Vet1

Slow Computer and ip blocking

7 posts in this topic

Hi all I am haveing a problem with my computer running slow and Malwarebytes blocking ip. Also my computer C: drive seems to run and run for a long time after I reboot. Like for an hour or more like there is something or a program running it slows my pc down to a crawl. Can you please help thanks.

07:17:41 (null) MESSAGE Protection started successfully

07:22:18 Stephen Whittaker MESSAGE IP Protection started successfully

07:25:21 Stephen Whittaker IP-BLOCK 220.248.190.187 (Type: outgoing)

07:29:44 Stephen Whittaker IP-BLOCK 220.248.190.187 (Type: outgoing)

07:32:06 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

07:36:09 Stephen Whittaker IP-BLOCK 212.117.161.35 (Type: outgoing)

07:38:13 Stephen Whittaker IP-BLOCK 220.248.190.187 (Type: outgoing)

07:39:15 Stephen Whittaker IP-BLOCK 62.45.155.7 (Type: outgoing)

07:43:22 Stephen Whittaker IP-BLOCK 89.28.117.174 (Type: outgoing)

07:45:40 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:45:43 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:45:49 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:46:02 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:46:05 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:46:11 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:47:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

07:47:15 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:47:18 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:47:24 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:47:36 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:47:39 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:47:45 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:48:51 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:48:54 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:49:00 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:49:12 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:49:15 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:49:21 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:50:27 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:50:30 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:50:36 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:50:48 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:50:51 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:50:57 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:52:02 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:52:05 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:52:11 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:52:23 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:52:26 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:52:33 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:53:38 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:53:41 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:53:47 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:53:57 Stephen Whittaker IP-BLOCK 212.117.167.192 (Type: outgoing)

07:53:59 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:54:02 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:54:08 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:54:37 Stephen Whittaker IP-BLOCK 222.65.233.128 (Type: outgoing)

07:55:13 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:55:16 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:55:22 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:55:34 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:55:37 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:55:43 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:56:49 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:56:52 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:56:58 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:57:10 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:57:13 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:57:19 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:58:24 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:58:27 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:58:33 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:58:45 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:58:48 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

07:58:54 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:00:00 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:00:03 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:00:09 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:00:21 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:00:24 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:00:30 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:01:36 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:01:39 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:01:45 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:01:57 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:02:00 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:02:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

08:02:06 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:03:11 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:03:14 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:03:20 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:03:32 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:03:35 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:03:41 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:04:31 Stephen Whittaker IP-BLOCK 213.226.201.93 (Type: incoming)

08:04:47 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:04:50 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:04:56 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:05:08 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:05:11 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:05:17 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:06:22 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:06:25 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:06:29 Stephen Whittaker IP-BLOCK 89.28.42.214 (Type: outgoing)

08:06:31 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:06:43 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:06:46 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:06:52 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:07:06 Stephen Whittaker IP-BLOCK 77.78.245.47 (Type: incoming)

08:07:30 Stephen Whittaker IP-BLOCK 91.188.48.61 (Type: outgoing)

08:07:59 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:08:02 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:08:08 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:08:20 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:08:23 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:08:29 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:09:18 Stephen Whittaker IP-BLOCK 222.65.233.128 (Type: outgoing)

08:09:35 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:09:38 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:09:44 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:09:56 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:09:59 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:10:05 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:11:10 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:11:13 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:11:19 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:11:31 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:11:34 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:11:40 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:12:52 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:12:55 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:13:01 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:13:13 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:13:16 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:13:22 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:14:27 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:14:30 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:14:36 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:14:48 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:14:51 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:14:57 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:16:02 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:16:05 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:16:11 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:16:13 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:16:15 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:16:16 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:16:24 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:16:26 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:16:33 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:17:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

08:17:38 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:17:41 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:17:47 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:17:59 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:18:02 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:18:08 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:19:14 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:19:17 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:19:23 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:19:35 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:19:35 Stephen Whittaker IP-BLOCK 220.248.190.187 (Type: outgoing)

08:19:38 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:19:38 Stephen Whittaker IP-BLOCK 220.248.190.187 (Type: outgoing)

08:19:44 Stephen Whittaker IP-BLOCK 220.248.190.187 (Type: outgoing)

08:19:44 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:19:45 Stephen Whittaker IP-BLOCK 220.248.190.187 (Type: outgoing)

08:19:47 Stephen Whittaker IP-BLOCK 220.248.190.187 (Type: outgoing)

08:20:49 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:20:52 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:20:58 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:21:10 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:21:13 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:21:19 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:22:25 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:22:28 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:22:34 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:22:46 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:22:49 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:22:55 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:23:06 Stephen Whittaker IP-BLOCK 62.45.195.50 (Type: outgoing)

08:24:00 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:24:03 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:24:09 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:24:21 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:24:24 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:24:29 Stephen Whittaker IP-BLOCK 222.186.70.197 (Type: outgoing)

08:24:30 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:25:17 Stephen Whittaker IP-BLOCK 85.234.163.203 (Type: outgoing)

08:25:36 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:25:39 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:25:45 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:25:57 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:26:00 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:26:06 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:27:12 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:27:15 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:27:21 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:27:33 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:27:36 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:27:42 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:28:49 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:28:52 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:28:58 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:29:10 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:29:13 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:29:17 Stephen Whittaker IP-BLOCK 218.7.208.105 (Type: outgoing)

08:29:19 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:30:25 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:30:28 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:30:34 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:30:46 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:30:49 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:30:55 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:32:01 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:32:04 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:32:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

08:32:10 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:32:22 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:32:25 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:32:31 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:33:36 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:33:39 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:33:45 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:33:57 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:34:00 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:34:06 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:35:12 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:35:15 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:35:21 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:35:33 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:35:36 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:35:42 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:37:47 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:37:50 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:37:53 Stephen Whittaker IP-BLOCK 95.169.190.159 (Type: outgoing)

