Jump to content

Persistent 'blocked connection attempt' warnings.


Recommended Posts

Windows 8/64, Dell Inspiron N15, AVG 2014, MWB Pro.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16688  BrowserJavaVersion: 10.40.2
Run by LyndaBarry at 15:30:49 on 2013-09-15
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.3965.2032 [GMT -10:00]
.
AV: AVG Internet Security 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\dwm.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Prey\platform\windows\cronsvc.exe
c:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files\pia_manager\pia_manager.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskeng.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Brother\BPRSP\resources\BrSupSsp.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Users\LyndaBarry\AppData\Local\Apps\2.0\47NMW19A.8OX\0T5DDXY8.AC5\dell..tion_0f612f649c4a10af_0005.0001_240bd831ade3aeac\DellSystemDetect.exe
C:\Users\LYNDAB~1\AppData\Local\Temp\ocrE8C9.tmp\bin\rubyw.exe
C:\Program Files\pia_manager\pia_manager.exe
C:\Users\LYNDAB~1\AppData\Local\Temp\ocr15B1.tmp\bin\rubyw.exe
C:\Program Files\pia_manager\pia_tray\pia_tray.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [DellSystemDetect] C:\Users\LyndaBarry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mExplorerRun: [btvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\BROTHE~1.LNK - C:\Windows\Installer\{8040527F-DD74-4B45-8A06-C4BF145B6C76}\BrSupSsp.exe_44686FC076524EF5975EF92EE48E2958.exe
mPolicies-System: DisableCAD = dword:1
mPolicies-System: HideFastUserSwitching = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
Trusted Zone: dell.com
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{0A25D81A-90E9-4200-AD59-917D464AF8B8} : DHCPNameServer = 8.8.8.8 8.8.4.4
TCP: Interfaces\{546E94E4-2B77-4292-9D70-8B15C4989825} : DHCPNameServer = 192.168.1.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX4 
x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [btPreLoad] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe"
x64-ExplorerRun: [btvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
x64-mPolicies-System: DisableCAD = dword:1
x64-mPolicies-System: HideFastUserSwitching = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\LyndaBarry\AppData\Roaming\Mozilla\Firefox\Profiles\gvhebwbf.default\
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\Drivers\avgidsha.sys [2013-8-22 192824]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\Drivers\avgloga.sys [2013-8-22 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\Drivers\avgmfx64.sys [2013-8-20 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\Drivers\avgrkx64.sys [2013-8-1 31544]
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2013-6-25 652344]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\Drivers\avgdiska.sys [2013-8-1 147768]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\Drivers\avgfwd6a.sys [2012-9-4 50296]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\Drivers\avgidsdrivera.sys [2013-8-22 241464]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\Drivers\avgldx64.sys [2013-8-22 212280]
R1 Avgwfpa;AVG Firewall Driver;C:\Windows\System32\Drivers\avgwfpa.sys [2013-7-23 252728]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2013-6-25 92536]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2013-6-25 98208]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2012-12-28 226944]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2013-8-26 1358432]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-8-27 3534896]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-8-20 300640]
R2 CronService;Cron Service for Prey;C:\Prey\platform\windows\cronsvc.exe [2013-5-8 23552]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-6-25 14904]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-6-25 165760]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-10 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-10 701512]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-9-10 1901752]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-6-25 201872]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2013-6-25 1914728]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-6-25 364416]
