pamiat

I see your point. I will re-install OS. Thank you for your help, cheers!

It appears that my wireless will not connect while in safemode. It's a 3G usb. I am not aware of those being unable to work in safemode. But I am not certain either, should I contact the provider? Also, Maniac, I installed AVG antivirus and managed to update it after many many hours. The only threat detected and removed was a crack that I do not consider harmful. MBAM will still not update its database, it stops at 38%, goes back to 0% and gives the error Incomplete Transfer. Another thing that comes to mind is that pc started behaving badly after a java update which I have been skipping for some time. After I eventually accepted the update, internet speed has been considerably reduced (although the 3G network appears fine), If this is phishing how can it be dealt with? If not what else can be done except formating hd as a final choice?

the scan won't load. It stops after I press start.

Sorry for the delay: @BIOS ABBYY FineReader 6.0 Sprint Acrobat.com Ad-Aware Adobe AIR Adobe Community Help Adobe Dreamweaver CS5.5 Adobe Flash Player 10 Plugin Adobe Flash Player 11 ActiveX Adobe Media Player Adobe Reader 9.1 Adobe Shockwave Player 11.5 Adobe Widget Browser Android SDK Tools Apple Application Support Apple Software Update ArcSoft MediaImpression Audacity 1.2.6 AutoGreen B09.1014.2 Browser Configuration Utility Combined Community Codec Pack 2010-10-10 Cool Edit Pro 2.1 COSMOTE Internet On The Go Digsby Dropbox Easy Tune 6 B10.0521.1 Epson Copy Utility 3.4 Epson Event Manager EPSON PERFECTION V30_V300 PHOTO Manual EPSON Scan FreeRIP v3.6 ImgBurn Intel® Management Engine Components IrfanView (remove only) Java Auto Updater Java 6 Update 29 LG United Mobile Driver Line 6 Uninstaller Malwarebytes Anti-Malware version 1.61.0.1400 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 Mozilla Firefox 11.0 (x86 en-US) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Network Stumbler 0.4.0 (remove only) NVIDIA PhysX NVIDIA Stereoscopic 3D Driver ON_OFF Charge B10.0427.1 OpenOffice.org 3.3 OpenSSL 0.9.8t Light (32-bit) Picasa 3 Power Tab Editor 1.7 PowerISO proXPN 2.4.11 QuickTime Realtek Ethernet Controller Driver For Windows 7 Realtek High Definition Audio Driver Reason 5.0 S.T.A.L.K.E.R. - Clear Sky [v1.0003] S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0005] Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Spybot - Search & Destroy Steinberg Cubase 5 The KMPlayer (remove only) TrueCrypt Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 VLC media player 1.1.9 Winamp Winamp Detector Plug-in Windows Movie Maker 2.6 ZTE_MF636_USB_MODEM_2.1040.0.3

