Inactive Malwarebytes and Super-Antispyware not finding anything something seems amiss

BillAllen55

BillAllen55

Posts: 363   +0
Hello,
Over the past few scans I've done with Super antispyware and malware bytes - neither scan has turned up with results. I would be delighted if I were to believe that. But past experience with these fine scan tools would indicate to me something is amiss. I would be very grateful if someone would take a look at requested scan logs.
fMalwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.29.08

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Owner :: OWNER-PC [administrator]

10/29/2012 9:15:37 AM
mbam-log-2012-10-29 (09-15-37).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 204005
Time elapsed: 13 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 
undefined
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-10-29 09:57:52
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HM080HI rev.AB100-12
Running: 3u2g776r.exe; Driver: C:\Users\Owner\AppData\Local\Temp\kgloapow.sys


---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwRollbackEnlistment + 140D 82C43A49 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82C7D4D2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[2064] ntdll.dll!LdrGetProcedureAddress + 26 77AC2239 7 Bytes JMP 60EEAB20 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2064] kernel32.dll!K32GetDeviceDriverBaseNameW + 5D 762C941E 7 Bytes JMP 61130B02 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2064] kernel32.dll!QueryPerformanceCounter + 13 762CC435 7 Bytes JMP 61130B25 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2064] kernel32.dll!LoadAppInitDlls + 355 762CF4F6 7 Bytes JMP 60EEF7A9 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[2064] GDI32.dll!GetViewportOrgEx + 26C 769B884B 7 Bytes JMP 61130A83 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[2892] kernel32.dll!SetUnhandledExceptionFilter 762CF4FB 5 Bytes JMP 5CB250B8 C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation)
.text C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[2892] ole32.dll!OleLoadFromStream 765F6143 5 Bytes JMP 5D5EE11A C:\Program Files\Common Files\Microsoft Shared\office12\mso.dll (2007 Microsoft Office component/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[2892] @ C:\Windows\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [75B2FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[2892] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75B2FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[2892] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75B2FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[2892] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75B2FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[2892] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75B2FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[2892] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [75B2FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)
IAT C:\Program Files\Microsoft Office\Office12\WINWORD.EXE[2892] @ C:\Windows\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [75B2FFF6] C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001641b573ad
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001641b573b5
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001641b87504
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001641b573ad (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001641b573b5 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001641b87504 (not active ControlSet)

