Jump to content

Am I still infected?

Jabbed

By Jabbed
in Resolved Malware Removal Logs

 Share

Recommended Posts

Jabbed

Jabbed

Posted
Posted

Hello, My computer has recently been running fine. However during a routine anti-virus scan with AVG four Trojans were detected. The virus was called Trojan horse Generic32.MJQ. The virus was successfully removed and deleted from my system and upon further research It appears it was a false positive?. After this I proceeded to run Malwarebytes. This didn't pick up any trace of the previous trojans but identified four new ones. I have removed them and ran a second scan of which they dont appear.

Would it be possible if someone can look over the scan results below and advise me if theres anything I need to do?.

Thanks in advance!.

Malwarebytes scan result that found the four trojans:

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2013.03.21.14

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Jamie :: HOME-PC [administrator]

21/03/2013 22:22:53

MBAM-log-2013-03-22 (00-33-35).txt

Scan type: Full scan (C:\|D:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 510303

Time elapsed: 1 hour(s), 11 minute(s), 29 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 2

HKCR\TypeLib\{91814EB1-B5F0-11D2-80B9-00104B1F6CEA} (Trojan.Vilsel) -> No action taken.

HKCR\Interface\{0BA4BA22-2EF0-11D3-88C8-00C04F72F303} (Trojan.Vilsel) -> No action taken.

Registry Values Detected: 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\INSTALLSHIELD\ENGINE\6\INTEL 32\IKERNEL.EXE (Trojan.Vilsel) -> Data: 12 -> No action taken.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe (Trojan.Vilsel) -> No action taken.

(end)

DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.17.2

Run by Jamie at 13:24:31 on 2013-03-22

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8174.5522 [GMT 0:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe

C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe

C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\ProgramData\DatacardService\HWDeviceService64.exe

C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\O2\Connection Manager\ImpWiFiSvc.exe

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\System32\WUDFHost.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\ProgramData\DatacardService\DCSHelper.exe

C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe

C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe

C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe

C:\Program Files\Logitech Gaming Software\LCore.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe

C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

C:\Program Files\Logitech\SetPointG\SetPointII.exe

C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Program Files\Corsair USB Headset\customapp\program\CAHS.EXE

C:\Users\Jamie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Program Files\Corsair USB Headset\customapp\program\CAHS.EXE

C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

C:\Users\Jamie\AppData\Roaming\Spotify\spotify.exe

C:\Users\Jamie\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe

C:\Users\Jamie\AppData\Local\Apps\2.0\Y5QHYPVK.ELX\MN78RE1X.5XG\curs..tion_9e9e83ddf3ed3ead_0005.0001_f98d05d4713e76ec\CurseClient.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe

C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe

C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe

C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe

C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe

C:\Program Files (x86)\Browny02\BrYNSvc.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDPop3.exe

C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x86\LCDMedia.exe

C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDRSS.exe

C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDClock.exe

C:\Program Files\Logitech Gaming Software\plugins\LCDAppletsMono-8.12.072\Applets\x64\LCDCountdown.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe

C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe

C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe

C:\ProgramData\FLEXnet\Connect\11\agent.exe

C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

mWinlogon: Userinit = userinit.exe,

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: PlusIEEventHelper Class: {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\JAVA\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\JAVA\jre7\bin\jp2ssv.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>

TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

uRun: [spotify Web Helper] "C:\Users\Jamie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

uRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler

uRun: [spotify] "C:\Users\Jamie\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe

mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.94.193\AsusWSPanel.exe /S

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [Diamondback] C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe

mRun: [Conime] C:\Windows\System32\conime.exe

mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [indexSearch] "C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe"

mRun: [PaperPort PTD] "C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe"

mRun: [PPort12reminder] "C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"

mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe

mRun: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe

mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun

mRun: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"

StartupFolder: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip

StartupFolder: C:\Users\Jamie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Jamie\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\Jamie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

TCP: NameServer = 192.168.0.1

TCP: Interfaces\{1CADE3ED-3F68-471F-81C0-DF169065CF05} : DHCPNameServer = 192.168.42.129

TCP: Interfaces\{30618C5E-F24A-4595-B614-B1266B7A2446} : DHCPNameServer = 192.168.0.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs= C:\PROGRA~1\LUCIDL~1\VIRTU\x86\APPINI~1.DLL

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll

x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

x64-Run: [VIRTU] C:\Program Files\Lucidlogix Technologies\VIRTU\VirtuControlPanel.Exe /hide

x64-Run: [Launch LCore] "C:\Program Files\Logitech Gaming Software\LCore.exe" /minimized

x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming

x64-Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

x64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe

x64-Run: [CAHS1Sound] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CAHS1.dll,CMICtrlWnd

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll

x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\hn0cxx9t.default\

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\npsitesafety.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\JAVA\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AiChargerPlus;ASUS Charger Plus Driver;C:\Windows\System32\drivers\AiChargerPlus.sys [2011-10-25 14464]

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-11-8 307040]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-8-24 384352]

R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-8-30 39768]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 140672]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-9-28 239616]

R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.14\atkexComSvc.exe [2011-6-13 922240]

R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2010-12-2 915584]

R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2011-10-25 586880]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-11-2 5174392]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-2-14 193288]

R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]

R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2011-12-19 394672]

R2 PDFProFiltSrvPP;PDFProFiltSrvPP;C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [2010-3-9 144672]

R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2011-10-25 32544]

R2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;C:\Program Files (x86)\O2\Connection Manager\ImpWiFiSvc.exe [2011-6-14 201080]

R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [2013-2-18 968880]

R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-6-2 128488]

R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-6-2 401896]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-5-14 96896]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2012-12-10 127328]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]

R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-11-14 245760]

R3 CorsairCAHS1;CA-HS1 Interface;C:\Windows\System32\drivers\CAHS164.sys [2012-1-27 1308160]

R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2013-1-18 87040]

R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\System32\drivers\ICCWDT.sys [2011-6-29 26136]

R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2011-10-26 22408]

R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2011-10-26 16008]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]

R3 VirtuWDDM;VirtuWDDM;C:\Windows\System32\drivers\VirtuWDDM.sys [2011-10-25 66336]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-8 161536]

S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\System32\drivers\ewusbwwan.sys [2013-1-18 421888]

S3 FLASHSYS;FLASHSYS;C:\Program Files (x86)\MSI\Live Update 4\LU4\Flashsys64.sys [2011-10-25 15192]

S3 HTCAND64;HTC Device Driver;C:\Windows\System32\drivers\ANDROIDUSB.sys [2009-11-1 33736]

S3 NTIOLib_1_0_4;NTIOLib_1_0_4;C:\Program Files (x86)\MSI\Live Update 4\LU4\NTIOLib_X64.sys [2011-10-25 14136]

S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]

S3 Razerlow;Razer Pro|Solutions;C:\Windows\System32\drivers\DB3G.sys [2011-10-26 21120]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-11 19456]

S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2011-10-25 48416]

S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2011-10-25 29472]

S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2011-10-25 48416]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-11 57856]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-11 30208]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]

S3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2011-10-25 29472]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-10-26 1255736]

.

=============== Created Last 30 ================

.

