Solved Malware found

[mom26gr8kids]

The other day I was attempting to download something I needed for the kid's school. It was a free download, but at the top of the page was one of those Start Download buttons, and because I was downloading something I clicked on it. Some 7-Zip thing or other. Once I clicked on it I realized that was not what I was downloading and I immediately stopped it, but when I ran Malware this morning it found some PUP software. So, now I need to go through the virus removal process. So irritated with myself for not paying better attention. Thanks for helping. Here is the Mbam log

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.07.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Kendra :: MOMSPC [administrator]

1/7/2014 10:33:33 AM
mbam-log-2014-01-07 (10-33-33).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 217873
Time elapsed: 6 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Kendra\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe (PUP.Optional.InstallCore) -> No action taken.
C:\Users\Kendra\Downloads\ZipOpenerSetup.exe (PUP.Optional.InstallCore) -> No action taken.

(end)

 

[mom26gr8kids]

DDS log

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.45.2
Run by Kendra at 11:10:33 on 2014-01-07
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.5578.3723 [GMT -7:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: COMODO Antivirus *Disabled/Outdated* {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall *Enabled* {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\dwm.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Windows\system32\dashost.exe
C:\Program Files\Elantech\ETDService.exe
C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Launch Manager\LMutilps32.exe
C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe
C:\Windows\RfBtnSvc64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\explorer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Gateway\Gateway Power Management\ePowerEvent.exe
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
C:\Program Files (x86)\RadioController\RfBtnHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskhost.exe
C:\Windows\notepad.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\GATEWA~1.LNK - C:\Program Files (x86)\NTI\Gateway MyBackup\BackupManagerTray.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C} : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\25F636B6751405D223 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\25F636B6751405D223 : DHCPNameServer = 10.0.0.2
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\35F6C696467427F657E64637 : NameServer = 156.154.70.22,156.154.71.22
TCP: Interfaces\{3B38C2B9-E5C1-4A75-9EE1-F1892D0EC33C}\35F6C696467427F657E64637 : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.3.1
TCP: Interfaces\{93861460-374F-46E0-90B7-36421D29E88F} : NameServer = 156.154.70.22,156.154.71.22
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! Online Security: {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-mPolicies-Explorer: NoDrives = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Kendra\AppData\Roaming\Mozilla\Firefox\Profiles\3el9feo0.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Bing
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\Drivers\aswRvrt.sys [2013-4-15 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\Drivers\aswVmm.sys [2013-4-15 207904]
R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-4-15 1034464]
R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswsp.sys [2013-4-15 422216]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\Drivers\cmderd.sys [2013-1-16 23168]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\Drivers\cmdguard.sys [2013-1-16 715824]
R1 cmdhlp;COMODO Internet Security Helper Driver;C:\Windows\System32\Drivers\cmdhlp.sys [2013-1-16 38072]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-27 239616]
R2 APXACC;AppEx Networks Accelerator LWF;C:\Windows\System32\Drivers\appexDrv.sys [2013-1-16 199008]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-4-15 78648]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-26 50344]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-12-27 350544]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2012-12-27 100752]
R2 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-9-5 227904]
R2 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-11-8 250712]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-1-16 2466448]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NTI\Gateway MyBackup\IScheduleSvc.exe [2012-11-2 259136]
R2 RfButtonDriverService;Dritek RF Button Command Service;C:\Windows\RfBtnSvc64.exe [2013-1-16 98160]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\Drivers\AtihdW86.sys [2012-12-27 91648]