R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [2013-6-25 81536]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2012-12-28 89320]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2013-9-13 266240]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2012-12-28 345832]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2012-12-28 115432]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2012-12-28 33944]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2012-12-28 179432]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2012-12-28 77464]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2012-12-28 136424]
R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2012-12-28 578792]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2013-6-25 342528]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-9-10 25928]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\Drivers\RtsUVStor.sys [2013-6-25 315536]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-6-25 683664]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2013-6-25 32136]
R3 WSDScan;WSD Scan Support;C:\Windows\System32\Drivers\WSDScan.sys [2013-6-25 23552]
S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\Windows\System32\Drivers\avgboota.sys [2012-10-25 20912]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-8-7 199176]
S2 DellUpdate;Dell Update Service;C:\Program Files (x86)\Dell Update\DellUpService.exe [2013-4-30 125440]
S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2013-6-25 28040]
.
=============== File Associations ===============
.
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2013-09-15 23:01:08 -------- d-----w- C:\Users\LyndaBarry\AppData\Roaming\Wise Disk Cleaner
2013-09-15 22:54:52 -------- d-----w- C:\Users\LyndaBarry\AppData\Roaming\Wise Registry Cleaner
2013-09-15 22:51:42 -------- d-----w- C:\Program Files (x86)\Wise
2013-09-15 21:14:08 -------- d-----w- C:\ProgramData\Kaspersky Lab
2013-09-14 20:24:47 -------- d-----w- C:\Users\LyndaBarry\.phet
2013-09-14 20:21:44 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-09-14 20:19:33 -------- d-----w- C:\ProgramData\Oracle
2013-09-14 20:08:14 973736 ----a-w- C:\Windows\System32\deployJava1.dll
2013-09-14 20:08:12 1095080 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-09-14 20:07:54 108968 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-09-14 03:26:38 -------- d-----w- C:\Prey
2013-09-14 02:03:03 790440 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-09-14 02:03:02 868264 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-09-14 01:56:44 -------- d-----w- C:\Users\LyndaBarry\AppData\Roaming\ControlCenter4
2013-09-14 00:43:58 -------- d-----w- C:\Program Files (x86)\ControlCenter4
2013-09-14 00:43:48 290304 ------w- C:\Windows\System32\BrfxDA5c.dll
2013-09-14 00:36:13 45056 ----a-w- C:\Windows\SysWow64\BRTCPCON.DLL
2013-09-14 00:36:12 77824 ----a-w- C:\Windows\SysWow64\BRLMW03A.DLL
2013-09-14 00:36:12 50176 ----a-w- C:\Windows\SysWow64\BRPRTINK.DLL
2013-09-14 00:36:12 25299 ----a-w- C:\Windows\SysWow64\BRLM03A.DLL
2013-09-14 00:36:12 103792 ----a-w- C:\Windows\SysWow64\BRRBI110.EXE
2013-09-14 00:24:04 -------- d-----w- C:\ProgramData\Brother
2013-09-14 00:05:49 -------- d-----r- C:\Users\LyndaBarry\Google Drive
2013-09-13 07:24:31 -------- d-----w- C:\Program Files (x86)\Karnaugh Map Minimizer
2013-09-13 06:11:01 -------- d-----w- C:\ProgramData\Package Cache
2013-09-13 03:13:40 -------- d-----w- C:\Users\LyndaBarry\AppData\Roaming\AVG
2013-09-13 03:11:43 -------- d-----w- C:\ProgramData\AVG
2013-09-13 03:11:33 -------- d-sh--w- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-09-12 15:33:11 -------- d-----w- C:\Users\LyndaBarry\AppData\Roaming\Trillian
2013-09-12 07:28:44 -------- d-----w- C:\Windows\System32\MRT
2013-09-12 07:26:01 1933312 ----a-w- C:\Windows\System32\wbem\cimwin32.dll
2013-09-12 07:26:00 1627648 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-09-12 07:23:55 13644288 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll
2013-09-12 07:22:18 888320 ----a-w- C:\Windows\System32\autochk.exe
2013-09-12 07:22:18 793088 ----a-w- C:\Windows\SysWow64\autochk.exe
2013-09-12 07:22:18 542208 ----a-w- C:\Windows\System32\untfs.dll
