IP-Block log entries despite being almost certain my computer is clean

[Jakey]

Hi there,

I check my MBAM log at the end of every day, and there are usually a few IP-BLOCK entries. Typically, it is always the one below (there are rare instances of either the process being different (Firefox) or the IP being different). Also be aware that these blocks occur when I'm using Chrome - they don't happen when I'm not browsing.

IP-BLOCK 193.17.41.93 (Type: outgoing, Port: 50157, Process: chrome.exe)

- What is the likelihood that my computer is infected by a rootkit, bearing in mind that numerous scans all come back clean (MBAM, ESET, The Avenger, TDSS Killer, AVG (Anti-Rootkit), SUPERAntiSpyware and JRT)?

- Are IP-BLOCK notifications seen on computers that are guaranteed clean?

- What does "outgoing" specifically mean? Is my computer trying to connect to this malicious IP?

- If my computer is clean, why are these blocks happening? And what can I do to stop the block from even being necessary?

And finally; I have MBAM Pro - what is the recommended Update Scheduler setting?

Thank you in advance for any help!

[AdvancedSetup]

It could simply just be possibly advertising links or other scripts from a site you're visiting. Some sites can run a 100 scripts and going out talking with many other sites and bringing in data to present and one of those links might be what is causing the block.

For this specific one it appears to be from Poland and you appear to be from the UK region.

IP address: 193.17.41.93

Host name: rev-93.go2.pl

193.17.41.93 is from Poland(PL) in region Eastern Europe

If you do not run any type of browser or email program all day long and there are no blocks then I would suspect that you're not infected by any rootkit.

If you can run the following though and post back the logs we can possibly see if something else is there causing an issue.

Please run the following scanner and send back the logs.

Download DDS from one of the locations below and save to your Desktop

dds.scr

dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click dds.scr or dds.com to run the tool.

Click the Run button if prompted with an Open File - Security Warning dialog box.

A black DOS console should open and run for a moment.

When done, DDS will open two (2) logs:

1. DDS.txt
   
2. Attach.txt
   

• Save both reports to your desktop
  
• Please include the following logs in your next reply: DDS.txt and Attach.txt
  You can ignore the note about zipping the Attach.txt file in most cases.
  

[Jakey]

Thanks for the help. "A black DOS console should open and run for a moment." < This did not happen, but I have the two logs below:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16611 BrowserJavaVersion: 10.21.2

Run by Shirley at 10:30:08 on 2013-06-14

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.4044.2437 [GMT 1:00]

.

AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

C:\Program Files (x86)\AVG\AVG2013\avgfws.exe

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\Dwm.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\System32\StikyNot.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files\Apoint\ApMsgFwd.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe

C:\Program Files\Apoint\Apvfb.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Sony\VAIO Care\VCPerfService.exe

C:\Program Files\Sony\VAIO Care\listener.exe

C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

C:\Program Files\Sony\VAIO Update\VUAgent.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Sony\VAIO Care\VCsystray.exe

C:\Program Files\Sony\VAIO Care\VCService.exe

C:\Program Files\Sony\VAIO Care\VCAgent.exe

C:\Windows\System32\vds.exe

C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files\Sony\VAIO Care\Admload.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://vaioportal.sony.eu

uDefault_Page_URL = hxxp://vaioportal.sony.eu

uProxyOverride = <local>;*.local

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe

uRun: [spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

TCP: NameServer = 192.168.1.254

TCP: Interfaces\{1E0A923F-8294-4F23-AFC6-8E9138CE54CA} : NameServer = 8.26.56.26,156.154.70.22

TCP: Interfaces\{5ED31BF2-819B-4270-B247-61A62C7F275D} : DHCPNameServer = 109.249.185.224 109.249.186.32

TCP: Interfaces\{938C2FB9-C3CA-430F-ABAA-6F4A202BF0EF} : NameServer = 8.26.56.26,156.154.70.22

TCP: Interfaces\{938C2FB9-C3CA-430F-ABAA-6F4A202BF0EF} : DHCPNameServer = 192.168.1.254

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: SDWinLogon - SDWinLogon.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe

x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

.

