Jump to content

Nade

Members
 View Profile  See their activity

  • Posts

    11

  • Joined

  • Last visited

Reputation

0 Neutral
  1. Nade
    Daniel, thank you for your time and patience, I have only one more question, regarding Spyware Blaster, If I install it, woul it work well with Avira and MAlwarebutes as well? After your answer you may close this thread. I thank you again for your help Best regards Nade
  2. Nade
    I appologise for the rule, I did not know.
  3. Nade
    . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 21.12.2012 12:34:02 System Uptime: 18.04.2013 16:47:52 (0 hours ago) . Motherboard: ASUSTeK COMPUTER INC. | | X55VD Processor: Intel® Core i3-2328M CPU @ 2.20GHz | SOCKET 0 | 2200/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 231 GiB total, 191,914 GiB free. D: is FIXED (NTFS) - 235 GiB total, 233,337 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP17: 04.03.2013 19:13:58 - Sony Ericsson PC Companion RP18: 04.03.2013 19:18:56 - Sony PC Companion RP19: 09.03.2013 19:20:01 - Sony PC Companion RP20: 09.03.2013 19:34:50 - Installed Microsoft Visual C++ 2005 Redistributable RP21: 09.03.2013 19:40:21 - Removed Media Go RP22: 09.03.2013 19:41:29 - Removed Media Go Video Playback Engine 1.96.119.08260 RP23: 09.03.2013 19:43:25 - Removed Microsoft Visual C++ 2005 Redistributable RP24: 09.03.2013 19:43:55 - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 RP25: 09.03.2013 19:47:08 - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 RP26: 09.03.2013 19:48:00 - Removed PlayStation®Store. RP27: 22.03.2013 01:54:09 - Scheduled Checkpoint RP28: 03.04.2013 12:49:02 - Scheduled Checkpoint RP29: 10.04.2013 16:30:41 - Scheduled Checkpoint RP30: 12.04.2013 19:10:09 - Installed Java 7 Update 17 RP31: 18.04.2013 16:44:10 - Removed Nero 8. Available with Windows Installer version 1.2 and later. . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.02) Adobe Shockwave Player 11.6 ASUS Smart Gesture Aurora 19.0a2 (x86 en-US) Avira Free Antivirus ESET Online Scanner v3 Intel® Management Engine Components Intel® OpenCL CPU Runtime Intel® Processor Graphics Intel® Trusted Connect Service Client Java 7 Update 17 Java Auto Updater K-Lite Codec Pack 9.5.5 (Full) Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Maintenance Service neroxml NVIDIA Control Panel 296.97 NVIDIA Graphics Driver 296.97 NVIDIA HD Audio Driver 1.3.13.1 NVIDIA Install Application NVIDIA Optimus 1.7.13 NVIDIA Update 1.7.13 NVIDIA Update Components Platform Skype™ 6.0 Sony Ericsson Update Engine Sony PC Companion 2.10.136 swMSM VCRedistSetup VIA Platform Device Manager VLC media player 2.0.4 Windows Driver Package - ASUS (ATP) Mouse (08/27/2012 1.0.0.125) WinRAR archiver . ==== End Of File ===========================
  4. Nade
    I`ve deleted and unistalled Nero, here are the lists now DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.17.2 Run by Nade at 16:50:13 on 2013-04-18 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.389.1033.18.3980.2717 [GMT 2:00] . AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\viakaraokesrv.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\rundll32.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe C:\Windows\System32\hkcmd.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe C:\Program Files (x86)\Aurora\firefox.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: ASUS Browser Extension x86: {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" uRun: [sony PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 78.157.16.30 78.157.16.51 78.157.16.8 TCP: Interfaces\{7BF084F8-9937-4922-A459-CEAF6E0C4FE6} : DHCPNameServer = 78.157.16.30 78.157.16.51 78.157.16.8 TCP: Interfaces\{7BF084F8-9937-4922-A459-CEAF6E0C4FE6}\830323E21313E4 : DHCPNameServer = 217.16.69.1 217.16.69.3 TCP: Interfaces\{7DE91B37-CB3C-4AB2-9581-A8130FB622A7} : DHCPNameServer = 92.55.71.27 89.205.127.21 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: ASUS Browser Extension x64: {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [ASUSQuickGesture(x86)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe x64-Run: [ASUSTPLoader(x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe x64-Run: [ASUSQuickGesture(x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Nade\AppData\Roaming\Mozilla\Firefox\Profiles\9lmvvgj1.default\ FF - prefs.js: browser.startup.homepage - google.com FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-12-21 29032] R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-3-28 28600] R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-21 86752] R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-12-21 110816] R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-3-28 100712] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-12-21 166720] R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2012-12-21 27760] R3 ATP;ASUS PS/2 Port Input Device;C:\Windows\System32\drivers\AsusTP.sys [2012-9-11 56704] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-12-21 331264] R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-12-21 356632] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-12-21 789272] R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-12-21 104560] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-12-21 1838656] R3 rtbth;RTBTH Bluetooth Device Driver;C:\Windows\System32\drivers\rtbth.sys [2012-12-21 675424] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2012-12-21 2193008] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-12-21 365376] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2013-3-4 14448] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-14 19456] S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-3-4 155824] S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960] S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2012-11-14 29696] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-14 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-14 30208] S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-14 1255736] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944] . =============== Created Last 30 ================ . 2013-04-18 11:55:55 -------- d-----w- C:\Program Files (x86)\ESET 2013-04-17 02:23:57 -------- d-----w- C:\TMP 2013-04-12 17:11:01 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-03-28 05:02:25 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys 2013-03-28 05:02:25 100712 ----a-w- C:\Windows\System32\drivers\avgntflt.sys 2013-03-21 17:04:33 252712 ----a-w- C:\Windows\ETDUninst.dll . ==================== Find3M ==================== . 2013-04-12 17:10:56 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-04-12 17:10:56 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-04-04 12:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-04 18:19:28 27760 ----a-w- C:\Windows\System32\drivers\ggsemc.sys 2013-03-04 18:19:28 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll 2013-03-04 18:19:28 14448 ----a-w- C:\Windows\System32\drivers\ggflt.sys . ============= FINISH: 16:50:49,26 ===============
  5. Nade
    Oh yes, should I uninstall the program?
  6. Nade
    Hey Daniel...I just finished the scan, it came out with 4 threads, here is a copy C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll a variant of Win32/Bundled.Toolbar.Ask application C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe a variant of Win32/Bundled.Toolbar.Ask application C:\Users\Nade\AppData\Local\Temp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask application D:\Instal programs\avira_free_antivirus_en.exe a variant of Win32/Bundled.Toolbar.Ask application D:\Instal programs\Nero 8.1.1.0 Ultra Edition + Keygen [h33t] [CaZoR]\nero8x.exe a variant of Win32/Keygen.DS application
  7. Nade
    For now no, I saw that I still have that file in Quarantine in Malware, should I delete it? And If you dont mind, a bit of help how to prevent these bugs and worm from coming? As I said for now I have Avira the free version and Malwarebutes as well.
  8. Nade
    DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.17.2 Run by Nade at 13:02:23 on 2013-04-18 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.389.1033.18.3980.2480 [GMT 2:00] . AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\viakaraokesrv.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files (x86)\Aurora\firefox.