Jump to content

asrl4.pardisdns.com -- 85.17.184.37


afceaglee
 Share

Recommended Posts

hi

i recive a message from malwarebyte but i dont know is malware activity or no .. please help

i posted first here http://forums.malwarebytes.org/index.php?showtopic=100572

...

and this is DDS file resaults

i running win 7 64Bit

i using malwarebyte 1.51.2.1300 free version (downloaded from malwarebytes.org directly)

installed firefox8.0 directly from mozilla ..

saw messages when browser is open.

and this is malwarebyte's logs

2011-11-29

00:36:50 nb MESSAGE Protection started successfully

00:36:53 nb MESSAGE IP Protection started successfully

08:31:47 nb MESSAGE Protection started successfully

08:31:51 nb MESSAGE IP Protection started successfully

08:59:28 nb IP-BLOCK 213.152.172.157 (Type: outgoing, Port: 1790, Process: firefox.exe)

08:59:28 nb IP-BLOCK 213.152.172.157 (Type: outgoing, Port: 1791, Process: firefox.exe)

09:18:01 nb IP-BLOCK 213.152.172.157 (Type: outgoing, Port: 2173, Process: firefox.exe)

18:06:18 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 5584, Process: firefox.exe)

18:06:18 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 5585, Process: firefox.exe)

2011-11-28

10:30:11 nb MESSAGE Protection started successfully

10:30:15 nb MESSAGE IP Protection started successfully

12:31:09 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 3312, Process: firefox.exe)

12:31:09 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 3313, Process: firefox.exe)

14:26:44 nb MESSAGE Scheduled update executed successfully

14:28:58 nb MESSAGE IP Protection stopped

14:29:01 nb MESSAGE Database updated successfully

14:29:02 nb MESSAGE IP Protection started successfully

21:16:50 nb MESSAGE Protection started successfully

21:16:56 nb MESSAGE IP Protection started successfully

2011-11-27

06:36:36 nb MESSAGE Protection started successfully

06:36:40 nb MESSAGE IP Protection started successfully

06:57:39 nb IP-BLOCK 217.23.7.222 (Type: outgoing, Port: 1291, Process: firefox.exe)

06:57:39 nb IP-BLOCK 217.23.7.222 (Type: outgoing, Port: 1292, Process: firefox.exe)

06:57:39 nb IP-BLOCK 217.23.7.222 (Type: outgoing, Port: 1293, Process: firefox.exe)

06:57:39 nb IP-BLOCK 217.23.7.222 (Type: outgoing, Port: 1294, Process: firefox.exe)

07:00:04 nb IP-BLOCK 217.23.7.222 (Type: outgoing, Port: 1499, Process: firefox.exe)

14:30:27 nb MESSAGE Scheduled update executed successfully

14:32:43 nb MESSAGE IP Protection stopped

14:32:48 nb MESSAGE Database updated successfully

14:32:50 nb MESSAGE IP Protection started successfully

2011-11-26

08:19:55 nb MESSAGE Protection started successfully

08:19:59 nb MESSAGE IP Protection started successfully

11:45:55 nb MESSAGE Protection started successfully

11:45:59 nb MESSAGE IP Protection started successfully

14:31:36 nb MESSAGE Scheduled update executed successfully

14:32:34 nb MESSAGE IP Protection stopped

14:32:36 nb MESSAGE Database updated successfully

14:32:37 nb MESSAGE IP Protection started successfully

16:27:08 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 2190, Process: firefox.exe)

16:27:08 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 2191, Process: firefox.exe)

17:04:31 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 2910, Process: firefox.exe)

17:12:17 nb MESSAGE IP Protection stopped

17:12:23 nb MESSAGE Database updated successfully

17:12:24 nb MESSAGE IP Protection started successfully

2011-11-25

06:21:03 nb MESSAGE Protection started successfully

06:21:08 nb MESSAGE IP Protection started successfully

06:33:07 nb MESSAGE IP Protection stopped

06:33:13 nb MESSAGE Database updated successfully

06:33:14 nb MESSAGE IP Protection started successfully

10:50:19 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 15072, Process: firefox.exe)

10:50:19 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 15073, Process: firefox.exe)

14:05:59 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 17150, Process: firefox.exe)

14:05:59 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 17151, Process: firefox.exe)

14:44:00 nb ERROR Scheduled update failed: Incomplete transfer failed with error code 0

22:22:02 nb MESSAGE Protection started successfully

22:22:06 nb MESSAGE IP Protection started successfully

23:32:41 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 1687, Process: firefox.exe)

23:32:41 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 1688, Process: firefox.exe)

23:32:41 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 1689, Process: firefox.exe)

