Hi Elster, thanks a lot for helping me!
I have updated MBAM and performed a quick scan. 1 Registry key was infected, which I believe was one of the files from a virus I had last year on the same laptop that I thought I'd got rid of... Here's the MBAM quick scan log:
Malwarebytes' Anti-Malware 1.44
Database version: 3510
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18865
20/01/2010 17:30:51
mbam-log-2010-01-20 (17-30-51).txt
Scan type: Quick Scan
Objects scanned: 98788
Time elapsed: 30 minute(s), 3 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\gaopdxserv.sys (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)I am about to download Avast, as recommended by Geekstogo, and perform a full system scan. I will edit this post and post the scan log when it has finished.
Just an extra thing aswell, I was looking through the Uninstall Programmes screen from the Control Panel, and noticed that the 'ToxicBiohazard' part of the virus was in the uninstall programs screen. It says that the publisher is 'Image-Line bvba'. Is this a known malware problem, or is it just me being over cautious?! 3 other programmes in the list have the same publisher; 'Collab', 'IL Download Manager' and 'PoiZone'. The latter two were apparantly installed on the same date as 'ToxicBiohazard'.
Thanks in advance!
EDIT: I've downloaded and updated Avast and performed a full system scan. Avast found 3 threats. I'm not sure how to post up or attach the log from the scan, so I'll post up the pathways and what was found:
C:\Program Files\Windows Live\Photo Gallery\WLXQuickTimeControlHost.exe Threat: Win32:Trojan-gen
C:\Windows\System32\drivers\DriveSentryKeeperDriver.sys Threat: Win32:Rootkit-gen [Rtk]
The 'Win32:Rootkit-gen' was found twice in exactly the same file location, so I won't write it out again
NOTE: I've tried to run GMER but it keeps shutting down my laptop!!
Edited by Griizzle, 20 January 2010 - 06:33 PM.