Minor Registry Detection by MWB

[kickem246]

Hi I just ran a Malware bytes scan earlier today and it picked up a registry entry that links to a startup item. I followed the path in the registry entry but there is not actually a file there with the name noted in the log. If someone could look at my logs and give me an idea of what it is it would be much appreciated. Thank you

MWB logs

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Database version: 7711

Windows 6.1.7601 Service Pack 1

Internet Explorer 8.0.7601.17514

9/13/2011 10:44:10 PM

mbam-log-2011-09-13 (22-44-03).txt

Scan type: Quick scan

Objects scanned: 194332

Time elapsed: 1 minute(s), 51 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\-233528203 (Trojan.Agent) -> Value: -233528203 -> No action taken.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

DDS LOG

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_21

Run by Mike at 22:50:47 on 2011-09-13

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8183.6251 [GMT -4:00]

.

AV: Panda Cloud Antivirus *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}

SP: Panda Cloud Antivirus *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\SysWOW64\svchost.exe -k Akamai

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe

C:\Windows\system32\lxdkcoms.exe

C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe

C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\SysWOW64\PnkBstrB.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

C:\OEM\USBDECTION\USBS3S4Detection.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\rundll32.exe

C:\Program Files (x86)\Lexmark 5300 Series\lxdkmon.exe

C:\Program Files (x86)\Lexmark 5300 Series\lxdkamon.exe

C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUI.exe

C:\Program Files (x86)\Razer\Lycosa\razerhid.exe

C:\Program Files (x86)\Razer\Lachesis\razerhid.exe

C:\Program Files (x86)\Razer\Lachesis 5600\LachesisSysTray.exe

C:\Program Files (x86)\Razer\Lachesis\razerofa.exe

C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://mythos-europe.com

uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=fx6840&r=17360610z916p0435v1i5k4501r310

mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=fx6840&r=17360610z916p0435v1i5k4501r310

mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=fx6840&r=17360610z916p0435v1i5k4501r310

uURLSearchHooks: FCToolbarURLSearchHook Class: {2b2505fa-fd68-0144-9128-cd617bdca8c2} - C:\Program Files (x86)\SocialRibbons LP2\Helper.dll

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: SocialRibbons LP2: {ae92e5de-20f7-9934-d515-7be13880a842} - C:\Program Files (x86)\SocialRibbons LP2\Toolbar.dll

BHO: DCA BHO: {b49699fc-1665-4414-a1cb-c4a2a4a13eec} - C:\Program Files (x86)\Common Files\FreeCause\DCA\dca-bho.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File

mRun: [Hotkey Utility] C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Lycosa] "C:\Program Files (x86)\Razer\Lycosa\razerhid.exe"

mRun: [Lachesis] C:\Program Files (x86)\Razer\Lachesis\razerhid.exe

mRun: [Razer Lachesis Driver] C:\Program Files (x86)\Razer\Lachesis 5600\LachesisSysTray.exe

mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

mRun: [Razer Nostromo Driver] C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe

mRunOnce: [b Register C:\Program Files (x86)\DivX\DivX Plus DirectShow Filters\DirectShowDemuxFilter.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus DirectShow Filters\DirectShowDemuxFilter.dll",DllRegisterServer

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.1.71.0.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} - hxxp://cdnsupport.gateway.com/support/serialharvest/gwCID.CAB

DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{979F9523-D2D5-47F4-A87C-3A48A708DF26} : DhcpNameServer = 192.168.2.1

TCP: Interfaces\{C8CE7DDD-1C5A-4D71-91D7-0504FE9D369B} : DhcpNameServer = 192.168.2.1

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

BHO-X64: Increase performance and video formats for your HTML5 <video> - No File

BHO-X64: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

BHO-X64: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: SocialRibbons LP2: {AE92E5DE-20F7-9934-D515-7BE13880A842} - C:\Program Files (x86)\SocialRibbons LP2\Toolbar.dll

BHO-X64: FCTBPos00Pos - No File

BHO-X64: DCA BHO: {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files (x86)\Common Files\FreeCause\DCA\dca-bho.dll

BHO-X64: DCA - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File

mRun-x64: [Hotkey Utility] C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [Lycosa] "C:\Program Files (x86)\Razer\Lycosa\razerhid.exe"

mRun-x64: [Lachesis] C:\Program Files (x86)\Razer\Lachesis\razerhid.exe

mRun-x64: [Razer Lachesis Driver] C:\Program Files (x86)\Razer\Lachesis 5600\LachesisSysTray.exe

mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

mRun-x64: [Razer Nostromo Driver] C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe

mRunOnce-x64: [b Register C:\Program Files (x86)\DivX\DivX Plus DirectShow Filters\DirectShowDemuxFilter.dll] "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus DirectShow Filters\DirectShowDemuxFilter.dll",DllRegisterServer

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\coh97bup.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/

FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll

FF - component: C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Profiles\coh97bup.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

FF - plugin: C:\Users\Mike\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll

FF - plugin: C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Mike\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R1 PSINKNC;PSINKNC;C:\Windows\system32\DRIVERS\psinknc.sys --> C:\Windows\system32\DRIVERS\psinknc.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 cpuz133;cpuz133;\??\C:\Windows\system32\drivers\cpuz133_x64.sys --> C:\Windows\system32\drivers\cpuz133_x64.sys [?]

