Jump to content
alwaysthinking

"Successfully blocked access to a potentially malicious website"?

Recommended Posts

Does it matter that I'm on a public internet service? I live in an apartment and must use the building's service. Also, here is a log from about a week ago where I got a massive amount of outgoing blocks. I use adblock, and I don't remember going to any sketchy sites either.

 

2014/03/28 00:52:07 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 808, Process: svchost.exe)
2014/03/28 00:52:07 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 808, Process: svchost.exe)
2014/03/28 02:14:53 -0500 TIM-PC Timothy IP-BLOCK 37.221.163.153 (Type: incoming, Port: 53, Process: svchost.exe)
2014/03/28 02:14:53 -0500 TIM-PC Timothy IP-BLOCK 37.221.163.153 (Type: incoming, Port: 53, Process: svchost.exe)
2014/03/28 09:29:09 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 8825, Process: svchost.exe)
2014/03/28 09:29:09 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 8825, Process: svchost.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64085, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64086, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64087, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64088, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64089, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64090, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64091, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64092, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64093, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64094, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64095, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64096, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64097, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64098, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64099, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64100, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64101, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64102, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64103, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64104, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64105, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64106, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64107, Process: chrome.exe)
2014/03/28 13:13:25 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64108, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64120, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64121, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64122, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64123, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64125, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64128, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64129, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64130, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64131, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64132, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64133, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64134, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64135, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64136, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64137, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64138, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64139, Process: chrome.exe)
2014/03/28 13:13:33 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64142, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64144, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64145, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64146, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64147, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64148, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64149, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64150, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64151, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64152, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64153, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64154, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64155, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64156, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64157, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64158, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64159, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64173, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64174, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64175, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64176, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64177, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64178, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64179, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64180, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64181, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64182, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64183, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64184, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64185, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64186, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64187, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64188, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64189, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64190, Process: chrome.exe)
2014/03/28 13:13:50 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64191, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64192, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64193, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64194, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64195, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64196, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64197, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64198, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64199, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64200, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64201, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64202, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64203, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64204, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64205, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64206, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64213, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64214, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64215, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64216, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64217, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64218, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64219, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64220, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64221, Process: chrome.exe)
2014/03/28 13:13:58 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64222, Process: chrome.exe)
2014/03/28 13:14:14 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 64245, Process: chrome.exe)
2014/03/28 13:27:38 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 54007, Process: svchost.exe)
2014/03/28 15:57:48 -0500 TIM-PC Timothy IP-BLOCK 94.102.49.168 (Type: incoming, Port: 161, Process: svchost.exe)
2014/03/28 15:57:48 -0500 TIM-PC Timothy IP-BLOCK 94.102.49.168 (Type: incoming, Port: 161, Process: svchost.exe)
2014/03/28 17:26:15 -0500 TIM-PC Timothy IP-BLOCK 80.82.70.117 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/03/28 21:46:00 -0500 TIM-PC Timothy IP-BLOCK 219.146.8.78 (Type: incoming, Port: 5060, Process: svchost.exe)
2014/03/28 22:17:32 -0500 TIM-PC Timothy IP-BLOCK 93.174.95.119 (Type: incoming, Port: 53, Process: svchost.exe)
2014/03/28 22:17:32 -0500 TIM-PC Timothy IP-BLOCK 93.174.95.119 (Type: incoming, Port: 53, Process: svchost.exe)
2014/03/28 22:17:32 -0500 TIM-PC Timothy IP-BLOCK 93.174.95.119 (Type: incoming, Port: 53, Process: svchost.exe)
2014/03/28 22:35:51 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 6383, Process: svchost.exe)
 

Share this post


Link to post
Share on other sites

Incoming is not a big deal.  Outgoing though is another story.  Let's go ahead and run some other things.

 

You need to reset your Chrome as the tools cannot do that for us very well.
Please read and reset based on the documents listed below.

Chrome - Reset browser settings

Chrome: Set your homepage
Chrome: Delete your cache and other browser data
Chrome: Review and Uninstall extensions
Chrome: Review Plug-ins for possible removal or update
 

 

 

Please download the following scanner from Kaspersky and save it to your computer: TDSSkiller

Then watch the following video on how to use the tool and make sure to temporarily disable your security applications before running TDSSkiller.



If any infection is found please make sure to choose SKIP and post back the log in case of a False Positive detection.

Once the tool has completed scanning make sure to re-enable your other security applications.
 

Share this post


Link to post
Share on other sites

That looks okay - no problem found.

 

Please run this again and restart the computer.

 

Please Run TFC by OldTimer to clear temporary files:

  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.
Then after the reboot run the AdwCleaner tool again.