2013-03-22 12:03:27 -------- d-----w- C:\Users\Jamie\AppData\Local\{E0EE5D6E-015E-48EF-9B88-278D1F1821A5}

2013-03-21 15:53:31 -------- d-----w- C:\Users\Jamie\AppData\Local\{8FD630D1-24CD-42F2-B224-5E00FAF32757}

2013-03-20 20:39:46 19968 ----a-w- C:\Windows\System32\drivers\usb8023x.sys

2013-03-20 20:39:46 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys

2013-03-20 20:36:27 -------- d-----w- C:\Users\Jamie\AppData\Local\{D6973DCE-1AD1-4B3F-9C89-140759E12B79}

2013-03-19 16:22:39 -------- d-----w- C:\Users\Jamie\AppData\Local\{B4E4E893-67B5-41E6-B739-F59CDDCE181D}

2013-03-18 15:44:58 -------- d-----w- C:\Users\Jamie\AppData\Local\{68EB34EB-BD69-4807-BAA7-DDEF153C57DE}

2013-03-17 20:15:04 -------- d-----w- C:\Users\Jamie\AppData\Local\{8415E881-3F1F-4B9F-A6A3-C642E49961E6}

2013-03-16 20:39:39 -------- d-----w- C:\Users\Jamie\AppData\Local\{FFF76331-797C-49D4-A1AD-68245AAE1EB4}

2013-03-15 21:44:55 -------- d-----w- C:\Users\Jamie\AppData\Local\{42A3914E-917D-42C2-B93D-5E2FF96A514F}

2013-03-14 20:26:29 -------- d-----w- C:\Users\Jamie\AppData\Local\{80290DB1-C2DC-4420-9F99-40FF9235B2B2}

2013-03-13 20:27:49 -------- d-----w- C:\Users\Jamie\AppData\Local\{A196DD90-E91D-4F9F-8E60-69B69FE01A6C}

2013-03-12 15:21:02 -------- d-----w- C:\Users\Jamie\AppData\Local\{EC2EA7EF-B8B4-497C-BB91-BA16BBB4AD3D}

2013-03-11 14:59:34 -------- d-----w- C:\Users\Jamie\AppData\Local\{095172F3-1783-40A5-8A29-844B619A8170}

2013-03-10 14:53:29 -------- d-----w- C:\Users\Jamie\AppData\Local\{19CFFB62-9FB4-4DF2-8F50-9DA787E4B185}

2013-03-09 17:37:17 -------- d-----w- C:\Users\Jamie\AppData\Local\{C5FDF721-4556-454B-972D-A758351EDF60}

2013-03-08 21:05:46 -------- d-----w- C:\Users\Jamie\AppData\Local\{3CA56BEE-451D-4BF1-85C4-4E200CCEC0ED}

2013-03-07 15:06:12 -------- d-----w- C:\Users\Jamie\AppData\Local\{3D30E050-44AD-4CC3-B827-15BD0DD6F000}

2013-03-05 21:24:54 203976 ----a-w- C:\Windows\SysWow64\RICHTX32.OCX

2013-03-05 21:24:54 117507 ----a-w- C:\Windows\SysWow64\msinet.ocx

2013-03-05 21:24:54 109248 ----a-w- C:\Windows\SysWow64\MSWINSCK.OCX

2013-03-05 21:24:54 -------- d-----w- C:\ProgramData\SwiftKit

2013-03-05 21:24:52 -------- d-----w- C:\Program Files (x86)\SwiftKit

2013-03-05 20:02:59 -------- d-----w- C:\Users\Jamie\jagexcache1

2013-03-05 19:58:11 -------- d-----w- C:\Users\Jamie\jagexcache

2013-03-05 19:57:45 861088 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-03-05 19:57:31 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-03-05 16:21:22 -------- d-----w- C:\Users\Jamie\AppData\Local\{F7A7AB7D-C889-45DF-8D41-060784B1DF90}

2013-03-04 14:46:44 -------- d-----w- C:\Users\Jamie\AppData\Local\{6C4B5104-EC6E-483F-819F-F53AC0B797D2}

2013-03-03 19:46:27 -------- d-----w- C:\Users\Jamie\AppData\Local\{349AC00D-C790-421A-B12C-49EB157E1A0C}

2013-03-02 15:53:54 -------- d-----w- C:\Users\Jamie\AppData\Local\{7FDBF3FE-C336-43FB-AD7C-5FDA1F462427}