08:37:56 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:37:57 Stephen Whittaker IP-BLOCK 62.45.225.190 (Type: outgoing)

08:38:06 Stephen Whittaker IP-BLOCK 62.45.195.50 (Type: outgoing)

08:38:08 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:38:11 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:38:17 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:39:23 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:39:26 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:39:32 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:39:44 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:39:47 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:39:53 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:40:59 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:41:02 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:41:08 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:41:20 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:41:23 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:41:29 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:42:50 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:43:16 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:43:25 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:44:38 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:44:41 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:44:47 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:45:00 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:45:03 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:45:09 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:46:15 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:46:18 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:46:23 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:46:36 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:46:38 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:46:44 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:47:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

08:47:50 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:47:53 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:47:59 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:48:11 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:48:14 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:48:20 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:49:26 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:49:29 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:49:35 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:49:47 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:49:50 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:49:56 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:51:02 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:51:05 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:51:11 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:51:23 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:51:26 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:51:32 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:51:49 Stephen Whittaker IP-BLOCK 89.28.43.235 (Type: outgoing)

08:52:38 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:52:41 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:52:47 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:52:59 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:53:02 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:53:08 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:54:13 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:54:16 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:54:22 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:54:34 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:54:37 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:54:43 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:55:47 Stephen Whittaker IP-BLOCK 83.128.115.80 (Type: outgoing)

08:55:51 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:55:54 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:56:00 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:56:13 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:56:16 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:56:22 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:56:27 Stephen Whittaker IP-BLOCK 77.78.240.121 (Type: outgoing)

08:57:28 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:57:31 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:57:37 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:57:49 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:57:52 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:57:58 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:59:04 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:59:07 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:59:13 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:59:25 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:59:28 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

08:59:34 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:00:39 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:00:42 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:00:48 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:01:00 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:01:03 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:01:09 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:02:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

09:02:17 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:02:20 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:02:26 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:02:38 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:02:41 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:02:47 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:03:54 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:03:57 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:04:03 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:04:15 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:04:18 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:04:24 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:06:11 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:06:38 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:06:41 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:06:47 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:08:03 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:08:11 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:08:24 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:08:27 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:08:33 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:09:27 Stephen Whittaker IP-BLOCK 89.28.103.203 (Type: outgoing)

09:09:40 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:09:43 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:09:49 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:10:01 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:10:04 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:10:10 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:11:22 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:11:31 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:11:45 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:11:48 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:11:53 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:13:03 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:13:06 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:13:12 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:13:24 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:13:27 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:13:33 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:14:56 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:15:04 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:15:18 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:15:21 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:15:27 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:16:36 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:16:39 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:16:44 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:16:57 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:17:00 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:17:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

09:17:06 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:18:11 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:18:14 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:18:20 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:18:32 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:18:35 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:18:41 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:19:47 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:19:50 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:19:56 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:20:08 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:20:11 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:20:17 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

09:21:55 Stephen Whittaker IP-BLOCK 62.45.23.44 (Type: outgoing)

09:22:39 Stephen Whittaker IP-BLOCK 62.45.23.44 (Type: outgoing)

09:22:49 Stephen Whittaker IP-BLOCK 62.45.23.44 (Type: outgoing)

09:23:07 Stephen Whittaker IP-BLOCK 62.45.195.50 (Type: outgoing)

09:25:32 Stephen Whittaker IP-BLOCK 222.71.229.196 (Type: outgoing)

09:32:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

09:35:07 Stephen Whittaker IP-BLOCK 89.28.96.200 (Type: outgoing)

09:35:48 Stephen Whittaker IP-BLOCK 89.28.43.235 (Type: outgoing)

09:38:28 Stephen Whittaker IP-BLOCK 89.28.41.108 (Type: outgoing)

09:39:01 Stephen Whittaker IP-BLOCK 77.78.216.228 (Type: outgoing)

09:39:21 Stephen Whittaker IP-BLOCK 62.45.195.50 (Type: outgoing)

09:40:48 Stephen Whittaker IP-BLOCK 188.95.51.205 (Type: outgoing)

09:45:34 Stephen Whittaker IP-BLOCK 121.125.110.8 (Type: outgoing)

09:47:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

09:53:14 Stephen Whittaker IP-BLOCK 95.169.190.159 (Type: outgoing)

09:53:26 Stephen Whittaker IP-BLOCK 89.28.113.100 (Type: outgoing)

09:53:53 Stephen Whittaker IP-BLOCK 77.78.216.228 (Type: outgoing)

09:54:05 Stephen Whittaker IP-BLOCK 62.45.195.50 (Type: outgoing)

09:54:49 Stephen Whittaker IP-BLOCK 58.241.194.198 (Type: outgoing)

10:02:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

10:02:11 Stephen Whittaker IP-BLOCK 98.142.249.19 (Type: outgoing)

10:07:11 Stephen Whittaker IP-BLOCK 79.135.148.4 (Type: outgoing)

10:10:40 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

10:10:43 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

10:10:49 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

10:11:01 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

10:11:04 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

10:11:10 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

10:12:14 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

10:12:17 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

10:12:23 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

10:12:35 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

10:12:38 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

10:12:44 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

10:17:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

10:22:14 Stephen Whittaker IP-BLOCK 195.216.160.201 (Type: outgoing)

10:23:58 Stephen Whittaker IP-BLOCK 95.169.190.159 (Type: outgoing)

10:28:52 Stephen Whittaker IP-BLOCK 83.128.111.37 (Type: incoming)

10:32:06 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

10:35:13 Stephen Whittaker IP-BLOCK 89.28.69.139 (Type: outgoing)

10:36:55 Stephen Whittaker IP-BLOCK 58.241.85.12 (Type: outgoing)

10:37:12 Stephen Whittaker IP-BLOCK 95.169.186.102 (Type: outgoing)

10:38:28 Stephen Whittaker IP-BLOCK 89.28.41.108 (Type: outgoing)

10:47:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

10:55:42 Stephen Whittaker IP-BLOCK 222.76.13.227 (Type: outgoing)

10:57:20 Stephen Whittaker IP-BLOCK 62.45.206.171 (Type: outgoing)

11:02:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

11:02:41 Stephen Whittaker IP-BLOCK 89.28.56.106 (Type: incoming)

11:06:08 Stephen Whittaker IP-BLOCK 212.117.166.129 (Type: outgoing)

11:09:14 Stephen Whittaker IP-BLOCK 95.79.91.163 (Type: outgoing)

11:09:31 Stephen Whittaker IP-BLOCK 59.34.171.222 (Type: outgoing)

11:17:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

11:20:42 Stephen Whittaker IP-BLOCK 117.205.48.17 (Type: outgoing)

11:20:44 Stephen Whittaker IP-BLOCK 117.205.48.17 (Type: outgoing)

11:20:45 Stephen Whittaker IP-BLOCK 117.205.48.17 (Type: outgoing)

11:20:46 Stephen Whittaker IP-BLOCK 117.205.48.17 (Type: outgoing)

11:20:47 Stephen Whittaker IP-BLOCK 117.205.48.17 (Type: outgoing)

11:24:29 Stephen Whittaker IP-BLOCK 95.169.190.159 (Type: outgoing)

11:29:48 Stephen Whittaker IP-BLOCK 83.128.12.157 (Type: outgoing)

11:32:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

11:37:56 Stephen Whittaker IP-BLOCK 77.78.205.217 (Type: incoming)

11:38:08 Stephen Whittaker IP-BLOCK 89.28.112.244 (Type: outgoing)

11:39:36 Stephen Whittaker IP-BLOCK 95.169.190.159 (Type: outgoing)

11:40:50 Stephen Whittaker IP-BLOCK 85.234.163.203 (Type: outgoing)

11:47:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

11:51:31 Stephen Whittaker IP-BLOCK 212.117.166.94 (Type: outgoing)

11:53:07 Stephen Whittaker IP-BLOCK 62.45.109.20 (Type: outgoing)

11:55:24 Stephen Whittaker IP-BLOCK 83.128.98.254 (Type: outgoing)

12:02:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

12:08:52 Stephen Whittaker IP-BLOCK 222.65.75.127 (Type: outgoing)

12:14:57 Stephen Whittaker IP-BLOCK 77.78.209.11 (Type: outgoing)

12:17:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

12:18:05 Stephen Whittaker IP-BLOCK 95.79.91.140 (Type: outgoing)

12:24:20 Stephen Whittaker IP-BLOCK 95.169.190.159 (Type: outgoing)

12:25:23 Stephen Whittaker IP-BLOCK 62.45.89.197 (Type: outgoing)

12:25:59 Stephen Whittaker IP-BLOCK 62.45.155.7 (Type: outgoing)

12:32:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

12:37:20 Stephen Whittaker IP-BLOCK 89.28.112.244 (Type: outgoing)

12:40:59 Stephen Whittaker IP-BLOCK 62.45.202.88 (Type: outgoing)

12:44:29 Stephen Whittaker IP-BLOCK 83.128.12.157 (Type: outgoing)

12:47:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

12:55:37 Stephen Whittaker IP-BLOCK 62.45.195.50 (Type: outgoing)

12:58:10 Stephen Whittaker IP-BLOCK 62.45.5.1 (Type: outgoing)

12:58:20 Stephen Whittaker IP-BLOCK 62.45.5.1 (Type: outgoing)

12:58:32 Stephen Whittaker IP-BLOCK 62.45.5.1 (Type: outgoing)

13:02:05 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

13:06:23 Stephen Whittaker IP-BLOCK 87.248.166.18 (Type: outgoing)

13:07:57 Stephen Whittaker IP-BLOCK 62.45.164.3 (Type: outgoing)

13:11:26 Stephen Whittaker IP-BLOCK 89.28.61.97 (Type: outgoing)

13:12:33 Stephen Whittaker IP-BLOCK 117.205.48.17 (Type: outgoing)

13:15:03 Stephen Whittaker IP-BLOCK 83.128.12.157 (Type: outgoing)

13:15:13 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:15:25 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:15:28 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:15:34 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:17:07 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

13:17:25 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:17:39 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:17:42 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:17:48 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:18:57 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:19:00 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:19:06 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:19:18 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:19:21 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:19:27 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:20:34 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:20:37 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:20:43 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:20:55 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:20:58 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:21:04 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:22:10 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:22:13 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:22:17 Stephen Whittaker IP-BLOCK 58.240.90.227 (Type: outgoing)

13:22:19 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:22:31 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:22:34 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:22:41 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:23:49 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:23:52 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:23:58 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:24:10 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:24:13 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:24:19 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:24:51 Stephen Whittaker IP-BLOCK 95.169.190.159 (Type: outgoing)

13:25:25 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:25:27 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:25:34 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:25:46 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:25:49 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:25:50 Stephen Whittaker IP-BLOCK 62.45.155.7 (Type: outgoing)

13:25:55 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:27:03 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:27:06 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:27:12 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:27:24 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:27:27 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:27:33 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:27:34 Stephen Whittaker IP-BLOCK 121.125.219.36 (Type: outgoing)

13:28:39 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:28:42 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:28:48 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:29:00 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:29:03 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:29:09 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:29:19 Stephen Whittaker IP-BLOCK 83.128.12.157 (Type: outgoing)

13:30:14 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:30:17 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:30:23 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:30:35 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:30:38 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:30:44 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:31:50 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:31:53 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:31:59 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:32:06 Stephen Whittaker IP-BLOCK 212.117.167.73 (Type: outgoing)