R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]

R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-8-28 1150496]

R2 lxdk_device;lxdk_device;C:\Windows\system32\lxdkcoms.exe -service --> C:\Windows\system32\lxdkcoms.exe -service [?]

R2 NanoServiceMain;Panda Cloud Antivirus Service;C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2011-4-28 140608]

R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-11-17 255744]

R2 PSINAflt;PSINAflt;C:\Windows\system32\DRIVERS\PSINAflt.sys --> C:\Windows\system32\DRIVERS\PSINAflt.sys [?]

R2 PSINFile;PSINFile;C:\Windows\system32\DRIVERS\PSINFile.sys --> C:\Windows\system32\DRIVERS\PSINFile.sys [?]

R2 PSINProc;PSINProc;C:\Windows\system32\DRIVERS\PSINProc.sys --> C:\Windows\system32\DRIVERS\PSINProc.sys [?]

R2 PSINProt;PSINProt;C:\Windows\system32\DRIVERS\PSINProt.sys --> C:\Windows\system32\DRIVERS\PSINProt.sys [?]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-10-26 1153368]

R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2010-4-10 243232]

R2 USBS3S4Detection;USBS3S4Detection;C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-13 76320]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 MBfilt;MBfilt;C:\Windows\system32\drivers\MBfilt64.sys --> C:\Windows\system32\drivers\MBfilt64.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 rzjoystk;Razer VJoystick;C:\Windows\system32\DRIVERS\rzjoystk.sys --> C:\Windows\system32\DRIVERS\rzjoystk.sys [?]

R3 RzSynapse;Razer Driver;C:\Windows\system32\DRIVERS\RzSynapse.sys --> C:\Windows\system32\DRIVERS\RzSynapse.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 lxdkCATSCustConnectService;lxdkCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\lxdkserv.exe [2007-6-14 33712]

S3 bulkadi;Razer Megalodon DFU;C:\Windows\system32\DRIVERS\bulkrazer_x64.sys --> C:\Windows\system32\DRIVERS\bulkrazer_x64.sys [?]

S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-5-13 79360]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-5-13 79360]

S3 MSSQL$MIKE;SQL Server (MIKE);C:\Program Files\Microsoft SQL Server\MSSQL10_50.MIKE\MSSQL\Binn\sqlservr.exe [2011-4-24 61916000]

S3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\system32\DRIVERS\netr28x.sys --> C:\Windows\system32\DRIVERS\netr28x.sys [?]

S3 nrtap;NeoRouter Virtual Network Interface;C:\Windows\system32\DRIVERS\nrtap.sys --> C:\Windows\system32\DRIVERS\nrtap.sys [?]

S3 Razerlow;Razer Pro|Solutions;C:\Windows\system32\drivers\Razerlow.sys --> C:\Windows\system32\drivers\Razerlow.sys [?]

S3 SaiH8000;SaiH8000;C:\Windows\system32\DRIVERS\SaiH8000.sys --> C:\Windows\system32\DRIVERS\SaiH8000.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2010-11-11 306416]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2010-4-3 59744]

S4 RsFx0150;RsFx0150 Driver;C:\Windows\system32\DRIVERS\RsFx0150.sys --> C:\Windows\system32\DRIVERS\RsFx0150.sys [?]

S4 SQLAgent$MIKE;SQL Server Agent (MIKE);C:\Program Files\Microsoft SQL Server\MSSQL10_50.MIKE\MSSQL\Binn\SQLAGENT.EXE [2011-4-24 428384]

.

=============== Created Last 30 ================

.

2011-09-14 02:10:36 709968 ----a-w- C:\Windows\isRS-000.tmp

2011-09-06 23:20:36 19200 ----a-w- C:\Windows\SysWow64\drivers\USBICP.sys

2011-09-06 23:20:33 13952 ----a-w- C:\Windows\System32\drivers\vhidmini.sys

2011-09-06 23:15:28 -------- d-----w- C:\Users\Mike\AppData\Roaming\Belkin

2011-09-03 22:12:50 -------- d-----w- C:\Users\Mike\AppData\Roaming\Mumble

2011-09-03 22:12:50 -------- d-----w- C:\Users\Mike\AppData\Local\Mumble

2011-09-01 03:41:13 -------- d-----w- C:\Program Files (x86)\Common Files\FreeCause

2011-09-01 03:41:12 -------- d-----w- C:\Program Files (x86)\SocialRibbons LP2

2011-09-01 00:44:32 6735925 ----a-w- C:\ProgramData\SPL2CAC.tmp

2011-09-01 00:42:09 6735925 ----a-w- C:\ProgramData\SPL30.tmp

.

==================== Find3M ====================

.

2011-09-14 02:44:27 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-08-31 21:00:50 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-08-11 00:13:28 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-08-01 11:23:26 160520 ----a-w- C:\Windows\System32\drivers\PSINAflt.sys

2011-07-31 06:51:12 71680 ----a-w- C:\Windows\System32\frapsv64.dll

2011-07-31 06:51:08 65536 ----a-w- C:\Windows\SysWow64\frapsvid.dll

2011-07-19 17:37:14 607104 ----a-w- C:\Windows\SysWow64\RzMwApi.dll

2011-07-14 21:18:52 157184 ----a-w- C:\Windows\System32\drivers\RzSynapse.sys

.

============= FINISH: 22:51:41.87 ===============

[LDTate]

Logs will be closed if you haven't replied within 3 days

My thoughts are MBAM removed it.

Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

[LDTate]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!