauncherNetBeans IDE 7.3.1NVIDIA 3D Vision Driver 331.58NVIDIA Control Panel 331.58NVIDIA GeForce Experience 1.7NVIDIA Graphics Driver 331.58NVIDIA HD Audio Driver 1.3.26.4NVIDIA Install ApplicationNVIDIA LED Visualizer 1.0NVIDIA PhysXNVIDIA PhysX System Software 9.13.0725NVIDIA ShadowPlay 9.3.16NVIDIA Stereoscopic 3D DriverNVIDIA Update 9.3.16NVIDIA Update ComponentsNVIDIA Virtual Audio 1.2.9Office 15 Click-to-Run Extensibility ComponentOffice 15 Click-to-Run Licensing ComponentOffice 15 Click-to-Run Localization ComponentOnekey TheaterOpen Broadcaster SoftwareOpenALOpenOffice.org 3.4.1OriginPando Media BoosterPath of ExilePC MonitorPhoto CommonPhoto GalleryPlanetSide 2Pokémon Trading Card Game OnlinePower2GoPrison ArchitectPunkBuster ServicesQualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet DriverReader Library by SonyRealtek High Definition Audio DriverRealtek PC CameraRollerCoaster Tycoon 3 PlatinumSaints Row: The ThirdScribblenauts UnlimitedSecure Download ManagerShared C Run-time for x64SHIELD StreamingSid Meier's Civilization VSimCity 4 DeluxeSins of a Solar Empire: RebellionSkype Click to CallSkype™ 6.10Sleeping Dogs™Source SDK Base 2007Star Wars - Jedi Knight II: Jedi OutcastStar Wars - Jedi Knight: Mysteries of the SithStar Wars Jedi Knight: Dark Forces IIStar Wars Jedi Knight: Jedi AcademyStar Wars The Old RepublicStar Wars: Dark ForcesStar Wars: The Old RepublicStargunnerSteamSugarSync ManagerSuper Street Fighter IV: Arcade EditionSynfig StudioTeam Fortress 2Team Fortress ClassicTerrariaThe Elder Scrolls V: SkyrimThe Mighty Quest For Epic Loot version 1.219367The Sims™ 3The Sims™ 3 High-End Loft StuffThe Sims™ 3 Late NightThe Walking DeadTomb RaiderTuneClone 2.20Unity Web PlayerUplayUserGuideVentrilo Client for Windows x64Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1)Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733)Windows Live Communications PlatformWindows Live EssentialsWindows Live InstallerWindows Live Photo CommonWindows Live PIMT PlatformWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWorld of Warcraft.==== Event Viewer Messages From Past Week ========.11/21/2013 9:59:07 PM, Error: Service Control Manager [7000] - The McAfee VirusScan Announcer service failed to start due to the following error: The system cannot find the file specified.11/21/2013 9:59:07 PM, Error: Service Control Manager [7000] - The McAfee Services service failed to start due to the following error: The system cannot find the file specified.11/21/2013 9:59:07 PM, Error: Service Control Manager [7000] - The McAfee Network Agent service failed to start due to the following error: The system cannot find the file specified.11/21/2013 9:58:27 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.11/21/2013 9:58:27 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.11/21/2013 9:57:04 PM, Error: Service Control Manager [7000] - The McAfee Proxy Service service failed to start due to the following error: The system cannot find the file specified.11/21/2013 9:57:04 PM, Error: Service Control Manager [7000] - The McAfee Personal Firewall Service service failed to start due to the following error: The system cannot find the file specified.11/21/2013 9:57:04 PM, Error: Service Control Manager [7000] - The McAfee Anti-Spam Service service failed to start due to the following error: The system cannot find the file specified.11/21/2013 9:56:02 PM, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.11/20/2013 1:46:13 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{131C9840-C9FA-4C69-AAE9-07E853A659A2} because another computer on the network has the same name. The server could not start.11/20/2013 1:46:13 PM, Error: NetBT [4321] - The name "TROGDOR :20" could not be registered on the interface with IP address 134.129.54.48. The computer with the IP address 134.129.111.178 did not allow the name to be claimed by this computer.11/20/2013 1:46:13 PM, Error: NetBT [4321] - The name "TROGDOR :0" could not be registered on the interface with IP address 134.129.54.48. The computer with the IP address 134.129.111.178 did not allow the name to be claimed by this computer.11/18/2013 8:25:49 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070103: Intel driver update for Intel® Centrino® Wireless-N 2230.11/17/2013 5:49:43 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} and APPID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user Trogdor\Jerrysohma SID (S-1-5-21-3178378929-893640613-1100383122-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.11/17/2013 4:02:05 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control..==== End Of File ===========================
  6. Hello, MBAM Forum. I play Mount and Blade: Warband, and its expansion, Napoleonic Wars quite a bit on Steam. Starting a few weeks ago (3-5), I began getting IP Blocks from my copy of MBAM Pro. Each time, its the same address from the same location. Using a IP lookup (whatismyipaddress), I've discovered that its in the geographic center of Ukraine. I was wondering, What does it mean? I've been running scans each day with all programs that I have (MBAM Pro, Avast! Free antivirus, and Norton 360), and none come up with anything wrong except Norton and random Tracking Cookies with what is usually does. I've posted on the makers of the game's forum for support, but to no avail. Mind helping me out on this one?
  7. Being a Walking Dead Fan, I was looking for a livestream via the wikia chatroom that gets filled up each week when an episode comes on. During that, I got some blocks from MBAM relating to Avastsvc.exe. I was wondering, what do they mean? The two of them were 193.107.16.12 and 31.220.0.47. Why does it do that, and is that alright? I've run scans and nothings come up.
  8. Hi, Mail Ip for pigeon.cei.com.sg is blocked by malwarebytes.Below is the mail IP 203.117.91.74 and 203.117.91.77. Is it safe to unblock the IP ?
  9. Dear Malwarebytes, I have a website on an IS provider. Could you check and inform why the following ip is beeing blocked by malwarebytes website block? Thanks for you help. IP-BLOCK: 212.40.120.230 (Type: outgoing, Port: 61431, Process: chrome.exe)
  10. Hi, 64.15.147.230 IP blocked. Its a Main IP for a linux hosting located @ canada. Please unblock it if it is believe to be clean.