13:32:11 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:32:14 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:32:20 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:33:25 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:33:28 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:33:34 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:33:46 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:33:49 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:33:55 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:35:01 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:35:04 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:35:10 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:35:22 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:35:25 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:35:31 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:36:37 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:36:40 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:36:46 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:36:58 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:37:01 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:37:07 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:38:12 Stephen Whittaker IP-BLOCK 89.28.100.203 (Type: outgoing)

13:38:12 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:38:15 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:38:21 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:38:33 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:38:36 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:38:42 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:39:48 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:39:51 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:39:57 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:40:02 Stephen Whittaker IP-BLOCK 87.118.92.225 (Type: outgoing)

13:40:09 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:40:12 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:40:18 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:41:24 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:41:26 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:41:33 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:41:45 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:41:48 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:41:53 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:42:18 Stephen Whittaker IP-BLOCK 83.128.115.80 (Type: outgoing)

13:43:20 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:43:41 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:43:44 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:43:50 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:44:56 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:44:59 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:45:05 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:45:17 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:45:20 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

13:45:26 Stephen Whittaker IP-BLOCK 64.135.77.30 (Type: outgoing)

Share this post


Link to post
Share on other sites

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

Share this post


Link to post
Share on other sites

Hi and thanks for responding. here's what you asked for.

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Database version: 7189

Windows 5.1.2600 Service Pack 2 (Safe Mode)

Internet Explorer 8.0.6001.18702

7/18/2011 7:27:38 AM

mbam-log-2011-07-18 (07-27-37).txt

Scan type: Quick scan

Objects scanned: 179570

Time elapsed: 5 minute(s), 9 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS (Ver_2011-07-14.01) - NTFS_x86 NETWORK

Internet Explorer: 8.0.6001.18702

Run by Stephen Whittaker at 7:32:02 on 2011-07-18

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.255.34 [GMT -5:00]

.

AV: COMODO Antivirus *Enabled/Updated* {043803A5-4F86-4ef7-AFC5-F6E02A79969B}

FW: COMODO Firewall *Enabled*

.

============== Running Processes ================

.

C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: &Crawler Toolbar Helper: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - c:\program files\crawler\toolbar\ctbr.dll

TB: &Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files\crawler\toolbar\ctbr.dll

TB: &Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files\crawler\toolbar\ctbr.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [AdobeUpdater] c:\program files\common files\adobe\updater5\AdobeUpdater.exe

uRun: [spywareTerminatorUpdate] "c:\program files\spyware terminator\SpywareTerminatorUpdate.exe"

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [soundMan] SOUNDMAN.EXE

mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [spywareTerminator] "c:\program files\spyware terminator\SpywareTerminatorShield.exe"

mRun: [PCRx] "c:\program files\pcrx\PCRxTray.exe" /startup

mRun: [COMODO] c:\program files\comodo\comodo geekbuddy\CLPSLA.exe

mRun: [CPA] c:\program files\comodo\comodo geekbuddy\VALA.exe

mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\reader 8.0\reader\reader_sl.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~2.lnk - c:\program files\adobe\reader 8.0\reader\AdobeCollabSync.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE

uPolicies-Explorer: NoDriveTypeAutoRun = dword:0

uPolicies-System: EnableProfileQuota = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: Crawler Search - tbr:iemenu

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Chessmaster%20Challenge/Images/stg_drm.ocx

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper20073151.dll

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1174361486406

DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Chessmaster%20Challenge/Images/armhelper.ocx

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{175C8EF0-449C-4582-80C6-D49C93C5EDAB} : DHCPNameServer = 192.168.1.254

Handler: ipp - <Clsid value has no data>

Handler: msdaipp - <Clsid value has no data>

Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\program files\crawler\toolbar\ctbr.dll

mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "c:\program files\outlook express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

mASetup: {7790769C-0471-11d2-AF11-00C04FA35D02} - "c:\program files\outlook express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

IFEO: Your Image File Name Here without a path - ntsd -d

.

============= SERVICES / DRIVERS ===============

.

R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2011-6-30 17416]

R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2011-6-30 29400]

R2 CLPSLS;COMODO livePCsupport Service;c:\program files\comodo\comodo geekbuddy\CLPSLS.exe [2011-5-25 154424]

S1 browserctldrv;browserctldrv;\??\c:\program files\browserctl\browserctl.sys --> c:\program files\browserctl\BrowserCtl.sys [?]

S1 CFRMD;CFRMD;c:\windows\system32\drivers\CFRMD.sys [2010-12-9 66584]

S1 CFRPD;CFRPD;c:\windows\system32\drivers\CFRPD.sys [2010-12-9 33232]

S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2011-6-30 242600]

S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-7-9 142592]

S2 Cleaner_Validator;COMODO System - Cleaner Service;c:\program files\comodo\comodo system-cleaner\Cleaner_Validator.exe [2010-12-9 305600]

S2 cmdAgent;COMODO Internet Security Helper Service;c:\program files\comodo\comodo internet security\cmdagent.exe [2011-6-30 1793712]

S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-7-12 366640]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-7-12 22712]

S4 browserctl;browserctl;c:\windows\system32\SvchoSt.ExE -k browserctl [2004-8-4 14336]

.

=============== Created Last 30 ================

.

