smacn27076 Posted April 17, 2011 ID:417187 Share Posted April 17, 2011 .DDS (Ver_11-03-05.01) - NTFSx86 Run by Steve at 18:44:59.26 on Sat 04/16/2011Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.1958 [GMT -7:00].AV: AVG Anti-Virus *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}.============== Running Processes ===============.C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcssvchost.exesvchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exeC:\Program Files\AVG\AVG9\avgam.exeC:\Program Files\AVG\AVG9\avgnsx.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Kodak\AiO\Center\ekdiscovery.exeC:\Program Files\LogMeIn\x86\LMIGuardianSvc.exeC:\Program Files\LogMeIn\x86\RaMaint.exeC:\Program Files\LogMeIn\x86\LogMeIn.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exec:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exeC:\Program Files\Logitech\Logitech WebCam Software\LWS.exeC:\Program Files\iGive_Toolbar\igvtt.exeC:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exeC:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exeC:\Program Files\Fisher-Price\Music Player\MP_Middleware.exeC:\Program Files\Fisher-Price\Photo Software\Util\Fisher-Price Photo Software Middleware.exeC:\Program Files\LogMeIn\x86\LogMeInSystray.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\NETGEAR\WG311v3\wlancfg5.exeC:\Program Files\ATI Technologies\ATI.ACE\CLI.EXEC:\Program Files\iGive_Toolbar\igvtp.exeC:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exeC:\Program Files\OpenOffice.org 3\program\soffice.exeC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\OpenOffice.org 3\program\soffice.binC:\Program Files\ATI Technologies\ATI.ACE\cli.exeC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Steve\My Documents\Downloads\dds.pif.============== Pseudo HJT Report ===============.uSearch Page = hxxp://www.google.comuDefault_Page_URL = hxxp://www.msn.comuSearch Bar = hxxp://www.google.com/ieuDefault_Search_URL = hxxp://www.google.com/ieuInternet Settings,ProxyOverride = *.localuSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%smSearchAssistant = hxxp://www.google.com/ieuURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dlluURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dllmURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dllBHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dllBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dllBHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllBHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dllBHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllTB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dllTB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dllTB: iGive Toolbar: {fa73ae1b-4ba9-4e8b-832b-54a287ff1b7f} - c:\program files\igive_toolbar\igvtb.dllTB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dllTB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dlluRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduleruRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [Google Update] "c:\documents and settings\steve\local settings\application data\google\update\GoogleUpdate.exe" /cuRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exemRun: [RTHDCPL] RTHDCPL.EXEmRun: [Alcmtr] ALCMTR.EXEmRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exemRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe"mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exemRun: [Conime] %windir%\system32\conime.exemRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hidemRun: [igvtm] "c:\program files\igive_toolbar\igvtt.exe"mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorunmRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exemRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottimemRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exemRun: [Launch Kid-Touch Music Player Middleware] "c:\program files\fisher-price\music player\MP_Middleware.exe"mRun: [FPPhotoMiddleWare] c:\program files\fisher-price\photo software\util\Fisher-Price Photo Software Middleware.exemRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttraymRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"StartupFolder: c:\docume~1\steve\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg311v3\wlancfg5.exeIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.htmlIE: iGive Toolbar - file://c:\documents and settings\steve\application data\igive_toolbar\igvtt\igvtC5.htmIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLLIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dllTrusted Zone: microsoft.com\www.updateDPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CABDPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cabDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cabDPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cabDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1295804343375DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1295804337281DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {A7EA8AD2-287F-11D3-B120-006008C39542} - hxxp://offers.e-centives.com/cif/download/bin/actxcab.cabDPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dllHandler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dllHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dllHandler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dllHandler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dllHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLLNotify: AtiExtEvent - Ati2evxx.dllNotify: avgrsstarter - avgrsstx.dllNotify: LMIinit - LMIinit.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll.============= SERVICES / DRIVERS ===============.R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-7-26 52872]R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-7-26 216400]R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-7-26 29584]R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-7-26 243024]R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-6-22 308136]R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-25 54752]R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\ekdiscovery.exe [2010-9-13 308656]R2 LANPkt;Realtek LANPkt Protocol Driver;c:\windows\system32\drivers\LANPkt.sys [2009-7-10 8960]R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2011-1-14 374152]R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-7-24 12856]R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-7-26 47640]R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-7-26 363344]R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2011-4-14 88176]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-7-26 20952]S2 0130211302835273mcinstcleanup;McAfee Application Installer Cleanup (0130211302835273);c:\windows\temp\013021~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\windows\temp\013021~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-3 135664]S2 srv9C4;srv9C4;c:\windows\system32\svchost.exe -k netsvcs [2008-4-25 14336]S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-10-26 517448]S3 Diag69xp;Diag69xp;c:\windows\system32\drivers\diag69xp.sys [2009-7-10 11264]S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]S3 RTLVLAN;Realtek VLAN Intermediate Driver;c:\windows\system32\drivers\RTLVLAN.SYS [2009-7-10 16640]S4 LMIRfsClientNP;LMIRfsClientNP; [x].=============== Created Last 30 ================.2011-04-17 01:44:50 -------- d--h--w- c:\windows\PIF2011-04-15 02:57:25 -------- d-----w- c:\program files\Spybot - Search & Destroy2011-04-15 02:57:25 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy2011-04-15 02:41:13 -------- d-----w- c:\program files\common files\McAfee2011-04-15 02:41:07 -------- d-----w- c:\program files\McAfee2011-04-05 03:05:57 3840 ----a-w- c:\windows\system32\drivers\BANTExt.sys2011-04-05 03:05:56 -------- d-----w- c:\program files\Belarc2011-03-29 03:59:32 -------- d-----w- c:\program files\CCleaner2011-03-29 03:58:41 -------- d-----w- c:\program files\VS Revo Group2011-03-28 15:46:17 -------- d-----w- c:\docume~1\steve\applic~1\OfferBox2011-03-28 15:46:13 -------- d-----w- c:\program files\OfferBox2011-03-28 15:45:36 0 ----a-w- c:\windows\Lsasobogise.bin2011-03-28 15:45:31 -------- d-----w- c:\docume~1\steve\locals~1\applic~1\{BA4F3446-8D81-43B0-BDAB-3E33D90208EC}2011-03-20 23:36:42 -------- d-----w- c:\docume~1\steve\applic~1\Fit3DLive2011-03-20 02:47:36 -------- d-----w- c:\program files\iPod2011-03-20 02:37:08 -------- d-----w- c:\program files\Bonjour.==================== Find3M ====================.2011-02-24 20:13:30 398760 ----a-r- c:\windows\system32\cpnprt2.cid2011-02-18 23:36:58 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll2011-02-03 04:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll2011-02-03 02:19:39 73728 ----a-w- c:\windows\system32\javacpl.cpl2011-01-15 03:36:17 6275960 ----a-w- c:\program files\Silverlight.exe2010-12-25 05:42:12 110914304 ----a-w- c:\program files\Fisher-Price_Digital_Camera_Photo_2.0.0.9.exe2010-12-24 20:23:26 16553552 ----a-w- c:\program files\Fisher-Price Music Player Setup_v1.0.0.33.exe2009-11-25 19:24:39 1146184 ----a-w- c:\program files\wlsetup-web.exe.=================== ROOTKIT ====================.Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.netWindows 5.1.2600 Disk: ST3250310AS rev.4.ADA -> Harddisk0\DR0 -> \Device\Ide\IdePort0 P0T0L0-3.device: opened successfullyuser: MBR read successfully.Disk trace:called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8AD07439]<< _asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x8ad0d7d0]; MOV EAX, [0x8ad0d84c]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8AD63030]3 CLASSPNP[0xBA0E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\0000006f[0x8AD21F18]5 ACPI[0xB9F7F620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x8ACB8940]\Driver\atapi[0x8AD47030] -> IRP_MJ_CREATE -> 0x8AD07439kernel: MBR read successfully_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; MOV CX, 0x4; MOV BP, 0x7be; CMP BYTE [bP+0x0], 0x0; }detected disk devices:\Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskST3250310AS_____________________________4.ADA___#5&38708f67&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not founddetected hooks:\Driver\atapi DriverStartIo -> 0x8AD0727Fuser & kernel MBR OK Warning: possible TDL3 rootkit infection !.============= FINISH: 18:46:32.53 ===============GMER 1.0.15.15570 - http://www.gmer.netRootkit scan 2011-04-16 19:45:37Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdePort0 ST3250310AS rev.4.ADARunning: t38brysq.exe; Driver: C:\DOCUME~1\Steve\LOCALS~1\Temp\pwtdapod.sys---- Kernel code sections - GMER 1.0.15 ----.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB8A60000, 0x18FFBC, 0xE8000020]? C:\DOCUME~1\Steve\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !---- User code sections - GMER 1.0.15 ----.text C:\WINDOWS\System32\svchost.exe[1332] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 00A6000A .text C:\WINDOWS\System32\svchost.exe[1332] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 00A7000A .text C:\WINDOWS\System32\svchost.exe[1332] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 00A5000C .text C:\WINDOWS\System32\svchost.exe[1332] USER32.dll!GetCursorPos 7E42974E 5 Bytes JMP 01F5000A .text C:\WINDOWS\System32\svchost.exe[1332] USER32.dll!WindowFromPoint 7E429766 5 Bytes JMP 01F6000A .text C:\WINDOWS\System32\svchost.exe[1332] USER32.dll!GetForegroundWindow 7E429823 5 Bytes JMP 01F7000A .text C:\WINDOWS\System32\svchost.exe[1332] ole32.dll!CoCreateInstance 774FF1AC 5 Bytes JMP 00F3000A .text C:\WINDOWS\Explorer.EXE[2508] ntdll.dll!NtProtectVirtualMemory 7C90D6EE 5 Bytes JMP 0167000A .text C:\WINDOWS\Explorer.EXE[2508] ntdll.dll!NtWriteVirtualMemory 7C90DFAE 5 Bytes JMP 0168000A .text C:\WINDOWS\Explorer.EXE[2508] ntdll.dll!KiUserExceptionDispatcher 7C90E47C 5 Bytes JMP 0166000C .text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3820] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4364] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4392] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A .text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B .text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9 .text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00].text C:\Documents and Settings\Steve\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[4796] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]---- Devices - GMER 1.0.15 ----Device Ntfs.sys (NT File System Driver/Microsoft Corporation)Device Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)AttachedDevice \Driver\Tcpip \Device\Tcp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)Device \Driver\atapi -> DriverStartIo \Device\Ide\IdePort0 8AD0727FDevice \Driver\atapi -> DriverStartIo \Device\Ide\IdePort1 8AD0727FDevice \Driver\atapi -> DriverStartIo \Device\Ide\IdePort2 8AD0727FDevice \Driver\atapi -> DriverStartIo \Device\Ide\IdePort3 8AD0727FDevice \Driver\atapi -> DriverStartIo \Device\Ide\IdeDeviceP1T0L0-e 8AD0727FAttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)AttachedDevice \Driver\Tcpip \Device\Udp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)AttachedDevice \Driver\Tcpip \Device\RawIp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)Device \FileSystem\Cdfs \Cdfs DLAIFS_M.SYS (Drive Letter Access Component/Roxio)Device \Device\Ide\IdeDeviceP0T0L0-3 -> \??\IDE#DiskST3250310AS_____________________________4.ADA___#5&38708f67&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found---- Registry - GMER 1.0.15 ----Reg HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Epoch@Epoch 9681Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{82E36B62-F71E-4693-93AE-6DFFB308CC4B}@DhcpRetryTime 43191Reg HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{82E36B62-F71E-4693-93AE-6DFFB308CC4B}@DhcpRetryStatus 0---- Disk sectors - GMER 1.0.15 ----Disk \Device\Harddisk0\DR0 TDL4@MBR code has been found <-- ROOTKIT !!!Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior---- EOF - GMER 1.0.15 ---- Link to post Share on other sites More sharing options...