INFO: x64-HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\i7ffkc4l.default\

FF - prefs.js: browser.startup.homepage - www.google.co.uk

FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll

FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll

FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

FF - ExtSQL: 2013-05-08 23:21; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\i7ffkc4l.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-2-8 71480]

R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-2-8 311096]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-2-8 116536]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-2-8 45880]

R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2012-9-4 50296]

R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-3-29 246072]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-2-8 206136]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2013-5-7 143088]

R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-4-29 146592]

R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-4-29 91296]

R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-4-10 1428472]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-4-18 283136]

R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2011-8-15 19968]

R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]

R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-4-29 29344]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-3-30 317440]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-5-5 25928]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2013-5-8 340072]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-3-29 425064]

R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-2 12032]

S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-5-14 4937264]

S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]

S2 BingDesktopUpdate;Bing Desktop Update service;"C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe" --> C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-4-29 36000]

S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2011-4-29 51872]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-4-29 259232]

S3 btath_avdt;Atheros Bluetooth AVDT Service;C:\Windows\System32\drivers\btath_avdt.sys [2011-4-29 109216]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-4-29 166048]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-4-29 59040]

S3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-4-29 283296]

S3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-4-29 288416]

S3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-6-10 281088]

S3 libusb0;libusb-win32 - Kernel Driver 04/08/2011 1.2.4.0;C:\Windows\System32\drivers\libusb0.sys [2011-5-17 44480]

S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2011-8-2 22528]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-5-28 19456]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-5-28 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-5-28 30208]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-2-15 52736]

S4 RsFx0105;RsFx0105 Driver;C:\Windows\System32\drivers\RsFx0105.sys [2011-9-22 311144]

.

=============== Created Last 30 ================

.

2013-06-12 10:03:02 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-06-12 10:03:01 751104 ----a-w- C:\Windows\System32\win32spl.dll

2013-06-12 10:03:01 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll

2013-06-08 11:49:34 -------- d-sh--w- C:\found.000

2013-06-05 18:55:23 -------- d-sh--w- C:\$RECYCLE.BIN

2013-06-05 17:42:29 -------- d-----w- C:\Users\Shirley\AppData\Roaming\AVG2013

2013-06-05 17:41:21 -------- d-----w- C:\Users\Shirley\AppData\Roaming\TuneUp Software

2013-06-05 17:40:13 -------- d--h--w- C:\$AVG

2013-06-05 17:40:13 -------- d-----w- C:\ProgramData\AVG2013

2013-06-05 17:34:22 -------- d-----w- C:\Users\Shirley\AppData\Local\MFAData

2013-06-05 17:34:22 -------- d-----w- C:\Users\Shirley\AppData\Local\Avg2013

2013-05-28 08:45:05 -------- d-----w- C:\ProgramData\VS

2013-05-28 08:35:08 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui

2013-05-28 08:33:00 73064 ----a-w- C:\Windows\SysWow64\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll

2013-05-28 08:32:59 109416 ----a-w- C:\Windows\System32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll

2013-05-28 08:32:59 105832 ----a-w- C:\Windows\System32\SQSRVRES.DLL

2013-05-28 07:57:53 458712 ----a-w- C:\Windows\System32\drivers\cng.sys

2013-05-28 07:57:53 340992 ----a-w- C:\Windows\System32\schannel.dll

2013-05-28 07:57:53 247808 ----a-w- C:\Windows\SysWow64\schannel.dll

2013-05-28 07:57:53 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2013-05-28 07:57:53 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2013-05-28 07:57:53 1448448 ----a-w- C:\Windows\System32\lsasrv.dll

2013-05-28 07:57:52 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2013-05-28 07:57:49 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2013-05-28 07:57:49 366592 ----a-w- C:\Windows\System32\qdvd.dll

2013-05-27 05:15:00 -------- d-----w- C:\Users\Shirley\AppData\Local\Axialis

2013-05-16 09:33:03 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2013-05-16 09:32:50 17272 ----a-w- C:\Windows\System32\sdnclean64.exe

2013-05-16 09:32:46 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2

2013-05-16 00:21:29 983400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-05-16 00:21:29 265064 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys

2013-05-16 00:21:29 144384 ----a-w- C:\Windows\System32\cdd.dll

2013-05-16 00:21:06 70144 ----a-w- C:\Windows\System32\appinfo.dll

2013-05-16 00:21:06 1930752 ----a-w- C:\Windows\System32\authui.dll

2013-05-16 00:21:06 1796096 ----a-w- C:\Windows\SysWow64\authui.dll

2013-05-16 00:21:06 111448 ----a-w- C:\Windows\System32\consent.exe

2013-05-16 00:20:59 48640 ----a-w- C:\Windows\System32\wwanprotdim.dll

2013-05-16 00:20:59 230400 ----a-w- C:\Windows\System32\wwansvc.dll

2013-05-16 00:20:57 3153920 ----a-w- C:\Windows\System32\win32k.sys

.