R3 ePowerSvc;ePower Service;C:\Program Files\Gateway\Gateway Power Management\ePowerSvc.exe [2012-12-13 664288]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\Drivers\ETD.sys [2012-12-27 331152]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\Drivers\L1C63x64.sys [2012-12-27 118936]
R3 Ps2Kb2Hid;PS/2 Keyboard to HID Driver;C:\Windows\System32\Drivers\aPs2Kb2Hid.sys [2013-1-16 26736]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\Drivers\RtsPStor.sys [2013-1-16 343696]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\Drivers\usbfilter.sys [2013-1-16 58536]
S3 aswStm;aswStm;C:\Windows\System32\Drivers\aswstm.sys [2013-12-26 79672]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-1-24 164056]
S3 DeviceFastLaneService;Device Fast-lane Service;C:\Program Files\Gateway\Gateway Device Fast-lane\DeviceFastLaneSvc.exe [2012-11-16 469648]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\Drivers\rtwlane.sys [2012-6-29 1119232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 WSDScan;WSD Scan Support;C:\Windows\System32\Drivers\WSDScan.sys [2012-12-27 23552]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
.
=============== Created Last 30 ================
.
2013-12-28 17:02:49 236208 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10229.bin
2013-12-26 22:28:24 79672 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2013-12-26 05:26:51 -------- d-----w- C:\Users\Kendra\AppData\Local\Apple Computer
2013-12-26 05:26:39 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-12-26 05:26:10 -------- d-----w- C:\Program Files\iPod
2013-12-26 05:26:09 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-26 05:26:09 -------- d-----w- C:\Program Files\iTunes
2013-12-26 05:26:09 -------- d-----w- C:\Program Files (x86)\iTunes
2013-12-26 05:25:13 -------- d-----w- C:\Users\Kendra\AppData\Local\Apple
2013-12-26 05:24:27 -------- d-----w- C:\Program Files\Bonjour
2013-12-26 05:24:27 -------- d-----w- C:\Program Files (x86)\Bonjour
2013-12-15 23:48:56 23350272 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-15 23:48:53 22615040 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-10 22:37:47 420864 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-12-10 22:37:47 368640 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-12-10 22:09:36 312320 ----a-w- C:\Windows\System32\msieftp.dll
2013-12-10 22:09:36 273408 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-12-10 20:15:09 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-12-10 20:15:06 257536 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2013-12-10 20:15:02 701952 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll
2013-12-10 20:15:02 2241536 ----a-w- C:\Windows\System32\wininet.dll
2013-12-10 19:51:55 62976 ----a-w- C:\Windows\System32\imagehlp.dll
2013-12-10 19:50:24 222720 ----a-w- C:\Windows\System32\scrobj.dll
2013-12-10 19:50:24 143872 ----a-w- C:\Windows\System32\wshom.ocx
2013-12-10 19:50:23 194048 ----a-w- C:\Windows\System32\scrrun.dll
2013-12-10 19:50:23 162304 ----a-w- C:\Windows\SysWow64\scrobj.dll
2013-12-10 19:50:23 156160 ----a-w- C:\Windows\SysWow64\scrrun.dll
2013-12-10 19:50:23 146944 ----a-w- C:\Windows\System32\cscript.exe
2013-12-10 19:50:23 115712 ----a-w- C:\Windows\SysWow64\cscript.exe
2013-12-10 19:50:18 4036608 ----a-w- C:\Windows\System32\win32k.sys
2013-12-10 19:49:49 288768 ----a-w- C:\Windows\System32\drivers\portcls.sys
.
==================== Find3M ====================
.
2013-12-26 22:27:57 207904 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-12-26 22:27:56 78648 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-12-26 22:27:56 1034464 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-12-26 22:27:55 43152 ----a-w- C:\Windows\avastSS.scr
2013-12-04 00:53:54 78304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-04 00:53:54 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-14 11:38:23 715824 ----a-w- C:\Windows\System32\drivers\cmdguard.sys
2013-11-14 11:38:02 43216 ----a-w- C:\Windows\System32\cmdcsr.dll
2013-10-30 16:32:30 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-25 06:19:12 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2013-10-25 06:17:57 3959808 ----a-w- C:\Windows\System32\jscript9.dll
2013-10-25 04:43:42 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-10-21 17:01:46 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-10-21 17:01:46 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-10-19 04:04:07 59392 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-10-10 11:53:35 96600 ----a-w- C:\Windows\System32\drivers\wfplwfs.sys
2013-10-10 09:21:20 1160192 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-10 09:20:43 723968 ----a-w- C:\Windows\System32\BFE.DLL
.
============= FINISH: 11:11:50.33 ===============