2011-11-24

11:35:23 nb MESSAGE Protection started successfully

11:35:27 nb MESSAGE IP Protection started successfully

14:24:06 nb MESSAGE Scheduled update executed successfully

14:26:09 nb MESSAGE IP Protection stopped

14:26:14 nb MESSAGE Database updated successfully

14:26:16 nb MESSAGE IP Protection started successfully

18:22:01 nb MESSAGE IP Protection stopped

18:22:04 nb MESSAGE Database updated successfully

18:22:06 nb MESSAGE IP Protection started successfully

18:43:34 nb MESSAGE Protection started successfully

18:43:38 nb MESSAGE IP Protection started successfully

2011-11-23

00:08:08 nb MESSAGE Scheduled update executed successfully

00:10:09 nb MESSAGE IP Protection stopped

00:10:15 nb MESSAGE Database updated successfully

00:10:16 nb MESSAGE IP Protection started successfully

02:28:40 nb MESSAGE Protection started successfully

02:28:44 nb MESSAGE IP Protection started successfully

14:13:13 nb MESSAGE Protection started successfully

14:13:17 nb MESSAGE IP Protection started successfully

14:23:56 nb MESSAGE Scheduled update executed successfully

14:24:47 nb MESSAGE IP Protection stopped

14:24:49 nb MESSAGE Database updated successfully

14:24:49 nb MESSAGE IP Protection started successfully

23:24:02 nb MESSAGE Protection started successfully

23:24:07 nb MESSAGE IP Protection started successfully

2011-11-22

23:59:08 nb MESSAGE Protection started successfully

23:59:13 nb MESSAGE IP Protection started successfully

2011-11-21

00:58:57 nb MESSAGE Protection started successfully

00:59:00 nb MESSAGE IP Protection started successfully

01:18:46 nb IP-BLOCK 213.152.172.157 (Type: outgoing, Port: 1333, Process: firefox.exe)

01:18:46 nb IP-BLOCK 213.152.172.157 (Type: outgoing, Port: 1334, Process: firefox.exe)

14:52:49 nb MESSAGE Scheduled update executed successfully

14:54:27 nb MESSAGE IP Protection stopped

14:54:32 nb MESSAGE Database updated successfully

14:54:34 nb MESSAGE IP Protection started successfully

2011-11-20

12:41:02 nb MESSAGE Protection started successfully

12:41:07 nb MESSAGE IP Protection started successfully

DDS.txt

Attach.txt

Link to post
Share on other sites

Hello and :welcome:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

Link to post
Share on other sites

tanks ..

i checked addinitial options too and no threats found..

this is log file:

23:59:07.0325 5288 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44

23:59:08.0290 5288 ============================================================

23:59:08.0290 5288 Current date / time: 2011/11/29 23:59:08.0290

23:59:08.0290 5288 SystemInfo:

23:59:08.0290 5288

23:59:08.0290 5288 OS Version: 6.1.7601 ServicePack: 1.0

23:59:08.0290 5288 Product type: Workstation

23:59:08.0291 5288 ComputerName: NB-PC

23:59:08.0292 5288 UserName: nb

23:59:08.0292 5288 Windows directory: C:\Windows

23:59:08.0292 5288 System windows directory: C:\Windows

23:59:08.0292 5288 Running under WOW64

23:59:08.0292 5288 Processor architecture: Intel x64

23:59:08.0292 5288 Number of processors: 4

23:59:08.0292 5288 Page size: 0x1000

23:59:08.0292 5288 Boot type: Normal boot

23:59:08.0292 5288 ============================================================

23:59:09.0383 5288 Initialize success

23:59:10.0488 2728 ============================================================

23:59:10.0489 2728 Scan started

23:59:10.0489 2728 Mode: Manual;

23:59:10.0489 2728 ============================================================

23:59:11.0639 2728 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys

23:59:11.0643 2728 1394ohci - ok

23:59:11.0678 2728 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

23:59:11.0683 2728 ACPI - ok

23:59:11.0703 2728 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

23:59:11.0704 2728 AcpiPmi - ok

23:59:11.0730 2728 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

23:59:11.0738 2728 adp94xx - ok

23:59:11.0772 2728 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

23:59:11.0777 2728 adpahci - ok

23:59:11.0793 2728 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

23:59:11.0796 2728 adpu320 - ok

23:59:11.0842 2728 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

23:59:11.0849 2728 AFD - ok

23:59:11.0869 2728 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

23:59:11.0871 2728 agp440 - ok

23:59:11.0899 2728 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

23:59:11.0901 2728 aliide - ok

23:59:11.0937 2728 ALSysIO - ok

23:59:11.0952 2728 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

23:59:11.0953 2728 amdide - ok

23:59:11.0983 2728 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

23:59:11.0985 2728 AmdK8 - ok

23:59:12.0004 2728 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

23:59:12.0006 2728 AmdPPM - ok

23:59:12.0035 2728 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

23:59:12.0037 2728 amdsata - ok

23:59:12.0055 2728 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

23:59:12.0059 2728 amdsbs - ok

23:59:12.0081 2728 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

23:59:12.0082 2728 amdxata - ok

23:59:12.0117 2728 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

23:59:12.0119 2728 AppID - ok

23:59:12.0177 2728 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

23:59:12.0180 2728 arc - ok

23:59:12.0209 2728 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

23:59:12.0211 2728 arcsas - ok

23:59:12.0236 2728 AsIO - ok

23:59:12.0279 2728 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

23:59:12.0281 2728 AsyncMac - ok

23:59:12.0303 2728 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

23:59:12.0305 2728 atapi - ok

23:59:12.0381 2728 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

23:59:12.0388 2728 b06bdrv - ok

23:59:12.0420 2728 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

23:59:12.0425 2728 b57nd60a - ok

23:59:12.0447 2728 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

23:59:12.0449 2728 Beep - ok

23:59:12.0558 2728 BHDrvx64 (82c695630676079f7ad68c85a5e662e5) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20111114.002\BHDrvx64.sys