2011-07-14 09:45:47 -------- d-----w- c:\documents and settings\stephen whittaker\local settings\application data\COMODO

2011-07-14 04:52:00 -------- d-----w- c:\documents and settings\stephen whittaker\local settings\application data\WMTools Downloaded Files

2011-07-13 10:10:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-13 03:00:24 -------- d-----w- c:\documents and settings\stephen whittaker\application data\Malwarebytes

2011-07-13 02:59:43 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-07-13 02:59:34 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-07-13 02:59:13 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-13 02:59:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-07-12 09:03:57 -------- d-----w- c:\windows\ie8updates

2011-07-12 07:05:42 -------- d-----w- c:\documents and settings\stephen whittaker\local settings\application data\ApplicationHistory

2011-07-12 07:00:19 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2011-07-12 07:00:19 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2011-07-12 07:00:17 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2011-07-12 07:00:11 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2011-07-12 07:00:10 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2011-07-12 07:00:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll

2011-07-12 07:00:04 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll

2011-07-12 06:14:02 -------- d-sh--w- c:\documents and settings\stephen whittaker\PrivacIE

2011-07-12 06:08:15 -------- d-sh--w- c:\documents and settings\stephen whittaker\IETldCache

2011-07-12 06:07:26 56826 ----a-w- c:\windows\cscmondump.bin

2011-07-12 05:13:39 -------- dc-h--w- c:\windows\ie8

2011-07-12 04:52:38 -------- d-----w- c:\windows\ServicePackFiles

2011-07-11 01:01:39 -------- d--h--w- C:\VritualRoot

2011-07-11 00:48:58 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat

2011-07-10 22:28:37 -------- d-----w- c:\documents and settings\all users\application data\Comodo

2011-07-10 22:24:32 -------- d-----w- c:\program files\COMODO

2011-07-10 22:19:26 -------- d-----w- c:\documents and settings\all users\application data\Comodo Downloader

2011-07-10 19:52:35 -------- d-----w- c:\windows\system32\appmgmt

2011-07-10 19:52:29 -------- d-----w- c:\windows\SxsCaPendDel

2011-07-10 19:09:22 -------- d-----w- c:\documents and settings\stephen whittaker\application data\PCRx

2011-07-10 19:09:19 -------- d-----w- c:\documents and settings\all users\application data\PCRx

2011-07-10 19:09:10 -------- d-----w- c:\program files\PCRx

2011-07-10 02:34:40 -------- d-----w- c:\program files\WinClamAVShield

2011-07-10 01:57:29 -------- d-----w- c:\program files\Crawler

2011-07-10 01:57:18 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys

2011-07-10 01:57:15 -------- d-----w- c:\documents and settings\stephen whittaker\application data\Spyware Terminator

2011-07-10 01:56:54 -------- d-----w- c:\documents and settings\all users\application data\Spyware Terminator

2011-07-10 01:56:52 -------- d-----w- c:\program files\Spyware Terminator

2011-07-09 08:50:27 -------- d-----w- c:\windows\system32\CatRoot_bak

2011-07-09 08:45:22 -------- d-----w- c:\windows\system32\wbem\repository\FS

2011-07-09 08:45:22 -------- d-----w- c:\windows\system32\wbem\Repository

2011-07-09 07:33:49 272128 -c----w- c:\windows\system32\dllcache\bthport.sys

2011-07-09 07:33:49 272128 ------w- c:\windows\system32\drivers\bthport.sys

2011-06-30 14:38:14 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2011-06-30 14:38:14 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys

2011-06-30 14:38:12 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys

2011-06-30 14:37:26 285256 ----a-w- c:\windows\system32\guard32.dll

.

==================== Find3M ====================

.

2011-07-09 03:21:25 98304 ----a-w- c:\windows\strt_1250795595.exe.exe

2011-04-20 09:41:58 1409 ----a-w- c:\windows\QTFont.for

.

============= FINISH: 7:32:44.50 ===============

PS in safemode my computor does not run slow or do I get the IP blocking. It also does nnot run continusly for an hour or more and web surfing is much faster in safemode.

Share this post


Link to post
Share on other sites

Here's the log files you asked for.

ComboFix 11-07-25.02 - Stephen Whittaker 07/25/2011 14:22:14.1.1 - x86 NETWORK

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.255.177 [GMT -5:00]

Running from: c:\documents and settings\Stephen Whittaker\Desktop\ComboFix.exe

AV: COMODO Antivirus *Enabled/Updated* {043803A5-4F86-4ef7-AFC5-F6E02A79969B}

FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\95146396.ini

c:\documents and settings\All Users\Application Data\Tarma Installer

c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll

c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll

c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat

c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe

c:\documents and settings\All Users\Application Data\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico

c:\documents and settings\Stephen Whittaker\WINDOWS

c:\program files\driver

c:\windows\strt_1250795595.exe.exe

.

c:\windows\system32\proquota.exe . . . is missing!!

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_BROWSERCTL

-------\Legacy_BROWSERCTLDRV

-------\Service_browserctl

-------\Service_browserctldrv

.

.

((((((((((((((((((((((((( Files Created from 2011-06-25 to 2011-07-25 )))))))))))))))))))))))))))))))

.

.

2011-07-18 13:35 . 2011-07-18 13:35 -------- d-----w- c:\documents and settings\Stephen Whittaker\Application Data\FCTB000100377

2011-07-18 13:35 . 2010-03-31 23:43 85504 ----a-w- c:\windows\system32\ff_vfw.dll

2011-07-18 13:35 . 2011-07-18 13:35 -------- d-----w- c:\program files\InstaCodecs

2011-07-18 13:35 . 2011-07-18 13:35 -------- d-----w- c:\program files\Itibiti Soft Phone

2011-07-18 13:35 . 2011-07-18 13:35 -------- d-----w- c:\program files\Free Offers from Freeze.com

2011-07-18 13:35 . 2011-07-18 13:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!

2011-07-18 13:35 . 2011-07-18 13:35 -------- d-----w- c:\program files\Relief Network LP4

2011-07-18 13:34 . 2011-07-18 14:11 -------- d-----w- c:\program files\Yontoo Layers

2011-07-18 13:34 . 2011-07-18 14:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion

2011-07-18 13:34 . 2011-07-18 13:34 -------- d-----w- c:\documents and settings\Stephen Whittaker\Application Data\Yahoo!