LDTate Posted April 17, 2011 ID:417412 Share Posted April 17, 2011 Logs will be closed if you haven't replied within 3 days Please don't attach the scans / logs from these scans, use "copy/paste".DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.Vista and Windows 7 users:1. These tools MUST be run from the executable. (.exe) every time you run them 2. With Admin Rights (Right click, choose "Run as Administrator")Stay with this topic until I give you the all clean post.You might want to print these instructions out.Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.Please download ATF Cleaner by Atribune.Download - ATF Cleaner Link to post Share on other sites More sharing options...
smacn27076 Posted April 18, 2011 Author ID:417480 Share Posted April 18, 2011 2011/04/17 17:10:53.0953 4288 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:282011/04/17 17:10:54.0375 4288 ================================================================================2011/04/17 17:10:54.0375 4288 SystemInfo:2011/04/17 17:10:54.0375 4288 2011/04/17 17:10:54.0375 4288 OS Version: 5.1.2600 ServicePack: 3.02011/04/17 17:10:54.0375 4288 Product type: Workstation2011/04/17 17:10:54.0375 4288 ComputerName: OFFICE2011/04/17 17:10:54.0375 4288 UserName: Steve2011/04/17 17:10:54.0375 4288 Windows directory: C:\WINDOWS2011/04/17 17:10:54.0375 4288 System windows directory: C:\WINDOWS2011/04/17 17:10:54.0375 4288 Processor architecture: Intel x862011/04/17 17:10:54.0375 4288 Number of processors: 22011/04/17 17:10:54.0375 4288 Page size: 0x10002011/04/17 17:10:54.0375 4288 Boot type: Normal boot2011/04/17 17:10:54.0375 4288 ================================================================================2011/04/17 17:10:54.0609 4288 Initialize success2011/04/17 17:11:08.0484 2820 ================================================================================2011/04/17 17:11:08.0484 2820 Scan started2011/04/17 17:11:08.0484 2820 Mode: Manual; 2011/04/17 17:11:08.0484 2820 ================================================================================2011/04/17 17:11:08.0984 2820 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS2011/04/17 17:11:09.0046 2820 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys2011/04/17 17:11:09.0093 2820 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys2011/04/17 17:11:09.0125 2820 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys2011/04/17 17:11:09.0171 2820 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys2011/04/17 17:11:09.0234 2820 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys2011/04/17 17:11:09.0265 2820 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys2011/04/17 17:11:09.0281 2820 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys2011/04/17 17:11:09.0296 2820 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys2011/04/17 17:11:09.0312 2820 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys2011/04/17 17:11:09.0328 2820 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys2011/04/17 17:11:09.0359 2820 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys2011/04/17 17:11:09.0390 2820 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys2011/04/17 17:11:09.0390 2820 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys2011/04/17 17:11:09.0421 2820 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys2011/04/17 17:11:09.0453 2820 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys2011/04/17 17:11:09.0468 2820 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys2011/04/17 17:11:09.0500 2820 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys2011/04/17 17:11:09.0515 2820 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys2011/04/17 17:11:09.0546 2820 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys2011/04/17 17:11:09.0687 2820 ati2mtag (b63516824da0d8b9ad136e6e044a795f) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys2011/04/17 17:11:09.0765 2820 AtiHdmiService (eaece4a0d90d6e1fbe068cce9efd73a0) C:\WINDOWS\system32\drivers\AtiHdmi.sys2011/04/17 17:11:09.0812 2820 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys2011/04/17 17:11:09.0843 2820 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys2011/04/17 17:11:09.0921 2820 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\System32\Drivers\avgldx86.sys2011/04/17 17:11:09.0984 2820 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\System32\Drivers\avgmfx86.sys2011/04/17 17:11:10.0031 2820 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) C:\WINDOWS\system32\Drivers\avgrkx86.sys2011/04/17 17:11:10.0109 2820 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\System32\Drivers\avgtdix.sys2011/04/17 17:11:10.0171 2820 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys2011/04/17 17:11:10.0234 2820 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys2011/04/17 17:11:10.0296 2820 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys2011/04/17 17:11:10.0296 2820 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys2011/04/17 17:11:10.0343 2820 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys2011/04/17 17:11:10.0359 2820 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys2011/04/17 17:11:10.0406 2820 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys2011/04/17 17:11:10.0421 2820 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys2011/04/17 17:11:10.0484 2820 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys2011/04/17 17:11:10.0546 2820 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys2011/04/17 17:11:10.0593 2820 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys2011/04/17 17:11:10.0625 2820 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys2011/04/17 17:11:10.0640 2820 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys2011/04/17 17:11:10.0703 2820 Diag69xp (a22d5a027f397e412cbb2d97e8661bff) C:\WINDOWS\system32\Drivers\Diag69xp.sys2011/04/17 17:11:10.0734 2820 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys2011/04/17 17:11:10.0765 2820 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS2011/04/17 17:11:10.0781 2820 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS2011/04/17 17:11:10.0796 2820 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS2011/04/17 17:11:10.0812 2820 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS2011/04/17 17:11:10.0828 2820 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS2011/04/17 17:11:10.0843 2820 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS2011/04/17 17:11:10.0859 2820 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS2011/04/17 17:11:10.0859 2820 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS2011/04/17 17:11:10.0875 2820 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS2011/04/17 17:11:10.0890 2820 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS2011/04/17 17:11:10.0937 2820 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys2011/04/17 17:11:10.0937 2820 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys2011/04/17 17:11:10.0953 2820 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys2011/04/17 17:11:11.0031 2820 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys2011/04/17 17:11:11.0078 2820 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys2011/04/17 17:11:11.0109 2820 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys2011/04/17 17:11:11.0171 2820 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS2011/04/17 17:11:11.0187 2820 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS2011/04/17 17:11:11.0250 2820 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys2011/04/17 17:11:11.0296 2820 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys2011/04/17 17:11:11.0343 2820 FilterService (b73ec688c29f81f9da0fcf63682b3ecb) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys2011/04/17 17:11:11.0375 2820 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys2011/04/17 17:11:11.0375 2820 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys2011/04/17 17:11:11.0437 2820 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys2011/04/17 17:11:11.0500 2820 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys2011/04/17 17:11:11.0515 2820 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys2011/04/17 17:11:11.0593 2820 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys2011/04/17 17:11:11.0640 2820 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys2011/04/17 17:11:11.0671 2820 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys2011/04/17 17:11:11.0734 2820 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys2011/04/17 17:11:11.0765 2820 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys2011/04/17 17:11:11.0812 2820 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys2011/04/17 17:11:11.0828 2820 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys2011/04/17 17:11:11.0875 2820 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys2011/04/17 17:11:11.0890 2820 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys2011/04/17 17:11:11.0953 2820 iaStor (707c1692214b1c290271067197f075f6) C:\WINDOWS\system32\drivers\iaStor.sys2011/04/17 17:11:12.0015 2820 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys2011/04/17 17:11:12.0078 2820 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys2011/04/17 17:11:12.0218 2820 IntcAzAudAddService (5c8f36cdcb489111b24003af4dfe1fdc) C:\WINDOWS\system32\drivers\RtkHDAud.sys2011/04/17 17:11:12.0265 2820 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys2011/04/17 17:11:12.0312 2820 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys2011/04/17 17:11:12.0359 2820 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys2011/04/17 17:11:12.0375 2820 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys2011/04/17 17:11:12.0421 2820 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys2011/04/17 17:11:12.0453 2820 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys2011/04/17 17:11:12.0468 2820 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys2011/04/17 17:11:12.0515 2820 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys2011/04/17 17:11:12.0562 2820 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys2011/04/17 17:11:12.0578 2820 JRAID (b07084095f8c03aadb9811c9df14b5e4) C:\WINDOWS\system32\DRIVERS\jraid.sys2011/04/17 17:11:12.0640 2820 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys2011/04/17 17:11:12.0640 2820 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys2011/04/17 17:11:12.0671 2820 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys2011/04/17 17:11:12.0718 2820 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys2011/04/17 17:11:12.0796 2820 LANPkt (8f5795b166cbb50966e29982f8cdb310) C:\WINDOWS\system32\DRIVERS\LANPkt.sys2011/04/17 17:11:12.0937 2820 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys2011/04/17 17:11:12.0968 2820 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys2011/04/17 17:11:13.0000 2820 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys2011/04/17 17:11:13.0062 2820 lvpopflt (9fb982de1c8dd769f8ed681dd878b12f) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys2011/04/17 17:11:13.0109 2820 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys2011/04/17 17:11:13.0140 2820 LVRS (37072ec9299e825f4335cc554b6fac6a) C:\WINDOWS\system32\DRIVERS\lvrs.sys2011/04/17 17:11:13.0296 2820 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\WINDOWS\system32\DRIVERS\lvuvc.sys2011/04/17 17:11:13.0343 2820 MBAMProtector (836e0e09ca9869be7eb39ef2cf3602c7) C:\WINDOWS\system32\drivers\mbam.sys2011/04/17 17:11:13.0453 2820 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys2011/04/17 17:11:13.0515 2820 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys2011/04/17 17:11:13.0546 2820 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys2011/04/17 17:11:13.0609 2820 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys2011/04/17 17:11:13.0625 2820 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys2011/04/17 17:11:13.0656 2820 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys2011/04/17 17:11:13.0671 2820 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys2011/04/17 17:11:13.0734 2820 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys2011/04/17 17:11:13.0765 2820 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys2011/04/17 17:11:13.0812 2820 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys2011/04/17 17:11:13.0828 2820 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys2011/04/17 17:11:13.0843 2820 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys2011/04/17 17:11:13.0890 2820 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys2011/04/17 17:11:13.0937 2820 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys2011/04/17 17:11:13.0984 2820 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys2011/04/17 17:11:14.0015 2820 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys2011/04/17 17:11:14.0062 2820 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys2011/04/17 17:11:14.0093 2820 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys2011/04/17 17:11:14.0125 2820 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys2011/04/17 17:11:14.0140 2820 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys2011/04/17 17:11:14.0156 2820 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys2011/04/17 17:11:14.0203 2820 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys2011/04/17 17:11:14.0234 2820 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys2011/04/17 17:11:14.0234 2820 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys2011/04/17 17:11:14.0281 2820 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys2011/04/17 17:11:14.0343 2820 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys2011/04/17 17:11:14.0406 2820 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys2011/04/17 17:11:14.0437 2820 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys2011/04/17 17:11:14.0468 2820 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys2011/04/17 17:11:14.0500 2820 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys2011/04/17 17:11:14.0531 2820 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys2011/04/17 17:11:14.0562 2820 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys2011/04/17 17:11:14.0578 2820 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys2011/04/17 17:11:14.0656 2820 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys2011/04/17 17:11:14.0703 2820 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys2011/04/17 17:11:14.0843 2820 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys2011/04/17 17:11:14.0890 2820 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys2011/04/17 17:11:14.0968 2820 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys2011/04/17 17:11:14.0984 2820 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys2011/04/17 17:11:15.0000 2820 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys2011/04/17 17:11:15.0062 2820 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys2011/04/17 17:11:15.0109 2820 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys2011/04/17 17:11:15.0125 2820 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys2011/04/17 17:11:15.0156 2820 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys2011/04/17 17:11:15.0187 2820 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys2011/04/17 17:11:15.0203 2820 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys2011/04/17 17:11:15.0234 2820 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys2011/04/17 17:11:15.0250 2820 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys2011/04/17 17:11:15.0265 2820 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys2011/04/17 17:11:15.0281 2820 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys2011/04/17 17:11:15.0296 2820 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys2011/04/17 17:11:15.0312 2820 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys2011/04/17 17:11:15.0375 2820 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys2011/04/17 17:11:15.0406 2820 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys2011/04/17 17:11:15.0468 2820 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys2011/04/17 17:11:15.0546 2820 RTLE8023xp (20f8e21af426bf61881981452b3c3370) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys2011/04/17 17:11:15.0593 2820 RTLVLAN (b9ca69921379ea2931c4450fe975bce7) C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS2011/04/17 17:11:15.0656 2820 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys2011/04/17 17:11:15.0718 2820 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys2011/04/17 17:11:15.0734 2820 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys2011/04/17 17:11:15.0765 2820 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys2011/04/17 17:11:15.0906 2820 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys2011/04/17 17:11:15.0968 2820 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys2011/04/17 17:11:16.0000 2820 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys2011/04/17 17:11:16.0031 2820 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys2011/04/17 17:11:16.0093 2820 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys2011/04/17 17:11:16.0156 2820 Srv (da852e3e0bf1cea75d756f9866241e57) C:\WINDOWS\system32\DRIVERS\srv.sys2011/04/17 17:11:16.0218 2820 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys2011/04/17 17:11:16.0265 2820 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys2011/04/17 17:11:16.0328 2820 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys2011/04/17 17:11:16.0375 2820 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys2011/04/17 17:11:16.0390 2820 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys2011/04/17 17:11:16.0406 2820 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys2011/04/17 17:11:16.0437 2820 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys2011/04/17 17:11:16.0468 2820 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys2011/04/17 17:11:16.0531 2820 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys2011/04/17 17:11:16.0578 2820 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys2011/04/17 17:11:16.0593 2820 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys2011/04/17 17:11:16.0640 2820 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys2011/04/17 17:11:16.0687 2820 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys2011/04/17 17:11:16.0718 2820 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys2011/04/17 17:11:16.0750 2820 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys2011/04/17 17:11:16.0781 2820 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys2011/04/17 17:11:16.0843 2820 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys2011/04/17 17:11:16.0875 2820 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys2011/04/17 17:11:16.0921 2820 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys2011/04/17 17:11:16.0968 2820 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys2011/04/17 17:11:17.0031 2820 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys2011/04/17 17:11:17.0078 2820 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys2011/04/17 17:11:17.0125 2820 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys2011/04/17 17:11:17.0140 2820 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS2011/04/17 17:11:17.0187 2820 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys2011/04/17 17:11:17.0218 2820 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys2011/04/17 17:11:17.0265 2820 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys2011/04/17 17:11:17.0312 2820 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys2011/04/17 17:11:17.0328 2820 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys2011/04/17 17:11:17.0359 2820 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys2011/04/17 17:11:17.0437 2820 W8335XP (7455b3c11a1d6a844b53febdb58646e9) C:\WINDOWS\system32\DRIVERS\WG311v3XP.sys2011/04/17 17:11:17.0453 2820 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys2011/04/17 17:11:17.0515 2820 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys2011/04/17 17:11:17.0625 2820 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS2011/04/17 17:11:17.0656 2820 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys2011/04/17 17:11:17.0671 2820 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys2011/04/17 17:11:17.0703 2820 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)2011/04/17 17:11:17.0703 2820 ================================================================================2011/04/17 17:11:17.0703 2820 Scan finished2011/04/17 17:11:17.0703 2820 ================================================================================2011/04/17 17:11:17.0718 7180 Detected object count: 12011/04/17 17:11:42.0109 7180 \HardDisk0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot2011/04/17 17:11:42.0109 7180 \HardDisk0 - ok2011/04/17 17:11:42.0109 7180 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure 2011/04/17 17:12:04.0531 7256 Deinitialize successAs of now, I don't see any change in the performance of my computer, either better or worse than before I ran the scans. I am still getting IP-BLOCK (Type: outgoing) warnings from Malwarebytes, which is a symptom that has occurred only recently, and that I have been trying to eliminate for two weeks. I neglected to include my latest Malwarebytes scan log in my initial post. It is included here.00:02:12 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)00:02:15 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)00:02:20 Steve MESSAGE Scheduled update executed successfully00:02:20 Steve MESSAGE IP Protection stopped00:02:23 Steve MESSAGE Scheduled scan executed successfully00:02:25 Steve MESSAGE Database updated successfully00:02:32 Steve MESSAGE IP Protection started successfully00:20:47 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)00:20:50 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)00:20:56 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)00:27:45 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)00:27:45 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)00:27:48 