  11. Website http://www.arkadia.com (IP 83.243.11.114) is blocked by Malwarebytes Anti-Malware. This site contains the only real estate listings, no downloadable software, no active modules interacting with client computer. Also the server datafile5.arkadia.com (IP 83.243.11.115) is blocked too. This server contains the only pictures. I check these sites by tools from http://mxtoolbox.com/, result is OK. Could you explain the reason of blocking? Thanks. protection-log-2012-09-27.rar
  12. Hello, I ran the dds and it provided me the 2 txt files. I've zipped and attached the attach.txt file as instructed. . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Peter at 13:41:22 on 2012-09-11 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8094.6089 [GMT -4:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork c:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files\Conexant\SA3\CxUtilSvc.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation c:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Windows\system32\mfevtps.exe C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files\Elantech\ETDCtrl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe C:\Program Files\Conexant\SA3\SmartAudio3.exe C:\Windows\System32\rundll32.exe C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Elantech\ETDCtrlHelper.exe C:\Program Files\Elantech\ETDGesture.exe C:\Program Files\mcafee.com\agent\mcagent.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\wuauclt.exe C:\Program Files\mcafee\VirusScan\mcods.exe C:\Program Files\Common Files\McAfee\Core\mchost.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\calc.exe C:\PROGRA~1\McAfee\MSM\McSmtFwk.exe C:\PROGRA~1\COMMON~1\McAfee\MSC\McUICnt.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Windows\SysWOW64\NOTEPAD.EXE C:\Users\Peter\Downloads\Tcpview.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = *.local mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120902001349.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: DhcpNameServer = 152.1.2.22 152.1.1.206 TCP: Interfaces\{930A8417-B95C-48A9-ABDA-69B677CA07A0} : DhcpNameServer = 152.1.2.22 152.1.1.206 TCP: Interfaces\{930A8417-B95C-48A9-ABDA-69B677CA07A0}\2656C6B696E6E2537316 : DhcpNameServer = 192.168.2.1 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120902001349.dll BHO-X64: scriptproxy - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 mRun-x64: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\oerfbmr1.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll . ============= SERVICES / DRIVERS =============== . R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\system32\drivers\iusb3hcs.sys --> C:\Windows\system32\drivers\iusb3hcs.sys [?] R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-9-30 169408] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960] R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-1-9 659968] R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-5-12 249648] R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-3-27 1014096] R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-3-27 1104208] R2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-1-17 135952] R2 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe [2012-7-12 109184] R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-8-2 173056] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-7-12 13592] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-1-10 627936] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-10 655944] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936] R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936] R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-7-12 199304] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-7-12 210616] R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?] R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-5-4 503080] R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-7-12 1695040] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-7-12 363800] R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-3-29 2669840] R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\Windows\system32\DRIVERS\AMPPAL.sys --> C:\Windows\system32\DRIVERS\AMPPAL.sys [?] R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2012-3-27 1304912] R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?] R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?] R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 ETD;Dell Touchpad;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?] R3 ibtfltcoex;ibtfltcoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?] R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\iusb3hub.sys --> C:\Windows\system32\DRIVERS\iusb3hub.sys [?] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\system32\DRIVERS\iusb3xhc.sys --> C:\Windows\system32\DRIVERS\iusb3xhc.sys [?] R3 iwdbus;IWD Bus Enumerator;C:\Windows\system32\DRIVERS\iwdbus.sys --> C:\Windows\system32\DRIVERS\iwdbus.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MEIx64;Intel® Management Engine Interface ;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\Netwsw00.sys --> C:\Windows\system32\DRIVERS\Netwsw00.sys [?] R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RTSUVSTOR.sys --> C:\Windows\system32\Drivers\RTSUVSTOR.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-7-12 250056] S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\Windows\system32\DRIVERS\amppal.sys --> C:\Windows\system32\DRIVERS\amppal.sys [?] S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-6-7 191752] S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-7-12 276248] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\system32\drivers\intelaud.sys --> C:\Windows\system32\drivers\intelaud.sys [?] S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\mcafee\msc\mcawfwk.exe [2012-7-12 224704] S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-6-17 237008] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-9-1 114144] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-3-29 273168] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-1-27 249936] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-09-11 15:00:56 -------- d-----w- C:\Users\Peter\AppData\Local\ElevatedDiagnostics 2012-09-10 15:43:33 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-09-10 15:05:42 -------- d-----w- C:\Users\Peter\AppData\Local\Diagnostics 2012-09-06 16:20:31 -------- d-----w- C:\Users\Peter\AppData\Roaming\Malwarebytes 2012-09-06 16:20:19 -------- d-----w- C:\ProgramData\Malwarebytes 2012-09-06 16:20:17 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-09-04 00:28:43 -------- d-----w- C:\Users\Peter\AppData\Local\Google 2012-09-03 13:03:36 -------- d-----w- C:\Windows\SysWow64\Wat 2012-09-03 13:03:36 -------- d-----w- C:\Windows\System32\Wat 2012-09-03 02:23:43 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys 2012-09-02 22:07:32 1544704 ----a-w- C:\Windows\System32\DWrite.dll 2012-09-02 22:06:59 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-09-02 22:06:58 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-09-02 22:06:02 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-09-02 22:06:01 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2012-09-02 22:06:00 3216384 ----a-w- C:\Windows\System32\msi.dll 2012-09-02 22:06:00 2342400 ----a-w- C:\Windows\SysWow64\msi.dll 