Hello,
I am unable to view AV websites, microsoft and some others, these all redirect back to my homepage or provide a missing URL page. Also had trouble with internet banking asking for far more information than is normally required (only on this pc) so obviously have changed passwords, etc, from another pc. This happens in both FF and Chrome, the other pc I use is entirely unaffected.
I haven't been able to find any malware as yet, using Avast and other programmes I already had installed and then laterly following your 5 steps as recorded below. I would be grateful for any help with this as it seems to be outfoxing all the programmes I have tried so far. Malware came up with nothing as copied below and GMER was also blank, hence no log.
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.15.03
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Me :: ALAN [administrator]
15/05/2012 13:41:49
mbam-log-2012-05-15 (13-41-49).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 196830
Time elapsed: 3 minute(s), 39 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_22
Run by Me at 15:54:18 on 2012-05-15
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3836.1803 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\spool\drivers\x64\3\ADAiO2MUI.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Windows\splwow64.exe
C:\Users\Me\AppData\Roaming\Qaaqi\toyd.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\notepad.exe
Q:\140066.enu\Office14\WINWORDC.EXE
Q:\140066.enu\Office14\OffSpon.EXE
C:\Users\Me\Downloads\n21qw65h.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Mehoc] C:\Users\Me\AppData\Roaming\Qaaqi\toyd.exe
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_228_Plugin.exe -update plugin
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Conime] %windir%\system32\conime.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\Me\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{66AF9F3D-33FC-4E8E-971B-F65E7FA4224F} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{66AF9F3D-33FC-4E8E-971B-F65E7FA4224F}\4597464697E6 : DhcpNameServer = 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun-x64: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Conime] %windir%\system32\conime.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce-x64: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce-x64: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\w02wtz2o.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-12 140672]
R2 Advent AIO Network Discovery Service;Advent AIO Network Discovery Service;C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe [2011-10-14 361904]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-2-16 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-5-15 44768]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-2-16 673088]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-2 209768]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-15 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-4 253600]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-15 136176]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2012-05-15 12:40:50 -------- d-----w- C:\Users\Me\AppData\Roaming\Malwarebytes
2012-05-15 12:40:39 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-15 12:40:38 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-15 12:40:38 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-15 10:49:33 -------- d-----w- C:\Users\Me\AppData\Roaming\SUPERAntiSpyware.com
2012-05-15 10:49:01 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-05-15 10:49:01 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-05-15 10:23:13 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-05-15 10:23:13 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-05-15 09:20:27 -------- d-----w- C:\Users\Me\AppData\Local\Google
2012-05-15 09:20:14 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-05-15 09:20:11 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-05-15 09:20:07 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-05-15 09:19:22 41184 ----a-w- C:\Windows\avastSS.scr
2012-05-15 09:19:11 -------- d-----w- C:\ProgramData\AVAST Software
2012-05-15 09:19:11 -------- d-----w- C:\Program Files\AVAST Software
2012-05-08 09:36:34 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{646AC93D-FABE-4C88-AFC9-327C1C998A12}\offreg.dll
2012-04-19 08:56:19 -------- d-----w- C:\Users\Me\AppData\Roaming\Qaaqi
2012-04-19 08:56:19 -------- d-----w- C:\Users\Me\AppData\Roaming\Inkea
2012-04-19 08:56:19 -------- d-----w- C:\Users\Me\AppData\Roaming\Apefr
.
==================== Find3M ====================
.
2012-04-04 13:46:37 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-04 13:46:36 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-04 11:21:58 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2012-03-17 12:05:33 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-02-23 08:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-16 06:47:28 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-02-16 06:47:28 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-02-16 06:47:28 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2012-02-16 06:34:58 0 ----a-w- C:\Windows\ativpsrm.bin
2012-02-16 06:19:14 455680 ----a-w- C:\Windows\System32\deployJava1.dll
2012-02-16 06:13:59 78848 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-02-16 06:08:52 80 --sh--r- C:\Windows\CT4CET.bin
2012-02-16 05:59:26 51712 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2012-02-16 05:59:26 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2012-02-16 05:58:49 30296 ----a-w- C:\Windows\System32\drivers\msahci.sys
2012-02-16 05:58:44 630272 ----a-w- C:\Windows\System32\evr.dll
2012-02-16 05:58:44 488448 ----a-w- C:\Windows\SysWow64\evr.dll
2012-02-16 05:58:38 327680 ----a-w- C:\Windows\System32\drivers\udfs.sys
2012-02-16 05:58:29 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2012-02-16 05:58:29 100864 ----a-w- C:\Windows\System32\fontsub.dll
2012-02-16 05:56:06 91648 ----a-w- C:\Windows\System32\isoburn.exe
2012-02-16 05:56:06 86528 ----a-w- C:\Windows\SysWow64\isoburn.exe
2012-02-16 05:50:34 311808 ----a-w- C:\Windows\System32\msv1_0.dll
2012-02-16 05:50:34 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2012-02-16 05:50:25 46592 ----a-w- C:\Windows\System32\msasn1.dll
2012-02-16 05:50:25 34816 ----a-w- C:\Windows\SysWow64\msasn1.dll
2012-02-16 05:49:43 1975296 ----a-w- C:\Windows\System32\CertEnroll.dll
2012-02-16 05:49:43 1320960 ----a-w- C:\Windows\SysWow64\CertEnroll.dll
.
============= FINISH: 15:56:30.96 ===============
As nothing obvious (to me at least) seems to be showing up as a problem I am unsure what to do next, barring a complete reinstall.
Thanks for any help.