2013-09-12 07:22:18 482816 ----a-w- C:\Windows\SysWow64\untfs.dll
2013-09-12 06:45:39 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\Apple Computer
2013-09-12 06:45:37 -------- d-----w- C:\Users\LyndaBarry\AppData\Roaming\Titanium
2013-09-12 06:44:47 31232 ----a-w- C:\Windows\System32\drivers\tap0901.sys
2013-09-12 06:44:45 -------- d-----w- C:\Program Files\pia_manager
2013-09-12 06:25:05 -------- d-----w- C:\Program Files (x86)\VideoLAN
2013-09-12 03:57:11 -------- d-----w- C:\Users\LyndaBarry\Cisco Packet Tracer 6.0.1
2013-09-12 03:30:55 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\Macromedia
2013-09-12 03:19:03 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\Adobe
2013-09-11 18:00:05 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2013-09-11 16:18:01 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\ElevatedDiagnostics
2013-09-11 16:17:42 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\Diagnostics
2013-09-11 08:17:28 -------- d-----w- C:\ProgramData\PC-Doctor for Windows
2013-09-11 08:16:55 -------- d-----w- C:\Program Files\My Dell
2013-09-11 08:05:11 -------- d-----w- C:\Users\LyndaBarry\AppData\Roaming\PCDr
2013-09-11 07:43:21 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery
2013-09-11 07:38:29 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\softthinks
2013-09-11 06:52:58 688640 ----a-w- C:\Windows\System32\WSShared.dll
2013-09-11 06:51:04 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-09-11 06:51:03 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-09-11 06:51:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-09-11 06:51:01 236032 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2013-09-11 06:51:01 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-09-11 06:41:35 1606112 ----a-w- C:\Program Files\Windows Defender\MpSvc.dll
2013-09-11 06:37:10 -------- d-----w- C:\Users\LyndaBarry\AppData\Roaming\AVG2014
2013-09-11 06:36:16 -------- d-----w- C:\Users\LyndaBarry\AppData\Roaming\TuneUp Software
2013-09-11 06:35:06 -------- d--h--w- C:\$AVG
2013-09-11 06:35:06 -------- d-----w- C:\ProgramData\AVG2014
2013-09-11 06:34:10 1314816 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-09-11 06:34:09 694272 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-09-11 06:34:05 1838080 ----a-w- C:\Windows\System32\DWrite.dll
2013-09-11 06:34:05 1421312 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-09-11 06:33:46 -------- d-----w- C:\Program Files (x86)\AVG
2013-09-11 06:31:49 2842112 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-09-11 06:31:48 2620928 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-09-11 06:31:26 141312 ----a-w- C:\Windows\System32\cryptnet.dll
2013-09-11 06:31:26 1255936 ----a-w- C:\Windows\System32\certutil.exe
2013-09-11 06:31:26 1013248 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-09-11 06:31:25 109056 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-09-11 06:31:07 411880 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-09-11 06:31:07 2233168 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-11 06:31:05 595968 ----a-w- C:\Windows\System32\qedit.dll
2013-09-11 06:31:05 496640 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-09-11 06:31:00 1889280 ----a-w- C:\Windows\System32\crypt32.dll
2013-09-11 06:31:00 1568256 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-09-11 06:30:59 87040 ----a-w- C:\Windows\SysWow64\apprepapi.dll
2013-09-11 06:30:59 68096 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-09-11 06:30:59 337408 ----a-w- C:\Windows\System32\wintrust.dll
2013-09-11 06:30:59 261120 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-09-11 06:30:59 124416 ----a-w- C:\Windows\System32\apprepapi.dll
2013-09-11 06:30:58 98304 ----a-w- C:\Windows\System32\apprepsync.dll
2013-09-11 06:30:58 74240 ----a-w- C:\Windows\SysWow64\apprepsync.dll
2013-09-11 06:30:56 -------- d--h--w- C:\ProgramData\Common Files
2013-09-11 06:30:56 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\MFAData
2013-09-11 06:30:56 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\Avg2014
2013-09-11 06:30:56 -------- d-----w- C:\ProgramData\MFAData
2013-09-11 06:30:03 733184 ----a-w- C:\Windows\System32\win32spl.dll
2013-09-11 06:29:39 861184 ----a-w- C:\Windows\System32\drivers\http.sys