2012-09-02 21:58:10 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-09-02 21:58:10 466944 ----a-w- C:\Program Files\Common Files\System\ado\msadomd.dll 2012-09-02 21:58:10 258048 ----a-w- C:\Program Files\Common Files\System\msadc\msadco.dll 2012-09-02 21:58:10 1499136 ----a-w- C:\Program Files\Common Files\System\ado\msado15.dll 2012-09-02 21:58:10 1019904 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll 2012-09-02 21:58:09 61440 ----a-w- C:\Program Files\Common Files\System\ado\msador15.dll 2012-09-02 21:58:09 57344 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msador15.dll 2012-09-02 21:58:09 495616 ----a-w- C:\Program Files\Common Files\System\ado\msadox.dll 2012-09-02 21:58:09 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2012-09-02 21:58:09 352256 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadomd.dll 2012-09-02 21:58:09 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2012-09-02 21:58:09 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll 2012-09-02 21:58:09 1133568 ----a-w- C:\Windows\System32\cdosys.dll 2012-09-01 23:04:12 -------- d-----w- C:\Users\Peter\AppData\Local\Apple Computer 2012-09-01 23:03:58 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2012-09-01 23:03:58 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll 2012-09-01 23:03:58 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll 2012-09-01 23:03:29 -------- d-----w- C:\Program Files\iPod 2012-09-01 23:03:28 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2012-09-01 23:03:28 -------- d-----w- C:\Program Files\iTunes 2012-09-01 23:03:28 -------- d-----w- C:\Program Files (x86)\iTunes 2012-09-01 23:03:00 -------- d-----w- C:\Users\Peter\AppData\Local\Apple 2012-09-01 23:02:41 -------- d-----w- C:\Program Files\Bonjour 2012-09-01 23:02:41 -------- d-----w- C:\Program Files (x86)\Bonjour 2012-09-01 22:46:28 -------- d-----w- C:\Users\Peter\AppData\Local\Absolute_Software 2012-09-01 21:22:55 -------- d-----w- C:\Users\Peter\AppData\Roaming\WildTangent 2012-09-01 20:45:16 -------- d-----w- C:\Users\Peter\AppData\Local\Macromedia 2012-09-01 20:37:59 -------- d-----w- C:\ProgramData\McAfee Security Scan 2012-09-01 20:37:58 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan 2012-09-01 20:30:04 -------- d-----w- C:\Users\Peter\AppData\Local\Mozilla 2012-09-01 20:29:55 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service 2012-09-01 19:48:04 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2012-09-01 19:47:29 -------- d-----w- C:\Users\Peter\AppData\Local\Microsoft Help 2012-09-01 19:41:54 -------- d-----w- C:\TrustedID IDMonitor Identity Protection 2012-09-01 19:41:53 -------- d-----w- C:\Program Files (x86)\Absolute Software 2012-09-01 19:40:57 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery 2012-09-01 19:36:57 -------- d-----w- C:\Users\Peter\AppData\Roaming\Dell 2012-09-01 19:36:34 -------- d-----w- C:\Users\Peter\AppData\Roaming\Fingertapps 2012-09-01 19:36:19 -------- d-----w- C:\Users\Peter\AppData\Roaming\Intel Corporation 2012-09-01 19:35:53 -------- d-----w- C:\Users\Peter\AppData\Local\Dell 2012-09-01 19:35:29 -------- d-----w- C:\Users\Peter\AppData\Local\Conexant 2012-09-01 19:35:14 -------- d-----w- C:\Users\Peter\AppData\Local\Adobe 2012-09-01 19:34:22 -------- d-----w- C:\Users\Peter\AppData\Local\VirtualStore 2012-09-01 19:32:22 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-09-01 19:32:01 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-09-01 19:31:31 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-09-01 19:31:31 186752 ----a-w- C:\Windows\System32\wuwebv.dll . ==================== Find3M ==================== . 2012-09-01 20:45:51 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-09-01 20:45:51 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-18 18:15:06 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-12 18:21:15 91648 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe 2012-07-04 22:13:27 59392 ----a-w- C:\Windows\System32\browcli.dll 2012-07-04 22:13:27 136704 ----a-w- C:\Windows\System32\browser.dll 2012-07-04 21:14:34 41984 ----a-w- C:\Windows\SysWow64\browcli.dll 2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb . ============= FINISH: 13:42:14.72 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 9/1/2012 3:29:15 PM System Uptime: 9/11/2012 10:26:05 AM (3 hours ago) . Motherboard: Dell Inc. | | 04G65K Processor: Intel® Core i7-3612QM CPU @ 2.10GHz | U3E1 | 2101/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 912 GiB total, 819.128 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP32: 9/6/2012 5:31:33 PM - Windows Update RP33: 9/9/2012 9:55:21 AM - Windows Update RP34: 9/10/2012 6:55:08 PM - Windows Update RP35: 9/11/2012 8:20:47 AM - Windows Update . ==== Installed Programs ====================== . Accidental Damage Services Agreement Adobe AIR Adobe Community Help Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Photoshop Elements 9 Adobe Premiere Elements 9 Adobe Reader X (10.1.4) MUI Advanced Audio FX Engine Apple Application Support Apple Software Update Banctec Service Agreement Bejeweled 2 Deluxe Bing Bar Blackhawk Striker 2 Blio Bounce Symphony Build-a-lot 2 Cake Mania Chuzzle Deluxe Complete Care Business Service Agreement Consumer In-Home Service Agreement Cozi D3DX10 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dell DataSafe Local Backup Dell DataSafe Local Backup - Support Software Dell DataSafe Online Dell Digital Delivery Dell Getting Started Guide Dell Home Systems Service Agreement Dell MusicStage Dell PhotoStage Dell Stage Dell Stage Remote Dell VideoStage Dell Webcam Central Diner Dash 2 Restaurant Rescue Dora's World Adventure eBay Elements 9 Organizer Elements STI Installer Escape Whisper Valley Farm Frenzy FATE Final Drive Fury Final Drive Nitro High-Definition Video Playback Install LoJack for Laptops Intel® Control Center Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology Intel® USB 3.0 eXtensible Host Controller Driver Intel® WiDi Jewel Quest Jewel Quest Solitaire 2 Junk Mail filter update Luxor Malwarebytes Anti-Malware version 1.62.0.1300 McAfee Security Scan Plus McAfee SecurityCenter Mesh Runtime Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Home and Student 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_CRT_x86 Mozilla Firefox 15.0 (x86 en-US) Mozilla Firefox 15.0.1 (x86 en-US) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 Namco All-Stars PAC-MAN Nero 10 Movie ThemePack Basic Nero Control Center 10 Nero ControlCenter 10 Help (CHM) Nero Core Components 10 Nero Update Penguins! Plants vs. Zombies - Game of the Year PlayReady PC Runtime x86 Poker Superstars III Polar Bowler Polar Golfer Premium Service Agreement QualxServ Service Agreement Realtek USB 2.0 Card Reader Samantha Swift Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition Skype™ 5.10 SmartSound Quicktracks for Premiere Elements 9.0 SyncUP TrustedID IDMonitor Identity Protection Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update Installer for WildTangent Games App Virtual Villagers 4 - The Tree of Life Wedding Dash - Ready, Aim, Love! WildTangent Games WildTangent Games App (Dell Games) Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Zinio Reader 4 Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 9/6/2012 9:33:18 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} 9/6/2012 9:29:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 9/6/2012 9:29:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 9/6/2012 9:29:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 9/6/2012 9:29:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 9/6/2012 9:29:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 9/6/2012 9:29:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 9/6/2012 9:29:15 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache mfehidk mfenlfk NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning. 