23:59:12.0573 2728 BHDrvx64 - ok

23:59:12.0632 2728 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

23:59:12.0633 2728 blbdrive - ok

23:59:12.0669 2728 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

23:59:12.0671 2728 bowser - ok

23:59:12.0687 2728 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

23:59:12.0688 2728 BrFiltLo - ok

23:59:12.0701 2728 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

23:59:12.0702 2728 BrFiltUp - ok

23:59:12.0761 2728 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

23:59:12.0766 2728 Brserid - ok

23:59:12.0784 2728 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

23:59:12.0786 2728 BrSerWdm - ok

23:59:12.0804 2728 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

23:59:12.0806 2728 BrUsbMdm - ok

23:59:12.0821 2728 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

23:59:12.0823 2728 BrUsbSer - ok

23:59:12.0872 2728 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys

23:59:12.0873 2728 BthEnum - ok

23:59:12.0898 2728 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

23:59:12.0900 2728 BTHMODEM - ok

23:59:12.0927 2728 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

23:59:12.0929 2728 BthPan - ok

23:59:12.0962 2728 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys

23:59:12.0969 2728 BTHPORT - ok

23:59:12.0999 2728 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys

23:59:13.0002 2728 BTHUSB - ok

23:59:13.0034 2728 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

23:59:13.0036 2728 cdfs - ok

23:59:13.0076 2728 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

23:59:13.0079 2728 cdrom - ok

23:59:13.0114 2728 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

23:59:13.0116 2728 circlass - ok

23:59:13.0150 2728 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

23:59:13.0156 2728 CLFS - ok

23:59:13.0193 2728 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys

23:59:13.0194 2728 CmBatt - ok

23:59:13.0232 2728 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

23:59:13.0233 2728 cmdide - ok

23:59:13.0267 2728 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys

23:59:13.0273 2728 CNG - ok

23:59:13.0294 2728 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

23:59:13.0295 2728 Compbatt - ok

23:59:13.0326 2728 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys

23:59:13.0328 2728 CompositeBus - ok

23:59:13.0357 2728 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

23:59:13.0358 2728 crcdisk - ok

23:59:13.0408 2728 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

23:59:13.0415 2728 CSC - ok

23:59:13.0482 2728 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

23:59:13.0485 2728 DfsC - ok

23:59:13.0514 2728 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

23:59:13.0516 2728 discache - ok

23:59:13.0550 2728 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

23:59:13.0552 2728 Disk - ok

23:59:13.0569 2728 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys

23:59:13.0571 2728 dmvsc - ok

23:59:13.0623 2728 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

23:59:13.0624 2728 drmkaud - ok

23:59:13.0667 2728 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

23:59:13.0680 2728 DXGKrnl - ok

23:59:13.0776 2728 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

23:59:13.0818 2728 ebdrv - ok

23:59:13.0899 2728 eeCtrl (5ccf1be80930aeb1cdebf561666325e8) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

23:59:13.0906 2728 eeCtrl - ok

23:59:13.0964 2728 ElbyCDIO (702d5606cf2199e0edea6f0e0d27cd10) C:\Windows\system32\Drivers\ElbyCDIO.sys

23:59:13.0966 2728 ElbyCDIO - ok

23:59:14.0006 2728 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

23:59:14.0014 2728 elxstor - ok

23:59:14.0098 2728 EraserUtilRebootDrv (7a898e4a744621711be7e7b796c69876) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

23:59:14.0101 2728 EraserUtilRebootDrv - ok

23:59:14.0153 2728 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

23:59:14.0154 2728 ErrDev - ok

23:59:14.0199 2728 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

23:59:14.0202 2728 exfat - ok

23:59:14.0228 2728 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

23:59:14.0231 2728 fastfat - ok

23:59:14.0254 2728 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

23:59:14.0255 2728 fdc - ok

23:59:14.0281 2728 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

23:59:14.0283 2728 FileInfo - ok

23:59:14.0306 2728 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

23:59:14.0307 2728 Filetrace - ok

23:59:14.0331 2728 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

23:59:14.0333 2728 flpydisk - ok

23:59:14.0365 2728 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

23:59:14.0369 2728 FltMgr - ok

23:59:14.0394 2728 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

23:59:14.0396 2728 FsDepends - ok

23:59:14.0421 2728 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

23:59:14.0422 2728 Fs_Rec - ok

23:59:14.0452 2728 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

23:59:14.0455 2728 fvevol - ok

23:59:14.0489 2728 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

23:59:14.0490 2728 gagp30kx - ok

23:59:14.0518 2728 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

23:59:14.0519 2728 hcw85cir - ok

23:59:14.0560 2728 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

23:59:14.0565 2728 HdAudAddService - ok

23:59:14.0599 2728 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

23:59:14.0602 2728 HDAudBus - ok

23:59:14.0614 2728 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

23:59:14.0616 2728 HidBatt - ok

23:59:14.0631 2728 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

23:59:14.0633 2728 HidBth - ok

23:59:14.0646 2728 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

23:59:14.0648 2728 HidIr - ok

23:59:14.0697 2728 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

23:59:14.0699 2728 HidUsb - ok

23:59:14.0734 2728 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

23:59:14.0736 2728 HpSAMD - ok

23:59:14.0782 2728 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

23:59:14.0792 2728 HTTP - ok

23:59:14.0808 2728 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

23:59:14.0809 2728 hwpolicy - ok

23:59:14.0835 2728 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

23:59:14.0837 2728 i8042prt - ok

23:59:14.0910 2728 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

23:59:14.0916 2728 iaStorV - ok

23:59:15.0021 2728 IDSVia64 (0b97f1a640ad3d159a7b5d2164c42e50) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20111124.030\IDSvia64.sys

23:59:15.0028 2728 IDSVia64 - ok

23:59:15.0099 2728 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

23:59:15.0101 2728 iirsp - ok

23:59:15.0364 2728 IntcAzAudAddService (d42d651676883181400e22957a7e0b1e) C:\Windows\system32\drivers\RTKVHD64.sys

