Constant outgoing requests to China on port 137

[idm]

Hello,

I have constant out going requests from my laptop to China as reported by a registered version of Malwarebytes. See below:

03:32:10 xxxx IP-BLOCK 58.218.199.227 (Type: outgoing, Port: 137)

03:32:10 xxxx IP-BLOCK 58.218.199.227 (Type: outgoing, Port: 137)

03:32:10 xxxx IP-BLOCK 58.218.199.227 (Type: outgoing, Port: 137)

05:55:35 xxxx IP-BLOCK 221.192.199.49 (Type: outgoing, Port: 137)

05:55:35 xxxx IP-BLOCK 221.192.199.49 (Type: outgoing, Port: 137)

05:55:43 xxxx IP-BLOCK 221.192.199.49 (Type: outgoing, Port: 137)

07:32:53 xxxx IP-BLOCK 58.218.199.227 (Type: outgoing, Port: 137)

07:32:53 xxxx IP-BLOCK 58.218.199.227 (Type: outgoing, Port: 137)

07:33:01 xxxx IP-BLOCK 58.218.199.227 (Type: outgoing, Port: 137)

07:40:38 xxxx IP-BLOCK 58.218.199.250 (Type: outgoing, Port: 137)

07:40:38 xxxx IP-BLOCK 58.218.199.250 (Type: outgoing, Port: 137)

07:40:38 xxxx IP-BLOCK 58.218.199.250 (Type: outgoing, Port: 137)

09:15:29 xxxx IP-BLOCK 221.192.199.49 (Type: outgoing, Port: 137)

09:15:30 xxxx IP-BLOCK 221.192.199.49 (Type: outgoing, Port: 137)

09:15:30 xxxx IP-BLOCK 221.192.199.49 (Type: outgoing, Port: 137)

09:21:38 xxxx IP-BLOCK 58.218.199.250 (Type: outgoing, Port: 137)

09:21:46 xxxx IP-BLOCK 58.218.199.250 (Type: outgoing, Port: 137)

09:21:46 xxxx IP-BLOCK 58.218.199.250 (Type: outgoing, Port: 137)

10:36:54 xxxx MESSAGE Scheduled update executed successfully

10:37:27 xxxx MESSAGE IP Protection stopped

10:37:29 xxxx MESSAGE Database updated successfully

10:37:30 xxxx MESSAGE IP Protection started successfully

10:49:46 xxxx IP-BLOCK 58.218.199.147 (Type: outgoing, Port: 137)

10:49:46 xxxx IP-BLOCK 58.218.199.147 (Type: outgoing, Port: 137)

10:49:46 xxxx IP-BLOCK 58.218.199.147 (Type: outgoing, Port: 137)

13:24:05 xxxx MESSAGE IP Protection stopped

13:24:21 xxxx MESSAGE Database updated successfully

13:24:21 xxxx MESSAGE IP Protection started successfully

14:18:18 xxxx IP-BLOCK 221.192.199.49 (Type: outgoing, Port: 137)

14:18:18 xxxx IP-BLOCK 221.192.199.49 (Type: outgoing, Port: 137)

14:18:18 xxxx IP-BLOCK 221.192.199.49 (Type: outgoing, Port: 137)

14:39:48 xxxx IP-BLOCK 58.218.199.147 (Type: outgoing, Port: 137)

14:39:48 xxxx IP-BLOCK 58.218.199.147 (Type: outgoing, Port: 137)

14:39:48 xxxx IP-BLOCK 58.218.199.147 (Type: outgoing, Port: 137)

14:54:05 xxxx MESSAGE IP Protection stopped

14:54:07 xxxx MESSAGE Database updated successfully

14:54:08 xxxx MESSAGE IP Protection started successfully

15:12:21 xxxx MESSAGE Protection started successfully

15:12:25 xxxx MESSAGE IP Protection started successfully

15:42:52 xxxx MESSAGE Protection started successfully

15:42:57 xxxx MESSAGE IP Protection started successfully

15:59:25 xxxx IP-BLOCK 221.192.199.49 (Type: outgoing, Port: 137)

15:59:25 xxxx IP-BLOCK 221.192.199.49 (Type: outgoing, Port: 137)

15:59:25 xxxx IP-BLOCK 221.192.199.49 (Type: outgoing, Port: 137)

DDS.txt:

DDS (Ver_2011-07-14.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16421

Run by Mead at 15:14:50 on 2011-07-16

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6125.3507 [GMT -4:00]

.

