ATrout

Ran SecurityCheck; Toshiba with it's "Pc health monitor" says that an illegal operation attempted to delete a registry key. My computer seems to be running fine; maybe this is the case: http://forums.malwarebytes.org/index.php?showtopic=47812 Could it be similar to this? When I open the program (It's a multiplayer game), it lists all the servers available. It may just have shown one that malwarebytes classified as "malicious." LOG: Results of screen317's Security Check version 0.99.57 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 Java 6 Update 25 Java version out of Date! Google Chrome 24.0.1312.56 Google Chrome 24.0.1312.57 ````````Process Check: objlist.exe by Laurent```````` Norton ccSvcHst.exe Andrew Desktop Antvirus Software adwcleaner.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 3% ````````````````````End of Log``````````````````````

Scanned after deleting the folders, and emptying the recycle bin. Log: AdwCleanerR5.txt

I've never used it, or installed it. (Unless minecraft uses it.)

http://en.wikipedia.org/wiki/FLTK Seems like this may be a component of minecraft, or some other program? (A malicious program could of used it, though...)

No...not really. I don't know what they are.

Thanks! I ran the search. Log: AdwCleanerR3.txt

Just did ANOTHER scan with RogueKiller; here's the report (found things. ) RKreport5_S_02042013_02d1923.txt

Combofix has completed running. I also ran roguekiller again, and it found 5 items... also attached this as a 2nd log. log.txt RKreport1_S_02032013_02d2008.txt

I ran both programs; I don't think anything came up... (2 attatchments) My firewall is fine, so is windows update. mbar-log-2013-02-03 (11-19-48).txt system-log.txt

Sorry; didn't see that part about the code. I will post them in text from now on. I started hl2.exe again (TF2), and got this IP blocked: 68.71.51.11 Still there, I guess...

My Malwarebytes full scan has completed: Malwarebytes Anti-Malware (Trial) 1.70.0.1100 www.malwarebytes.org Database version: v2013.02.01.11 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Andrew :: QUANTUM [administrator] Protection: Enabled 2/1/2013 7:18:29 PM mbam-log-2013-02-01 (19-18-29).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 394125 Time elapsed: 14 hour(s), 23 minute(s), 32 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) I am now running RogueKiller. (RogueKiller finished, found 2 things in the registry.) Here's the report: RogueKiller V8.4.4 _x64_ [Feb 1 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Andrew [Admin rights] Mode : Remove -- Date : 02/02/2013 09:44:45 | ARK || MBR |¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK] HKLM\[...]\Services\Microsoft\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\Services\Microsoft\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤¤¤¤ HOSTS File: ¤¤¤ --> C:\windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK6475GSX +++++ --- User --- [MBR] 72b47c3daff4ebab3cd639ac66d9b1c6 [BSP] 373f5cce8dd4acee173f4b43dcc872a3 : Windows Vista MBR Code Partition table: 0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 594944 Mo 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1221519360 | Size: 14035 Mo User = LL1 ... OK! User = LL2 ... OK!Finished : << RKreport[2]_D_02022013_02d0944.txt >> RKreport[1]_S_02022013_02d0943.txt ; RKreport[2]_D_02022013_02d0944.txt