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start. 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The McAfee Personal Firewall Service service depends on the Windows Firewall service which failed to start because of the following error: The dependency service or group failed to start. 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start. 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start. 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 9/6/2012 9:29:15 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 9/6/2012 9:28:23 PM, Error: Service Control Manager [7023] - The Intel® PROSet/Wireless Zero Configuration Service service terminated with the following error: %%-2147196306 9/6/2012 9:28:22 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The service has not been started. 9/6/2012 9:28:21 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: A system shutdown is in progress. 9/6/2012 9:28:19 PM, Error: Service Control Manager [7038] - The PolicyAgent service was unable to log on as NT Authority\NetworkService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). 9/6/2012 9:28:19 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not start due to a logon failure. 9/6/2012 5:31:50 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f020b: Microsoft - Other hardware - Microsoft Hardware USB Mouse. 9/6/2012 3:54:40 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 152.14.244.101. The computer with the IP address 152.14.247.29 did not allow the name to be claimed by this computer. 9/6/2012 3:15:56 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xfffffa8007a91060, 0xfffff80000b9c3d8, 0xfffffa800fc62cf0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 090612-27097-01. 9/6/2012 12:42:50 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 152.14.243.188. The computer with the IP address 152.14.245.149 did not allow the name to be claimed by this computer. 9/6/2012 11:27:26 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. 9/6/2012 10:02:51 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 9/5/2012 2:51:31 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 152.14.242.171. The computer with the IP address 152.14.241.6 did not allow the name to be claimed by this computer. 9/5/2012 1:13:48 PM, Error: NetBT [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state. 9/4/2012 3:33:30 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 152.14.241.250. The computer with the IP address 152.14.243.118 did not allow the name to be claimed by this computer. 9/11/2012 8:19:06 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1. 9/10/2012 8:03:46 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control. 9/10/2012 2:38:34 PM, Error: NetBT [4321] - The name "PETER-PC :0" could not be registered on the interface with IP address 152.14.242.165. The computer with the IP address 152.14.241.105 did not allow the name to be claimed by this computer. 9/10/2012 11:27:04 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting. . ==== End Of File ===========================
  13. HI, 124.217.229.91 mail server IP of fair.com.my. blocked Reason ?
  14. Hello, I just activated the Malwarebytes Windows Protection and i got since the first seconds a notification spam coming with this report : IP-BLOCK 83.133.124.95 (Type: outgoing, Port: 60809, Process: svchost.exe) with various IP adresses. I use Windows 7 64 bits and i have every 10 seconds this blue circle next to my mouse arrow (meaning something is working) followed by a Malwarebytes Ip block. I spend a long time on forums looking for a solution but i didnt find any. I just downloaded the DDS file and just wait for any answer to post my DDS and Attach files. Sorry for my bad english skills. Thank you Here are my DDS and Attach Files for the previous post : . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 Run by Oddworld at 1:55:42 on 2012-06-04 Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.8174.5860 [GMT 2:00] . AV: Kaspersky Internet Security *Disabled/Outdated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984} SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Mouse Driver\Tilt.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\Dwm.exe C:\Windows\system32\WUDFHost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtblfs.exe C:\Windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe "C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns "C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns "C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.fr/ uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF uInternet Settings,ProxyServer = socks=127.0.0.1:39042 mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" mRun: [inno Tilt] "C:\Program Files (x86)\Mouse Driver\Tilt.exe" /hide mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.co...72743-17534-1/4 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{23542118-D7AB-4C32-84F3-BF8DB261EC02} : DhcpNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} {9030D464-4C02-4ABF-8ECC-5164760863C6} {AA58ED58-01DD-4d91-8333-CF10577473F7} {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} {DBC80044-A445-435b-BC74-9C25C1C588A9} {E33CF602-D945-461A-83F0-819F76A199F8} {2318C2B1-4965-11d4-9B18-009027A5CD4F} mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun-x64: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" mRun-x64: [inno Tilt] "C:\Program Files (x86)\Mouse Driver\Tilt.exe" /hide mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray IE-X64: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.co...72743-17534-1/4 IE-X64: {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.co...72743-17534-1/4 . ============= SERVICES / DRIVERS =============== . R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-3 63928] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-23 13592] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-30 654408] R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-9-28 25824] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-5-4 2348352] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-4-9 3063968] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-11-23 2656280] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Service Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-4-30 136176] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-4-5 158856] S3 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-4-24 202296] S3 gupdatem;Service Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-4-30 136176] S3 mv91xx;mv91xx;C:\Windows\system32\drivers\mv91xx.sys --> C:\Windows\system32\drivers\mv91xx.sys [?] S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8192su.sys --> C:\Windows\system32\DRIVERS\RTL8192su.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 wsvd;wsvd;C:\Windows\system32\DRIVERS\wsvd.sys --> C:\Windows\system32\DRIVERS\wsvd.