Hi, I'd used my new laptop yesterday for a short while after first setting it all up which included using the internet for sites such as Facebook, Google etc. Just general things to check out the new Windows 8 and everything.
However, I realised today I'd forgotten to install an anti-virus before going online. I did so, and I soon started receiving threat detections related to two files in the WINDOWS\System32 directory, they are titled 'audiodg.exe" and "FlashUtil_ActiveX.exe" (the latter which is in the WINDOWS\System32\Macromed\Flash\ directoy). Although, when you click to show more details, the actual files shown are either svchost.exe, Explorer.EXE, Taskmgr.exe and even the mbam.exe which was first detected when I ran it to scan. I have the list of detected viruses so far here (and also just now suddenly in some WinSxS\amd64... directory):
Resident Shield detection
"Infection";"Object";"Result";"Detection time";"Object Type";"Process"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 20:20:46";"file";"C:\Windows\System32\svchost.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 20:20:46";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.20555_none_d0147a4a87685846\audiodg.exe";"Infected";"02/02/2013, 20:19:40";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.20548_none_d0224b14875d885a\audiodg.exe";"Infected";"02/02/2013, 20:19:40";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.20539_none_d02e1b4a875485c0\audiodg.exe";"Infected";"02/02/2013, 20:19:40";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.20534_none_d02919d88759070d\audiodg.exe";"Infected";"02/02/2013, 20:19:40";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.20521_none_d030e8e687539f17\audiodg.exe";"Infected";"02/02/2013, 20:19:39";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.16451_none_cf86dc576e4e5320\audiodg.exe";"Infected";"02/02/2013, 20:19:39";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.16444_none_cf94ad216e438334\audiodg.exe";"Infected";"02/02/2013, 20:19:39";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.16437_none_cfa27deb6e38b348\audiodg.exe";"Infected";"02/02/2013, 20:19:39";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.16433_none_cf9e7cc36e3c4dec\audiodg.exe";"Infected";"02/02/2013, 20:19:39";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.16420_none_cfa64bd16e36e5f6\audiodg.exe";"Infected";"02/02/2013, 20:19:39";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPN";"c:\Windows\WinSxS\amd64_adobe-flash-for-windows_31bf3856ad364e35_6.2.9200.20588_none_84f72b440c6dcc0d\FlashUtil_ActiveX.exe";"Infected";"02/02/2013, 20:19:30";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPN";"c:\Windows\WinSxS\amd64_adobe-flash-for-windows_31bf3856ad364e35_6.2.9200.16483_none_84688d06f354ad90\FlashUtil_ActiveX.exe";"Infected";"02/02/2013, 20:19:30";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 19:42:46";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 19:41:13";"file";"C:\Windows\System32\svchost.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 19:02:53";"file";"C:\Windows\Explorer.EXE"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 19:00:33";"file";"C:\Windows\System32\Taskmgr.exe"
"Trojan horse PSW.Generic10.BNPN";"c:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe";"Infected";"02/02/2013, 18:58:45";"file";"C:\Windows\system32\svchost.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 18:58:29";"file";"C:\Windows\System32\svchost.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 18:49:10";"file";"C:\Windows\Explorer.EXE"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 18:46:19";"file";"C:\Windows\System32\svchost.exe"
"Trojan horse PSW.Generic10.BNPN";"c:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe";"Infected";"02/02/2013, 18:32:45";"file";"C:\Windows\system32\svchost.exe"
"Trojan horse PSW.Generic10.BNPN";"c:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe";"Infected";"02/02/2013, 18:30:37";"file";"C:\Windows\system32\svchost.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 18:26:17";"file";"C:\Windows\System32\svchost.exe"
I have the log from the MBAM as requested in the instructions which says it found no malware, however I don't seem to be able to download DDS from either of the provided links, I even tried bleeping computer.
Here is the MBAM quickscan log:
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
Database version: v2013.02.02.07
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
John :: JOHN-PC [administrator]
Protection: Enabled
02/02/2013 19:42:34
mbam-log-2013-02-02 (19-42-34).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 206668
Time elapsed: 1 minute(s), 1 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
A full scan also returned nothing for malware detection.
Would really love some advice on this! I've never even had so much as a whiff of a virus on my PC or anything else in the past 5 or more years and now suddenly for something to infect my system for such a silly mistake as forgetting to protect it from the get go seems almost mocking - and not to mention humbling!