AV: Ad-Aware Total Security *Enabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Ad-Aware Total Security *Enabled/Updated* {EFCD2318-A544-E9EB-4022-6820AEE79F52}

FW: Ad-Aware Personal Firewall *Enabled* {6C9743D9-C911-E73D-51CD-FA672BB39294}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVK\AVKWCtlX64.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVK\AVKService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files\Windows Home Server\esClient.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe

C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe

C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe

C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe

c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

C:\Windows\SysWOW64\DllHost.exe

C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe

C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Windows Home Server\WHSConnector.exe

C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe

C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe

C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe

C:\Program Files (x86)\Garmin\gStart.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

C:\Program Files\Windows Home Server\WHSTrayApp.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVKTray\AVKTray.exe

C:\Users\Mead\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Firewall\GDFirewallTray.exe

C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Firewall\GDFwSvcx64.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\SysWOW64\RunDll32.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Program Files\Apoint\ApMsgFwd.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Apoint\Apvfb.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Sony\VAIO Care\VCPerfService.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Sony\VAIO Care\listener.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\sppsvc.exe

C:\Program Files\Sony\VAIO Power Management\SPMService.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Sony\VAIO Care\VCsystray.exe

C:\Program Files\Sony\VAIO Care\VCService.exe

C:\Program Files\Sony\VAIO Care\VCAgent.exe

C:\Windows\System32\vds.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

mWinlogon: Userinit = userinit.exe

BHO: Ad-Aware WebFilter: {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\WebFilter\AvkWebIE.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - <orphaned>

BHO: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Ad-Aware WebFilter: {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\WebFilter\AvkWebIE.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [ANT Agent] C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe

uRun: [gStart] C:\Program Files (x86)\Garmin\gStart.exe

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

mRun: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun: [G Data AntiVirus Tray Application] C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVKTray\AVKTray.exe

mRun: [GDFirewallTray] C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Firewall\GDFirewallTray.exe

mRun: [sHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe

mRun: [brMfcWnd] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE

StartupFolder: C:\Users\Mead\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Mead\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WINDOW~1.LNK - C:\Windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = 192.168.2.1 192.168.2.1

TCP: Interfaces\{0949EF99-6D8E-4FAE-AD72-412D7877F507} : DHCPNameServer = 192.168.2.1 192.168.2.1

TCP: Interfaces\{2374A6D6-AE42-4B6E-AA26-EBA3EF03E41F} : DHCPNameServer = 192.168.2.1 192.168.2.1

TCP: Interfaces\{2374A6D6-AE42-4B6E-AA26-EBA3EF03E41F}\D464840284F4D454 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{2374A6D6-AE42-4B6E-AA26-EBA3EF03E41F}\D464840284F4D45402548545 : DHCPNameServer = 192.168.0.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

x64-BHO: Ad-Aware WebFilter: {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Webfilter\AVKWebIEx64.dll

x64-BHO: BrowserHelper Class: {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Program Files\Windows Home Server\WHSDeskBands.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-TB: Ad-Aware WebFilter: {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Webfilter\AVKWebIEx64.dll

x64-TB: Home Server Banner: {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Program Files\Windows Home Server\WHSDeskBands.dll

x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3

x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe

x64-Run: [intelWirelessWiMAX] "C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe" /tasktray /nosplash

x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"

x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R?2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2010-6-7 408576]

R0 GDBehave;GDBehave;C:\Windows\System32\drivers\GDBehave.sys [2011-4-18 40392]

R1 GDMnIcpt;GDMnIcpt;C:\Windows\System32\drivers\MiniIcpt.sys [2011-4-18 85960]

R1 gdwfpcd;G DATA WFP CD;C:\Windows\System32\drivers\gdwfpcd64.sys [2011-4-18 48584]

R1 GRD;G Data Rootkit Detector Driver;C:\Windows\System32\drivers\GRD.sys [2011-4-18 106224]

R1 HookCentre;HookCentre;C:\Windows\System32\drivers\HookCentre.sys [2011-4-18 49096]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]

R2 arXfrSvc;Windows Media Center TV Archive Transfer Service;C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe [2011-1-10 231280]

R2 AVKProxy;Ad-Aware Total Security Proxy;C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2010-6-29 1081384]

R2 AVKService;Ad-Aware Scheduler;C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVK\AVKService.exe [2010-6-29 412944]

R2 AVKWCtl;Ad-Aware Filesystem Monitor;C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVK\AVKWCtlX64.exe [2010-6-23 2170224]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]

R2 esClient;Windows Media Center Client Service;C:\Program Files\Windows Home Server\esClient.exe [2011-1-10 109936]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-9-19 13336]

R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-3-1 373640]

R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2010-9-17 15928]

R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2011-4-19 72216]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-7-14 366640]

R2 Oasis2Service;Oasis2Service;C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [2011-3-14 47616]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-6-1 367456]

R2 regi;regi;C:\Windows\System32\drivers\regi.sys [2011-4-17 14112]

R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2010-9-19 94208]

R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2010-9-19 78848]

R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-6-12 259192]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-4-24 483688]

R2 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2011-4-17 575856]

R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-4-17 836608]

R2 WHSConnector;Windows Home Server Connector Service;C:\Program Files\Windows Home Server\WHSConnector.exe [2011-1-10 489840]

R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2010-6-7 911872]

R3 BackupReader;BackupReader;C:\Windows\System32\drivers\BackupReader.sys [2011-1-10 53104]

R3 bpenum;bpenum;C:\Windows\System32\drivers\bpenum.sys [2010-5-16 71168]

R3 bpusb;bpusb;C:\Windows\System32\drivers\bpusb.sys [2010-5-16 81920]

R3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-4-17 342056]

R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-4-17 39464]

R3 GDFwSvc;Ad-Aware Personal Firewall;C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\Firewall\GDFwSvcx64.exe [2010-6-15 1954472]

R3 GDPkIcpt;GDPkIcpt;C:\Windows\System32\drivers\PktIcpt.sys [2011-4-18 57288]

R3 GDScan;Ad-Aware Scanner;C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2010-6-29 624064]

R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-7-10 25912]

R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-5-31 7689216]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-4-27 83080]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-4-27 184968]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2010-9-19 86120]

R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-6-1 12032]

R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2010-4-24 721768]

R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2010-4-24 269672]

R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2010-4-24 25960]

R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2010-4-24 22376]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-4-24 209768]

R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-6-12 44736]

R3 VSBC;Virtual Serial Bus Enumerator (Eltima Software);C:\Windows\System32\drivers\evsbc.sys [2011-5-10 32768]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-17 136176]

S3 bpmp;Intel® Centrino® WiMAX 6050 Series;C:\Windows\System32\drivers\bpmp.sys [2010-5-16 175104]

S3 evserial;Virtual Serial Ports Driver (Eltima Softwate);C:\Windows\System32\drivers\evserial.sys [2011-5-10 67072]

S3 GDBackupSvc;Ad-Aware Backup Service;C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVKBackup\AVKBackupService.exe [2010-6-29 911976]

S3 GDTunerSvc;Ad-Aware Tuner Service;C:\Program Files (x86)\Lavasoft\Ad-Aware Total Security\AVKTuner\AVKTunerService.exe [2010-6-29 1234896]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-17 136176]

S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-9-19 158720]

S3 libusb0;LibUsb-Win32 - Kernel Driver 07/07/2009, 0.1.12.2;C:\Windows\System32\drivers\libusb0.sys [2009-7-7 32256]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-6-21 108400]

S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-6-18 423280]

S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-6-21 67952]

S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2010-6-7 304496]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-4-19 59392]

S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-6-9 537456]

S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-6-9 384880]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-6-9 101232]

S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2011-4-17 1250160]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-4-19 1255736]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2010-9-19 402720]

S4 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-6-17 851824]

.

=============== Created Last 30 ================

.

2011-07-16 16:39:09 1017208 ----a-w- C:\Windows\SysWow64\CLVSD.ax

2011-07-16 02:41:14 -------- d-----w- C:\Program Files (x86)\PC Tools Security

2011-07-16 02:34:49 -------- d-----w- C:\ProgramData\PC Tools

2011-07-15 23:16:49 0 ----a-w- C:\Windows\SysWow64\sho38E2.tmp

2011-07-15 23:16:07 18816 ------w- C:\Windows\SysWow64\SAVRKBootTasks.sys

2011-07-15 17:35:15 -------- d-----w- C:\Program Files (x86)\Sophos

2011-07-15 17:24:14 -------- d-----w- C:\ProgramData\{F77EE8EF-305B-4394-A018-C1A57D2D66B5}

2011-07-15 17:24:07 -------- d-----w- C:\Users\Mead\AppData\Local\PackageAware

2011-07-15 16:44:05 0 ----a-w- C:\Windows\SysWow64\sho6F55.tmp

2011-07-15 16:23:43 0 ----a-w- C:\Windows\SysWow64\shoF17D.tmp

2011-07-15 16:18:47 -------- d-----w- C:\Program Files\Common Files\CANON

2011-07-15 16:17:16 -------- d-----w- C:\Program Files\Canon

2011-07-15 16:13:45 82944 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPP9N.DLL

2011-07-15 16:13:44 28160 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPD9N.DLL

2011-07-15 16:13:00 92672 ----a-w- C:\Windows\System32\CNC860I.DLL

2011-07-15 16:13:00 299520 ----a-w- C:\Windows\System32\CNC860L.DLL

2011-07-15 16:13:00 235008 ----a-w- C:\Windows\System32\CNC860O.DLL

2011-07-15 16:13:00 17920 ----a-w- C:\Windows\System32\CNHMCA6.DLL

2011-07-15 16:12:59 1342976 ----a-w- C:\Windows\System32\CNC860C.DLL

2011-07-15 16:10:02 152064 ----a-w- C:\Windows\System32\CNMN6UI.DLL

2011-07-15 16:10:01 251904 ----a-w- C:\Windows\System32\CNMN6PPM.DLL

2011-07-15 16:08:08 -------- d-----w- C:\Program Files (x86)\Canon

2011-07-15 06:43:06 8873296 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{14399C09-CAD1-4571-B57A-ECEDA5933CEF}\mpengine.dll

2011-07-13 19:09:00 421888 ----a-w- C:\Windows\System32\KernelBase.dll

2011-07-13 19:09:00 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2011-07-11 00:37:55 -------- d-----w- C:\Users\Mead\AppData\Roaming\Malwarebytes

2011-07-11 00:37:34 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-11 00:37:32 -------- d-----w- C:\ProgramData\Malwarebytes

2011-07-11 00:37:28 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-07-11 00:37:28 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-06-28 18:41:01 64512 ----a-w- C:\Windows\SysWow64\devobj.dll

2011-06-28 18:41:01 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll

2011-06-28 18:41:01 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll

2011-06-28 18:41:01 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe

2011-06-28 18:41:01 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll

2011-06-16 20:28:23 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2011-06-16 20:28:22 499200 ----a-w- C:\Windows\System32\drivers\afd.sys

2011-06-16 20:28:22 289280 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

2011-06-16 20:28:22 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2011-06-16 20:28:22 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

2011-06-16 20:28:19 861696 ----a-w- C:\Windows\System32\oleaut32.dll

2011-06-16 20:28:19 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-06-16 20:28:19 467456 ----a-w- C:\Windows\System32\drivers\srv.sys

2011-06-16 20:28:19 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys

2011-06-16 20:28:19 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2011-06-16 20:28:18 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2011-06-16 20:28:17 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll

.

==================== Find3M ====================

.

2011-06-24 02:18:17 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-06-11 03:07:25 3137536 ----a-w- C:\Windows\System32\win32k.sys

2011-06-03 06:57:45 362496 ----a-w- C:\Windows\System32\wow64win.dll

2011-06-03 06:57:45 243200 ----a-w- C:\Windows\System32\wow64.dll

2011-06-03 06:57:45 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2011-06-03 06:57:44 214528 ----a-w- C:\Windows\System32\winsrv.dll

2011-06-03 06:57:38 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2011-06-03 06:53:33 338944 ----a-w- C:\Windows\System32\conhost.exe

2011-06-03 06:00:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2011-06-03 05:57:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2011-06-03 05:57:33 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2011-06-03 05:56:12 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2011-06-03 03:53:31 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2011-06-03 03:53:31 2048 ----a-w- C:\Windows\SysWow64\user.exe

2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2011-05-24 23:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe

2011-05-04 05:25:03 2315776 ----a-w- C:\Windows\System32\tquery.dll

2011-05-04 05:22:25 778752 ----a-w- C:\Windows\System32\mssvp.dll

2011-05-04 05:22:25 2223616 ----a-w- C:\Windows\System32\mssrch.dll

2011-05-04 05:22:24 75264 ----a-w- C:\Windows\System32\msscntrs.dll

2011-05-04 05:22:24 491520 ----a-w- C:\Windows\System32\mssph.dll

2011-05-04 05:22:24 288256 ----a-w- C:\Windows\System32\mssphtb.dll

2011-05-04 05:19:28 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe

2011-05-04 05:19:28 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe

2011-05-04 05:19:28 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe

2011-05-04 04:34:43 1549312 ----a-w- C:\Windows\SysWow64\tquery.dll

2011-05-04 04:32:02 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll

2011-05-04 04:32:01 337408 ----a-w- C:\Windows\SysWow64\mssph.dll

2011-05-04 04:32:01 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll

2011-05-04 04:32:01 1401344 ----a-w- C:\Windows\SysWow64\mssrch.dll

2011-05-04 04:32:00 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll

2011-05-04 04:28:31 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe

2011-05-04 04:28:31 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe

2011-05-04 04:28:31 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe

2011-04-28 03:55:08 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys

2011-04-28 03:54:56 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS

2011-04-23 01:29:25 2303488 ----a-w- C:\Windows\System32\jscript9.dll

2011-04-23 01:19:19 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-04-22 23:35:56 1797632 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-04-22 23:25:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-04-22 22:15:29 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys

2011-04-20 03:08:38 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2011-04-20 03:08:37 175616 ----a-w- C:\Windows\System32\msclmd.dll

2011-04-19 21:11:47 106224 ----a-w- C:\Windows\SysWow64\drivers\GRD.sys

2011-04-19 02:25:50 106224 ----a-w- C:\Windows\System32\drivers\GRD.sys

2011-04-19 02:03:48 40392 ----a-w- C:\Windows\System32\drivers\GDBehave.sys

2011-04-19 02:03:34 57288 ----a-w- C:\Windows\System32\drivers\PktIcpt.sys

2011-04-19 02:03:17 85960 ----a-w- C:\Windows\System32\drivers\MiniIcpt.sys

2011-04-19 02:03:17 49096 ----a-w- C:\Windows\System32\drivers\HookCentre.sys

2011-04-19 02:03:16 48584 ----a-w- C:\Windows\System32\drivers\gdwfpcd64.sys

2011-04-19 02:02:18 15880 ----a-w- C:\Windows\SysWow64\lsdelete.exe

2011-04-18 03:03:30 2560 ----a-w- C:\Windows\SysWow64\drivers\en-US\qwavedrv.sys.mui

