Jump to content

208.73.210.29 site blocked by Malwarebytes


Recommended Posts

I read several other posts with the same ip address blocked and am following your instructions on uploading GMER scan files to help find the cause.

OS: WinXP Home with SP3 and all updates completed.

Malwarebytes 1.51.0.1200 running as Pro Trial.

Avast Free recent updates.

Note: This computer normally uses HughesNet and several associated apps to connect to the internet. It is currently connecting at my repair site which connects via cable.

Link to post
Share on other sites

Hi and welcome to Malwarebytes.

In the future, please post all logs directly into your reply instead of attaching them. With that said, please update MBAM, run a Quick Scan, and post its log.

Next, run DDS again and post DDS.txt in your reply.

Sorry about the last post. Here are the logs you requested.

First is the Malwarebytes Log that shows no errors:

Malwarebytes' Anti-Malware 1.51.0.1200

www.malwarebytes.org

Database version: 6919

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

6/22/2011 10:57:30 AM

mbam-log-2011-06-22 (10-57-30).txt

Scan type: Quick scan

Objects scanned: 185919

Time elapsed: 4 minute(s), 3 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Next is the Protection Log:

04:55:19 Patricia Little MESSAGE Scheduled update executed successfully

04:55:19 Patricia Little MESSAGE IP Protection stopped

04:55:23 Patricia Little MESSAGE Database updated successfully

04:55:23 Patricia Little MESSAGE IP Protection started successfully

13:15:59 (null) MESSAGE Protection started successfully

13:16:49 Patricia Little MESSAGE IP Protection started successfully

13:16:51 Patricia Little IP-BLOCK 208.73.210.29 (Type: outgoing)

13:16:54 Patricia Little IP-BLOCK 208.73.210.29 (Type: outgoing)

13:17:00 Patricia Little IP-BLOCK 208.73.210.29 (Type: outgoing)

13:51:45 (null) MESSAGE Protection started successfully

13:52:52 Patricia Little MESSAGE IP Protection started successfully

13:52:54 Patricia Little IP-BLOCK 208.73.210.29 (Type: outgoing)

13:52:56 Patricia Little IP-BLOCK 208.73.210.29 (Type: outgoing)

13:53:03 Patricia Little IP-BLOCK 208.73.210.29 (Type: outgoing)

Here is the DTS log again:

.

DDS (Ver_2011-06-12.02) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26

Run by Patricia Little at 14:37:14 on 2011-06-22

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2269 [GMT -4:00]

.

AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: avast! Internet Security *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\Program Files\Alwil Software\Avast5\afwServ.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe

C:\WINDOWS\stsystra.exe

C:\Program Files\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

C:\Program Files\HP\Personal Printing Solutions Product Research\HP Product Research.exe

C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Documents and Settings\All Users\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\system32\svchost.exe -k HPService

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\NOTEPAD.EXE

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: IEPlugin Class: {11222041-111b-46e3-bd29-efb2449479b1} - c:\progra~1\arcsoft\videod~1\ARCURL~1.DLL

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll

BHO: MapQuest Toolbar Loader: {bd3fd433-147a-482e-a192-614f26e2310c} - c:\program files\mapquest toolbar\mapquesttb.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll

BHO: HDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\hughesnet download manager\iefdm2.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: MapQuest Toolbar: {9302e698-7e00-43ab-b867-c6e759bc2ada} - c:\program files\mapquest toolbar\mapquesttb.dll

TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {577EBCA9-8ED3-45FC-A514-55B3817D4BCF} - No File

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [stickies] c:\program files\bret taylor\stickies\\Stickies.exe

uRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\MMonitor.exe" -NoStart

uRun: [skype] "c:\program files\skype\\phone\Skype.exe" /nosplash /minimized

uRun: [HughesNet Download Manager] c:\program files\hughesnet download manager\HDM.exe -autorun

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [TrueImageMonitor.exe] "c:\program files\acronis\trueimagehome\TrueImageMonitor.exe"

mRun: [sigmatelSysTrayApp] stsystra.exe

mRun: [sAOB Monitor] c:\program files\acronis\onlinebackupstandalone\TrueImageMonitor.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [PLNRNote] "c:\program files\sierrahome\hallmark card studio special edition\planner\PLNRNote.exe"

mRun: [OM2_Monitor] "c:\program files\olympus\olympus master 2\FirstStart.exe" /OM

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup

mRun: [iAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe

mRun: [HughesNetTools_McciTrayApp] c:\program files\hughesnettools\1\McciTrayApp_SSR.exe

mRun: [HP Metrics] c:\program files\hp\personal printing solutions product research\HP Product Research.exe a

mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

StartupFolder: c:\docume~1\patric~1\startm~1\programs\startup\hughes~1.lnk - c:\program files\hughesnetstatusmeter\hughesnetstatusmeter\HughesNetStatusMeter.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\eventp~1.lnk - c:\program files\sierra\planner\Plnrnote.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\forget~1.lnk - c:\program files\broderbund\ag spirit\AGremind.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

mPolicies-system: EnableLinkedConnections = 1 (0x1)

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Download all with HughesNet Download Manager - file://c:\program files\hughesnet download manager\dlall.htm

IE: Download selected with HughesNet Download Manager - file://c:\program files\hughesnet download manager\dlselected.htm

IE: Download video with HughesNet Download Manager - file://c:\program files\hughesnet download manager\dlfvideo.htm

IE: Download with HughesNet Download Manager - file://c:\program files\hughesnet download manager\dllink.htm

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

Trusted Zone: intuit.com\ttlc

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab

DPF: {49232000-16E4-426C-A231-62846947304B} - hxxp://ipgweb.cce.hp.com/rdqaio2/downloads/sysinfo.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} - hxxp://web1.shutterfly.com/downloads/Uploader.cab

DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} - hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {EBF85371-A38F-485B-B28F-0B4C82D25937} - hxxp://update.hpphoto.com/download/HPSWUpdate.ocx

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{14A18963-D9D3-4F54-B302-7E0D11B74EEB} : DhcpNameServer = 192.168.1.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\patricia little\application data\mozilla\firefox\profiles\oeetiz8k.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q=

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q=

FF - plugin: c:\documents and settings\patricia little\local settings\application data\google\update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\picasa3\npPicasa3.dll

FF - plugin: c:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll

FF - plugin: c:\program files\skyhook wireless\loki browser plugin\nploki.dll

.