I am unable to view AV websites, microsoft and some others, these all redirect back to my homepage or provide a missing URL page. Also had trouble with internet banking asking for far more information than is normally required (only on this pc) so obviously have changed passwords, etc, from another pc. This happens in both FF and Chrome, the other pc I use is entirely unaffected.
I haven't been able to find any malware as yet, using Avast and other programmes I already had installed and then laterly following your 5 steps as recorded below. I would be grateful for any help with this as it seems to be outfoxing all the programmes I have tried so far. Malware came up with nothing as copied below and GMER was also blank, hence no log.
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.15.03
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Me :: ALAN [administrator]
15/05/2012 13:41:49
mbam-log-2012-05-15 (13-41-49).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 196830
Time elapsed: 3 minute(s), 39 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_22
Run by Me at 15:54:18 on 2012-05-15
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.44.1033.18.3836.1803 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\spool\drivers\x64\3\ADAiO2MUI.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Windows\splwow64.exe
C:\Users\Me\AppData\Roaming\Qaaqi\toyd.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\notepad.exe
Q:\140066.enu\Office14\WINWORDC.EXE
Q:\140066.enu\Office14\OffSpon.EXE
C:\Users\Me\Downloads\n21qw65h.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Mehoc] C:\Users\Me\AppData\Roaming\Qaaqi\toyd.exe
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_228_Plugin.exe -update plugin
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Conime] %windir%\system32\conime.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\Users\Me\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{66AF9F3D-33FC-4E8E-971B-F65E7FA4224F} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{66AF9F3D-33FC-4E8E-971B-F65E7FA4224F}\4597464697E6 : DhcpNameServer = 192.168.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun-x64: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Conime] %windir%\system32\conime.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
mRunOnce-x64: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
mRunOnce-x64: [STToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\w02wtz2o.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-12 140672]
R2 Advent AIO Network Discovery Service;Advent AIO Network Discovery Service;C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe [2011-10-14 361904]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-2-16 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-5-15 44768]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-2-28 821664]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-2 483688]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-2-16 673088]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-2 209768]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-15 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-4 253600]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-15 136176]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2012-05-15 12:40:50 -------- d-----w- C:\Users\Me\AppData\Roaming\Malwarebytes
2012-05-15 12:40:39 -------- d-----w- C:\ProgramData\Malwarebytes
2012-05-15 12:40:38 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-05-15 12:40:38 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-15 10:49:33 -------- d-----w- C:\Users\Me\AppData\Roaming\SUPERAntiSpyware.com
2012-05-15 10:49:01 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-05-15 10:49:01 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-05-15 10:23:13 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2012-05-15 10:23:13 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2012-05-15 09:20:27 -------- d-----w- C:\Users\Me\AppData\Local\Google
2012-05-15 09:20:14 53080 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2012-05-15 09:20:11 819032 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-05-15 09:20:07 69976 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-05-15 09:19:22 41184 ----a-w- C:\Windows\avastSS.scr
2012-05-15 09:19:11 -------- d-----w- C:\ProgramData\AVAST Software
2012-05-15 09:19:11 -------- d-----w- C:\Program Files\AVAST Software
2012-05-08 09:36:34 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{646AC93D-FABE-4C88-AFC9-327C1C998A12}\offreg.dll
2012-04-19 08:56:19 -------- d-----w- C:\Users\Me\AppData\Roaming\Qaaqi
2012-04-19 08:56:19 -------- d-----w- C:\Users\Me\AppData\Roaming\Inkea
2012-04-19 08:56:19 -------- d-----w- C:\Users\Me\AppData\Roaming\Apefr
.
==================== Find3M ====================
.
2012-04-04 13:46:37 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-04 13:46:36 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-04 11:21:58 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2012-03-17 12:05:33 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-02-23 08:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-16 06:47:28 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-02-16 06:47:28 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-02-16 06:47:28 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2012-02-16 06:34:58 0 ----a-w- C:\Windows\ativpsrm.bin
2012-02-16 06:19:14 455680 ----a-w- C:\Windows\System32\deployJava1.dll
2012-02-16 06:13:59 78848 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-02-16 06:08:52 80 --sh--r- C:\Windows\CT4CET.bin
2012-02-16 05:59:26 51712 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2012-02-16 05:59:26 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2012-02-16 05:58:49 30296 ----a-w- C:\Windows\System32\drivers\msahci.sys
2012-02-16 05:58:44 630272 ----a-w- C:\Windows\System32\evr.dll
2012-02-16 05:58:44 488448 ----a-w- C:\Windows\SysWow64\evr.dll
2012-02-16 05:58:38 327680 ----a-w- C:\Windows\System32\drivers\udfs.sys
2012-02-16 05:58:29 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2012-02-16 05:58:29 100864 ----a-w- C:\Windows\System32\fontsub.dll
2012-02-16 05:56:06 91648 ----a-w- C:\Windows\System32\isoburn.exe
2012-02-16 05:56:06 86528 ----a-w- C:\Windows\SysWow64\isoburn.exe
2012-02-16 05:50:34 311808 ----a-w- C:\Windows\System32\msv1_0.dll
2012-02-16 05:50:34 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2012-02-16 05:50:25 46592 ----a-w- C:\Windows\System32\msasn1.dll
2012-02-16 05:50:25 34816 ----a-w- C:\Windows\SysWow64\msasn1.dll
2012-02-16 05:49:43 1975296 ----a-w- C:\Windows\System32\CertEnroll.dll
2012-02-16 05:49:43 1320960 ----a-w- C:\Windows\SysWow64\CertEnroll.dll
.
============= FINISH: 15:56:30.96 ===============
As nothing obvious (to me at least) seems to be showing up as a problem I am unsure what to do next, barring a complete reinstall.
Thanks for any help.