23:59:15.0387 2728 IntcAzAudAddService - ok

23:59:15.0577 2728 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

23:59:15.0578 2728 intelide - ok

23:59:15.0658 2728 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

23:59:15.0659 2728 intelppm - ok

23:59:15.0724 2728 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

23:59:15.0726 2728 IpFilterDriver - ok

23:59:15.0766 2728 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

23:59:15.0768 2728 IPMIDRV - ok

23:59:15.0809 2728 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

23:59:15.0812 2728 IPNAT - ok

23:59:15.0876 2728 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

23:59:15.0877 2728 IRENUM - ok

23:59:15.0898 2728 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

23:59:15.0899 2728 isapnp - ok

23:59:15.0948 2728 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

23:59:15.0952 2728 iScsiPrt - ok

23:59:16.0036 2728 ISWKL (a1096838efa2a8ff19ce1e938e5398c3) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys

23:59:16.0038 2728 ISWKL - ok

23:59:16.0181 2728 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

23:59:16.0182 2728 kbdclass - ok

23:59:16.0244 2728 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

23:59:16.0245 2728 kbdhid - ok

23:59:16.0288 2728 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys

23:59:16.0291 2728 KSecDD - ok

23:59:16.0350 2728 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys

23:59:16.0353 2728 KSecPkg - ok

23:59:16.0446 2728 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

23:59:16.0448 2728 ksthunk - ok

23:59:16.0506 2728 L1E (2ac603c3188c704cfce353659aa7ad71) C:\Windows\system32\DRIVERS\L1E62x64.sys

23:59:16.0508 2728 L1E - ok

23:59:16.0616 2728 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

23:59:16.0618 2728 lltdio - ok

23:59:16.0692 2728 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

23:59:16.0695 2728 LSI_FC - ok

23:59:16.0737 2728 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

23:59:16.0740 2728 LSI_SAS - ok

23:59:16.0791 2728 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

23:59:16.0793 2728 LSI_SAS2 - ok

23:59:16.0849 2728 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

23:59:16.0851 2728 LSI_SCSI - ok

23:59:16.0907 2728 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

23:59:16.0909 2728 luafv - ok

23:59:16.0991 2728 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys

23:59:16.0993 2728 MBAMProtector - ok

23:59:17.0048 2728 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

23:59:17.0050 2728 megasas - ok

23:59:17.0094 2728 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

23:59:17.0098 2728 MegaSR - ok

23:59:17.0139 2728 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

23:59:17.0140 2728 Modem - ok

23:59:17.0174 2728 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

23:59:17.0176 2728 monitor - ok

23:59:17.0214 2728 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

23:59:17.0216 2728 mouclass - ok

23:59:17.0258 2728 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys

23:59:17.0259 2728 mouhid - ok

23:59:17.0284 2728 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

23:59:17.0286 2728 mountmgr - ok

23:59:17.0333 2728 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

23:59:17.0336 2728 mpio - ok

23:59:17.0378 2728 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

23:59:17.0380 2728 mpsdrv - ok

23:59:17.0440 2728 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

23:59:17.0443 2728 MRxDAV - ok

23:59:17.0496 2728 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

23:59:17.0499 2728 mrxsmb - ok

23:59:17.0556 2728 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

23:59:17.0560 2728 mrxsmb10 - ok

23:59:17.0611 2728 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

23:59:17.0613 2728 mrxsmb20 - ok

23:59:17.0666 2728 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

23:59:17.0668 2728 msahci - ok

23:59:17.0705 2728 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

23:59:17.0708 2728 msdsm - ok

23:59:17.0856 2728 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

23:59:17.0858 2728 Msfs - ok

23:59:17.0912 2728 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

23:59:17.0913 2728 mshidkmdf - ok

23:59:17.0962 2728 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

23:59:17.0963 2728 msisadrv - ok

23:59:18.0075 2728 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

23:59:18.0076 2728 MSKSSRV - ok

23:59:18.0149 2728 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

23:59:18.0150 2728 MSPCLOCK - ok

23:59:18.0180 2728 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

23:59:18.0181 2728 MSPQM - ok

23:59:18.0226 2728 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

23:59:18.0232 2728 MsRPC - ok

23:59:18.0272 2728 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

23:59:18.0273 2728 mssmbios - ok

23:59:18.0322 2728 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

23:59:18.0323 2728 MSTEE - ok

23:59:18.0336 2728 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

23:59:18.0338 2728 MTConfig - ok

23:59:18.0383 2728 MTsensor (2219a3d695405e7ba2186ba6b9ede14a) C:\Windows\system32\DRIVERS\ASACPI.sys

23:59:18.0384 2728 MTsensor - ok

23:59:18.0411 2728 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

23:59:18.0413 2728 Mup - ok

23:59:18.0464 2728 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

23:59:18.0470 2728 NativeWifiP - ok

23:59:18.0566 2728 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20111127.005\ENG64.SYS

23:59:18.0568 2728 NAVENG - ok

23:59:18.0648 2728 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20111127.005\EX64.SYS

23:59:18.0674 2728 NAVEX15 - ok

23:59:18.0763 2728 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

23:59:18.0776 2728 NDIS - ok

23:59:18.0803 2728 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

23:59:18.0805 2728 NdisCap - ok

23:59:18.0824 2728 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

23:59:18.0825 2728 NdisTapi - ok

23:59:18.0839 2728 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

23:59:18.0840 2728 Ndisuio - ok

23:59:18.0885 2728 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

23:59:18.0888 2728 NdisWan - ok

23:59:18.0910 2728 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

23:59:18.0912 2728 NDProxy - ok

23:59:18.0940 2728 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

23:59:18.0942 2728 NetBIOS - ok

23:59:18.0963 2728 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

23:59:18.0967 2728 NetBT - ok

23:59:19.0048 2728 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

23:59:19.0050 2728 nfrd960 - ok

23:59:19.0070 2728 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

23:59:19.0071 2728 Npfs - ok

23:59:19.0095 2728 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

23:59:19.0096 2728 nsiproxy - ok

23:59:19.0166 2728 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

23:59:19.0188 2728 Ntfs - ok

23:59:19.0231 2728 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

23:59:19.0232 2728 Null - ok

23:59:19.0558 2728 nvlddmkm (b34e9bfbd9c61048ef6281c3e7ec210a) C:\Windows\system32\DRIVERS\nvlddmkm.sys

