blocked access to a potentially malicious website

[ecease]

I recently installed the paid version of Malwarebytes, and I frequently see a pop-up window that says Malwarebytes has "blocked access to a potentially malicious website".

Below, you'll find the contents of DDS.txt, and I've attached a zip file that includes the latest Malwarebytes log, the attach.txt (from DDS), and the ark.txt (from GMER).

DDS.txt says my Sophos Anti-Virus is outdated, but my Sophos software indicates that it is updated.

Your help is greatly appreciated!

.

DDS (Ver_2011-06-03.01) - NTFSx86

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_24

Run by Eileen at 14:11:17 on 2011-06-04

Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.1919.640 [GMT -4:00]

.

AV: Sophos Anti-Virus *Enabled/Outdated* {479CCF92-4960-B3E0-7373-BF453B467D2C}

SP: Sophos Anti-Virus *Enabled/Outdated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe

C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

C:\Windows\Explorer.EXE

C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe

C:\Program Files\Sophos\AutoUpdate\ALMon.exe

C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\Hewlett-Packard\HP Software Update\hpwuschd2.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\TiVo\Desktop\TiVoServer.exe

C:\Program Files\TiVo\Desktop\TiVoTransfer.exe

C:\Program Files\TiVo\Desktop\TiVoNotify.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Windows\System32\svchost.exe -k LPDService

C:\Program Files\Maxtor\Sync\SyncServices.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe

C:\Program Files\Microsoft\BingBar\SeaPort.EXE

C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe

C:\Program Files\Sophos\AutoUpdate\ALsvc.exe

C:\Program Files\Sophos\Remote Management System\RouterNT.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_clipbook.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10q_ActiveX.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uInternet Settings,ProxyOverride = *.local

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hewlett-

packard\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files

\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Sophos Web Content Scanner: {39ea7695-b3f2-4c44-a4bc-297ada8fd235} - c:\program files

\sophos\sophos anti-virus\SophosBHO.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg

\avg9\avgssie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program

files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:

\progra~1\micros~2\office14\URLREDIR.DLL

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft

\bingbar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program

files\java\jre6\bin\jp2ssv.dll

BHO: NetAssistant: {e38fa08e-f56a-4169-abf5-5c71e3c153a1} - c:\program files\freeze.com

\netassistant\NetAssistant.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files

\hewlett-packard\digital imaging\smart web printing\hpswp_BHO.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar

\BingExt.dll"

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files

\hewlett-packard\digital imaging\smart web printing\hpswp_bho.dll

uRun: [TivoServer] c:\program files\tivo\desktop\TiVoServer.exe /service /registry

/auto:TivoServer

uRun: [TivoTransfer] c:\program files\tivo\desktop\TiVoTransfer.exe

uRun: [TivoNotify] c:\program files\tivo\desktop\TiVoNotify.exe /service /registry

/auto:TivoNotify

uRun: [TranscodingService] c:\program files\tivo\desktop\plus\\TranscodingService.exe

mRun: [mxomssmenu] "c:\program files\maxtor\onetouch status\maxmenumgr.exe"

mRun: [sophos AutoUpdate Monitor] c:\program files\sophos\autoupdate\almon.exe

mRun: [CarboniteSetupLite] "c:\program files\carbonite\CarbonitePreinstaller.exe"

/preinstalled /showonfirst /reshowat=900

mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status

\StxMenuMgr.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader

\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [<NO NAME>]

mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom

\RoxWatchTray9.exe"

mRun: [HP Software Update] c:\program files\hewlett-packard\hp software update

\HPWuSchd2.exe

mRun: [hpqSRMon] c:\program files\hewlett-packard\digital imaging\bin\hpqSRMon.exe

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware

\mbam.exe" /runcleanupscript

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware

\mbamgui.exe" /starttray

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:

\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpoddt~1.lnk - c:

\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\vpncli~1.lnk - c:

\windows\installer\{b0bf7057-6869-4e4b-920c-ea2a58da07f0}\Icon3E5562ED7.ico

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component

\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:

\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:

\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:

\program files\hewlett-packard\digital imaging\smart web printing\hpswp_BHO.dll

DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab

DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-

1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-

1_6_0_24-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-

1_6_0_24-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 205.152.150.23 205.152.132.23

TCP: Interfaces\{C8374319-01A3-4DC1-A50D-932CA9CAFB4D} : DhcpNameServer = 205.152.150.23

205.152.132.23

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files

\microsoft shared\office14\MSOXMLMF.DLL

AppInit_DLLs: c:\progra~1\sophos\sophos~1\SOPHOS~1.DLL

Hosts: 192.168.3.30 cs009.hq.mercer-trans.com cs009

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\eileen\appdata\roaming\mozilla\firefox\profiles

\w0hxo3wz.default\

FF - component: c:\program files\microsoft\search enhancement pack\search helper

\firefoxextension\searchhelperextension\components\SEPsearchhelperff.dll

FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

.

============= SERVICES / DRIVERS ===============

.

R1 SAVOnAccess;SAVOnAccess;c:\windows\system32\drivers\savonaccess.sys [2010-7-27 121848]

R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync

\FreeAgentService.exe [2009-9-25 189736]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe

[2010-7-20 363344]

R2 SAVAdminService;Sophos Anti-Virus status reporter;c:\program files\sophos\sophos anti-

virus\SAVAdminService.exe [2010-7-27 162032]

R2 SAVService;Sophos Anti-Virus;c:\program files\sophos\sophos anti-virus\SavService.exe

[2010-7-27 97520]

R2 Sophos Agent;Sophos Agent;c:\program files\sophos\remote management system

\ManagementAgentNT.exe [2010-7-27 282624]

R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service;c:\program files\sophos\autoupdate

\ALsvc.exe [2010-6-4 222448]

R2 Sophos Message Router;Sophos Message Router;c:\program files\sophos\remote management

system\RouterNT.exe [2010-7-27 806912]

R2 swi_service;Sophos Web Intelligence Service;c:\program files\sophos\sophos anti-virus

\web intelligence\swi_service.exe [2010-7-27 1530608]

R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\cisco\cisco anyconnect vpn client

\vpnagent.exe [2010-5-5 583360]

R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [2009-3-28 34128]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-7-20 20952]

R3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]

R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13 266752]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows

\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe

[2010-9-9 136176]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers

\b57nd60x.sys [2009-7-13 229888]

S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28

183560]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update

\GoogleUpdate.exe [2010-9-9 136176]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft

shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

S3 sdcfilter;sdcfilter;c:\windows\system32\drivers\sdcfilter.sys [2010-7-27 23928]

S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted

[2009-7-13 20992]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat

\WatAdminSvc.exe [2010-7-21 1343400]

S4 SophosBootDriver;SophosBootDriver;c:\windows\system32\drivers\SophosBootDriver.sys

[2010-7-27 22536]

S4 TivoBeacon2;TiVo Beacon Service;c:\program files\tivo\desktop\TiVoBeacon.exe [2010-8-24

1104656]

.

=============== Created Last 30 ================

.

2011-05-31 10:34:05 472808 ----a-w- c:\program files\mozilla firefox\plugins

\npdeployJava1.dll

2011-05-30 15:50:10 123904 ----a-w- c:\windows\system32\poqexec.exe

2011-05-30 15:50:06 26496 ----a-w- c:\windows\system32\drivers\Diskdump.sys

2011-05-19 10:07:04 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-05-13 14:52:04 7071056 ----a-w- c:\programdata\microsoft\windows defender

\definition updates\{ff9a3e02-e62e-48ef-b074-ff5a6adf6506}\mpengine.dll

2011-05-11 01:52:25 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys

2011-05-11 01:52:25 284160 ----a-w- c:\windows\system32\drivers\usbport.sys

2011-05-11 01:52:24 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2011-05-11 01:52:24 5888 ----a-w- c:\windows\system32\drivers\usbd.sys

2011-05-11 01:52:24 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys

2011-05-11 01:52:24 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys

2011-05-11 01:52:24 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys

2011-05-11 01:52:22 3957632 ----a-w- c:\windows\system32\ntkrnlpa.exe

2011-05-11 01:52:22 3901824 ----a-w- c:\windows\system32\ntoskrnl.exe

.

==================== Find3M ====================

.

2011-04-06 20:20:16 91424 ----a-w- c:\windows\system32\dnssd.dll

2011-04-06 20:20:16 75040 ----a-w- c:\windows\system32\jdns_sd.dll

2011-04-06 20:20:16 197920 ----a-w- c:\windows\system32\dnssdX.dll

2011-04-06 20:20:16 107808 ----a-w- c:\windows\system32\dns-sd.exe

2011-03-12 11:31:58 442880 ----a-w- c:\windows\system32\XpsPrint.dll

2011-03-11 05:44:09 146304 ----a-w- c:\windows\system32\drivers\storport.sys

2011-03-11 05:44:01 143744 ----a-w- c:\windows\system32\drivers\nvstor.sys

2011-03-11 05:44:01 1210240 ----a-w- c:\windows\system32\drivers\ntfs.sys

2011-03-11 05:44:01 117120 ----a-w- c:\windows\system32\drivers\nvraid.sys

2011-03-11 05:43:55 332160 ----a-w- c:\windows\system32\drivers\iaStorV.sys

2011-03-11 05:43:46 80256 ----a-w- c:\windows\system32\drivers\amdsata.sys

2011-03-11 05:43:46 22400 ----a-w- c:\windows\system32\drivers\amdxata.sys

2011-03-11 05:40:24 1164288 ----a-w- c:\windows\system32\mfc42u.dll

2011-03-11 05:40:24 1137664 ----a-w- c:\windows\system32\mfc42.dll

2011-03-11 05:39:35 1686016 ----a-w- c:\windows\system32\esent.dll

2011-03-11 05:37:34 74240 ----a-w- c:\windows\system32\fsutil.exe

2011-03-08 05:38:13 740864 ----a-w- c:\windows\system32\inetcomm.dll

.

============= FINISH: 14:14:12.84 ===============

protection-log-2011-06-04.zip

[screen317]

Hi and welcome to Malwarebytes.

In the future, please post all logs directly into your reply instead of attaching them. Also turn off Word Wrap in Notepad. With that said, please update MBAM, run a Quick Scan, and post its log.

Next, run DDS again and post DDS.txt in your reply.

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!