2011-07-14 09:45 . 2011-07-14 09:45 -------- d-----w- c:\documents and settings\Stephen Whittaker\Local Settings\Application Data\COMODO

2011-07-14 04:52 . 2011-07-14 04:52 -------- d-----w- c:\documents and settings\Stephen Whittaker\Local Settings\Application Data\WMTools Downloaded Files

2011-07-13 10:10 . 2011-07-13 10:10 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-13 03:00 . 2011-07-13 03:00 -------- d-----w- c:\documents and settings\Stephen Whittaker\Application Data\Malwarebytes

2011-07-13 02:59 . 2011-07-07 00:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-07-13 02:59 . 2011-07-13 02:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2011-07-13 02:59 . 2011-07-07 00:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-13 02:59 . 2011-07-16 02:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-07-12 07:05 . 2011-07-12 10:45 -------- d-----w- c:\documents and settings\Stephen Whittaker\Local Settings\Application Data\ApplicationHistory

2011-07-12 07:00 . 2010-05-06 10:41 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2011-07-12 07:00 . 2010-05-06 10:41 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2011-07-12 07:00 . 2010-05-06 10:41 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll

2011-07-12 07:00 . 2010-05-06 10:41 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll

2011-07-12 06:14 . 2011-07-12 06:14 -------- d-sh--w- c:\documents and settings\Stephen Whittaker\PrivacIE

2011-07-12 06:13 . 2011-07-12 06:13 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache

2011-07-12 06:08 . 2011-07-12 06:08 -------- d-sh--w- c:\documents and settings\Stephen Whittaker\IETldCache

2011-07-12 06:07 . 2011-07-18 12:20 56826 ----a-w- c:\windows\cscmondump.bin

2011-07-12 05:13 . 2011-07-12 05:15 -------- dc-h--w- c:\windows\ie8

2011-07-12 04:52 . 2011-07-12 04:52 -------- d-----w- c:\windows\ServicePackFiles

2011-07-11 01:01 . 2011-07-11 01:01 -------- d-----w- C:\VritualRoot

2011-07-11 00:48 . 2011-07-14 11:54 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat

2011-07-10 22:28 . 2011-07-12 08:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo

2011-07-10 22:24 . 2011-07-10 22:45 -------- d-----w- c:\program files\COMODO

2011-07-10 22:19 . 2011-07-10 22:23 -------- d-----w- c:\documents and settings\All Users\Application Data\Comodo Downloader

2011-07-10 19:52 . 2011-07-11 00:49 -------- d-----w- c:\windows\SxsCaPendDel

2011-07-10 19:09 . 2011-07-17 13:41 -------- d-----w- c:\documents and settings\Stephen Whittaker\Application Data\PCRx

2011-07-10 19:09 . 2011-07-10 19:09 -------- d-----w- c:\documents and settings\All Users\Application Data\PCRx

2011-07-10 19:09 . 2011-07-10 19:09 -------- d-----w- c:\program files\PCRx

2011-07-10 02:34 . 2011-07-19 10:20 -------- d-----w- c:\program files\WinClamAVShield

2011-07-10 01:57 . 2011-07-10 01:58 -------- d-----w- c:\program files\Crawler

2011-07-10 01:57 . 2011-07-10 01:57 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys

2011-07-10 01:57 . 2011-07-25 19:09 -------- d-----w- c:\documents and settings\Stephen Whittaker\Application Data\Spyware Terminator

2011-07-10 01:56 . 2011-07-19 10:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator

2011-07-10 01:56 . 2011-07-25 19:09 -------- d-----w- c:\program files\Spyware Terminator

2011-07-09 08:50 . 2011-07-10 07:00 -------- d-----w- c:\windows\system32\CatRoot_bak

2011-07-09 08:45 . 2011-07-09 08:45 -------- d-----w- c:\windows\system32\wbem\Repository

2011-07-09 07:33 . 2008-06-13 13:10 272128 -c----w- c:\windows\system32\dllcache\bthport.sys

2011-07-09 07:33 . 2008-06-13 13:10 272128 ------w- c:\windows\system32\drivers\bthport.sys

2011-07-03 02:25 . 2011-07-09 08:45 -------- d-s---w- c:\documents and settings\Administrator

2011-06-30 14:38 . 2011-06-30 14:38 97504 ----a-w- c:\windows\system32\drivers\inspect.sys

2011-06-30 14:38 . 2011-06-30 14:38 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2011-06-30 14:38 . 2011-06-30 14:38 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys

2011-06-30 14:38 . 2011-06-30 14:38 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys

2011-06-30 14:37 . 2011-06-30 14:37 285256 ----a-w- c:\windows\system32\guard32.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-05-17 03:09 . 2011-05-11 01:09 397 ----a-w- c:\documents and settings\Stephen Whittaker\exe.js

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{3862f31b-b7b2-0854-cd54-ea4726c86127}"= "c:\program files\Relief Network LP4\Helper.dll" [2011-07-18 357376]

"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll" [2011-03-16 214840]

.

[HKEY_CLASSES_ROOT\clsid\{3862f31b-b7b2-0854-cd54-ea4726c86127}]

[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1]

[HKEY_CLASSES_ROOT\TypeLib\{59E2F26C-63D0-57B4-05FD-3E7901C9A2CC}]

[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook]

.

[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]

[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin.1]

[HKEY_CLASSES_ROOT\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}]

[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin]

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8AC531C5-DBDA-A484-B590-11ACB177FE33}]

2011-07-18 13:35 1534976 ----a-w- c:\program files\Relief Network LP4\Toolbar.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2007-08-01 2321600]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-22 7700480]

"nwiz"="nwiz.exe" [2006-10-22 1622016]

"SoundMan"="SOUNDMAN.EXE" [2006-11-17 577536]

"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 32768]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-29 286720]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-22 86016]

"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2011-07-10 2216960]

"PCRx"="c:\program files\PCRx\PCRxTray.exe" [2011-07-07 413280]

"COMODO"="c:\program files\COMODO\COMODO GeekBuddy\CLPSLA.exe" [2011-05-26 208184]

"CPA"="c:\program files\COMODO\COMODO GeekBuddy\VALA.exe" [2011-05-26 182584]

"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-06-30 2554696]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-07-07 449584]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\system32\guard32.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS]

@="Service"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\Windows Lotto Pro 2000\\proupdt.exe"=

"c:\\Program Files\\Spyware Terminator\\SpywareTerminatorUpdate.exe"=

"c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\WINDOWS\\system32\\sessmgr.exe"=

"c:\\Program Files\\Relief Network LP4\\TroubleShooter.exe"=

"c:\\Program Files\\Itibiti Soft Phone\\Itibiti.exe"=

.

