Jump to content

webDev27

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

Reputation

0 Neutral
  1. webDev27
    Thanks again for the help. Being as I've already recovered my notebook using the recovery CD twice, and there is no data I'm worried about losing, I've decided to go ahead and format the hard drive to be sure I'm rid of this and any other possible viruses. I contacted ASUS support, but unfortunately formatting the hard drive voids the warranty and they can't help with that. I'm going to read up on the link you provided and see if I can accomplish this on my own. Please let me know if there's anything else I'm missing. Thanks again for all the help!
  2. webDev27
    Thanks for helping out! I followed your instructions and it appears that the scan found Rootkit.Win32.TDSS.tdl4 The log is below as requested. 2011/09/15 17:34:24.0999 2760 TDSS rootkit removing tool 2.5.22.0 Sep 13 2011 15:55:17 2011/09/15 17:34:25.0155 2760 ================================================================================ 2011/09/15 17:34:25.0155 2760 SystemInfo: 2011/09/15 17:34:25.0155 2760 2011/09/15 17:34:25.0155 2760 OS Version: 6.1.7600 ServicePack: 0.0 2011/09/15 17:34:25.0155 2760 Product type: Workstation 2011/09/15 17:34:25.0155 2760 ComputerName: KEVIN-PCs 2011/09/15 17:34:25.0155 2760 UserName: Kevin 2011/09/15 17:34:25.0155 2760 Windows directory: C:\Windows 2011/09/15 17:34:25.0155 2760 System windows directory: C:\Windows 2011/09/15 17:34:25.0155 2760 Running under WOW64 2011/09/15 17:34:25.0155 2760 Processor architecture: Intel x64 2011/09/15 17:34:25.0155 2760 Number of processors: 4 2011/09/15 17:34:25.0155 2760 Page size: 0x1000 2011/09/15 17:34:25.0155 2760 Boot type: Normal boot 2011/09/15 17:34:25.0155 2760 ================================================================================ 2011/09/15 17:34:26.0809 2760 Initialize success 2011/09/15 17:34:58.0430 3228 ================================================================================ 2011/09/15 17:34:58.0430 3228 Scan started 2011/09/15 17:34:58.0430 3228 Mode: Manual; 2011/09/15 17:34:58.0430 3228 ================================================================================ 2011/09/15 17:35:01.0441 3228 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys 2011/09/15 17:35:02.0580 3228 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys 2011/09/15 17:35:03.0547 3228 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys 2011/09/15 17:35:04.0233 3228 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/09/15 17:35:05.0123 3228 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 2011/09/15 17:35:05.0981 3228 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 2011/09/15 17:35:06.0948 3228 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys 2011/09/15 17:35:07.0634 3228 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys 2011/09/15 17:35:08.0601 3228 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys 2011/09/15 17:35:09.0693 3228 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys 2011/09/15 17:35:10.0536 3228 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 2011/09/15 17:35:11.0253 3228 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 2011/09/15 17:35:12.0049 3228 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys 2011/09/15 17:35:12.0845 3228 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/09/15 17:35:13.0562 3228 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys 2011/09/15 17:35:14.0498 3228 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys 2011/09/15 17:35:15.0278 3228 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 2011/09/15 17:35:15.0933 3228 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 2011/09/15 17:35:16.0573 3228 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys 2011/09/15 17:35:16.0776 3228 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 2011/09/15 17:35:17.0447 3228 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/09/15 17:35:18.0102 3228 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys 2011/09/15 17:35:18.0882 3228 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys 2011/09/15 17:35:19.0958 3228 AtiHdmiService (fb7602c5c508be281368aae0b61b51c6) C:\Windows\system32\drivers\AtiHdmi.sys 2011/09/15 17:35:21.0331 3228 atikmdag (b5fb227a09a9ec28163fa4b45487c3c7) C:\Windows\system32\DRIVERS\atikmdag.sys 2011/09/15 17:35:23.0437 3228 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys 2011/09/15 17:35:24.0872 3228 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys 2011/09/15 17:35:26.0385 3228 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 2011/09/15 17:35:27.0243 3228 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 2011/09/15 17:35:27.0977 3228 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 2011/09/15 17:35:28.0757 3228 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/09/15 17:35:29.0443 3228 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys 2011/09/15 17:35:30.0332 3228 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/09/15 17:35:31.0253 3228 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/09/15 17:35:36.0354 3228 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 2011/09/15 17:35:37.0727 3228 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/09/15 17:35:39.0630 3228 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/09/15 17:35:40.0753 3228 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/09/15 17:35:42.0297 3228 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/09/15 17:35:43.0889 3228 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 2011/09/15 17:35:45.0105 3228 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys 2011/09/15 17:35:46.0073 3228 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 2011/09/15 17:35:47.0211 3228 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 2011/09/15 17:35:48.0366 3228 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/09/15 17:35:49.0442 3228 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys 2011/09/15 17:35:50.0441 3228 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys 2011/09/15 17:35:51.0408 3228 CnxtHdAudService (f7ca3accf5aa0e2182546c5be42b2e96) C:\Windows\system32\drivers\CHDRT64.sys 2011/09/15 17:35:52.0469 3228 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 2011/09/15 17:35:53.0389 3228 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys 2011/09/15 17:35:54.0310 3228 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/09/15 17:35:55.0386 3228 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys 2011/09/15 17:35:56.0431 3228 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 2011/09/15 17:35:57.0164 3228 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 2011/09/15 17:35:58.0225 3228 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 2011/09/15 17:35:59.0270 3228 DXGKrnl (7cb7d2b73813ce05c7bc0f5f95d27cec) C:\Windows\System32\drivers\dxgkrnl.sys 2011/09/15 17:36:01.0018 3228 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 2011/09/15 17:36:03.0779 3228 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 2011/09/15 17:36:05.0245 3228 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys 2011/09/15 17:36:06.0103 3228 ETD (3c38648375b7f3988691f53a7aae10a9) C:\Windows\system32\DRIVERS\ETD.sys 2011/09/15 17:36:06.0961 3228 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 2011/09/15 17:36:07.0897 3228 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 2011/09/15 17:36:08.0740 3228 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 2011/09/15 17:36:10.0034 3228 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 2011/09/15 17:36:10.0939 3228 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 2011/09/15 17:36:11.0657 3228 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/09/15 17:36:12.0858 3228 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys 2011/09/15 17:36:13.0810 3228 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 2011/09/15 17:36:14.0527 3228 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys 2011/09/15 17:36:15.0806 3228 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys 2011/09/15 17:36:17.0429 3228 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/09/15 17:36:18.0084 3228 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 2011/09/15 17:36:19.0082 3228 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys 2011/09/15 17:36:20.0814 3228 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys 2011/09/15 17:36:21.0812 3228 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 2011/09/15 17:36:22.0936 3228 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/09/15 17:36:24.0308 3228 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 2011/09/15 17:36:26.0009 3228 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 2011/09/15 17:36:26.0882 3228 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys 2011/09/15 17:36:28.0052 3228 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys 2011/09/15 17:36:29.0160 3228 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys 2011/09/15 17:36:29.0956 3228 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys 2011/09/15 17:36:30.0876 3228 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 2011/09/15 17:36:31.0625 3228 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\Windows\system32\DRIVERS\iaStor.sys 2011/09/15 17:36:32.0452 3228 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys 2011/09/15 17:36:32.0998 3228 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 2011/09/15 17:36:33.0918 3228 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys 2011/09/15 17:36:34.0620 3228 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 2011/09/15 17:36:35.0993 3228 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/09/15 17:36:36.0788 3228 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys 2011/09/15 17:36:37.0693 3228 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 2011/09/15 17:36:38.0598 3228 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 2011/09/15 17:36:39.0300 3228 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys 2011/09/15 17:36:39.0940 3228 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys 2011/09/15 17:36:40.0688 3228 JMCR (db917b998cbc15a153c00dd6efc34c13) C:\Windows\system32\DRIVERS\jmcr.sys 2011/09/15 17:36:41.0624 3228 JME (6249a8a49d3d80adc136c4a332a28bbb) C:\Windows\system32\DRIVERS\JME.sys 2011/09/15 17:36:42.0482 3228 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys 2011/09/15 17:36:44.0042 3228 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys 2011/09/15 17:36:44.0791 3228 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys 2011/09/15 17:36:45.0400 3228 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys 2011/09/15 17:36:46.0289 3228 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys 2011/09/15 17:36:47.0272 3228 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 2011/09/15 17:36:48.0145 3228 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 2011/09/15 17:36:49.0144 3228 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/09/15 17:36:49.0721 3228 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/09/15 17:36:50.0392 3228 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/09/15 17:36:51.0062 3228 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/09/15 17:36:51.0608 3228 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 2011/09/15 17:36:52.0139 3228 lullaby (085435ae1a124361304044029b5cc644) C:\Windows\system32\DRIVERS\lullaby.sys 2011/09/15 17:36:52.0888 3228 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 2011/09/15 17:36:53.0652 3228 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/09/15 17:36:54.0354 3228 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 2011/09/15 17:36:55.0150 3228 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 2011/09/15 17:36:56.0554 3228 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 2011/09/15 17:36:57.0848 3228 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 2011/09/15 17:36:58.0504 3228 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys 2011/09/15 17:36:59.0315 3228 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys 2011/09/15 17:37:00.0079 3228 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 2011/09/15 17:37:00.0859 3228 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys 2011/09/15 17:37:01.0405 3228 mrxsmb (cfdcd8ca87c2a657debc150ac35b5e08) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/09/15 17:37:02.0045 3228 mrxsmb10 (1bee517b220b7f024f411aec1571dd5a) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/09/15 17:37:02.0622 3228 mrxsmb20 (6b2d5fef385828b6e485c1c90afb8195) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/09/15 17:37:03.0262 3228 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys 2011/09/15 17:37:04.0088 3228 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys 2011/09/15 17:37:04.0822 3228 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 2011/09/15 17:37:05.0524 3228 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 2011/09/15 17:37:06.0070 3228 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys 2011/09/15 17:37:06.0850 3228 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 2011/09/15 17:37:07.0489 3228 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/09/15 17:37:08.0066 3228 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 2011/09/15 17:37:08.0659 3228 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys 2011/09/15 17:37:09.0283 3228 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys 2011/09/15 17:37:09.0876 3228 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 2011/09/15 17:37:10.0422 3228 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/09/15 17:37:10.0984 3228 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys 2011/09/15 17:37:11.0717 3228 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 2011/09/15 17:37:12.0466 3228 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 2011/09/15 17:37:13.0511 3228 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys 2011/09/15 17:37:14.0416 3228 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/09/15 17:37:15.0196 3228 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/09/15 17:37:16.0007 3228 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/09/15 17:37:16.0600 3228 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/09/15 17:37:17.0302 3228 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys 2011/09/15 17:37:17.0879 3228 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 2011/09/15 17:37:18.0456 3228 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys 2011/09/15 17:37:19.0439 3228 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/09/15 17:37:20.0609 3228 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 2011/09/15 17:37:21.0233 3228 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 2011/09/15 17:37:21.0888 3228 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys 2011/09/15 17:37:22.0481 3228 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 2011/09/15 17:37:23.0042 3228 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys 2011/09/15 17:37:23.0760 3228 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys 2011/09/15 17:37:24.0556 3228 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys 2011/09/15 17:37:25.0367 3228 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys 2011/09/15 17:37:26.0069 3228 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 2011/09/15 17:37:27.0410 3228 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys 2011/09/15 17:37:28.0128 3228 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys 2011/09/15 17:37:29.0579 3228 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 2011/09/15 17:37:30.0374 3228 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/09/15 17:37:31.0248 3228 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 2011/09/15 17:37:32.0028 3228 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 2011/09/15 17:37:32.0917 3228 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys 2011/09/15 17:37:33.0853 3228 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 2011/09/15 17:37:34.0820 3228 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys 2011/09/15 17:37:36.0443 3228 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 2011/09/15 17:37:37.0176 3228 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/09/15 17:37:37.0987 3228 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 2011/09/15 17:37:38.0580 3228 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 2011/09/15 17:37:39.0266 3228 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/09/15 17:37:39.0906 3228 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/09/15 17:37:40.0530 3228 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/09/15 17:37:41.0248 3228 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 2011/09/15 17:37:42.0184 3228 