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\NOTEPAD.EXE C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: ASUS Browser Extension x86: {78234974-0C4B-4111-BDEB-D9A104418771} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" uRun: [sony PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background mRun: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 78.157.16.8 78.157.16.51 78.157.16.30 TCP: Interfaces\{7BF084F8-9937-4922-A459-CEAF6E0C4FE6} : DHCPNameServer = 78.157.16.8 78.157.16.51 78.157.16.30 TCP: Interfaces\{7BF084F8-9937-4922-A459-CEAF6E0C4FE6}\830323E21313E4 : DHCPNameServer = 217.16.69.1 217.16.69.3 TCP: Interfaces\{7DE91B37-CB3C-4AB2-9581-A8130FB622A7} : DHCPNameServer = 92.55.71.27 89.205.127.21 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll SSODL: WebCheck - <orphaned> SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL x64-BHO: ASUS Browser Extension x64: {78234974-0C4B-4111-BDEB-D9A104418772} - C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [ASUSQuickGesture(x86)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe x64-Run: [ASUSTPLoader(x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe x64-Run: [ASUSQuickGesture(x64)] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Nade\AppData\Roaming\Mozilla\Firefox\Profiles\9lmvvgj1.default\ FF - prefs.js: browser.startup.homepage - google.com FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-12-21 29032] R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2013-3-28 28600] R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2012-12-21 86752] R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2012-12-21 110816] R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2013-3-28 100712] R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104] R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-12-21 166720] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-12-21 365376] R2 VIAKaraokeService;VIA Karaoke digital mixer Service;C:\Windows\System32\ViakaraokeSrv.exe [2012-12-21 27760] R3 ATP;ASUS PS/2 Port Input Device;C:\Windows\System32\drivers\AsusTP.sys [2012-9-11 56704] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-12-21 331264] R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-12-21 356632] R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-12-21 789272] R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2012-12-21 104560] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-12-21 1838656] R3 rtbth;RTBTH Bluetooth Device Driver;C:\Windows\System32\drivers\rtbth.sys [2012-12-21 675424] R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2012-12-21 2193008] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168] S3 ggflt;SEMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2013-3-4 14448] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-14 19456] S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-3-4 155824] S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960] S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2012-11-14 29696] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-11-14 57856] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-14 30208] S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-11-14 1255736] S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944] . =============== Created Last 30 ================ . 2013-04-17 02:23:57 -------- d-----w- C:\TMP 2013-04-12 17:11:01 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-03-28 05:02:25 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys 2013-03-28 05:02:25 100712 ----a-w- C:\Windows\System32\drivers\avgntflt.sys 2013-03-21 17:04:33 252712 ----a-w- C:\Windows\ETDUninst.dll . ==================== Find3M ==================== . 2013-04-12 17:10:56 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-04-12 17:10:56 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-04-04 12:50:32 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-03-04 18:19:28 27760 ----a-w- C:\Windows\System32\drivers\ggsemc.sys 2013-03-04 18:19:28 1721576 ----a-w- C:\Windows\System32\WdfCoInstaller01009.dll 2013-03-04 18:19:28 14448 ----a-w- C:\Windows\System32\drivers\ggflt.sys . ============= FINISH: 13:02:48,50 ===============
  9. Nade