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2012-06-03 21:48:57 -------- d-----w- C:\Windows\CheckSur 2012-06-01 09:55:52 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6687E6CC-AEC3-43FC-8EC9-EA7544717CD9}\mpengine.dll 2012-05-31 14:50:20 -------- d-----w- C:\Users\Oddworld\AppData\Local\Diagnostics 2012-05-31 14:42:41 -------- d-----w- C:\Users\Oddworld\AppData\Roaming\Mauk 2012-05-31 14:42:41 -------- d-----w- C:\Users\Oddworld\AppData\Roaming\Inumt 2012-05-24 09:14:02 -------- d-----w- C:\Users\Oddworld\AppData\Roaming\LolClient2 2012-05-21 20:59:25 -------- d-----w- C:\Users\Oddworld\AppData\Local\Chromium 2012-05-15 16:50:16 -------- d-----w- C:\Users\Oddworld\AppData\Local\ElevatedDiagnostics 2012-05-11 20:04:11 -------- d-----w- C:\Users\Oddworld\AppData\Roaming\TS3Client 2012-05-11 20:02:50 -------- d-----w- C:\Users\Oddworld\AppData\Local\TeamSpeak 3 Client 2012-05-07 16:28:06 -------- d-----w- C:\ProgramData\TERA 2012-05-07 15:48:50 -------- d-----w- C:\Program Files (x86)\TERA 2012-05-05 13:18:58 -------- d-----w- C:\ProgramData\boost_interprocess 2012-05-05 13:18:21 -------- d-----r- C:\Program Files (x86)\Skype . ==================== Find3M ==================== . 2012-06-01 14:10:42 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2012-06-01 14:10:42 283304 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2012-06-01 14:10:27 280904 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2012-05-04 20:21:34 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2012-04-04 13:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-03-31 06:05:57 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-03-31 04:39:37 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-03-31 04:39:37 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-03-31 03:10:03 3146240 ----a-w- C:\Windows\System32\win32k.sys 2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-03-17 07:58:57 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys . ============= FINISH: 1:56:04,68 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Édition Familiale Premium Boot Device: \Device\HarddiskVolume1 Install Date: 30/04/2012 12:38:03 System Uptime: 03/06/2012 22:34:31 (3 hours ago) . Motherboard: MEDION | | MS-7667 Processor: Intel® Core™ i7-2700K CPU @ 3.50GHz | CPU 1 | 3501/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 1346 GiB total, 1203,033 GiB free. D: is FIXED (NTFS) - 50 GiB total, 0,007 GiB free. E: is CDROM () F: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP19: 31/05/2012 17:06:14 - OpÉration de restauration RP20: 31/05/2012 17:37:26 - InstallÉ Realtek Ethernet Controller Driver RP21: 01/06/2012 11:55:32 - Windows Update RP22: 03/06/2012 19:00:17 - Sauvegarde Windows RP23: 03/06/2012 23:48:42 - Windows Update . ==== Installed Programs ====================== . Adobe AIR Adobe Reader X (10.1.3) MUI Adobe Shockwave Player 11.6 Battlefield 3™ Battlelog Web Plugins Call of Duty: Black Ops - Multiplayer Contrôle ActiveX Windows Live Mesh pour connexions à distance Control ActiveX de Windows Live Mesh para conexiones remotas Controlo ActiveX do Windows Live Mesh para Ligações Remotas CyberLink LabelPrint CyberLink Power2Go CyberLink PowerDVD Copy CyberLink PowerRecover CyberLink WaveEditor D3DX10 Erazer Control Center ESN Sonar Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych Fotogalerija Windows Live Galeria de Fotografias do Windows Live Galeria fotografii uslugi Windows Live Galerie de photos Windows Live Galería fotográfica de Windows Live Google Chrome Google Toolbar for Internet Explorer Google Update Helper Half-Life 2 Intel® Management Engine Components Intel® Rapid Storage Technology Java Auto Updater Java™ 7 Update 1 JMicron JMB36X Driver Junk Mail filter update Kaspersky Internet Security 2012 Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave League of Legends Malwarebytes Anti-Malware version 1.61.0.1400 Medion Home Cinema Memeo Instant Backup Mesh Runtime Microsoft Office 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mouse driver MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB973688) NVIDIA PhysX NVIDIA Stereoscopic 3D Driver Origin Pando Media Booster Poczta uslugi Windows Live Podstawowe programy Windows Live Pošta Windows Live PunkBuster Services Raccolta foto di Windows Live Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Renesas Electronics USB 3.0 Host Controller Driver S?????? f?t???af??? t?? Windows Live Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Skype Click to Call Skype™ 5.9 Spelling Dictionaries Support For Adobe Reader X St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se?? Steam swMSM TeamSpeak 3 Client TERA Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi VLC media player 2.0.1 Windows Live Windows Live Communications Platform Windows Live Essentials Windows Live Fotótár Windows Live Fotogalerie Windows Live Fotograf Galerisi Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh ActiveX-objekt til fjernforbindelser Windows Live Mesh ActiveX-vezÉrlo távoli kapcsolatokhoz Windows Live Mesh ActiveX control for remote connections Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Temel Parçalar Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== End Of File ===========================
  15. Ladies and Gentleman, A user reports that my sites are being blocked by Malwarebytes. The sites he reported as blocked are bowlingfans.com and bowlingcommunity.com. I am no longer a Windows user so I'm unable to test or confirm what your software is doing but I have checked our server and sites and I'm not seeing any signs of infection or hacks. This same server hosts about a dozen sites in total. We don't serve malware or anything else malicious. Just Google, Viglink, and Chitika ads. Could you please help me resolve this issue and let me know if it's my specific IP or a range block which caused this. Not sure if its related but my sites are protected by CloudFlare.com and serve images and content from their CDN.
  16. Hi I have just installed Malwarebytes and have a "clean" pc I tried to access a web site but got the following IP blocking message 2012/04/07 14:27:31 +0100 TOSH Neil IP-BLOCK 85.159.232.68 (Type: outgoing, Port: 55441, Process: firefox.exe) The owner of this site has checked it and assures me that there is nothing untowards loaded on this server - checked with Avast and other programs. Is this a false positive?
  17. The website www.bolytv.com is being blocked when I try to access it. Works on computers without MAM. 2012/03/11 10:35:12 -0400 THEMAINFRAME Main PC IP-BLOCK 128.127.109.122 (Type: outgoing, Port: 53775, Process: chrome.exe)
  18. site http://www.inthegame.nl/ IP : 213.163.67.174 It's a dutch gaming site probably hosted on a russian server. We would like to know why you blocked this address as we aren't aware of any misuse. If you check this to be okay, please unblock. CBR1100xxVanish protection-log-2012-03-02.zip
