Jump to content

IP Blocks issue

Sancho

By Sancho
in Resolved Malware Removal Logs

 Share

Recommended Posts

Sancho

Sancho

Posted
Posted

I'm seeing the same IP's blocked on a fresh install after my computer crashed yesterday, presumably virus-related (wiped out MBAM exe, dropbox exe and some dlls).

Have also run scans, rootkit fixes, etc with no results.

2013/04/16 16:24:51 -0700 MAX Pablo MESSAGE Executing scheduled update: Daily

2013/04/16 16:24:52 -0700 MAX Pablo MESSAGE Database already up-to-date

2013/04/16 16:24:53 -0700 MAX Pablo MESSAGE Starting protection

2013/04/16 16:24:53 -0700 MAX Pablo MESSAGE Protection started successfully

2013/04/16 16:24:53 -0700 MAX Pablo MESSAGE Starting IP protection

2013/04/16 16:24:54 -0700 MAX Pablo MESSAGE IP Protection started successfully

2013/04/16 16:25:17 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 50743, Process: chrome.exe)

2013/04/16 16:25:25 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 50744, Process: chrome.exe)

2013/04/16 16:26:05 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52901, Process: chrome.exe)

2013/04/16 16:26:05 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52903, Process: chrome.exe)

2013/04/16 16:26:29 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 53162, Process: chrome.exe)

2013/04/16 16:26:29 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 53163, Process: chrome.exe)

2013/04/16 18:47:03 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 56816, Process: chrome.exe)

2013/04/16 18:47:19 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 57044, Process: chrome.exe)

2013/04/16 18:47:19 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 57180, Process: chrome.exe)

2013/04/16 18:47:27 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 57193, Process: chrome.exe)

2013/04/16 18:47:27 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 57194, Process: chrome.exe)

2013/04/16 18:47:27 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 57195, Process: chrome.exe)

2013/04/16 18:48:07 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 57244, Process: chrome.exe)

2013/04/16 18:48:07 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 57295, Process: chrome.exe)

2013/04/16 18:48:07 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 57323, Process: chrome.exe)

2013/04/16 18:48:07 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 57341, Process: chrome.exe)

2013/04/16 18:48:07 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 57342, Process: chrome.exe)

2013/04/16 18:49:01 -0700 MAX Pablo MESSAGE Starting database refresh

2013/04/16 18:49:01 -0700 MAX Pablo MESSAGE Stopping IP protection

2013/04/16 18:49:01 -0700 MAX Pablo MESSAGE IP Protection stopped successfully

2013/04/16 18:49:03 -0700 MAX Pablo MESSAGE Database refreshed successfully

2013/04/16 18:49:03 -0700 MAX Pablo MESSAGE Starting IP protection

2013/04/16 18:49:04 -0700 MAX Pablo MESSAGE IP Protection started successfully

2013/04/16 18:50:07 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 57577, Process: chrome.exe)

2013/04/16 18:50:07 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 57578, Process: chrome.exe)

2013/04/16 18:50:07 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 57579, Process: chrome.exe)

2013/04/16 18:50:07 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 57587, Process: chrome.exe)

2013/04/16 18:50:07 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 57588, Process: chrome.exe)

2013/04/16 18:50:07 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 57589, Process: chrome.exe)

2013/04/16 18:50:07 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 57606, Process: chrome.exe)

2013/04/16 18:50:39 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 57730, Process: chrome.exe)

2013/04/16 18:50:39 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 57731, Process: chrome.exe)

2013/04/16 18:50:39 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 57732, Process: chrome.exe)

2013/04/16 19:00:51 -0700 MAX Pablo MESSAGE Starting protection

2013/04/16 19:00:51 -0700 MAX Pablo MESSAGE Protection started successfully

2013/04/16 19:00:51 -0700 MAX Pablo MESSAGE Starting IP protection

2013/04/16 19:00:52 -0700 MAX Pablo MESSAGE IP Protection started successfully

2013/04/16 19:23:24 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 50072, Process: chrome.exe)

2013/04/16 19:32:04 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 50259, Process: chrome.exe)

2013/04/16 19:32:04 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 50260, Process: chrome.exe)