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys 2011/09/15 17:37:43.0291 3228 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/09/15 17:37:46.0864 3228 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/09/15 17:37:47.0644 3228 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 2011/09/15 17:37:48.0361 3228 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 2011/09/15 17:37:49.0110 3228 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys 2011/09/15 17:37:49.0843 3228 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys 2011/09/15 17:37:50.0592 3228 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 2011/09/15 17:37:51.0325 3228 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys 2011/09/15 17:37:52.0012 3228 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys 2011/09/15 17:37:52.0667 3228 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\Windows\system32\DRIVERS\sdbus.sys 2011/09/15 17:37:53.0369 3228 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 2011/09/15 17:37:54.0071 3228 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 2011/09/15 17:37:54.0726 3228 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 2011/09/15 17:37:55.0553 3228 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 2011/09/15 17:37:56.0302 3228 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys 2011/09/15 17:37:57.0019 3228 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys 2011/09/15 17:37:57.0737 3228 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys 2011/09/15 17:37:58.0470 3228 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/09/15 17:37:59.0281 3228 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys 2011/09/15 17:38:00.0451 3228 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/09/15 17:38:01.0122 3228 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/09/15 17:38:01.0918 3228 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 2011/09/15 17:38:02.0760 3228 SNP2UVC (1d8474722cdffbb8fca5fa12c50a05a2) C:\Windows\system32\DRIVERS\snp2uvc.sys 2011/09/15 17:38:03.0556 3228 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 2011/09/15 17:38:04.0383 3228 srv (ec8f67289105bf270498095f14963464) C:\Windows\system32\DRIVERS\srv.sys 2011/09/15 17:38:05.0241 3228 srv2 (f773d2ed090b7baa1c1a034f3ca476c8) C:\Windows\system32\DRIVERS\srv2.sys 2011/09/15 17:38:05.0943 3228 srvnet (26e84d3649019c3244622e654dfcd75b) C:\Windows\system32\DRIVERS\srvnet.sys 2011/09/15 17:38:06.0894 3228 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 2011/09/15 17:38:07.0674 3228 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys 2011/09/15 17:38:08.0563 3228 Tcpip (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\drivers\tcpip.sys 2011/09/15 17:38:09.0593 3228 TCPIP6 (912107716bab424c7870e8e6af5e07e1) C:\Windows\system32\DRIVERS\tcpip.sys 2011/09/15 17:38:10.0186 3228 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/09/15 17:38:11.0013 3228 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 2011/09/15 17:38:11.0917 3228 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys 2011/09/15 17:38:12.0526 3228 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys 2011/09/15 17:38:13.0243 3228 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys 2011/09/15 17:38:14.0070 3228 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/09/15 17:38:14.0881 3228 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys 2011/09/15 17:38:15.0552 3228 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 2011/09/15 17:38:16.0379 3228 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys 2011/09/15 17:38:17.0128 3228 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys 2011/09/15 17:38:17.0752 3228 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys 2011/09/15 17:38:18.0267 3228 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 2011/09/15 17:38:18.0797 3228 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/09/15 17:38:19.0483 3228 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys 2011/09/15 17:38:19.0998 3228 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys 2011/09/15 17:38:20.0685 3228 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys 2011/09/15 17:38:21.0262 3228 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys 2011/09/15 17:38:21.0886 3228 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 2011/09/15 17:38:22.0479 3228 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS 2011/09/15 17:38:23.0181 3228 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/09/15 17:38:24.0273 3228 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys 2011/09/15 17:38:25.0240 3228 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys 2011/09/15 17:38:26.0285 3228 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/09/15 17:38:27.0096 3228 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 2011/09/15 17:38:27.0798 3228 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys 2011/09/15 17:38:28.0750 3228 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys 2011/09/15 17:38:29.0389 3228 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys 2011/09/15 17:38:30.0216 3228 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys 2011/09/15 17:38:30.0762 3228 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys 2011/09/15 17:38:31.0261 3228 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/09/15 17:38:31.0885 3228 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 2011/09/15 17:38:32.0541 3228 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/09/15 17:38:33.0336 3228 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 2011/09/15 17:38:34.0069 3228 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/09/15 17:38:34.0210 3228 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys 2011/09/15 17:38:34.0912 3228 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 2011/09/15 17:38:35.0380 3228 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 2011/09/15 17:38:36.0066 3228 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/09/15 17:38:36.0628 3228 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys 2011/09/15 17:38:37.0533 3228 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 2011/09/15 17:38:38.0141 3228 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys 2011/09/15 17:38:39.0015 3228 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 2011/09/15 17:38:39.0701 3228 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys 2011/09/15 17:38:40.0263 3228 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/09/15 17:38:40.0325 3228 MBR (0x1B8) (04d4350ae5fb6fc2ad3e7c26b1323c68) \Device\Harddisk0\DR0 2011/09/15 17:38:40.0341 3228 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0) 2011/09/15 17:38:40.0356 3228 Boot (0x1200) (7e05d96398a532b2bcd8025a58dd1a59) \Device\Harddisk0\DR0\Partition0 2011/09/15 17:38:40.0372 3228 ================================================================================ 2011/09/15 17:38:40.0372 3228 Scan finished 2011/09/15 17:38:40.0372 3228 ================================================================================ 2011/09/15 17:38:40.0372 2728 Detected object count: 1 2011/09/15 17:38:40.0372 2728 Actual detected object count: 1 2011/09/15 17:39:11.0806 2728 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot 2011/09/15 17:39:11.0806 2728 \Device\Harddisk0\DR0 - ok 2011/09/15 17:39:11.0806 2728 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure 2011/09/15 17:39:17.0625 2860 Deinitialize success
  3. webDev27