---- EOF - GMER 1.0.15 ----
 
DDS (Ver_2012-10-19.01) - NTFS_x86
Internet Explorer: 9.0.8112.16421
Run by Owner at 10:00:17 on 2012-10-29
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2038.237 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe
C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
C:\Windows\system32\locator.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\System32\snmp.exe
C:\Windows\System32\vds.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Games\Chess\Chess.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k PeerDist
C:\Windows\system32\svchost.exe -k regsvc
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
uWindow Title = Internet Explorer, optimized for Bing and MSN
uSearch Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uProxyOverride = 192.168.*.*;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
mRun: [MSC] c:\program files\microsoft security client\msseces.exe -hide -runkey
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
uPolicies-Explorer: NoDriveTypeAutoRun = dword:221
uPolicies-Explorer: NoDriveAutoRun- = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun- = dword:0
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun- = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun- = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:253
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-00107-0002-0007-ABCDEFFEDCBC} - <orphaned>
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
TCP: NameServer = 216.228.160.7 216.228.160.8
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9} : DHCPNameServer = 216.228.160.7 216.228.160.8
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\3616D6075737F577962756C6563737 : NameServer = 8.8.8.8,216.228.160.7
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\3616D6075737F577962756C6563737 : DHCPNameServer = 172.16.44.186 172.16.44.185
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\4656661657C647 : NameServer = 205.171.3.25,216.228.160.7
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\4656661657C647 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\F40756E60234F6D6D657E696479702E4564777F627B6 : NameServer = 8.8.8.8,216.228.160.7
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\F40756E60234F6D6D657E696479702E4564777F627B6 : DHCPNameServer = 216.228.160.7 216.228.160.8 216.228.160.5
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\owner\appdata\roaming\mozilla\firefox\profiles\r18ei3ko.default-1343151942524\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\users\owner\appdata\roaming\mozilla\plugins\npatgpc.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1167637.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1168638.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_500_104.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]
R0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\drivers\MxEFUF32.sys [2012-8-9 102728]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2012-1-14 15672]
R1 MpKsl407fd121;MpKsl407fd121;c:\programdata\microsoft\microsoft antimalware\definition updates\{161044d8-2c5a-46ea-8885-a2d61bd3e8cc}\MpKsl407fd121.sys [2012-10-29 29904]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-9-23 65192]
R2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\broadcom\mgmtagent\BrcmMgmtAgent.exe [2011-11-30 131072]
R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2012-2-7 822624]
R2 DeviceMonitorService;DeviceMonitorService;c:\program files\motorola media link\lite\NServiceEntry.exe [2012-9-7 87992]
R2 Motorola Device Manager;Motorola Device Manager Service;c:\program files\motorola mobility\motorola device manager\MotoHelperService.exe [2012-10-2 120728]
R2 PST Service;PST Service;c:\program files\motorola\motforwarddaemon\ForwardDaemon.exe [2012-6-15 65657]
R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2011-10-1 508776]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2011-8-23 368168]
R3 BTHFILT;Bluetooth Command Filter;c:\windows\system32\drivers\BthFilt.sys [2011-12-17 13824]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-10-29 40776]
R3 NETwLv32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETwLv32.sys [2012-8-19 6637056]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfswin7.sys [2011-10-1 581480]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaywin7.sys [2011-10-1 194408]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirwin7.sys [2011-10-1 21864]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvolwin7.sys [2011-10-1 19304]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2011-10-1 219496]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-3-12 136176]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [2009-1-29 6016]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 efavdrv;efavdrv;c:\windows\system32\drivers\efavdrv.sys [2012-9-3 115008]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-3-12 136176]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2012-6-11 20864]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2012-1-25 8448]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [2012-6-8 23808]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [2011-11-8 11008]
S3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2009-5-28 4233728]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2012-8-30 99272]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2012-9-12 287824]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2012-8-17 4640000]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-4-30 15872]
S3 RegGuard;RegGuard;c:\windows\system32\drivers\regguard.sys [2012-8-23 24416]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\sisoftware\sisoftware sandra lite 2012.sp5c\RpcAgentSrv.exe [2012-9-23 68760]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 Te.Service;Te.Service;c:\program files\windows kits\8.0\testing\runtimes\taef\Wex.Services.exe [2012-7-25 94208]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-4-30 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-3-13 1343400]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2011-8-5 268512]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-7 250808]
S4 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [2012-9-26 136784]
S4 BthFilterHelper;Bluetooth Feature Support;c:\program files\csr\vista profile pack\BthFilterHelper.exe [2006-11-7 127488]
S4 HawkesUpdater;Hawkes Unattended Updater;"c:\program files\hawkes learning systems\hawkes update service manager\srvany.exe" --> c:\program files\hawkes learning systems\hawkes update service manager\srvany.exe [?]
