SWNRM Posted September 22, 2011 ID:478161 Share Posted September 22, 2011 After incidentally installing maleware bytes and scanning system ( one suspect remeoved)Then began to get 08:44:01 IP-BLOCK 89.28.28.173 (Type: outgoing, Port: 4340, Process: skype.exe)08:44:01 IP-BLOCK 62.45.194.36 (Type: outgoing, Port: 4340, Process: skype.exe)these messages on startupDDS report.DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_27Run by newsonr at 10:41:43 on 2011-09-22Microsoft Windows 7 Ultimate 6.1.7601.1.1252.61.1033.18.12286.10203 [GMT 10:00].AV: AVG Anti-Virus Business Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}SP: AVG Anti-Virus Business Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}.============== Running Processes ===============.C:\PROGRA~2\AVG\AVG10\avgchsva.exeC:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\AVG\AVG10\avgfws.exeC:\Windows\system32\WUDFHost.exeC:\Program Files (x86)\AVG\AVG10\avgwdsvc.exeC:\Program Files (x86)\Bonjour\mDNSResponder.exeC:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exeC:\Program Files (x86)\AVG\AVG10\avgam.exeC:\Program Files (x86)\AVG\AVG10\avgnsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exeC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\AVG\AVG10\avgcsrvx.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\AVG\AVG10\avgcsrva.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskhost.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Google\Update\1.3.21.69\GoogleCrashHandler.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\WindowsMobile\wmdc.exeC:\Windows\vsnpstd3.exeC:\Program Files (x86)\Skype\Phone\Skype.exe\\Server1\wywo\WYWO32.EXEC:\Windows\system32\svchost.exe -k WindowsMobileC:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe\\server1\whosin\user.exeC:\Program Files (x86)\AVG\AVG10\avgtray.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\iPod\bin\iPodService.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exeC:\PROGRA~2\AVG\AVG10\avgrsa.exeC:\Program Files (x86)\AVG\AVG10\avgcsrva.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exeC:\Windows\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============ark.zip attached - DDS did not create an attach.txt .ark.zip Link to post Share on other sites More sharing options...
LDTate Posted September 23, 2011 ID:478614 Share Posted September 23, 2011 Duplicate post Link to post Share on other sites More sharing options...
LDTate Posted September 23, 2011 ID:478615 Share Posted September 23, 2011 Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you. Link to post Share on other sites More sharing options...
Recommended Posts