  19. Hello, I keep getting notifications from MBAM that it's blocking IPs - specifically 208.73.210.29 and 79.135.148.105 I just ensured I have the latest MBAM and ran both a quick and full scan - nothing shows up: Malwarebytes Anti-Malware (PRO) 1.60.1.1000 www.malwarebytes.org Database version: v2012.02.16.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 JeffC :: PC-DOCSTOC-11 [administrator] Protection: Enabled 2/16/2012 3:38:55 PM mbam-log-2012-02-16 (15-38-55).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 204754 Time elapsed: 3 minute(s), 58 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Attached are DDS logs: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29 Run by JeffC at 15:48:04 on 2012-02-16 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4022.1322 [GMT -8:00] . AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Program Files\IDT\WDM\STacSV64.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\WUDFHost.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Program Files\IDT\WDM\AESTSr64.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\Bonjour\mDNSResponder.exe c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe D:\Program Files (x86)\Dell\Reader 2.1\DVMExportService.exe C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\DellTPad\Apoint.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Windows\System32\rundll32.exe C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Windows\system32\conhost.exe C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe C:\Program Files\UltraMon\UltraMon.exe D:\Program Files (x86)\Dell\Reader 2.1\DellBtrEvent.exe C:\Users\jeffc\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Users\jeffc\AppData\Local\Google\Update\1.3.21.99\GoogleCrashHandler64.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\UltraMon\UltraMonTaskbar.exe C:\Program Files (x86)\Razer\Razer StarCraftII\RazerStarCraftIISysTray.exe C:\Windows\SysWOW64\RunDll32.exe C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtITunesPlugIn.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Windows\system32\conhost.exe C:\PROGRA~2\MICROS~4\Office12\OUTLOOK.EXE C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\jeffc\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\jeffc\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\jeffc\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\jeffc\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\jeffc\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\jeffc\AppData\Local\Mozilla Firefox\firefox.exe C:\Users\jeffc\AppData\Local\Mozilla Firefox\plugin-container.exe C:\Users\jeffc\AppData\Local\Mozilla Firefox\plugin-container.exe C:\Users\jeffc\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Program Files (x86)\Notepad++\notepad++.exe C:\Users\jeffc\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\notepad.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://google.com/ uInternet Settings,ProxyOverride = *.local uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll mWinlogon: Userinit=userinit.exe BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll BHO: DebugBar BHO: {69fc0024-10eb-480a-bbf2-3bf4e78e17b1} - C:\Program Files (x86)\Core Services\DebugBar\DebugInfoBar.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItIEAddin.dll TB: DebugBar: {3e1201f4-1707-409f-bb45-a5f192381da0} - C:\Program Files (x86)\Core Services\DebugBar\DebugToolBar.dll TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File uRun: [Google Update] "C:\Users\jeffc\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [Facebook Update] "C:\Users\jeffc\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [DellBtrEvent] D:\Program Files (x86)\Dell\Reader 2.1\DellBtrEvent.exe mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun: [<NO NAME>] mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Razer StarcraftII Driver] C:\Program Files (x86)\Razer\Razer StarCraftII\RazerStarCraftIISysTray mRun: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLSY~1.LNK - C:\Program Files (x86)\Dell\Dell System Manager\DCPSysMgr.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\TDMNOT~1.LNK - C:\Program Files (x86)\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\UltraMon.lnk - C:\Windows\Installer\{537056B7-32A4-4408-9B54-0341963C7C9C}\IcoUltraMon.ico mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: NoWelcomeScreen = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) mPolicies-system: RunStartupScriptSync = 1 (0x1) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP32EP1-13926/webex/ieatgpc1.cab TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{972AA67F-AF42-4559-BA32-9F03FA473C2F} : NameServer = 192.168.10.100,8.8.8.8 TCP: Interfaces\{972AA67F-AF42-4559-BA32-9F03FA473C2F} : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{972AA67F-AF42-4559-BA32-9F03FA473C2F}\1405D23557075627D416E6 : NameServer = 192.168.10.100,8.8.8.8 TCP: Interfaces\{972AA67F-AF42-4559-BA32-9F03FA473C2F}\1405D23557075627D416E6 : DhcpNameServer = 192.168.10.100 8.8.8.8 8.8.4.4 TCP: Interfaces\{972AA67F-AF42-4559-BA32-9F03FA473C2F}\3564841477966696 : NameServer = 192.168.10.100,8.8.8.8 TCP: Interfaces\{972AA67F-AF42-4559-BA32-9F03FA473C2F}\3564841477966696 : DhcpNameServer = 8.8.8.8 4.2.2.2 TCP: Interfaces\{972AA67F-AF42-4559-BA32-9F03FA473C2F}\47A637E4564777F627B6 : NameServer = 192.168.10.100,8.8.8.8 TCP: Interfaces\{972AA67F-AF42-4559-BA32-9F03FA473C2F}\47A637E4564777F627B6 : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{972AA67F-AF42-4559-BA32-9F03FA473C2F}\A4250234F6E6B65697 : NameServer = 192.168.10.100,8.8.8.8 TCP: Interfaces\{972AA67F-AF42-4559-BA32-9F03FA473C2F}\A4250234F6E6B65697 : DhcpNameServer = 192.168.1.10 TCP: Interfaces\{972AA67F-AF42-4559-BA32-9F03FA473C2F}\C696E6B6379737 : NameServer = 192.168.10.100,8.8.8.8 TCP: Interfaces\{972AA67F-AF42-4559-BA32-9F03FA473C2F}\C696E6B6379737 : DhcpNameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{D8B34DF5-A081-47A1-BA33-14CEA2E4F224} : NameServer = 192.168.10.100,8.8.8.8 TCP: Interfaces\{D8B34DF5-A081-47A1-BA33-14CEA2E4F224} : DhcpNameServer = 8.8.8.8 8.8.4.4 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll LSA: Authentication Packages = msv1_0 wvauth BHO-X64: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll BHO-X64: DebugBar BHO: {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} - C:\Program Files (x86)\Core Services\DebugBar\DebugInfoBar.dll BHO-X64: DebugBar BHO - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: SnagIt: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItIEAddin.dll TB-X64: DebugBar: {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files (x86)\Core Services\DebugBar\DebugToolBar.dll TB-X64: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll TB-X64: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [DellBtrEvent] D:\Program Files (x86)\Dell\Reader 2.1\DellBtrEvent.exe mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun-x64: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun-x64: [(Default)] mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [Razer StarcraftII Driver] C:\Program Files (x86)\Razer\Razer StarCraftII\RazerStarCraftIISysTray mRun-x64: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN mRun-x64: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Hosts: 192.168.1.19 web1.docstoc.com Hosts: 72.172.88.30 admin1.docstoc.com Hosts: 192.168.1.27 web2.docstoc.com Hosts: 72.172.88.31 admin2.docstoc.com Hosts: 192.168.1.14 web3.docstoc.com . Note: multiple HOSTS entries found. Please refer to Attach.txt . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\jeffc\AppData\Roaming\Mozilla\Firefox\Profiles\59ucknjl.