==================== Find3M ====================

.

2013-06-11 22:12:32 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-11 22:12:32 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-17 01:25:57 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-05-17 01:25:27 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-05-17 01:25:26 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-05-17 01:25:26 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-05-17 00:59:03 2241024 ----a-w- C:\Windows\System32\wininet.dll

2013-05-17 00:58:10 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-05-17 00:58:08 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-05-17 00:58:08 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-05-14 12:23:25 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-05-14 08:40:13 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll

2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll

2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll

2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll

2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe

2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe

2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll

2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll

2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll

2013-05-02 01:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll

2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll

2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll

2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-04-12 14:45:08 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-04-04 13:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-04-04 04:35:05 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-03-31 22:52:16 1887232 ----a-w- C:\Windows\System32\d3d11.dll

2013-03-29 01:53:48 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys

2013-03-21 02:08:24 240952 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll

2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe

2013-03-18 07:20:21 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-03-18 07:20:21 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

.

============= FINISH: 10:31:42.48 ===============

[Jakey]

Just noticed above that Spybot S&D was still enabled. I was sure I disabled it; will this have affected the scan?

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 26/12/2011 15:53:36

System Uptime: 14/06/2013 08:50:07 (2 hours ago)

.

Motherboard: Sony Corporation | | VAIO

Processor: Intel® Core i5-2430M CPU @ 2.40GHz | N/A | 2401/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 452 GiB total, 395.702 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP132: 05/06/2013 19:55:52 - ComboFix created restore point

RP133: 05/06/2013 20:15:04 - Clean

RP134: 06/06/2013 04:58:44 - Clean2

RP135: 08/06/2013 05:38:38 - Installed VAIO Update

RP136: 12/06/2013 11:29:51 - Windows Update

.

==== Installed Programs ======================

.

????? Windows Live

?????? Windows Live

??????? ????????? Windows Live Mesh ActiveX ??? ?????????? ??????????

??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ???????????

???????? ?????????? Windows Live

?????????? Windows Live

??????????? ?? Windows Live

???????????? Windows Live

ActiveX-kontroll för fjärranslutningar för Windows Live Mesh

ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ??????

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.02)

Advancing Physics AS Student Standalone Edition

Alps Pointing-device for VAIO

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft Magic-i Visual Effects 2

ArcSoft WebCam Companion 4

Atheros WiFi Driver Installation

AVG 2013

BBC iPlayer Desktop

Bing Bar

Bluetooth Win7 Suite (64)

Bonjour

Canon MP270 series MP Drivers

CCleaner

Conexant HD Audio

Contrôle ActiveX Windows Live Mesh pour connexions à distance

Control ActiveX Windows Live Mesh pentru conexiuni la distan?a

Controlo ActiveX do Windows Live Mesh para Ligações Remotas

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

ESET Online Scanner v3

FileZilla Client 3.5.3

Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych

Galeria de Fotografias do Windows Live

Galeria fotografii uslugi Windows Live

Galerie de photos Windows Live

Galerie foto Windows Live

Google Chrome

Google Update Helper

Hotfix for Microsoft Visual Basic 2010 Express - ENU (KB2635973)

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Java 7 Update 21

Java Auto Updater

Java 6 Update 22

Java 6 Update 22 (64-bit)

JavaFX 2.1.1

Junk Mail filter update

Malwarebytes Anti-Malware version 1.75.0.1300

Media Gallery

Mesh Runtime

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft Application Error Reporting

Microsoft Help Viewer 1.1

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Home and Student 2010

Microsoft Office Office 64-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 64-bit MUI (English) 2010

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Single Image 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft SQL Server 2008 (64-bit)

Microsoft SQL Server 2008 Browser

Microsoft SQL Server 2008 Common Files

Microsoft SQL Server 2008 Database Engine Services

Microsoft SQL Server 2008 Database Engine Shared

Microsoft SQL Server 2008 Native Client

Microsoft SQL Server 2008 R2 Management Objects

Microsoft SQL Server 2008 RsFx Driver

Microsoft SQL Server 2008 Setup Support Files

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server Compact 3.5 SP2 x64 ENU