2013-09-11 06:29:07 70144 ----a-w- C:\Windows\System32\appinfo.dll
2013-09-11 06:29:07 112872 ----a-w- C:\Windows\System32\consent.exe
2013-09-11 06:28:20 26624 ----a-w- C:\Windows\System32\ReAgentc.exe
2013-09-11 06:28:20 24064 ----a-w- C:\Windows\SysWow64\ReAgentc.exe
2013-09-11 06:28:15 2382336 ----a-w- C:\Windows\SysWow64\esent.dll
2013-09-11 06:28:14 2851840 ----a-w- C:\Windows\System32\esent.dll
2013-09-11 06:27:53 4038144 ----a-w- C:\Windows\System32\win32k.sys
2013-09-11 06:27:36 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-09-11 06:27:35 25088 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-09-11 06:27:17 135680 ----a-w- C:\Windows\System32\appserverai.dll
2013-09-11 06:27:17 126976 ----a-w- C:\Windows\System32\RDWebAI.dll
2013-09-11 06:27:17 122880 ----a-w- C:\Windows\System32\VmHostAI.dll
2013-09-11 06:27:13 148480 ----a-w- C:\Windows\System32\poqexec.exe
2013-09-11 06:27:13 132608 ----a-w- C:\Windows\SysWow64\poqexec.exe
2013-09-11 06:25:57 -------- d-----w- C:\Users\LyndaBarry\AppData\Roaming\Malwarebytes
2013-09-11 06:25:41 -------- d-----w- C:\ProgramData\Malwarebytes
2013-09-11 06:25:36 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-09-11 06:25:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-11 03:22:05 -------- d-----w- C:\Program Files (x86)\Cisco Packet Tracer 6.0.1
2013-09-11 03:21:41 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\Programs
2013-09-11 02:52:10 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive
2013-09-11 02:52:10 -------- d-----r- C:\Users\LyndaBarry\SkyDrive
2013-09-11 02:51:57 -------- d-----w- C:\ProgramData\Microsoft SkyDrive
2013-09-11 02:44:58 564432 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2013-09-11 02:42:01 -------- d-----w- C:\Program Files\Microsoft Office 15
2013-09-11 02:19:11 -------- d-----w- C:\Users\LyndaBarry\AppData\Roaming\Opera Software
2013-09-11 02:19:11 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\Opera Software
2013-09-11 01:42:11 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\Google
2013-09-11 01:41:57 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\Deployment
2013-09-11 01:41:57 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\Apps
2013-09-11 01:34:44 -------- d-----w- C:\Users\LyndaBarry\AppData\Roaming\Intel Corporation
2013-09-11 01:33:53 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\BMExplorer
2013-09-11 01:33:42 -------- d-----w- C:\ProgramData\Atheros
2013-09-11 01:33:37 -------- d-----w- C:\Users\LyndaBarry\AppData\Roaming\Atheros
2013-09-11 01:33:10 -------- d-----r- C:\Users\LyndaBarry\Searches
2013-09-11 01:33:10 -------- d-----r- C:\Users\LyndaBarry\Contacts
2013-09-11 01:32:31 -------- d-----w- C:\Users\LyndaBarry\AppData\Local\Power2Go8
2013-08-23 04:25:44 212280 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-08-23 04:08:14 294712 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-08-23 03:55:04 241464 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-08-23 03:54:54 192824 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-08-21 03:53:58 123704 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
.
==================== Find3M  ====================
.
2013-09-05 20:09:17 78296 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-05 20:09:17 694232 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-08-21 04:12:06 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-21 04:11:59 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2013-08-21 04:11:59 53760 ----a-w- C:\Windows\System32\UXInit.dll
2013-08-21 04:11:04 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-08-21 04:11:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-08-21 02:06:06 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2013-08-21 02:05:25 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-08-21 02:05:25 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-08-21 01:43:54 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-08-20 23:52:56 534528 ----a-w- C:\Windows\SysWow64\uxtheme.dll
2013-08-16 05:41:13 58200 ----a-w- C:\Windows\System32\drivers\dam.sys
2013-08-16 05:39:26 2371728 ----a-w- C:\Windows\System32\WSService.dll
2013-08-16 05:32:48 209200 ----a-w- C:\Windows\System32\NotificationUI.exe
