unwanted windows poping up

[bobbym]

your combofix report

ComboFix 14-10-15.01 - bob 10/20/2014 13:01:09.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4086.2712 [GMT 1:00]
Running from: c:\users\bob\Desktop\ComboFix.exe
Command switches used :: c:\users\bob\Desktop\CFScript.txt
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\bob\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
((((((((((((((((((((((((( Files Created from 2014-09-20 to 2014-10-20 )))))))))))))))))))))))))))))))
.
.
2014-10-20 12:04 . 2014-10-20 12:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-19 19:19 . 2014-10-19 19:19 -------- d-----w- C:\SUPERDelete
2014-10-19 19:11 . 2014-10-19 19:11 -------- d-----w- c:\users\bob\AppData\Roaming\SUPERAntiSpyware.com
2014-10-19 19:11 . 2014-10-19 19:11 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2014-10-19 18:19 . 2014-10-19 18:23 -------- d-----w- c:\windows\system32\catroot2
2014-10-19 17:51 . 2014-10-19 18:15 -------- d-----w- c:\windows\SysWow64\wbem\Performance
2014-10-19 13:14 . 2014-10-19 13:14 32512 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys
2014-10-19 13:10 . 2014-10-19 13:24 -------- d-----w- c:\programdata\HitmanPro
2014-10-19 09:59 . 2014-10-19 10:14 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-10-18 12:35 . 2014-10-20 11:04 34808 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-10-18 12:35 . 2014-10-18 12:35 -------- d-----w- c:\programdata\RogueKiller
2014-10-17 13:43 . 2014-10-17 13:43 -------- d-----w- c:\windows\ERUNT
2014-10-17 13:33 . 2014-10-17 13:36 -------- d-----w- C:\AdwCleaner
2014-10-17 13:10 . 2014-10-17 13:10 -------- d-----w- c:\windows\system32\appmgmt
2014-10-16 17:55 . 2014-09-19 01:26 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-10-16 17:54 . 2014-09-13 01:58 77312 ----a-w- c:\windows\system32\packager.dll
2014-10-16 17:54 . 2014-09-13 01:40 67072 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-16 17:36 . 2014-10-19 13:01 -------- d-----w- C:\FRST
2014-10-16 17:27 . 2014-10-16 17:27 -------- d-----w- C:\RegBackup
2014-10-15 09:13 . 2014-10-15 09:13 -------- d-----w- c:\program files\CCleaner
2014-10-14 17:08 . 2014-10-14 17:08 -------- d-----w- c:\users\bob\AppData\Local\CheckCode
2014-10-13 17:09 . 2014-10-13 17:09 -------- d-----w- c:\users\bob\AppData\Local\Deployment
2014-10-13 17:08 . 2014-10-19 19:28 -------- d-----w- c:\windows\SysWow64\Direct3dTextWin32
2014-10-13 17:07 . 2014-10-13 18:05 -------- d-----w- c:\users\bob\AppData\Local\MetafileODBCRoot
2014-10-13 09:54 . 2014-10-13 09:54 -------- d-----w- c:\users\bob\AppData\Local\com
2014-10-06 10:50 . 2014-10-06 10:50 -------- d-----w- c:\users\bob\AppData\Local\Apps
2014-10-01 21:04 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-10-01 21:04 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-28 16:30 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-28 16:30 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-19 09:59 . 2014-08-06 21:26 128728 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-19 09:58 . 2014-08-06 21:25 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-10-16 17:56 . 2014-08-05 20:52 103265616 ----a-w- c:\windows\system32\MRT.exe
2014-10-16 17:14 . 2014-08-12 16:45 43064 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-10-16 17:14 . 2014-08-11 17:13 131608 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-10-16 17:14 . 2014-08-11 17:13 119272 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-09-10 16:51 . 2014-08-06 17:24 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-10 16:51 . 2014-08-06 17:24 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-23 02:07 . 2014-08-28 16:00 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 16:00 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-06 11:53 . 2014-08-06 11:53 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-08-06 11:53 . 2014-08-06 11:53 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-08-06 11:53 . 2014-08-06 11:53 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-08-06 11:53 . 2014-08-06 11:53 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-08-06 11:53 . 2014-08-06 11:53 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-08-06 11:53 . 2014-08-06 11:53 81408 ----a-w- c:\windows\system32\icardie.dll
2014-08-06 11:53 . 2014-08-06 11:53 774144 ----a-w- c:\windows\system32\jscript.dll
2014-08-06 11:53 . 2014-08-06 11:53 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-08-06 11:53 . 2014-08-06 11:53 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-08-06 11:53 . 2014-08-06 11:53 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-08-06 11:53 . 2014-08-06 11:53 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-08-06 11:53 . 2014-08-06 11:53 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-08-06 11:53 . 2014-08-06 11:53 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-08-06 11:53 . 2014-08-06 11:53 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-08-06 11:53 . 2014-08-06 11:53 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-08-06 11:53 . 2014-08-06 11:53 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-08-06 11:53 . 2014-08-06 11:53 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-08-06 11:53 . 2014-08-06 11:53 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-08-06 11:53 . 2014-08-06 11:53 413696 ----a-w- c:\windows\system32\html.iec
2014-08-06 11:53 . 2014-08-06 11:53 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-08-06 11:53 . 2014-08-06 11:53 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-08-06 11:53 . 2014-08-06 11:53 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-08-06 11:53 . 2014-08-06 11:53 247808 ----a-w- c:\windows\system32\msls31.dll
2014-08-06 11:53 . 2014-08-06 11:53 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-08-06 11:53 . 2014-08-06 11:53 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-08-06 11:53 . 2014-08-06 11:53 235520 ----a-w- c:\windows\system32\url.dll