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)00:27:48 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)00:27:54 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)00:27:54 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)00:28:06 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)00:28:09 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)00:28:15 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)00:50:47 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)00:50:50 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)00:50:56 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)00:50:56 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)00:50:59 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)00:50:59 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)00:51:02 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)00:51:05 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)00:51:08 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)01:00:11 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:00:14 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:00:17 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:00:17 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:00:20 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:00:20 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:00:20 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:00:26 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:00:26 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:00:38 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:00:38 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:00:41 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:00:47 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:02:22 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:02:25 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:02:31 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:02:43 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:02:46 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:02:52 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:20:47 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:20:47 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)01:20:50 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:20:50 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)01:20:56 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:20:56 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)01:23:43 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:23:46 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:23:52 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:24:04 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:24:07 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:24:13 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:50:47 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:50:50 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:50:51 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:50:52 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:50:54 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)01:50:55 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:50:56 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:51:00 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)01:51:01 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:56:05 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:56:07 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:56:14 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)01:56:25 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:56:28 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)01:56:35 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)02:04:02 Steve MESSAGE Scheduled update executed successfully02:04:03 Steve MESSAGE IP Protection stopped02:04:05 Steve MESSAGE Scheduled scan executed successfully02:04:08 Steve MESSAGE Database updated successfully02:04:14 Steve MESSAGE IP Protection started successfully02:20:50 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)02:20:51 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)02:20:51 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)02:20:53 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)02:20:54 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)02:20:54 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)02:20:59 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)02:20:59 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)02:21:00 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)02:28:48 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)02:28:51 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)02:28:57 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)02:29:09 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)02:29:12 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)02:29:18 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)02:50:47 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)02:50:48 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)02:50:51 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)02:50:51 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)02:50:52 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)02:50:55 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:50:57 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)02:50:57 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)02:50:57 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:51:00 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:51:01 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:51:06 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)03:00:39 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:00:39 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)03:00:42 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:00:42 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)03:00:48 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:00:48 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)03:01:00 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:01:03 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:01:09 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:20:47 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)03:20:48 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:20:50 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)03:20:51 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)03:20:57 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)03:20:57 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:22:00 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)03:22:03 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)03:22:09 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)03:22:21 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:22:24 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:22:30 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:30:49 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)03:30:52 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)03:30:58 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)03:32:23 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:32:24 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:32:24 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)03:32:26 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:32:27 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:32:32 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:32:32 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:32:45 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:32:45 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:32:47 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:32:53 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:50:47 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)03:50:50 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)03:50:50 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)03:50:50 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)03:50:53 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)03:50:53 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)03:50:56 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)03:50:57 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)03:50:59 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)03:51:02 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)03:51:10 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)03:51:13 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)03:51:19 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)03:51:31 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:51:34 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)03:51:39 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:00:30 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)04:00:33 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)04:00:39 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)04:01:31 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:01:34 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:01:39 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:01:52 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:01:55 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:02:00 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:20:48 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:20:48 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:20:51 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:20:51 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:20:57 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:20:57 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:22:52 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:22:55 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:23:01 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:23:13 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:23:16 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:23:22 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:32:36 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)04:32:39 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)04:32:45 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)04:33:13 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:33:16 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:33:22 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:50:47 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:50:49 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:50:50 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:50:52 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:50:53 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:50:56 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:50:58 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:50:59 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:51:14 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:51:17 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:51:23 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:51:35 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:51:38 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:51:44 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:54:34 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:54:37 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:54:43 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)04:54:55 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:54:58 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)04:55:04 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:20:48 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)05:20:48 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:20:49 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)05:20:51 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)05:20:51 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:20:52 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)05:20:54 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)05:20:57 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)05:20:57 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:20:58 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)05:21:00 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)05:32:46 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:32:46 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)05:32:49 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:32:49 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)05:32:55 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:32:55 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)05:33:07 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:33:10 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:33:16 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:50:48 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)05:50:48 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:50:51 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)05:50:51 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)05:50:51 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:50:54 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)05:50:57 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)05:50:57 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:50:59 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)05:51:56 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:51:59 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:52:05 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:52:17 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:52:20 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:52:26 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:54:08 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)05:54:11 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)05:54:17 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)05:54:29 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:54:32 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)05:54:38 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)06:01:51 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)06:01:54 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)06:02:00 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)06:20:48 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)06:20:51 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)06:20:57 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)06:26:30 Steve IP-BLOCK 68.168.212.21 (Type: outgoing)06:26:33 Steve IP-BLOCK 68.168.212.21 (Type: outgoing)06:26:39 Steve IP-BLOCK 68.168.212.21 (Type: outgoing)06:26:51 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)06:26:54 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)06:27:00 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)06:50:51 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)06:50:51 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)06:50:51 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)06:50:54 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)06:50:54 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)06:50:54 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)06:51:00 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)06:51:00 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)06:51:00 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)06:51:12 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)06:51:15 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)06:51:21 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)06:52:38 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)06:52:41 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)06:52:47 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)06:52:59 Steve IP-BLOCK 78.140.143.83 (Type: outgoing)06:52:59 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)06:53:02 Steve IP-BLOCK 78.140.143.83 (Type: outgoing)06:53:02 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)06:53:08 Steve IP-BLOCK 78.140.143.83 (Type: outgoing)06:53:08 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)07:01:14 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)07:01:17 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)07:01:23 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)07:01:35 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:01:38 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:01:44 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:13:08 Steve ERROR Scheduled update failed: WinHttpQueryDataAvailable failed with error code 1200207:20:56 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:20:57 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)07:20:59 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:20:59 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)07:21:00 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)07:21:02 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)07:21:05 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:21:05 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)07:21:08 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)07:22:37 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)07:22:40 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)07:22:46 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)07:22:58 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:23:01 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:23:07 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:32:58 Steve IP-BLOCK 68.168.212.21 (Type: outgoing)07:33:01 Steve IP-BLOCK 68.168.212.21 (Type: outgoing)07:33:07 Steve IP-BLOCK 68.168.212.21 (Type: outgoing)07:50:57 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:50:58 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)07:51:01 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:51:01 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)07:51:06 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:51:07 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)07:51:09 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:51:09 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:51:12 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:51:16 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:51:18 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:53:20 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)07:53:23 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)07:53:29 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)07:53:41 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)07:53:44 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)07:53:50 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)07:55:04 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)07:55:07 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)07:55:13 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)07:57:19 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)07:57:22 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)07:57:28 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)07:57:40 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:57:43 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)07:57:49 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:13:09 Steve ERROR Scheduled update failed: WinHttpQueryDataAvailable failed with error code 1200208:20:49 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)08:20:49 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:20:49 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:20:52 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)08:20:52 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:20:52 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:20:58 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)08:20:58 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:20:58 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:23:50 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)08:23:53 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)08:23:59 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)08:29:41 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)08:29:44 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)08:29:50 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)08:30:02 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:30:05 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:30:11 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:30:22 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)08:30:25 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)08:30:31 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)08:50:48 Steve IP-BLOCK 68.168.212.21 (Type: outgoing)08:50:51 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:50:51 Steve IP-BLOCK 68.168.212.21 (Type: outgoing)08:50:54 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:50:57 Steve IP-BLOCK 68.168.212.21 (Type: outgoing)08:51:00 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:54:02 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:54:02 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:54:05 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:54:05 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:54:10 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)08:54:11 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:54:11 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:54:13 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)08:54:19 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)08:54:23 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:54:26 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:54:31 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:54:32 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:54:34 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:54:40 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:59:03 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:59:03 