However, I realised today I'd forgotten to install an anti-virus before going online. I did so, and I soon started receiving threat detections related to two files in the WINDOWS\System32 directory, they are titled 'audiodg.exe" and "FlashUtil_ActiveX.exe" (the latter which is in the WINDOWS\System32\Macromed\Flash\ directoy). Although, when you click to show more details, the actual files shown are either svchost.exe, Explorer.EXE, Taskmgr.exe and even the mbam.exe which was first detected when I ran it to scan. I have the list of detected viruses so far here (and also just now suddenly in some WinSxS\amd64... directory):
Resident Shield detection
"Infection";"Object";"Result";"Detection time";"Object Type";"Process"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 20:20:46";"file";"C:\Windows\System32\svchost.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 20:20:46";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.20555_none_d0147a4a87685846\audiodg.exe";"Infected";"02/02/2013, 20:19:40";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.20548_none_d0224b14875d885a\audiodg.exe";"Infected";"02/02/2013, 20:19:40";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.20539_none_d02e1b4a875485c0\audiodg.exe";"Infected";"02/02/2013, 20:19:40";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.20534_none_d02919d88759070d\audiodg.exe";"Infected";"02/02/2013, 20:19:40";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.20521_none_d030e8e687539f17\audiodg.exe";"Infected";"02/02/2013, 20:19:39";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.16451_none_cf86dc576e4e5320\audiodg.exe";"Infected";"02/02/2013, 20:19:39";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.16444_none_cf94ad216e438334\audiodg.exe";"Infected";"02/02/2013, 20:19:39";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.16437_none_cfa27deb6e38b348\audiodg.exe";"Infected";"02/02/2013, 20:19:39";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.16433_none_cf9e7cc36e3c4dec\audiodg.exe";"Infected";"02/02/2013, 20:19:39";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\WinSxS\amd64_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.2.9200.16420_none_cfa64bd16e36e5f6\audiodg.exe";"Infected";"02/02/2013, 20:19:39";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPN";"c:\Windows\WinSxS\amd64_adobe-flash-for-windows_31bf3856ad364e35_6.2.9200.20588_none_84f72b440c6dcc0d\FlashUtil_ActiveX.exe";"Infected";"02/02/2013, 20:19:30";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPN";"c:\Windows\WinSxS\amd64_adobe-flash-for-windows_31bf3856ad364e35_6.2.9200.16483_none_84688d06f354ad90\FlashUtil_ActiveX.exe";"Infected";"02/02/2013, 20:19:30";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 19:42:46";"file";"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 19:41:13";"file";"C:\Windows\System32\svchost.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 19:02:53";"file";"C:\Windows\Explorer.EXE"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 19:00:33";"file";"C:\Windows\System32\Taskmgr.exe"
"Trojan horse PSW.Generic10.BNPN";"c:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe";"Infected";"02/02/2013, 18:58:45";"file";"C:\Windows\system32\svchost.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 18:58:29";"file";"C:\Windows\System32\svchost.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 18:49:10";"file";"C:\Windows\Explorer.EXE"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 18:46:19";"file";"C:\Windows\System32\svchost.exe"
"Trojan horse PSW.Generic10.BNPN";"c:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe";"Infected";"02/02/2013, 18:32:45";"file";"C:\Windows\system32\svchost.exe"
"Trojan horse PSW.Generic10.BNPN";"c:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe";"Infected";"02/02/2013, 18:30:37";"file";"C:\Windows\system32\svchost.exe"
"Trojan horse PSW.Generic10.BNPL";"c:\Windows\System32\audiodg.exe";"Object is white-listed (critical/system file that should not be removed)";"02/02/2013, 18:26:17";"file";"C:\Windows\System32\svchost.exe"
I have the log from the MBAM as requested in the instructions which says it found no malware, however I don't seem to be able to download DDS from either of the provided links, I even tried bleeping computer.
Here is the MBAM quickscan log:
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
Database version: v2013.02.02.07
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
John :: JOHN-PC [administrator]
Protection: Enabled
02/02/2013 19:42:34
mbam-log-2013-02-02 (19-42-34).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 206668
Time elapsed: 1 minute(s), 1 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
A full scan also returned nothing for malware detection.
Would really love some advice on this! I've never even had so much as a whiff of a virus on my PC or anything else in the past 5 or more years and now suddenly for something to infect my system for such a silly mistake as forgetting to protect it from the get go seems almost mocking - and not to mention humbling!