    First-time poster here. Thanks in advance to whomever takes the time to look into this for me. My issue began with a BSOD a couple days ago while browsing Reddit.com (not exactly a malicious site). After that BSOD I couldn't seem to start windows. It would fail during startup and try to repair itself but the repair tool wasn't able to fix whatever the issue was. On the advice of tech support for ASUS, I decided to do a factory restore of the hard drive. This seems to work, but when I go to update Windows (there are 86 updates initially, so it's quite a large update), the failed startup issue pops up again once I try to restart following the install of the updates. Now, however, the repair tool runs for awhile (10 minutes?) then when I get into Windows I see that all of the updates failed. On top of this, I've noticed these random redirects whenever I open a website in Firefox. Ever since installing MBAM, I'm constantly getting notifications of blocked outgoing attempts from svchost, ping, or firefox (I guess you'll see that in the logs below). I'm trying to include everything in accordance with the "I'm infected - what do I do now?" post. Computer Stats: ASUS K52J Notebook i3 - 350M / 4GB RAM Windows 7 Home Premium 64-bit +++++++++++++++++++++++++++++++++++++++ Latest MBAM Protection Log +++++++++++++++++++++++++++++++++++++++ 09:45:24 Kevin MESSAGE Protection started successfully 09:45:29 Kevin MESSAGE IP Protection started successfully 09:47:37 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 49989, Process: svchost.exe) 09:51:33 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 50592, Process: svchost.exe) 09:55:39 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 52257, Process: svchost.exe) 09:59:39 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 52371, Process: svchost.exe) 10:03:42 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 52589, Process: svchost.exe) 10:07:39 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 53349, Process: svchost.exe) 10:11:42 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 53373, Process: svchost.exe) 10:15:45 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 53473, Process: svchost.exe) 10:19:48 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 53530, Process: svchost.exe) 10:23:42 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 53629, Process: svchost.exe) 10:27:45 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 53665, Process: svchost.exe) 10:31:48 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 53705, Process: svchost.exe) 10:35:51 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 53740, Process: svchost.exe) 10:39:54 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 53764, Process: svchost.exe) 10:43:55 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 53791, Process: svchost.exe) 10:47:56 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 53823, Process: svchost.exe) 13:54:27 Kevin MESSAGE Protection started successfully 13:54:31 Kevin MESSAGE IP Protection started successfully 14:04:58 Kevin IP-BLOCK 62.122.75.230 (Type: outgoing, Port: 49621, Process: ping.exe) 14:06:12 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 49859, Process: ping.exe) 14:06:20 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 49883, Process: ping.exe) 14:06:52 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 49952, Process: ping.exe) 14:07:09 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 50036, Process: ping.exe) 14:07:49 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50406, Process: ping.exe) 14:07:49 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50409, Process: ping.exe) 14:08:06 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50463, Process: ping.exe) 14:08:06 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50464, Process: ping.exe) 14:08:22 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 50592, Process: ping.exe) 14:08:22 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 50593, Process: ping.exe) 14:08:38 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50604, Process: ping.exe) 14:08:38 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50605, Process: ping.exe) 14:08:46 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50668, Process: ping.exe) 14:08:46 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50669, Process: ping.exe) 14:08:54 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 50721, Process: ping.exe) 14:08:54 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 50722, Process: ping.exe) 14:08:54 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50724, Process: ping.exe) 14:08:54 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50725, Process: ping.exe) 14:09:11 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50757, Process: ping.exe) 14:09:11 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50758, Process: ping.exe) 14:09:27 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50881, Process: ping.exe) 14:09:27 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50886, Process: ping.exe) 14:09:51 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50971, Process: ping.exe) 14:09:51 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50972, Process: ping.exe) 14:10:16 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51050, Process: ping.exe) 14:10:16 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51051, Process: ping.exe) 14:10:16 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51122, Process: ping.exe) 14:10:16 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51123, Process: ping.exe) 14:10:24 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51135, Process: ping.exe) 14:10:24 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51136, Process: ping.exe) 14:10:24 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51147, Process: ping.exe) 14:10:24 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51148, Process: ping.exe) 14:10:24 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51160, Process: ping.exe) 14:10:24 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51161, Process: ping.exe) 14:10:32 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51174, Process: ping.exe) 14:10:32 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51175, Process: ping.exe) 14:10:40 Kevin IP-BLOCK 195.3.145.182 (Type: outgoing, Port: 51222, Process: firefox.exe) 14:10:40 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51254, Process: ping.exe) 14:10:40 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51255, Process: ping.exe) 14:10:48 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51257, Process: ping.exe) 14:10:48 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51258, Process: ping.exe) 14:10:48 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51284, Process: ping.exe) 14:10:48 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51287, Process: ping.exe) 14:10:48 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51302, Process: ping.exe) 14:10:48 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51303, Process: ping.exe) 14:10:48 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51305, Process: ping.exe) 14:10:48 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51306, Process: ping.exe) 14:11:13 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 51377, Process: svchost.exe) 14:13:30 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 52021, Process: ping.exe) 14:13:55 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 52282, Process: ping.exe) 14:15:03 Kevin IP-BLOCK 62.122.75.230 (Type: outgoing, Port: 53002, Process: ping.exe) 14:15:11 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 53130, Process: svchost.exe) 14:15:43 Kevin IP-BLOCK 195.3.145.184 (Type: outgoing, Port: 53372, Process: firefox.exe) 14:15:44 Kevin IP-BLOCK 195.3.145.184 (Type: outgoing, Port: 53373, Process: firefox.exe) 14:16:08 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53660, Process: firefox.exe) 14:16:25 Kevin IP-BLOCK 61.155.154.174 (Type: outgoing, Port: 53760, Process: daemonupd.exe) 14:17:58 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 54317, Process: ping.exe) 14:18:30 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54417, Process: ping.exe) 14:18:38 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54434, Process: ping.exe) 14:18:54 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54452, Process: ping.exe) 14:19:02 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54460, Process: ping.exe) 14:19:10 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54482, Process: ping.exe) 14:19:18 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 54495, Process: svchost.exe) 14:19:51 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 54676, Process: daemonupd.exe) 14:19:51 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 54678, Process: daemonupd.exe) 14:19:51 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 54679, Process: ping.exe) 14:19:51 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 54680, Process: ping.exe) 14:19:51 Kevin IP-BLOCK 95.169.186.116 (Type: outgoing, Port: 54710, Process: daemonupd.exe) 14:20:16 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 54929, Process: ping.exe) 14:20:24 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 54977, Process: ping.exe) 14:20:24 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 54978, Process: ping.exe) 