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - component: C:\Users\jeffc\AppData\Roaming\Mozilla\Firefox\Profiles\59ucknjl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - component: C:\Users\jeffc\AppData\Roaming\Mozilla\Firefox\Profiles\59ucknjl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll FF - component: C:\Users\jeffc\AppData\Roaming\Mozilla\Firefox\Profiles\59ucknjl.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}\platform\WINNT\components\ColorZilla.dll FF - component: C:\Users\jeffc\AppData\Roaming\Mozilla\Firefox\Profiles\59ucknjl.default\extensions\{6FF1D3C4-61BC-4021-89B7-AF8A8F784EBB}\components\snagitmozextension.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\jeffc\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll FF - plugin: C:\Users\jeffc\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Users\jeffc\AppData\Local\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Users\jeffc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll FF - plugin: C:\Users\jeffc\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ---- FIREFOX POLICIES ---- FF - user.js: general.useragent.extra.brc - . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 stdflt;Disk Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdfltn.sys --> C:\Windows\system32\DRIVERS\stdfltn.sys [?] R1 DVMIO;DVMIO;D:\Program Files (x86)\Dell\Reader 2.1\dvmio_x64.sys [2010-5-4 20624] R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672] R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-12-18 89600] R2 Credential Vault Host Control Service;Credential Vault Host Control Service;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-3-23 1039776] R2 Credential Vault Host Storage;Credential Vault Host Storage;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-3-23 31136] R2 dcpsysmgrsvc;Dell System Manager Service;C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-8-24 517488] R2 DvmMDES;DeviceVM Meta Data Export Service;D:\Program Files (x86)\Dell\Reader 2.1\DVMExportService.exe [2010-5-4 327680] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-18 13336] R2 InstallFilterService;FF Install Filter Service;C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\InstallFilterService.exe [2010-12-18 60928] R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-1-31 652360] R2 risdpcie;risdpcie;C:\Windows\system32\DRIVERS\risdpe64.sys --> C:\Windows\system32\DRIVERS\risdpe64.sys [?] R2 UltraMonUtility;UltraMon Utility Driver;C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [2008-11-14 20512] R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?] R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\system32\drivers\btwampfl.sys --> C:\Windows\system32\drivers\btwampfl.sys [?] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 cvusbdrv;Dell ControlVault;C:\Windows\system32\Drivers\cvusbdrv.sys --> C:\Windows\system32\Drivers\cvusbdrv.sys [?] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys --> C:\Windows\system32\DRIVERS\e1k62x64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 282616] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-5-2 136176] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-3 219632] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-5-2 136176] S3 rimspci;rimspci;C:\Windows\system32\DRIVERS\rimspe64.sys --> C:\Windows\system32\DRIVERS\rimspe64.sys [?] S3 rixdpcie;rixdpcie;C:\Windows\system32\DRIVERS\rixdpe64.sys --> C:\Windows\system32\DRIVERS\rixdpe64.sys [?] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-3 1116656] S3 RzSynapse;Razer Driver;C:\Windows\system32\DRIVERS\RzSynapse.sys --> C:\Windows\system32\DRIVERS\RzSynapse.sys [?] S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?] S3 WSDScan;WSD Scan Support via UMB;C:\Windows\system32\DRIVERS\WSDScan.sys --> C:\Windows\system32\DRIVERS\WSDScan.sys [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184] . =============== Created Last 30 ================ . 2012-02-15 23:20:59 8602168 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0E2EF24B-D37C-4A4F-AB9D-7A67287680DD}\mpengine.dll 2012-02-10 18:12:56 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F553C6FC-0D7E-4DA9-8AC9-58137B1CA439}\gapaengine.dll 2012-02-10 18:03:50 -------- d-----w- C:\Users\jeffc\AppData\Roaming\webex 2012-02-10 18:03:41 -------- d-----w- C:\ProgramData\WebEx 2012-02-09 18:05:41 -------- d-----w- C:\Users\jeffc\AppData\Roaming\SUPERAntiSpyware.com 2012-02-09 18:04:00 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2012-02-09 18:04:00 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2012-01-27 06:22:19 -------- d-----w- C:\Users\jeffc\AppData\Roaming\Malwarebytes 2012-01-27 06:22:13 -------- d-----w- C:\ProgramData\Malwarebytes 2012-01-27 06:22:12 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-01-27 06:22:12 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-01-20 23:58:58 -------- d-----r- C:\Users\jeffc\AppData\Roaming\Brother 2012-01-20 23:18:04 5120 ------w- C:\Windows\SysWow64\BrDctF2L.dll 2012-01-20 23:18:03 73728 ------w- C:\Windows\SysWow64\BrDctF2.dll 2012-01-20 23:18:03 3072 ------w- C:\Windows\SysWow64\BrDctF2S.dll 2012-01-20 23:18:00 176128 ----a-w- C:\Windows\SysWow64\BROSNMP.DLL 2012-01-19 21:43:51 -------- d-----w- C:\Users\jeffc\AppData\Local\PokerStars.NET 2012-01-19 21:43:11 -------- d-----w- C:\Program Files (x86)\PokerStars.NET 2012-01-19 13:31:10 -------- d-----w- C:\Users\jeffc\AppData\Local\FullTiltPoker 2012-01-19 13:15:36 -------- d-----w- C:\Program Files (x86)\Full Tilt Poker . ==================== Find3M ==================== . 2012-01-31 12:44:20 279656 ------w- C:\Windows\System32\MpSigStub.exe 2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys . ============= FINISH: 15:49:10.42 =============== Thanks in advance for any help! -Jeff
  20. Hi, please see attached copy of DDS. I am having two or three addresses blocked outgoing and incoming. DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.2.0 Run by mxxxx at 23:53:06 on 2012-01-29 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3572.2399 [GMT -6:00] . AV: Symantec Endpoint Protection *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe svchost.exe svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\spoolsv.exe c:\drivers\audio\r213367\stacsv.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Documents and Settings\All Users\Application Data\FileOpen\Services\FileOpenManagerSvc32.exe C:\WINDOWS\system32\svchost.exe -k hpdevmgmt C:\WINDOWS\system32\svchost.exe -k HPService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\IDT\WDM\sttray.exe C:\WINDOWS\system32\AESTFltr.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\Program Files\DellTPad\Apoint.exe C:\WINDOWS\OA001Mon.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\WLTRAY.exe C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\DellTPad\HidFind.exe C:\Program Files\Kaseya\PVTNTW85654557333111\KaUsrTsk.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\RealVNC\VNC4\WinVNC4.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\Program Files\Southwest Airlines\Ding\Ding.exe C:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\SolidWorks Enterprise PDM\EdmServer.