2014-08-06 11:53 . 2014-08-06 11:53 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-08-06 11:53 . 2014-08-06 11:53 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-08-06 11:53 . 2014-08-06 11:53 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-08-06 11:53 . 2014-08-06 11:53 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-08-06 11:53 . 2014-08-06 11:53 147968 ----a-w- c:\windows\system32\occache.dll
2014-08-06 11:53 . 2014-08-06 11:53 143872 ----a-w- c:\windows\system32\wextract.exe
2014-08-06 11:53 . 2014-08-06 11:53 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-08-06 11:53 . 2014-08-06 11:53 13824 ----a-w- c:\windows\system32\mshta.exe
2014-08-06 11:53 . 2014-08-06 11:53 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-08-06 11:53 . 2014-08-06 11:53 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-08-06 11:53 . 2014-08-06 11:53 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-08-06 11:53 . 2014-08-06 11:53 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-08-06 11:53 . 2014-08-06 11:53 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-08-06 11:53 . 2014-08-06 11:53 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-08-06 11:53 . 2014-08-06 11:53 101376 ----a-w- c:\windows\system32\inseng.dll
2014-08-06 11:51 . 2014-08-06 11:51 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2014-08-06 11:51 . 2014-08-06 11:51 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2014-08-06 11:51 . 2014-08-06 11:51 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-08-06 11:51 . 2014-08-06 11:51 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2014-08-06 11:51 . 2014-08-06 11:51 363008 ----a-w- c:\windows\system32\dxgi.dll
2014-08-06 11:51 . 2014-08-06 11:51 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-08-06 11:51 . 2014-08-06 11:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 296960 ----a-w- c:\windows\system32\d3d10core.dll
2014-08-06 11:51 . 2014-08-06 11:51 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2014-08-06 11:51 . 2014-08-06 11:51 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2014-08-06 11:51 . 2014-08-06 11:51 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-08-06 11:51 . 2014-08-06 11:51 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2014-08-06 11:51 . 2014-08-06 11:51 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2014-08-06 11:51 . 2014-08-06 11:51 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2014-08-06 11:51 . 2014-08-06 11:51 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2014-08-06 11:51 . 2014-08-06 11:51 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2014-08-06 11:51 . 2014-08-06 11:51 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2014-08-06 11:51 . 2014-08-06 11:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2014-08-06 11:51 . 2014-08-06 11:51 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2014-08-06 11:51 . 2014-08-06 11:51 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2014-08-06 11:51 . 2014-08-06 11:51 1238528 ----a-w- c:\windows\system32\d3d10.dll
2014-08-06 11:51 . 2014-08-06 11:51 1175552 ----a-w- c:\windows\system32\FntCache.dll
2014-08-06 11:51 . 2014-08-06 11:51 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2014-08-06 11:51 . 2014-08-06 11:51 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2014-08-06 11:51 . 2014-08-06 11:51 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-06 11:51 . 2014-08-06 11:51 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-08-06 10:36 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2014-08-06 10:36 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2014-08-01 11:53 . 2014-09-10 16:33 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-01 11:35 . 2014-09-10 16:33 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-07-25 01:35 . 2014-07-25 01:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 22:47 . 2014-07-24 22:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-23 12:29 . 2014-08-11 17:13 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2014-07-23 09:52 . 2014-08-05 20:37 270496 ----a-w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spybot-S&D Cleaning"="e:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2014-06-24 4566952]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2014-09-26 6482200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-10-16 703736]
"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-09-23 165168]
"SDTray"="e:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - e:\office\OSA9.EXE -b -l [1999-2-17 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MetafileODBCRoot.exe;MetafileODBCRoot.exe;c:\users\bob\AppData\Local\MetafileODBCRoot\MetafileODBCRoot.exe;c:\users\bob\AppData\Local\MetafileODBCRoot\MetafileODBCRoot.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 SASKUTIL;SASKUTIL;h:\superantispyware\SASKUTIL64.SYS;h:\superantispyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;h:\superantispyware\SASCORE64.EXE;h:\superantispyware\SASCORE64.EXE [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;e:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;e:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;e:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;e:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;e:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;e:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-06 16:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 363544]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\bob\AppData\Roaming\Mozilla\Firefox\Profiles\finki56m.default-1413643555328\
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Notify-SDWinLogon - SDWinLogon.dll
Toolbar-Locked - (no file)
.
.
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
.
**************************************************************************
.
Completion time: 2014-10-20 13:08:13 - machine was rebooted
ComboFix-quarantined-files.txt 2014-10-20 12:08
ComboFix2.txt 2014-10-17 22:08
.
Pre-Run: 2,541,838,336 bytes free
Post-Run: 2,453,569,536 bytes free
.
- - End Of File - - 139B7F49CDECBB27F2EF2A8EB362B1EE
A36C5E4F47E84449FF07ED3517B43A31


right I'm off get back to you later. thanks