Jump to content

Continuous Port Blocking


Recommended Posts

A few days ago my computer because infected with some malware called Cloud Protection, that fake antivirus software. I used Malwarebytes to get rid of it and it seemed to do the trick except now, I get an alert every 10 minutes saying that it blocked an outgoing connection from svchost.exe to some random IP. Here's part of a log:

00:07:52 Adriana IP-BLOCK 109.236.81.172 (Type: outgoing, Port: 52930, Process: svchost.exe)

00:08:56 Adriana IP-BLOCK 195.3.145.112 (Type: outgoing, Port: 52984, Process: svchost.exe)

00:18:59 Adriana IP-BLOCK 212.36.9.52 (Type: outgoing, Port: 53350, Process: svchost.exe)

00:18:59 Adriana IP-BLOCK 221.132.34.163 (Type: outgoing, Port: 53351, Process: svchost.exe)

00:23:56 Adriana IP-BLOCK 109.236.81.172 (Type: outgoing, Port: 53856, Process: svchost.exe)

00:28:53 Adriana IP-BLOCK 221.132.34.163 (Type: outgoing, Port: 54131, Process: svchost.exe)

00:28:53 Adriana IP-BLOCK 212.36.9.52 (Type: outgoing, Port: 54134, Process: svchost.exe)

00:38:56 Adriana IP-BLOCK 195.3.145.111 (Type: outgoing, Port: 54439, Process: svchost.exe)

It looks like I'm not the only one experiencing this problem, but I figured I would post my own thread in case it was something different.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26

Run by Adriana at 12:12:19 on 2011-10-19

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4021.2060 [GMT -7:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

c:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Dell\DellDock\DellDock.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe

C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\svchost.exe -k HPService

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\taskeng.exe

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\Windows\SysWOW64\ping.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Program Files (x86)\AVG\AVG2012\avgui.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: FAIESSOHelper Class: {a2f122da-055f-4df7-8f24-7354dbdba85b} - c:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SMTTB2009 Class: {fcbccb87-9224-4b8d-b117-f56d924beb18} - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

TB: Hyperionics DB Toolbar: {338b4dfe-2e2c-4338-9e41-e176d497299e} - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [Google Update] "C:\Users\Adriana\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent

mRun: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun: [FATrayAlert] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun: [FAStartup]

mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\Users\Adriana\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

LSP: mswsock.dll

DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{709F98D7-67FB-4AF0-804E-DD9FFAA42290} : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{709F98D7-67FB-4AF0-804E-DD9FFAA42290}\2656C6B696E6534376 : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{709F98D7-67FB-4AF0-804E-DD9FFAA42290}\34F4D4059454F5E4564777F627B6 : DhcpNameServer = 68.87.76.182 68.87.78.134

TCP: Interfaces\{709F98D7-67FB-4AF0-804E-DD9FFAA42290}\469616A786F6D656D27657563747 : DhcpNameServer = 68.87.76.182 68.87.78.134 192.168.33.1

TCP: Interfaces\{709F98D7-67FB-4AF0-804E-DD9FFAA42290}\A4563757373516675637D27657563747 : DhcpNameServer = 68.87.76.182 68.87.78.134 192.168.33.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: FastAccess - c:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

LSA: Notification Packages = scecli FAPassSync

SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4

BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

BHO-X64: Increase performance and video formats for your HTML5 <video> - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: FAIESSOHelper Class: {A2F122DA-055F-4df7-8F24-7354DBDBA85B} - c:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll

BHO-X64: FAIESSO Helper Object - No File

BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SMTTB2009 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll

BHO-X64: SMTTB2009 - No File

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

TB-X64: Hyperionics DB Toolbar: {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\Hyperionics DB Toolbar\tbcore3.dll

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

mRun-x64: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun-x64: [FATrayAlert] c:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

mRun-x64: [FAStartup]

mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Adriana\AppData\Roaming\Mozilla\Firefox\Profiles\260dyxbl.default\

FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Adriana\AppData\Local\Google\Update\1.3.21.71\npGoogleUpdate3.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-9-12 5265248]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]

R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]

R2 FAService;FAService;C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe [2010-2-22 2409800]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-10-16 366152]

R2 rimspci;rimspci;C:\Windows\system32\DRIVERS\rimspe64.sys --> C:\Windows\system32\DRIVERS\rimspe64.sys [?]

R2 risdpcie;risdpcie;C:\Windows\system32\DRIVERS\risdpe64.sys --> C:\Windows\system32\DRIVERS\risdpe64.sys [?]

R2 rixdpcie;rixdpcie;C:\Windows\system32\DRIVERS\rixdpe64.sys --> C:\Windows\system32\DRIVERS\rixdpe64.sys [?]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]

R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 0222181313203584mcinstcleanup;McAfee Application Installer Cleanup (0222181313203584);C:\Windows\TEMP\022218~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> C:\Windows\TEMP\022218~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SessionLauncher;SessionLauncher;c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe --> c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [?]

S3 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-12-8 169312]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]

S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2009-9-21 315664]

S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCom\RoxMediaDB10.exe [2009-6-26 1124848]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2011-10-19 19:03:04 -------- d-----w- C:\Users\Adriana\AppData\Local\{8D889BF2-1436-4E46-8677-11975F3E09FC}

2011-10-19 19:02:40 -------- d-----w- C:\Users\Adriana\AppData\Local\{F7C0011F-C096-468E-840E-F1FCC48E5015}

2011-10-19 07:02:05 -------- d-----w- C:\Users\Adriana\AppData\Local\{F6F91715-B9C0-43AA-BEE8-536FE94B6067}

2011-10-19 07:01:46 -------- d-----w- C:\Users\Adriana\AppData\Local\{1F44F934-CBBF-4925-942C-CD3901BD7261}

2011-10-19 01:16:33 -------- d--h--w- C:\$AVG

2011-10-19 00:28:53 -------- d-----w- C:\Users\Adriana\AppData\Local\{840E7578-6742-40B0-9292-45B449402AE5}

2011-10-18 06:53:15 -------- d-----w- C:\Users\Adriana\AppData\Local\{B845D8F5-CA2E-446E-9251-890E0889BB8E}

2011-10-17 18:52:30 -------- d-----w- C:\Users\Adriana\AppData\Local\{AC19C5DA-117E-4824-805C-D9EE433CA03B}

2011-10-17 18:52:02 -------- d-----w- C:\Users\Adriana\AppData\Local\{F12DFAB9-2D8F-4D8B-9692-6F5CEE1CE8FE}

2011-10-17 06:19:33 -------- d-----w- C:\Users\Adriana\AppData\Local\{A3AF33B7-C52D-4CEB-B29C-08274EDB4DA1}

2011-10-17 06:19:08 -------- d-----w- C:\Users\Adriana\AppData\Local\{BF6ED0DD-7DDF-4F9C-A014-14AB313A2F9F}

2011-10-17 06:18:33 -------- d-----w- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE

2011-10-17 04:53:41 -------- d-----w- C:\Users\Adriana\AppData\Roaming\Malwarebytes

2011-10-17 04:53:33 -------- d-----w- C:\ProgramData\Malwarebytes

2011-10-17 04:53:30 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-10-17 04:53:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-10-17 04:22:51 -------- d-----w- C:\Users\Adriana\AppData\Roaming\uKK88fRRZ

2011-10-17 04:22:51 -------- d-----w- C:\Users\Adriana\AppData\Roaming\BhhhTTXwjUCeI

2011-10-17 04:22:47 -------- d-----w- C:\Users\Adriana\AppData\Roaming\lUUCCeekI

2011-10-17 04:22:46 -------- d-----w- C:\Users\Adriana\AppData\Roaming\oFF44pmGG5QJ6E

2011-10-17 04:22:46 -------- d-----w- C:\Users\Adriana\AppData\Roaming\eUUUVeelIBtzNyA

2011-10-17 04:20:09 -------- d-----we C:\Windows\system64

2011-10-16 18:08:06 -------- d-----w- C:\Users\Adriana\AppData\Local\{02D32AC7-830F-40CB-AC6F-55D42AFD28E7}

2011-10-16 18:07:43 -------- d-----w- C:\Users\Adriana\AppData\Local\{40DF1224-8920-4835-B1C1-716CDBE915DA}

2011-10-16 06:07:15 -------- d-----w- C:\Users\Adriana\AppData\Local\{101DFB6F-5E2A-4E75-963E-AD6DFF45126E}

2011-10-16 06:06:51 -------- d-----w- C:\Users\Adriana\AppData\Local\{B3A43C53-D4D2-4567-8474-D71A77E0B068}

2011-10-15 18:06:35 -------- d-----w- C:\Users\Adriana\AppData\Local\{21F3D6DC-8D62-473B-8246-D99187DFC949}

2011-10-15 18:06:09 -------- d-----w- C:\Users\Adriana\AppData\Local\{E83CC2BA-B19D-4237-8477-CE51B52B8C6D}

2011-10-15 06:05:50 -------- d-----w- C:\Users\Adriana\AppData\Local\{4C89A282-3DA3-4E4A-93D9-DCF31F57844F}

2011-10-15 06:05:38 -------- d-----w- C:\Users\Adriana\AppData\Local\{9C7657D4-924B-4654-BC9F-3C0C30F9B422}

2011-10-14 10:28:19 -------- d-----w- C:\Users\Adriana\AppData\Local\{3AFD324E-812C-45A2-BEE0-8B18970F7A4B}

2011-10-14 10:27:56 -------- d-----w- C:\Users\Adriana\AppData\Local\{0F7255D1-8CB8-48F7-9999-6DC8C63A8570}

2011-10-14 10:01:59 678912 ----a-w- C:\Program Files (x86)\Internet Explorer\iedvtool.dll

2011-10-14 10:01:59 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll

2011-10-14 10:01:57 887296 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll

2011-10-14 05:33:42 3138048 ----a-w- C:\Windows\System32\win32k.sys

2011-10-14 05:33:40 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax

2011-10-14 05:33:40 613888 ----a-w- C:\Windows\System32\psisdecd.dll

2011-10-14 05:33:40 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll

2011-10-14 05:33:40 108032 ----a-w- C:\Windows\System32\psisrndr.ax

2011-10-14 05:32:53 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll

2011-10-14 05:32:53 331776 ----a-w- C:\Windows\System32\oleacc.dll

2011-10-14 05:32:53 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll

2011-10-14 05:32:52 861696 ----a-w- C:\Windows\System32\oleaut32.dll

2011-10-13 22:27:27 -------- d-----w- C:\Users\Adriana\AppData\Local\{4B8E1357-AA89-49B5-9681-FF23413B1862}

2011-10-13 22:27:09 -------- d-----w- C:\Users\Adriana\AppData\Local\{E6837E2B-07B8-4944-9F7D-09813A391C00}

2011-10-13 19:47:47 -------- d-----w- C:\Users\Adriana\AppData\Local\{4EB82FED-F0C6-4F2D-8139-8D715B018B51}

2011-10-13 03:36:28 -------- d-----w- C:\Users\Adriana\AppData\Local\{834837F5-68C3-4569-91C3-A2DEAB0E6D64}

2011-10-10 20:45:16 -------- d-----w- C:\Users\Adriana\AppData\Local\{A9143A41-563B-482C-9F6A-27FEB85EC590}

2011-10-10 20:44:59 -------- d-----w- C:\Users\Adriana\AppData\Local\{65118B6B-2BD9-494D-8AF8-4DE7E7F3CEB5}

2011-10-10 18:07:46 -------- d-----w- C:\Users\Adriana\AppData\Local\{375B86B6-7C9F-4795-A37D-EE661A3719E4}

2011-10-09 19:08:07 -------- d-----w- C:\Users\Adriana\AppData\Local\{FFA0F257-5DD8-439F-B8A0-3FC23233F550}

2011-10-09 19:07:54 -------- d-----w- C:\Users\Adriana\AppData\Local\{F114D183-B26C-4219-BAE9-4196C107CFED}

2011-10-09 02:53:21 -------- d-----w- C:\Users\Adriana\AppData\Local\{91A9A50B-7287-44BF-89C8-94605613A0D4}

2011-10-08 22:01:15 -------- d-----w- C:\Users\Adriana\AppData\Local\{0CD09B12-520B-486D-93EF-8873AA729039}

2011-10-07 21:31:29 -------- d-----w- C:\Users\Adriana\AppData\Local\{C01EF026-764F-41B8-92D0-56AEB41084A6}

2011-10-07 21:30:35 -------- d-----w- C:\Users\Adriana\AppData\Local\{14301143-C78A-4AFC-B578-78A5AB887ECD}

2011-10-06 22:44:40 -------- d-----w- C:\Users\Adriana\AppData\Local\{F532E385-9686-4C82-A16B-A26B861E1194}

2011-10-06 22:44:19 -------- d-----w- C:\Users\Adriana\AppData\Local\{1984DC08-40EE-4412-9334-00CA9CB9602E}

2011-10-06 18:53:34 -------- d-----w- C:\Users\Adriana\AppData\Local\{045774D9-19B6-4000-8090-D9828B111F25}

2011-10-06 16:48:27 -------- d-----w- C:\Users\Adriana\AppData\Local\{2C5F8F2A-0508-499B-935E-4CEACBDF96ED}

2011-10-05 21:16:21 -------- d-----w- C:\Users\Adriana\AppData\Local\{8FDFF538-E062-4D25-85A1-B1EC77E07C28}

2011-10-05 21:16:04 -------- d-----w- C:\Users\Adriana\AppData\Local\{AC187BF4-E638-4BD5-99C4-A6B97F41A168}

2011-10-05 02:43:35 -------- d-----w- C:\Users\Adriana\AppData\Local\Microsoft Games

2011-10-05 01:29:29 -------- d-----w- C:\Users\Adriana\AppData\Local\{49281757-F66E-409A-BDAE-415D632D0DF0}

2011-10-05 01:29:11 -------- d-----w- C:\Users\Adriana\AppData\Local\{2DDC115C-6071-4525-84E4-53D125683E83}

2011-10-03 21:58:38 -------- d-----w- C:\Users\Adriana\AppData\Local\{F51198F1-81AB-4F4C-940B-E6A648A5DF64}

2011-10-03 21:58:26 -------- d-----w- C:\Users\Adriana\AppData\Local\{E80A84B9-D2D6-469B-B8E2-DD2D7682D351}

2011-10-03 18:52:53 -------- d-----w- C:\Users\Adriana\AppData\Local\{60377845-D3EC-4587-87F5-9C7C7CBEA5E9}

2011-10-03 16:43:56 -------- d-----w- C:\Users\Adriana\AppData\Local\{7CFBB2D9-78EB-4B6E-9FF4-6C67D0F7E949}

2011-10-02 21:28:46 -------- d-----w- C:\Users\Adriana\AppData\Local\{0366ED16-4B81-4F33-AF21-55898EE89637}

2011-10-02 21:28:34 -------- d-----w- C:\Users\Adriana\AppData\Local\{300809B1-668E-4C0E-AADF-2D3A6FC8B510}

2011-10-02 16:46:34 -------- d-----w- C:\Users\Adriana\AppData\Local\{FB98C23C-B900-4871-B979-6BAF961DEE48}

2011-10-01 22:00:16 -------- d-----w- C:\Users\Adriana\AppData\Local\{1C27A1CE-1AFF-4111-BE4B-8C3C00C4AB28}

2011-10-01 21:59:58 -------- d-----w- C:\Users\Adriana\AppData\Local\{273A4497-EEFA-457A-980D-4F90A14CF512}

2011-09-30 19:09:46 -------- d-----w- C:\Users\Adriana\AppData\Roaming\Origin

2011-09-30 19:09:45 -------- d-----w- C:\Users\Adriana\AppData\Local\Origin

2011-09-30 19:08:41 -------- d-----w- C:\ProgramData\Origin

2011-09-30 19:08:41 -------- d-----w- C:\Program Files (x86)\Origin Games

2011-09-30 19:08:20 -------- d-----w- C:\Program Files (x86)\Origin

2011-09-30 18:37:46 -------- d-----w- C:\Users\Adriana\AppData\Local\{EC059C63-64A9-4F46-95C3-C3C003AC4E52}

2011-09-30 18:36:29 -------- d-----w- C:\Users\Adriana\AppData\Local\{D07956F0-0FD5-44EF-8A6F-ACE4EA3EAC46}

2011-09-30 17:31:09 -------- d-----w- C:\Users\Adriana\AppData\Local\{600AABF0-44CF-4FE2-834C-5E8E29547285}

2011-09-30 03:49:36 -------- d-----w- C:\Users\Adriana\AppData\Local\{24212225-24AB-41C5-95D2-645C87988605}

2011-09-30 00:46:52 -------- d-----w- C:\Users\Adriana\AppData\Local\{1CB46944-8B28-47F1-97CF-5B509391E26F}

2011-09-29 21:34:22 -------- d-----w- C:\Users\Adriana\AppData\Local\{784CDE55-D034-495A-BC38-E03F0E48D8C6}

2011-09-28 16:38:21 -------- d-----w- C:\Users\Adriana\AppData\Local\{48CEE6B9-19AE-4995-89F7-D39391A3A9EB}

2011-09-28 16:38:07 -------- d-----w- C:\Users\Adriana\AppData\Local\{E674A08B-8A7F-41CC-A94C-6884038EC9EA}

2011-09-27 22:08:28 -------- d-----w- C:\Users\Adriana\AppData\Local\{632D8A9F-E735-4239-9488-5F3DED2D457F}

2011-09-27 22:08:16 -------- d-----w- C:\Users\Adriana\AppData\Local\{D92FA7B8-2EEC-422A-AD72-BF0632962DA5}

2011-09-27 10:07:45 -------- d-----w- C:\Users\Adriana\AppData\Local\{B8E15F50-05FB-4ED8-9F10-FA5C3859F1A9}

2011-09-27 10:07:34 -------- d-----w- C:\Users\Adriana\AppData\Local\{E655623B-4B5C-4F05-9AB7-722188B61F5E}

2011-09-26 22:07:09 -------- d-----w- C:\Users\Adriana\AppData\Local\{094ED5C3-2386-47CA-B38A-25F38DCEBFE6}

2011-09-26 22:06:52 -------- d-----w- C:\Users\Adriana\AppData\Local\{0AEDD48C-48CA-4D67-A09C-78D702D51CFC}

2011-09-26 02:09:25 -------- d-----w- C:\Users\Adriana\AppData\Local\{5D1260EF-A9CB-402C-9AC6-A7ACF5DDDD8E}

2011-09-26 02:09:11 -------- d-----w- C:\Users\Adriana\AppData\Local\{F4ECF43A-360C-4485-985C-D18E584DF621}

2011-09-25 14:08:56 -------- d-----w- C:\Users\Adriana\AppData\Local\{B319910E-26C6-4F7A-BA3F-44EC935E3938}

2011-09-25 14:08:43 -------- d-----w- C:\Users\Adriana\AppData\Local\{BDDBB174-F9D5-48C9-BDE0-2AFAA527DBA7}

2011-09-25 02:08:15 -------- d-----w- C:\Users\Adriana\AppData\Local\{2FB9C3FD-646F-4710-96D0-9E434F932453}

2011-09-25 02:08:03 -------- d-----w- C:\Users\Adriana\AppData\Local\{D52D8885-0779-45AB-B1B3-19847AB66510}