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)08:59:06 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:59:06 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)08:59:12 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:59:12 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)08:59:24 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:59:27 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)08:59:33 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:10:09 Steve ERROR Scheduled update failed: WinHttpQueryDataAvailable failed with error code 1200209:20:51 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)09:20:52 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:20:54 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)09:20:55 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:21:00 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)09:21:01 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:21:04 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:21:07 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)09:21:13 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)09:26:36 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:26:39 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:26:40 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:26:40 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)09:26:42 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:26:45 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:26:49 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:27:00 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:27:01 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:27:03 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:27:10 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:50:58 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)09:51:00 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:51:01 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)09:51:03 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:51:07 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)09:51:07 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)09:51:09 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:51:10 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:51:16 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)09:51:46 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)09:51:49 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)09:51:55 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)09:54:44 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:54:47 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:54:53 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:55:05 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:55:08 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:55:14 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:58:56 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)09:58:59 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)09:59:04 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)09:59:16 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:59:19 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)09:59:26 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)10:06:50 Steve ERROR Scheduled update failed: WinHttpQueryDataAvailable failed with error code 1200210:20:49 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)10:20:52 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)10:20:52 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)10:20:52 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)10:20:55 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)10:20:55 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)10:20:56 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)10:20:58 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)10:20:59 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)10:20:59 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)10:21:01 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)10:21:01 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)10:21:05 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)10:21:05 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)10:21:17 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)10:21:19 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)10:21:25 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)10:31:17 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)10:31:19 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)10:31:25 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)10:31:37 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)10:31:40 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)10:31:47 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)10:50:48 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)10:50:49 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)10:50:51 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)10:50:52 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)10:50:57 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)10:50:58 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)10:52:38 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)10:52:41 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)10:52:46 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)10:52:59 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)10:53:02 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)10:53:07 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)10:55:26 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:55:29 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:55:35 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:55:47 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:55:50 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:55:56 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:02:59 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)11:03:02 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)11:03:07 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)11:04:09 Steve ERROR Scheduled update failed: WinHttpQueryDataAvailable failed with error code 1200211:21:09 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:21:09 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)11:21:11 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:21:12 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:21:12 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)11:21:14 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:21:18 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:21:19 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)11:21:20 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:22:25 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)11:22:28 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)11:22:34 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)11:27:02 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:27:03 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)11:27:05 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:27:06 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)11:27:10 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:27:11 Steve IP-BLOCK 68.168.212.18 (Type: outgoing)11:27:24 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:27:26 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:27:33 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:50:51 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)11:50:51 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)11:50:54 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)11:50:54 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)11:50:57 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)11:51:00 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)11:51:01 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)11:51:06 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)11:51:09 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:51:12 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:51:18 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:56:08 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:56:11 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:56:17 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:56:29 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:56:32 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:56:38 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:59:38 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:59:41 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:59:43 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:59:43 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)11:59:46 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:59:47 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)11:59:52 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:00:04 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:00:04 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:00:07 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:00:13 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:06:48 Steve ERROR Scheduled update failed: WinHttpQueryDataAvailable failed with error code 1200212:20:51 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:20:53 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:20:54 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:20:54 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)12:20:56 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:20:57 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)12:21:00 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:21:02 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:21:03 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)12:21:09 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:21:12 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:21:18 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:26:20 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:26:23 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:26:29 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:26:41 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:26:44 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:26:50 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:50:48 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)12:50:51 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)12:50:51 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:50:52 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:50:54 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:50:55 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:50:57 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)12:51:00 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:51:00 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:56:50 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:56:53 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:56:59 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:57:11 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:57:14 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:57:20 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:58:41 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:58:44 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:58:50 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)12:59:02 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:59:05 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)12:59:11 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)13:02:25 Steve ERROR Scheduled update failed: WinHttpSendRequest failed with error code 1200713:20:48 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)13:20:50 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)13:20:51 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)13:20:53 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)13:20:57 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)13:20:59 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)13:21:02 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)13:21:05 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)13:21:11 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)13:31:02 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)13:31:05 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)13:31:11 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)13:31:23 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)13:31:26 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)13:31:32 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)13:32:43 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)13:32:46 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)13:32:52 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)13:51:09 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)13:51:12 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)13:51:18 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)13:57:32 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)13:57:35 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)13:57:41 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)13:57:53 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)13:57:56 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)13:58:02 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:00:05 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:00:08 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:00:14 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:00:23 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:00:26 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:00:31 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:01:53 Steve ERROR Scheduled update failed: WinHttpQueryDataAvailable failed with error code 1200214:07:40 Steve IP-BLOCK 74.81.171.153 (Type: outgoing)14:07:43 Steve IP-BLOCK 74.81.171.153 (Type: outgoing)14:07:49 Steve IP-BLOCK 74.81.171.153 (Type: outgoing)14:08:01 Steve IP-BLOCK 74.81.171.154 (Type: outgoing)14:08:04 Steve IP-BLOCK 74.81.171.154 (Type: outgoing)14:08:10 Steve IP-BLOCK 74.81.171.154 (Type: outgoing)14:08:23 Steve IP-BLOCK 74.81.171.155 (Type: outgoing)14:08:26 Steve IP-BLOCK 74.81.171.155 (Type: outgoing)14:08:32 Steve IP-BLOCK 74.81.171.155 (Type: outgoing)14:21:15 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)14:21:15 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:21:16 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)14:21:18 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)14:21:18 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:21:19 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)14:21:23 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)14:21:24 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)14:21:24 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:21:24 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)14:21:26 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)14:21:32 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)14:21:44 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:21:47 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:21:53 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:31:53 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:31:55 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:31:55 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)14:31:56 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:31:58 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)14:32:02 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:32:04 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:32:16 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:32:16 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:32:19 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:32:23 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)14:32:25 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:32:26 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)14:32:32 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)14:32:44 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:32:47 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:32:53 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:50:49 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:50:49 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)14:50:51 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:50:52 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)14:50:52 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)14:50:55 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)14:50:56 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:50:56 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:50:57 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:50:58 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)14:50:59 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:51:01 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)14:51:05 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:56:04 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)14:56:07 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)14:56:13 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)14:56:25 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)14:56:28 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)14:56:34 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)14:56:46 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:56:49 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:56:55 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:57:38 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:57:41 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:57:47 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)14:58:14 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:58:17 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:58:23 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:58:35 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:58:38 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:58:44 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)15:05:41 Steve ERROR Scheduled update failed: WinHttpQueryDataAvailable failed with error code 1200215:20:48 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)15:20:51 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)15:20:57 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)15:20:58 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)15:21:01 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)15:21:07 Steve IP-BLOCK 95.143.193.171 (Type: outgoing)15:21:19 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)15:21:22 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)15:21:28 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)15:21:56 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)15:21:59 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)15:22:05 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)15:22:27 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)15:22:30 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)15:22:36 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)16:00:16 Steve MESSAGE Scheduled update executed successfully16:00:19 Steve MESSAGE Scheduled scan executed successfully16:19:32 Steve MESSAGE Protection started successfully16:19:57 Steve MESSAGE IP Protection started successfully16:35:14 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)16:35:14 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)16:35:14 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)16:35:14 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)16:35:17 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)16:35:17 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)16:35:17 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)16:35:23 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)16:35:23 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)16:35:23 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)16:42:53 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)16:42:56 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)16:43:02 Steve IP-BLOCK 68.168.212.20 (Type: outgoing)16:43:14 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)16:43:17 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)16:43:23 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)16:59:17 Steve IP-BLOCK 91.200.240.30 (Type: outgoing)16:59:20 Steve IP-BLOCK 91.200.240.30 (Type: outgoing)16:59:26 Steve IP-BLOCK 91.200.240.30 (Type: outgoing)17:00:30 Steve MESSAGE Scheduled update executed successfully17:00:30 Steve MESSAGE IP Protection stopped17:00:33 Steve MESSAGE Database updated successfully17:00:33 Steve MESSAGE Scheduled scan executed successfully17:00:34 Steve MESSAGE IP Protection started successfully17:05:36 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)17:05:36 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)17:05:39 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)17:05:39 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)17:05:39 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)17:05:40 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)17:05:42 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)17:05:43 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)17:05:45 Steve IP-BLOCK 62.122.75.136 (Type: outgoing)17:05:45 Steve IP-BLOCK 68.168.212.19 (Type: outgoing)17:05:48 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)17:05:49 Steve IP-BLOCK 95.143.193.138 (Type: outgoing)17:16:17 Steve MESSAGE Protection started successfully17:17:02 Steve MESSAGE IP Protection started successfully17:26:57 (null) MESSAGE Protection started successfully17:27:32 Steve MESSAGE IP Protection started successfully17:43:08 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)17:43:11 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)17:43:17 Steve IP-BLOCK 195.14.112.136 (Type: outgoing) Link to post Share on other sites More sharing options...
