Continue Zip Opener Installation.lnk Malware

[EveryZig]

Hi - First, I really appreciate that something like this exists, and would gladly donate for any assistance.

I have a file on my wife's desktop that I cannot remove called "Continue Zip Opener Installation.lnk" which had full system access before I attempted to disable it yesterday. I cannot remove it's access to Special Permissions however, and cannot delete the file. The file has never been run to my knowledge.

FYI: Before I found this forum, I ran Windows Security Essentials, which supposedly found and removed a threat. I did not save a log at the time, but I know it mentioned 6 files being infected associated with 3 music files on the E:\ drive from an older desktop I put into this machine, which were subsequently deleted. *edit* found History of scan:

Detected Item: TrojanDownloader:ASX/Wimad.CJ
Alert Level: Severe
Action Taken: Removed

Category: Trojan Downloader
Description: This program is dangerous and downloads other programs.
Recommended action: Remove this software immediately.


Items:
containerfile:E:\Users\Amanda\Desktop\Music\Smashing Pumpkins\Smashing Pumpkins The - Beautiful.wma
containerfile:E:\Users\Amanda\Desktop\Music\Smashing Pumpkins\smashing pumpkins the - home.wma
containerfile:E:\Users\Amanda\Desktop\Music\Smashing Pumpkins\Smashing Pumpkins The - Shame.wma
file:E:\Users\Amanda\Desktop\Music\Smashing Pumpkins\Smashing Pumpkins The - Beautiful.wma->(ASF_Script_Commands)
file:E:\Users\Amanda\Desktop\Music\Smashing Pumpkins\smashing pumpkins the - home.wma->(ASF_Script_Commands)
file:E:\Users\Amanda\Desktop\Music\Smashing Pumpkins\Smashing Pumpkins The - Shame.wma->(ASF_Script_Commands)

Get more information about this item online.



I also ran the Microsoft Malicious Software Removal Tool, which found no problems.

A google search of this desktop icon's name leads to three results on the McAffee Antivirus Pages:
1

3

I do not own McAfee AntiVirus, but I did download a trial version. I have not run it yet.