S1 CFRMD;CFRMD;c:\windows\system32\DRIVERS\CFRMD.sys [2010-12-09 66584]

S1 CFRPD;CFRPD;c:\windows\system32\DRIVERS\CFRPD.sys [2010-12-09 33232]

S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2011-06-30 17416]

S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2011-06-30 242600]

S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2011-06-30 29400]

S1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2011-07-10 142592]

S2 Cleaner_Validator;COMODO System - Cleaner Service;c:\program files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe [2010-12-09 305600]

S2 CLPSLS;COMODO livePCsupport Service;c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe [2011-05-26 154424]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-07-07 366640]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-07-07 22712]

.

.

Contents of the 'Scheduled Tasks' folder

.

2011-06-30 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-06-03 18:42]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com/

IE: Crawler Search - tbr:iemenu

TCP: DhcpNameServer = 192.168.1.254

Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\Toolbar\ctbr.dll

.

- - - - ORPHANS REMOVED - - - -

.

BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files\Yontoo Layers\YontooIEClient.dll

Toolbar-SITEguard - (no file)

AddRemove-QuickTime 3.0 - c:\windows\system\quicktime.qts\DeIsL1.isu

AddRemove-{889DF117-14D1-44EE-9F31-C5FB5D47F68B} - c:\docume~1\ALLUSE~1\APPLIC~1\TARMAI~1\{889DF~1\Setup.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-07-25 14:36

Windows 5.1.2600 Service Pack 2 NTFS

.

detected NTDLL code modification:

ZwClose

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-1708537768-115176313-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'lsass.exe'(776)

c:\windows\system32\guard32.dll

.

- - - - - - - > 'explorer.exe'(3240)

c:\windows\system32\WININET.dll

c:\windows\system32\guard32.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\COMODO\COMODO Internet Security\cmdagent.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Common Files\Motive\McciCMService.exe

c:\windows\system32\nvsvc32.exe

c:\program files\Spyware Terminator\sp_rsser.exe

c:\windows\system32\wdfmgr.exe

c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe

c:\windows\SOUNDMAN.EXE

c:\program files\COMODO\COMODO GeekBuddy\CLPS.exe

c:\windows\system32\wbem\unsecapp.exe

c:\windows\system32\wscntfy.exe

.

**************************************************************************

.

Completion time: 2011-07-25 15:00:51 - machine was rebooted

ComboFix-quarantined-files.txt 2011-07-25 20:00

.

Pre-Run: 22,763,331,584 bytes free

Post-Run: 24,938,405,888 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - D3235AFC00F899A3794B224FA1765475

DDS (Ver_2011-07-14.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702

Run by Stephen Whittaker at 15:10:06 on 2011-07-25

Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.255.13 [GMT -5:00]

.

AV: COMODO Antivirus *Disabled/Outdated* {043803A5-4F86-4ef7-AFC5-F6E02A79969B}

FW: COMODO Firewall *Disabled*

.

============== Running Processes ================

.

C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe

C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\COMODO\COMODO System-Cleaner\Cleaner_Validator.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Spyware Terminator\sp_rsser.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\PCRx\PCRxTray.exe

C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

C:\Program Files\COMODO\COMODO GeekBuddy\CLPS.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\wbem\unsecapp.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\notepad.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uURLSearchHooks: FCToolbarURLSearchHook Class: {3862f31b-b7b2-0854-cd54-ea4726c86127} - c:\program files\relief network lp4\Helper.dll

uURLSearchHooks: <No Name>: - LocalServer32 - <no file>

uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - c:\program files\yahoo!\companion\installs\cpn0\YTNavAssist.dll

BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: &Crawler Toolbar Helper: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - c:\program files\crawler\toolbar\ctbr.dll

BHO: Relief Network LP4: {8AC531C5-DBDA-A484-B590-11ACB177FE33} - c:\program files\relief network lp4\Toolbar.dll

BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll

TB: &Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files\crawler\toolbar\ctbr.dll

TB: &Crawler Toolbar: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - c:\program files\crawler\toolbar\ctbr.dll

TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

uRun: [AdobeUpdater] c:\program files\common files\adobe\updater5\AdobeUpdater.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [soundMan] SOUNDMAN.EXE

mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [spywareTerminator] "c:\program files\spyware terminator\SpywareTerminatorShield.exe"

mRun: [PCRx] "c:\program files\pcrx\PCRxTray.exe" /startup

mRun: [COMODO] c:\program files\comodo\comodo geekbuddy\CLPSLA.exe

mRun: [CPA] c:\program files\comodo\comodo geekbuddy\VALA.exe

mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\reader 8.0\reader\reader_sl.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~2.lnk - c:\program files\adobe\reader 8.0\reader\AdobeCollabSync.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE

uPolicies-Explorer: NoDriveTypeAutoRun = dword:323

uPolicies-Explorer: NoDriveAutoRun = dword:67108863

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

IE: Crawler Search - tbr:iemenu

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Chessmaster%20Challenge/Images/stg_drm.ocx

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper20073151.dll

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1174361486406

DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Chessmaster%20Challenge/Images/armhelper.ocx

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{175C8EF0-449C-4582-80C6-D49C93C5EDAB} : DHCPNameServer = 192.168.1.254

Handler: ipp - <Clsid value has no data>

Handler: msdaipp - <Clsid value has no data>

Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\program files\crawler\toolbar\ctbr.dll

mASetup: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "c:\program files\outlook express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

mASetup: {7790769C-0471-11d2-AF11-00C04FA35D02} - "c:\program files\outlook express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

IFEO: Your Image File Name Here without a path - ntsd -d

.

============= SERVICES / DRIVERS ===============

.

.

=============== Created Last 30 ================

.

2011-07-25 19:18:46 -------- d-sha-r- C:\cmdcons

2011-07-25 19:16:13 98816 ----a-w- c:\windows\sed.exe

2011-07-25 19:16:13 256000 ----a-w- c:\windows\PEV.exe

2011-07-25 19:16:13 208896 ----a-w- c:\windows\MBR.exe

2011-07-25 19:16:00 -------- d-----w- C:\ComboFix

2011-07-18 13:35:25 85504 ----a-w- c:\windows\system32\ff_vfw.dll

2011-07-18 13:35:25 -------- d-----w- c:\documents and settings\stephen whittaker\application data\FCTB000100377

2011-07-18 13:35:23 -------- d-----w- c:\program files\InstaCodecs

2011-07-18 13:35:13 -------- d-----w- c:\program files\Itibiti Soft Phone

2011-07-18 13:35:13 -------- d-----w- c:\program files\Free Offers from Freeze.com

2011-07-18 13:35:02 -------- d-----w- c:\program files\Relief Network LP4

2011-07-18 13:34:59 -------- d-----w- c:\program files\Yontoo Layers

2011-07-14 09:45:47 -------- d-----w- c:\documents and settings\stephen whittaker\local settings\application data\COMODO

2011-07-14 04:52:00 -------- d-----w- c:\documents and settings\stephen whittaker\local settings\application data\WMTools Downloaded Files

2011-07-13 10:10:27 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-13 03:00:24 -------- d-----w- c:\documents and settings\stephen whittaker\application data\Malwarebytes

2011-07-13 02:59:43 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-07-13 02:59:34 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-07-13 02:59:13 22712 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-13 02:59:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-07-12 09:03:57 -------- d-----w- c:\windows\ie8updates

2011-07-12 07:05:42 -------- d-----w- c:\documents and settings\stephen whittaker\local settings\application data\ApplicationHistory

2011-07-12 07:00:19 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2011-07-12 07:00:19 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2011-07-12 07:00:17 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2011-07-12 07:00:11 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2011-07-12 07:00:10 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2011-07-12 07:00:08 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll

2011-07-12 07:00:04 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll

2011-07-12 06:14:02 -------- d-sh--w- c:\documents and settings\stephen whittaker\PrivacIE

2011-07-12 06:08:15 -------- d-sh--w- c:\documents and settings\stephen whittaker\IETldCache

2011-07-12 06:07:26 56826 ----a-w- c:\windows\cscmondump.bin

2011-07-12 05:13:39 -------- dc-h--w- c:\windows\ie8

2011-07-12 04:52:38 -------- d-----w- c:\windows\ServicePackFiles

2011-07-11 01:01:39 -------- d-----w- C:\VritualRoot

2011-07-11 00:48:58 1474832 ----a-w- c:\windows\system32\drivers\sfi.dat

2011-07-10 22:28:37 -------- d-----w- c:\documents and settings\all users\application data\Comodo

2011-07-10 22:24:32 -------- d-----w- c:\program files\COMODO

2011-07-10 22:19:26 -------- d-----w- c:\documents and settings\all users\application data\Comodo Downloader

2011-07-10 19:52:35 -------- d-----w- c:\windows\system32\appmgmt

2011-07-10 19:52:29 -------- d-----w- c:\windows\SxsCaPendDel

2011-07-10 19:09:22 -------- d-----w- c:\documents and settings\stephen whittaker\application data\PCRx

2011-07-10 19:09:19 -------- d-----w- c:\documents and settings\all users\application data\PCRx

2011-07-10 19:09:10 -------- d-----w- c:\program files\PCRx

2011-07-10 02:34:40 -------- d-----w- c:\program files\WinClamAVShield

2011-07-10 01:57:29 -------- d-----w- c:\program files\Crawler

2011-07-10 01:57:18 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys

2011-07-10 01:57:15 -------- d-----w- c:\documents and settings\stephen whittaker\application data\Spyware Terminator

2011-07-10 01:56:54 -------- d-----w- c:\documents and settings\all users\application data\Spyware Terminator

2011-07-10 01:56:52 -------- d-----w- c:\program files\Spyware Terminator

2011-07-09 08:50:27 -------- d-----w- c:\windows\system32\CatRoot_bak

2011-07-09 08:45:22 -------- d-----w- c:\windows\system32\wbem\repository\FS

2011-07-09 08:45:22 -------- d-----w- c:\windows\system32\wbem\Repository

2011-07-09 07:33:49 272128 -c----w- c:\windows\system32\dllcache\bthport.sys

2011-07-09 07:33:49 272128 ------w- c:\windows\system32\drivers\bthport.sys

2011-06-30 14:38:14 29400 ----a-w- c:\windows\system32\drivers\cmdhlp.sys

2011-06-30 14:38:14 242600 ----a-w- c:\windows\system32\drivers\cmdGuard.sys

2011-06-30 14:38:12 17416 ----a-w- c:\windows\system32\drivers\cmderd.sys

2011-06-30 14:37:26 285256 ----a-w- c:\windows\system32\guard32.dll

.

==================== Find3M ====================

.

.

============= FINISH: 15:11:18.42 ===============

Ip blocking is still coming up.

Share this post


Link to post
Share on other sites

Hi,

Please delete your copy of ComboFix, download the latest version from here, and save it to your Desktop. Do not run it yet.

Next, please open Notepad - don't use any other text editor than notepad or the script will fail.

Copy/paste the text in the box below into Notepad:

MIA::
c:\windows\system32\proquota.exe

Save this as CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

CFScriptB-4.gif

This will start ComboFix again. After reboot, (in case it asks to reboot), post the contents of Combofix.txt in your next reply together with a new DDS log.

-screen317

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.