LDTate Posted April 18, 2011 ID:417625 Share Posted April 18, 2011 If you haven't rebooted since running TDSSKiller please do so.Next:Vista and Windows 7 users:1. These tools MUST be run from the executable. (.exe) every time you run them 2. With Admin Rights (Right click, choose "Run as Administrator")Download ComboFix from one of these locations:Link 1Link 2 If using this link, Right Click and select Save As.* IMPORTANT !!! Save ComboFix.exe to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective ProgramsDouble click on ComboFix.exe & follow the prompts.Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7. Note: If you have XP SP3, use the XP SP2 package.If Vista or Windows 7, skip the Recovery Console partAs part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:Click on Yes, to continue scanning for malware.When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.Notes:1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper. 4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.Give it atleast 20-30 minutes to finish if needed.Please do not attach the scan results from Combofx. Use copy/paste.Also please describe how your computer behaves at the moment. Link to post Share on other sites More sharing options...
smacn27076 Posted April 19, 2011 Author ID:418075 Share Posted April 19, 2011 I disabled AVG 9.0 Resident Shield, but ComboFix will not run. I get a warning to uninstall AVG or use another tool. I am reluctant to remove AVG.Am I missing a step in disabling Resident Shield and running ComboFix? The instructions in your reply specify Windows 7 and Windows Vista. I am using Windows XP sp3. Will that make a difference? Link to post Share on other sites More sharing options...
LDTate Posted April 19, 2011 ID:418186 Share Posted April 19, 2011 Combofix will not run unless AVG is uninstalled.http://www.eset.eu/online-scannerGo here to run an online scannner from ESET.Click the green ESET Online Scanner button.Read the End User License Agreement and check the box: YES, I accept the Terms of Use.Click on the Start button next to it.You may receive an alert on the address bar that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then click Insall ActiveX component.A new window will appear asking "Do you want to install this software?"".Answer Yes to download and install the ActiveX controls that allows the scan to run.Click Start.Check Remove found threats and Scan potentially unwanted applications.Click Scan to begin. If offered the option to get information or buy software. Just close the window. Wait for the scan to finishUse notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txtCopy and paste that log as a reply to this topic. Link to post Share on other sites More sharing options...
smacn27076 Posted April 21, 2011 Author ID:419005 Share Posted April 21, 2011 ESETSmartInstaller@High as downloader log:all ok# version=7# OnlineScannerApp.exe=1.0.0.1# OnlineScanner.ocx=1.0.0.6427# api_version=3.0.2# EOSSerial=bbcc773b787a3544a35c09c75059c9d6# end=finished# remove_checked=true# archives_checked=true# unwanted_checked=true# unsafe_checked=false# antistealth_checked=true# utc_time=2011-04-21 03:22:48# local_time=2011-04-20 08:22:48 (-0800, Pacific Daylight Time)# country="United States"# lang=1033# osver=5.1.2600 NT Service Pack 3# compatibility_mode=1029 16777173 100 91 0 46862471 0 0# compatibility_mode=8192 67108863 100 0 0 0 0 0# scanned=98798# found=7# cleaned=6# scan_time=2867C:\Documents and Settings\All Users\Documents\setup201.fon Win32/AutoRun.Agent.ABK worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 CC:\Documents and Settings\All Users\Documents\setup201.lnk LNK/Exploit.CVE-2010-2568 trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 CC:\Documents and Settings\All Users\Documents\setup50045.fon Win32/AutoRun.Agent.ABK worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 CC:\Documents and Settings\All Users\Documents\setup50045.lnk LNK/Exploit.CVE-2010-2568 trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 CC:\WINDOWS\CouponsBar.dll probably a variant of Win32/Adware.Softomate.AD application (cleaned by deleting - quarantined) 00000000000000000000000000000000 CC:\WINDOWS\Temp\srv9C4.tmp Win32/AutoRun.Agent.ABK worm (cleaned by deleting (after the next restart) - quarantined) 00000000000000000000000000000000 C${Memory} Win32/AutoRun.Agent.ABK worm 00000000000000000000000000000000 I Link to post Share on other sites More sharing options...
LDTate Posted April 21, 2011 ID:419070 Share Posted April 21, 2011 How's it running now? Link to post Share on other sites More sharing options...
smacn27076 Posted April 22, 2011 Author ID:419389 Share Posted April 22, 2011 We were intially having problems with an unsolicited web page appearing behind the active Internet Explorer window. Internet Explorer would then freeze up and we would have to reboot by manually shutting down the computer. We've been using Google Chrome or Safari since we figured out that IE might be part of the problem and haven't seen evidence of any problems aside from the IP Block warning bubbles.This evening I've been navigating through various websites through Internet Explorer over the last half hour or so to check its operation and have not had any problems aside from our normal slow connection problems (service in this area is not all that great). I haven't seen any evidence of the unsolicited web sites, but I am still getting occasional IP Block messages from Malwarebytes.This is a copy of the most recent Malwarebytes log.(Additional comments follow)00:00:13 Steve MESSAGE Scheduled update executed successfully00:00:13 Steve MESSAGE IP Protection stopped00:00:16 Steve MESSAGE Scheduled scan executed successfully00:00:18 Steve MESSAGE Database updated successfully00:00:19 Steve MESSAGE IP Protection started successfully00:55:06 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)00:55:09 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)00:55:15 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)00:55:27 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)00:55:30 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)00:55:36 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)01:00:24 Steve MESSAGE Scheduled update executed successfully01:00:24 Steve MESSAGE IP Protection stopped01:00:27 Steve MESSAGE Scheduled scan executed successfully01:00:29 Steve MESSAGE Database updated successfully01:00:31 Steve MESSAGE IP Protection started successfully01:55:48 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)01:55:51 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)01:55:57 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)01:56:09 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)01:56:12 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)01:56:18 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:56:30 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:56:33 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:56:39 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:56:51 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:56:54 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:57:00 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)03:57:12 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)03:57:15 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)03:57:21 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)03:57:33 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)03:57:36 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)03:57:42 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:57:54 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:57:57 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:58:03 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:58:15 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:58:18 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:58:24 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:58:36 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:58:39 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:58:45 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:58:57 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:59:00 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:59:06 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)06:59:18 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)06:59:21 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)06:59:27 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)06:59:39 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)06:59:42 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)06:59:48 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:00:00 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:00:03 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:00:09 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:00:21 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:00:24 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:00:30 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:00:42 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:00:45 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:00:51 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:01:03 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:01:06 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:01:09 Steve MESSAGE Scheduled update executed successfully09:01:09 Steve MESSAGE IP Protection stopped09:01:12 Steve MESSAGE Scheduled scan executed successfully09:01:15 Steve MESSAGE Database updated successfully09:01:16 Steve MESSAGE IP Protection started successfully09:01:20 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:01:31 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:01:52 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:02:33 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:01:15 Steve MESSAGE Scheduled update executed successfully10:01:15 Steve MESSAGE IP Protection stopped10:01:18 Steve MESSAGE Scheduled scan executed successfully10:01:21 Steve MESSAGE Database updated successfully10:01:22 Steve MESSAGE IP Protection started successfully10:18:40 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:18:40 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:18:43 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:18:44 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:18:49 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:18:49 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:18:37 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:18:40 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:18:46 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:01:20 Steve MESSAGE Scheduled update executed successfully12:01:20 Steve MESSAGE IP Protection stopped12:01:23 Steve MESSAGE Scheduled scan executed successfully12:01:27 Steve MESSAGE Database updated successfully12:01:28 Steve MESSAGE IP Protection started successfully12:18:38 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:18:39 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:18:41 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:18:42 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:18:47 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:18:48 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)13:18:37 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)13:18:41 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)13:18:47 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:18:41 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:18:44 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:18:50 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)15:18:40 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)15:18:41 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)15:18:43 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)15:18:44 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)15:18:50 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)15:18:50 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)16:01:37 Steve MESSAGE Scheduled update executed successfully16:01:37 Steve MESSAGE IP Protection stopped16:01:40 Steve MESSAGE Scheduled scan executed successfully16:01:45 Steve MESSAGE Database updated successfully16:01:46 Steve MESSAGE IP Protection started successfully16:18:38 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)16:18:41 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)16:18:47 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)17:18:38 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)17:18:41 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)17:18:47 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)18:18:38 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)18:18:41 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)18:18:48 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)19:18:09 Steve MESSAGE Protection started successfully19:18:20 Steve MESSAGE IP Protection started successfully19:18:24 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)19:18:33 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)If the IP Blocks indicated here are fairly common as a result of having an internet connection and visiting websites, and the frequency of the warning messages simply means that Malwarebytes is doing its job, then perhaps my settings for Malwarebytes need to be tweaked so that I am not getting a warning message everytime it blocks access.The first thing I noticed about this log, however, is that Malwarebytes is blocking only one DNS address. Previous logs indicated a couple of DNS addresses. Would it be okay to scan the system again using ESET to see if the fix we ran last night cleaned out the threats it found, or is there a different scan that we can try to identify and eliminate what appears to be the only remaining threat? Link to post Share on other sites More sharing options...
LDTate Posted April 22, 2011 ID:419491 Share Posted April 22, 2011 IP-BLOCK 195.14.112.136 (Type: outgoing)It would be different if it were incoming.That IP is listed as Ukraine Pe Yastremskiy Leonid Stepanovich Post a new DDS log Link to post Share on other sites More sharing options...
smacn27076 Posted April 23, 2011 Author ID:419709 Share Posted April 23, 2011 2011/04/22 18:19:19.0171 8012 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:282011/04/22 18:19:21.0187 8012 ================================================================================2011/04/22 18:19:21.0187 8012 SystemInfo:2011/04/22 18:19:21.0187 8012 2011/04/22 18:19:21.0187 8012 OS Version: 5.1.2600 ServicePack: 3.02011/04/22 18:19:21.0187 8012 Product type: Workstation2011/04/22 18:19:21.0187 8012 ComputerName: OFFICE2011/04/22 18:19:21.0187 8012 UserName: Steve2011/04/22 18:19:21.0187 8012 Windows directory: C:\WINDOWS2011/04/22 18:19:21.0187 8012 System windows directory: C:\WINDOWS2011/04/22 18:19:21.0187 8012 Processor architecture: Intel x862011/04/22 18:19:21.0187 8012 Number of processors: 22011/04/22 18:19:21.0187 8012 Page size: 0x10002011/04/22 18:19:21.0187 8012 Boot type: Normal boot2011/04/22 18:19:21.0187 8012 ================================================================================2011/04/22 18:19:21.0546 8012 Initialize success2011/04/22 18:19:25.0015 7192 ================================================================================2011/04/22 18:19:25.0015 7192 Scan started2011/04/22 18:19:25.0015 7192 Mode: Manual; 2011/04/22 18:19:25.0015 7192 ================================================================================2011/04/22 18:19:26.0687 7192 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS2011/04/22 18:19:26.0718 7192 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys2011/04/22 18:19:26.0750 7192 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys2011/04/22 18:19:26.0812 7192 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys2011/04/22 18:19:26.0859 7192 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys2011/04/22 18:19:26.0890 7192 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys2011/04/22 18:19:26.0906 7192 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys2011/04/22 18:19:26.0921 7192 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys2011/04/22 18:19:26.0937 7192 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys2011/04/22 18:19:26.0968 7192 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys2011/04/22 18:19:26.0984 7192 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys2011/04/22 18:19:27.0015 7192 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys2011/04/22 18:19:27.0046 7192 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys2011/04/22 18:19:27.0046 7192 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys2011/04/22 18:19:27.0078 7192 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys2011/04/22 18:19:27.0109 7192 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys2011/04/22 18:19:27.0125 7192 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys2011/04/22 18:19:27.0156 7192 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys2011/04/22 18:19:27.0171 7192 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys2011/04/22 18:19:27.0218 7192 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys2011/04/22 18:19:27.0312 7192 ati2mtag (b63516824da0d8b9ad136e6e044a795f) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys2011/04/22 18:19:27.0390 7192 AtiHdmiService (eaece4a0d90d6e1fbe068cce9efd73a0) C:\WINDOWS\system32\drivers\AtiHdmi.sys2011/04/22 18:19:27.0421 7192 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys2011/04/22 18:19:27.0453 7192 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys2011/04/22 18:19:27.0500 7192 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\System32\Drivers\avgldx86.sys2011/04/22 18:19:27.0546 7192 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\System32\Drivers\avgmfx86.sys2011/04/22 18:19:27.0562 7192 AvgRkx86 (5bbcd8646074a3af4ee9b321d12c2b64) C:\WINDOWS\system32\Drivers\avgrkx86.sys2011/04/22 18:19:27.0609 7192 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\System32\Drivers\avgtdix.sys2011/04/22 18:19:27.0640 7192 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys2011/04/22 18:19:27.0703 7192 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys2011/04/22 18:19:27.0765 7192 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys2011/04/22 18:19:27.0765 7192 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys2011/04/22 18:19:27.0812 7192 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys2011/04/22 18:19:27.0828 7192 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys2011/04/22 18:19:27.0875 7192 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys2011/04/22 18:19:27.0890 7192 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys2011/04/22 18:19:27.0937 7192 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys2011/04/22 18:19:28.0031 7192 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys2011/04/22 18:19:28.0093 7192 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys2011/04/22 18:19:28.0109 7192 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys2011/04/22 18:19:28.0140 7192 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys2011/04/22 18:19:28.0171 7192 Diag69xp (a22d5a027f397e412cbb2d97e8661bff) C:\WINDOWS\system32\Drivers\Diag69xp.sys2011/04/22 18:19:28.0218 7192 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys2011/04/22 18:19:28.0234 7192 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS2011/04/22 18:19:28.0250 7192 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS2011/04/22 18:19:28.0265 7192 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS2011/04/22 18:19:28.0281 7192 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS2011/04/22 18:19:28.0296 7192 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS2011/04/22 18:19:28.0328 7192 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS2011/04/22 18:19:28.0328 7192 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS2011/04/22 18:19:28.0343 7192 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS2011/04/22 18:19:28.0359 7192 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS2011/04/22 18:19:28.0359 7192 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS2011/04/22 18:19:28.0406 7192 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys2011/04/22 18:19:28.0437 7192 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys2011/04/22 18:19:28.0437 7192 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys2011/04/22 18:19:28.0531 7192 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys2011/04/22 18:19:28.0593 7192 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys2011/04/22 18:19:28.0625 7192 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys2011/04/22 18:19:28.0687 7192 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS2011/04/22 18:19:28.0718 7192 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS2011/04/22 18:19:28.0781 7192 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys2011/04/22 18:19:28.0828 7192 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys2011/04/22 18:19:28.0875 7192 FilterService (b73ec688c29f81f9da0fcf63682b3ecb) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys2011/04/22 18:19:28.0921 7192 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys2011/04/22 18:19:28.0937 7192 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys2011/04/22 18:19:28.0953 7192 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys2011/04/22 18:19:29.0000 7192 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys2011/04/22 18:19:29.0015 7192 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys2011/04/22 18:19:29.0062 7192 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys2011/04/22 18:19:29.0109 7192 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys2011/04/22 18:19:29.0125 7192 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys2011/04/22 18:19:29.0156 7192 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys2011/04/22 18:19:29.0187 7192 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys2011/04/22 18:19:29.0218 7192 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys2011/04/22 18:19:29.0250 7192 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys2011/04/22 18:19:29.0296 7192 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys2011/04/22 18:19:29.0312 7192 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys2011/04/22 18:19:29.0359 7192 iaStor (707c1692214b1c290271067197f075f6) C:\WINDOWS\system32\drivers\iaStor.sys2011/04/22 18:19:29.0406 7192 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys2011/04/22 18:19:29.0453 7192 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys2011/04/22 18:19:29.0562 7192 IntcAzAudAddService (5c8f36cdcb489111b24003af4dfe1fdc) C:\WINDOWS\system32\drivers\RtkHDAud.sys2011/04/22 18:19:29.0609 7192 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys2011/04/22 18:19:29.0640 7192 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys2011/04/22 18:19:29.0671 7192 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys2011/04/22 18:19:29.0687 7192 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys2011/04/22 18:19:29.0703 7192 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys2011/04/22 18:19:29.0734 7192 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys2011/04/22 18:19:29.0750 7192 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys2011/04/22 18:19:29.0796 7192 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys2011/04/22 18:19:29.0828 7192 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys2011/04/22 18:19:29.0843 7192 JRAID (b07084095f8c03aadb9811c9df14b5e4) C:\WINDOWS\system32\DRIVERS\jraid.sys2011/04/22 18:19:29.0906 7192 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys2011/04/22 18:19:29.0953 7192 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys2011/04/22 18:19:29.0984 7192 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys2011/04/22 18:19:30.0031 7192 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys2011/04/22 18:19:30.0078 7192 LANPkt (8f5795b166cbb50966e29982f8cdb310) C:\WINDOWS\system32\DRIVERS\LANPkt.sys2011/04/22 18:19:30.0218 7192 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys2011/04/22 18:19:30.0312 7192 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\WINDOWS\system32\DRIVERS\lmimirr.sys2011/04/22 18:19:30.0375 7192 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\WINDOWS\system32\drivers\LMIRfsDriver.sys2011/04/22 18:19:30.0406 7192 lvpopflt (9fb982de1c8dd769f8ed681dd878b12f) C:\WINDOWS\system32\DRIVERS\lvpopflt.sys2011/04/22 18:19:30.0453 7192 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys2011/04/22 18:19:30.0484 7192 LVRS (37072ec9299e825f4335cc554b6fac6a) C:\WINDOWS\system32\DRIVERS\lvrs.sys2011/04/22 18:19:30.0640 7192 LVUVC (a240e42a7402e927a71b6e8aa4629b13) C:\WINDOWS\system32\DRIVERS\lvuvc.sys2011/04/22 18:19:30.0890 7192 MBAMProtector (836e0e09ca9869be7eb39ef2cf3602c7) C:\WINDOWS\system32\drivers\mbam.sys2011/04/22 18:19:30.0968 7192 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys2011/04/22 18:19:30.0984 7192 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys2011/04/22 18:19:31.0031 7192 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys2011/04/22 18:19:31.0046 7192 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys2011/04/22 18:19:31.0062 7192 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys2011/04/22 18:19:31.0093 7192 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys2011/04/22 18:19:31.0093 7192 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys2011/04/22 18:19:31.0140 7192 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys2011/04/22 18:19:31.0187 7192 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys2011/04/22 18:19:31.0218 7192 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys2011/04/22 18:19:31.0234 7192 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys2011/04/22 18:19:31.0250 7192 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys2011/04/22 18:19:31.0281 7192 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys2011/04/22 18:19:31.0328 7192 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys2011/04/22 18:19:31.0359 7192 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys2011/04/22 18:19:31.0390 7192 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys2011/04/22 18:19:31.0421 7192 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys2011/04/22 18:19:31.0453 7192 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys2011/04/22 18:19:31.0484 7192 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys2011/04/22 18:19:31.0500 7192 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys2011/04/22 18:19:31.0500 7192 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys2011/04/22 18:19:31.0546 7192 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys2011/04/22 18:19:31.0562 7192 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys2011/04/22 18:19:31.0578 7192 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys2011/04/22 18:19:31.0609 7192 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys2011/04/22 18:19:31.0671 7192 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys2011/04/22 18:19:31.0718 7192 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys2011/04/22 18:19:31.0750 7192 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys2011/04/22 18:19:31.0750 7192 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys2011/04/22 18:19:31.0796 7192 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys2011/04/22 18:19:31.0828 7192 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys2011/04/22 18:19:31.0843 7192 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys2011/04/22 18:19:31.0859 7192 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys2011/04/22 18:19:31.0921 7192 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys2011/04/22 18:19:31.0984 7192 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys2011/04/22 18:19:32.0093 7192 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys2011/04/22 18:19:32.0109 7192 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys2011/04/22 18:19:32.0171 7192 