Possible Infection

shaneh1699 · April 14, 2012

Hello,

Within the past day or so, I have received frequent alerts from mbam that it has blocked access to numerous malicious websites with varying ip addresses. I ran a full scan with mbam along with my anti-virus software and they both conclude that there is no malicious software on the pc. For your information, I have removed some toolbar software in addition to temporary internet files prior to reading the forums on this website. Please help me to resolve this issue! Thank you in advance for your time and I hope to hear from you soon.

attach.txt

dds.txt

Maniac · April 14, 2012

Hello shaneh1699 and :welcome: ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Please uninstall fullscreensavers Toolbar, because is a Conduit "Community Toolbar" - modifies the default IE URL search hook. Conduit toolbars are reputed to have a certain trackware functionality.

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

Launch Malwarebytes' Anti-Malware
Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
Go to Scanner tab and select Perform Quick Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

TDSSKiller log
Malwarebytes' Anti-Malware log
a new fresh DDS log file

shaneh1699 · April 14, 2012

Hello Maniac,

I have removed the FullScreensavers toolbar and performed the tasks that you had instructed. Here are the logs that you have requested.

TDSSKiller.2.7.28.0_14.04.2012_13.42.58_log.txt

dds.txt

protection-log-2012-04-14.txt

Maniac · April 14, 2012

Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Please copy and paste its contents on your next reply.

In your next reply, post the following log files:

shaneh1699 · April 14, 2012

Hello Maniac,

I tried to copy all of the logs onto one post but I was not able to because the file was too long. Am I supposed to make a separate post for each log or is there a way to condense all of the logs into a single post?

Maniac · April 14, 2012

Yes, if necessary, let them be a few posts.

shaneh1699 · April 14, 2012

13:42:58.0578 3740 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05

13:42:59.0000 3740 ============================================================

13:42:59.0000 3740 Current date / time: 2012/04/14 13:42:59.0000

13:42:59.0000 3740 SystemInfo:

13:42:59.0000 3740

13:42:59.0000 3740 OS Version: 5.1.2600 ServicePack: 3.0

13:42:59.0000 3740 Product type: Workstation

13:42:59.0000 3740 ComputerName: HELSIN-PC

13:42:59.0000 3740 UserName: Carmen

13:42:59.0000 3740 Windows directory: C:\WINDOWS

13:42:59.0000 3740 System windows directory: C:\WINDOWS

13:42:59.0000 3740 Processor architecture: Intel x86

13:42:59.0000 3740 Number of processors: 1

13:42:59.0000 3740 Page size: 0x1000

13:42:59.0000 3740 Boot type: Normal boot

13:42:59.0000 3740 ============================================================

13:43:02.0453 3740 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

13:43:02.0593 3740 \Device\Harddisk0\DR0:

13:43:02.0593 3740 MBR used

13:43:02.0593 3740 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x13986

13:43:02.0609 3740 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13A04, BlocksNum 0x94EAFB9

13:43:02.0640 3740 Initialize success

13:43:02.0640 3740 ============================================================

13:43:43.0796 1676 ============================================================

13:43:43.0796 1676 Scan started

13:43:43.0796 1676 Mode: Manual; SigCheck; TDLFS;

13:43:43.0796 1676 ============================================================

13:43:44.0031 1676 Abiosdsk - ok

13:43:44.0078 1676 abp480n5 - ok

13:43:44.0156 1676 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

13:43:46.0109 1676 ACPI - ok

13:43:46.0218 1676 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

13:43:46.0484 1676 ACPIEC - ok

13:43:46.0578 1676 ADM8511 (b05f2367f62552a2de7e3c352b7b9885) C:\WINDOWS\system32\DRIVERS\ADM8511.SYS

13:43:46.0890 1676 ADM8511 - ok

13:43:46.0968 1676 adpu160m - ok

13:43:47.0046 1676 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys

13:43:47.0156 1676 aeaudio - ok

13:43:47.0296 1676 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

13:43:47.0546 1676 aec - ok

13:43:47.0656 1676 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

13:43:47.0781 1676 AFD - ok

13:43:47.0890 1676 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

13:43:48.0140 1676 agp440 - ok

13:43:48.0218 1676 Aha154x - ok

13:43:48.0265 1676 aic78u2 - ok

13:43:48.0312 1676 aic78xx - ok

13:43:48.0390 1676 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

13:43:48.0640 1676 Alerter - ok

13:43:48.0750 1676 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

13:43:49.0062 1676 ALG - ok

13:43:49.0140 1676 AliIde - ok

13:43:49.0187 1676 amsint - ok

13:43:49.0281 1676 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

13:43:49.0312 1676 Apple Mobile Device - ok

13:43:49.0375 1676 AppMgmt - ok

13:43:49.0421 1676 asc - ok

13:43:49.0468 1676 asc3350p - ok

13:43:49.0515 1676 asc3550 - ok

13:43:49.0593 1676 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

13:43:49.0859 1676 AsyncMac - ok

13:43:49.0953 1676 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

13:43:50.0203 1676 atapi - ok

13:43:50.0296 1676 Atdisk - ok

13:43:50.0406 1676 ati2mtaa (2d030c2f6b036ca0bc243e1b16d924d1) C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys

13:43:50.0656 1676 ati2mtaa - ok

13:43:50.0781 1676 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

13:43:51.0093 1676 Atmarpc - ok

13:43:51.0187 1676 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

13:43:51.0453 1676 AudioSrv - ok

13:43:51.0562 1676 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

13:43:51.0828 1676 audstub - ok

13:43:51.0968 1676 BCMModem (41347688046d49cde0f6d138a534f73d) C:\WINDOWS\system32\DRIVERS\BCMSM.sys

13:43:52.0296 1676 BCMModem - ok

13:43:52.0406 1676 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

13:43:52.0703 1676 Beep - ok

13:43:52.0828 1676 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

13:43:53.0187 1676 BITS - ok

13:43:53.0312 1676 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe

13:43:53.0500 1676 Bonjour Service - ok

13:43:53.0609 1676 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

13:43:53.0875 1676 Browser - ok

13:43:53.0984 1676 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

13:43:54.0250 1676 cbidf2k - ok

13:43:54.0343 1676 ccEvtMgr (f62b08f9bd842511792e284c972c7404) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

13:43:54.0375 1676 ccEvtMgr - ok

13:43:54.0421 1676 ccSetMgr (ef2c4971b8047a93f9e2a4db0c8528f6) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

13:43:54.0453 1676 ccSetMgr - ok

13:43:54.0531 1676 cd20xrnt - ok

13:43:54.0609 1676 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

13:43:54.0890 1676 Cdaudio - ok

13:43:54.0984 1676 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

13:43:55.0218 1676 Cdfs - ok

13:43:55.0343 1676 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

13:43:55.0593 1676 Cdrom - ok

13:43:55.0703 1676 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys

13:43:55.0781 1676 cercsr6 ( UnsignedFile.Multi.Generic ) - warning

13:43:55.0781 1676 cercsr6 - detected UnsignedFile.Multi.Generic (1)

13:43:55.0875 1676 Changer - ok

13:43:55.0984 1676 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

13:43:56.0234 1676 CiSvc - ok

13:43:56.0343 1676 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

13:43:56.0609 1676 ClipSrv - ok

13:43:56.0671 1676 CmdIde - ok

13:43:56.0718 1676 COMSysApp - ok

13:43:56.0796 1676 Cpqarray - ok

13:43:56.0921 1676 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

13:43:57.0187 1676 CryptSvc - ok

13:43:57.0265 1676 dac2w2k - ok

13:43:57.0343 1676 dac960nt - ok

13:43:57.0421 1676 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

13:43:57.0546 1676 DcomLaunch - ok

13:43:57.0656 1676 DefWatch (d31cad0a43b46cc1362f891e2130d91e) C:\Program Files\Symantec AntiVirus\DefWatch.exe

13:43:57.0687 1676 DefWatch - ok

13:43:57.0812 1676 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

13:43:58.0109 1676 Dhcp - ok

13:43:58.0234 1676 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

13:43:58.0468 1676 Disk - ok

13:43:58.0546 1676 dmadmin - ok

13:43:58.0640 1676 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

13:43:58.0968 1676 dmboot - ok

13:43:59.0078 1676 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

13:43:59.0375 1676 dmio - ok

13:43:59.0484 1676 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

13:43:59.0765 1676 dmload - ok

13:43:59.0859 1676 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

13:44:00.0093 1676 dmserver - ok

13:44:00.0218 1676 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

13:44:00.0468 1676 DMusic - ok

13:44:00.0578 1676 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

13:44:00.0750 1676 Dnscache - ok

13:44:00.0875 1676 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

13:44:01.0156 1676 Dot3svc - ok

13:44:01.0234 1676 dpti2o - ok

13:44:01.0359 1676 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

13:44:01.0609 1676 drmkaud - ok

13:44:01.0718 1676 E100B (98ed0bea10477b0f252cca35eb50f838) C:\WINDOWS\system32\DRIVERS\e100b325.sys

13:44:01.0843 1676 E100B - ok

13:44:02.0562 1676 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

13:44:02.0828 1676 EapHost - ok

13:44:02.0953 1676 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

13:44:03.0250 1676 eeCtrl - ok

13:44:03.0359 1676 ehstart - ok

13:44:03.0453 1676 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

13:44:03.0468 1676 EraserUtilRebootDrv - ok

13:44:03.0593 1676 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

13:44:03.0875 1676 ERSvc - ok

13:44:04.0000 1676 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

13:44:04.0109 1676 Eventlog - ok

13:44:04.0234 1676 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

13:44:04.0328 1676 EventSystem - ok

13:44:04.0453 1676 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

13:44:04.0703 1676 Fastfat - ok

13:44:04.0812 1676 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

13:44:05.0000 1676 FastUserSwitchingCompatibility - ok

13:44:05.0156 1676 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

13:44:05.0437 1676 Fdc - ok

13:44:05.0546 1676 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

13:44:05.0812 1676 Fips - ok

13:44:05.0937 1676 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

13:44:06.0218 1676 Flpydisk - ok

13:44:06.0343 1676 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

13:44:06.0578 1676 FltMgr - ok

13:44:06.0687 1676 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

13:44:07.0000 1676 Fs_Rec - ok

13:44:07.0078 1676 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

13:44:07.0343 1676 Ftdisk - ok

13:44:07.0484 1676 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

13:44:07.0562 1676 GEARAspiWDM - ok

13:44:07.0656 1676 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

13:44:07.0984 1676 Gpc - ok

13:44:08.0109 1676 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe

13:44:08.0140 1676 gupdate - ok

13:44:08.0171 1676 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe

13:44:08.0203 1676 gupdatem - ok

13:44:08.0343 1676 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

13:44:08.0453 1676 gusvc - ok

13:44:08.0593 1676 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

13:44:08.0843 1676 helpsvc - ok

13:44:08.0906 1676 HidServ - ok

13:44:09.0046 1676 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

13:44:09.0281 1676 HidUsb - ok

13:44:09.0406 1676 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

13:44:09.0687 1676 hkmsvc - ok

13:44:09.0765 1676 hpn - ok

13:44:09.0843 1676 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

13:44:10.0109 1676 HPZid412 - ok

13:44:10.0218 1676 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

13:44:10.0359 1676 HPZipr12 - ok

13:44:10.0484 1676 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

13:44:10.0578 1676 HPZius12 - ok

13:44:10.0687 1676 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

13:44:10.0828 1676 HTTP - ok

13:44:10.0968 1676 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

13:44:11.0203 1676 HTTPFilter - ok

13:44:11.0265 1676 i2omgmt - ok

13:44:11.0328 1676 i2omp - ok

13:44:11.0406 1676 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

13:44:11.0750 1676 i8042prt - ok

13:44:11.0875 1676 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

13:44:12.0234 1676 Imapi - ok

13:44:12.0343 1676 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

13:44:12.0625 1676 ImapiService - ok

13:44:12.0718 1676 ini910u - ok

13:44:12.0796 1676 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

13:44:13.0015 1676 IntelIde - ok

13:44:13.0156 1676 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

13:44:13.0406 1676 intelppm - ok

13:44:13.0515 1676 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

13:44:13.0781 1676 Ip6Fw - ok

13:44:13.0875 1676 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

13:44:14.0140 1676 IpFilterDriver - ok

13:44:14.0234 1676 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

13:44:14.0500 1676 IpInIp - ok

13:44:14.0625 1676 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

13:44:14.0921 1676 IpNat - ok

13:44:15.0015 1676 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe

13:44:15.0328 1676 iPod Service - ok

13:44:15.0437 1676 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

13:44:15.0796 1676 IPSec - ok

13:44:15.0890 1676 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

13:44:16.0171 1676 IRENUM - ok

13:44:16.0296 1676 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

13:44:16.0531 1676 isapnp - ok

13:44:16.0671 1676 JavaQuickStarterService (9aa67569d5257462e230767510b0c815) C:\Program Files\Java\jre6\bin\jqs.exe

13:44:16.0765 1676 JavaQuickStarterService - ok

13:44:16.0875 1676 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

13:44:17.0125 1676 Kbdclass - ok

13:44:17.0218 1676 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

13:44:17.0484 1676 kmixer - ok

13:44:17.0593 1676 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

13:44:17.0703 1676 KSecDD - ok

13:44:17.0812 1676 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

13:44:17.0906 1676 lanmanserver - ok

13:44:18.0015 1676 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

13:44:18.0109 1676 lanmanworkstation - ok

13:44:18.0187 1676 lbrtfdc - ok

13:44:18.0406 1676 LiveUpdate (a97eeb81f05bce3d7aa6c81f04ef39a4) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

13:44:18.0828 1676 LiveUpdate - ok

13:44:18.0921 1676 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

13:44:19.0156 1676 LmHosts - ok

13:44:19.0250 1676 mbamchameleon (e0e22c8a2c5528919c45b834ca68e5ef) C:\WINDOWS\system32\drivers\mbamchameleon.sys

13:44:19.0281 1676 mbamchameleon - ok

13:44:19.0500 1676 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys

13:44:19.0546 1676 MBAMProtector - ok

13:44:19.0703 1676 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

13:44:19.0781 1676 MBAMService - ok

13:44:19.0875 1676 MDM (5e40f981662e454ace8540a066d3f5db) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

13:44:19.0953 1676 MDM ( UnsignedFile.Multi.Generic ) - warning

13:44:19.0953 1676 MDM - detected UnsignedFile.Multi.Generic (1)

13:44:20.0078 1676 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

13:44:20.0375 1676 Messenger - ok

13:44:20.0484 1676 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

13:44:20.0750 1676 mnmdd - ok

13:44:20.0859 1676 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

13:44:21.0109 1676 mnmsrvc - ok

13:44:21.0218 1676 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

13:44:21.0593 1676 Modem - ok

13:44:21.0703 1676 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys

13:44:21.0953 1676 MODEMCSA - ok

13:44:22.0062 1676 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

13:44:22.0328 1676 Mouclass - ok

13:44:22.0421 1676 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

13:44:22.0687 1676 mouhid - ok

13:44:22.0812 1676 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

13:44:23.0046 1676 MountMgr - ok

13:44:23.0125 1676 mraid35x - ok

13:44:23.0218 1676 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

13:44:23.0453 1676 MRxDAV - ok

13:44:23.0578 1676 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

13:44:23.0703 1676 MRxSmb - ok

13:44:23.0812 1676 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

13:44:24.0093 1676 MSDTC - ok

13:44:24.0203 1676 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

13:44:24.0468 1676 Msfs - ok

13:44:24.0546 1676 MSIServer - ok

13:44:24.0609 1676 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

13:44:24.0859 1676 MSKSSRV - ok

13:44:24.0953 1676 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

13:44:25.0218 1676 MSPCLOCK - ok

13:44:25.0328 1676 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

13:44:25.0562 1676 MSPQM - ok

13:44:25.0656 1676 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

13:44:25.0921 1676 mssmbios - ok

13:44:26.0015 1676 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

13:44:26.0093 1676 Mup - ok

13:44:26.0234 1676 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

13:44:26.0500 1676 napagent - ok

13:44:26.0625 1676 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120409.001\naveng.sys

13:44:26.0656 1676 NAVENG - ok

13:44:26.0828 1676 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120409.001\navex15.sys

13:44:26.0953 1676 NAVEX15 - ok

13:44:27.0406 1676 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

13:44:27.0656 1676 NDIS - ok

13:44:27.0765 1676 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

13:44:27.0859 1676 NdisTapi - ok

13:44:27.0984 1676 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

13:44:28.0234 1676 Ndisuio - ok

13:44:28.0359 1676 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

13:44:28.0593 1676 NdisWan - ok

13:44:28.0687 1676 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

13:44:28.0765 1676 NDProxy - ok

13:44:28.0875 1676 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

13:44:29.0109 1676 NetBIOS - ok

13:44:29.0218 1676 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

13:44:29.0609 1676 NetBT - ok

13:44:29.0718 1676 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

13:44:30.0093 1676 NetDDE - ok

13:44:30.0140 1676 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

13:44:30.0359 1676 NetDDEdsdm - ok

13:44:30.0500 1676 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:44:30.0734 1676 Netlogon - ok

13:44:30.0859 1676 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

13:44:31.0109 1676 Netman - ok

13:44:31.0218 1676 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

13:44:31.0281 1676 Nla - ok

13:44:31.0390 1676 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

13:44:31.0656 1676 Npfs - ok

13:44:31.0781 1676 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

13:44:32.0093 1676 Ntfs - ok

13:44:32.0203 1676 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:44:32.0453 1676 NtLmSsp - ok

13:44:32.0578 1676 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

13:44:32.0890 1676 NtmsSvc - ok

13:44:33.0109 1676 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

13:44:33.0796 1676 Null - ok

13:44:33.0890 1676 nvrd64 - ok

13:44:33.0937 1676 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

13:44:34.0265 1676 NwlnkFlt - ok

13:44:34.0359 1676 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

13:44:34.0640 1676 NwlnkFwd - ok

13:44:34.0734 1676 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

13:44:34.0953 1676 Parport - ok

13:44:35.0031 1676 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

13:44:35.0250 1676 PartMgr - ok

13:44:35.0437 1676 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

13:44:35.0750 1676 ParVdm - ok

13:44:35.0859 1676 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

13:44:36.0078 1676 PCI - ok

13:44:36.0140 1676 PCIDump - ok

13:44:36.0234 1676 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

13:44:36.0515 1676 PCIIde - ok

13:44:36.0625 1676 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

13:44:36.0859 1676 Pcmcia - ok

13:44:36.0921 1676 PDCOMP - ok

13:44:36.0984 1676 PDFRAME - ok

13:44:37.0046 1676 PDRELI - ok

13:44:37.0078 1676 PDRFRAME - ok

13:44:37.0140 1676 perc2 - ok

13:44:37.0156 1676 perc2hib - ok

13:44:37.0218 1676 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

13:44:37.0281 1676 PlugPlay - ok

13:44:37.0375 1676 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:44:37.0578 1676 PolicyAgent - ok

13:44:37.0687 1676 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

13:44:38.0046 1676 PptpMiniport - ok

13:44:38.0125 1676 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:44:38.0328 1676 ProtectedStorage - ok

13:44:38.0406 1676 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

13:44:38.0828 1676 PSched - ok

13:44:38.0984 1676 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

13:44:39.0250 1676 Ptilink - ok

13:44:39.0296 1676 ql1080 - ok

13:44:39.0328 1676 Ql10wnt - ok

13:44:39.0375 1676 ql12160 - ok

13:44:39.0437 1676 ql1240 - ok

13:44:39.0453 1676 ql1280 - ok

13:44:39.0531 1676 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

13:44:39.0812 1676 RasAcd - ok

13:44:39.0890 1676 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

13:44:40.0140 1676 RasAuto - ok

13:44:40.0234 1676 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

13:44:40.0750 1676 Rasl2tp - ok

13:44:40.0859 1676 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

13:44:41.0187 1676 RasMan - ok

13:44:41.0359 1676 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

13:44:41.0671 1676 RasPppoe - ok

13:44:41.0781 1676 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

13:44:42.0062 1676 Raspti - ok

13:44:42.0250 1676 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

13:44:42.0562 1676 Rdbss - ok

13:44:42.0671 1676 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

13:44:42.0937 1676 RDPCDD - ok

13:44:43.0031 1676 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

13:44:43.0125 1676 RDPWD - ok

13:44:43.0234 1676 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

13:44:43.0609 1676 RDSessMgr - ok

13:44:43.0687 1676 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

13:44:44.0015 1676 redbook - ok

13:44:44.0109 1676 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

13:44:44.0375 1676 RemoteAccess - ok

13:44:44.0453 1676 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

13:44:44.0703 1676 RpcLocator - ok

13:44:44.0843 1676 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

13:44:44.0921 1676 RpcSs - ok

13:44:45.0031 1676 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

13:44:45.0421 1676 RSVP - ok

13:44:45.0500 1676 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:44:45.0718 1676 SamSs - ok

13:44:45.0828 1676 SavRoam (50525931b5d5c417226c73f494e781ce) C:\Program Files\Symantec AntiVirus\SavRoam.exe

13:44:45.0859 1676 SavRoam - ok

13:44:45.0906 1676 SAVRT (2861c841b03def48402e63277d9cac22) C:\Program Files\Symantec AntiVirus\savrt.sys