23:59:19.0727 2728 nvlddmkm - ok

23:59:19.0786 2728 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

23:59:19.0789 2728 nvraid - ok

23:59:19.0813 2728 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

23:59:19.0816 2728 nvstor - ok

23:59:19.0856 2728 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

23:59:19.0859 2728 nv_agp - ok

23:59:19.0880 2728 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

23:59:19.0883 2728 ohci1394 - ok

23:59:19.0921 2728 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

23:59:19.0924 2728 Parport - ok

23:59:19.0948 2728 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

23:59:19.0950 2728 partmgr - ok

23:59:19.0977 2728 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

23:59:19.0980 2728 pci - ok

23:59:20.0001 2728 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

23:59:20.0003 2728 pciide - ok

23:59:20.0034 2728 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

23:59:20.0037 2728 pcmcia - ok

23:59:20.0061 2728 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

23:59:20.0063 2728 pcw - ok

23:59:20.0095 2728 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

23:59:20.0103 2728 PEAUTH - ok

23:59:20.0194 2728 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

23:59:20.0196 2728 PptpMiniport - ok

23:59:20.0221 2728 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

23:59:20.0223 2728 Processor - ok

23:59:20.0271 2728 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

23:59:20.0274 2728 Psched - ok

23:59:20.0350 2728 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

23:59:20.0371 2728 ql2300 - ok

23:59:20.0393 2728 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

23:59:20.0396 2728 ql40xx - ok

23:59:20.0418 2728 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

23:59:20.0420 2728 QWAVEdrv - ok

23:59:20.0433 2728 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

23:59:20.0434 2728 RasAcd - ok

23:59:20.0465 2728 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

23:59:20.0467 2728 RasAgileVpn - ok

23:59:20.0498 2728 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

23:59:20.0501 2728 Rasl2tp - ok

23:59:20.0573 2728 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

23:59:20.0575 2728 RasPppoe - ok

23:59:20.0695 2728 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

23:59:20.0697 2728 RasSstp - ok

23:59:20.0723 2728 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

23:59:20.0728 2728 rdbss - ok

23:59:20.0748 2728 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

23:59:20.0749 2728 rdpbus - ok

23:59:20.0762 2728 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

23:59:20.0764 2728 RDPCDD - ok

23:59:20.0797 2728 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

23:59:20.0800 2728 RDPDR - ok

23:59:20.0831 2728 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

23:59:20.0832 2728 RDPENCDD - ok

23:59:20.0857 2728 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

23:59:20.0859 2728 RDPREFMP - ok

23:59:20.0876 2728 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys

23:59:20.0878 2728 RdpVideoMiniport - ok

23:59:20.0909 2728 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

23:59:20.0912 2728 RDPWD - ok

23:59:20.0942 2728 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

23:59:20.0946 2728 rdyboost - ok

23:59:20.0990 2728 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

23:59:20.0993 2728 RFCOMM - ok

23:59:21.0054 2728 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys

23:59:21.0059 2728 RsFx0103 - ok

23:59:21.0097 2728 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

23:59:21.0099 2728 rspndr - ok

23:59:21.0126 2728 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

23:59:21.0127 2728 s3cap - ok

23:59:21.0156 2728 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

23:59:21.0159 2728 sbp2port - ok

23:59:21.0184 2728 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

23:59:21.0186 2728 scfilter - ok

23:59:21.0228 2728 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

23:59:21.0230 2728 secdrv - ok

23:59:21.0261 2728 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

23:59:21.0262 2728 Serenum - ok

23:59:21.0293 2728 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

23:59:21.0295 2728 Serial - ok

23:59:21.0318 2728 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

23:59:21.0319 2728 sermouse - ok

23:59:21.0354 2728 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

23:59:21.0356 2728 sffdisk - ok

23:59:21.0370 2728 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

23:59:21.0372 2728 sffp_mmc - ok

23:59:21.0388 2728 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

23:59:21.0389 2728 sffp_sd - ok

23:59:21.0405 2728 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

23:59:21.0406 2728 sfloppy - ok

23:59:21.0440 2728 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

23:59:21.0442 2728 SiSRaid2 - ok

23:59:21.0458 2728 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

23:59:21.0460 2728 SiSRaid4 - ok

23:59:21.0482 2728 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

23:59:21.0484 2728 Smb - ok

23:59:21.0532 2728 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

23:59:21.0534 2728 spldr - ok

23:59:21.0651 2728 SRTSP (90ef30c3867bcde4579c01a6d6e75a7a) C:\Windows\System32\Drivers\NAVx64\1206000.01D\SRTSP64.SYS

23:59:21.0661 2728 SRTSP - ok

23:59:21.0683 2728 SRTSPX (c513e8a5e7978da49077f5484344ee1b) C:\Windows\system32\drivers\NAVx64\1206000.01D\SRTSPX64.SYS