S4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-3-18 115168]
.
=============== File Associations ===============
.
FileExt: .com: Applications\iexplore.exe="c:\program files\internet explorer\iexplore.exe" %1 [UserChoice]
.
=============== Created Last 30 ================
.
2012-10-29 16:16:24 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{161044d8-2c5a-46ea-8885-a2d61bd3e8cc}\offreg.dll
2012-10-29 16:16:24 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{161044d8-2c5a-46ea-8885-a2d61bd3e8cc}\MpKsl407fd121.sys
2012-10-29 16:14:59 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-10-29 16:13:56 6918632 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{161044d8-2c5a-46ea-8885-a2d61bd3e8cc}\mpengine.dll
2012-10-29 14:51:02 6918632 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-10-24 02:15:25 -------- d-----w- C:\Binaries
2012-10-24 02:15:12 -------- d-----w- c:\program files\Motorola Media Link
2012-10-24 02:14:32 5 ----a-w- c:\windows\system32\lMMLDeleteUserData42107612FX.tmp
2012-10-22 14:36:57 740784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{887e8832-3d29-412a-a039-8e2c855abddc}\gapaengine.dll
2012-10-21 20:29:53 -------- d-----w- c:\program files\Microsoft Office 15
2012-10-21 20:24:10 -------- d-----w- c:\users\owner\appdata\local\MicrosoftStore
2012-10-21 19:15:36 -------- d-----w- c:\program files\NoVirusThanks
2012-10-19 01:52:34 -------- d-----w- c:\program files\iPod
2012-10-19 01:52:31 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-10-19 01:52:31 -------- d-----w- c:\program files\iTunes
2012-10-19 01:51:01 -------- d-----w- c:\program files\Bonjour
2012-10-19 00:58:13 -------- d-----w- C:\9d7fb0384ad3000f74330d244589
2012-10-18 21:55:00 954200 ----a-w- c:\windows\system32\XAudioD2_7.dll
2012-10-18 21:52:58 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2012-10-18 21:52:58 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2012-10-18 21:52:57 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2012-10-18 21:49:45 111960 ----a-w- c:\windows\dxsdkuninst.exe
2012-10-18 21:49:37 -------- d-----w- c:\program files\Microsoft DirectX SDK (June 2010)
2012-10-18 21:45:39 -------- d--h--w- c:\windows\msdownld.tmp
2012-10-14 16:24:53 -------- d-----w- c:\program files\Winmx
2012-10-13 22:35:40 -------- d-----w- c:\users\owner\appdata\roaming\Auslogics
2012-10-12 18:34:48 -------- d-----w- c:\windows\ehome
2012-10-11 21:34:05 -------- d-----w- c:\users\owner\appdata\local\Apple Computer
2012-10-11 20:48:07 3584 ----a-r- c:\users\owner\appdata\roaming\microsoft\installer\{121634b0-2f4b-11d3-ada3-00c04f52dd52}\Icon386ED4E3.exe
2012-10-11 20:48:07 -------- d-----w- c:\program files\Windows Installer Clean Up
2012-10-08 23:57:48 -------- d-----w- c:\windows\system32\ms-MY
2012-10-08 23:56:20 -------- d-----r- c:\users\owner\Podcasts
2012-10-08 23:56:11 -------- d-----w- c:\windows\system32\drivers\umdf\ko-KR
2012-10-08 23:56:10 -------- d-----w- c:\windows\system32\drivers\umdf\ms-MY
2012-10-08 23:56:09 -------- d-----w- c:\windows\system32\drivers\umdf\id-ID
2012-10-08 23:56:08 -------- d-----w- c:\windows\system32\drivers\umdf\sv-SE
2012-10-08 23:56:08 -------- d-----w- c:\windows\system32\drivers\umdf\nb-NO
2012-10-08 23:56:07 -------- d-----w- c:\windows\system32\drivers\umdf\hu-HU
2012-10-08 23:56:06 -------- d-----w- c:\windows\system32\drivers\umdf\fi-FI
2012-10-08 23:56:05 -------- d-----w- c:\windows\system32\drivers\umdf\el-GR
2012-10-08 23:56:00 -------- d-----w- c:\windows\system32\drivers\umdf\da-DK
2012-10-07 20:30:01 -------- d-----w- c:\users\owner\appdata\roaming\SoftGrid Client
2012-10-07 20:25:17 -------- d-----w- c:\program files\Microsoft SkyDrive
2012-10-06 15:50:02 740784 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\nisbackup\gapaengine.dll
2012-10-05 16:54:37 -------- d-----w- c:\users\owner\appdata\local\BACS
2012-10-02 17:36:12 -------- d-----w- c:\users\owner\appdata\local\Programs
2012-09-29 19:43:15 -------- d-----w- c:\program files\Microsoft
2012-09-29 19:29:03 -------- d-----w- c:\program files\Microsoft Security Client
.
==================== Find3M ====================
.
2012-10-27 16:43:30 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-27 16:43:30 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-30 02:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-26 17:58:02 136784 ----a-w- c:\windows\system32\atashost.exe
2012-09-26 17:58:00 219216 ----a-w- c:\windows\system32\atsckernel.exe
2012-09-22 23:30:17 100864 ----a-w- C:\kgloapow.sys
2012-09-14 18:28:53 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-05 02:19:28 58696 ----a-w- c:\windows\system32\AOLParconLink.exe
2012-09-04 16:36:14 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-04 16:36:13 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-04 16:36:13 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-03 23:47:18 115008 ----a-w- c:\windows\system32\drivers\efavdrv.sys
2012-08-31 17:18:09 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-31 05:03:50 99272 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-31 05:03:50 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 18:00:08 1688 ----a-w- c:\users\owner\08-30-2012.reg
2012-08-30 17:12:02 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 16:00:09 5602 ----a-w- c:\users\owner\ESETexe-fix.bat
2012-08-24 16:57:48 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-23 22:56:08 24416 ----a-w- c:\windows\system32\drivers\regguard.sys
2012-08-22 17:16:54 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16:46 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16:46 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16:36 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 20:12:27 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 20:01:22 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 20:01:22 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2012-08-20 17:40:31 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 17:40:01 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 17:37:58 271360 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 15:33:28 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-15 16:52:50 4472832 ----a-w- c:\windows\system32\GPhotos.scr
2012-08-10 23:56:14 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-08-02 16:57:20 490496 ----a-w- c:\windows\system32\d3d10level9.dll
.
============= FINISH: 10:00:47.17 ===============
 