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys2011/04/22 18:19:32.0187 7192 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys2011/04/22 18:19:32.0203 7192 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys2011/04/22 18:19:32.0250 7192 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys2011/04/22 18:19:32.0281 7192 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys2011/04/22 18:19:32.0296 7192 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys2011/04/22 18:19:32.0343 7192 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys2011/04/22 18:19:32.0359 7192 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys2011/04/22 18:19:32.0375 7192 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys2011/04/22 18:19:32.0390 7192 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys2011/04/22 18:19:32.0437 7192 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys2011/04/22 18:19:32.0453 7192 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys2011/04/22 18:19:32.0468 7192 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys2011/04/22 18:19:32.0500 7192 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys2011/04/22 18:19:32.0500 7192 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys2011/04/22 18:19:32.0546 7192 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys2011/04/22 18:19:32.0562 7192 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys2011/04/22 18:19:32.0609 7192 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys2011/04/22 18:19:32.0656 7192 RTLE8023xp (20f8e21af426bf61881981452b3c3370) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys2011/04/22 18:19:32.0703 7192 RTLVLAN (b9ca69921379ea2931c4450fe975bce7) C:\WINDOWS\system32\DRIVERS\RTLVLAN.SYS2011/04/22 18:19:32.0765 7192 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys2011/04/22 18:19:32.0796 7192 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys2011/04/22 18:19:32.0812 7192 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys2011/04/22 18:19:32.0843 7192 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys2011/04/22 18:19:32.0890 7192 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys2011/04/22 18:19:32.0953 7192 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys2011/04/22 18:19:33.0015 7192 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys2011/04/22 18:19:33.0078 7192 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys2011/04/22 18:19:33.0125 7192 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys2011/04/22 18:19:33.0171 7192 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys2011/04/22 18:19:33.0218 7192 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys2011/04/22 18:19:33.0250 7192 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys2011/04/22 18:19:33.0296 7192 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys2011/04/22 18:19:33.0343 7192 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys2011/04/22 18:19:33.0375 7192 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys2011/04/22 18:19:33.0390 7192 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys2011/04/22 18:19:33.0421 7192 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys2011/04/22 18:19:33.0500 7192 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys2011/04/22 18:19:33.0562 7192 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys2011/04/22 18:19:33.0593 7192 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys2011/04/22 18:19:33.0609 7192 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys2011/04/22 18:19:33.0656 7192 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys2011/04/22 18:19:33.0687 7192 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys2011/04/22 18:19:33.0718 7192 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys2011/04/22 18:19:33.0750 7192 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys2011/04/22 18:19:33.0781 7192 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys2011/04/22 18:19:33.0828 7192 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys2011/04/22 18:19:33.0875 7192 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys2011/04/22 18:19:33.0906 7192 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys2011/04/22 18:19:33.0953 7192 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys2011/04/22 18:19:34.0015 7192 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys2011/04/22 18:19:34.0046 7192 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys2011/04/22 18:19:34.0078 7192 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys2011/04/22 18:19:34.0093 7192 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS2011/04/22 18:19:34.0125 7192 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys2011/04/22 18:19:34.0171 7192 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys2011/04/22 18:19:34.0203 7192 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys2011/04/22 18:19:34.0234 7192 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys2011/04/22 18:19:34.0250 7192 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys2011/04/22 18:19:34.0281 7192 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys2011/04/22 18:19:34.0343 7192 W8335XP (7455b3c11a1d6a844b53febdb58646e9) C:\WINDOWS\system32\DRIVERS\WG311v3XP.sys2011/04/22 18:19:34.0359 7192 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys2011/04/22 18:19:34.0421 7192 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys2011/04/22 18:19:34.0484 7192 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS2011/04/22 18:19:34.0515 7192 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys2011/04/22 18:19:34.0531 7192 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys2011/04/22 18:19:34.0593 7192 ================================================================================2011/04/22 18:19:34.0593 7192 Scan finished2011/04/22 18:19:34.0593 7192 ================================================================================ Link to post Share on other sites More sharing options...
LDTate Posted April 23, 2011 ID:419729 Share Posted April 23, 2011 Can you post a new DDS log? Link to post Share on other sites More sharing options...
smacn27076 Posted April 24, 2011 Author ID:420087 Share Posted April 24, 2011 .DDS (Ver_11-03-05.01) - NTFSx86 Run by Steve at 19:42:58.00 on Sat 04/23/2011Internet Explorer: 8.0.6001.18702Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.1624 [GMT -7:00].AV: AVG Anti-Virus *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}.============== Running Processes ===============.C:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost -k DcomLaunchC:\WINDOWS\system32\svchost -k rpcssC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k NetworkServiceC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\AVG\AVG9\avgchsvx.exeC:\Program Files\AVG\AVG9\avgrsx.exeC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exeC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\AVG\AVG9\avgwdsvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\AVG\AVG9\avgam.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\AVG\AVG9\avgnsx.exeC:\Program Files\Kodak\AiO\Center\ekdiscovery.exeC:\Program Files\LogMeIn\x86\LMIGuardianSvc.exeC:\Program Files\LogMeIn\x86\RaMaint.exeC:\Program Files\LogMeIn\x86\LogMeIn.exeC:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exec:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exeC:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exeC:\WINDOWS\System32\alg.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system32\msdtc.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exeC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\Program Files\ATI Technologies\ATI.ACE\CLI.EXEC:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exeC:\Program Files\Logitech\Logitech WebCam Software\LWS.exeC:\Program Files\iGive_Toolbar\igvtt.exeC:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exeC:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exeC:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exeC:\Program Files\Fisher-Price\Music Player\MP_Middleware.exeC:\Program Files\Fisher-Price\Photo Software\Util\Fisher-Price Photo Software Middleware.exeC:\Program Files\LogMeIn\x86\LogMeInSystray.exeC:\Program Files\iGive_Toolbar\igvtp.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\NETGEAR\WG311v3\wlancfg5.exeC:\Program Files\OpenOffice.org 3\program\soffice.exeC:\Program Files\OpenOffice.org 3\program\soffice.binC:\Program Files\iPod\bin\iPodService.exeC:\Program Files\ATI Technologies\ATI.ACE\cli.exeC:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXEC:\Program Files\AVG\AVG9\avgcsrvx.exeC:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exeC:\Program Files\Windows Live\Messenger\msnmsgr.exeC:\Program Files\Spybot - Search & Destroy\TeaTimer.exeC:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exeC:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exeC:\Program Files\Safari\Safari.exeC:\WINDOWS\system32\dllhost.exeC:\Program Files\Safari\Safari.exeC:\Documents and Settings\Steve\My Documents\dds.scrC:\WINDOWS\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============.uSearch Page = hxxp://www.google.comuDefault_Page_URL = hxxp://www.msn.comuSearch Bar = hxxp://www.google.com/ieuDefault_Search_URL = hxxp://www.google.com/ieuInternet Settings,ProxyOverride = *.localuSearchAssistant = hxxp://www.google.com/ieuSearchURL,(Default) = hxxp://www.google.com/search?q=%smSearchAssistant = hxxp://www.google.com/ieuURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dlluURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dllmURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dllBHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dllBHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dllBHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No FileBHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dllBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dllBHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllBHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dllBHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllTB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dllTB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dllTB: iGive Toolbar: {fa73ae1b-4ba9-4e8b-832b-54a287ff1b7f} - c:\program files\igive_toolbar\igvtb.dllTB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dllTB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dlluRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduleruRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [Google Update] "c:\documents and settings\steve\local settings\application data\google\update\GoogleUpdate.exe" /cuRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exemRun: [RTHDCPL] RTHDCPL.EXEmRun: [Alcmtr] ALCMTR.EXEmRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exemRun: [ATICCC] "c:\program files\ati technologies\ati.ace\CLIStart.exe"mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exemRun: [Conime] %windir%\system32\conime.exemRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hidemRun: [igvtm] "c:\program files\igive_toolbar\igvtt.exe"mRun: [Google Quick Search Box] "c:\program files\google\quick search box\GoogleQuickSearchBox.exe" /autorunmRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exemRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottimemRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exemRun: [Launch Kid-Touch Music Player Middleware] "c:\program files\fisher-price\music player\MP_Middleware.exe"mRun: [FPPhotoMiddleWare] c:\program files\fisher-price\photo software\util\Fisher-Price Photo Software Middleware.exemRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttraymRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"StartupFolder: c:\docume~1\steve\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wg311v3\wlancfg5.exeIE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.htmlIE: iGive Toolbar - file://c:\documents and settings\steve\application data\igive_toolbar\igvtt\igvtC5.htmIE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office11\REFIEBAR.DLLIE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dllTrusted Zone: microsoft.com\www.updateDPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CABDPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cabDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cabDPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cabDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1295804343375DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1295804337281DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {A7EA8AD2-287F-11D3-B120-006008C39542} - hxxp://offers.e-centives.com/cif/download/bin/actxcab.cabDPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cabDPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabHandler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dllHandler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dllHandler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dllHandler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dllHandler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dllHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLLNotify: AtiExtEvent - Ati2evxx.dllNotify: avgrsstarter - avgrsstx.dllNotify: LMIinit - LMIinit.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllHosts: 127.0.0.1 www.spywareinfo.com.============= SERVICES / DRIVERS ===============.R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2009-7-26 52872]R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-7-26 216400]R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-7-26 29584]R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-7-26 243024]R2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-6-22 308136]R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-11-25 54752]R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\ekdiscovery.exe [2010-9-13 308656]R2 LANPkt;Realtek LANPkt Protocol Driver;c:\windows\system32\drivers\LANPkt.sys [2009-7-10 8960]R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2011-1-14 374152]R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-7-24 12856]R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-7-26 47640]R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2009-7-26 363344]R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\sitead~1\mcsacore.exe [2011-4-14 88176]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-7-26 20952]S2 0130211302835273mcinstcleanup;McAfee Application Installer Cleanup (0130211302835273);c:\windows\temp\013021~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\windows\temp\013021~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-3 135664]S2 srv9C4;srv9C4;c:\windows\system32\svchost.exe -k netsvcs [2008-4-25 14336]S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [2010-10-26 517448]S3 Diag69xp;Diag69xp;c:\windows\system32\drivers\diag69xp.sys [2009-7-10 11264]S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-3 135664]S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]S3 RTLVLAN;Realtek VLAN Intermediate Driver;c:\windows\system32\drivers\RTLVLAN.SYS [2009-7-10 16640]S4 LMIRfsClientNP;LMIRfsClientNP; [x].