23:59:21.0684 2728 SRTSPX - ok

23:59:21.0721 2728 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

23:59:21.0728 2728 srv - ok

23:59:21.0767 2728 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

23:59:21.0773 2728 srv2 - ok

23:59:21.0798 2728 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

23:59:21.0801 2728 srvnet - ok

23:59:21.0846 2728 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

23:59:21.0848 2728 stexstor - ok

23:59:21.0893 2728 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys

23:59:21.0895 2728 storflt - ok

23:59:21.0917 2728 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

23:59:21.0919 2728 storvsc - ok

23:59:21.0941 2728 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

23:59:21.0943 2728 swenum - ok

23:59:22.0012 2728 SymDS (6160145c7a87fc7672e8e3b886888176) C:\Windows\system32\drivers\NAVx64\1206000.01D\SYMDS64.SYS

23:59:22.0018 2728 SymDS - ok

23:59:22.0092 2728 SymEFA (96aeed40d4d3521568b42027687e69e0) C:\Windows\system32\drivers\NAVx64\1206000.01D\SYMEFA64.SYS

23:59:22.0105 2728 SymEFA - ok

23:59:22.0158 2728 SymEvent (21a1c2d694c3cf962d31f5e873ab3d6f) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

23:59:22.0161 2728 SymEvent - ok

23:59:22.0198 2728 SymIRON (bd0d711d8cbfcaa19ca123306eaf53a5) C:\Windows\system32\drivers\NAVx64\1206000.01D\Ironx64.SYS

23:59:22.0201 2728 SymIRON - ok

23:59:22.0230 2728 SymNetS (a6adb3d83023f8daa0f7b6fda785d83b) C:\Windows\System32\Drivers\NAVx64\1206000.01D\SYMNETS.SYS

23:59:22.0235 2728 SymNetS - ok

23:59:22.0274 2728 Synth3dVsc (c3a39c4079305480972d29c44b868c78) C:\Windows\system32\drivers\synth3dvsc.sys

23:59:22.0276 2728 Synth3dVsc - ok

23:59:22.0375 2728 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

23:59:22.0401 2728 Tcpip - ok

23:59:22.0476 2728 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

23:59:22.0501 2728 TCPIP6 - ok

23:59:22.0539 2728 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

23:59:22.0541 2728 tcpipreg - ok

23:59:22.0568 2728 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

23:59:22.0569 2728 TDPIPE - ok

23:59:22.0583 2728 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

23:59:22.0585 2728 TDTCP - ok

23:59:22.0614 2728 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

23:59:22.0617 2728 tdx - ok

23:59:22.0649 2728 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys

23:59:22.0651 2728 TermDD - ok

23:59:22.0664 2728 terminpt (2b5bdff688ec9871d7ec5837833374e9) C:\Windows\system32\drivers\terminpt.sys

23:59:22.0666 2728 terminpt - ok

23:59:22.0728 2728 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

23:59:22.0730 2728 tssecsrv - ok

23:59:22.0752 2728 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

23:59:22.0754 2728 TsUsbFlt - ok

23:59:22.0770 2728 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys

23:59:22.0772 2728 TsUsbGD - ok

23:59:22.0803 2728 tsusbhub (e1748d04ae40118b62bc18ac86032192) C:\Windows\system32\drivers\tsusbhub.sys

23:59:22.0806 2728 tsusbhub - ok

23:59:22.0834 2728 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

23:59:22.0836 2728 tunnel - ok

23:59:22.0856 2728 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

23:59:22.0858 2728 uagp35 - ok

23:59:22.0885 2728 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

23:59:22.0890 2728 udfs - ok

23:59:22.0935 2728 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

23:59:22.0937 2728 uliagpkx - ok

23:59:22.0965 2728 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

23:59:22.0967 2728 umbus - ok

23:59:22.0980 2728 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

23:59:22.0981 2728 UmPass - ok

23:59:23.0029 2728 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\drivers\usbccgp.sys

23:59:23.0032 2728 usbccgp - ok

23:59:23.0066 2728 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

23:59:23.0068 2728 usbcir - ok

23:59:23.0085 2728 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

23:59:23.0087 2728 usbehci - ok

23:59:23.0121 2728 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

23:59:23.0126 2728 usbhub - ok

23:59:23.0152 2728 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

23:59:23.0153 2728 usbohci - ok

23:59:23.0177 2728 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys

23:59:23.0179 2728 usbprint - ok

23:59:23.0216 2728 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

23:59:23.0218 2728 USBSTOR - ok

23:59:23.0238 2728 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys

23:59:23.0239 2728 usbuhci - ok

23:59:23.0287 2728 VClone (c5e70c4e64666db9d69c9f2fdae22428) C:\Windows\system32\DRIVERS\VClone.sys

23:59:23.0289 2728 VClone - ok

23:59:23.0316 2728 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

23:59:23.0318 2728 vdrvroot - ok

23:59:23.0341 2728 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

23:59:23.0343 2728 vga - ok

23:59:23.0369 2728 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

23:59:23.0370 2728 VgaSave - ok

23:59:23.0383 2728 VGPU - ok

23:59:23.0410 2728 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

23:59:23.0414 2728 vhdmp - ok

23:59:23.0437 2728 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

23:59:23.0438 2728 viaide - ok

23:59:23.0467 2728 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys

23:59:23.0471 2728 vmbus - ok

23:59:23.0485 2728 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

23:59:23.0486 2728 VMBusHID - ok

23:59:23.0569 2728 vmm (091e009ef749c9d65cf9adfad316d251) C:\Windows\system32\Drivers\vmm.sys

23:59:23.0574 2728 vmm - ok

23:59:23.0604 2728 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

23:59:23.0606 2728 volmgr - ok

23:59:23.0636 2728 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

23:59:23.0642 2728 volmgrx - ok

23:59:23.0672 2728 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

23:59:23.0676 2728 volsnap - ok

23:59:23.0711 2728 VPCNetS2 (bc2ea40b98b5e866d9a4f98afb66b682) C:\Windows\system32\DRIVERS\VMNetSrv.sys