 

[mom26gr8kids]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 4/15/2013 11:38:53 AM
System Uptime: 1/6/2014 11:22:54 AM (24 hours ago)
.
Motherboard: Gateway | | VG50_CM
Processor: AMD A8-4500M APU with Radeon(tm) HD Graphics | Socket FT1 | 1900/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 682 GiB total, 613.779 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP42: 12/15/2013 6:49:28 PM - Windows Update
RP43: 12/24/2013 12:05:31 PM - Scheduled Checkpoint
RP44: 12/25/2013 10:25:15 PM - Installed iTunes
RP45: 1/3/2014 8:58:29 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Agatha Christie - Death on the Nile
Aloha TriPeaks
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Quick Stream
AMD VISION Engine Control Center
Apple Application Support
Apple Mobile Device Support
Apple Software Update
avast! Free Antivirus
Backup Manager v4
Bejeweled 3
Big Fish: Game Manager
Bonjour
Broadcom 802.11 Network Adapter
Build-a-lot 2: Town of the Year
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
COMODO Internet Security
Cradle Of Egypt Collector's Edition
CyberLink MediaEspresso 6.5
CyberLink PowerDVD 10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Delicious: Emily's True Love Premium Edition
Dora's World Adventure
Dritek Radio Controller
Elevated Installer
ESET Online Scanner v3
ETDWare PS/2-X64 11.6.16.003_WHQL
Game Channels
Garmin Express
Garmin Express Tray
Gateway Device Fast-lane
Gateway MyBackup
Gateway Power Management
Gateway Recovery Management
Google Chrome
Google Drive
Google Update Helper
Identity Card
iTunes
Java 7 Update 45
Java Auto Updater
Jewel Match 3
Launch Manager
Live Updater
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Office
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
Mystery P.I. - Curious Case of Counterfeit Cove
Nero 12 Essentials OEM.a01
Nero ControlCenter
Nero ControlCenter Help (CHM)
Nero Core Components
Nero Express
Nero Express Help (CHM)
Nero Launcher
Nero Update
Peggle Nights
Penguins!
Plants vs. Zombies - Game of the Year
Polar Bowler
Polar Golfer
Prerequisite installer
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
SpiderMania Solitaire
Spotify
SUPERAntiSpyware
Tales of Lagoona
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Update Installer for WildTangent Games App
WildTangent Games
WildTangent Games App
Zuma's Revenge
.
==== Event Viewer Messages From Past Week ========
.
1/6/2014 11:23:21 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000009f (0x0000000000000003, 0xfffffa800650a880, 0xfffff8037b482770, 0xfffffa80060231c0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 010614-19624-01.
1/6/2014 11:23:02 AM, Error: Microsoft-Windows-Kernel-General [6] - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.
1/1/2014 9:04:44 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 0.0.0.0 with the system having network hardware address 88-53-95-EF-10-BD. Network operations on this system may be disrupted as a result.
.
==== End Of File ===========================

 

[Broni]

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

=================================

Your MBAM log says "No action taken".
Re-run MBAM fix all issues and post new log.

Now what MBAM reports is ZipOpenerSetup.
Assuming you didn't run the installer (I don't see ZipOpener) in a list of installed programs you should be OK.
Let me know.

 

[mom26gr8kids]

Oops thought I clicked on the remove threats earlier, but I forgot to select the threats I wanted to remove. Here is the log now

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.07.04

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Kendra :: MOMSPC [administrator]

1/7/2014 7:31:15 PM
mbam-log-2014-01-07 (19-31-15).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218452
Time elapsed: 5 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Kendra\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe (PUP.Optional.InstallCore) -> Quarantined and deleted successfully.
C:\Users\Kendra\Downloads\ZipOpenerSetup.exe (PUP.Optional.InstallCore) -> Quarantined and deleted successfully.

(end)

 

[mom26gr8kids]

I did not run the installer. Once I saw that I had downloaded the 7-zip instead of the file I was after I clicked exit

 

[Broni]

You should be good to go