I have obtained the 2 logs... DDS: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16421 Run by Andrew at 9:31:43 on 2013-02-02 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4056.564 [GMT -5:00] . AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\system32\atiesrxx.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\atieclxx.exe C:\windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Windows\System32\GFNEXSrv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Program Files (x86)\Norton Anti-Theft\Engine\1.6.0.17\ccSvcHst.exe C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\windows\system32\TODDSrv.exe C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe C:\Program Files\RealVNC\VNC Server\vncserver.exe C:\Program Files\RealVNC\VNC Server\vncserver.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\wbem\unsecapp.exe C:\windows\system32\taskhost.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe C:\Program Files (x86)\Norton Anti-Theft\Engine\1.6.0.17\ccSvcHst.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Toshiba\Power Saver\TPwrMain.exe C:\Program Files\Toshiba\FlashCards\TCrdMain.exe C:\Program Files\Toshiba\TECO\Teco.exe C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\RealVNC\VNC Server\vncserver.exe C:\windows\system32\SearchIndexer.exe C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistPinger.exe C:\windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\windows\system32\NOTEPAD.EXE C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\PC Booster\PCBooster.exe C:\Program Files (x86)\Steam\GameOverlayUI.exe C:\windows\System32\spoolsv.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\system32\taskmgr.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\windows\system32\wuauclt.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Common Files\Steam\SteamService.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe c:\program files (x86)\steam\steamapps\blcitrus\team fortress 2\hl2.exe C:\Program Files (x86)\Steam\GameOverlayUI.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\windows\system32\taskeng.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Update\Install\{3E03BFCA-B20E-4248-BCCC-66C31AD29534}\24.0.1312.57_24.0.1312.56_chrome_updater.exe C:\windows\TEMP\CR_BD47E.tmp\setup.exe C:\Program Files\AVAST Software\Avast\setup\avast.setup C:\windows\System32\svchost.exe -k WerSvcGroup C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = about:blank uDefault_Page_URL = hxxp://start.toshiba.com uProxyOverride = <local>;*.local mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED mRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun mRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{94084EFC-E01E-4379-95BA-48527CA3825B} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{94084EFC-E01E-4379-95BA-48527CA3825B}\07 : DHCPNameServer = 10.0.2.1 TCP: Interfaces\{94084EFC-E01E-4379-95BA-48527CA3825B}\4456477796C6562764C4 : DHCPNameServer = 192.168.15.1 TCP: Interfaces\{94084EFC-E01E-4379-95BA-48527CA3825B}\4656661657C647 : DHCPNameServer = 192.168.0.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\Toshiba\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe x64-Run: [SRS Premium Sound HD] "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe" /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe x64-Run: [TOSHIBA Face Recognition] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ============= SERVICES / DRIVERS =============== . R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2012-9-24 984144] R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2012-9-24 370288] R1 ccSet_NAT;Norton Anti-Theft Settings Manager;C:\windows\System32\drivers\NATx64\0106000.011\ccSetx64.sys [2012-10-11 168096] R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2012-9-24 25232] R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2012-9-24 71600] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\windows\System32\drivers\AtihdW76.sys [2012-7-19 93712] . =============== Created Last 30 ================ . 2013-01-20 19:39:20 -------- d-----w- C:\Users\Andrew\AppData\Roaming\Malwarebytes 2013-01-20 19:39:08 -------- d-----w- C:\ProgramData\Malwarebytes 2013-01-20 19:39:06 24176 ----a-w- C:\windows\System32\drivers\mbam.sys 2013-01-20 19:39:06 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-01-20 00:48:35 -------- d-----w- C:\Users\Andrew\AppData\Roaming\fltk.org 2013-01-20 00:48:34 -------- d-----w- C:\ProgramData\fltk.org 2013-01-17 15:17:53 230400 ----a-w- C:\windows\System32\Spool\prtprocs\x64\hpzppw71.dll 2013-01-16 02:48:16 -------- d-----w- C:\Users\Andrew\AppData\Local\Razer 2013-01-09 01:11:12 -------- d-----w- C:\Users\Andrew\AppData\Local\fontconfig 2013-01-09 01:11:10 -------- d-----w- C:\Users\Andrew\AppData\Local\gegl-0.2 2013-01-09 01:11:10 -------- d-----w- C:\Users\Andrew\.gimp-2.8 2013-01-09 01:10:33 -------- d-----w- C:\Program Files (x86)\VTFEdit 2013-01-09 01:06:46 -------- d-----w- C:\Program Files\Nem's Tools 2013-01-09 00:58:05 -------- d-----w- C:\Program Files\GIMP 2 . ==================== Find3M ==================== . 