here goes: (I had to re-install my wireless after the scan) ComboFix 12-04-13.01 - TL081 04/14/2012 19:36:01.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3959.2352 [GMT -7:00] Running from: c:\users\TL081\Desktop\ComboFix.exe AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Thumbs.db D:\Autorun.inf D:\install.exe H:\Autorun.inf . . ((((((((((((((((((((((((( Files Created from 2012-03-15 to 2012-04-15 ))))))))))))))))))))))))))))))) . . 2012-04-15 02:40 . 2012-04-15 02:40 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-04-15 02:22 . 2011-12-05 09:44 16432 ----a-w- c:\windows\system32\lsdelete.exe 2012-04-15 02:05 . 2012-04-15 02:05 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-04-15 02:05 . 2012-04-04 22:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-15 01:40 . 2012-04-15 01:40 -------- d-----w- c:\users\TL081\AppData\Roaming\SUPERAntiSpyware.com 2012-04-15 01:39 . 2012-04-15 01:40 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-04-15 01:39 . 2012-04-15 01:39 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-04-15 01:27 . 2010-04-09 11:06 374664 ----a-w- c:\windows\system32\drivers\netio.sys 2012-04-15 01:02 . 2012-04-15 01:02 -------- d-----w- c:\users\TL081\AppData\Roaming\Malwarebytes 2012-04-15 01:02 . 2012-04-15 01:02 -------- d-----w- c:\programdata\Malwarebytes 2012-04-15 00:45 . 2012-04-15 00:45 -------- d--h--w- c:\programdata\Common Files 2012-04-15 00:44 . 2012-04-15 00:52 -------- d-----w- c:\programdata\MFAData 2012-04-13 23:31 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2FD1D06D-DC3D-4DCF-B067-D2F2579B8272}\mpengine.dll 2012-04-11 10:00 . 2012-03-01 06:54 22896 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-04-11 10:00 . 2012-03-01 06:40 80896 ----a-w- c:\windows\system32\imagehlp.dll 2012-04-11 10:00 . 2012-03-01 05:45 158720 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-04-11 10:00 . 2012-03-01 06:45 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-04-11 10:00 . 2012-03-01 05:49 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-04-11 10:00 . 2012-03-01 06:35 5120 ----a-w- c:\windows\system32\wmi.dll 2012-04-11 10:00 . 2012-03-01 05:40 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-04-03 03:21 . 2012-04-03 03:21 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll 2012-04-01 07:52 . 2012-04-01 07:52 -------- d-----w- c:\users\TL081\AppData\Local\4A Games 2012-04-01 07:42 . 2012-04-03 03:25 -------- d-----w- c:\program files (x86)\THQ 2012-03-31 16:50 . 2012-03-31 16:50 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard 2012-03-28 05:04 . 2012-03-28 05:04 -------- d-----w- c:\users\TL081\AppData\Local\Diagnostics 2012-03-27 05:28 . 2012-03-27 05:28 -------- d-----w- c:\program files (x86)\mIRC 2012-03-27 05:11 . 2012-03-30 07:25 -------- d-----w- c:\users\TL081\AppData\Roaming\mIRC 2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\SysWow64\GPhotos.scr 2012-03-19 09:51 . 2012-03-19 09:51 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll 2012-03-19 09:51 . 2012-03-19 09:51 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-11 09:10 . 2012-03-15 00:22 88480 ----a-w- c:\windows\system32\drivers\atksgt.sys 2012-04-11 09:10 . 2012-03-15 00:22 46400 ----a-w- c:\windows\system32\drivers\lirsgt.sys 2012-03-10 11:08 . 2012-03-10 11:08 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll 2012-03-10 11:08 . 2012-03-10 11:08 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2012-03-10 11:08 . 2012-03-10 11:08 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2012-03-10 11:08 . 2012-03-10 11:08 74752 ----a-w- c:\windows\SysWow64\iesetup.dll 2012-03-10 11:08 . 2012-03-10 11:08 63488 ----a-w- c:\windows\SysWow64\tdc.ocx 2012-03-10 11:08 . 2012-03-10 11:08 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2012-03-10 11:08 . 2012-03-10 11:08 420864 ----a-w- c:\windows\SysWow64\vbscript.dll 2012-03-10 11:08 . 2012-03-10 11:08 367104 ----a-w- c:\windows\SysWow64\html.iec 2012-03-10 11:08 . 2012-03-10 11:08 35840 ----a-w- c:\windows\SysWow64\imgutil.dll 2012-03-10 11:08 . 2012-03-10 11:08 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll 2012-03-10 11:08 . 2012-03-10 11:08 161792 ----a-w- c:\windows\SysWow64\msls31.dll 2012-03-10 11:08 . 2012-03-10 11:08 152064 ----a-w- c:\windows\SysWow64\wextract.exe 2012-03-10 11:08 . 2012-03-10 11:08 150528 ----a-w- c:\windows\SysWow64\iexpress.exe 2012-03-10 11:08 . 2012-03-10 11:08 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe 2012-03-10 11:08 . 2012-03-10 11:08 11776 ----a-w- c:\windows\SysWow64\mshta.exe 2012-03-10 11:08 . 2012-03-10 11:08 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2012-03-10 11:08 . 2012-03-10 11:08 101888 ----a-w- c:\windows\SysWow64\admparse.dll 2012-03-10 11:08 . 2012-03-10 11:08 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-03-10 11:08 . 2012-03-10 11:08 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-03-10 11:08 . 2012-03-10 11:08 85504 ----a-w- c:\windows\system32\iesetup.dll 2012-03-10 11:08 . 2012-03-10 11:08 76800 ----a-w- c:\windows\system32\tdc.ocx 2012-03-10 11:08 . 2012-03-10 11:08 603648 ----a-w- c:\windows\system32\vbscript.dll 2012-03-10 11:08 . 2012-03-10 11:08 49664 ----a-w- c:\windows\system32\imgutil.dll 2012-03-10 11:08 . 2012-03-10 11:08 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-03-10 11:08 . 2012-03-10 11:08 448512 ----a-w- c:\windows\system32\html.iec 2012-03-10 11:08 . 2012-03-10 11:08 30720 ----a-w- c:\windows\system32\licmgr10.dll 2012-03-10 11:08 . 2012-03-10 11:08 222208 ----a-w- c:\windows\system32\msls31.dll 2012-03-10 11:08 . 2012-03-10 11:08 173056 ----a-w- c:\windows\system32\ieUnatt.exe 2012-03-10 11:08 . 2012-03-10 11:08 165888 ----a-w- c:\windows\system32\iexpress.exe 2012-03-10 11:08 . 2012-03-10 11:08 160256 ----a-w- c:\windows\system32\wextract.exe 2012-03-10 11:08 . 2012-03-10 11:08 135168 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-03-10 11:08 . 2012-03-10 11:08 12288 ----a-w- c:\windows\system32\mshta.exe 2012-03-10 11:08 . 2012-03-10 11:08 114176 ----a-w- c:\windows\system32\admparse.dll 2012-03-10 11:08 . 2012-03-10 11:08 111616 ----a-w- c:\windows\system32\iesysprep.dll 2012-03-04 13:09 . 2011-05-20 04:02 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-03-04 07:14 . 2012-03-04 07:14 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys 2012-02-25 02:56 . 2012-02-25 02:56 162664 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10140.bin 2012-02-23 16:18 . 