14:20:24 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 55002, Process: ping.exe) 14:20:24 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 55003, Process: ping.exe) 14:20:32 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 55027, Process: ping.exe) 14:20:32 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 55114, Process: ping.exe) 14:20:32 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 55116, Process: ping.exe) 14:20:40 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 55181, Process: ping.exe) 14:20:40 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 55188, Process: ping.exe) 14:20:40 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 55189, Process: ping.exe) 14:21:04 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 55626, Process: ping.exe) 14:21:04 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 55634, Process: ping.exe) 14:21:04 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 55716, Process: ping.exe) 14:21:12 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 55793, Process: ping.exe) 14:21:12 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 55872, Process: ping.exe) 14:21:12 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 55874, Process: ping.exe) 14:21:12 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 55884, Process: ping.exe) 14:21:12 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 55930, Process: ping.exe) 14:21:20 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 55994, Process: ping.exe) 14:21:20 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 56107, Process: ping.exe) 14:21:20 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 56108, Process: ping.exe) 14:21:21 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 56110, Process: ping.exe) 14:21:21 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 56119, Process: ping.exe) 14:21:21 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 56156, Process: ping.exe) 14:21:37 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 56441, Process: ping.exe) 14:21:37 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 56491, Process: ping.exe) 14:21:45 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 56624, Process: ping.exe) 14:21:45 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 56638, Process: ping.exe) 14:22:01 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 56943, Process: ping.exe) 14:22:01 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 56946, Process: ping.exe) 14:22:59 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 57082, Process: ping.exe) 14:23:08 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 57084, Process: ping.exe) 14:23:08 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 57085, Process: ping.exe) 14:23:08 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 57088, Process: ping.exe) 14:23:16 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 57108, Process: svchost.exe) 14:24:40 Kevin IP-BLOCK 95.169.186.116 (Type: outgoing, Port: 57249, Process: daemonupd.exe) 14:24:56 Kevin IP-BLOCK 212.95.51.64 (Type: outgoing, Port: 57261, Process: daemonupd.exe) 14:27:21 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 57517, Process: svchost.exe) 14:31:15 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 57886, Process: svchost.exe) 14:31:23 Kevin IP-BLOCK 82.146.52.114 (Type: outgoing, Port: 57891, Process: daemonupd.exe) 14:34:44 Kevin IP-BLOCK 195.3.145.251 (Type: outgoing, Port: 58140, Process: ping.exe) 14:34:44 Kevin IP-BLOCK 195.3.145.252 (Type: outgoing, Port: 58141, Process: ping.exe) 14:35:09 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 58194, Process: ping.exe) 14:35:17 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 58250, Process: svchost.exe) 14:36:30 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 58975, Process: ping.exe) 14:36:54 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 59092, Process: ping.exe) 14:37:26 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 59561, Process: ping.exe) 14:37:26 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 59562, Process: ping.exe) 14:37:43 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 59624, Process: ping.exe) 14:37:43 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 59625, Process: ping.exe) 14:38:07 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 59891, Process: ping.exe) 14:38:15 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 59986, Process: ping.exe) 14:38:15 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 59987, Process: ping.exe) 14:38:31 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60154, Process: ping.exe) 14:38:31 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60155, Process: ping.exe) 14:38:31 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60165, Process: ping.exe) 14:38:31 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60166, Process: ping.exe) 14:38:39 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 60200, Process: ping.exe) 14:38:39 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 60201, Process: ping.exe) 14:38:56 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 60397, Process: ping.exe) 14:39:04 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 60419, Process: ping.exe) 14:39:04 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 60420, Process: ping.exe) 14:39:20 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 60497, Process: svchost.exe) 14:39:36 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 60519, Process: ping.exe) 14:40:09 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60853, Process: ping.exe) 14:40:09 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 60854, Process: ping.exe) 14:40:41 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 61106, Process: ping.exe) 14:40:41 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 61107, Process: ping.exe) 14:41:38 Kevin IP-BLOCK 82.146.52.114 (Type: outgoing, Port: 61263, Process: daemonupd.exe) 14:42:34 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 61456, Process: daemonupd.exe) 14:43:22 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 61603, Process: svchost.exe) 14:46:44 Kevin IP-BLOCK 195.3.145.252 (Type: outgoing, Port: 61943, Process: ping.exe) 14:47:24 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 62125, Process: svchost.exe) 14:48:05 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 62350, Process: ping.exe) 14:48:13 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 62391, Process: ping.exe) 14:48:37 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 62452, Process: ping.exe) 14:48:53 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 62519, Process: ping.exe) 14:49:02 Kevin IP-BLOCK 212.95.51.64 (Type: outgoing, Port: 62531, Process: daemonupd.exe) 14:49:02 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 62534, Process: ping.exe) 14:50:08 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 63364, Process: ping.exe) 14:50:17 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 63412, Process: ping.exe) 14:50:17 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 63429, Process: ping.exe) 14:50:17 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 63430, Process: ping.exe) 14:51:22 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 63796, Process: svchost.exe) 14:51:39 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 63831, Process: ping.exe) 14:51:39 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 63835, Process: ping.exe) 14:51:39 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 63842, Process: ping.exe) 14:51:55 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 64082, Process: ping.exe) 14:52:05 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64276, Process: ping.exe) 14:52:05 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64279, Process: ping.exe) 14:52:05 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 64281, Process: ping.exe) 14:52:21 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 64307, Process: ping.exe) 14:52:21 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64310, Process: ping.exe) 14:52:21 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 64311, Process: ping.exe) 14:53:37 Kevin IP-BLOCK 82.146.53.138 (Type: outgoing, Port: 64438, Process: daemonupd.exe) 14:55:23 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 64524, Process: svchost.exe) 14:59:27 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 