13:44:45.0937 1676 SAVRT - ok

13:44:45.0968 1676 SAVRTPEL (54484c13e4d9b268c66d59e9ccb570e6) C:\Program Files\Symantec AntiVirus\Savrtpel.sys

13:44:46.0046 1676 SAVRTPEL - ok

13:44:46.0140 1676 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

13:44:46.0593 1676 SCardSvr - ok

13:44:46.0750 1676 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

13:44:46.0984 1676 Schedule - ok

13:44:47.0062 1676 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

13:44:47.0312 1676 Secdrv - ok

13:44:47.0421 1676 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

13:44:47.0656 1676 seclogon - ok

13:44:47.0734 1676 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

13:44:47.0953 1676 SENS - ok

13:44:48.0062 1676 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

13:44:48.0390 1676 serenum - ok

13:44:48.0484 1676 Serial (3bc690163eff0a93c438f9a44472f0d8) C:\WINDOWS\system32\DRIVERS\serial.sys

13:44:48.0515 1676 Serial ( UnsignedFile.Multi.Generic ) - warning

13:44:48.0515 1676 Serial - detected UnsignedFile.Multi.Generic (1)

13:44:48.0734 1676 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

13:44:49.0000 1676 Sfloppy - ok

13:44:49.0093 1676 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

13:44:49.0375 1676 SharedAccess - ok

13:44:49.0484 1676 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

13:44:49.0546 1676 ShellHWDetection - ok

13:44:49.0609 1676 Simbad - ok

13:44:49.0687 1676 smwdm (70b8dd8707dbf6142530c106365df67d) C:\WINDOWS\system32\drivers\smwdm.sys

13:44:49.0828 1676 smwdm - ok

13:44:49.0984 1676 SNDSrvc (6540bf1c33ac8cbc598247e841ffb740) C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

13:44:50.0062 1676 SNDSrvc - ok

13:44:50.0328 1676 Sparrow - ok

13:44:50.0406 1676 SPBBCDrv (60053e9c1fc4f6887c296c19cb825244) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys

13:44:50.0562 1676 SPBBCDrv - ok

13:44:50.0671 1676 SPBBCSvc (8a09ab7a1fd856acc469bd0cd4e98351) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

13:44:50.0906 1676 SPBBCSvc - ok

13:44:51.0000 1676 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

13:44:51.0218 1676 splitter - ok

13:44:51.0312 1676 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

13:44:51.0390 1676 Spooler - ok

13:44:51.0484 1676 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

13:44:51.0703 1676 sr - ok

13:44:51.0812 1676 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

13:44:52.0078 1676 srservice - ok

13:44:52.0187 1676 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

13:44:52.0296 1676 Srv - ok

13:44:52.0390 1676 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

13:44:52.0671 1676 SSDPSRV - ok

13:44:52.0765 1676 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

13:44:53.0093 1676 stisvc - ok

13:44:53.0187 1676 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

13:44:53.0421 1676 swenum - ok

13:44:53.0515 1676 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

13:44:53.0750 1676 swmidi - ok

13:44:53.0828 1676 SwPrv - ok

13:44:53.0953 1676 Symantec AntiVirus (856e5a3fc889a4e9b07af4509269370e) C:\Program Files\Symantec AntiVirus\Rtvscan.exe

13:44:54.0125 1676 Symantec AntiVirus - ok

13:44:54.0187 1676 symc810 - ok

13:44:54.0218 1676 symc8xx - ok

13:44:54.0312 1676 SymEvent (c5eafb6a8c73fb26b73ee613c1a5aef6) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

13:44:54.0390 1676 SymEvent - ok

13:44:54.0484 1676 SYMREDRV (5f9055055dc4900f74fb690b61448be4) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS

13:44:54.0562 1676 SYMREDRV - ok

13:44:54.0656 1676 SYMTDI (5561a9d2d1b6529a95cbbffaed7791c1) C:\WINDOWS\System32\Drivers\SYMTDI.SYS

13:44:54.0750 1676 SYMTDI - ok

13:44:54.0828 1676 sym_hi - ok

13:44:54.0875 1676 sym_u3 - ok

13:44:54.0921 1676 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

13:44:55.0171 1676 sysaudio - ok

13:44:55.0265 1676 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

13:44:55.0515 1676 SysmonLog - ok

13:44:55.0656 1676 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

13:44:56.0171 1676 TapiSrv - ok

13:44:56.0281 1676 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

13:44:56.0437 1676 Tcpip - ok

13:44:56.0546 1676 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

13:44:56.0750 1676 TDPIPE - ok

13:44:56.0843 1676 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

13:44:57.0156 1676 TDTCP - ok

13:44:57.0375 1676 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

13:44:57.0750 1676 TermDD - ok

13:44:57.0859 1676 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

13:44:58.0546 1676 TermService - ok

13:44:58.0640 1676 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

13:44:58.0687 1676 Themes - ok

13:44:58.0750 1676 TosIde - ok

13:44:58.0812 1676 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

13:44:59.0046 1676 TrkWks - ok

13:44:59.0296 1676 tsdhd - ok

13:44:59.0375 1676 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

13:44:59.0625 1676 Udfs - ok

13:44:59.0687 1676 ultra - ok

13:44:59.0781 1676 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

13:45:00.0062 1676 Update - ok

13:45:00.0171 1676 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

13:45:00.0468 1676 upnphost - ok

13:45:00.0562 1676 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

13:45:00.0812 1676 UPS - ok

13:45:00.0921 1676 USB11LDR - ok

13:45:01.0031 1676 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

13:45:01.0281 1676 usbccgp - ok

13:45:01.0390 1676 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

13:45:01.0640 1676 usbehci - ok

13:45:01.0734 1676 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

13:45:02.0062 1676 usbhub - ok

13:45:02.0203 1676 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

13:45:02.0453 1676 usbprint - ok

13:45:02.0578 1676 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

13:45:02.0828 1676 USBSTOR - ok

13:45:02.0937 1676 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

13:45:03.0187 1676 usbuhci - ok

13:45:03.0359 1676 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

13:45:03.0593 1676 VgaSave - ok

13:45:03.0671 1676 ViaIde - ok

13:45:03.0734 1676 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

13:45:03.0968 1676 VolSnap - ok

13:45:04.0078 1676 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

13:45:04.0375 1676 VSS - ok

13:45:04.0484 1676 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

13:45:04.0718 1676 W32Time - ok

13:45:04.0843 1676 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

13:45:05.0093 1676 Wanarp - ok

13:45:05.0171 1676 WDICA - ok

13:45:05.0265 1676 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

13:45:05.0500 1676 wdmaud - ok

13:45:05.0609 1676 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

13:45:05.0875 1676 WebClient - ok

13:45:05.0984 1676 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

13:45:06.0250 1676 winmgmt - ok

13:45:06.0406 1676 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll

13:45:06.0640 1676 WmdmPmSN - ok

13:45:06.0765 1676 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

13:45:07.0015 1676 WmiApSrv - ok

13:45:07.0140 1676 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

13:45:07.0390 1676 wuauserv - ok

13:45:07.0515 1676 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

13:45:07.0812 1676 WZCSVC - ok

13:45:07.0906 1676 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

13:45:08.0171 1676 xmlprov - ok

13:45:08.0234 1676 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

13:45:08.0421 1676 \Device\Harddisk0\DR0 - ok

13:45:08.0437 1676 Boot (0x1200) (648f1ba08b483dd9232d36c94c43a67a) \Device\Harddisk0\DR0\Partition0

13:45:08.0453 1676 \Device\Harddisk0\DR0\Partition0 - ok

13:45:08.0468 1676 Boot (0x1200) (5aca8852e1709ee1271c8b2116dbef10) \Device\Harddisk0\DR0\Partition1

13:45:08.0468 1676 \Device\Harddisk0\DR0\Partition1 - ok

13:45:08.0468 1676 ============================================================

13:45:08.0468 1676 Scan finished

13:45:08.0468 1676 ============================================================

13:45:08.0609 1072 Detected object count: 3

13:45:08.0609 1072 Actual detected object count: 3

13:45:57.0281 1072 cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user

13:45:57.0281 1072 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:45:57.0296 1072 MDM ( UnsignedFile.Multi.Generic ) - skipped by user

13:45:57.0296 1072 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:45:57.0296 1072 Serial ( UnsignedFile.Multi.Generic ) - skipped by user

13:45:57.0296 1072 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:46:47.0359 3980 ============================================================

13:46:47.0359 3980 Scan started

13:46:47.0359 3980 Mode: Manual; SigCheck; TDLFS;

13:46:47.0359 3980 ============================================================

13:46:47.0515 3980 Abiosdsk - ok

13:46:47.0562 3980 abp480n5 - ok

13:46:47.0625 3980 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

13:46:47.0859 3980 ACPI - ok

13:46:47.0968 3980 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

13:46:48.0234 3980 ACPIEC - ok

13:46:48.0328 3980 ADM8511 (b05f2367f62552a2de7e3c352b7b9885) C:\WINDOWS\system32\DRIVERS\ADM8511.SYS

13:46:48.0609 3980 ADM8511 - ok

13:46:48.0687 3980 adpu160m - ok

13:46:48.0750 3980 aeaudio (11c04b17ed2abbb4833694bcd644ac90) C:\WINDOWS\system32\drivers\aeaudio.sys

13:46:48.0781 3980 aeaudio - ok

13:46:48.0890 3980 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

13:46:49.0109 3980 aec - ok

13:46:49.0218 3980 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

13:46:49.0265 3980 AFD - ok

13:46:49.0390 3980 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

13:46:49.0609 3980 agp440 - ok

13:46:49.0687 3980 Aha154x - ok

13:46:49.0734 3980 aic78u2 - ok

13:46:49.0765 3980 aic78xx - ok

13:46:49.0828 3980 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

13:46:50.0062 3980 Alerter - ok

13:46:50.0156 3980 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

13:46:50.0390 3980 ALG - ok

13:46:50.0468 3980 AliIde - ok

13:46:50.0515 3980 amsint - ok

13:46:50.0609 3980 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

13:46:50.0640 3980 Apple Mobile Device - ok

13:46:50.0718 3980 AppMgmt - ok

13:46:50.0765 3980 asc - ok

13:46:50.0843 3980 asc3350p - ok

13:46:50.0921 3980 asc3550 - ok

13:46:51.0000 3980 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

13:46:51.0234 3980 AsyncMac - ok

13:46:51.0328 3980 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

13:46:51.0546 3980 atapi - ok

13:46:51.0609 3980 Atdisk - ok

13:46:51.0703 3980 ati2mtaa (2d030c2f6b036ca0bc243e1b16d924d1) C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys

13:46:51.0921 3980 ati2mtaa - ok

13:46:52.0031 3980 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

13:46:52.0265 3980 Atmarpc - ok

13:46:52.0359 3980 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

13:46:52.0593 3980 AudioSrv - ok

13:46:52.0703 3980 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

13:46:52.0968 3980 audstub - ok

13:46:53.0109 3980 BCMModem (41347688046d49cde0f6d138a534f73d) C:\WINDOWS\system32\DRIVERS\BCMSM.sys

13:46:53.0187 3980 BCMModem - ok

13:46:53.0296 3980 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

13:46:53.0578 3980 Beep - ok

13:46:53.0687 3980 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

13:46:53.0937 3980 BITS - ok

13:46:54.0031 3980 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe

13:46:54.0062 3980 Bonjour Service - ok

13:46:54.0171 3980 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

13:46:54.0406 3980 Browser - ok

13:46:54.0515 3980 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

13:46:54.0765 3980 cbidf2k - ok

13:46:54.0843 3980 ccEvtMgr (f62b08f9bd842511792e284c972c7404) C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

13:46:54.0859 3980 ccEvtMgr - ok

13:46:54.0890 3980 ccSetMgr (ef2c4971b8047a93f9e2a4db0c8528f6) C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

13:46:54.0921 3980 ccSetMgr - ok

13:46:55.0000 3980 cd20xrnt - ok

13:46:55.0078 3980 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

13:46:55.0343 3980 Cdaudio - ok

13:46:55.0421 3980 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

13:46:55.0656 3980 Cdfs - ok

13:46:55.0781 3980 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

13:46:56.0015 3980 Cdrom - ok

13:46:56.0125 3980 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys

13:46:56.0140 3980 cercsr6 ( UnsignedFile.Multi.Generic ) - warning

13:46:56.0140 3980 cercsr6 - detected UnsignedFile.Multi.Generic (1)

13:46:56.0218 3980 Changer - ok

13:46:56.0281 3980 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

13:46:56.0515 3980 CiSvc - ok

13:46:56.0609 3980 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

13:46:56.0859 3980 ClipSrv - ok

13:46:56.0937 3980 CmdIde - ok

13:46:56.0984 3980 COMSysApp - ok

13:46:57.0062 3980 Cpqarray - ok

13:46:57.0125 3980 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

13:46:57.0343 3980 CryptSvc - ok

13:46:57.0437 3980 dac2w2k - ok

13:46:57.0484 3980 dac960nt - ok

13:46:57.0562 3980 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

13:46:57.0609 3980 DcomLaunch - ok

13:46:57.0703 3980 DefWatch (d31cad0a43b46cc1362f891e2130d91e) C:\Program Files\Symantec AntiVirus\DefWatch.exe

13:46:57.0734 3980 DefWatch - ok

13:46:57.0859 3980 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

13:46:58.0078 3980 Dhcp - ok

13:46:58.0187 3980 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

13:46:58.0421 3980 Disk - ok

13:46:58.0500 3980 dmadmin - ok

13:46:58.0593 3980 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

13:46:58.0859 3980 dmboot - ok

13:46:58.0968 3980 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

13:46:59.0187 3980 dmio - ok

13:46:59.0296 3980 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

13:46:59.0562 3980 dmload - ok

13:46:59.0656 3980 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

13:46:59.0890 3980 dmserver - ok

13:47:00.0000 3980 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

13:47:00.0218 3980 DMusic - ok

13:47:00.0312 3980 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

13:47:00.0359 3980 Dnscache - ok

13:47:00.0484 3980 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

13:47:00.0703 3980 Dot3svc - ok

13:47:00.0765 3980 dpti2o - ok

13:47:00.0843 3980 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

13:47:01.0062 3980 drmkaud - ok

13:47:01.0156 3980 E100B (98ed0bea10477b0f252cca35eb50f838) C:\WINDOWS\system32\DRIVERS\e100b325.sys

13:47:01.0203 3980 E100B - ok

13:47:01.0296 3980 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

13:47:01.0531 3980 EapHost - ok

13:47:01.0609 3980 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

13:47:01.0640 3980 eeCtrl - ok

13:47:01.0718 3980 ehstart - ok

13:47:01.0796 3980 EraserUtilRebootDrv (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

13:47:01.0828 3980 EraserUtilRebootDrv - ok

13:47:01.0937 3980 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

13:47:02.0171 3980 ERSvc - ok

13:47:02.0281 3980 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

13:47:02.0328 3980 Eventlog - ok

13:47:02.0421 3980 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

13:47:02.0468 3980 EventSystem - ok

13:47:02.0562 3980 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

13:47:02.0781 3980 Fastfat - ok

13:47:02.0906 3980 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

13:47:02.0953 3980 FastUserSwitchingCompatibility - ok

13:47:03.0062 3980 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

13:47:03.0296 3980 Fdc - ok

13:47:03.0390 3980 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

13:47:03.0609 3980 Fips - ok

13:47:03.0687 3980 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

13:47:03.0921 3980 Flpydisk - ok

13:47:04.0046 3980 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

13:47:04.0265 3980 FltMgr - ok

13:47:04.0375 3980 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

13:47:04.0656 3980 Fs_Rec - ok

13:47:04.0734 3980 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

13:47:05.0031 3980 Ftdisk - ok

13:47:05.0125 3980 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

13:47:05.0156 3980 GEARAspiWDM - ok

13:47:05.0265 3980 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

13:47:05.0500 3980 Gpc - ok

13:47:05.0625 3980 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe

13:47:05.0656 3980 gupdate - ok

13:47:05.0671 3980 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe

13:47:05.0703 3980 gupdatem - ok

13:47:05.0796 3980 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

13:47:05.0843 3980 gusvc - ok

13:47:05.0953 3980 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

13:47:06.0187 3980 helpsvc - ok

13:47:06.0265 3980 HidServ - ok

13:47:06.0328 3980 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

13:47:06.0546 3980 HidUsb - ok

13:47:06.0640 3980 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

13:47:06.0875 3980 hkmsvc - ok

13:47:06.0953 3980 hpn - ok

13:47:07.0031 3980 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

13:47:07.0109 3980 HPZid412 - ok

13:47:07.0203 3980 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

13:47:07.0281 3980 HPZipr12 - ok

13:47:07.0390 3980 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

13:47:07.0468 3980 HPZius12 - ok

13:47:07.0562 3980 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

13:47:07.0625 3980 HTTP - ok

13:47:07.0734 3980 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

13:47:07.0953 3980 HTTPFilter - ok

13:47:08.0046 3980 i2omgmt - ok

13:47:08.0093 3980 i2omp - ok

13:47:08.0171 3980 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

13:47:08.0406 3980 i8042prt - ok

13:47:08.0531 3980 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

13:47:08.0765 3980 Imapi - ok

13:47:08.0875 3980 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

13:47:09.0093 3980 ImapiService - ok

13:47:09.0187 3980 ini910u - ok

13:47:09.0265 3980 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

13:47:09.0484 3980 IntelIde - ok

13:47:09.0562 3980 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

13:47:09.0781 3980 intelppm - ok

13:47:09.0875 3980 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

13:47:10.0125 3980 Ip6Fw - ok

13:47:10.0203 3980 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

13:47:10.0468 3980 IpFilterDriver - ok

13:47:10.0562 3980 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

13:47:10.0781 3980 IpInIp - ok

13:47:10.0875 3980 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

13:47:11.0109 3980 IpNat - ok

13:47:11.0203 3980 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe

13:47:11.0265 3980 iPod Service - ok

13:47:11.0375 3980 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

13:47:11.0609 3980 IPSec - ok

13:47:11.0718 3980 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

13:47:11.0937 3980 IRENUM - ok

13:47:12.0062 3980 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

13:47:12.0296 3980 isapnp - ok

13:47:12.0406 3980 JavaQuickStarterService (9aa67569d5257462e230767510b0c815) C:\Program Files\Java\jre6\bin\jqs.exe

13:47:12.0421 3980 JavaQuickStarterService - ok

13:47:12.0515 3980 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

13:47:12.0750 3980 Kbdclass - ok

13:47:12.0875 3980 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

13:47:13.0109 3980 kmixer - ok

13:47:13.0218 3980 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

13:47:13.0265 3980 KSecDD - ok

13:47:13.0375 3980 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

13:47:13.0406 3980 lanmanserver - ok

13:47:13.0515 3980 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

13:47:13.0562 3980 lanmanworkstation - ok

13:47:13.0625 3980 lbrtfdc - ok

13:47:13.0843 3980 LiveUpdate (a97eeb81f05bce3d7aa6c81f04ef39a4) C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

13:47:14.0015 3980 LiveUpdate - ok

13:47:14.0125 3980 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

13:47:14.0390 3980 LmHosts - ok

13:47:14.0484 3980 mbamchameleon (e0e22c8a2c5528919c45b834ca68e5ef) C:\WINDOWS\system32\drivers\mbamchameleon.sys

13:47:14.0531 3980 mbamchameleon - ok

13:47:14.0625 3980 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys

13:47:14.0656 3980 MBAMProtector - ok

13:47:14.0750 3980 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

13:47:14.0812 3980 MBAMService - ok

13:47:14.0875 3980 MDM (5e40f981662e454ace8540a066d3f5db) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

13:47:14.0906 3980 MDM ( UnsignedFile.Multi.Generic ) - warning

13:47:14.0906 3980 MDM - detected UnsignedFile.Multi.Generic (1)

13:47:15.0015 3980 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

13:47:15.0265 3980 Messenger - ok

13:47:15.0375 3980 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

13:47:15.0640 3980 mnmdd - ok

13:47:15.0734 3980 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

13:47:15.0968 3980 mnmsrvc - ok

13:47:16.0046 3980 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

13:47:16.0281 3980 Modem - ok

13:47:16.0390 3980 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys

13:47:16.0640 3980 MODEMCSA - ok

13:47:16.0750 3980 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

13:47:16.0968 3980 Mouclass - ok

13:47:17.0078 3980 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

13:47:17.0328 3980 mouhid - ok

13:47:17.0437 3980 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

13:47:17.0671 3980 MountMgr - ok

13:47:17.0750 3980 mraid35x - ok

13:47:17.0828 3980 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

13:47:18.0046 3980 MRxDAV - ok

13:47:18.0187 3980 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

13:47:18.0250 3980 MRxSmb - ok

13:47:18.0343 3980 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

13:47:18.0562 3980 MSDTC - ok

13:47:18.0687 3980 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

13:47:18.0921 3980 Msfs - ok

13:47:18.0984 3980 MSIServer - ok

13:47:19.0062 3980 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

13:47:19.0281 3980 MSKSSRV - ok

13:47:19.0375 3980 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

13:47:19.0593 3980 MSPCLOCK - ok

13:47:19.0718 3980 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

13:47:19.0937 3980 MSPQM - ok

13:47:20.0046 3980 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

13:47:20.0281 3980 mssmbios - ok

13:47:20.0375 3980 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

13:47:20.0421 3980 Mup - ok

13:47:20.0531 3980 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

13:47:20.0765 3980 napagent - ok

13:47:20.0875 3980 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120409.001\naveng.sys