2011-05-20 03:57 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-02-15 06:27 . 2012-03-14 04:13 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-02-15 05:44 . 2012-03-14 04:13 826368 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-02-15 04:47 . 2012-03-14 04:13 204800 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-02-15 04:46 . 2012-03-14 04:13 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-02-10 06:18 . 2012-03-14 04:27 1541120 ----a-w- c:\windows\system32\DWrite.dll 2012-02-10 06:17 . 2012-03-14 04:27 1837568 ----a-w- c:\windows\system32\d3d10warp.dll 2012-02-10 06:17 . 2012-03-14 04:27 320512 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-02-10 06:17 . 2012-03-14 04:27 902656 ----a-w- c:\windows\system32\d2d1.dll 2012-02-10 06:17 . 2012-03-14 04:27 197120 ----a-w- c:\windows\system32\d3d10_1.dll 2012-02-10 05:41 . 2012-03-14 04:27 1074176 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-02-10 05:41 . 2012-03-14 04:27 218624 ----a-w- c:\windows\SysWow64\d3d10_1core.dll 2012-02-10 05:41 . 2012-03-14 04:27 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll 2012-02-10 05:41 . 2012-03-14 04:27 1170944 ----a-w- c:\windows\SysWow64\d3d10warp.dll 2012-02-10 05:41 . 2012-03-14 04:27 739840 ----a-w- c:\windows\SysWow64\d2d1.dll 2012-02-03 04:16 . 2012-03-14 04:28 3143168 ----a-w- c:\windows\system32\win32k.sys 2012-01-25 06:27 . 2012-03-14 04:11 76288 ----a-w- c:\windows\system32\rdpwsx.dll 2012-01-25 06:27 . 2012-03-14 04:11 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-01-25 06:20 . 2012-03-14 04:11 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-01-20 02:56 . 2012-02-15 23:35 210432 ----a-w- c:\windows\SysWow64\ssleay32.dll 2012-01-20 02:56 . 2012-02-15 23:35 210432 ----a-w- c:\windows\SysWow64\libssl32.dll 2012-01-20 02:56 . 2012-02-15 23:35 1019904 ----a-w- c:\windows\SysWow64\libeay32.dll 2010-08-03 19:11 819200 --sha-w- c:\windows\SysWOW64\xvidcore.dll 2010-08-03 19:11 180224 --sha-w- c:\windows\SysWOW64\xvidvfw.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\TL081\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\TL081\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\TL081\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\users\TL081\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-17 221184] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-03-07 4785536] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000] "ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920] "M-Audio Taskbar Icon"="c:\windows\system32\DeltaIITray.exe" [2009-07-27 236040] "WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-10-26 74752] "ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424] "EEventManager"="c:\progra~2\EPSONS~1\EVENTM~1\EEventManager.exe" [2008-05-07 591696] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696] "B2C_AGENT"="c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe" [2011-09-28 404568] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360] . c:\users\TL081\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\TL081\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-14 24246216] OpenOffice.org 3.3.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Digsby.lnk - c:\program files (x86)\Digsby\digsby.exe [2010-3-3 141488] Update Agent.lnk - c:\program files (x86)\COSMOTE\Internet On The Go\AutoUpdateSrv.exe [2011-5-19 667648] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus64.sys [x] R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag64.sys [x] R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps64.sys [x] R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem64.sys [x] R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [x] R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2011-07-23 30528] R3 L6PODP;PODxt Pro Service;c:\windows\system32\Drivers\L6PODP64.sys [x] R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2009-04-27 11776] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x] S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [x] S1 nm3;Microsoft Network Monitor 3 Driver;c:\windows\system32\DRIVERS\nm3.sys [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672] S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464] S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-11-03 2152152] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-01-31 240232] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-09-30 2320920] S3 DELTAII;Service for M-Audio Delta Driver (WDM);c:\windows\system32\DRIVERS\MAudioDelta.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2011-12-05 17152] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - LAVASOFT_KERNEXPLORER *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-04-15 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-11-03 20:06] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\TL081\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\TL081\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\TL081\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 97792 ----a-w- c:\users\TL081\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-03-26 10135584] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-16 499608] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . mStart Page = hxxp://eis.esnips.com/page/search/?client_uuid=bda82ac0-85c3-4b48-b0d2-41fde8d1391d IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 Trusted Zone: line6.net FF - ProfilePath - c:\users\joTL081\AppData\Roaming\Mozilla\Firefox\Profiles\e331qf18.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://google.com/ FF - prefs.js: keyword.URL - hxxp://eis.esnips.com/page/search_provider/?client_uuid=bda82ac0-85c3-4b48-b0d2-41fde8d1391d&q= FF - prefs.js: network.proxy.type - 0 FF - user.js: yahoo.ytff.general.dontshowhpoffer - true . - - - - ORPHANS REMOVED - - - - . Wow6432Node-HKCU-Run-AdobeBridge - (no file) BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\windows\SysWOW64\DeltaIITray.exe c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe c:\program files (x86)\Lavasoft\Ad-Aware\AAWTray.exe c:\program files (x86)\OpenOffice.org 3\program\soffice.exe c:\program files (x86)\OpenOffice.org 3\program\soffice.bin . ************************************************************************** . Completion time: 2012-04-14 19:47:45 - machine was rebooted ComboFix-quarantined-files.txt 2012-04-15 02:47 . Pre-Run: 74,501,402,624 bytes free Post-Run: 84,616,880,128 bytes free . - - End Of File - - 5241DD776935EE80214EBB21AEFAFF84