Well, you're not saying what kind of issues you're having.

Attach.txt part of DDS is missing.
 
Slow unresponsive, anti-spyware scans are not reporting ANYTHING. Broni, this just doesn't seem correct based on what I've seen in the past when doing these scans.
Attach part of DDS:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-10-19.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 3/12/2011 6:36:07 AM
System Uptime: 10/29/2012 7:38:22 AM (3 hours ago)
.
Motherboard: Dell Inc. | | 0FT292
Processor: Genuine Intel(R) CPU T2600 @ 2.16GHz | Microprocessor | 2167/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 74 GiB total, 28.181 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\4&13FD3FCA&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\4&13FD3FCA&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP595: 10/18/2012 6:14:14 PM - Removed Bonjour
RP596: 10/18/2012 6:14:44 PM - Removed Apple Application Support
RP597: 10/18/2012 6:51:46 PM - Installed iTunes
RP598: 10/18/2012 8:39:53 PM - Installed QuickTime
RP599: 10/21/2012 7:21:23 AM - Windows Update
RP601: 10/21/2012 8:24:12 AM - Revo Uninstaller's restore point - Winmx Community 1
RP603: 10/21/2012 8:27:21 AM - Revo Uninstaller's restore point - Winmx Community 1
RP605: 10/21/2012 12:49:25 PM - SYSTEM RESTORE POINT
RP606: 10/22/2012 7:18:33 AM - Restore Operation
RP607: 10/22/2012 7:36:06 AM - Windows Update
RP608: 10/23/2012 7:12:46 PM - Installed MotoCast
RP609: 10/26/2012 2:02:46 PM - Windows Update
RP610: 10/27/2012 9:16:36 AM - Installed Java 7 Update 9
RP612: 10/28/2012 4:09:35 PM - Revo Uninstaller's restore point - Bing Bar
RP614: 10/28/2012 4:12:17 PM - Revo Uninstaller's restore point - IObit Toolbar v6.1
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.22beta
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI
Adobe Shockwave Player 11.6
Adobe SVG Viewer 3.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Auslogics Disk Defrag
Bonjour
Broadcom NetXtreme-I Netlink Driver and Management Installer
Broadcom TPM Driver Installer
Canon MP Navigator EX 4.1
Canon MX360 series MP Drivers
Canon MX360 series User Registration
Canon Solution Menu EX
Canon Speed Dial Utility
CCleaner
Cisco WebEx Meetings
Compatibility Pack for the 2007 Office system
Conexant HDA D110 MDC V.92 Modem
Digital Line Detect
Dropbox
FileHippo.com Update Checker
Google Apps
Google Drive
Google Update Helper
Google Updater
HiJackThis
Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver
Intel(R) PROSet/Wireless WiFi Software
iTunes
Java 7 Update 7
Jing
Kits Configuration Installer
Malwarebytes Anti-Malware version 1.65.1.1000
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft DirectX SDK (June 2010)
Microsoft Mouse and Keyboard Center
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Click-to-Run 2010
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Security Client
Microsoft Security Essentials
Microsoft SkyDrive
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
MotoCast
MotoHelper MergeModules
Motorola Device Manager
Motorola Device Software Update
MOTOROLA MEDIA LINK
Motorola Mobile Drivers Installation 5.9.0
Mozilla Firefox 17.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB973685)
MyITLab ActiveX Installer 2, 9, 8, 65535
Office 2010 Trial Extender
OZ776 SCR Driver V1.1.4.202
Photobucket Desktop
Picasa 3
Picasa Uploader
QuickSet
QuickTime
Revo Uninstaller 1.94
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687314) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2687315) 32-Bit Edition
SigmaTel Audio
SiSoftware Sandra Lite 2012.SP5c
SlimDrivers
Smart Defrag 2
SUPERAntiSpyware
swMSM
System Requirements Lab for Intel
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Vista Profile Pack
Windows Driver Kit
Windows Driver Package - Intel (NETwLv32) net (08/15/2010 13.3.0.137)
Windows Driver Package - Intel (NETwNs32) net (07/14/2010 13.3.0.24)
Windows Installer Clean Up
Windows Media Center Add-in for Flash
Windows Media Player Firefox Plugin
Windows Mobile Device Updater Component
Winmx Community 1
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== Event Viewer Messages From Past Week ========
.
10/29/2012 7:38:56 AM, Error: Service Control Manager [7003] - The Net.Tcp Listener Adapter service depends the following service: was. This service might not be installed.
10/29/2012 7:38:56 AM, Error: Service Control Manager [7003] - The Net.Pipe Listener Adapter service depends the following service: was. This service might not be installed.
10/29/2012 7:38:56 AM, Error: Service Control Manager [7003] - The Net.Msmq Listener Adapter service depends the following service: msmq. This service might not be installed.
10/29/2012 7:38:53 AM, Error: NETLOGON [3095] - This computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration.
10/23/2012 7:13:58 PM, Error: Service Control Manager [7030] - The PST Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/22/2012 7:24:02 AM, Error: Microsoft Antimalware [2004] - Microsoft Antimalware has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted: Current Error Code: 0x80070002 Error description: The system cannot find the file specified. Signature version: 1.139.100.0;1.139.100.0 Engine version: 1.1.8904.0
10/22/2012 7:12:36 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
10/22/2012 7:12:36 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error: An instance of the service is already running.
10/22/2012 7:12:36 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Remote Access Connection Manager service, but this action failed with the following error: An instance of the service is already running.
10/22/2012 7:12:36 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Multimedia Class Scheduler service, but this action failed with the following error: An instance of the service is already running.
10/22/2012 7:12:36 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Certificate Propagation service, but this action failed with the following error: An instance of the service is already running.
10/22/2012 7:11:36 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7034] - The Problem Reports and Solutions Control Panel Support service terminated unexpectedly. It has done this 1 time(s).
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Secondary Logon service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Microsoft iSCSI Initiator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The IP Helper service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Internet Connection Sharing (ICS) service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Health Key and Certificate Management service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Certificate Propagation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
10/22/2012 7:10:36 AM, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
.
==== End Of File ===========================
 
  • Download RogueKiller on the desktop
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
 
aswMBR to follow

RogueKiller V8.2.1 [10/29/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : Owner [Admin rights]
Mode : Remove -- Date : 10/29/2012 10:46:54