    Daniel, I`ve read everything, and I am sending you the logs. p.s. thank you for the help! . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 21.12.2012 12:34:02 System Uptime: 18.04.2013 12:55:18 (1 hours ago) . Motherboard: ASUSTeK COMPUTER INC. | | X55VD Processor: Intel® Core i3-2328M CPU @ 2.20GHz | SOCKET 0 | 2200/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 231 GiB total, 191,981 GiB free. D: is FIXED (NTFS) - 235 GiB total, 233,163 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP17: 04.03.2013 19:13:58 - Sony Ericsson PC Companion RP18: 04.03.2013 19:18:56 - Sony PC Companion RP19: 09.03.2013 19:20:01 - Sony PC Companion RP20: 09.03.2013 19:34:50 - Installed Microsoft Visual C++ 2005 Redistributable RP21: 09.03.2013 19:40:21 - Removed Media Go RP22: 09.03.2013 19:41:29 - Removed Media Go Video Playback Engine 1.96.119.08260 RP23: 09.03.2013 19:43:25 - Removed Microsoft Visual C++ 2005 Redistributable RP24: 09.03.2013 19:43:55 - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 RP25: 09.03.2013 19:47:08 - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 RP26: 09.03.2013 19:48:00 - Removed PlayStation®Store. RP27: 22.03.2013 01:54:09 - Scheduled Checkpoint RP28: 03.04.2013 12:49:02 - Scheduled Checkpoint RP29: 10.04.2013 16:30:41 - Scheduled Checkpoint RP30: 12.04.2013 19:10:09 - Installed Java 7 Update 17 . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.02) Adobe Shockwave Player 11.6 ASUS Smart Gesture Aurora 19.0a2 (x86 en-US) Avira Free Antivirus Intel® Management Engine Components Intel® OpenCL CPU Runtime Intel® Processor Graphics Intel® Trusted Connect Service Client Java 7 Update 17 Java Auto Updater K-Lite Codec Pack 9.5.5 (Full) Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office Groove MUI (English) 2010 Microsoft Office InfoPath MUI (English) 2010 Microsoft Office Office 64-bit Components 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared 64-bit MUI (English) 2010 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Word MUI (English) 2010 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Maintenance Service Nero 8 neroxml NVIDIA Control Panel 296.97 NVIDIA Graphics Driver 296.97 NVIDIA HD Audio Driver 1.3.13.1 NVIDIA Install Application NVIDIA Optimus 1.7.13 NVIDIA Update 1.7.13 NVIDIA Update Components Platform Skype™ 6.0 Sony Ericsson Update Engine Sony PC Companion 2.10.136 swMSM VCRedistSetup VIA Platform Device Manager VLC media player 2.0.4 Windows Driver Package - ASUS (ATP) Mouse (08/27/2012 1.0.0.125) WinRAR archiver . ==== End Of File ===========================
  10. Nade
    Hi, here is today`s log of Malwarebytes Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.04.18.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Nade :: NADE-PC [administrator] 18.04.2013 08:08:27 mbam-log-2013-04-18 (08-08-27).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 318466 Time elapsed: 33 minute(s), 14 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 1 HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Nade\LOCALS~1\Temp\ccwaaa.exe -> Delete on reboot. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Users\Nade\AppData\Local\Temp\00026bad.exe (Trojan.Agent.RVGen5) -> Quarantined and deleted successfully. (end)
  11. Nade
    Hi people I just scanned my conputer with both Avira and Malware Antibutes and I found this pum.userwload trojan.agent Now, I might have done a mistake since I chose Malware to delete it but it wanted to restart to I chose No, I still havent restarted my conputer. here is the scan result from Avira. Any help would be great, and I thank you in advance! Avira Free Antivirus Report file date: четврток, 18 април 2013 08:18 The program is running as an unrestricted full version. Online services are available. Licensee : Avira Free Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows 7 Ultimate Windows version : (Service Pack 1) [6.1.7601] Boot mode : Normally booted Username : Nade Computer name : NADE-PC Version information: BUILD.DAT : 13.0.0.3499 Bytes 19.03.2013 16:37:00 AVSCAN.EXE : 13.6.0.986 639712 Bytes 28.03.2013 05:01:57 AVSCANRC.DLL : 13.4.0.360 54560 Bytes 29.11.2012 08:30:16 LUKE.DLL : 13.6.0.902 67808 Bytes 28.03.2013 05:02:06 AVSCPLR.DLL : 13.6.0.986 94944 Bytes 19.03.2013 18:24:42 AVREG.DLL : 13.6.0.940 250592 Bytes 19.03.2013 18:24:42 avlode.dll : 13.6.2.940 434912 Bytes 28.03.2013 05:01:56 avlode.rdf : 13.0.0.46 15591 Bytes 28.03.2013 14:15:47 VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 11:33:49 VBASE001.VDF : 7.11.70.1 2048 Bytes 04.04.2013 11:33:49 VBASE002.VDF : 7.11.70.2 2048 Bytes 04.04.2013 11:33:49 VBASE003.VDF : 7.11.70.3 2048 Bytes 04.04.2013 11:33:50 VBASE004.VDF : 7.11.70.4 2048 Bytes 04.04.2013 11:33:50 VBASE005.VDF : 7.11.70.5 2048 Bytes 04.04.2013 11:33:50 VBASE006.VDF : 7.11.70.6 2048 Bytes 04.04.2013 11:33:50 VBASE007.VDF : 7.11.70.7 2048 Bytes 04.04.2013 11:33:50 VBASE008.VDF : 7.11.70.8 2048 Bytes 