That's weird because I downloaded the 1.61.0.1400 yesterday and when I installed it, the database was only 10 days old (I can't update from the infected pc). I had avast but it appears to be quite problematic. Also I cant update any antivirus or microsoft security essentials at the moment.

Hi Maniac, I was able to install mbam on my pc with a usb. Quickscan detected no infections, here is the log: Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Database version: v2012.04.04.08 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 [administrator] 4/14/2012 6:07:51 PM mbam-log-2012-04-14 (18-07-51).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 197236 Time elapsed: 2 minute(s), 30 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Problem has not been resolved and I am currently looking for a new antivirus as well. Any suggestions?

Download won't complete, so I will seek access to a clean computer as initially instructed. I will post logs hopefully tomorrow, thank you for your patience.

Hi Maniac, is there a way I can get MB without using a second computer? I will not be able to access one for at least a week. My browser downloads are failing but messenger and mail filesharing appears to be working, much slower than usual though. Is it possible I receive the Malwarebytes installation as a .zip on my mail and try to install? I can follow your instructions afterwards.

Hello and thanks in advance to anyone who helps out. I noticed videos not loading and downloads failing so I assumed I was infected. My avast scanned and found nearly 40 trojans on pc. When I tried to update my version of MB the attempt was not successful. I disabled avast, uninstalled and tried installing the latest version of malwarebytes but I get this message: "mbam-setup-1.61.0.1400.exe.part could not be saved, because the source file could not be read." I have not gone through all the forum topics for a solution, please redirect me to the proper topic if the problem has been mentioned before, or let me know what should be done in this topic.