13:47:20.0906 3980 NAVENG - ok

13:47:21.0109 3980 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120409.001\navex15.sys

13:47:21.0218 3980 NAVEX15 - ok

13:47:21.0343 3980 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

13:47:21.0578 3980 NDIS - ok

13:47:21.0671 3980 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

13:47:21.0703 3980 NdisTapi - ok

13:47:21.0828 3980 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

13:47:22.0046 3980 Ndisuio - ok

13:47:22.0156 3980 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

13:47:22.0390 3980 NdisWan - ok

13:47:22.0500 3980 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

13:47:22.0531 3980 NDProxy - ok

13:47:22.0656 3980 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

13:47:22.0890 3980 NetBIOS - ok

13:47:22.0968 3980 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

13:47:23.0203 3980 NetBT - ok

13:47:23.0312 3980 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

13:47:23.0546 3980 NetDDE - ok

13:47:23.0578 3980 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

13:47:23.0796 3980 NetDDEdsdm - ok

13:47:23.0906 3980 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:47:24.0125 3980 Netlogon - ok

13:47:24.0234 3980 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

13:47:24.0484 3980 Netman - ok

13:47:24.0593 3980 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

13:47:24.0640 3980 Nla - ok

13:47:24.0750 3980 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

13:47:24.0968 3980 Npfs - ok

13:47:25.0093 3980 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

13:47:25.0343 3980 Ntfs - ok

13:47:25.0500 3980 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:47:25.0718 3980 NtLmSsp - ok

13:47:25.0828 3980 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

13:47:26.0078 3980 NtmsSvc - ok

13:47:26.0187 3980 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

13:47:26.0468 3980 Null - ok

13:47:26.0546 3980 nvrd64 - ok

13:47:26.0609 3980 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

13:47:26.0859 3980 NwlnkFlt - ok

13:47:26.0937 3980 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

13:47:27.0187 3980 NwlnkFwd - ok

13:47:27.0281 3980 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

13:47:27.0515 3980 Parport - ok

13:47:27.0625 3980 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

13:47:27.0843 3980 PartMgr - ok

13:47:27.0953 3980 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

13:47:28.0171 3980 ParVdm - ok

13:47:28.0281 3980 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

13:47:28.0531 3980 PCI - ok

13:47:28.0593 3980 PCIDump - ok

13:47:28.0656 3980 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

13:47:28.0921 3980 PCIIde - ok

13:47:29.0031 3980 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

13:47:29.0265 3980 Pcmcia - ok

13:47:29.0343 3980 PDCOMP - ok

13:47:29.0375 3980 PDFRAME - ok

13:47:29.0437 3980 PDRELI - ok

13:47:29.0468 3980 PDRFRAME - ok

13:47:29.0515 3980 perc2 - ok

13:47:29.0562 3980 perc2hib - ok

13:47:29.0671 3980 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

13:47:29.0718 3980 PlugPlay - ok

13:47:29.0812 3980 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:47:30.0031 3980 PolicyAgent - ok

13:47:30.0140 3980 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

13:47:30.0375 3980 PptpMiniport - ok

13:47:30.0468 3980 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:47:30.0703 3980 ProtectedStorage - ok

13:47:30.0828 3980 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

13:47:31.0062 3980 PSched - ok

13:47:31.0171 3980 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

13:47:31.0421 3980 Ptilink - ok

13:47:31.0500 3980 ql1080 - ok

13:47:31.0562 3980 Ql10wnt - ok

13:47:31.0640 3980 ql12160 - ok

13:47:31.0687 3980 ql1240 - ok

13:47:31.0765 3980 ql1280 - ok

13:47:31.0843 3980 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

13:47:32.0109 3980 RasAcd - ok

13:47:32.0218 3980 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

13:47:32.0453 3980 RasAuto - ok

13:47:32.0562 3980 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

13:47:32.0781 3980 Rasl2tp - ok

13:47:32.0890 3980 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

13:47:33.0109 3980 RasMan - ok

13:47:33.0203 3980 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

13:47:33.0437 3980 RasPppoe - ok

13:47:33.0562 3980 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

13:47:33.0828 3980 Raspti - ok

13:47:33.0937 3980 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

13:47:34.0171 3980 Rdbss - ok

13:47:34.0281 3980 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

13:47:34.0546 3980 RDPCDD - ok

13:47:34.0703 3980 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

13:47:34.0750 3980 RDPWD - ok

13:47:34.0859 3980 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

13:47:35.0078 3980 RDSessMgr - ok

13:47:35.0187 3980 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

13:47:35.0421 3980 redbook - ok

13:47:35.0515 3980 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

13:47:35.0765 3980 RemoteAccess - ok

13:47:35.0859 3980 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

13:47:36.0093 3980 RpcLocator - ok

13:47:36.0203 3980 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

13:47:36.0281 3980 RpcSs - ok

13:47:36.0390 3980 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

13:47:36.0656 3980 RSVP - ok

13:47:36.0765 3980 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

13:47:36.0984 3980 SamSs - ok

13:47:37.0093 3980 SavRoam (50525931b5d5c417226c73f494e781ce) C:\Program Files\Symantec AntiVirus\SavRoam.exe

13:47:37.0109 3980 SavRoam - ok

13:47:37.0156 3980 SAVRT (2861c841b03def48402e63277d9cac22) C:\Program Files\Symantec AntiVirus\savrt.sys

13:47:37.0187 3980 SAVRT - ok

13:47:37.0250 3980 SAVRTPEL (54484c13e4d9b268c66d59e9ccb570e6) C:\Program Files\Symantec AntiVirus\Savrtpel.sys

13:47:37.0281 3980 SAVRTPEL - ok

13:47:37.0390 3980 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

13:47:37.0625 3980 SCardSvr - ok

13:47:37.0718 3980 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

13:47:37.0953 3980 Schedule - ok

13:47:38.0062 3980 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

13:47:38.0296 3980 Secdrv - ok

13:47:38.0406 3980 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

13:47:38.0625 3980 seclogon - ok

13:47:38.0718 3980 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

13:47:38.0937 3980 SENS - ok

13:47:39.0031 3980 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

13:47:39.0265 3980 serenum - ok

13:47:39.0359 3980 Serial (3bc690163eff0a93c438f9a44472f0d8) C:\WINDOWS\system32\DRIVERS\serial.sys

13:47:39.0390 3980 Serial ( UnsignedFile.Multi.Generic ) - warning

13:47:39.0390 3980 Serial - detected UnsignedFile.Multi.Generic (1)

13:47:39.0500 3980 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

13:47:39.0734 3980 Sfloppy - ok

13:47:39.0843 3980 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

13:47:40.0078 3980 SharedAccess - ok

13:47:40.0187 3980 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

13:47:40.0250 3980 ShellHWDetection - ok

13:47:40.0328 3980 Simbad - ok

13:47:40.0421 3980 smwdm (70b8dd8707dbf6142530c106365df67d) C:\WINDOWS\system32\drivers\smwdm.sys

13:47:40.0484 3980 smwdm - ok

13:47:40.0562 3980 SNDSrvc (6540bf1c33ac8cbc598247e841ffb740) C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

13:47:40.0593 3980 SNDSrvc - ok

13:47:40.0687 3980 Sparrow - ok

13:47:40.0796 3980 SPBBCDrv (60053e9c1fc4f6887c296c19cb825244) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys

13:47:40.0828 3980 SPBBCDrv - ok

13:47:40.0906 3980 SPBBCSvc (8a09ab7a1fd856acc469bd0cd4e98351) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

13:47:41.0000 3980 SPBBCSvc - ok

13:47:41.0093 3980 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

13:47:41.0328 3980 splitter - ok

13:47:41.0421 3980 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

13:47:41.0453 3980 Spooler - ok

13:47:41.0562 3980 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

13:47:41.0828 3980 sr - ok

13:47:41.0937 3980 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

13:47:42.0156 3980 srservice - ok

13:47:42.0296 3980 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

13:47:42.0359 3980 Srv - ok

13:47:42.0468 3980 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

13:47:42.0718 3980 SSDPSRV - ok

13:47:42.0843 3980 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

13:47:43.0093 3980 stisvc - ok

13:47:43.0187 3980 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

13:47:43.0421 3980 swenum - ok

13:47:43.0531 3980 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

13:47:43.0750 3980 swmidi - ok

13:47:43.0828 3980 SwPrv - ok

13:47:43.0968 3980 Symantec AntiVirus (856e5a3fc889a4e9b07af4509269370e) C:\Program Files\Symantec AntiVirus\Rtvscan.exe

13:47:44.0093 3980 Symantec AntiVirus - ok

13:47:44.0156 3980 symc810 - ok

13:47:44.0203 3980 symc8xx - ok

13:47:44.0281 3980 SymEvent (c5eafb6a8c73fb26b73ee613c1a5aef6) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

13:47:44.0312 3980 SymEvent - ok

13:47:44.0437 3980 SYMREDRV (5f9055055dc4900f74fb690b61448be4) C:\WINDOWS\System32\Drivers\SYMREDRV.SYS

13:47:44.0453 3980 SYMREDRV - ok

13:47:44.0546 3980 SYMTDI (5561a9d2d1b6529a95cbbffaed7791c1) C:\WINDOWS\System32\Drivers\SYMTDI.SYS

13:47:44.0562 3980 SYMTDI - ok

13:47:44.0640 3980 sym_hi - ok

13:47:44.0687 3980 sym_u3 - ok

13:47:44.0750 3980 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

13:47:44.0968 3980 sysaudio - ok

13:47:45.0078 3980 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

13:47:45.0312 3980 SysmonLog - ok

13:47:45.0421 3980 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

13:47:45.0640 3980 TapiSrv - ok

13:47:45.0750 3980 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

13:47:45.0859 3980 Tcpip - ok

13:47:45.0953 3980 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

13:47:46.0187 3980 TDPIPE - ok

13:47:46.0281 3980 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

13:47:46.0515 3980 TDTCP - ok

13:47:46.0609 3980 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

13:47:46.0859 3980 TermDD - ok

13:47:46.0953 3980 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

13:47:47.0187 3980 TermService - ok

13:47:47.0296 3980 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

13:47:47.0328 3980 Themes - ok

13:47:47.0421 3980 TosIde - ok

13:47:47.0500 3980 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

13:47:47.0703 3980 TrkWks - ok

13:47:47.0796 3980 tsdhd - ok

13:47:47.0890 3980 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

13:47:48.0109 3980 Udfs - ok

13:47:48.0171 3980 ultra - ok

13:47:48.0265 3980 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

13:47:48.0531 3980 Update - ok

13:47:48.0640 3980 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

13:47:48.0859 3980 upnphost - ok

13:47:48.0968 3980 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

13:47:49.0203 3980 UPS - ok

13:47:49.0296 3980 USB11LDR - ok

13:47:49.0359 3980 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

13:47:49.0593 3980 usbccgp - ok

13:47:49.0687 3980 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

13:47:49.0921 3980 usbehci - ok

13:47:50.0015 3980 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

13:47:50.0234 3980 usbhub - ok

13:47:50.0343 3980 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

13:47:50.0593 3980 usbprint - ok

13:47:50.0703 3980 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

13:47:50.0937 3980 USBSTOR - ok

13:47:51.0031 3980 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

13:47:51.0250 3980 usbuhci - ok

13:47:51.0343 3980 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

13:47:51.0578 3980 VgaSave - ok

13:47:51.0640 3980 ViaIde - ok

13:47:51.0718 3980 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

13:47:51.0953 3980 VolSnap - ok

13:47:52.0046 3980 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

13:47:52.0265 3980 VSS - ok

13:47:52.0375 3980 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

13:47:52.0625 3980 W32Time - ok

13:47:52.0734 3980 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

13:47:52.0968 3980 Wanarp - ok

13:47:53.0046 3980 WDICA - ok

13:47:53.0125 3980 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

13:47:53.0343 3980 wdmaud - ok

13:47:53.0453 3980 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

13:47:53.0687 3980 WebClient - ok

13:47:53.0828 3980 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

13:47:54.0031 3980 winmgmt - ok

13:47:54.0171 3980 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll

13:47:54.0390 3980 WmdmPmSN - ok

13:47:54.0515 3980 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

13:47:54.0734 3980 WmiApSrv - ok

13:47:54.0859 3980 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

13:47:55.0093 3980 wuauserv - ok

13:47:55.0218 3980 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

13:47:55.0484 3980 WZCSVC - ok

13:47:55.0593 3980 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

13:47:55.0843 3980 xmlprov - ok

13:47:55.0890 3980 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

13:47:56.0078 3980 \Device\Harddisk0\DR0 - ok

13:47:56.0109 3980 Boot (0x1200) (648f1ba08b483dd9232d36c94c43a67a) \Device\Harddisk0\DR0\Partition0

13:47:56.0109 3980 \Device\Harddisk0\DR0\Partition0 - ok

13:47:56.0156 3980 Boot (0x1200) (5aca8852e1709ee1271c8b2116dbef10) \Device\Harddisk0\DR0\Partition1

13:47:56.0156 3980 \Device\Harddisk0\DR0\Partition1 - ok

13:47:56.0171 3980 ============================================================

13:47:56.0171 3980 Scan finished

13:47:56.0171 3980 ============================================================

13:47:56.0203 2912 Detected object count: 3

13:47:56.0203 2912 Actual detected object count: 3

13:49:06.0781 2912 cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user

13:49:06.0781 2912 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:49:06.0781 2912 MDM ( UnsignedFile.Multi.Generic ) - skipped by user

13:49:06.0781 2912 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:49:06.0781 2912 Serial ( UnsignedFile.Multi.Generic ) - skipped by user

13:49:06.0781 2912 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:51:13.0484 1292 Deinitialize success

shaneh1699 · April 14, 2012

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Carmen at 12:15:11 on 2012-04-14

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.48 [GMT -4:00]

.

AV: Symantec AntiVirus Corporate Edition *Enabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\WINDOWS\BCMSMMSG.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Symantec AntiVirus\DefWatch.exe

C:\PROGRA~1\SYMANT~1\VPTray.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Internet Explorer\iexplore.exe

.

============== Pseudo HJT Report ===============

.

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

uURLSearchHooks: fullscreensavers Toolbar: {fae389d5-e97e-4abd-8242-d9080c709167} - c:\program files\fullscreensavers\prxtbfull.dll

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: fullscreensavers Toolbar: {fae389d5-e97e-4abd-8242-d9080c709167} - c:\program files\fullscreensavers\prxtbfull.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll

TB: fullscreensavers Toolbar: {fae389d5-e97e-4abd-8242-d9080c709167} - c:\program files\fullscreensavers\prxtbfull.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10l_ActiveX.exe -update activex

mRun: [bCMSMMSG] BCMSMMSG.exe

mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"

mRun: [vptray] c:\progra~1\symant~1\VPTray.exe

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

LSP: mswsock.dll

DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{3B29AC52-F263-4D6E-AE7F-035E5EC7890F} : DhcpNameServer = 192.168.2.1

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL

Notify: NavLogon - c:\windows\system32\NavLogon.dll

.

============= SERVICES / DRIVERS ===============

.

R1 SAVRT;SAVRT;c:\program files\symantec antivirus\savrt.sys [2008-5-28 337280]

R1 SAVRTPEL;SAVRTPEL;c:\program files\symantec antivirus\Savrtpel.sys [2008-5-28 54656]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-4-9 106104]

R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2012-4-14 32072]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-4-8 22344]

R3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20120409.001\naveng.sys [2012-4-9 86136]

R3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20120409.001\navex15.sys [2012-4-9 1576312]

S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [2010-4-7 20160]

.

=============== Created Last 30 ================

.

2012-04-14 08:09:12 32072 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2012-04-14 04:49:10 0 --sha-w- c:\windows\system32\dds_trash_log.cmd

2012-04-13 19:52:08 -------- d-----w- c:\program files\iPod

2012-04-13 19:51:53 -------- d-----w- c:\program files\iTunes

2012-04-13 19:45:58 -------- d-----w- c:\program files\Bonjour

2012-04-13 19:39:42 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll

2012-04-13 19:39:42 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll

2012-04-13 19:39:42 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll

2012-04-13 19:39:42 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll

2012-04-13 19:39:42 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll

2012-04-13 19:39:42 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll

2012-04-13 19:39:42 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll

2012-03-26 15:41:34 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

.

==================== Find3M ====================

.

2012-04-04 19:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-01 11:01:32 916992 ----a-w- c:\windows\system32\wininet.dll

2012-03-01 11:01:32 43520 ------w- c:\windows\system32\licmgr10.dll

2012-03-01 11:01:32 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 12:17:40 385024 ------w- c:\windows\system32\html.iec

2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys

.

============= FINISH: 12:16:49.89 ===============

shaneh1699 · April 14, 2012

2012/04/14 00:48:35 -0400 HELSIN-PC Carmen IP-BLOCK 178.32.190.142 (Type: outgoing)

2012/04/14 00:48:37 -0400 HELSIN-PC Carmen IP-BLOCK 178.32.190.142 (Type: outgoing)

2012/04/14 00:48:38 -0400 HELSIN-PC Carmen IP-BLOCK 178.32.190.142 (Type: outgoing)

2012/04/14 00:48:40 -0400 HELSIN-PC Carmen IP-BLOCK 178.32.190.142 (Type: outgoing)

2012/04/14 00:48:41 -0400 HELSIN-PC Carmen IP-BLOCK 178.32.190.142 (Type: outgoing)

2012/04/14 00:48:42 -0400 HELSIN-PC Carmen IP-BLOCK 178.32.190.142 (Type: outgoing)

2012/04/14 00:48:43 -0400 HELSIN-PC Carmen IP-BLOCK 178.32.190.142 (Type: outgoing)

2012/04/14 00:48:57 -0400 HELSIN-PC Carmen MESSAGE Executing scheduled update: Hourly | Silent

2012/04/14 00:49:11 -0400 HELSIN-PC Carmen MESSAGE Database already up-to-date

2012/04/14 00:52:14 -0400 HELSIN-PC Carmen IP-BLOCK 188.95.52.162 (Type: outgoing)

2012/04/14 00:52:17 -0400 HELSIN-PC Carmen IP-BLOCK 188.95.52.162 (Type: outgoing)

2012/04/14 00:52:23 -0400 HELSIN-PC Carmen IP-BLOCK 188.95.52.162 (Type: outgoing)

2012/04/14 00:59:34 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 00:59:40 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:00:22 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:00:25 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:00:31 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:01:14 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:01:17 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:01:23 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:04:50 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 01:04:52 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 01:04:53 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:04:53 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 01:04:55 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 01:04:58 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 01:04:59 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:04:59 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 01:05:01 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 01:05:41 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:05:44 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:05:50 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:06:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:06:36 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:06:42 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:09:19 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:09:22 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:09:28 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:10:03 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:10:06 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:10:10 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:10:12 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:10:13 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:10:19 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:10:54 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:10:57 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:11:02 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:11:03 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:11:05 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:11:11 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:11:46 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:11:49 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:11:55 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:15:15 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:15:18 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:15:24 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:19:17 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:19:20 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:19:26 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:20:09 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:20:12 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:20:18 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:22:55 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:22:58 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:23:04 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:23:46 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:23:49 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:23:55 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:24:38 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:24:41 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:24:47 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:25:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:25:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:25:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:26:21 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:26:25 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:26:31 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:29:51 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:29:54 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:30:00 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:30:07 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:30:10 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:30:16 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:30:43 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:30:44 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:30:46 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:30:47 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:30:52 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:30:53 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:31:35 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:31:38 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:31:44 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:35:05 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:35:08 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:35:14 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:35:50 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:35:52 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:35:58 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:36:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:36:36 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:36:42 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:37:13 -0400 HELSIN-PC Carmen IP-BLOCK 77.78.216.78 (Type: outgoing)

2012/04/14 01:37:17 -0400 HELSIN-PC Carmen IP-BLOCK 77.78.216.78 (Type: outgoing)

2012/04/14 01:37:23 -0400 HELSIN-PC Carmen IP-BLOCK 77.78.216.78 (Type: outgoing)

2012/04/14 01:37:26 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:37:29 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:37:35 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:38:32 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:38:35 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:38:41 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:44:12 -0400 HELSIN-PC Carmen MESSAGE Executing scheduled update: Hourly | Silent

2012/04/14 01:44:15 -0400 HELSIN-PC Carmen MESSAGE Database already up-to-date

2012/04/14 01:45:45 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:45:47 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:45:53 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:48:44 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:48:46 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:48:52 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:49:20 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:49:22 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:49:28 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:50:11 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:50:14 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:50:20 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:51:03 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:51:06 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:51:12 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:58:13 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:58:16 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:58:22 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:59:05 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:59:08 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:59:14 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:59:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:59:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 01:59:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:00:01 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:00:04 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:00:10 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:00:22 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:00:25 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:00:31 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:00:59 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:01:02 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:01:08 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:01:10 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:01:13 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:01:19 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:02:40 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:02:43 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:02:49 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:04:29 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:04:32 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:04:38 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:05:20 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:05:24 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:05:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:06:12 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:06:15 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:06:21 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:09:43 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:09:46 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:09:48 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:09:51 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:09:52 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:09:57 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:10:35 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:10:38 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:10:44 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:12:32 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:12:35 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:12:41 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:13:23 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:13:26 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:13:32 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:19:37 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 02:19:40 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 02:19:40 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.196 (Type: outgoing)

2012/04/14 02:19:45 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:19:46 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 02:19:46 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.196 (Type: outgoing)

2012/04/14 02:19:48 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:19:54 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:23:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:23:35 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:23:41 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:24:25 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:24:27 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:24:28 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:24:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:24:34 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:24:36 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:25:18 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:25:21 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:25:27 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:32:58 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:33:05 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:33:48 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:33:51 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:33:57 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 02:48:01 -0400 HELSIN-PC Carmen MESSAGE Executing scheduled update: Hourly | Silent

2012/04/14 02:48:10 -0400 HELSIN-PC Carmen MESSAGE Database already up-to-date

2012/04/14 03:18:58 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 03:19:01 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 03:19:07 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 03:18:50 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 03:18:53 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 03:18:59 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 03:19:04 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 03:19:07 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 03:19:13 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 03:24:02 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 03:24:03 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 03:24:05 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 03:24:06 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 03:24:11 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 03:24:12 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 03:27:52 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.64.80 (Type: outgoing)

2012/04/14 03:27:55 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.64.80 (Type: outgoing)

2012/04/14 03:28:01 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.64.80 (Type: outgoing)

2012/04/14 03:38:43 -0400 HELSIN-PC Carmen MESSAGE Executing scheduled update: Hourly | Silent

2012/04/14 03:38:46 -0400 HELSIN-PC Carmen MESSAGE Database already up-to-date

2012/04/14 03:57:42 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 03:57:45 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 03:57:51 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 03:59:50 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.3.73 (Type: outgoing)

2012/04/14 03:59:53 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.3.73 (Type: outgoing)

2012/04/14 03:59:59 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.3.73 (Type: outgoing)

2012/04/14 04:04:29 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 04:27:21 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 04:27:22 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 04:27:25 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 04:27:31 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 04:28:31 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 04:28:34 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 04:28:40 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 04:29:09 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 04:29:12 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 04:29:18 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 04:39:22 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 04:39:25 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 04:39:31 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 04:41:10 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 04:41:12 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 04:41:19 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 04:47:57 -0400 HELSIN-PC Carmen IP-BLOCK 77.78.216.78 (Type: outgoing)

2012/04/14 04:48:00 -0400 HELSIN-PC Carmen IP-BLOCK 77.78.216.78 (Type: outgoing)

2012/04/14 04:48:02 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.100.80 (Type: outgoing)

2012/04/14 04:48:05 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.100.80 (Type: outgoing)

2012/04/14 04:48:06 -0400 HELSIN-PC Carmen IP-BLOCK 77.78.216.78 (Type: outgoing)

2012/04/14 04:48:11 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.100.80 (Type: outgoing)

2012/04/14 04:55:08 -0400 HELSIN-PC Carmen MESSAGE Executing scheduled update: Hourly | Silent

2012/04/14 04:55:12 -0400 HELSIN-PC Carmen MESSAGE Database already up-to-date

2012/04/14 05:01:18 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 05:01:55 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 05:01:58 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 05:02:04 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 05:04:19 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.83.42 (Type: outgoing)

2012/04/14 05:04:22 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.83.42 (Type: outgoing)

2012/04/14 05:04:23 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 05:04:28 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.83.42 (Type: outgoing)

2012/04/14 05:04:55 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 05:07:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 05:07:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 05:07:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 05:10:27 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 05:11:20 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 05:11:23 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 05:11:29 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 05:11:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 05:11:31 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 05:11:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 05:11:34 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 05:11:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 05:11:40 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 05:12:07 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 05:12:10 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 05:12:16 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 05:36:04 -0400 HELSIN-PC Carmen MESSAGE Executing scheduled update: Hourly | Silent

2012/04/14 05:36:08 -0400 HELSIN-PC Carmen MESSAGE Database already up-to-date

2012/04/14 06:22:42 -0400 HELSIN-PC Carmen IP-BLOCK 83.128.41.13 (Type: outgoing)

2012/04/14 06:22:45 -0400 HELSIN-PC Carmen IP-BLOCK 83.128.41.13 (Type: outgoing)

2012/04/14 06:22:51 -0400 HELSIN-PC Carmen IP-BLOCK 83.128.41.13 (Type: outgoing)

2012/04/14 06:44:51 -0400 HELSIN-PC Carmen MESSAGE Executing scheduled update: Hourly | Silent

2012/04/14 06:44:53 -0400 HELSIN-PC Carmen MESSAGE Database already up-to-date

2012/04/14 06:54:43 -0400 HELSIN-PC Carmen IP-BLOCK 95.209.118.67 (Type: outgoing)

2012/04/14 06:54:46 -0400 HELSIN-PC Carmen IP-BLOCK 95.209.118.67 (Type: outgoing)

2012/04/14 06:54:52 -0400 HELSIN-PC Carmen IP-BLOCK 95.209.118.67 (Type: outgoing)

2012/04/14 07:10:46 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.78.78 (Type: outgoing)

2012/04/14 07:10:49 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.78.78 (Type: outgoing)

2012/04/14 07:10:55 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.78.78 (Type: outgoing)

2012/04/14 07:29:09 -0400 HELSIN-PC Carmen MESSAGE Executing scheduled update: Hourly | Silent

2012/04/14 07:29:23 -0400 HELSIN-PC Carmen MESSAGE Starting database refresh

2012/04/14 07:29:23 -0400 HELSIN-PC Carmen MESSAGE Scheduled update executed successfully: database updated from version v2012.04.14.02 to version v2012.04.14.03

2012/04/14 07:29:23 -0400 HELSIN-PC Carmen MESSAGE Stopping IP protection

2012/04/14 07:29:27 -0400 HELSIN-PC Carmen MESSAGE IP Protection stopped

2012/04/14 07:30:47 -0400 HELSIN-PC Carmen MESSAGE Database refreshed successfully

2012/04/14 07:30:47 -0400 HELSIN-PC Carmen MESSAGE Starting IP protection

2012/04/14 07:31:04 -0400 HELSIN-PC Carmen MESSAGE IP Protection started successfully

2012/04/14 07:36:59 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 07:37:02 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 07:37:08 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 07:37:20 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 07:37:23 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 07:37:29 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 07:37:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 07:37:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 07:37:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 07:37:51 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 07:37:54 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 07:38:00 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 08:45:47 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 08:45:49 -0400 HELSIN-PC Carmen MESSAGE Executing scheduled update: Hourly | Silent

2012/04/14 08:45:50 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 08:45:56 -0400 HELSIN-PC Carmen MESSAGE Database already up-to-date

2012/04/14 08:45:56 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 09:33:49 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 09:33:52 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 09:33:58 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 09:42:48 -0400 HELSIN-PC Carmen MESSAGE Executing scheduled update: Hourly | Silent

2012/04/14 09:43:02 -0400 HELSIN-PC Carmen MESSAGE Starting database refresh

2012/04/14 09:43:02 -0400 HELSIN-PC Carmen MESSAGE Scheduled update executed successfully: database updated from version v2012.04.14.03 to version v2012.04.14.04

2012/04/14 09:43:02 -0400 HELSIN-PC Carmen MESSAGE Stopping IP protection

2012/04/14 09:43:02 -0400 HELSIN-PC Carmen MESSAGE IP Protection stopped

2012/04/14 09:43:27 -0400 HELSIN-PC Carmen MESSAGE Database refreshed successfully

2012/04/14 09:43:27 -0400 HELSIN-PC Carmen MESSAGE Starting IP protection

2012/04/14 09:43:43 -0400 HELSIN-PC Carmen MESSAGE IP Protection started successfully

2012/04/14 10:22:00 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 10:22:03 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 10:22:09 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 10:47:44 -0400 HELSIN-PC Carmen MESSAGE Executing scheduled update: Hourly | Silent

2012/04/14 10:47:47 -0400 HELSIN-PC Carmen MESSAGE Database already up-to-date

2012/04/14 10:49:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 10:49:40 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 10:49:43 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 10:49:49 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 11:04:43 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:04:46 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:04:52 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:05:04 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:05:07 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:05:13 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:06:00 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:06:03 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:06:09 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:06:31 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:06:34 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:06:40 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:06:52 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:06:55 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:07:01 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:07:43 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:07:46 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:07:52 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:10:14 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 11:10:17 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 11:10:23 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 11:16:09 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:16:11 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:16:18 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:16:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:16:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:16:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:17:21 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:17:24 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:17:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:18:59 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:19:02 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:19:07 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:19:08 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:19:10 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:19:16 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:19:20 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:19:23 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:19:28 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:19:29 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:19:31 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:19:37 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:20:12 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:20:15 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:20:21 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:24:36 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 11:24:39 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 11:24:45 -0400 HELSIN-PC Carmen IP-BLOCK 89.28.105.113 (Type: outgoing)

2012/04/14 11:30:18 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:30:20 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:30:26 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:30:38 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:30:41 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:30:47 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:31:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:31:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:31:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:44:46 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:44:49 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:44:55 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:45:07 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:45:10 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:45:16 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:46:02 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:46:05 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:46:11 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:47:03 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:47:06 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:47:12 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:47:24 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:47:27 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:47:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:48:16 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:48:19 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:48:25 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:50:10 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:50:19 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:50:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:50:34 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:50:40 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:51:23 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:51:26 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:51:32 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:52:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:52:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:52:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:52:51 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:52:54 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:53:00 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:53:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:53:36 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:53:42 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:53:43 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:53:46 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:53:52 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:53:54 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:53:57 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:54:03 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:54:49 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:54:52 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:54:58 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:55:46 -0400 HELSIN-PC Carmen MESSAGE Executing scheduled update: Hourly | Silent

2012/04/14 11:55:53 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:55:56 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:56:02 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:56:04 -0400 HELSIN-PC Carmen MESSAGE Scheduled update executed successfully: database updated from version v2012.04.14.04 to version v2012.04.14.05

2012/04/14 11:56:04 -0400 HELSIN-PC Carmen MESSAGE Starting database refresh

2012/04/14 11:56:04 -0400 HELSIN-PC Carmen MESSAGE Stopping IP protection

2012/04/14 11:56:20 -0400 HELSIN-PC Carmen MESSAGE IP Protection stopped

2012/04/14 11:57:38 -0400 HELSIN-PC Carmen MESSAGE Database refreshed successfully

2012/04/14 11:57:38 -0400 HELSIN-PC Carmen MESSAGE Starting IP protection

2012/04/14 11:57:55 -0400 HELSIN-PC Carmen MESSAGE IP Protection started successfully

2012/04/14 11:58:21 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: incoming)

2012/04/14 11:58:24 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: incoming)

2012/04/14 11:58:25 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:58:28 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:58:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: incoming)

2012/04/14 11:58:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:58:34 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:58:42 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: incoming)