2013-01-09 00:21:56 74248 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-01-09 00:21:56 697864 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe . ============= FINISH: 9:34:00.72 =============== Attatch: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 8/22/2012 2:38:31 PM System Uptime: 2/1/2013 12:01:28 PM (21 hours ago) . Motherboard: Type2 - Board Vendor Name1 | | Type2 - Board Product Name1 Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz | U3E1 | 2501/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 581 GiB total, 465.248 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP15: 1/14/2013 6:20:11 PM - Scheduled Checkpoint RP16: 2/1/2013 6:26:56 PM - Scheduled Checkpoint . ==== Installed Programs ====================== . Adobe AIR Adobe Flash Player 11 ActiveX Adobe Reader X MUI Amazon Links AMD APP SDK Runtime AMD Catalyst Install Manager Amnesia: The Dark Descent Apple Application Support Apple Mobile Device Support Apple Software Update AssaultCube v1.1.0.4 Audacity 2.0.2 avast! Free Antivirus Beeper Bejeweled 3 Blender Bonjour Catalyst Control Center Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish D3DX10 Debut Video Capture Software FATE FirstTry Fraps Game Cam 2.6.1.0 Garry's Mod GIMP 2.8.2 Google Chrome Google Update Helper Half-Life Dedicated Server Update Tool Intel(R) Manageability Engine Firmware Recovery Agent Intel(R) Management Engine Components Intel(R) Rapid Storage Technology Intel(R) USB 3.0 eXtensible Host Controller Driver Intel® Trusted Connect Service Client iTunes Java Auto Updater Java(TM) 6 Update 25 Junk Mail filter update LAME v3.99.3 (for Windows) Left 4 Dead 2 Letters from Nowhere 2 Malwarebytes Anti-Malware version 1.70.0.1100 Mesh Runtime Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft Help Viewer 1.0 Microsoft Office 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 (64-bit) Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server Compact 3.5 SP2 x64 ENU Microsoft SQL Server System CLR Types Microsoft SQL Server VSS Writer Microsoft Visual Basic 2010 Express - ENU Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU MSVCRT MSVCRT Redists MSVCRT_amd64 No-IP DUC Norton Anti-Theft Norton PC Checkup OpenAL PC Booster 1.1.5.6 Penguins! Plants vs. Zombies - Game of the Year PlayReady PC Runtime amd64 PlayReady PC Runtime x86 Polar Bowler Portal Premium Sound HD Razer Game Booster Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Realtek WLAN Driver Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) Skype™ 6.0 Sql Server Customer Experience Improvement Program Steam Synaptics Pointing Device Driver Team Fortress 2 TF2 Items Editor Toshiba App Place TOSHIBA Application Installer TOSHIBA Assist Toshiba Book Place TOSHIBA Bulletin Board TOSHIBA Disc Creator TOSHIBA eco Utility TOSHIBA Face Recognition TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Laptop Checkup TOSHIBA Media Controller TOSHIBA Media Controller Plug-in Toshiba Online Backup TOSHIBA PC Health Monitor TOSHIBA Quality Application TOSHIBA Recovery Media Creator TOSHIBA ReelTime TOSHIBA Resolution+ Plug-in for Windows Media Player Toshiba Security Dashboard TOSHIBA Service Station TOSHIBA Sleep Utility TOSHIBA Supervisor Password TOSHIBA User's Guide TOSHIBA Value Added Package TOSHIBA Web Camera Application TOSHIBARegistration Update Installer for WildTangent Games App Vegas Movie Studio HD 11.0 Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU VNC Mirror Driver 1.8.0 VNC Printer Driver 1.8.0 VNC Server 5.0.3 VTFEdit 1.2.5 VTFEdit 1.3.3 WildTangent Games WildTangent Games App (Toshiba Games) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 4.20 (32-bit) . ==== Event Viewer Messages From Past Week ======== . 1/31/2013 7:17:20 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR4. 1/31/2013 7:08:08 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR3. 1/30/2013 6:39:57 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR2. 1/29/2013 5:41:37 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer HP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{94084EFC-E01E-4379-95BA-48527CA3825B}. The master browser is stopping or an election is being forced. 1/29/2013 5:41:34 PM, Error: NetBT [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state. 1/29/2013 5:40:44 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.2 with the system having network hardware address 8C-A9-82-9F-5F-28. Network operations on this system may be disrupted as a result. . ==== End Of File ===========================[/b] [b]

Hello; I have had malwarebytes AND avast block repeated attempts to connect to a malicious IP. Funnily enough, avast detected that something in it's code was attempting to do the same. I'm wondering if I'm infected, but I don't know for sure. I also play some games from Steam, which run on the source engine. Most of these processes go by the alias "hl2.exe" MBAM also detected this program trying to access malicious IP addresses, which it successfully blocked. I'm too worried to open the game back up, (It's multiplayer, and has a server list,) unless something gets through. I can post screenshots if needed; Assistance would be appreciated!