2011-04-18 03:03:27 25600 ----a-w- C:\Windows\SysWow64\drivers\en-US\bfe.dll.mui

2011-04-18 03:03:27 15360 ----a-w- C:\Windows\SysWow64\drivers\en-US\pacer.sys.mui

2011-04-18 03:03:20 2560 ----a-w- C:\Windows\SysWow64\drivers\en-US\scfilter.sys.mui

2011-04-18 03:03:19 5632 ----a-w- C:\Windows\SysWow64\drivers\en-US\ndiscap.sys.mui

2011-04-18 03:03:14 44032 ----a-w- C:\Windows\SysWow64\drivers\en-US\tcpip.sys.mui

2011-04-18 02:42:21 411368 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-04-18 02:40:25 455680 ----a-w- C:\Windows\System32\deployJava1.dll

.

============= FINISH: 15:15:53.16 ===============

mban-log:

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Database version: 7163

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

7/16/2011 3:04:21 PM

mbam-log-2011-07-16 (15-04-21).txt

Scan type: Quick scan

Objects scanned: 170077

Time elapsed: 5 minute(s), 27 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Any help would be much appreciated.

Thanks, Ian

attach.zip

[AdvancedSetup]

STEP 01

Please go to your control panel, programs and uninstall the following items.

Java Auto Updater

Java™ 6 Update 20

Java™ 6 Update 20 (64-bit)

STEP 02

Temporarily disable SKYPE from running. You may need to set that from within Skype and restart your computer to make sure it's not running.

STEP 03

What happened with this installation? I don't see it listed under currently installed or running applications.

7/14/2011 11:12:10 PM - Installed Kaspersky Internet Security 2011

Is Ad-Aware your current Anti-Virus?

STEP 04

Are you missing any shortcuts or folders being hidden from view that are not normal ?

STEP 05

Please download and run the following tdsskiller.exe tool from Kaspersky.

After saving the file, you need to right click and choose Run as administrator and scan your system. It can also be ran from Safe Mode if needed.

Post back the log once completed on your next reply.

STEP 06

Please run a NEW DDS scan and post back the new logs.

Download

DDS

and save it to your desktop

http://download.bleepingcomputer.com/sUBs/dds.scr

Disable any script blocker if your Anti-Virus/Anti-Malware has it.

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click

dds.scr

to run the tool.

When done, the

DDS.txt

will open.

Click Yes at the next prompt for Optional Scan.

When done, DDS will open two (2) logs:

1. DDS.txt
   
   
2. Attach.txt

• Save both reports to your desktop
• Please include the following logs in your next reply:
  DDS.txt
  and
  Attach.txt

[idm]

Hello,

Thank you for your help. I have since (my initial posting) been working with malewarebytes support directly and the problem seems to have been resloved. They suggested much of what you did and could not find anything and suggested the router. Between that and uninstalling Skype and Windows Live Essentials (my own thoughts) the issue appears to have been resolved (After 8 hours of testing).

You are correcnt on my AV selection and I had just tried Kaspersky to try and detect a virus.

One quick question, why did you want skype disabled? Could that have been a cause?

Thanks again,

Ian

[AdvancedSetup]

Unlikely that it was Skype but often it's use can confuse the issue so I like to disable it so people are not confused by it. Skype uses IP ranges that are shared by Peer2Peer that sometimes includes bad IPs but since Skype is using an encrypted channel riding on that network it should be safe but we can't separate Skype from other traffic in the program, thus I ask to disable while scanning, testing.

If you're okay now then I'll go ahead and close your post and/or you can finish up with support.

Thank you.

[screen317]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.