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\NOTEPAD.EXE . ============== Pseudo HJT Report =============== . uStart Page = hxxp://oc-startpage.aol.com uInternet Settings,ProxyOverride = *.local mSearchAssistant = hxxp://start.facemoods.com/?a=fmtoby&s={searchTerms}&f=4 uURLSearchHooks: AOL Toolbar Search Class: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - c:\program files\aol toolbar\aoltb.dll mURLSearchHooks: AOL Toolbar Search Class: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - c:\program files\aol toolbar\aoltb.dll BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: {04eb382a-4b48-4de7-a570-b0307b9b13c7} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - c:\program files\aol toolbar\aoltb.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - c:\program files\aol toolbar\aoltb.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.exe" -quiet mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /installquiet mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe" mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe mRun: [AESTFltr] %SystemRoot%\system32\AESTFltr.exe /NoDlg mRun: [Apoint] c:\program files\delltpad\Apoint.exe mRun: [OA001Mon] c:\windows\OA001Mon.exe mRun: [Conisio Login Manager] "c:\progra~1\solidw~1\EDMSER~1.EXE" /runatlogin mRun: [broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe mRun: [KASHPVTNTW85654557333111] "c:\program files\kaseya\pvtntw85654557333111\KaUsrTsk.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\docume~1\mrobin~1\startm~1\programs\startup\ding!.lnk - c:\program files\southwest airlines\ding\Ding.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe uPolicies-explorer: NoWindowsUpdate = 0 (0x0) dPolicies-explorer: NoWindowsUpdate = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll LSP: mswsock.dll Trusted Zone: whiteglovetech.com\m1 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} - hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll Hosts: 94.63.240.131 www.google.com Hosts: 94.63.240.132 www.bing.com . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\mrobinson\application data\mozilla\firefox\profiles\sl9aazxu.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/ FF - prefs.js: keyword.URL - hxxp://mystart.incredibar.com/mb119/?loc=IB_DS&a=6Oyq7hf0eZ&&i=26&search= FF - plugin: c:\documents and settings\mrobinson\local settings\application data\robloxversions\version-09a201d8e5f247c7\NPRobloxProxy.dll FF - plugin: c:\documents and settings\mrobinson\local settings\application data\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\browser\nppdf32(2).dll FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre7\bin\new_plugin\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll FF - plugin: c:\program files\microsoft\office live\npOLW.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6Oyq7hf0eZ&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - 2c91e843000000000000c417fe84e6bd FF - user.js: extensions.incredibar_i.hardId - 2c91e843000000000000c417fe84e6bd FF - user.js: extensions.incredibar_i.instlDay - 15357 FF - user.js: extensions.incredibar_i.vrsn - 1.5.3.27 FF - user.js: extensions.incredibar_i.vrsni - 1.5.3.27 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.3.2718:44:25 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6Oyq7hf0eZ FF - user.js: extensions.incredibar_i.upn2n - 92260742927265753 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10606 FF - user.js: extensions.incredibar_i.ppd - 3 . ============= SERVICES / DRIVERS =============== . R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2010-7-13 108392] R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2010-7-13 108392] R2 FileOpenManagerSvc;FileOpenManagerSvc;c:\documents and settings\all users\application data\fileopen\services\FileOpenManagerSvc32.exe [2011-3-9 212352] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-6-18 652872] R2 Symantec AntiVirus;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\Rtvscan.exe [2010-7-13 2477304] R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2010-8-19 112512] R3 cvusbdrv;Dell ControlVault;c:\windows\system32\drivers\cvusbdrv.sys [2010-8-19 33832] R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [2010-8-19 240344] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-1-23 106104] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-6-18 20464] R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20120129.008\NAVENG.SYS [2012-1-29 86136] R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20120129.008\NAVEX15.SYS [2012-1-29 1576312] R3 OA001Afx;Provides a software interface to control audio effects of OA001 camera.;c:\windows\system32\drivers\OA001Afx.sys [2010-8-26 134144] R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2010-8-26 133632] R3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2010-8-26 281472] S0 cerc6;cerc6; [x] S0 oekqxb;oekqxb;c:\windows\system32\drivers\nkyvdxov.sys --> c:\windows\system32\drivers\nkyvdxov.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-3-8 136176] S2 KAPVTNTW85654557333111;Kaseya Agent; [x] S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2010-7-13 23888] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-3-8 136176] S3 KAPFA;KAPFA;c:\windows\system32\drivers\KAPFA.sys [2011-6-20 17920] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 Smcinst;Symantec Auto-upgrade Agent;c:\program files\symantec\symantec endpoint protection\smclu\setup\smcinst.exe --> c:\program files\symantec\symantec endpoint protection\smclu\setup\smcinst.exe [?] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2012-01-30 04:49:48 637848 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-01-30 04:49:48 141312 ----a-w- c:\windows\system32\javacpl.cpl 2012-01-25 04:53:19 -------- d-----w- c:\windows\system32\NtmsData 2012-01-23 14:59:46 -------- d-----w- c:\documents and settings\mrobinson\application data\Malwarebytes 2012-01-23 14:44:58 626688 ----a-w- c:\program files\mozilla firefox\msvcr80.dll 2012-01-23 14:44:58 548864 ----a-w- c:\program files\mozilla firefox\msvcp80.dll 2012-01-23 14:44:58 479232 ----a-w- c:\program files\mozilla firefox\msvcm80.dll 2012-01-23 14:44:58 43992 ----a-w- c:\program files\mozilla firefox\mozutils.dll 2012-01-23 14:31:21 -------- d-----w- c:\windows\system32\wbem\repository\FS 2012-01-23 14:31:21 -------- d-----w- c:\windows\system32\wbem\Repository 2012-01-23 14:30:56 -------- d-----r- c:\program files\Skype 2012-01-23 14:30:54 -------- d-----w- c:\program files\AOL Toolbar 2012-01-23 14:30:54 -------- d-----w- c:\documents and settings\mrobinson\local settings\application data\AOL Toolbar 2012-01-23 14:30:54 -------- d-----w- c:\documents and settings\all users\application data\AOL Toolbar 2012-01-23 14:29:38 -------- d-----w- c:\documents and settings\mrobinson\local settings\application data\Spotify 2012-01-23 14:29:38 -------- d-----w- c:\documents and settings\mrobinson\application data\Spotify 2012-01-22 00:45:28 -------- d-----w- c:\program files\MyHeritage 2012-01-18 00:45:26 -------- d-----w- c:\program files\BFlix 2012-01-18 00:44:27 -------- d-----w- c:\program files\Incredibar.com 2012-01-18 00:42:55 -------- d-----w- c:\documents and settings\all users\application data\InstallMate 2012-01-03 13:10:44 182672 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2012-01-03 13:10:44 182672 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll . ==================== Find3M ==================== . 2012-01-30 04:49:28 567184 ----a-w- c:\windows\system32\deployJava1.dll 2011-12-10 21:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-08-19 18:42:40 1110476 ----a-w- c:\program files\7-Zip.exe . ============= FINISH: 23:54:34.21 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.