SWNRM Posted September 22, 2011 ID:478166 Share Posted September 22, 2011 Restarted new post just found the attach.txt file hidden so have attached it this time ThanksAfter incidentally installing maleware bytes and scanning system ( one suspect remeoved)Then began to get08:44:01 IP-BLOCK 89.28.28.173 (Type: outgoing, Port: 4340, Process: skype.exe)08:44:01 IP-BLOCK 62.45.194.36 (Type: outgoing, Port: 4340, Process: skype.exe)these messages on startupDDS report.DDS (Ver_2011-08-26.01) - NTFSAMD64Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_27Run by newsonr at 10:41:43 on 2011-09-22Microsoft Windows 7 Ultimate 6.1.7601.1.1252.61.1033.18.12286.10203 [GMT 10:00].AV: AVG Anti-Virus Business Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}SP: AVG Anti-Virus Business Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B}.============== Running Processes ===============.C:\PROGRA~2\AVG\AVG10\avgchsva.exeC:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\AVG\AVG10\avgfws.exeC:\Windows\system32\WUDFHost.exeC:\Program Files (x86)\AVG\AVG10\avgwdsvc.exeC:\Program Files (x86)\Bonjour\mDNSResponder.exeC:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exeC:\Program Files (x86)\AVG\AVG10\avgam.exeC:\Program Files (x86)\AVG\AVG10\avgnsa.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exeC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\AVG\AVG10\avgcsrvx.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Program Files (x86)\AVG\AVG10\avgcsrva.exeC:\Windows\system32\Dwm.exeC:\Windows\system32\taskhost.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\Google\Update\1.3.21.69\GoogleCrashHandler.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\WindowsMobile\wmdc.exeC:\Windows\vsnpstd3.exeC:\Program Files (x86)\Skype\Phone\Skype.exe\\Server1\wywo\WYWO32.EXEC:\Windows\system32\svchost.exe -k WindowsMobileC:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe\\server1\whosin\user.exeC:\Program Files (x86)\AVG\AVG10\avgtray.exeC:\Program Files (x86)\iTunes\iTunesHelper.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\iPod\bin\iPodService.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exeC:\PROGRA~2\AVG\AVG10\avgrsa.exeC:\Program Files (x86)\AVG\AVG10\avgcsrva.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\DllHost.exeC:\Windows\system32\DllHost.exeC:\Windows\SysWOW64\cmd.exeC:\Windows\system32\conhost.exeC:\Windows\SysWOW64\cscript.exeC:\Windows\system32\wbem\wmiprvse.exe.============== Pseudo HJT Report ===============Attach.zip Link to post Share on other sites More sharing options...
Staff screen317 Posted September 28, 2011 Staff ID:480097 Share Posted September 28, 2011 Hi and welcome to Malwarebytes.Since Skype is a P2P program, it navigates through many different networks. Some of these may lie on IP ranges that are known to host malicious content, which is why we block them. Skype performance should not be affected by this. Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted October 11, 2011 Root Admin ID:484450 Share Posted October 11, 2011 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts