Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

I'm being attacked right now?!?


yavanda
 Share

Recommended Posts

Here are the dds logs, please. What is happening now is that everytime avira is getting a detection, I click on remove and after avira is done scanning I get another detection from AVG, which says the infection is C'\Program Files(x86)\Avira\AntiVir Desktop\avscan.exe. And another one called c:\ProgramData\Avira\Antivir Desktop\TEMP\AVSCAN-20140219-some other digits and when I delete that WITH AVG, I get another infection detected from AVIRA WHAT IS GOING ON

 

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume1

Install Date: 18-5-2012 16:57:10

System Uptime: 19-2-2014 8:02:40 (0 hours ago)

.

Motherboard: Foxconn |  | 2ABF

Processor: Intel® Core i7-2600 CPU @ 3.40GHz | CPU 1 | 3401/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 453 GiB total, 198,298 GiB free.

D: is FIXED (NTFS) - 13 GiB total, 1,587 GiB free.

E: is CDROM ()

F: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: 

Description: LinksysbyCisco Internet Gateway Device

Device ID: UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446\UMB\3&22208DD1&0&UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446

Manufacturer: 

Name: LinksysbyCisco Internet Gateway Device

PNP Device ID: UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446\UMB\3&22208DD1&0&UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446

Service: 

.

==== System Restore Points ===================

.

RP229: 16-2-2014 10:41:51 - ComboFix created restore point

RP230: 17-2-2014 0:02:44 - Removed Hi-Rez Studios Games

RP231: 17-2-2014 23:18:14 - Windows Update

.

==== Installed Programs ======================

.

.sol Editor 1.1.0.1

7-Zip 9.22beta

802.11n Wireless LAN Card

Adobe Flash Player 12 ActiveX

Adobe Flash Player 12 Plugin

Agatha Christie - Peril at End House

AuthenTec TrueAPI

AVG 2013

Avira

Avira Free Antivirus

Batman: Arkham Asylum GOTY Edition

Battle.net

Bejeweled 3

BitTorrent

Blackhawk Striker 2

Blasterball 3

Bounce Symphony

Cake Mania

CCleaner

Chronicles of Albian

Chuzzle Deluxe

Cisco Network Magic

Counter-Strike: Global Offensive

Cradle of Rome 2

Curse Client

D3DX10

Diablo III

Dota 2

Dropbox

ESET Online Scanner v3

F.E.A.R. 3

f.lux

Farm Frenzy

FATE

Final Drive: Nitro

GeForce Experience NvStream Client Components

Google Chrome

Governor of Poker 2 Premium Edition

Hearthstone

Hewlett-Packard ACLM.NET v1.2.2.3

HP Auto

HP Client Services

HP Customer Experience Enhancements

HP Games

HP LinkUp

HP Odometer

HP Setup

HP Setup Manager

HP SimplePass PE 2011

HP Support Assistant

HP Support Information

HP Update

HP Vision Hardware Diagnostics

Infestation Survivor Stories version 1.0

Infestation: Survivor Stories

Intel® Identity Protection Technology 1.1.2.0

Intel® Management Engine Components

Java 7 Update 45

Java Auto Updater

JavaFX 2.1.1

Jewel Quest: The Sleepless Star - Collector's Edition

Junk Mail filter update

LabelPrint

League of Legends

Left 4 Dead 2

Magic Desktop

Mah Jong Medley

Malwarebytes Anti-Malware versie 1.75.0.1300

Mesh Runtime

Microsoft .NET Framework 4.5 NLD Language Pack

Microsoft .NET Framework 4.5.1

Microsoft Application Error Reporting

Microsoft Mathematics

Microsoft Office 2010

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106

Microsoft XNA Framework Redistributable 4.0

Minecraft1.5.2

Mozilla Firefox 19.0 (x86 nl)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

Mystery of Mortlake Mansion

Namco All-Stars: PAC-MAN

Network Magic

Norton Online Backup

NVIDIA-configuratiescherm 331.82

NVIDIA 3D Vision controllerstuurprogramma 331.82

NVIDIA 3D Vision stuurprogramma 331.82

NVIDIA GeForce Experience 1.7.1

NVIDIA Grafisch stuurprogramma 331.82

NVIDIA HD Audio-stuurprogramma 1.3.26.4

NVIDIA Install Application

NVIDIA LED Visualizer 1.0

NVIDIA PhysX

NVIDIA PhysX systeemsoftware 9.13.0725

NVIDIA ShadowPlay 9.3.21

NVIDIA Stereoscopic 3D Driver

NVIDIA Update 9.3.21

NVIDIA Update Components

NVIDIA Virtual Audio 1.2.9

Open Broadcaster Software

PDF Complete Special Edition

Penguins!

Plants vs. Zombies - Game of the Year

PlayReady PC Runtime amd64

Poker Superstars III

Polar Bowler

Polar Golfer

Power2Go

PunkBuster Services

Pure Networks Platform

RaidCall

Razer Naga

Realtek High Definition Audio Driver

Recovery Manager

Remote Graphics Receiver

Rust

Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)

Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)

SHIELD Streaming

Skype™ 6.11

Slingo Supreme

StarCraft II

Taalpakket voor Microsoft .NET Framework 4.5 - NLD

TeamViewer 9

Tibia

Tibia Testserver

Tibiacast

Update Installer for WildTangent Games App

Vacation Quest - The Hawaiian Islands

VC80CRTRedist - 8.0.50727.6195

Ventrilo Client

VIP Access SDK (1.0.1.4) 

Virtual Villagers 5 - New Believers

Visual Studio 2008 x64 Redistributables

Visual Studio 2010 x64 Redistributables

VLC media player 2.0.6

WildTangent Games App (HP Games)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh

Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

WinRAR 4.20 (32-bit)

World of Warcraft

World of Warcraft Beta

Zuma Deluxe

.

==== End Of File ===========================

 


DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.45.2

Run by marco at 8:53:36 on 2014-02-19

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.31.1043.18.6125.3032 [GMT 1:00]

.

AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Windows\SysWOW64\ezSharedSvcHost.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe

C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files (x86)\PDF Complete\pdfsvc.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe

C:\Users\marco\AppData\Local\FluxSoftware\Flux\flux.exe

C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Windows\system32\rundll32.exe

C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

C:\Users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe

C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2013\avgemca.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\marco\Desktop\setup_11.0.1.1245.x01_2014_02_19_09_38.exe

C:\Users\marco\AppData\Local\Temp\RarSFX0\4833685.exe

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Users\marco\AppData\Local\Temp\2441710\4833685.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\taskhost.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe

c:\program files (x86)\avira\antivir desktop\avscan.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.


BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll

BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

uRun: [F.lux] "C:\Users\marco\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe

mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

mRun: [RaidCall] C:\Program Files (x86)\RaidCall\raidcall.exe

mRun: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe

mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

mRunOnce: [GrpConv] grpconv -o

StartupFolder: C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip

StartupFolder: C:\Users\marco\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exe

StartupFolder: C:\Users\marco\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\_UNINS~1.LNK - C:\Users\marco\AppData\Local\Temp\_uninst_55219767.bat

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: EnableShellExecuteHooks = dword:1

mPolicies-Explorer: NoDrives = dword:0

mPolicies-System: ConsentPromptBehaviorAdmin = dword:5

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{D374E301-AA43-4576-807F-2805EDCEE196} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\34963736F64323230383 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\34963736F66323331373 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\C696E6B6379737 : DHCPNameServer = 192.168.1.1 212.54.40.25 212.54.35.25

Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll

x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll

x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart

x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\

.

============= SERVICES / DRIVERS ===============

.

R0 55219767;55219767;C:\Windows\System32\drivers\55219767.sys [2014-2-19 460888]

R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]

R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-10-23 45880]

R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]

R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2014-2-16 28600]

R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-2-16 440376]

R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-2-16 440376]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]

R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2014-2-16 108440]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136]

R2 Avira.OE.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-1-29 109112]

R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]

R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-6-9 264008]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]

R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]

R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]

R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568]

R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-13 15125280]

R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-3-5 1128952]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]

R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-3-5 2656280]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-3-5 1360960]

R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-11-26 39200]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-3-5 471144]

R3 RzSynapse;Razer Driver;C:\Windows\System32\drivers\RzSynapse.sys [2010-12-16 126464]

RUnknown 4833685drv;4833685drv; [x]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-14 111616]

S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2013-11-1 91352]

S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2012-3-5 31152]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]

S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-19 1255736]

S4 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-2-16 1011768]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]

.

=============== File Associations ===============

.

FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice]

.

=============== Created Last 30 ================

.

2014-02-19 07:06:56 -------- d-----w- C:\ProgramData\Kaspersky Lab

2014-02-19 07:06:30 460888 ----a-w- C:\Windows\System32\drivers\55219767.sys

2014-02-18 08:36:16 -------- d-----w- C:\Program Files (x86)\ESET

2014-02-16 23:02:19 84720 ----a-w- C:\Windows\System32\drivers\avnetflt.sys

2014-02-16 19:57:45 -------- d-sh--w- C:\$RECYCLE.BIN

2014-02-16 19:45:46 98816 ----a-w- C:\Windows\sed.exe

2014-02-16 19:45:46 256000 ----a-w- C:\Windows\PEV.exe

2014-02-16 19:45:46 208896 ----a-w- C:\Windows\MBR.exe

2014-02-16 17:01:53 -------- d-----w- C:\Users\marco\AppData\Roaming\Avira

2014-02-16 17:01:10 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys

2014-02-16 17:01:10 108440 ----a-w- C:\Windows\System32\drivers\avgntflt.sys

2014-02-16 16:59:27 -------- d-----w- C:\ProgramData\Avira

2014-02-16 16:59:27 -------- d-----w- C:\Program Files (x86)\Avira

2014-02-16 12:50:27 -------- d-sh--w- C:\Users\marco\b96E84lA

2014-02-16 08:42:57 -------- d-----w- C:\Users\marco\AppData\Local\{00D646FC-0E56-435E-9F9D-A882E5097489}

2014-02-15 08:25:55 -------- d-----w- C:\Users\marco\AppData\Local\{870812B5-38B5-4165-B020-30B94BA7AB53}

2014-02-14 08:11:39 -------- d-----w- C:\AdwCleaner

2014-02-14 08:06:08 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CB5E52E7-D0AD-452E-A096-802EA82D2AF5}\mpengine.dll

2014-02-14 08:04:36 -------- d-----w- C:\Windows\ERUNT

2014-02-13 08:17:31 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll

2014-02-05 21:02:34 -------- d-----w- C:\Users\marco\AppData\Roaming\Xfire

2014-02-05 21:02:22 -------- d-----w- C:\ProgramData\Xfire

2014-01-29 23:28:53 -------- d-----w- C:\Windows\Migration

.

==================== Find3M  ====================

.

2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll

2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll

2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll

2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll

2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll

2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll

2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll

2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll

2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll

2014-02-05 19:11:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2014-02-05 19:11:10 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-12-31 13:56:56 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2013-12-31 13:56:56 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2013-12-30 19:45:34 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll

2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll

2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll

2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll

2013-12-18 05:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe

2013-12-06 02:30:08 2048 ----a-w- C:\Windows\System32\msxml3r.dll

2013-12-06 02:30:08 1882112 ----a-w- C:\Windows\System32\msxml3.dll

2013-12-06 02:02:08 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll

2013-12-04 02:27:33 485888 ----a-w- C:\Windows\System32\secproc_isv.dll

2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll

2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp.dll

2013-12-04 02:27:16 488448 ----a-w- C:\Windows\System32\secproc.dll

2013-12-04 02:26:32 528384 ----a-w- C:\Windows\System32\msdrm.dll

2013-12-04 02:16:51 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe

2013-12-04 02:16:51 626176 ----a-w- C:\Windows\System32\RMActivate.exe

2013-12-04 02:16:50 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe

2013-12-04 02:16:48 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe

2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll

2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll

2013-12-04 02:03:20 423936 ----a-w- C:\Windows\SysWow64\secproc_isv.dll

2013-12-04 02:03:08 428032 ----a-w- C:\Windows\SysWow64\secproc.dll

2013-12-04 02:02:06 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll

2013-12-04 01:54:14 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe

2013-12-04 01:54:10 594944 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe

2013-12-04 01:54:09 572416 ----a-w- C:\Windows\SysWow64\RMActivate.exe

2013-12-04 01:54:06 508928 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe

2013-11-30 14:34:05 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2013-11-27 01:41:37 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-11-27 01:41:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-11-27 01:41:11 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-11-27 01:41:11 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-11-27 01:41:09 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2013-11-27 01:41:06 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2013-11-27 01:41:03 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-11-26 11:40:00 376768 ----a-w- C:\Windows\System32\drivers\netio.sys

2013-11-26 10:32:56 3156480 ----a-w- C:\Windows\System32\win32k.sys

2013-11-26 08:16:50 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll

2013-11-25 00:48:36 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys

2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll

2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll

2013-11-22 22:48:21 3928064 ----a-w- C:\Windows\System32\d2d1.dll

.

============= FINISH:  8:55:02,85 ===============

 

Link to post
Share on other sites

I uninstalled Avira and it seems to have stopped. I now have Kasperky Virus Removal Tool running, as instructed by Borislav. I'm sorry for this topic I kind of paniced when I keep seeing infection detected on multiple anti-virus softwares and I will wait on further instructions from Borislav after the Kasperky Virus Removal Tool is done running. You can remove/close this thread if you'd like.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.