2013-03-01 21:34:35 -------- d-----w- C:\Users\Jamie\AppData\Local\{F258E5B3-D6B7-4EE6-B844-1E7C4D2B7EE5}

2013-02-28 18:26:45 -------- d-----w- C:\Users\Jamie\AppData\Local\{8D0D4AEF-D471-4180-BA9F-6D4AD45B1C31}

2013-02-28 02:15:58 -------- d-----w- C:\Users\Jamie\AppData\Local\{20A0F8E3-A344-4C80-A6B9-523B26A97809}

2013-02-27 22:10:05 -------- d-----w- C:\Users\Jamie\AppData\Local\{978D34F5-FD8E-4949-B3AB-50D47D4D9C9D}

2013-02-26 17:26:22 -------- d-----w- C:\Users\Jamie\AppData\Local\{2D837AF5-3BB1-40B0-BD73-250492C0C5D0}

2013-02-25 17:30:41 -------- d-----w- C:\Users\Jamie\AppData\Local\{B23A8598-C784-4630-A41C-273C5528F646}

2013-02-24 16:56:01 -------- d-----w- C:\Users\Jamie\AppData\Local\{0266DA7C-AFD3-49AB-AA7F-7815B1B44F91}

2013-02-22 23:49:51 -------- d-----w- C:\Users\Jamie\AppData\Local\{6B875FA1-896B-4E8F-9219-BF8878827B1C}

2013-02-20 16:33:38 -------- d-----w- C:\Users\Jamie\AppData\Local\{4564191D-F91C-438A-99DA-4A5E71F6F9C4}

.

==================== Find3M ====================

.

2013-03-13 21:46:57 73432 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-03-13 21:46:57 693976 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-03-05 19:57:25 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-03-04 20:46:58 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2013-03-04 20:46:58 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2013-03-04 17:07:30 291088 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2013-02-18 16:29:14 39768 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2013-02-12 05:45:24 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll

2013-02-12 05:45:22 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll

2013-02-12 05:45:22 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll

2013-02-12 05:45:22 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll

2013-02-12 04:48:31 474112 ----a-w- C:\Windows\apppatch\AcSpecfc.dll

2013-02-12 04:48:26 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll

2013-02-02 06:57:02 2312704 ----a-w- C:\Windows\System32\jscript9.dll

2013-02-02 06:47:24 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-02-02 06:47:19 1392128 ----a-w- C:\Windows\System32\wininet.dll

2013-02-02 06:42:18 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-02-02 06:41:51 599040 ----a-w- C:\Windows\System32\vbscript.dll

2013-02-02 06:38:01 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-02-02 03:38:35 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-02-02 03:30:32 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2013-02-02 03:30:21 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-02-02 03:26:47 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2013-02-02 03:26:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-02-02 03:23:28 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-01-13 21:17:03 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-01-13 21:17:02 2560 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-01-13 21:16:42 10752 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-01-13 21:12:46 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-01-13 21:11:21 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll

2013-01-13 21:11:08 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-01-13 21:11:07 5632 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll

2013-01-13 21:11:07 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-01-13 20:35:31 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-01-13 20:35:31 2560 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

2013-01-13 20:35:18 10752 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

2013-01-13 20:32:07 3584 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

2013-01-13 20:31:48 4096 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

2013-01-13 20:31:41 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

2013-01-13 20:31:40 5632 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll

2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

2013-01-13 20:31:40 3072 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll

2013-01-13 20:31:00 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll

2013-01-13 20:22:22 1988096 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2013-01-13 20:20:31 293376 ----a-w- C:\Windows\SysWow64\dxgi.dll

2013-01-13 20:09:00 249856 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll

2013-01-13 20:08:43 220160 ----a-w- C:\Windows\SysWow64\d3d10core.dll

2013-01-13 20:08:35 1504768 ----a-w- C:\Windows\SysWow64\d3d11.dll

2013-01-13 19:59:04 1643520 ----a-w- C:\Windows\System32\DWrite.dll

2013-01-13 19:58:28 1175552 ----a-w- C:\Windows\System32\FntCache.dll

2013-01-13 19:54:01 604160 ----a-w- C:\Windows\SysWow64\d3d10level9.dll

2013-01-13 19:53:58 207872 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll

2013-01-13 19:53:14 187392 ----a-w- C:\Windows\SysWow64\UIAnimation.dll

2013-01-13 19:51:30 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll

2013-01-13 19:49:17 363008 ----a-w- C:\Windows\System32\dxgi.dll

2013-01-13 19:48:47 161792 ----a-w- C:\Windows\SysWow64\d3d10_1.dll

2013-01-13 19:46:25 1080832 ----a-w- C:\Windows\SysWow64\d3d10.dll

2013-01-13 19:43:21 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll

2013-01-13 19:38:39 333312 ----a-w- C:\Windows\System32\d3d10_1core.dll

2013-01-13 19:38:32 1887232 ----a-w- C:\Windows\System32\d3d11.dll

2013-01-13 19:38:21 296960 ----a-w- C:\Windows\System32\d3d10core.dll

2013-01-13 19:37:57 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll

2013-01-13 19:25:04 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll

2013-01-13 19:24:33 648192 ----a-w- C:\Windows\System32\d3d10level9.dll

2013-01-13 19:24:30 221184 ----a-w- C:\Windows\System32\UIAnimation.dll

2013-01-13 19:20:42 194560 ----a-w- C:\Windows\System32\d3d10_1.dll

2013-01-13 19:20:04 1238528 ----a-w- C:\Windows\System32\d3d10.dll

2013-01-13 19:15:40 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll

2013-01-13 19:10:36 3928064 ----a-w- C:\Windows\System32\d2d1.dll

2013-01-13 19:02:06 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll

2013-01-13 18:34:58 364544 ----a-w- C:\Windows\SysWow64\XpsGdiConverter.dll

2013-01-13 18:32:43 465920 ----a-w- C:\Windows\System32\WMPhoto.dll

2013-01-13 18:09:52 522752 ----a-w- C:\Windows\System32\XpsGdiConverter.dll

2013-01-13 17:26:42 1158144 ----a-w- C:\Windows\SysWow64\XpsPrint.dll

2013-01-13 17:05:09 1682432 ----a-w- C:\Windows\System32\XpsPrint.dll

2013-01-05 05:53:43 5553512 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-01-05 05:00:15 3967848 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-01-05 05:00:11 3913064 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-01-04 06:11:21 2284544 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll

2013-01-04 06:11:13 2776576 ----a-w- C:\Windows\System32\msmpeg2vdec.dll

2013-01-04 05:46:09 215040 ----a-w- C:\Windows\System32\winsrv.dll

2013-01-04 04:51:16 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2013-01-04 04:43:21 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2013-01-04 03:26:48 3153408 ----a-w- C:\Windows\System32\win32k.sys

2013-01-04 02:47:35 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2013-01-04 02:47:34 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2013-01-04 02:47:34 2048 ----a-w- C:\Windows\SysWow64\user.exe

2013-01-04 02:47:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2013-01-03 06:00:54 1913192 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-01-03 06:00:42 288088 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS

.

============= FINISH: 13:24:53.53 ===============

Attach.txt:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 26/10/2011 06:34:38

System Uptime: 22/03/2013 12:01:16 (1 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P8Z68-V LX

Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz | LGA1155 | 1584/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 931 GiB total, 682.409 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP152: 13/03/2013 01:07:24 - Scheduled Checkpoint

RP153: 15/03/2013 00:44:22 - Windows Update

RP154: 21/03/2013 01:30:51 - Windows Update

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Community Help

Adobe Download Assistant

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Photoshop CS5.1

Adobe Reader X (10.1.3) MUI

Adobe Shockwave Player 11.6

AI Suite II

aioprnt

aioscnnr

AMD Accelerated Video Transcoding

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Drag and Drop Transcoding

AMD Media Foundation Decoders

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Asmedia ASM104x USB 3.0 Host Controller Driver

ASUS WebStorage

ATI AVIVO64 Codecs

AVG 2012

AVG Security Toolbar

Battlefield 3™

Battlelog Web Plugins

Bonjour

Brother MFL-Pro Suite MFC-J6510DW

C4USelfUpdater

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

center

Command & Conquer™ Red Alert™ 3

Connection Manager

Corsair USB Headset

Counter-Strike: Global Offensive Beta

Curse Client

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition

DiRT 3

Dropbox

eReg

ESN Sonar

essentials

Google Chrome

Google Earth

Google Earth Plug-in

Google SketchUp 8

Google Toolbar for Internet Explorer

Google Update Helper

Guild Wars 2

HTC Driver Installer

HUAWEI DataCard Driver 4.23.11.00

HydraVision

Intel® Management Engine Components

Intel® Watchdog Timer Driver (Intel® WDT)

iTunes

Java 7 Update 17

Java Auto Updater

Kodak AIO Printer

KODAK AiO Software

Liveupdate4

Logitech Gaming Software 8.12

Logitech SetPoint 6.32

Malwarebytes Anti-Malware version 1.70.0.1100

Microsoft .NET Framework 1.1

Microsoft .NET Framework 4 Client Profile

Microsoft Application Error Reporting

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared 32-bit MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Zoo Tycoon

Microsoft_VC80_ATL_x86

Microsoft_VC80_ATL_x86_x64

Microsoft_VC80_CRT_x86

Microsoft_VC80_CRT_x86_x64

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFC_x86_x64

Microsoft_VC80_MFCLOC_x86

Microsoft_VC80_MFCLOC_x86_x64

Microsoft_VC90_ATL_x86

Microsoft_VC90_ATL_x86_x64

Microsoft_VC90_CRT_x86

Microsoft_VC90_CRT_x86_x64

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFC_x86_x64

Microsoft_VC90_MFCLOC_x86

Microsoft_VC90_MFCLOC_x86_x64

Mozilla Firefox 19.0.2 (x86 en-US)

Mozilla Maintenance Service

MSI Afterburner 2.1.0

MSVCRT

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP3 Parser

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB2758694)

Nuance PaperPort 12

Nuance PDF Viewer Plus

ocr

OpenOffice.org 3.3

Origin

PaperPort Image Printer 64-bit

PDF Settings CS5

PreReq

PunkBuster Services

RaiderZ

Razer Diamondback 3G

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealPlayer

Realtek Ethernet Controller Driver

Realtek Ethernet Diagnostic Utility

Realtek High Definition Audio Driver

RealUpgrade 1.1

RollerCoaster Tycoon 2

RollerCoaster Tycoon 3

Scansoft PDF Professional

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition

Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 64-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687436) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition

Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition

Security Update for Microsoft Visio 2010 (KB2760762) 64-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2687505) 64-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition

Sid Meier's Alpha Centauri

SimCity 4 Deluxe

Skype Click to Call

Skype™ 6.1

Spotify

SUPERAntiSpyware

SwiftKit

swMSM

TeamSpeak 3 Client

The Lord of the Rings Online™

The Lord of the Rings Online™ v03.08.00.8029

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition

Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition

VIRTU 1.2.105

Visual Studio 2008 x64 Redistributables

War Inc. Battlezone

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Media Player Firefox Plugin

World of Warcraft

.

==== End Of File ===========================

Link to post
Share on other sites
Larusso

Larusso

Posted
Posted

Hy there.

These are also known as false positives. Please manually update MBAM and perform a Quick Scan again.

Post the logfile here.

It appears it was a false positive?