DDS.txt




DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16660 BrowserJavaVersion: 10.25.2
Run by Petry at 22:13:53 on 2013-09-06
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8077.3929 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Lucidlogix Technologies\VIRTU MVP\LucidSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files\Lucidlogix Technologies\VIRTU MVP\EKAG20NT.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Lucidlogix Technologies\VIRTU MVP\lucidservices.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\MsSpellCheckingFacility.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\WUDFHost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\svchost.exe -k SDRSVC
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\snmp.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Amanda\Downloads\Windows-KB890830-x64-V5.3.exe
c:\9822b4af798adc88d7\mrtstub.exe
C:\Windows\system32\MRT.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Petry\AppData\Local\Temp\McInstallTemp\Install.exe
C:\Users\Petry\AppData\Local\Temp\MCINST~2\McItInfo.exe
C:\Windows\system32\mfevtps.exe
C:\Users\Petry\AppData\Local\Temp\McInstallTemp\SelfProtect\Win64\aploader.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.dell.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [ASRockXTU] <no file>
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
DPF: {1D082E71-DF20-4AAF-863B-596428C49874} - hxxp://www.worldwinner.com/games/v50/tpir/tpir.cab
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://games.king.com/ctl/kingcomie.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} - hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3D5B7E30-A1D7-4B2D-8110-33A4C00E09A6} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\Windows\SysWOW64\appinit_dll.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [VIRTU MVP] C:\Program Files\Lucidlogix Technologies\VIRTU MVP\MVPControlPanel.Exe /hide
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-9-21 49760]
R0 AsrRamDisk;AsrRamDisk;C:\Windows\System32\drivers\AsrRamDisk.sys [2013-4-20 34640]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-4-20 652344]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-4-20 28216]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-2-27 16152]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-8-7 776168]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-6-18 247216]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2013-4-28 166400]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2013-4-28 128512]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-6-19 634632]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-4-20 129856]
R2 ISCTAgent;ISCT Always Updated Agent;C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2012-2-9 133632]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-4-20 166720]
R2 LucidSrv;LucidSrv;C:\Program Files\Lucidlogix Technologies\VIRTU MVP\LucidSrv.exe [2013-4-20 16616]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2013-9-6 182752]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-6-18 139616]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-4-20 365344]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]
R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2012-2-9 25536]
R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\drivers\imsevent.sys [2012-2-9 25536]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-6-19 342528]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2012-2-9 44992]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-2-27 356120]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-2-27 788760]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-4-20 32344]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-7-18 366600]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-4-20 565352]
R3 VirtuWDDM;VirtuWDDM;C:\Windows\System32\drivers\VirtuWDDM.sys [2013-4-20 97512]
R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:\Windows\System32\drivers\WPRO_41_2001.sys [2013-4-20 34752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-4-20 14904]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-15 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-15 180736]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-4-22 1255736]
.
=============== Created Last 30 ================
.
2013-09-07 01:57:01 182752 ----a-w- C:\Windows\System32\mfevtps.exe.d986.deleteme
2013-09-07 01:56:58 -------- d-----w- C:\Program Files\Common Files\McAfee
2013-09-07 01:01:22 9515512 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D5E01F3-BAB3-4F77-8E95-CB34A5367801}\mpengine.dll
2013-09-07 00:44:52 -------- d-----w- C:\9822b4af798adc88d7
2013-09-06 00:42:22 -------- d-----w- C:\Windows\SysWow64\BestPractices
2013-09-06 00:42:22 -------- d-----w- C:\Program Files\Microsoft Games
2013-09-06 00:42:04 -------- d-----w- C:\Windows\System32\BestPractices
2013-09-06 00:41:37 -------- d-----w- C:\inetpub
2013-09-06 00:28:26 965008 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{74A41AA2-B836-4AD4-B038-80A2ECE81DE5}\gapaengine.dll
2013-09-06 00:28:23 9515512 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-09-06 00:27:26 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client
2013-09-06 00:27:23 -------- d-----w- C:\Program Files\Microsoft Security Client
2013-09-06 00:24:51 -------- d-----w- C:\2cfd6d4da2c50c6d0e9748ed64
2013-09-04 01:01:41 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{657D8B6F-72D9-4CAD-9238-B58F6DA8CC1C}\mpengine.dll
2013-08-29 22:51:52 -------- d-----w- C:\Program Files\iPod
2013-08-29 22:51:51 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-29 22:51:51 -------- d-----w- C:\Program Files\iTunes
2013-08-29 22:51:51 -------- d-----w- C:\Program Files (x86)\iTunes
2013-08-28 07:46:24 94656 ----a-w- C:\Windows\System32\WPRO_41_2001woem.tmp
2013-08-28 07:18:22 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2013-08-28 07:18:22 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2013-08-28 07:18:22 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2013-08-28 07:18:22 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-08-28 07:15:05 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2013-08-28 07:15:05 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2013-08-28 07:15:03 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2013-08-28 07:15:03 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2013-08-28 07:15:03 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2013-08-28 07:15:03 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2013-08-28 07:15:03 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2013-08-27 18:48:03 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2013-08-27 18:48:03 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2013-08-27 18:48:03 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2013-08-27 18:48:03 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2013-08-27 18:48:00 2871808 ----a-w- C:\Windows\explorer.exe
2013-08-27 18:48:00 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2013-08-27 18:46:32 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2013-08-27 18:45:49 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys
2013-08-27 18:45:48 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
2013-08-27 18:45:48 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
2013-08-27 18:45:47 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2013-08-27 18:45:47 31232 ----a-w- C:\Windows\System32\prevhost.exe
2013-08-27 18:45:46 503808 ----a-w- C:\Windows\System32\srcore.dll
2013-08-27 18:45:45 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2013-08-27 18:45:44 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-08-27 18:45:44 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-08-27 18:45:43 67072 ----a-w- C:\Windows\splwow64.exe
2013-08-27 18:45:43 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2013-08-27 04:51:12 -------- d-----w- C:\Windows\en
2013-08-27 04:50:35 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2013-08-27 04:45:44 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4829a4951cea2e003\DSETUP.dll
2013-08-27 04:45:44 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4829a4951cea2e003\DXSETUP.exe
2013-08-27 04:45:44 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\4829a4951cea2e003\dsetup32.dll
2013-08-27 04:45:40 89944 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\472f144a1cea2e002\DSETUP.dll
2013-08-27 04:45:40 537432 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\472f144a1cea2e002\DXSETUP.exe
2013-08-27 04:45:40 1801048 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\472f144a1cea2e002\dsetup32.dll
2013-08-27 04:45:38 94040 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\44e3e3311cea2e001\DSETUP.dll
2013-08-27 04:45:38 525656 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\44e3e3311cea2e001\DXSETUP.exe
2013-08-27 04:45:38 1691480 -c--a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\44e3e3311cea2e001\dsetup32.dll
2013-08-27 04:45:32 -------- d-----w- C:\Users\Petry\AppData\Local\Windows Live
2013-08-27 04:42:57 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2013-08-21 01:02:54 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-08-14 03:37:16 -------- d-----w- C:\Windows\System32\MRT
2013-08-13 22:55:08 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-08-13 22:55:08 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-08-13 22:55:07 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-08-13 22:55:07 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-08-13 22:55:07 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-08-13 22:55:07 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-08-13 22:55:07 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-08-13 22:55:07 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-08-13 22:55:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-08-13 22:55:02 2048 ----a-w- C:\Windows\System32\tzres.dll
.
==================== Find3M ====================
.
2013-08-28 07:46:24 34752 ----a-w- C:\Windows\System32\drivers\WPRO_41_2001.sys
2013-08-21 23:20:27 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-21 23:20:27 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-13 18:57:35 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-13 18:57:35 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-07-13 18:57:35 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-19 01:50:08 247216 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
2013-06-19 01:50:08 139616 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
.
============= FINISH: 22:14:44.93 ===============









aswMBR Log

For AV scan I only did a QuickScan (because I didn't notice this selection until after I ran it). I have two drives in this computer C:\ and E:\ so if I need to do anything different, please let me know.