 

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select Run As Administrator

  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Share this post


Link to post
Share on other sites
# AdwCleaner v3.023 - Report created 16/04/2014 at 13:40:20

# Updated 01/04/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Timothy - TIM-PC

# Running from : C:\Users\Timothy\Desktop\AdwCleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Program Files (x86)\Mysearchdial

Folder Deleted : C:\Users\Timothy\AppData\Roaming\Mysearchdial

File Deleted : C:\Windows\Tasks\MySearchDial.job

File Deleted : C:\Windows\System32\Tasks\MySearchDial

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc

Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1

Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore

Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1

Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd

Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1

Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr

Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\mysearchdial

Key Deleted : HKLM\Software\InstallCore

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.16521

 

 

-\\ Google Chrome v34.0.1847.116

 

[ File : C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [4385 octets] - [16/04/2014 13:38:28]

AdwCleaner[s0].txt - [4303 octets] - [16/04/2014 13:40:20]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4363 octets] ##########

Share this post


Link to post
Share on other sites

Well now... you certainly installed something by accident right towards the end of our clean up as that did not show in the original logs.

 

Let me have you run this tool as well.

 

Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus


 

 

Then run MBAM and check for updates and do a Threat Scan and then go to History / Application Logs and find the scan log and highlight it and click the View button, then click the copy to clipboard button and post back that log as well.

Share this post


Link to post
Share on other sites

Yes, please remove them. Then restart the computer and run another Threat Scan and see if it finds them again or not and post back the new log.

Share this post


Link to post
Share on other sites
Malwarebytes Anti-Malware (PRO) 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.04.19.07

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16659

Timothy :: TIM-PC [administrator]

 

Protection: Enabled

 

4/20/2014 2:17:41 PM

mbam-log-2014-04-20 (14-17-41).txt

 

Scan type: Full scan (C:\|D:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 388208

Time elapsed: 1 hour(s), 1 minute(s), 22 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 5

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialApp.dll.vir (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialEng.dll.vir (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialsrv.exe.vir (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll.vir (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll.vir (PUP.Optional.MySearchDial.A) -> Quarantined and deleted successfully.

 

(end)

 

Share this post


Link to post
Share on other sites

MySearchDial is a toolbar that most consider either PUP (Possibly Unwanted Program) or even malware to some.
Pretty much junk that you do not typically want on your computer.

Is MBAM showing that in a log?

Share this post


Link to post
Share on other sites

Those are not active. Those were found and removed to quarantine already by the AdwCleaner tool. Running a new scan with MBAM it should not find them anymore as it put them in it's own quarantine.

Is that your only issue or concern at this time?

Share this post


Link to post
Share on other sites

No. Here are the logs from the past few days:

 

2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60803, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60804, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60805, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60806, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60807, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60809, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60810, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60813, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60819, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60821, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60822, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60823, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60824, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60825, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60827, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60829, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60830, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60831, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60832, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60833, Process: chrome.exe)
2014/04/22 01:47:19 -0500 TIM-PC Timothy IP-BLOCK 72.21.215.133 (Type: outgoing, Port: 60834, Process: chrome.exe)
2014/04/22 06:27:37 -0500 TIM-PC Timothy IP-BLOCK 222.186.31.73 (Type: incoming, Port: 1433, Process: svchost.exe)
2014/04/22 06:27:37 -0500 TIM-PC Timothy IP-BLOCK 222.186.31.73 (Type: incoming, Port: 1433, Process: svchost.exe)
2014/04/22 06:54:33 -0500 TIM-PC Timothy IP-BLOCK 80.82.78.53 (Type: incoming, Port: 5932, Process: svchost.exe)
2014/04/22 06:56:25 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 18193, Process: svchost.exe)
2014/04/22 06:56:25 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 18193, Process: svchost.exe)
2014/04/22 07:32:53 -0500 TIM-PC Timothy IP-BLOCK 222.186.31.154 (Type: incoming, Port: 1433, Process: svchost.exe)
2014/04/22 07:32:53 -0500 TIM-PC Timothy IP-BLOCK 222.186.31.154 (Type: incoming, Port: 1433, Process: svchost.exe)
2014/04/22 07:59:44 -0500 TIM-PC Timothy IP-BLOCK 80.82.64.42 (Type: incoming, Port: 3389, Process: svchost.exe)
2014/04/22 07:59:44 -0500 TIM-PC Timothy IP-BLOCK 80.82.64.42 (Type: incoming, Port: 3389, Process: svchost.exe)
2014/04/22 07:59:44 -0500 TIM-PC Timothy IP-BLOCK 80.82.64.42 (Type: incoming, Port: 3389, Process: svchost.exe)
2014/04/22 11:54:58 -0500 TIM-PC Timothy MESSAGE Executing scheduled update:  Daily
2014/04/22 11:55:07 -0500 TIM-PC Timothy MESSAGE Scheduled update executed successfully:  database updated from version v2014.04.21.05 to version v2014.04.22.05
2014/04/22 11:55:07 -0500 TIM-PC Timothy MESSAGE Starting database refresh
2014/04/22 11:55:07 -0500 TIM-PC Timothy MESSAGE Stopping IP protection
2014/04/22 11:55:07 -0500 TIM-PC Timothy MESSAGE IP Protection stopped successfully
2014/04/22 11:55:09 -0500 TIM-PC Timothy MESSAGE Database refreshed successfully
2014/04/22 11:55:09 -0500 TIM-PC Timothy MESSAGE Starting IP protection
2014/04/22 11:55:11 -0500 TIM-PC Timothy MESSAGE IP Protection started successfully
2014/04/22 12:13:28 -0500 TIM-PC Timothy IP-BLOCK 80.82.78.53 (Type: incoming, Port: 5933, Process: svchost.exe)
2014/04/22 15:07:08 -0500 TIM-PC Timothy IP-BLOCK 80.82.70.151 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/04/22 15:07:08 -0500 TIM-PC Timothy IP-BLOCK 80.82.70.151 (Type: incoming, Port: 21320, Process: svchost.exe)
2014/04/22 15:14:13 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 3128, Process: svchost.exe)
2014/04/22 15:14:13 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 3128, Process: svchost.exe)
2014/04/22 16:10:46 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 19921, Process: svchost.exe)
2014/04/22 16:10:46 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 19921, Process: svchost.exe)
2014/04/22 20:21:40 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 4438, Process: svchost.exe)
2014/04/22 20:21:40 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 4438, Process: svchost.exe)
 
 
 
2014/04/23 00:21:38 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 4396, Process: svchost.exe)
2014/04/23 00:21:38 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 4396, Process: svchost.exe)
2014/04/23 04:10:41 -0500 TIM-PC Timothy IP-BLOCK 80.82.78.53 (Type: incoming, Port: 5936, Process: svchost.exe)
2014/04/23 11:40:41 -0500 TIM-PC Timothy IP-BLOCK 89.248.172.53 (Type: incoming, Port: 53, Process: svchost.exe)
2014/04/23 12:17:34 -0500 TIM-PC Timothy MESSAGE Executing scheduled update:  Daily
2014/04/23 12:17:43 -0500 TIM-PC Timothy MESSAGE Scheduled update executed successfully:  database updated from version v2014.04.22.05 to version v2014.04.23.07
2014/04/23 12:17:43 -0500 TIM-PC Timothy MESSAGE Starting database refresh
2014/04/23 12:17:43 -0500 TIM-PC Timothy MESSAGE Stopping IP protection
2014/04/23 12:17:43 -0500 TIM-PC Timothy MESSAGE IP Protection stopped successfully
2014/04/23 12:17:46 -0500 TIM-PC Timothy MESSAGE Database refreshed successfully
2014/04/23 12:17:46 -0500 TIM-PC Timothy MESSAGE Starting IP protection
2014/04/23 12:17:47 -0500 TIM-PC Timothy MESSAGE IP Protection started successfully
2014/04/23 19:00:20 -0500 TIM-PC Timothy IP-BLOCK 89.248.172.53 (Type: incoming, Port: 53, Process: svchost.exe)
2014/04/23 19:00:20 -0500 TIM-PC Timothy IP-BLOCK 89.248.172.53 (Type: incoming, Port: 53, Process: svchost.exe)
2014/04/23 19:40:16 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 57718, Process: svchost.exe)
2014/04/23 20:29:35 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 41890, Process: svchost.exe)
2014/04/23 22:32:41 -0500 TIM-PC Timothy IP-BLOCK 5.61.36.144 (Type: incoming, Port: 1194, Process: svchost.exe)
2014/04/23 22:32:41 -0500 TIM-PC Timothy IP-BLOCK 5.61.36.144 (Type: incoming, Port: 1194, Process: svchost.exe)
2014/04/23 23:03:21 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 25651, Process: svchost.exe)
 
 
 
2014/04/24 05:38:30 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 8080, Process: svchost.exe)
2014/04/24 14:27:10 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 40223, Process: svchost.exe)
2014/04/24 14:27:10 -0500 TIM-PC Timothy IP-BLOCK 93.174.93.51 (Type: incoming, Port: 40223, Process: svchost.exe)
 

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.