=============== Created Last 30 ================.2011-04-22 02:20:29 -------- d-----w- c:\docume~1\steve\locals~1\applic~1\PCHealth2011-04-22 02:08:49 -------- d-----w- c:\windows\ServicePackFiles2011-04-21 10:03:23 -------- d-----w- C:\fc9ad48c9dd3d4a2f94840738e2011-04-21 02:04:48 -------- d-----w- c:\program files\ESET2011-04-20 14:31:07 274288 ----a-w- c:\windows\system32\mucltui.dll2011-04-20 14:31:07 16736 ----a-w- c:\windows\system32\mucltui.dll.mui2011-04-20 10:03:04 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll2011-04-20 10:03:04 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe2011-04-20 10:03:04 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll2011-04-20 10:03:04 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll2011-04-20 10:03:04 -------- d-----w- C:\28852effe3076aaf4a2011-04-17 01:44:50 -------- d--h--w- c:\windows\PIF2011-04-15 02:57:25 -------- d-----w- c:\program files\Spybot - Search & Destroy2011-04-15 02:57:25 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy2011-04-15 02:41:13 -------- d-----w- c:\program files\common files\McAfee2011-04-15 02:41:07 -------- d-----w- c:\program files\McAfee2011-04-05 03:05:57 3840 ----a-w- c:\windows\system32\drivers\BANTExt.sys2011-04-05 03:05:56 -------- d-----w- c:\program files\Belarc2011-03-29 03:59:32 -------- d-----w- c:\program files\CCleaner2011-03-29 03:58:41 -------- d-----w- c:\program files\VS Revo Group2011-03-28 15:46:17 -------- d-----w- c:\docume~1\steve\applic~1\OfferBox2011-03-28 15:46:13 -------- d-----w- c:\program files\OfferBox2011-03-28 15:45:36 0 ----a-w- c:\windows\Lsasobogise.bin.==================== Find3M ====================.2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll2011-03-03 13:27:43 1866880 ----a-w- c:\windows\system32\win32k.sys2011-02-22 23:06:29 916480 ----a-w- c:\windows\system32\wininet.dll2011-02-22 23:06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll2011-02-22 23:06:29 1469440 ----a-w- c:\windows\system32\inetcpl.cpl2011-02-22 11:41:59 385024 ----a-w- c:\windows\system32\html.iec2011-02-18 23:36:58 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll2011-02-17 12:32:12 5120 ----a-w- c:\windows\system32\xpsp4res.dll2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll2011-02-11 13:25:52 229888 ----a-w- c:\windows\system32\fxscover.exe2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll2011-02-03 04:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll2011-02-03 02:19:39 73728 ----a-w- c:\windows\system32\javacpl.cpl2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe2011-01-15 03:36:17 6275960 ----a-w- c:\program files\Silverlight.exe2010-12-25 05:42:12 110914304 ----a-w- c:\program files\Fisher-Price_Digital_Camera_Photo_2.0.0.9.exe2010-12-24 20:23:26 16553552 ----a-w- c:\program files\Fisher-Price Music Player Setup_v1.0.0.33.exe2009-11-25 19:24:39 1146184 ----a-w- c:\program files\wlsetup-web.exe.============= FINISH: 19:43:42.90 =============== Link to post Share on other sites More sharing options...
LDTate Posted April 24, 2011 ID:420240 Share Posted April 24, 2011 Are you using a Router?If so, it might need to be reset.Let Link to post Share on other sites More sharing options...
smacn27076 Posted April 27, 2011 Author ID:421444 Share Posted April 27, 2011 Well, I rebooted the router, and that seemed to help some of the performance issues we were having, but we are still getting IP Block messages.At one point the logs showed Malwarebytes blocking 1 DNS address. Another log showed 3 addresses, but we quarantined one threat, and now the logs are consistently showing the same two DNS addresses. This is my most recent Malewarebytes log.00:00:22 Steve MESSAGE Scheduled update executed successfully00:00:22 Steve MESSAGE IP Protection stopped00:00:25 Steve MESSAGE Scheduled scan executed successfully00:00:31 Steve MESSAGE Database updated successfully00:00:32 Steve MESSAGE IP Protection started successfully00:59:08 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)00:59:11 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)00:59:17 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)01:16:54 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)01:16:57 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)01:17:03 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:00:24 Steve MESSAGE Scheduled update executed successfully02:00:24 Steve MESSAGE IP Protection stopped02:00:27 Steve MESSAGE Scheduled scan executed successfully02:00:32 Steve MESSAGE Database updated successfully02:00:34 Steve MESSAGE IP Protection started successfully02:16:54 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:16:55 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:16:57 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:16:58 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:17:03 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)02:17:04 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)03:16:54 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)03:16:57 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)03:16:57 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)03:17:03 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)03:17:03 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:16:54 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:16:57 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)04:17:03 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:16:55 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:16:58 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)05:17:04 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)06:16:55 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)06:16:58 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)06:17:04 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)07:16:54 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)07:16:57 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)07:17:03 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)07:17:15 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)07:17:18 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)07:17:24 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)07:17:36 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)07:17:39 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)07:17:45 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)08:17:57 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:18:00 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:18:06 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:18:18 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:18:21 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:18:27 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)08:18:39 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)08:18:42 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)08:18:48 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)09:19:00 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:19:03 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:19:09 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:19:21 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:19:24 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:19:30 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)09:19:42 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)09:19:45 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)09:19:51 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)10:00:34 Steve MESSAGE Scheduled update executed successfully10:00:34 Steve MESSAGE IP Protection stopped10:00:37 Steve MESSAGE Scheduled scan executed successfully10:00:43 Steve MESSAGE Database updated successfully10:00:44 Steve MESSAGE IP Protection started successfully10:20:03 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:20:06 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:20:12 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:20:24 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:20:27 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:20:33 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)10:20:45 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)10:20:48 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)10:20:54 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)11:21:06 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:21:09 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:21:15 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:21:27 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:21:30 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:21:36 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)11:21:48 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)11:21:51 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)11:21:57 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)12:00:28 Steve MESSAGE Scheduled update executed successfully12:00:28 Steve MESSAGE IP Protection stopped12:00:31 Steve MESSAGE Scheduled scan executed successfully12:00:37 Steve MESSAGE Database updated successfully12:00:39 Steve MESSAGE IP Protection started successfully12:22:09 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:22:12 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:22:18 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:22:30 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:22:33 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:22:39 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)12:22:51 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)12:22:54 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)12:23:00 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)13:00:32 Steve MESSAGE Scheduled update executed successfully13:00:32 Steve MESSAGE IP Protection stopped13:00:35 Steve MESSAGE Scheduled scan executed successfully13:00:40 Steve MESSAGE Database updated successfully13:00:42 Steve MESSAGE IP Protection started successfully13:23:12 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)13:23:15 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)13:23:21 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)13:23:33 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)13:23:36 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)13:23:42 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)13:23:54 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)13:23:57 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)13:24:03 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)14:24:15 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:24:18 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:24:24 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:24:36 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:24:39 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:24:45 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)14:24:57 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)14:25:00 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)14:25:06 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)15:25:18 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)15:25:21 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)15:25:27 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)15:25:39 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)15:25:42 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)15:25:48 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)15:26:00 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)15:26:03 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)15:26:09 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)16:00:35 Steve MESSAGE Scheduled update executed successfully16:00:35 Steve MESSAGE IP Protection stopped16:00:38 Steve MESSAGE Scheduled scan executed successfully16:00:44 Steve MESSAGE Database updated successfully16:00:45 Steve MESSAGE IP Protection started successfully16:26:21 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)16:26:24 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)16:26:30 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)16:26:42 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)16:26:45 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)16:26:51 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)16:27:03 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)16:27:06 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)16:27:12 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)17:27:24 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)17:27:27 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)17:27:33 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)17:27:45 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)17:27:48 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)17:27:54 Steve IP-BLOCK 195.14.112.136 (Type: outgoing)17:28:06 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)17:28:09 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)17:28:15 Steve IP-BLOCK 195.14.112.139 (Type: outgoing)Don't know what else to try! Link to post Share on other sites More sharing options...
LDTate Posted April 27, 2011 ID:421446 Share Posted April 27, 2011 Use Add/Remove Programs and uninstallOfferBox Link to post Share on other sites More sharing options...
LDTate Posted May 2, 2011 ID:423936 Share Posted May 2, 2011 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts