Suspicious "Password Protected" files and Port Scan after Shockwave Player install

Immediately after I installed SHockwave Player on my system, my daily scan (Avast!) showed password protected files that are new, and look suspicious to me. I cannot access nor isolate them. I did a boot scan (Avast!), and some files are showing as corrupted.

I d/l and ran malwarebytes, and it showed no infections. I d/l CCleaner and cleaned. I d/l bitdefender and switched it up from the Avast!, and when I did a start-up, it told me an outside IP was trying to do a port scan.

I deleted the Shockwave Player.

I reinstalled Avast! and uninstalled bitdefender, and came here for help. Followed all steps up to installing RogueKiller as admin, and doing a scan only, creating a log of its report.

Will attach and thanks!

 

Re: Suspicious "Password Protected" files and Port Scan after Shockwave Player instal

Thank you!

Yes, before I wrote followed those instructions on the MG site. (old school, I follow instructions well).

I went to Step 6, Vista & Win7 instructions, then followed the steps on that link to Step 4, it says if you are still having problems. STOP. Attached the Rogue Killer report and write in.

So, I think I went as far as I was supposed to? A text document is attached to my original message RKreport2].txt . That was all I got from Rogue Killer when I completed Step 3.

I was out most of the afternoon, and just returning mail, when I got a message flashing on my taskbar from my C: drive, about 15 minutes ago.

Here's what it says:
(wrote it down, too)

Workgroup: WORKGROUP

Memory: 3.00GB

Processor: AMD Athlon II X2 2.555 Processor

Okay, now it's gone and replaced by a list of libraries ... the ones that come with the OS (Documents, Music, Pictures, Videos). And that is running on my Administrator account, which I do NOT go online with.. I have a separate user account with no Admin permissions on it. So, here's where the download came from, and I remember my screen flashing when it first came up !

File Description: Adobe Flash Player Downloader
Company: Solid State Networks.

This happened on the same day the first 'Password Protected' files up, the names of said files (which Avast! detects) sound like ones I have seen before, suspicious files, when my AVG got attacked. I do a daily detailed scan for safety, so could narrow down to this fake Adobe file quickly. My fault for not reading carefully enough if indeed, this is where the problem stems.

I am sure that Chrome browser got redirected .. I saved the download. I do for awhile.

Also, before I came here, I ran CCleaner, and though I deleted NOTHING, I had the CCleaner's FILE ASSASSIN take a look, and the *same list of libraries* was marked for selection as suspicious - I canceled out, left them alone.

I ran a Boot Scan with my Avast! as soon as I thought there was something wrong, and it showed corrupted files. I removed all Skype (which had some corrupted files, and I don't like its techniques - too controlling), but the other files were not to be found.

That's all I can think of now.