============= SERVICES / DRIVERS ===============

.

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [2010-12-18 12112]

R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [2010-12-18 192984]

R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258);c:\windows\system32\drivers\tdrpm258.sys [2010-11-19 911680]

R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [2010-12-18 102232]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2010-12-18 441176]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-1-13 307928]

R2 afcdpsrv;Acronis Nonstop Backup service;c:\program files\common files\acronis\cdp\afcdpsrv.exe [2010-11-19 3987376]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-1-13 19544]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-12-18 42184]

R2 avast! Firewall;avast! Firewall;c:\program files\alwil software\avast5\afwServ.exe [2010-12-18 121000]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-1-13 366640]

R3 afcdp;afcdp;c:\windows\system32\drivers\afcdp.sys [2010-11-19 163232]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-1-13 22712]

S1 SydexFDD;Sydex Floppy Driver;c:\windows\system32\drivers\sydexfdd.sys [2008-5-21 18189]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-8 136176]

S3 busbcrw;USB Card Reader Writer driver;c:\windows\system32\drivers\busbcrw.sys [2003-4-23 16896]

.

=============== Created Last 30 ================

.

2011-06-16 06:01:47 -------- d-----w- c:\windows\SQL9_KB2494113_ENU

2011-06-15 23:05:21 105472 ------w- c:\windows\system32\dllcache\mup.sys

2011-06-12 11:53:40 -------- d-sha-r- C:\cmdcons

2011-06-12 02:44:10 98816 ----a-w- c:\windows\sed.exe

2011-06-12 02:44:10 518144 ----a-w- c:\windows\SWREG.exe

2011-06-12 02:44:10 256512 ----a-w- c:\windows\PEV.exe

2011-06-12 02:44:10 208896 ----a-w- c:\windows\MBR.exe

2011-06-12 02:44:02 -------- d-----w- C:\ComboFix

2011-06-11 20:00:21 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-06-11 20:00:21 476904 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

2011-06-11 20:00:21 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-06-10 18:36:00 -------- d-----w- c:\program files\Eusing Free Registry Cleaner

2011-06-10 18:32:56 -------- d-----w- c:\documents and settings\patricia little\application data\Auslogics

2011-06-10 18:32:53 -------- d-----w- c:\program files\Auslogics

2011-06-10 14:14:52 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-06-10 03:09:49 16856 ----a-w- c:\program files\mozilla firefox\plugin-container.exe

2011-06-10 03:09:49 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2011-06-10 03:09:48 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll

2011-06-10 03:09:48 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll

2011-06-10 03:09:48 719832 ----a-w- c:\program files\mozilla firefox\mozcpp19.dll

2011-06-10 03:09:48 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll

2011-06-10 03:09:48 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll

2011-06-10 03:09:48 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll

2011-06-10 03:09:48 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll

2011-06-10 03:09:48 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll

2011-06-06 16:55:30 183696 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll

2011-06-06 16:55:30 183696 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

.

==================== Find3M ====================

.

2011-05-29 13:11:30 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-05-29 13:11:20 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-05-10 12:10:59 40112 ----a-w- c:\windows\avastSS.scr

2011-05-10 12:04:46 102232 ----a-w- c:\windows\system32\drivers\aswFW.sys

2011-05-10 12:03:54 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2011-05-10 12:03:31 192984 ----a-w- c:\windows\system32\drivers\aswNdis2.sys

2011-05-02 15:31:52 692736 ------w- c:\windows\system32\inetcomm.dll

2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2011-04-25 16:11:12 916480 ----a-w- c:\windows\system32\wininet.dll

2011-04-25 16:11:11 43520 ------w- c:\windows\system32\licmgr10.dll

2011-04-25 16:11:11 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-04-25 12:01:22 385024 ------w- c:\windows\system32\html.iec

2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys

2011-04-13 22:40:10 4284416 ----a-w- c:\windows\system32\GPhotos.scr

2008-05-28 18:11:12 10894958 -c--a-w- c:\program files\PhotoScapeSetup_V3_0.exe

2008-05-28 18:04:57 532616 -c--a-w- c:\program files\ImageResizerPowertoySetup.exe

2008-05-21 12:39:35 4674893 -c--a-w- c:\program files\BasicUpTo107.exe

2005-09-28 20:40:46 593 -c--a-w- c:\program files\layout.bin

2003-04-23 13:45:00 16896 -c--a-w- c:\program files\busbcrw.sys

2003-03-25 23:01:10 10965 -c--a-w- c:\program files\bucrw98.sys

.

============= FINISH: 14:40:08.12 ===============

Link to post
Share on other sites

Sorry Screen 317, but my friend needed her computer so I no longer have it to research this problem. If it helps, I ran ComboFix back on 6-12-2011 and it helped cure a resident rootkit problem that Malwarebytes could not fix. It was after that time that the IP address block began happening. If I get this computer back with more problems I will start a new thread and keep it going until it is resolved. For now, she will deal with the messages about blocking the IP address which only seem to come shortly after booting the computer.

Thanks for your help to this point.

RetiredTech

Link to post
Share on other sites

  • 1 month later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.