2013/04/16 19:32:04 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 50261, Process: chrome.exe)

2013/04/16 19:32:04 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 50269, Process: chrome.exe)

2013/04/16 19:32:04 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 50270, Process: chrome.exe)

2013/04/16 19:32:04 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 50310, Process: chrome.exe)

2013/04/16 19:38:04 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 50477, Process: chrome.exe)

2013/04/16 19:38:36 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 50522, Process: chrome.exe)

2013/04/16 19:38:52 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 50563, Process: chrome.exe)

2013/04/16 19:38:52 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 50579, Process: chrome.exe)

2013/04/16 19:39:00 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 50603, Process: chrome.exe)

2013/04/16 19:41:16 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 50781, Process: chrome.exe)

2013/04/16 19:41:16 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 50787, Process: chrome.exe)

2013/04/16 19:43:00 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 50931, Process: chrome.exe)

2013/04/16 19:44:12 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 50971, Process: chrome.exe)

2013/04/16 19:44:44 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 51084, Process: chrome.exe)

2013/04/16 19:44:44 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 51105, Process: chrome.exe)

2013/04/16 19:45:16 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 51138, Process: chrome.exe)

2013/04/16 19:45:16 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 51146, Process: chrome.exe)

2013/04/16 19:47:17 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 51202, Process: chrome.exe)

2013/04/16 19:47:33 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 51225, Process: chrome.exe)

2013/04/16 19:47:33 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 51226, Process: chrome.exe)

2013/04/16 19:47:33 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 51227, Process: chrome.exe)

2013/04/16 19:47:33 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 51246, Process: chrome.exe)

2013/04/16 19:48:05 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 51288, Process: chrome.exe)

2013/04/16 19:48:05 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 51302, Process: chrome.exe)

2013/04/16 19:48:05 -0700 MAX Pablo IP-BLOCK 50.97.218.220 (Type: outgoing, Port: 51323, Process: chrome.exe)

2013/04/16 19:59:00 -0700 MAX Pablo MESSAGE Executing scheduled update: Realtime

2013/04/16 19:59:00 -0700 MAX Pablo MESSAGE Database already up-to-date

2013/04/16 21:21:00 -0700 MAX Pablo MESSAGE Executing scheduled update: Realtime

2013/04/16 21:21:01 -0700 MAX Pablo MESSAGE Database already up-to-date

2013/04/16 21:27:06 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52296, Process: chrome.exe)

2013/04/16 21:27:54 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52335, Process: chrome.exe)

2013/04/16 21:32:58 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52480, Process: chrome.exe)

2013/04/16 21:33:06 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52556, Process: chrome.exe)

2013/04/16 21:33:14 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52609, Process: chrome.exe)

2013/04/16 21:33:14 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52611, Process: chrome.exe)

2013/04/16 21:33:14 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52618, Process: chrome.exe)

2013/04/16 21:33:14 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52621, Process: chrome.exe)

2013/04/16 21:33:14 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52622, Process: chrome.exe)

2013/04/16 21:33:14 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52623, Process: chrome.exe)

2013/04/16 21:33:14 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52653, Process: chrome.exe)

2013/04/16 21:33:14 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52654, Process: chrome.exe)

2013/04/16 21:33:30 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52705, Process: chrome.exe)

2013/04/16 21:33:30 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52719, Process: chrome.exe)

2013/04/16 21:33:30 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52720, Process: chrome.exe)

2013/04/16 21:33:38 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52742, Process: chrome.exe)

2013/04/16 21:33:46 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52822, Process: chrome.exe)

2013/04/16 21:34:02 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 52934, Process: chrome.exe)

2013/04/16 21:34:26 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 52969, Process: chrome.exe)

2013/04/16 21:36:02 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 53082, Process: chrome.exe)

2013/04/16 21:41:06 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 53205, Process: chrome.exe)

2013/04/16 21:41:06 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 53218, Process: chrome.exe)

2013/04/16 21:47:22 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 53425, Process: chrome.exe)

2013/04/16 21:47:22 -0700 MAX Pablo IP-BLOCK 50.23.124.152 (Type: outgoing, Port: 53449, Process: chrome.exe)