Microsoft SQL Server System CLR Types

Microsoft SQL Server VSS Writer

Microsoft Visual Basic 2010 Express - ENU

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU

Microsoft Visual Studio 2010 Service Pack 1

Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

Mozilla Firefox 21.0 (x86 en-GB)

Mozilla Maintenance Service

MS Access 97 SP2

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2758694)

MSXML 4.0 SP3 Parser (KB973685)

Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení

Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia

PMB

PMB VAIO Edition Guide

PMB VAIO Edition Plug-in

Poczta uslugi Windows Live

Podstawowe programy Windows Live

Praetorians

Raccolta foto di Windows Live

RealDownloader

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealNetworks - Microsoft Visual C++ 2010 Runtime

Realtek PCIE Card Reader

RealUpgrade 1.1

Remote Keyboard

Remote Play with PlayStation 3

S?????? f?t???af??? t?? Windows Live

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit)

Shockwave

Skype™ 6.3

SmartDraw 2012

Sony Corporation

Spybot - Search & Destroy

SpywareBlaster 5.0

Sql Server Customer Experience Improvement Program

SSLx64

SSLx86

St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se??

SUPERAntiSpyware

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi

VAIO - Media Gallery

VAIO - PMB VAIO Edition Guide

VAIO - PMB VAIO Edition Plug-in

VAIO - Remote Keyboard

VAIO - Remote Play with PlayStation®3

VAIO Care

VAIO Control Center

VAIO Data Restore Tool

VAIO Easy Connect

VAIO Event Service

VAIO Gate

VAIO Gate Default

VAIO Hardware Diagnostics

VAIO Hero Screensaver - Summer 2011 Screensaver

VAIO Improvement

VAIO Improvement Validation

VAIO Manual

VAIO Quick Web Access

VAIO Sample Contents

VAIO Smart Network

VAIO Transfer Support

VAIO Update

VCCx86

VESx64

VESx86

VGClientX64

VGClientX86

Visual Studio 2008 x64 Redistributables

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU

Visual Studio 2010 x64 Redistributables

VIx64

VIx86

VSNx64

VU5x64

VU5x86

VWSTx86

Windows Live

Windows Live Communications Platform

Windows Live Essentials

Windows Live Fotótár

Windows Live Fotogalerie

Windows Live Fotogalleri

Windows Live Fotogaléria

Windows Live Fotograf Galerisi

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger

Windows Live Mesh ActiveX-objekt til fjernforbindelser

Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz

Windows Live Mesh ActiveX control for remote connections

Windows Live Meshin etäyhteyksien ActiveX-komponentti

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Temel Parçalar

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Liven asennustyökalu

Windows Liven sähköposti

Windows Liven valokuvavalikoima

WinRAR 4.11 (32-bit)

.

==== Event Viewer Messages From Past Week ========

.

14/06/2013 10:30:44, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMScheduler service.

14/06/2013 08:50:55, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: bhhhad qcshjx tiyf

14/06/2013 00:00:33, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.

10/06/2013 14:36:32, Error: Service Control Manager [7024] - The AVG Firewall service terminated with service-specific error %%-536805289.

08/06/2013 12:56:02, Error: Service Control Manager [7024] - The AVGIDSAgent service terminated with service-specific error %%-536753637.

08/06/2013 12:54:45, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Updating Service service to connect.

08/06/2013 12:54:45, Error: Service Control Manager [7000] - The Spybot-S&D 2 Updating Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

.

==== End Of File ===========================

[AdvancedSetup]

The logs don't show if you're currently infected or not but it does show that you either are or may have been at one time.

14/06/2013 08:50:55, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: bhhhad qcshjx tiyf

You can get free help with this issue by following the advice below.

I would suggest following the advice from the topic here Available Assistance for Possibly Infected Computers and having one of the Experts assist you with looking into your issue.

Thanks

[Jakey]

A few weeks ago/maybe a month, my computer was infected with the whitesmoke community toolbar, but a specialist from Computer Hope helped me with the issue, and any following scans have all come up clean.

The error you quoted above - what does it represent/mean?

And by Paying customer - you are referring to someone that has purchased the Pro version of MBAM?

[Jakey]

One last question - What is Order Number referring too? I received 3 bits of info when purchasing MBAM Pro: ID, Key and Cleverbridge reference number. I assume Order Number means the Cleverbridge reference number?

[AdvancedSetup]

Yes that is correct on both of your posts. You can use either the Help Desk or the Forum and they will help you to clean this up.