64835, Process: svchost.exe) 15:01:37 Kevin IP-BLOCK 82.146.52.114 (Type: outgoing, Port: 65035, Process: daemonupd.exe) 15:03:30 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 65179, Process: svchost.exe) 15:05:59 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 49724, Process: ping.exe) 15:06:15 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 49900, Process: ping.exe) 15:06:24 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 50085, Process: ping.exe) 15:06:44 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50217, Process: ping.exe) 15:06:44 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50225, Process: ping.exe) 15:07:17 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50484, Process: ping.exe) 15:07:17 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50485, Process: ping.exe) 15:07:25 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 50524, Process: ping.exe) 15:07:33 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 50542, Process: svchost.exe) 15:07:42 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 50638, Process: ping.exe) 15:07:50 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 50703, Process: ping.exe) 15:07:50 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 50704, Process: ping.exe) 15:07:50 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50708, Process: ping.exe) 15:07:50 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50709, Process: ping.exe) 15:07:58 Kevin IP-BLOCK 208.87.32.68 (Type: outgoing, Port: 50722, Process: ping.exe) 15:07:58 Kevin IP-BLOCK 208.87.32.68 (Type: outgoing, Port: 50723, Process: ping.exe) 15:08:14 Kevin IP-BLOCK 212.95.51.64 (Type: outgoing, Port: 50811, Process: daemonupd.exe) 15:08:14 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 50813, Process: ping.exe) 15:08:31 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50865, Process: ping.exe) 15:08:31 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 50924, Process: ping.exe) 15:08:31 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50954, Process: ping.exe) 15:08:31 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50957, Process: ping.exe) 15:08:39 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 51010, Process: ping.exe) 15:09:15 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51096, Process: ping.exe) 15:09:15 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51097, Process: ping.exe) 15:09:44 Kevin IP-BLOCK 208.87.32.68 (Type: outgoing, Port: 51189, Process: ping.exe) 15:09:44 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51214, Process: ping.exe) 15:09:44 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51215, Process: ping.exe) 15:10:08 Kevin IP-BLOCK 208.87.32.68 (Type: outgoing, Port: 51329, Process: ping.exe) 15:10:08 Kevin IP-BLOCK 208.87.32.68 (Type: outgoing, Port: 51330, Process: ping.exe) 15:11:30 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 51711, Process: svchost.exe) 15:11:46 Kevin IP-BLOCK 82.146.52.114 (Type: outgoing, Port: 51745, Process: daemonupd.exe) 15:12:18 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 51855, Process: ping.exe) 15:12:35 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 51955, Process: ping.exe) 15:15:33 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 52612, Process: svchost.exe) 15:16:41 Kevin IP-BLOCK 195.3.145.182 (Type: outgoing, Port: 52775, Process: firefox.exe) 15:16:49 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 52791, Process: firefox.exe) 15:17:13 Kevin IP-BLOCK 206.161.121.100 (Type: outgoing, Port: 52853, Process: firefox.exe) 15:18:51 Kevin IP-BLOCK 82.146.53.138 (Type: outgoing, Port: 53263, Process: daemonupd.exe) 15:19:07 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 53330, Process: ping.exe) 15:19:23 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 53409, Process: ping.exe) 15:19:31 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 53440, Process: svchost.exe) 15:19:31 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 53443, Process: ping.exe) 15:20:20 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 53708, Process: ping.exe) 15:20:20 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 53767, Process: ping.exe) 15:20:28 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 53785, Process: ping.exe) 15:20:36 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 53840, Process: ping.exe) 15:20:36 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 53850, Process: ping.exe) 15:20:36 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 53854, Process: ping.exe) 15:20:53 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54017, Process: ping.exe) 15:21:09 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54170, Process: ping.exe) 15:21:17 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54211, Process: ping.exe) 15:21:34 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54279, Process: ping.exe) 15:21:34 Kevin IP-BLOCK 82.146.53.138 (Type: outgoing, Port: 54325, Process: daemonupd.exe) 15:21:51 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54460, Process: ping.exe) 15:23:36 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 54676, Process: svchost.exe) 15:30:12 Kevin MESSAGE Protection started successfully 15:30:16 Kevin MESSAGE IP Protection started successfully 15:33:04 Kevin MESSAGE IP Protection stopped 15:33:06 Kevin MESSAGE Database updated successfully 15:33:08 Kevin MESSAGE IP Protection started successfully 15:33:38 Kevin IP-BLOCK 195.3.145.182 (Type: outgoing, Port: 49227, Process: firefox.exe) 15:40:12 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 49844, Process: firefox.exe) 15:40:20 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 49856, Process: ping.exe) 15:40:20 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 49859, Process: firefox.exe) 15:41:01 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 50057, Process: ping.exe) 15:41:17 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 50162, Process: ping.exe) 15:41:17 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 50189, Process: ping.exe) 15:41:33 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 50352, Process: ping.exe) 15:41:33 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 50353, Process: ping.exe) 15:41:50 Kevin IP-BLOCK 67.29.139.153 (Type: outgoing, Port: 50471, Process: ping.exe) 15:42:38 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50851, Process: ping.exe) 15:42:38 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50852, Process: ping.exe) 15:42:55 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50990, Process: ping.exe) 15:42:55 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 50991, Process: ping.exe) 15:43:35 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51469, Process: ping.exe) 15:43:35 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51472, Process: ping.exe) 15:43:51 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51527, Process: ping.exe) 15:43:51 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51535, Process: ping.exe) 15:43:51 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51551, Process: ping.exe) 15:43:51 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 51554, Process: ping.exe) 15:44:00 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51571, Process: ping.exe) 15:44:00 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51573, Process: ping.exe) 15:44:08 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51617, Process: ping.exe) 15:44:08 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51618, Process: ping.exe) 15:44:08 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 51630, Process: svchost.exe) 15:44:24 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51781, Process: ping.exe) 15:44:24 Kevin IP-BLOCK 208.87.33.151 (Type: outgoing, Port: 51783, Process: ping.exe) 15:45:33 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 51952, Process: ping.exe) 15:45:51 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 51970, Process: ping.exe) 15:46:09 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 52008, Process: ping.exe) 15:48:10 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 52045, Process: svchost.exe) 15:52:12 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 52071, Process: svchost.exe) 15:56:13 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 52092, Process: svchost.exe) 15:58:47 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 