23:59:23.0713 2728 VPCNetS2 - ok

23:59:23.0759 2728 Vsdatant (239d8d72730226cd460bdc8ca0a23d43) C:\Windows\system32\DRIVERS\vsdatant.sys

23:59:23.0766 2728 Vsdatant - ok

23:59:23.0811 2728 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

23:59:23.0814 2728 vsmraid - ok

23:59:23.0908 2728 VSPerfDrv100 (ca64a8838b4674d14bdf88aba2f253ea) C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys

23:59:23.0910 2728 VSPerfDrv100 - ok

23:59:23.0963 2728 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

23:59:23.0964 2728 vwifibus - ok

23:59:23.0994 2728 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

23:59:23.0996 2728 WacomPen - ok

23:59:24.0051 2728 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

23:59:24.0053 2728 WANARP - ok

23:59:24.0061 2728 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

23:59:24.0063 2728 Wanarpv6 - ok

23:59:24.0108 2728 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys

23:59:24.0109 2728 wanatw - ok

23:59:24.0165 2728 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

23:59:24.0167 2728 Wd - ok

23:59:24.0222 2728 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

23:59:24.0231 2728 Wdf01000 - ok

23:59:24.0286 2728 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

23:59:24.0288 2728 WfpLwf - ok

23:59:24.0311 2728 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

23:59:24.0313 2728 WIMMount - ok

23:59:24.0410 2728 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

23:59:24.0412 2728 WinUsb - ok

23:59:24.0437 2728 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

23:59:24.0438 2728 WmiAcpi - ok

23:59:24.0490 2728 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

23:59:24.0492 2728 ws2ifsl - ok

23:59:24.0535 2728 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

23:59:24.0538 2728 WudfPf - ok

23:59:24.0583 2728 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

23:59:24.0586 2728 WUDFRd - ok

23:59:24.0624 2728 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

23:59:24.0633 2728 \Device\Harddisk0\DR0 - ok

23:59:24.0640 2728 Boot (0x1200) (cdf1ebee42394e97b8d65194323a4ee4) \Device\Harddisk0\DR0\Partition0

23:59:24.0641 2728 \Device\Harddisk0\DR0\Partition0 - ok

23:59:24.0657 2728 Boot (0x1200) (f096f1c20cf90a6cbc1d9162c797c797) \Device\Harddisk0\DR0\Partition1

23:59:24.0658 2728 \Device\Harddisk0\DR0\Partition1 - ok

23:59:24.0676 2728 Boot (0x1200) (af159060bc96d7671e570520caf63405) \Device\Harddisk0\DR0\Partition2

23:59:24.0678 2728 \Device\Harddisk0\DR0\Partition2 - ok

23:59:24.0692 2728 Boot (0x1200) (fc6d86fece3c3a4c7dc56b8a21338112) \Device\Harddisk0\DR0\Partition3

23:59:24.0694 2728 \Device\Harddisk0\DR0\Partition3 - ok

23:59:24.0708 2728 Boot (0x1200) (d2d2a47ac74fc94d932447c84aefc642) \Device\Harddisk0\DR0\Partition4

23:59:24.0710 2728 \Device\Harddisk0\DR0\Partition4 - ok

23:59:24.0727 2728 Boot (0x1200) (2346005fef0f58b7ead26b442eae1481) \Device\Harddisk0\DR0\Partition5

23:59:24.0729 2728 \Device\Harddisk0\DR0\Partition5 - ok

23:59:24.0741 2728 Boot (0x1200) (c66acf0e1729e4871a48d189d7624a37) \Device\Harddisk0\DR0\Partition6

23:59:24.0743 2728 \Device\Harddisk0\DR0\Partition6 - ok

23:59:24.0763 2728 Boot (0x1200) (a40fe62c84dd1cf4622f6f2a186d1788) \Device\Harddisk0\DR0\Partition7

23:59:24.0764 2728 \Device\Harddisk0\DR0\Partition7 - ok

23:59:24.0788 2728 Boot (0x1200) (7bef8d4fc6383043681820049008cdf9) \Device\Harddisk0\DR0\Partition8

23:59:24.0789 2728 \Device\Harddisk0\DR0\Partition8 - ok

23:59:24.0808 2728 Boot (0x1200) (c4ccbaaa60edc2c4928a84ef4384b30b) \Device\Harddisk0\DR0\Partition9

23:59:24.0809 2728 \Device\Harddisk0\DR0\Partition9 - ok

23:59:24.0810 2728 ============================================================

23:59:24.0810 2728 Scan finished

23:59:24.0810 2728 ============================================================

23:59:24.0836 4588 Detected object count: 0

23:59:24.0836 4588 Actual detected object count: 0

00:01:29.0060 4208 Deinitialize success

any other tests i must be do ?

Link to post
Share on other sites

Hello,

COMBOFIX

---------------

Please download ComboFix from one of these locations:


Bleepingcomputer
ForoSpyware

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Query_RC.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC_successful.gif

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

Link to post
Share on other sites

Hi again, please let me know how everything is running after the following fix.

CF-SCRIPT

-------------

We need to execute a CF-script.

  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Click Start > Run and in the box that opens type notepad and press enter. Copy/paste the text in the codebox below into it:


DDS::
uInternet Settings,ProxyServer = 127.0.0.1:11536

Save this as CFScript.txt, in the same location as ComboFix.exe

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Link to post
Share on other sites

Hi, how are things running now? Do you still get the IP blocks?

Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.

  • Download the latest version of Java Runtime Environment (JRE) Version 7u1.
  • Look for "JDK 7u1 (JDK or JRE).
  • Click the "Download JRE" button at the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
    • Select "Windows x86 Offline" and click on jre-7-windows-i586.exe

    [*]Save it to your desktop

    [*]Close any programs you may have running - especially your web browser.

    [*]Uninstall all older versions of Java (any item with Java Runtime Environment, JRE or J2SE in the name).

    [*]Reboot your computer once all Java components are removed.

    [*]Install the newest version by double clicking (run as Administrator for Windows Vista/Seven) the downloaded file.

Your version of Adobe Reader is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Adobe components and update:

  • Download the latest version of Adobe Reader Version X. and save it to your desktop.
  • Uncheck the "Free McAfee Security plan Plus" option or any other Toolbar you are offered
  • Click the download button at the bottom.
  • If you use Internet Explorer and do not wish to install the ActiveX element, simply click on the click here to download link on the next page.
  • Remove all older version of Adobe Reader: Go to Add/remove and uninstall all versions of Adobe Reader, Acrobat Reader and Adobe Acrobat.
    If you are unsure of how to use Add or Remove Programs, the please see this tutorial:How To Remove An Installed Program From Your Computer
  • Then from your desktop double-click on Adobe Reader to install the newest version.
    If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the "Adobe Setup - Welcome" window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.

Your Adobe Reader is now up to date!

Please launch MBAM, update it and run a full scan. Post me the resulting log.

Link to post
Share on other sites

hi..

Only today(some minutes ago) i saw IP Block from 85.17.184.37

2011-12-2

02:54:27 nb MESSAGE IP Protection stopped

14:25:17 nb MESSAGE Protection started successfully

14:25:22 nb MESSAGE IP Protection started successfully

16:22:22 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 50445, Process: firefox.exe)

16:22:22 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 50446, Process: firefox.exe)

16:22:30 nb IP-BLOCK 85.17.184.37 (Type: outgoing, Port: 50453, Process: firefox.exe)

ok i will download java and adobeReader then will send scan resault ..

my OS is 64Bit .. isn't better to download java64?

thanks ..

Link to post
Share on other sites

java(32bit) updated but i can not access to adobe site (will try again later)

85.17.184.37 still blocks ..

usually multiple sites is open and it is hard to me to say that eca.ir makes this problem but this site often is open.

im not sure but i think "85.17.184.37" blocks when i open eca.ir (i will test it and say you if saw 85.17.184.37 ip blocks in other sites)

Link to post
Share on other sites

hi ..

MBAM updated and i did full scan so this is resualt of scan ..

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 8292

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

2011-12-03 00:38:30

mbam-log-2011-12-03 (00-38-30).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|L:\|)

Objects scanned: 444645

Time elapsed: 59 minute(s), 38 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

thanks..

Link to post
Share on other sites

That looks good. :) Lets do one last scan to check for remnants.

ESET ONLINE SCANNER

----------------------------

I'd like us to scan your machine with ESET OnlineScan

  1. Hold down Control and click on this link to open ESET OnlineScan in a new window.
  2. Click the esetonlinebtn.png button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the esetsmartinstaller_enu.png
      icon on your desktop.

    3. Check "YES, I accept the Terms of Use."
    4. Click the Start button.
    5. Accept any security warnings from your browser.
    6. Under scan settings, check "Scan Archives" and "Remove found threats"
    7. Click Advanced settings and select the following:
      • Scan potentially unwanted applications
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology

[*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

[*]When the scan completes, click List Threats

[*]Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.

[*]Click the Back button.

[*]Click the Finish button.

Link to post
Share on other sites

oooh softwares hanghead.gif109.gif

...... ok i deleted some threats but not these

J:\PROGRAMS\Setup\Software\AntiVirus & System Healthy Tools\Norton Utilities\Norton Antivirus 2011_v.18.1.0.37_www.mihandownload.com\Trial Reset BackUp.rar Win32/HackAV.HF application

J:\PROGRAMS\Setup\Software\Graphic 3D_ 2D Tools\Corel PSPPro X4 v14.0.0.332\Keygen\keygen.exe a variant of Win32/Keygen.AU application

J:\PROGRAMS\Setup\Software\Utility\__Hiren's Boot CD\Hiren_s_BootCD_v13.0_Keyboard_Patch.rar Win32/PSWTool.KonBoot.A application

40.gif

ESETScan.txt

Link to post
Share on other sites

That is up to you, however, be aware that cracks, keygens and the like can have your computer reinfected in no time.

ALL CLEAN

--------------

Your machine appears to be clean, please take the time to read below on how to secure the machine and take the necessary steps to keep it clean :)

Please do the following to remove the remaining programs from your PC:

  • Delete the tools used during the disinfection:
    • Click start > run and type combofix /uninstall, press enter. This will remove Combofix from your computer.

Please read these advices, in order to prevent reinfecting your PC:

  1. Install and update the following programs regularly:
    • an outbound firewall. If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.
      A comprehensive tutorial and a list of possible firewalls can be found here.
    • an AntiVirus Software
      It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.
    • an Anti-Spyware program
      Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
      SUPERAntiSpyware is another good scanner with high detection and removal rates.
      Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
    • Spyware Blaster
      A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.

[*]Keep Windows (and your other Microsoft software) up to date!

I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.

Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!

[*]Keep your other software up to date as well

Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on yourmachine.

[*]Stay up to date!

The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing.

Some more links you might find of interest:

Please reply to this topic if you have read the above information. If your computer is working fine, this topic will be closed afterwards.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.