¤¤¤ Bad processes : 4 ¤¤¤
[SUSP PATH][DLL] explorer.exe -- C:\Windows\explorer.exe : C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\MSVCP110.dll -> UNLOADED
[SUSP PATH][DLL] explorer.exe -- C:\Windows\explorer.exe : C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\MSVCP110.dll -> UNLOADED
[SUSP PATH][DLL] explorer.exe -- C:\Windows\explorer.exe : C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\MSVCP110.dll -> UNLOADED
[SUSP PATH][DLL] explorer.exe -- C:\Windows\explorer.exe : C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\MSVCP110.dll -> UNLOADED

¤¤¤ Registry Entries : 2 ¤¤¤
[TASK][SUSP PATH] {DADA0A5C-E67C-4C91-89CC-71F72D272F2B} : C:\Windows\System32\pcalua.exe -a C:\Users\Owner\Desktop\jre-6u26-windows-i586.exe -d C:\Users\Owner\Desktop -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: SAMSUNG HM080HI ATA Device +++++
--- User ---
[MBR] 0c73aefa2c61e73e8d63966c70cbbc91
[BSP] b885cf893c28e2877b56a18dfe1cd75d : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 76217 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
 
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-29 10:48:46
-----------------------------
10:48:46.356 OS Version: Windows 6.1.7601 Service Pack 1
10:48:46.356 Number of processors: 2 586 0xE08
10:48:46.366 ComputerName: OWNER-PC UserName: Owner
10:48:47.146 Initialize success
10:50:48.933 AVAST engine defs: 12102900
10:52:26.308 The log file has been saved successfully to "C:\Users\Owner\Desktop\2nd Saved Log Files 10.29.2012\aswMBR.txt"
10:52:49.084 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:52:49.094 Disk 0 Vendor: SAMSUNG_HM080HI AB100-12 Size: 76319MB BusType: 3
10:52:49.294 Disk 0 MBR read successfully
10:52:49.304 Disk 0 MBR scan
10:52:49.314 Disk 0 Windows 7 default MBR code
10:52:49.374 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
10:52:49.494 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 76217 MB offset 206848
10:52:49.665 Disk 0 scanning sectors +156299264
10:52:50.125 Disk 0 scanning C:\Windows\system32\drivers
10:54:27.534 Service scanning
10:54:59.509 Service MpKsl1edc1f11 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{910787C7-654E-44F3-A889-F57676AACDCF}\MpKsl1edc1f11.sys **LOCKED** 32
10:55:46.329 Modules scanning
10:57:10.833 Disk 0 trace - called modules:
10:57:10.863 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
10:57:10.873 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85c5c460]
10:57:10.883 3 CLASSPNP.SYS[891b759e] -> nt!IofCallDriver -> [0x85798918]
10:57:10.893 5 ACPI.sys[88aa83d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8577b030]
10:57:11.373 AVAST engine scan C:\Windows
10:57:35.722 AVAST engine scan C:\Windows\system32
11:16:58.386 AVAST engine scan C:\Windows\system32\drivers
11:19:12.702 AVAST engine scan C:\Users\Owner
11:51:12.160 AVAST engine scan C:\ProgramData
12:02:42.648 Scan finished successfully
12:04:42.032 Disk 0 MBR has been saved successfully to "C:\Users\Owner\Desktop\2nd Saved Log Files 10.29.2012\MBR.dat"
12:04:42.122 The log file has been saved successfully to "C:\Users\Owner\Desktop\2nd Saved Log Files 10.29.2012\aswMBR.txt"
 
Create new restore point before proceeding with the next step....
How to:
- Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
- Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
- XP: http://support.microsoft.com/kb/948247

=============================

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    If the connection is not there use restore point you created prior to running Combofix.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
ComboFix 12-10-29.05 - Owner 10/29/2012 12:39:36.18.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2038.799 [GMT -7:00]
Running from: c:\users\Owner\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Owner\3u2g776r.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-09-28 to 2012-10-29 )))))))))))))))))))))))))))))))
.
.
2012-10-29 17:41 . 2012-10-29 17:41 29904 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{910787C7-654E-44F3-A889-F57676AACDCF}\MpKsl1edc1f11.sys
2012-10-29 17:01 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{910787C7-654E-44F3-A889-F57676AACDCF}\mpengine.dll
2012-10-29 16:26 . 2012-10-29 17:01 -------- d-----w- c:\users\Owner\Scanned Logs 10.29.2012
2012-10-29 14:51 . 2012-10-12 05:56 6918632 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-10-24 02:15 . 2012-10-24 02:15 -------- d-----w- C:\Binaries
2012-10-24 02:15 . 2012-10-24 02:15 -------- d-----w- c:\program files\Motorola Media Link
2012-10-24 02:14 . 2012-10-24 02:14 5 ----a-w- c:\windows\system32\lMMLDeleteUserData42107612FX.tmp
2012-10-22 14:36 . 2012-09-29 19:30 740784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{887E8832-3D29-412A-A039-8E2C855ABDDC}\gapaengine.dll
2012-10-21 20:29 . 2012-10-21 20:34 -------- d-----w- c:\program files\Microsoft Office 15
2012-10-21 20:24 . 2012-10-22 14:21 -------- d-----w- c:\users\Owner\AppData\Local\MicrosoftStore
2012-10-21 19:15 . 2012-10-21 19:15 -------- d-----w- c:\program files\NoVirusThanks
2012-10-19 03:40 . 2012-10-19 03:40 -------- d-----w- c:\program files\QuickTime
2012-10-19 01:52 . 2012-10-19 01:52 -------- d-----w- c:\program files\iPod
2012-10-19 01:52 . 2012-10-19 01:53 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-10-19 01:52 . 2012-10-19 01:53 -------- d-----w- c:\program files\iTunes
2012-10-19 01:51 . 2012-10-19 01:51 -------- d-----w- c:\program files\Apple Software Update
2012-10-19 01:51 . 2012-10-19 01:51 -------- d-----w- c:\program files\Bonjour
2012-10-19 01:50 . 2012-10-19 01:52 -------- d-----w- c:\program files\Common Files\Apple
2012-10-19 00:58 . 2012-10-19 00:58 -------- d-----w- C:\9d7fb0384ad3000f74330d244589
2012-10-18 21:55 . 2010-06-02 12:23 954200 ----a-w- c:\windows\system32\XAudioD2_7.dll
2012-10-18 21:52 . 2008-10-15 13:22 452440 ----a-w- c:\windows\system32\d3dx10_40.dll
2012-10-18 21:52 . 2008-10-15 13:22 2036576 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2012-10-18 21:52 . 2008-10-15 13:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll
2012-10-18 21:49 . 2012-10-18 22:43 111960 ----a-w- c:\windows\dxsdkuninst.exe
2012-10-18 21:49 . 2012-10-18 21:54 -------- d-----w- c:\program files\Microsoft DirectX SDK (June 2010)
2012-10-18 21:45 . 2012-10-18 21:45 -------- d--h--w- c:\windows\msdownld.tmp
2012-10-13 22:35 . 2012-10-13 22:35 -------- d-----w- c:\users\Owner\AppData\Roaming\Auslogics
2012-10-12 18:34 . 2012-10-12 18:34 -------- d-----w- c:\program files\Windows Sidebar
2012-10-12 18:34 . 2012-10-12 18:34 -------- d-----w- c:\windows\ehome
2012-10-12 18:34 . 2012-10-12 18:34 -------- d-----w- c:\users\Default\AppData\Roaming\Media Center Programs
2012-10-11 21:34 . 2012-10-19 01:58 -------- d-----w- c:\users\Owner\AppData\Roaming\Apple Computer
2012-10-11 21:34 . 2012-10-11 21:34 -------- d-----w- c:\users\Owner\AppData\Local\Apple Computer
2012-10-11 20:48 . 2012-10-11 20:48 3584 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2012-10-11 20:48 . 2012-10-11 20:48 -------- d-----w- c:\program files\Windows Installer Clean Up
2012-10-11 19:09 . 2012-10-11 19:09 -------- d-----w- c:\program files\7-zip
2012-10-08 23:57 . 2012-10-08 23:57 -------- d-----w- c:\windows\system32\ms-MY
2012-10-08 23:56 . 2012-10-08 23:56 -------- d-----r- c:\users\Owner\Podcasts
2012-10-08 23:56 . 2012-10-08 23:56 -------- d-----w- c:\windows\system32\drivers\UMDF\ko-KR
2012-10-08 23:56 . 2012-10-08 23:56 -------- d-----w- c:\windows\system32\drivers\UMDF\ms-MY
2012-10-08 23:56 . 2012-10-08 23:56 -------- d-----w- c:\windows\system32\drivers\UMDF\id-ID
2012-10-08 23:56 . 2012-10-08 23:56 -------- d-----w- c:\windows\system32\drivers\UMDF\sv-SE
2012-10-08 23:56 . 2012-10-08 23:56 -------- d-----w- c:\windows\system32\drivers\UMDF\nb-NO
2012-10-08 23:56 . 2012-10-08 23:56 -------- d-----w- c:\windows\system32\drivers\UMDF\hu-HU
2012-10-08 23:56 . 2012-10-08 23:56 -------- d-----w- c:\windows\system32\drivers\UMDF\fi-FI
2012-10-08 23:56 . 2012-10-08 23:56 -------- d-----w- c:\windows\system32\drivers\UMDF\el-GR
2012-10-08 23:56 . 2012-10-08 23:56 -------- d-----w- c:\windows\system32\drivers\UMDF\da-DK
2012-10-08 23:54 . 2012-10-08 23:56 -------- d-----w- c:\program files\Zune
2012-10-07 20:30 . 2012-10-28 23:19 -------- d-----w- c:\users\Owner\AppData\Roaming\SoftGrid Client
2012-10-07 20:25 . 2012-10-07 20:25 -------- d-----w- c:\program files\Microsoft SkyDrive
2012-10-06 15:50 . 2012-09-29 19:30 740784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-10-05 16:54 . 2012-10-05 16:55 -------- d-----w- c:\users\Owner\AppData\Local\BACS
2012-10-02 17:36 . 2012-10-02 17:36 -------- d-----w- c:\users\Owner\AppData\Local\Programs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-27 16:43 . 2012-03-08 00:17 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-27 16:43 . 2012-03-02 17:33 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-30 02:54 . 2011-06-17 21:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-26 17:58 . 2012-09-26 17:58 136784 ----a-w- c:\windows\system32\atashost.exe
2012-09-26 17:58 . 2012-09-26 17:58 219216 ----a-w- c:\windows\system32\atsckernel.exe