2011-09-24 14:08:08 -------- d-----w- C:\Users\Adriana\AppData\Local\{36DE5C92-27B6-4BD0-A07F-FA913D230459}

2011-09-23 22:14:35 -------- d-----w- C:\Users\Adriana\AppData\Local\{3679CACC-AC6B-4826-AF69-FE4227E8043E}

2011-09-23 22:14:22 -------- d-----w- C:\Users\Adriana\AppData\Local\{369C226B-66F3-469F-87A9-E216E93A87D6}

2011-09-23 06:05:34 -------- d-----w- C:\Users\Adriana\AppData\Local\{70C253D0-BCD8-4050-A704-D35A6F8AABCA}

2011-09-23 06:05:19 -------- d-----w- C:\Users\Adriana\AppData\Local\{783BB4CE-95A2-4C53-BE00-D7878969FC65}

2011-09-22 18:05:04 -------- d-----w- C:\Users\Adriana\AppData\Local\{B8247409-12E7-4C7C-8FA2-6DFBD2142808}

2011-09-22 18:04:51 -------- d-----w- C:\Users\Adriana\AppData\Local\{018B40C5-D000-44FC-B220-9E9CF07464BD}

2011-09-22 06:04:25 -------- d-----w- C:\Users\Adriana\AppData\Local\{97AB22DA-8B8E-403A-9DBC-88A7CF5E1A7B}

2011-09-22 06:04:13 -------- d-----w- C:\Users\Adriana\AppData\Local\{DB64E056-FECB-48F5-8198-3D12CD4A66FE}

2011-09-21 18:03:45 -------- d-----w- C:\Users\Adriana\AppData\Local\{650F85DA-4117-414D-B3E9-1CAD674E1B63}

2011-09-21 18:03:34 -------- d-----w- C:\Users\Adriana\AppData\Local\{98C9112B-D887-45A1-8469-F3FBE985A7EA}

2011-09-20 15:56:31 -------- d-----w- C:\Users\Adriana\AppData\Local\{94C40A21-6436-465C-A425-6BD998F250BD}

2011-09-20 15:56:19 -------- d-----w- C:\Users\Adriana\AppData\Local\{8DCD558E-8F13-49E4-946F-6AF27E3CF435}

2011-09-20 03:56:05 -------- d-----w- C:\Users\Adriana\AppData\Local\{37347907-B93E-4750-BC70-C39704B11112}

2011-09-20 03:55:53 -------- d-----w- C:\Users\Adriana\AppData\Local\{9B088730-F479-4903-95BC-349D637E0987}

.

==================== Find3M ====================

.

2011-09-13 13:30:08 37456 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys

2011-09-01 05:24:07 2309120 ----a-w- C:\Windows\System32\jscript9.dll

2011-09-01 05:17:57 1389056 ----a-w- C:\Windows\System32\wininet.dll

2011-09-01 05:12:04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2011-09-01 02:28:15 1126912 ----a-w- C:\Windows\SysWow64\wininet.dll

2011-09-01 02:22:54 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-08-13 08:03:01 175616 ----a-w- C:\Windows\System32\msclmd.dll

2011-08-13 08:03:01 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2011-08-13 04:43:07 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-08-13 01:42:31 0 ----a-w- C:\Windows\ativpsrm.bin

2011-08-13 00:19:16 74 --sh--r- C:\Windows\CT4CET.bin

2011-08-12 23:56:41 455680 ----a-w- C:\Windows\System32\deployJava1.dll

2011-08-08 13:08:58 46672 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys

2011-07-28 22:23:16 9980416 ----a-w- C:\Windows\System32\drivers\atikmdag.sys

2011-07-28 22:09:06 23921664 ----a-w- C:\Windows\System32\atio6axx.dll

2011-07-28 21:44:06 18388480 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2011-07-28 21:40:58 151552 ----a-w- C:\Windows\System32\atiapfxx.exe

2011-07-28 21:40:44 726528 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2011-07-28 21:39:14 852992 ----a-w- C:\Windows\System32\aticfx64.dll

2011-07-28 21:36:26 462848 ----a-w- C:\Windows\System32\ATIDEMGX.dll

2011-07-28 21:36:12 485376 ----a-w- C:\Windows\System32\atieclxx.exe

2011-07-28 21:35:34 204288 ----a-w- C:\Windows\System32\atiesrxx.exe

2011-07-28 21:34:20 120320 ----a-w- C:\Windows\System32\atitmm64.dll

2011-07-28 21:34:00 423424 ----a-w- C:\Windows\System32\atipdl64.dll

2011-07-28 21:33:54 356352 ----a-w- C:\Windows\SysWow64\atipdlxx.dll

2011-07-28 21:33:42 278528 ----a-w- C:\Windows\SysWow64\Oemdspif.dll

2011-07-28 21:33:36 21504 ----a-w- C:\Windows\System32\atimuixx.dll

2011-07-28 21:33:32 59392 ----a-w- C:\Windows\System32\atiedu64.dll

2011-07-28 21:33:26 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll

2011-07-28 21:30:26 4198912 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2011-07-28 21:20:36 4943360 ----a-w- C:\Windows\System32\atidxx64.dll

2011-07-28 21:12:14 1113088 ----a-w- C:\Windows\System32\atiumd6v.dll

2011-07-28 21:11:42 1828864 ----a-w- C:\Windows\SysWow64\atiumdmv.dll

2011-07-28 21:11:30 3871744 ----a-w- C:\Windows\System32\atiumd6a.dll

2011-07-28 21:11:16 51200 ----a-w- C:\Windows\System32\aticalrt64.dll

2011-07-28 21:11:14 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2011-07-28 21:11:04 44544 ----a-w- C:\Windows\System32\aticalcl64.dll

2011-07-28 21:11:02 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2011-07-28 21:10:50 9644544 ----a-w- C:\Windows\System32\aticaldd64.dll

2011-07-28 21:09:10 4256768 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2011-07-28 21:07:24 8247296 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2011-07-28 21:03:58 4056064 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2011-07-28 21:02:28 5399040 ----a-w- C:\Windows\System32\atiumd64.dll

2011-07-28 21:01:50 58880 ----a-w- C:\Windows\System32\coinst.dll

2011-07-28 20:54:52 378368 ----a-w- C:\Windows\System32\atiadlxx.dll

2011-07-28 20:54:44 266240 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2011-07-28 20:54:34 15360 ----a-w- C:\Windows\System32\atig6pxx.dll

2011-07-28 20:54:30 13312 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2011-07-28 20:54:30 13312 ----a-w- C:\Windows\System32\atiglpxx.dll

2011-07-28 20:54:26 39936 ----a-w- C:\Windows\System32\atig6txx.dll

2011-07-28 20:54:18 32768 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2011-07-28 20:54:10 309248 ----a-w- C:\Windows\System32\drivers\atikmpag.sys

2011-07-28 20:53:22 40960 ----a-w- C:\Windows\System32\atiuxp64.dll

2011-07-28 20:53:14 31744 ----a-w- C:\Windows\SysWow64\atiuxpag.dll

2011-07-28 20:53:08 38912 ----a-w- C:\Windows\System32\atiu9p64.dll

2011-07-28 20:53:00 29184 ----a-w- C:\Windows\SysWow64\atiu9pag.dll

2011-07-28 20:52:26 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll

2011-07-28 20:51:10 53760 ----a-w- C:\Windows\System32\atimpc64.dll

2011-07-28 20:51:10 53760 ----a-w- C:\Windows\System32\amdpcom64.dll

2011-07-28 20:51:04 52736 ----a-w- C:\Windows\SysWow64\atimpc32.dll

2011-07-28 20:51:04 52736 ----a-w- C:\Windows\SysWow64\amdpcom32.dll

2011-07-22 20:51:50 94208 ----a-w- C:\Windows\SysWow64\dpl100.dll

.

============= FINISH: 12:13:31.30 ===============

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

  • 2 weeks later...
  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.