Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2014.02.24.05
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16798
Beth :: BETH [administrator]
Protection: Enabled
2/24/2014 1:51:47 PM
mbam-log-2014-02-24 (13-51-47).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 215388
Time elapsed: 4 minute(s), 13 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16798 BrowserJavaVersion: 10.51.2
Run by Beth at 14:38:59 on 2014-02-24
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.6030.3961 [GMT -5:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSWinService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Windows\system32\igfxpers.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://
www.google.com/
uDefault_Page_URL = hxxp://asus13.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSPanel.exe /S
mRun: [Conime] C:\Windows\System32\conime.exe
mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 10.0.1.1
TCP: Interfaces\{73003C28-F51D-4FD1-9720-2ABAC555BE89} : DHCPNameServer = 10.0.1.1
TCP: Interfaces\{73003C28-F51D-4FD1-9720-2ABAC555BE89}\34963736F64493138373 : DHCPNameServer = 63.148.157.2 63.148.157.3 205.171.3.65
TCP: Interfaces\{73003C28-F51D-4FD1-9720-2ABAC555BE89}\642716E6B6C696E60234F657E6479702055726C6963602353686F6F6C637 : DHCPNameServer = 10.92.208.2
TCP: Interfaces\{73003C28-F51D-4FD1-9720-2ABAC555BE89}\845696562747D27657563747 : DHCPNameServer = 74.128.17.114 74.128.19.102
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} -
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Plus-HD-1.3: {11111111-1111-1111-1111-110311121157} -
x64-BHO: Highlightly: {83F2328D-0D6A-42B4-B0C4-02A929EDD4BE} - C:\Program Files\Highlightly\IE\HighlightlyClientIE.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Beth\AppData\Roaming\Mozilla\Firefox\Profiles\bme5wwmz.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-7-5 645952]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-4-13 277120]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service;C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.13.147\AsusWSWinService.exe [2012-10-24 68608]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-9-2 166720]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2013-3-15 395640]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2013-1-15 780152]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2014-2-16 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2014-2-16 701512]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-9-2 365376]
R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\Drivers\AiCharger.sys [2012-7-24 17152]
R3 ATP;ASUS PS/2 Port Input Device;C:\Windows\System32\Drivers\AsusTP.sys [2012-10-31 61824]
R3 HIDSwitch;ASUS Wireless Radio Control;C:\Windows\System32\Drivers\AsHIDSwitch64.sys [2012-8-22 21152]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-8-22 342528]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2014-2-16 25928]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\Windows\System32\Drivers\RtsBaStor.sys [2012-9-2 295056]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-9-2 683664]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\Drivers\ssudbus.sys [2013-8-20 103576]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S4 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-9-2 2451456]
S4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-10-17 39056]
S4 RealPlayer Desktop Service;RealPlayer Desktop Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2013-12-8 1418336]
S4 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2013-10-25 29320]
.
=============== Created Last 30 ================
.
2014-02-24 15:46:07 10536864 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{BA6D6895-DE18-4A27-8F08-0564AE4E01B9}\mpengine.dll
2014-02-24 15:46:00 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-02-24 15:41:31 -------- d-----w- C:\Windows\LastGood.Tmp
2014-02-16 15:35:04 -------- d-----w- C:\Program Files\CCleaner
2014-02-16 15:28:49 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-02-16 14:59:39 -------- d-----w- C:\Users\Beth\AppData\Roaming\Malwarebytes
2014-02-16 14:59:17 -------- d-----w- C:\ProgramData\Malwarebytes
2014-02-16 14:59:16 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-02-16 14:59:16 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-13 04:47:25 3842560 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-13 04:47:25 3288576 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-13 04:47:25 2238976 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-13 04:47:25 2032640 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
.
==================== Find3M ====================
.
2014-02-24 18:26:26 380 ----a-w- C:\Users\Beth\AppData\Roaming\sp_data.sys
2014-02-17 22:03:37 78304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-17 22:03:37 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-01 09:19:49 2241536 ----a-w- C:\Windows\System32\wininet.dll
2014-02-01 09:19:36 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2014-02-01 09:19:36 53760 ----a-w- C:\Windows\System32\UXInit.dll
2014-02-01 09:18:25 3960320 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-01 09:18:21 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-01 09:18:21 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-02-01 07:58:31 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-02-01 07:58:24 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2014-02-01 07:57:20 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-01 07:57:16 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-01 07:57:16 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-02-01 07:40:43 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-01 07:34:53 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-01 05:08:52 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2013-12-09 00:45:52 523776 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-12-08 23:59:47 600064 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-08 17:43:09 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2013-12-08 17:43:09 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2013-12-07 06:37:24 688640 ----a-w- C:\Windows\System32\WSShared.dll
2013-12-07 06:37:24 163840 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-07 05:15:46 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
2013-12-07 05:15:46 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-04 23:43:46 1845248 ----a-w- C:\Windows\System32\msxml3.dll
2013-12-04 23:43:43 583680 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 23:37:09 1419264 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-12-04 23:37:08 451072 ----a-w- C:\Windows\SysWow64\msdrm.dll
2013-12-04 19:46:36 58256 ----a-w- C:\Windows\System32\drivers\hlnfd.sys
.