2013/04/16 22:06:51 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 53872, Process: chrome.exe)

2013/04/16 22:06:59 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 53937, Process: chrome.exe)

2013/04/16 22:07:15 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 53963, Process: chrome.exe)

2013/04/16 22:07:15 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 53964, Process: chrome.exe)

2013/04/16 22:07:15 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 53965, Process: chrome.exe)

2013/04/16 22:07:15 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 53969, Process: chrome.exe)

2013/04/16 22:07:15 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 53991, Process: chrome.exe)

2013/04/16 22:07:15 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 53992, Process: chrome.exe)

2013/04/16 22:07:15 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 53994, Process: chrome.exe)

2013/04/16 22:07:15 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 53998, Process: chrome.exe)

2013/04/16 22:07:15 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 53999, Process: chrome.exe)

2013/04/16 22:07:15 -0700 MAX Pablo IP-BLOCK 50.97.214.162 (Type: outgoing, Port: 54003, Process: chrome.exe)

2013/04/16 22:20:00 -0700 MAX Pablo MESSAGE Executing scheduled update: Realtime

2013/04/16 22:20:00 -0700 MAX Pablo MESSAGE Database already up-to-date

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.21.2

Run by Pablo at 22:16:12 on 2013-04-16

Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.8175.6665 [GMT -7:00]

.

AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\Sandboxie\SbieSvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\Windows\system32\dashost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\dwm.exe

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\taskhostex.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe

C:\Program Files\Sandboxie\SbieCtrl.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\WinStore\WSHost.exe

C:\Program Files\Sandboxie\SandboxieRpcSs.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\Sandboxie\SandboxieCrypto.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

uRun: [sandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

uPolicies-Explorer: NoDriveTypeAutoRun = dword:255

mPolicies-Explorer: NoDriveTypeAutoRun = dword:255

TCP: NameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{9F3CBBDE-13D2-4813-8609-D1229E9FDBE9} : DHCPNameServer = 75.75.75.75 75.75.76.76

TCP: Interfaces\{CFFF1EE8-3D9C-45C3-A231-BBE88BD18D61} : DHCPNameServer = 75.75.75.75 75.75.76.76

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:255

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]

R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-12-19 361984]

R2 AODDriver4.2;AODDriver4.2;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-4-9 57472]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-4-16 418376]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-4-16 701512]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-12-20 104184]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-4-16 25928]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\Drivers\netr28x.sys [2013-2-21 2477840]

R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632]

S3 amdkmafd;AMD Audio Bus Lower Filter;C:\Windows\System32\Drivers\amdkmafd.sys [2012-12-19 21752]

S3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-6-2 589824]

S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-25 117248]

.

=============== Created Last 30 ================

.

2013-04-17 03:01:21 -------- d-----w- C:\Users\Pablo\AppData\Roaming\.minecraft

2013-04-17 02:58:45 -------- d-----w- C:\Program Files (x86

2013-04-17 02:58:21 -------- d-----w- C:\Users\Pablo\AppData\Roaming\ftblauncher

2013-04-17 02:56:35 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-04-17 02:56:35 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-04-17 02:56:34 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-04-17 02:48:28 -------- d-----w- C:\Users\Pablo\AppData\Local\SWTOR