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-06 22:32:57
-----------------------------
22:32:57.656 OS Version: Windows x64 6.1.7601 Service Pack 1
22:32:57.656 Number of processors: 4 586 0x3A09
22:32:57.657 ComputerName: ZIG-PC UserName: Petry
22:32:58.632 Initialize success
22:35:45.238 AVAST engine defs: 13090601
22:36:30.409 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
22:36:30.411 Disk 0 Vendor: SAMSUNG_HD080HJ/P ZH100-34 Size: 76293MB BusType: 11
22:36:30.414 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000065
22:36:30.417 Disk 1 Vendor: ATA_____ A750 Size: 953869MB BusType: 11
22:36:30.502 Disk 1 MBR read successfully
22:36:30.506 Disk 1 MBR scan
22:36:30.567 Disk 1 Windows 7 default MBR code
22:36:30.569 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:36:30.589 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 699900 MB offset 206848
22:36:30.649 Disk 1 scanning C:\Windows\system32\drivers
22:36:42.039 Service scanning
22:37:10.738 Modules scanning
22:37:10.742 Disk 1 trace - called modules:
22:37:11.098 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
22:37:11.104 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa80097bb060]
22:37:11.109 3 CLASSPNP.SYS[fffff880011d043f] -> nt!IofCallDriver -> [0xfffffa80079f9c50]
22:37:11.114 5 iaStorF.sys[fffff880018d49a0] -> nt!IofCallDriver -> \Device\00000065[0xfffffa80079099c0]
22:37:12.100 AVAST engine scan C:\Windows
22:37:14.297 AVAST engine scan C:\Windows\system32
22:40:42.778 AVAST engine scan C:\Windows\system32\drivers
22:41:01.099 AVAST engine scan C:\Users\Petry
22:45:13.528 Disk 1 MBR has been saved successfully to "C:\Users\Amanda\Desktop\MBR.dat"
22:45:13.557 The log file has been saved successfully to "C:\Users\Amanda\Desktop\aswMBR.txt"

This scan wasn't complete when I posted the first log. My fault. Here is a complete aswMBR log. Thanks--

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-06 22:32:57
-----------------------------
22:32:57.656 OS Version: Windows x64 6.1.7601 Service Pack 1
22:32:57.656 Number of processors: 4 586 0x3A09
22:32:57.657 ComputerName: ZIG-PC UserName: Petry
22:32:58.632 Initialize success
22:35:45.238 AVAST engine defs: 13090601
22:36:30.409 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
22:36:30.411 Disk 0 Vendor: SAMSUNG_HD080HJ/P ZH100-34 Size: 76293MB BusType: 11
22:36:30.414 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\00000065
22:36:30.417 Disk 1 Vendor: ATA_____ A750 Size: 953869MB BusType: 11
22:36:30.502 Disk 1 MBR read successfully
22:36:30.506 Disk 1 MBR scan
22:36:30.567 Disk 1 Windows 7 default MBR code
22:36:30.569 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
22:36:30.589 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 699900 MB offset 206848
22:36:30.649 Disk 1 scanning C:\Windows\system32\drivers
22:36:42.039 Service scanning
22:37:10.738 Modules scanning
22:37:10.742 Disk 1 trace - called modules:
22:37:11.098 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
22:37:11.104 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa80097bb060]
22:37:11.109 3 CLASSPNP.SYS[fffff880011d043f] -> nt!IofCallDriver -> [0xfffffa80079f9c50]
22:37:11.114 5 iaStorF.sys[fffff880018d49a0] -> nt!IofCallDriver -> \Device\00000065[0xfffffa80079099c0]
22:37:12.100 AVAST engine scan C:\Windows
22:37:14.297 AVAST engine scan C:\Windows\system32
22:40:42.778 AVAST engine scan C:\Windows\system32\drivers
22:41:01.099 AVAST engine scan C:\Users\Petry
22:45:13.528 Disk 1 MBR has been saved successfully to "C:\Users\Amanda\Desktop\MBR.dat"
22:45:13.557 The log file has been saved successfully to "C:\Users\Amanda\Desktop\aswMBR.txt"
23:00:33.445 AVAST engine scan C:\ProgramData
23:01:10.697 Scan finished successfully
23:02:01.857 Disk 1 MBR has been saved successfully to "C:\Users\Amanda\Desktop\MBR.dat"
23:02:01.887 The log file has been saved successfully to "C:\Users\Amanda\Desktop\aswMBR.txt"

Sorry, not sure what happened with editing hyperlinks up above, but one of them disappeared.

Here are the three links to the information:
http://home.mcafee.com/VirusInfo/VirusProfile.aspx?key=3924055#none
http://home.mcafee.com/virusinfo/virusprofile.aspx?key=3248815#none
http://home.mcafee.com/virusinfo/virusprofile.aspx?key=3369990#