2013-08-16 05:22:22 40448 ----a-w- C:\Windows\System32\wuapp.exe
2013-08-16 05:22:11 4917760 ----a-w- C:\Windows\System32\sppsvc.exe
2013-08-16 05:20:30 105984 ----a-w- C:\Windows\System32\WinSetupUI.dll
2013-08-15 22:43:21 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2013-08-15 22:43:07 84992 ----a-w- C:\Windows\SysWow64\wudriver.dll
2013-08-15 22:43:07 126976 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2013-08-15 22:43:03 562688 ----a-w- C:\Windows\SysWow64\WSShared.dll
2013-08-15 22:43:03 159232 ----a-w- C:\Windows\SysWow64\WSSync.dll
2013-08-15 22:43:02 83968 ----a-w- C:\Windows\SysWow64\OEMLicense.dll
2013-08-15 22:43:02 167424 ----a-w- C:\Windows\SysWow64\WSClient.dll
2013-08-15 22:43:02 143872 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
2013-08-15 22:43:02 124928 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-08-15 22:42:52 76800 ----a-w- C:\Windows\SysWow64\setupcln.dll
2013-08-15 22:42:47 91648 ----a-w- C:\Windows\SysWow64\sppc.dll
2013-08-07 05:15:02 144896 ----a-w- C:\Windows\System32\tssdisai.dll
2013-08-01 21:06:28 147768 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
2013-08-01 21:04:56 31544 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-07-24 05:34:52 252728 ----a-w- C:\Windows\System32\drivers\avgwfpa.sys
2013-07-09 08:04:07 120144 ----a-w- C:\Windows\System32\drivers\msgpioclx.sys
2013-07-09 06:18:21 439488 ----a-w- C:\Windows\System32\WerFault.exe
2013-07-09 04:25:45 385768 ----a-w- C:\Windows\SysWow64\WerFault.exe
2013-07-09 03:57:19 245760 ----a-w- C:\Windows\SysWow64\LocationApi.dll
2013-07-08 22:46:00 543744 ----a-w- C:\Windows\System32\wwanmm.dll
2013-07-08 22:46:00 414208 ----a-w- C:\Windows\System32\wwanconn.dll
2013-07-08 22:46:00 370688 ----a-w- C:\Windows\System32\Wwanadvui.dll
2013-07-08 22:45:16 312832 ----a-w- C:\Windows\System32\LocationApi.dll
2013-07-06 00:16:17 1025024 ----a-w- C:\Windows\System32\localspl.dll
2013-07-03 00:23:43 391168 ----a-w- C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-07-03 00:23:12 778752 ----a-w- C:\Windows\System32\oleaut32.dll
2013-07-03 00:22:26 1300480 ----a-w- C:\Windows\System32\gdi32.dll
2013-07-03 00:11:23 268800 ----a-w- C:\Windows\SysWow64\Windows.Networking.BackgroundTransfer.dll
2013-07-03 00:11:02 551424 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2013-07-02 00:44:14 36288 ----a-w- C:\Windows\System32\drivers\WdBoot.sys
2013-07-01 22:08:49 247216 ----a-w- C:\Windows\System32\drivers\WdFilter.sys
2013-06-30 22:30:14 67072 ----a-w- C:\Windows\SysWow64\openfiles.exe
2013-06-30 22:29:22 77312 ----a-w- C:\Windows\System32\openfiles.exe
2013-06-29 06:15:54 195416 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2013-06-29 06:15:47 125784 ----a-w- C:\Windows\System32\drivers\dumpsd.sys
2013-06-29 05:43:16 327512 ----a-w- C:\Windows\System32\drivers\Classpnp.sys
2013-06-29 01:12:01 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-06-26 03:01:38 321536 ----a-w- C:\Windows\System32\drivers\udfs.sys
2013-06-25 19:24:58 8552448 ----a-w- C:\Windows\SysWow64\glcndFilter.dll
2013-06-25 19:23:53 955904 ----a-w- C:\Windows\System32\WebcamUi.dll
2013-06-25 19:22:59 49152 ----a-w- C:\Windows\System32\drivers\UMDF\HidBthLE.dll
2013-06-25 19:21:01 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2013-06-25 19:21:01 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2013-06-25 19:21:01 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2013-06-24 22:54:52 447488 ----a-w- C:\Windows\System32\wwansvc.dll
2013-06-24 22:54:45 74240 ----a-w- C:\Windows\System32\wcmcsp.dll
2013-06-24 22:54:45 263680 ----a-w- C:\Windows\System32\wcmsvc.dll
2013-06-19 05:36:21 183808 ----a-w- C:\Windows\System32\winmmbase.dll
2013-06-19 05:36:21 115712 ----a-w- C:\Windows\System32\winmm.dll
2013-06-18 22:38:00 160256 ----a-w- C:\Windows\SysWow64\winmmbase.dll
2013-06-18 22:38:00 125440 ----a-w- C:\Windows\SysWow64\winmm.dll
.
============= FINISH: 15:31:39.90 ===============
 

attach.zip

dds.txt

mbam-log-2013-09-15 (15-18-45).txt

ARK.txt

Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe



When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.

Link to post
Share on other sites
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.