2013-04-17 02:04:59 -------- d-----w- C:\Users\Pablo\AppData\Roaming\Auslogics

2013-04-17 02:04:49 -------- d-----w- C:\Program Files (x86)\Auslogics

2013-04-17 02:01:01 -------- d-----w- C:\Users\Pablo\AppData\Local\AMD

2013-04-17 02:00:55 -------- d-----w- C:\Users\Pablo\AppData\Local\ATI

2013-04-17 02:00:10 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies

2013-04-17 02:00:10 -------- d-----w- C:\Program Files (x86)\AMD AVT

2013-04-17 02:00:08 -------- d-----w- C:\Program Files (x86)\AMD APP

2013-04-17 01:59:58 -------- d-----w- C:\ProgramData\AMD

2013-04-17 01:59:47 -------- d-----w- C:\Windows\LastGood.Tmp

2013-04-17 01:59:34 -------- d-----w- C:\Program Files (x86)\ATI Technologies

2013-04-17 01:59:33 -------- d-----w- C:\Program Files\ATI

2013-04-17 01:59:16 -------- d-----w- C:\Program Files\ATI Technologies

2013-04-17 01:58:44 -------- d-----w- C:\AMD

2013-04-16 23:38:55 -------- d-----w- C:\Users\Pablo\AppData\Local\SWTORPerf

2013-04-16 23:37:30 4991496 ----a-w- C:\Windows\System32\D3DX9_38.dll

2013-04-16 23:37:30 3850760 ----a-w- C:\Windows\SysWow64\D3DX9_38.dll

2013-04-16 23:37:17 -------- d-----w- C:\Program Files (x86)\Common Files\BioWare

2013-04-16 23:24:14 -------- d-----w- C:\Users\Pablo\AppData\Roaming\Malwarebytes

2013-04-16 23:24:04 -------- d-----w- C:\ProgramData\Malwarebytes

2013-04-16 23:24:03 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-04-16 23:24:03 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-04-16 23:23:52 -------- d-----w- C:\Users\Pablo\AppData\Local\Programs

2013-04-16 23:21:41 -------- d-----w- C:\Windows\Panther

2013-04-16 23:20:39 -------- d-----r- C:\Sandbox

2013-04-16 23:19:32 -------- d-----w- C:\Program Files\Sandboxie

2013-04-16 23:07:01 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{121DC2A7-37C0-47F3-86C7-67710D967714}\mpengine.dll

2013-04-16 23:05:32 9311288 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2013-04-16 23:05:15 282744 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-16 23:02:24 17888 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll

2013-04-16 23:02:23 17888 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll

2013-04-16 23:00:16 4041728 ----a-w- C:\Windows\System32\win32k.sys

2013-04-16 22:58:44 149264 ----a-w- C:\Program Files\Windows Defender\SymSrv.dll

2013-04-16 22:57:44 -------- d-----w- C:\Users\Pablo\AppData\Local\ElevatedDiagnostics

2013-04-16 22:57:27 -------- d-----w- C:\Users\Pablo\AppData\Local\Diagnostics

2013-04-16 22:52:24 -------- d-----w- C:\Windows\softwaredistribution.bak

2013-04-16 22:46:50 -------- d-----w- C:\Users\Pablo\AppData\Local\Google

2013-04-16 22:36:16 -------- d-----w- C:\Program Files\Common Files\ATI Technologies

2013-04-16 22:32:40 -------- d-----w- C:\Windows\SoftwareDistribution.old

2013-04-16 22:30:56 106496 ----a-w- C:\Windows\System32\SLCHook.dll

2013-04-16 22:29:07 -------- d-----r- C:\Users\Pablo\Searches

2013-04-16 22:29:07 -------- d-----r- C:\Users\Pablo\Contacts

2013-04-16 22:22:21 0 ----a-w- C:\Windows\ativpsrm.bin

.

==================== Find3M ====================

.

2013-04-02 22:08:01 78176 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-04-02 22:08:01 692576 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-03-07 06:50:56 6991592 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-02 10:57:48 337128 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS

2013-03-02 10:57:46 77544 ----a-w- C:\Windows\System32\drivers\storahci.sys

2013-03-02 10:57:46 332520 ----a-w- C:\Windows\System32\drivers\storport.sys

2013-03-02 10:57:46 283880 ----a-w- C:\Windows\System32\drivers\spaceport.sys

2013-03-02 10:45:20 148712 ----a-w- C:\Windows\System32\drivers\tpm.sys

2013-03-02 10:45:19 194792 ----a-w- C:\Windows\System32\drivers\sdbus.sys

2013-03-02 10:45:10 125160 ----a-w- C:\Windows\System32\drivers\dumpsd.sys

2013-03-02 10:39:39 495336 ----a-w- C:\Windows\System32\drivers\vhdmp.sys

2013-03-02 10:39:38 69864 ----a-w- C:\Windows\System32\drivers\pdc.sys

2013-03-02 10:39:32 327912 ----a-w- C:\Windows\System32\drivers\Classpnp.sys

2013-03-02 09:59:37 2231528 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-03-02 09:59:36 411880 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