04.04.2013 11:33:50 VBASE009.VDF : 7.11.70.9 2048 Bytes 04.04.2013 11:33:51 VBASE010.VDF : 7.11.70.10 2048 Bytes 04.04.2013 11:33:51 VBASE011.VDF : 7.11.70.11 2048 Bytes 04.04.2013 11:33:51 VBASE012.VDF : 7.11.70.12 2048 Bytes 04.04.2013 11:33:51 VBASE013.VDF : 7.11.70.13 2048 Bytes 04.04.2013 11:33:51 VBASE014.VDF : 7.11.70.103 136192 Bytes 05.04.2013 12:31:09 VBASE015.VDF : 7.11.70.183 183808 Bytes 06.04.2013 17:31:42 VBASE016.VDF : 7.11.71.9 145920 Bytes 08.04.2013 11:04:27 VBASE017.VDF : 7.11.71.115 169472 Bytes 10.04.2013 05:29:39 VBASE018.VDF : 7.11.71.197 172544 Bytes 11.04.2013 13:40:36 VBASE019.VDF : 7.11.72.17 135168 Bytes 12.04.2013 12:00:29 VBASE020.VDF : 7.11.72.103 158208 Bytes 15.04.2013 05:15:11 VBASE021.VDF : 7.11.72.137 152064 Bytes 15.04.2013 12:11:35 VBASE022.VDF : 7.11.72.223 159232 Bytes 16.04.2013 12:40:34 VBASE023.VDF : 7.11.72.224 2048 Bytes 16.04.2013 12:40:34 VBASE024.VDF : 7.11.72.225 2048 Bytes 16.04.2013 12:40:34 VBASE025.VDF : 7.11.72.226 2048 Bytes 16.04.2013 12:40:34 VBASE026.VDF : 7.11.72.227 2048 Bytes 16.04.2013 12:40:35 VBASE027.VDF : 7.11.72.228 2048 Bytes 16.04.2013 12:40:35 VBASE028.VDF : 7.11.72.229 2048 Bytes 16.04.2013 12:40:35 VBASE029.VDF : 7.11.72.230 2048 Bytes 16.04.2013 12:40:35 VBASE030.VDF : 7.11.72.231 2048 Bytes 16.04.2013 12:40:35 VBASE031.VDF : 7.11.73.34 110592 Bytes 17.04.2013 14:09:03 Engine version : 8.2.12.28 AEVDF.DLL : 8.1.2.10 102772 Bytes 19.09.2012 13:42:55 AESCRIPT.DLL : 8.1.4.106 483709 Bytes 11.04.2013 13:40:57 AESCN.DLL : 8.1.10.4 131446 Bytes 26.03.2013 20:32:47 AESBX.DLL : 8.2.5.12 606578 Bytes 28.08.2012 15:58:06 AERDL.DLL : 8.2.0.88 643444 Bytes 10.01.2013 18:21:42 AEPACK.DLL : 8.3.2.6 827767 Bytes 28.03.2013 14:15:46 AEOFFICE.DLL : 8.1.2.56 205180 Bytes 08.03.2013 12:42:00 AEHEUR.DLL : 8.1.4.286 5845369 Bytes 11.04.2013 13:40:56 AEHELP.DLL : 8.1.25.2 258423 Bytes 12.10.2012 14:52:32 AEGEN.DLL : 8.1.7.2 442741 Bytes 26.03.2013 20:32:44 AEEXP.DLL : 8.4.0.20 192886 Bytes 15.04.2013 12:11:36 AEEMU.DLL : 8.1.3.2 393587 Bytes 19.09.2012 13:42:55 AECORE.DLL : 8.1.31.2 201080 Bytes 19.02.2013 13:32:56 AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 14:00:38 AVWINLL.DLL : 13.6.0.480 26480 Bytes 12.02.2013 13:10:26 AVPREF.DLL : 13.6.0.480 51056 Bytes 12.02.2013 13:10:29 AVREP.DLL : 13.6.0.480 178544 Bytes 05.02.2013 15:01:33 AVARKT.DLL : 13.6.0.902 260832 Bytes 28.03.2013 05:01:54 AVEVTLOG.DLL : 13.6.0.902 167648 Bytes 28.03.2013 05:01:55 SQLITE3.DLL : 3.7.0.1 397088 Bytes 19.09.2012 17:17:40 AVSMTP.DLL : 13.6.0.480 62832 Bytes 12.02.2013 13:10:30 NETNT.DLL : 13.6.0.480 16240 Bytes 12.02.2013 13:10:40 RCIMAGE.DLL : 13.4.0.360 4782880 Bytes 28.11.2012 14:09:40 RCTEXT.DLL : 13.6.0.976 67296 Bytes 28.03.2013 05:01:52 Configuration settings for the scan: Jobname.............................: ShlExt Configuration file..................: C:\Users\Nade\AppData\Local\Temp\bd693856.avp Reporting...........................: default Primary action......................: Interactive Secondary action....................: Ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, Process scan........................: off Scan registry.......................: off Search for rootkits.................: off Integrity checking of system files..: off Scan all files......................: Intelligent file selection Scan archives.......................: on Limit recursion depth...............: 20 Smart extensions....................: on Macrovirus heuristic................: on File heuristic......................: extended Start of the scan: четврток, 18 април 2013 08:18 Starting the file scan: Begin scan in 'C:\' C:\Users\Nade\AppData\Local\Temp\ccwaaa.exe [DETECTION] Is the TR/Gamarue.AP Trojan Beginning disinfection: C:\Users\Nade\AppData\Local\Temp\ccwaaa.exe [DETECTION] Is the TR/Gamarue.AP Trojan [NOTE] The file was moved to the quarantine directory under the name '567e3b13.qua'! End of the scan: четврток, 18 април 2013 09:05 Used time: 46:34 Minute(s) The scan has been done completely. 19072 Scanned directories 1087751 Files were scanned 1 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 Files were deleted 0 Viruses and unwanted programs were repaired 1 Files were moved to quarantine 0 Files were renamed 0 Files cannot be scanned 1087750 Files not concerned 5693 Archives were scanned 0 Warnings 1 Notes
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.