Without the logfile I can't answer this question

Link to post
Share on other sites
Jabbed

Jabbed

Posted
  • Author
Posted

Here is the quick scan result:

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2013.03.21.14

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Jamie :: HOME-PC [administrator]

22/03/2013 14:42:24

mbam-log-2013-03-22 (14-42-24).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 252636

Time elapsed: 4 minute(s), 55 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

And this is the AVG Resident shield log file result from the other day:

Resident Shield detection

Infection;"Object";"Result";"Detection time";"Object Type";"Process"

Trojan horse Generic32.MJQ;"c:\Program Files (x86)\World of Warcraft\WoW-2.1.2.6803-to-2.1.3.6898-enGB-downloader.exe";"Object is inaccessible.";"21/03/2013, 20:54:47";"file";"C:\Windows\explorer.exe"

Trojan horse Generic32.MJQ;"c:\Program Files (x86)\World of Warcraft\WoW-2.1.1.6739-to-2.1.2.6803-enGB-downloader.exe";"Object is inaccessible.";"21/03/2013, 20:54:47";"file";"C:\Windows\explorer.exe"

Trojan horse Generic32.MJQ;"c:\Program Files (x86)\World of Warcraft\WoW-2.1.3.6898-to-2.2.0.7272-enGB-downloader.exe";"Object is inaccessible.";"21/03/2013, 20:54:47";"file";"C:\Windows\explorer.exe"

Trojan horse Generic32.MJQ;"c:\Program Files (x86)\World of Warcraft\WoW-2.2.0.7272-to-2.2.2.7318-enGB-downloader.exe";"Object is inaccessible.";"21/03/2013, 20:54:47";"file";"C:\Windows\explorer.exe"

Trojan horse Generic32.MJQ;"c:\Program Files (x86)\World of Warcraft\WoW-2.2.2.7318-to-2.2.3.7359-enGB-downloader.exe";"Moved to Virus Vault";"21/03/2013, 18:45:06";"file";"C:\Windows\System32\rundll32.exe"

Trojan horse Generic32.MJQ;"c:\Program Files (x86)\World of Warcraft\WoW-2.2.0.7272-to-2.2.2.7318-enGB-downloader.exe";"Moved to Virus Vault";"21/03/2013, 18:45:06";"file";"C:\Windows\System32\rundll32.exe"

Trojan horse Generic32.MJQ;"c:\Program Files (x86)\World of Warcraft\WoW-2.1.3.6898-to-2.2.0.7272-enGB-downloader.exe";"Moved to Virus Vault";"21/03/2013, 18:45:06";"file";"C:\Windows\System32\rundll32.exe"

Trojan horse Generic32.MJQ;"c:\Program Files (x86)\World of Warcraft\WoW-2.1.2.6803-to-2.1.3.6898-enGB-downloader.exe";"Moved to Virus Vault";"21/03/2013, 18:45:06";"file";"C:\Windows\System32\rundll32.exe"

Trojan horse Generic32.MJQ;"c:\Program Files (x86)\World of Warcraft\WoW-2.1.1.6739-to-2.1.2.6803-enGB-downloader.exe";"Moved to Virus Vault";"21/03/2013, 18:45:06";"file";"C:\Windows\System32\rundll32.exe"

Link to post
Share on other sites
Jabbed

Jabbed

Posted
  • Author
Posted

No other problems as such, my computer appears to be running fine :). However i scanned with ESET and it came back clear apart from some type of adware? of which i have no idea how to remove, as When i scanned the location of the adware with MBAM it came back clear. Apart from this am I all clear? Here is the results.

C:\Users\Jamie\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\stubinst_pkg_en-uk.cab Win32/OpenCandy application

Link to post
Share on other sites
Larusso

Larusso

Posted
Posted

Dont be to paranoid.

Some scanners detect something as adware, others not ( for a good reason ).

I think that you heard that one scan cant detect everything. That is true but most of the know AVPs detect real malware and not a file which belongs to your realplayer ;)

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.