2012-09-22 23:30 . 2012-09-22 23:30 100864 ----a-w- C:\kgloapow.sys
2012-09-05 02:19 . 2012-09-05 04:26 58696 ----a-w- c:\windows\system32\AOLParconLink.exe
2012-09-04 16:36 . 2012-09-04 16:36 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-09-04 16:36 . 2011-12-13 17:32 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-09-04 16:36 . 2011-03-12 14:54 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-03 23:47 . 2012-09-03 23:47 115008 ----a-w- c:\windows\system32\drivers\efavdrv.sys
2012-08-31 05:03 . 2012-08-31 05:03 99272 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-08-31 05:03 . 2012-08-31 05:03 193552 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-08-30 20:10 . 2012-08-30 20:10 388096 ----a-r- c:\users\Owner\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-08-30 18:00 . 2012-08-30 18:00 1688 ----a-w- c:\users\Owner\08-30-2012.reg
2012-08-30 16:00 . 2012-08-30 16:00 5602 ----a-w- c:\users\Owner\ESETexe-fix.bat
2012-08-24 06:59 . 2012-09-22 23:19 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51 . 2012-09-22 23:19 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51 . 2012-09-22 23:19 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 23:19 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 23:19 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43 . 2012-09-22 23:19 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-23 22:56 . 2012-08-23 22:51 24416 ----a-w- c:\windows\system32\drivers\regguard.sys
2012-08-22 17:16 . 2012-09-11 21:42 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16 . 2012-09-11 21:42 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16 . 2012-09-11 21:42 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16 . 2012-09-11 21:42 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 20:12 . 2012-09-26 14:24 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 20:01 . 2012-09-13 15:19 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 20:01 . 2012-08-21 20:01 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2012-08-15 16:52 . 2012-08-15 16:52 4472832 ----a-w- c:\windows\system32\GPhotos.scr
2012-08-02 16:57 . 2012-09-11 21:42 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-10-27 15:30 . 2012-09-25 18:01 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-28 23:19 220632 ----a-w- c:\users\Owner\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-28 23:19 220632 ----a-w- c:\users\Owner\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-28 23:19 220632 ----a-w- c:\users\Owner\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-10-02 16:42 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-10-02 16:42 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-10-02 16:42 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-10-02 16:42 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 947176]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-10 421776]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-19 421888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk]
backup=c:\windows\pss\QuickSet.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Run Google Web Accelerator.lnk]
backup=c:\windows\pss\Run Google Web Accelerator.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
backup=c:\windows\pss\Secunia PSI Tray.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CNET TechTracker.lnk]
backup=c:\windows\pss\CNET TechTracker.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
path=c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
.
[HKLM\~\startupfolder\C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk]
backup=c:\windows\pss\Facebook Messenger.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]
backup=c:\windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
path=c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
.
[HKLM\~\startupfolder\C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
backup=c:\windows\pss\OpenOffice.org 3.3.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-09-24 03:43 926896 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-08-28 04:32 59280 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2010-07-26 02:08 2569616 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
2010-09-15 02:09 1213848 ----a-w- c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleDriveSync]
2012-10-02 16:42 15687032 ----a-w- c:\program files\Google\Drive\googledrivesync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-27 01:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-10-02 16:34 173592 ----a-w- c:\windows\System32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-10-02 16:34 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint]
2012-06-27 04:36 1629280 ----a-w- c:\program files\Microsoft Device Center\ipoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliType Pro]
2012-06-27 04:36 1109072 ----a-w- c:\program files\Microsoft Device Center\itype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MotoCast]
2012-10-24 02:15 2009 ----a-w- c:\program files\Motorola Mobility\MotoCast\MotoLauncher.lnk
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-10-02 16:34 150552 ----a-w- c:\windows\System32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyDrive]
2012-10-28 23:19 238552 ----a-w- c:\users\Owner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2012-10-16 21:34 4762496 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2011-03-12 14:42 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
2011-08-05 19:29 159456 ----a-w- c:\program files\Zune\ZuneLauncher.exe
.
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [x]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [x]