2013-03-02 08:24:08 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe

2013-03-02 08:23:43 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll

2013-03-02 08:23:43 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll

2013-03-02 08:23:30 893952 ----a-w- C:\Windows\SysWow64\winmde.dll

2013-03-02 08:23:30 1338880 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll

2013-03-02 08:23:28 601088 ----a-w- C:\Windows\SysWow64\Windows.Globalization.dll

2013-03-02 08:23:28 504320 ----a-w- C:\Windows\SysWow64\Windows.Security.Authentication.OnlineId.dll

2013-03-02 08:23:19 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll

2013-03-02 08:23:19 246784 ----a-w- C:\Windows\SysWow64\ubpm.dll

2013-03-02 08:23:04 356352 ----a-w- C:\Windows\SysWow64\SettingSync.dll

2013-03-02 08:23:04 100864 ----a-w- C:\Windows\SysWow64\SettingSyncInfo.dll

2013-03-02 08:22:36 357888 ----a-w- C:\Windows\SysWow64\netcfgx.dll

2013-03-02 08:22:32 5091840 ----a-w- C:\Windows\SysWow64\mstscax.dll

2013-03-02 08:22:18 361984 ----a-w- C:\Windows\SysWow64\MFMediaEngine.dll

2013-03-02 08:22:17 850944 ----a-w- C:\Windows\SysWow64\mfasfsrcsnk.dll

2013-03-02 08:21:56 550912 ----a-w- C:\Windows\SysWow64\drvstore.dll

2013-03-02 08:21:52 36352 ----a-w- C:\Windows\SysWow64\DevDispItemProvider.dll

2013-03-02 08:21:40 309760 ----a-w- C:\Windows\SysWow64\BCP47Langs.dll

2013-03-02 08:21:39 2033664 ----a-w- C:\Windows\SysWow64\authui.dll

2013-03-02 08:21:32 145408 ----a-w- C:\Windows\SysWow64\powercfg.cpl

2013-03-02 02:44:59 448512 ----a-w- C:\Windows\System32\SettingSync.dll

2013-03-02 02:44:59 128512 ----a-w- C:\Windows\System32\SettingSyncInfo.dll

2013-03-02 02:44:41 455168 ----a-w- C:\Windows\System32\netcfgx.dll

2013-03-02 02:44:41 117248 ----a-w- C:\Windows\System32\NdisImPlatform.dll

2013-03-02 02:44:38 5978624 ----a-w- C:\Windows\System32\mstscax.dll

2013-03-02 02:44:30 468992 ----a-w- C:\Windows\System32\MFMediaEngine.dll

2013-03-02 02:44:29 1048576 ----a-w- C:\Windows\System32\mfasfsrcsnk.dll

2013-03-02 02:44:08 703488 ----a-w- C:\Windows\System32\drvstore.dll

2013-03-02 02:44:07 150016 ----a-w- C:\Windows\System32\discan.dll

2013-03-02 02:44:05 49152 ----a-w- C:\Windows\System32\DevDispItemProvider.dll

2013-03-02 02:43:59 1933312 ----a-w- C:\Windows\System32\wbem\cimwin32.dll

2013-03-02 02:43:56 389120 ----a-w- C:\Windows\System32\BCP47Langs.dll

2013-03-02 02:43:55 2302464 ----a-w- C:\Windows\System32\authui.dll

2013-03-02 02:43:51 2146304 ----a-w- C:\Windows\System32\actxprxy.dll

2013-03-02 02:43:50 156160 ----a-w- C:\Windows\System32\powercfg.cpl

2013-03-02 02:15:53 26112 ----a-w- C:\Windows\System32\drivers\mouhid.sys

2013-03-01 04:56:18 30720 ----a-w- C:\Windows\System32\drivers\monitor.sys

2013-02-21 15:32:54 334000 ----a-w- C:\Windows\System32\RaCoInstx.dll

2013-02-21 15:32:54 2477840 ----a-w- C:\Windows\System32\drivers\netr28x.sys

2013-02-21 10:30:16 1766912 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-02-21 10:29:39 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-02-21 10:29:37 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-02-21 10:29:37 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-02-21 10:15:07 2240512 ----a-w- C:\Windows\System32\wininet.dll