52707, Process: ping.exe) 15:59:28 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 53003, Process: ping.exe) 15:59:44 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 53045, Process: ping.exe) 16:00:00 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 53152, Process: ping.exe) 16:00:16 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 53284, Process: svchost.exe) 16:00:24 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 53481, Process: ping.exe) 16:00:24 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 53482, Process: ping.exe) 16:00:48 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53634, Process: ping.exe) 16:00:48 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 53638, Process: ping.exe) 16:00:48 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 53660, Process: ping.exe) 16:00:57 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 53777, Process: ping.exe) 16:00:57 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 53780, Process: ping.exe) 16:01:05 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 53869, Process: ping.exe) 16:01:13 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 53925, Process: ping.exe) 16:01:21 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54009, Process: ping.exe) 16:01:29 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54045, Process: ping.exe) 16:01:53 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54186, Process: ping.exe) 16:01:53 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54187, Process: ping.exe) 16:04:18 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 54301, Process: svchost.exe) 16:08:20 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 54324, Process: svchost.exe) 16:12:13 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 54347, Process: svchost.exe) 16:12:46 Kevin IP-BLOCK 188.95.52.162 (Type: outgoing, Port: 54352, Process: ping.exe) 16:12:54 Kevin IP-BLOCK 62.122.75.230 (Type: outgoing, Port: 54356, Process: ping.exe) 16:13:02 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54387, Process: ping.exe) 16:13:10 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54393, Process: ping.exe) 16:13:34 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54454, Process: ping.exe) 16:13:42 Kevin IP-BLOCK 91.228.133.56 (Type: outgoing, Port: 54472, Process: ping.exe) 16:13:43 Kevin IP-BLOCK 91.228.133.56 (Type: outgoing, Port: 54473, Process: ping.exe) 16:13:51 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54481, Process: ping.exe) 16:13:59 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54516, Process: ping.exe) 16:14:15 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54562, Process: ping.exe) 16:14:31 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54608, Process: ping.exe) 16:14:39 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54613, Process: ping.exe) 16:14:47 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54667, Process: ping.exe) 16:14:55 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54745, Process: ping.exe) 16:15:03 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54814, Process: ping.exe) 16:15:03 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54815, Process: ping.exe) 16:15:12 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54824, Process: ping.exe) 16:15:20 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54842, Process: ping.exe) 16:15:20 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54850, Process: ping.exe) 16:15:28 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54858, Process: ping.exe) 16:15:28 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54866, Process: ping.exe) 16:15:28 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54868, Process: ping.exe) 16:15:44 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54878, Process: ping.exe) 16:15:44 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54882, Process: ping.exe) 16:15:52 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54894, Process: ping.exe) 16:16:00 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 54914, Process: ping.exe) 16:16:00 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54916, Process: ping.exe) 16:16:08 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 54941, Process: ping.exe) 16:16:17 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54959, Process: ping.exe) 16:16:17 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 54960, Process: ping.exe) 16:16:17 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 54963, Process: svchost.exe) 16:16:25 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 55014, Process: ping.exe) 16:16:33 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 55040, Process: ping.exe) 16:16:33 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 55041, Process: ping.exe) 16:16:41 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 55046, Process: ping.exe) 16:16:41 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 55051, Process: ping.exe) 16:16:49 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 55053, Process: ping.exe) 16:16:49 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 55054, Process: ping.exe) 16:16:57 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 55064, Process: ping.exe) 16:16:57 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 55069, Process: ping.exe) 16:16:57 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 55073, Process: ping.exe) 16:17:05 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 55082, Process: ping.exe) 16:17:05 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 55096, Process: ping.exe) 16:17:14 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 55101, Process: ping.exe) 16:17:22 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 55147, Process: ping.exe) 16:17:22 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 55157, Process: ping.exe) 16:17:22 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 55158, Process: ping.exe) 16:17:46 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 55310, Process: ping.exe) 16:17:46 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 55311, Process: ping.exe) 16:17:54 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 55352, Process: ping.exe) 16:17:54 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 55358, Process: ping.exe) 16:17:54 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 55359, Process: ping.exe) 16:18:10 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 55374, Process: ping.exe) 16:18:11 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 55381, Process: ping.exe) 16:18:11 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 55383, Process: ping.exe) 16:18:11 Kevin IP-BLOCK 208.87.32.69 (Type: outgoing, Port: 55384, Process: ping.exe) 16:18:27 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 55396, Process: ping.exe) 16:18:27 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 55401, Process: ping.exe) 16:18:27 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 55402, Process: ping.exe) 16:18:59 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 55573, Process: ping.exe) 16:18:59 Kevin IP-BLOCK 208.73.210.29 (Type: outgoing, Port: 55574, Process: ping.exe) 16:20:03 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 55713, Process: ping.exe) 16:20:19 Kevin IP-BLOCK 206.161.121.115 (Type: outgoing, Port: 55722, Process: ping.exe) 16:20:19 Kevin IP-BLOCK 98.126.43.227 (Type: outgoing, Port: 55727, Process: svchost.exe) 16:20:36 Kevin IP-BLOCK 206.161.121.126 (Type: outgoing, Port: 55737, Process: ping.exe) +++++++++++++++++++++++++++++++++++++++ Latest MBAM scanner log +++++++++++++++++++++++++++++++++++++++ Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7703 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 9/12/2011 3:33:00 PM mbam-log-2011-09-12 (15-33-00).txt Scan type: Quick scan Objects scanned: 173364 Time elapsed: 47 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) +++++++++++++++++++++++++++++++++++++++ DDS Log +++++++++++++++++++++++++++++++++++++++ . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 Run by Kevin at 15:46:29 on 2011-09-12 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3949.2656 [GMT -5:00] . AV: AntiVir Desktop *Enabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Enabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe C:\Windows\System32\spoolsv.exe C:\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\P4G\BatteryLife.exe C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe C:\Avira\AntiVir Desktop\avguard.exe C:\Windows\SysWOW64\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Avira\AntiVir Desktop\avshadow.