2012/04/14 11:58:43 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:59:04 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:59:05 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:59:06 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: incoming)

2012/04/14 11:59:08 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:59:14 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:59:16 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:59:19 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:59:25 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:59:46 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 11:59:55 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: incoming)

2012/04/14 12:00:03 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:00:06 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:00:12 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:00:35 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:00:37 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:00:43 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:01:27 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:01:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:01:36 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:04:26 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: incoming)

2012/04/14 12:04:29 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 12:04:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 12:04:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 12:04:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 12:05:59 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 12:06:02 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 12:06:08 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 12:06:20 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 12:06:23 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 12:06:29 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 12:06:46 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 12:06:49 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 12:06:55 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 12:07:44 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 12:07:47 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 12:07:53 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 12:08:35 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.186 (Type: outgoing)

2012/04/14 12:08:38 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.186 (Type: outgoing)

2012/04/14 12:08:44 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.186 (Type: outgoing)

2012/04/14 12:09:16 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 12:09:19 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 12:09:25 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 12:11:57 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:12:00 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:12:06 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:12:18 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:12:21 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:12:28 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:13:27 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:13:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:13:36 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:13:48 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:13:51 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:13:57 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:16:54 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:16:57 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:17:03 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:17:15 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:17:18 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:17:24 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:28:52 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:28:55 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:29:01 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:29:13 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:29:16 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:29:22 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:30:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 12:37:57 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:38:00 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:38:06 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:38:18 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:38:21 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:38:27 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:44:10 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:44:13 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:44:17 -0400 HELSIN-PC Carmen MESSAGE Executing scheduled update: Hourly | Silent

2012/04/14 12:44:19 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:44:22 -0400 HELSIN-PC Carmen MESSAGE Database already up-to-date

2012/04/14 12:44:31 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:44:34 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:44:40 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:58:06 -0400 HELSIN-PC Carmen IP-BLOCK 188.95.52.162 (Type: outgoing)

2012/04/14 12:58:14 -0400 HELSIN-PC Carmen IP-BLOCK 188.95.52.162 (Type: outgoing)

2012/04/14 12:59:55 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 12:59:58 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:00:04 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:00:16 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:00:19 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:00:25 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:01:55 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 13:01:59 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.196 (Type: outgoing)

2012/04/14 13:02:05 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.196 (Type: outgoing)

2012/04/14 13:04:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:04:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:04:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:04:51 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:04:55 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:05:00 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:07:09 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:07:12 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:07:18 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:07:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:07:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:07:37 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 13:07:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:07:40 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 13:07:46 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 13:07:56 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 13:07:59 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 13:08:05 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 13:14:14 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:14:17 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:14:23 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:14:35 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:14:38 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:14:44 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:19:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:19:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:19:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:19:51 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:19:54 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:20:00 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:23:24 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:23:27 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:23:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:23:45 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:23:48 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:23:54 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:24:21 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:24:24 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:24:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:24:42 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:24:45 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:24:51 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:25:32 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:25:35 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:25:41 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:25:53 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:25:56 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:26:02 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:28:17 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:28:20 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:28:26 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:28:38 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:28:41 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:28:47 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:29:13 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:29:15 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:29:21 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:29:34 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:29:36 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:29:43 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:33:11 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:33:14 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:33:20 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:33:32 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:33:35 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:33:41 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:34:56 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 13:34:59 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 13:35:05 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.155 (Type: outgoing)

2012/04/14 13:38:02 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:38:05 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:38:11 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:38:19 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:38:22 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:38:23 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:38:26 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:38:28 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:38:32 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:38:40 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:38:43 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:38:49 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:40:29 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 13:40:35 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 13:40:38 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 13:40:44 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.119.154 (Type: outgoing)

2012/04/14 13:41:30 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 13:41:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 13:41:38 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:41:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.120.187 (Type: outgoing)

2012/04/14 13:41:41 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:41:47 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:41:59 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:42:02 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:42:08 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:42:09 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 13:42:12 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 13:42:18 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.245 (Type: outgoing)

2012/04/14 13:42:55 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:42:58 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:43:04 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:43:16 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:43:19 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:43:25 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:50:30 -0400 HELSIN-PC Carmen MESSAGE Executing scheduled update: Hourly | Silent

2012/04/14 13:50:47 -0400 HELSIN-PC Carmen MESSAGE Scheduled update executed successfully: database updated from version v2012.04.14.05 to version v2012.04.14.06

2012/04/14 13:50:47 -0400 HELSIN-PC Carmen MESSAGE Starting database refresh

2012/04/14 13:50:47 -0400 HELSIN-PC Carmen MESSAGE Stopping IP protection

2012/04/14 13:50:58 -0400 HELSIN-PC Carmen MESSAGE IP Protection stopped

2012/04/14 13:52:51 -0400 HELSIN-PC Carmen MESSAGE Database refreshed successfully

2012/04/14 13:52:51 -0400 HELSIN-PC Carmen MESSAGE Starting IP protection

2012/04/14 13:53:11 -0400 HELSIN-PC Carmen MESSAGE IP Protection started successfully

2012/04/14 13:54:41 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:54:44 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:54:50 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:55:02 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:55:05 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:55:11 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:59:39 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:59:41 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:59:47 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 13:59:59 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:00:02 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:00:08 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:09:10 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:09:13 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:09:19 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:09:31 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:09:34 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:09:40 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:14:03 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:14:06 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:14:12 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:14:24 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:14:27 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:14:33 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:14:51 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:14:53 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:15:00 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:15:12 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:15:14 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

2012/04/14 14:15:20 -0400 HELSIN-PC Carmen IP-BLOCK 83.133.124.191 (Type: outgoing)

Maniac · April 14, 2012

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

shaneh1699 · April 14, 2012

I have just finished running combofix. The first time I ran it I experienced some difficulties due to the fact that I was unable to turn off my anti-virus software. Upon the second try, I was able to shut off my antivirus software and the process more smoothly. Here is the text that you requested. Thank you once again for your time and patience.

ComboFix 12-04-14.03 - Carmen 04/14/2012 18:06:08.2.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.171 [GMT -4:00]

Running from: c:\documents and settings\Carmen\Desktop\ComboFix.exe

AV: Symantec AntiVirus Corporate Edition *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\windows\system32\dllcache\dlimport.exe

.

((((((((((((((((((((((((( Files Created from 2012-03-14 to 2012-04-14 )))))))))))))))))))))))))))))))

.

2012-04-14 21:13 . 2008-04-13 19:15 64512 -c--a-w- c:\windows\system32\dllcache\serial.sys

2012-04-14 21:13 . 2008-04-13 19:15 64512 ----a-w- c:\windows\system32\drivers\serial.sys

2012-04-14 08:09 . 2012-04-14 08:09 32072 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2012-04-13 19:52 . 2012-04-13 19:52 -------- d-----w- c:\program files\iPod

2012-04-13 19:51 . 2012-04-13 19:53 -------- d-----w- c:\program files\iTunes

2012-04-13 19:46 . 2012-04-13 19:46 -------- d-----w- c:\documents and settings\LocalService\Application Data\Apple Computer

2012-04-13 19:45 . 2012-04-13 19:45 -------- d-----w- c:\program files\Bonjour

2012-04-13 19:39 . 2012-04-13 19:39 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll

2012-04-13 19:39 . 2012-04-13 19:39 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll

2012-04-13 19:39 . 2012-04-13 19:39 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll

2012-04-13 19:39 . 2012-04-13 19:39 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll

2012-04-13 19:39 . 2012-04-13 19:39 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll

2012-04-13 19:39 . 2012-04-13 19:39 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll

2012-04-13 19:39 . 2012-04-13 19:39 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll

2012-04-13 19:39 . 2012-04-13 19:39 -------- d-----w- c:\program files\QuickTime

2012-04-13 19:30 . 2012-04-13 19:30 -------- d-----w- c:\program files\Apple Software Update

2012-03-26 15:41 . 2012-03-26 15:41 103864 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-04 19:56 . 2010-04-08 14:24 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-01 11:01 . 2006-03-04 03:33 916992 ----a-w- c:\windows\system32\wininet.dll

2012-03-01 11:01 . 2004-08-04 10:00 43520 ------w- c:\windows\system32\licmgr10.dll

2012-03-01 11:01 . 2004-08-04 10:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-02-29 14:10 . 2004-08-04 10:00 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 14:10 . 2004-08-04 10:00 148480 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 12:17 . 2004-08-04 10:00 385024 ------w- c:\windows\system32\html.iec

2012-02-03 09:22 . 2004-08-04 10:00 1860096 ----a-w- c:\windows\system32\win32k.sys

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-04-08 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BCMSMMSG"="BCMSMMSG.exe" [2003-08-29 122880]

"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-06-24 53096]

"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2008-09-30 125368]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

.

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/8/2010 10:25 AM 654408]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [4/9/2012 6:20 PM 106104]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/8/2010 10:24 AM 22344]

S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/9/2010 7:12 PM 135664]

S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [4/7/2010 4:06 PM 20160]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/9/2010 7:12 PM 135664]

S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [4/14/2012 4:09 AM 32072]

S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [9/30/2008 5:41 PM 116664]

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ehstart

USB11LDR

tsdhd

nvrd64

.

Contents of the 'Scheduled Tasks' folder

.

2012-04-13 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 21:57]

.

2012-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-09 23:12]

.

2012-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-09 23:12]

.

2012-04-14 c:\windows\Tasks\User_Feed_Synchronization-{52741C13-79A4-4587-B2EC-3D02C09F3D16}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2060826

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.2.1

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-04-14 18:13

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

Completion time: 2012-04-14 18:15:57

ComboFix-quarantined-files.txt 2012-04-14 22:15

ComboFix2.txt 2012-04-14 21:58

.

Pre-Run: 69,521,866,752 bytes free

Post-Run: 69,510,266,880 bytes free

.

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

C:\ = "Unidentified operating system on drive D."

.

- - End Of File - - 126933157C5D6A208C0F582C183EA27F

Maniac · April 14, 2012

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

DDS::
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2060826

JavaClearCache::

Quit::

Save this as CFScript.txt, in the same location as ComboFix.exe

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

How is your system running now?

shaneh1699 · April 15, 2012

My system is running much better and I am no longer received constant messages regarding blocked ip addresses. Here is the log that you had requested

ComboFix 12-04-14.03 - Carmen 04/15/2012 3:57.3.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.197 [GMT -4:00]

Running from: c:\documents and settings\Carmen\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\Carmen\Desktop\CFScript.txt

AV: Symantec AntiVirus Corporate Edition *Disabled/Updated* {FB06448E-52B8-493A-90F3-E43226D3305C}

.

((((((((((((((((((((((((( Files Created from 2012-03-15 to 2012-04-15 )))))))))))))))))))))))))))))))