2013-02-21 10:15:00 915968 ----a-w- C:\Windows\System32\uxtheme.dll

2013-02-21 10:14:09 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-02-21 10:14:05 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-02-19 09:53:00 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll

2013-02-12 00:17:50 20992 ----a-w- C:\Windows\System32\drivers\usb8023.sys

2013-02-07 01:33:01 754176 ----a-w- C:\Windows\SysWow64\actxprxy.dll

2013-02-05 22:31:11 622080 ----a-w- C:\Windows\System32\drivers\srv2.sys

2013-02-05 22:29:09 370688 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2013-02-05 22:28:48 247808 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2013-02-05 22:28:36 215552 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2013-02-02 11:19:44 496872 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-02-02 11:19:44 446184 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS

2013-02-02 11:19:33 61672 ----a-w- C:\Windows\System32\drivers\crashdmp.sys

2013-02-02 10:54:54 1933544 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-02-02 10:28:54 993512 ----a-w- C:\Windows\System32\drivers\ndis.sys

2013-02-02 08:40:58 375808 ----a-w- C:\Windows\SysWow64\wbem\WmiPrvSE.exe

2013-02-02 08:40:55 80896 ----a-w- C:\Windows\SysWow64\tasklist.exe

2013-02-02 08:40:55 79360 ----a-w- C:\Windows\SysWow64\taskkill.exe

2013-02-02 08:40:36 155136 ----a-w- C:\Windows\SysWow64\XpsRasterService.dll

2013-02-02 08:40:35 370688 ----a-w- C:\Windows\SysWow64\WWanAPI.dll

2013-02-02 08:40:27 131072 ----a-w- C:\Windows\SysWow64\wbem\WmiDcPrv.dll

2013-02-02 08:40:26 410624 ----a-w- C:\Windows\SysWow64\wlroamextension.dll

2013-02-02 08:40:22 197632 ----a-w- C:\Windows\SysWow64\Windows.Networking.Connectivity.dll

2013-02-02 08:40:22 10792448 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll

2013-02-02 08:39:59 325632 ----a-w- C:\Windows\SysWow64\schannel.dll

2013-02-02 08:39:47 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll

2013-02-02 08:39:34 55296 ----a-w- C:\Windows\SysWow64\nlaapi.dll

2013-02-02 08:39:34 15872 ----a-w- C:\Windows\SysWow64\nlmproxy.dll

2013-02-02 08:39:34 12288 ----a-w- C:\Windows\SysWow64\nlmsprep.dll

2013-02-02 08:39:33 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll

2013-02-02 08:39:15 157696 ----a-w- C:\Windows\SysWow64\mbsmsapi.dll

2013-02-02 08:38:54 567808 ----a-w- C:\Windows\SysWow64\duser.dll

2013-02-02 08:24:19 107520 ----a-w- C:\Windows\System32\taskkill.exe

2013-02-02 08:24:19 102400 ----a-w- C:\Windows\System32\tasklist.exe

2013-02-02 08:23:44 228352 ----a-w- C:\Windows\System32\XpsRasterService.dll

2013-02-02 08:23:43 475136 ----a-w- C:\Windows\System32\WWanAPI.dll

2013-02-02 08:23:37 611840 ----a-w- C:\Windows\System32\wpd_ci.dll

2013-02-02 08:23:30 830464 ----a-w- C:\Windows\System32\wbem\WmiPrvSD.dll

2013-02-02 08:23:28 543232 ----a-w- C:\Windows\System32\wlroamextension.dll

2013-02-02 08:23:21 13643264 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll

2013-02-02 08:23:19 293376 ----a-w- C:\Windows\System32\Windows.Networking.Connectivity.dll

.

============= FINISH: 22:16:24.17 ===============

I promise I'm not thick, but I can't figure out for the life of me how to attach a file. Sorry, will provide attach.txt if needed.

I can see now what happened yesterday was possibly due to the bad definitions file. Probably not related to this..?

Link to post
Share on other sites
LDTate

LDTate

Posted
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.