============= FINISH: 14:39:24.11 ===============
(end)
2014/02/24 06:27:25 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 61161, Process: firefox.exe)
2014/02/24 06:27:25 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 61162, Process: firefox.exe)
2014/02/24 06:27:49 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 61376, Process: firefox.exe)
2014/02/24 06:27:49 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 61377, Process: firefox.exe)
2014/02/24 06:27:49 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 61378, Process: firefox.exe)
2014/02/24 06:27:49 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 61379, Process: firefox.exe)
2014/02/24 06:52:57 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 61790, Process: firefox.exe)
2014/02/24 06:52:57 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 61791, Process: firefox.exe)
2014/02/24 10:08:35 -0500 BETH Beth MESSAGE Starting database refresh
2014/02/24 10:08:35 -0500 BETH Beth MESSAGE Stopping IP protection
2014/02/24 10:08:35 -0500 BETH Beth MESSAGE IP Protection stopped successfully
2014/02/24 10:08:38 -0500 BETH Beth MESSAGE Database refreshed successfully
2014/02/24 10:08:38 -0500 BETH Beth MESSAGE Starting IP protection
2014/02/24 10:08:40 -0500 BETH Beth MESSAGE IP Protection started successfully
2014/02/24 10:11:43 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 62006, Process: chrome.exe)
2014/02/24 10:11:43 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 62007, Process: chrome.exe)
2014/02/24 10:12:31 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 62133, Process: chrome.exe)
2014/02/24 10:12:31 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 62134, Process: chrome.exe)
2014/02/24 10:12:47 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 62194, Process: chrome.exe)
2014/02/24 10:12:47 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 62195, Process: chrome.exe)
2014/02/24 10:15:12 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 62256, Process: chrome.exe)
2014/02/24 10:15:12 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 62257, Process: chrome.exe)
2014/02/24 10:21:21 -0500 BETH Beth IP-BLOCK 162.210.192.99 (Type: outgoing, Port: 62320, Process: chrome.exe)
2014/02/24 10:21:21 -0500 BETH Beth IP-BLOCK 162.210.192.99 (Type: outgoing, Port: 62321, Process: chrome.exe)
2014/02/24 10:21:21 -0500 BETH Beth IP-BLOCK 162.210.192.99 (Type: outgoing, Port: 62322, Process: chrome.exe)
2014/02/24 10:21:21 -0500 BETH Beth IP-BLOCK 162.210.192.99 (Type: outgoing, Port: 62323, Process: chrome.exe)
2014/02/24 10:21:21 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 62348, Process: chrome.exe)
2014/02/24 10:21:21 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 62349, Process: chrome.exe)
2014/02/24 10:34:23 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 62546, Process: firefox.exe)
2014/02/24 10:34:23 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 62550, Process: firefox.exe)
2014/02/24 11:00:17 -0500 BETH (null) MESSAGE Starting protection
2014/02/24 11:00:17 -0500 BETH (null) MESSAGE Protection started successfully
2014/02/24 11:00:17 -0500 BETH (null) MESSAGE Starting IP protection
2014/02/24 11:00:18 -0500 BETH (null) MESSAGE IP Protection started successfully
2014/02/24 11:33:17 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49284, Process: firefox.exe)
2014/02/24 11:33:17 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49288, Process: firefox.exe)
2014/02/24 11:33:17 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49315, Process: firefox.exe)
2014/02/24 11:33:17 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49316, Process: firefox.exe)
2014/02/24 11:33:17 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49317, Process: firefox.exe)
2014/02/24 11:33:17 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49318, Process: firefox.exe)
2014/02/24 11:42:45 -0500 BETH (null) MESSAGE Starting protection
2014/02/24 11:42:45 -0500 BETH (null) MESSAGE Protection started successfully
2014/02/24 11:42:45 -0500 BETH (null) MESSAGE Starting IP protection
2014/02/24 11:42:46 -0500 BETH (null) MESSAGE IP Protection started successfully
2014/02/24 11:55:06 -0500 BETH Beth MESSAGE Executing scheduled update: Daily
2014/02/24 11:55:07 -0500 BETH Beth ERROR Scheduled update failed: No address found failed with error code 0
2014/02/24 12:13:56 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49243, Process: chrome.exe)
2014/02/24 12:13:56 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49244, Process: chrome.exe)
2014/02/24 12:14:12 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49265, Process: chrome.exe)
2014/02/24 12:14:13 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49266, Process: chrome.exe)
2014/02/24 12:14:13 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49267, Process: chrome.exe)
2014/02/24 12:14:13 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49268, Process: chrome.exe)
2014/02/24 12:14:13 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49294, Process: chrome.exe)
2014/02/24 12:14:13 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49295, Process: chrome.exe)
2014/02/24 13:25:28 -0500 BETH (null) MESSAGE Starting protection
2014/02/24 13:25:28 -0500 BETH (null) MESSAGE Protection started successfully
2014/02/24 13:25:28 -0500 BETH (null) MESSAGE Starting IP protection
2014/02/24 13:25:30 -0500 BETH (null) MESSAGE IP Protection started successfully
2014/02/24 13:28:01 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49237, Process: firefox.exe)
2014/02/24 13:28:01 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49241, Process: firefox.exe)
2014/02/24 13:32:58 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49314, Process: firefox.exe)
2014/02/24 13:32:58 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49316, Process: firefox.exe)
2014/02/24 13:32:58 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49319, Process: firefox.exe)
2014/02/24 13:32:58 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49320, Process: firefox.exe)
2014/02/24 13:32:58 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49336, Process: firefox.exe)
2014/02/24 13:32:58 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49337, Process: firefox.exe)
2014/02/24 13:32:58 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49338, Process: firefox.exe)
2014/02/24 13:32:59 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49339, Process: firefox.exe)
2014/02/24 13:39:57 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49358, Process: firefox.exe)
2014/02/24 13:39:57 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49359, Process: firefox.exe)
2014/02/24 13:39:57 -0500 BETH Beth IP-BLOCK 162.210.192.22 (Type: outgoing, Port: 49435, Process: firefox.exe)
2014/02/24 13:39:57 -0500 BETH Beth IP-BLOCK 162.210.192.26 (Type: outgoing, Port: 49436, Process: firefox.exe)