R3 efavdrv;efavdrv;c:\windows\system32\drivers\efavdrv.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [x]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RegGuard;RegGuard;c:\windows\system32\Drivers\regguard.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\RpcAgentSrv.exe [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [x]
R3 Synth3dVsc;Synth3dVsc; [x]
R3 Te.Service;Te.Service;c:\program files\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub; [x]
R3 VGPU;VGPU; [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [x]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R4 atashost;WebEx Service Host for Support Center;c:\windows\system32\atashost.exe [x]
R4 BthFilterHelper;Bluetooth Feature Support;c:\program files\CSR\Vista Profile Pack\BthFilterHelper.exe [x]
R4 HawkesUpdater;Hawkes Unattended Updater;c:\program files\Hawkes Learning Systems\Hawkes Update Service Manager\srvany.exe [x]
R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
S0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\DRIVERS\MxEFUF32.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S1 MpKsl1edc1f11;MpKsl1edc1f11;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{910787C7-654E-44F3-A889-F57676AACDCF}\MpKsl1edc1f11.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 BrcmMgmtAgent;Broadcom Management Agent;c:\program files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DeviceMonitorService;DeviceMonitorService;c:\program files\Motorola Media Link\Lite\NServiceEntry.exe [x]
S2 Motorola Device Manager;Motorola Device Manager Service;c:\program files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [x]
S2 PST Service;PST Service;c:\program files\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 BTHFILT;Bluetooth Command Filter;c:\windows\system32\DRIVERS\BthFilt.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 NETwLv32; Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETwLv32.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfswin7.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaywin7.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirwin7.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvolwin7.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 40092773
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MPKSL1EDC1F11
*Deregistered* - 40092773
*Deregistered* - aswMBR
*Deregistered* - kgloapow
*Deregistered* - MBAMSwissArmy
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-08 16:43]
.
2012-10-29 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-03-12 14:24]
.
2012-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-12 14:43]
.
2012-10-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-03-12 14:43]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uStart Page = https://www.google.com/
uInternet Settings,ProxyOverride = 192.168.*.*;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
Trusted Zone: craigslist.org\accounts
TCP: DhcpNameServer = 216.228.160.7 216.228.160.8
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}: NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\3616D6075737F577962756C6563737: NameServer = 8.8.8.8,216.228.160.7
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\4656661657C647: NameServer = 205.171.3.25,216.228.160.7
TCP: Interfaces\{AE2C0F72-3496-4135-9EC1-A45251CA19E9}\F40756E60234F6D6D657E696479702E4564777F627B6: NameServer = 8.8.8.8,216.228.160.7
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\r18ei3ko.default-1343151942524\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe
MSConfigStartUp-avgnt - c:\program files\Avira\AntiVir Desktop\avgnt.exe
MSConfigStartUp-DealRunner - c:\program files\DealRunner\DealRunner.exe
MSConfigStartUp-RocketDock - c:\program files\RocketDock\RocketDock.exe
MSConfigStartUp-Spotify Web Helper - c:\users\Owner\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Common Files\Java\Java Update\jusched.exe
MSConfigStartUp-WinPatrol - c:\program files\BillP Studios\WinPatrol\winpatrol.exe
AddRemove-{30DF32A9-EECA-4473-A73C-3E20F2EA9C89} - c:\programdata\{3CFC714A-D9F4-47EC-BCC5-71FDD5FB0857}\IDA-Student-Setup.exe
AddRemove-{3CB74F0D-8AA7-42A9-A52F-7BB5944A9A91} - c:\programdata\{8994E603-573E-4A1D-BA37-8C00E4FE051E}\BAM-Student-Setup.exe
AddRemove-{7CD6B202-CDCC-48CF-9B96-268A94BD97FB} - c:\programdata\{93906220-8503-45CF-87CB-5A54C8DE1AB2}\Hawkes Update Service Manager.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,38,12,05,e2,ce,
9b,5d,cd,68,0d,d4,09,57,15,ce,b1,b6,9d
"{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}"=hex:51,66,7a,6c,4c,1d,38,12,b0,f3,37,
dc,52,73,39,0a,e1,a7,25,43,3b,93,ce,af
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:6a,97,1c,dc,64,07,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e6,21,91,1f,54,0e,52,44,a9,c7,62,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e6,21,91,1f,54,0e,52,44,a9,c7,62,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_500_104_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_500_104_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-10-29 12:50:11
ComboFix-quarantined-files.txt 2012-10-29 19:50
.
Pre-Run: 30,528,798,720 bytes free
Post-Run: 30,466,166,784 bytes free
.
- - End Of File - - C29FD78FD8ECDC8D85AF9D6BF2666B83
 
I'm trying to understand why after spending considerable time on the internet why I'm not getting any spyware found by Super Anti spyware or Mbam? This has been the condition for a period of days. Thank you for your time and look forward to your response.
 
You're very welcome
th_smiley_says_hello.gif
 
You must log in or register to reply here.

Similar threads

N
Nvidia unveils GH200 super chip and DGX GH200 computing platform for AI
Replies
22
Views
1K
Burty117
Burty117
C
Solved Malware \ProductData + possibly more, on two devices
Replies
4
Views
7K
Broni
Broni
Nicki
Solved Must have picked up something... some COVID computer variant???
Replies
9
Views
3K
Broni
Broni

Latest posts

Back