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Windows\system32\conhost.exe C:\Avira\AntiVir Desktop\avgnt.exe C:\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe C:\Windows\AsScrPro.exe C:\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Firefox\firefox.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll mRun: [avgnt] "C:\Avira\AntiVir Desktop\avgnt.exe" /min mRun: [Malwarebytes' Anti-Malware] "C:\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray dRun: [Google Update] C:\Windows\system32\config\systemprofile\AppData\Local\Google\Update\gupdate.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{8260747D-F637-49FE-9161-3D607FE45F27} : DhcpNameServer = 192.168.0.1 BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File mRun-x64: [avgnt] "C:\Avira\AntiVir Desktop\avgnt.exe" /min mRun-x64: [Malwarebytes' Anti-Malware] "C:\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\trsia0tk.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ============= SERVICES / DRIVERS =============== . R0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys --> C:\Windows\system32\DRIVERS\lullaby.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AFBAgent;AFBAgent;"C:\Windows\system32\FBAgent.exe" --> C:\Windows\system32\FBAgent.exe [?] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Avira\AntiVir Desktop\sched.exe [2011-9-11 136360] R2 AntiVirService;Avira AntiVir Guard;C:\Avira\AntiVir Desktop\avguard.exe [2011-9-11 269480] R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416] R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?] R2 MBAMService;MBAMService;C:\Malwarebytes' Anti-Malware\mbamservice.exe [2011-9-12 366640] R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-9-11 2314240] R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys --> C:\Windows\system32\DRIVERS\ETD.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?] R3 JME;JMicron Ethernet Adapter NDIS6 Driver (Amd64 Bits);C:\Windows\system32\DRIVERS\JME.sys --> C:\Windows\system32\DRIVERS\JME.sys [?] R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-12 136176] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-9-12 136176] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys --> C:\Windows\system32\DRIVERS\SiSG664.sys [?] . =============== Created Last 30 ================ . 2011-09-12 16:06:01 -------- d-----w- C:\Users\Kevin\AppData\Local\ElevatedDiagnostics 2011-09-12 14:45:01 -------- d-----w- C:\Users\Kevin\AppData\Roaming\Malwarebytes 2011-09-12 14:44:55 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-09-12 14:44:54 -------- d-----w- C:\ProgramData\Malwarebytes 2011-09-12 14:44:51 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-09-12 14:44:51 -------- d-----w- C:\Malwarebytes' Anti-Malware 2011-09-12 14:37:23 -------- d-----w- C:\Users\Kevin\AppData\Local\Google 2011-09-12 14:37:09 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-09-12 14:29:17 311808 ----a-w- C:\Windows\System32\msv1_0.dll 2011-09-12 14:29:17 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll 2011-09-12 01:08:56 243712 ----a-w- C:\Windows\System32\drivers\ks.sys 2011-09-12 01:08:56 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2011-09-11 21:52:48 -------- d-----w- C:\Users\Kevin\AppData\Roaming\Avira 2011-09-11 21:49:28 -------- d-----w- C:\Windows\pss 2011-09-11 21:35:36 -------- d-----w- C:\Users\Kevin\AppData\Local\Adobe 2011-09-11 21:20:42 88288 ----a-w- C:\Windows\System32\drivers\avgntflt.sys 2011-09-11 21:20:41 -------- d-----w- C:\ProgramData\Avira 2011-09-11 21:20:41 -------- d-----w- C:\Avira 2011-09-11 21:19:05 8862544 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F90A96B5-FD3A-4152-BEF0-ED49D70A345A}\mpengine.dll 2011-09-11 21:19:04 270720 ------w- C:\Windows\System32\MpSigStub.exe 2011-09-11 21:14:53 -------- d-----w- C:\Users\Kevin\AppData\Local\Mozilla 2011-09-11 21:13:25 -------- d-----w- C:\Firefox 2011-09-11 21:06:51 220672 ----a-w- C:\Windows\System32\wintrust.dll 2011-09-11 21:06:51 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll 2011-09-11 21:06:51 139264 ----a-w- C:\Windows\System32\cabview.dll 2011-09-11 21:06:51 132608 ----a-w- C:\Windows\SysWow64\cabview.dll 2011-09-11 21:05:15 -------- d-----w- C:\Users\Kevin\AppData\Local\ATI 2011-09-11 21:05:06 -------- d-----w- C:\Users\Kevin\AppData\Local\SRS Labs 2011-09-11 21:02:32 -------- d-----w- C:\Users\Kevin\AppData\Local\VirtualStore 2011-09-11 19:58:56 408600 ----a-w- C:\Windows\System32\drivers\iaStor.sys 2011-09-11 19:58:53 102000 ----a-w- C:\Windows\System32\drivers\JME.sys 2011-09-11 19:56:33 143472 ----a-w- C:\Windows\System32\drivers\jmcr.sys 2011-09-11 19:56:33 110080 ----a-w- C:\Windows\System32\jmcricon.dll 2011-09-11 19:56:27 42176 ----a-w- C:\Windows\System32\drivers\sncduvc.sys 2011-09-11 19:56:27 19008 ----a-w- C:\Windows\DrvInst.exe 2011-09-11 19:56:27 1806400 ----a-w- C:\Windows\System32\drivers\snp2uvc.sys 2011-09-11 19:56:26 386 ----a-w- C:\Windows\Uninstuxga.reg 2011-09-11 19:56:26 386 ----a-w- C:\Windows\Uninstsxga.reg 2011-09-11 19:56:26 384 ----a-w- C:\Windows\Uninstvga.reg 2011-09-11 19:56:26 2266 ----a-w- C:\Windows\Uninstvga.bat 2011-09-11 19:56:26 2008 ----a-w- C:\Windows\Uninstsxga.bat 2011-09-11 19:56:26 1682 ----a-w- C:\Windows\Uninstuxga.bat 2011-09-11 19:55:31 704512 ----a-w- C:\Windows\System32\drivers\CHDRT64.sys 2011-09-11 19:55:31 421888 ----a-w- C:\Windows\System32\UCI64A43.dll 2011-09-11 19:55:31 1745920 ----a-w- C:\Windows\System32\CX64OP19.dll 2011-09-11 19:53:47 2097152 ---h--r- C:\K62Jr.BIN 2011-09-11 19:53:46 2097152 ---h--r- C:\K52Jr.BIN 2011-09-11 19:53:42 4649472 ----a-w- C:\Windows\System32\ETDUI.cpl 2011-09-11 19:53:41 117760 ----a-w- C:\Windows\System32\drivers\ETD.sys 2011-09-11 19:53:40 1542656 ----a-w- C:\Windows\System32\drivers\athrx.sys 2011-09-11 19:53:40 15416 ----a-w- C:\Windows\System32\drivers\kbfiltr.sys 2011-09-11 19:53:39 15928 ----a-w- C:\Windows\System32\drivers\ATK64AMD.sys 2011-09-11 19:25:22 -------- d-----w- C:\Windows\SysWow64\K_Series_ScreenSaver_EN dir 2011-09-11 19:25:20 3054136 ----a-w- C:\Windows\AsScrPro.exe 2011-09-11 19:25:16 -------- d-----w- C:\eSupport 2011-09-11 19:25:09 183296 ----a-w- C:\Windows\SysWow64\ACEngSvr.exe 2011-09-11 19:25:02 359552 ----a-w- C:\Windows\System32\FBAgent.exe 2011-09-11 19:25:02 -------- d-----w- C:\Program Files\ASUS 2011-09-11 19:25:00 15928 ----a-w- C:\Windows\System32\drivers\lullaby.sys 2011-09-11 19:24:55 35384 ----a-w- C:\Windows\System32\drivers\AsDsm.sys 2011-09-11 19:24:37 -------- d-----w- C:\ProgramData\P4G 2011-09-11 19:24:37 -------- d-----w- C:\Program Files\P4G 2011-09-11 19:24:34 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll 2011-09-11 19:24:34 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll 2011-09-11 19:24:34 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll 2011-09-11 19:24:34 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll 2011-09-11 19:24:33 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe 2011-09-11 19:24:30 53248 ----a-w- C:\Windows\SysWow64\LogonStart.dll 2011-09-11 19:24:03 -------- d-----w- C:\Program Files (x86)\ASUS 2011-09-11 19:23:52 -------- d-----w- C:\Program Files (x86)\JMicron 2011-09-11 19:23:39 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent 2011-09-11 19:23:35 56344 ----a-w- C:\Windows\System32\drivers\HECIx64.sys 2011-09-11 19:23:21 -------- d-----w- C:\Program Files\SRS Labs 2011-09-11 19:22:44 -------- d-----w- C:\Windows\System32\SRSLabs 2011-09-11 19:22:44 -------- d-----w- C:\Program Files\CONEXANT 2011-09-11 19:22:06 0 ----a-w- C:\Windows\ativpsrm.bin 2011-09-11 19:20:31 -------- d-----w- C:\Program Files\ATI 2011-09-11 19:20:30 -------- d-----w- C:\Program Files (x86)\ATI Technologies 2011-09-11 19:20:19 -------- d-sh--w- C:\Windows\Installer 2011-09-11 19:17:43 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll 2011-09-11 19:17:38 -------- d-----w- C:\Intel 2011-09-11 19:15:57 -------- d-----w- C:\Program Files\Elantech . ==================== Find3M ==================== . 2009-04-08 17:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll 2008-08-12 04:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll . ============= FINISH: 15:48:22.67 =============== Attach.zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.