Hi,
Thanks for sticking with me in this.
Browsing seems much better now, no big pauses and much more responsive.
ComboFix output file is here:
ComboFix 14-03-19.01 - Clare 22/03/2014 17:08:52.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.3539.2162 [GMT 0:00]
Running from: c:\users\Clare\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Clare\AppData\Local\assembly\tmp
c:\users\Clare\g2mdlhlpx.exe
c:\windows\system32\test
.
.
((((((((((((((((((((((((( Files Created from 2014-02-22 to 2014-03-22 )))))))))))))))))))))))))))))))
.
.
2014-03-22 17:14 . 2014-03-22 17:15 -------- d-----w- c:\users\Clare\AppData\Local\temp
2014-03-22 17:14 . 2014-03-22 17:14 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2014-03-22 17:14 . 2014-03-22 17:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-22 17:14 . 2014-03-22 17:14 -------- d-----w- c:\users\Connors Itunes\AppData\Local\temp
2014-03-22 17:14 . 2014-03-22 17:14 -------- d-----w- c:\users\Connor itunes\AppData\Local\temp
2014-03-20 07:38 . 2014-03-22 16:49 0 ----a-w- c:\users\Clare\AppData\Local\WavXMapDrive.bat
2014-03-20 07:30 . 2014-03-20 07:15 24064 ----a-w- c:\windows\zoek-delete.exe
2014-03-20 07:15 . 2014-03-20 07:27 -------- d-----w- C:\zoek_backup
2014-03-20 07:03 . 2014-03-20 07:03 -------- d-----w- C:\_OTL
2014-03-19 18:20 . 2014-03-19 18:20 -------- d-----w- C:\MGADiagToolOutput
2014-03-19 18:20 . 2014-03-19 18:20 -------- d-----w- c:\programdata\Office Genuine Advantage
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-17 22:28 . 2014-02-01 16:28 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-17 22:28 . 2011-08-22 16:50 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-01 17:31 . 2014-02-01 17:31 745472 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-02-01 17:31 . 2014-02-01 17:31 185344 ----a-w- c:\windows\system32\elshyph.dll
2014-02-01 17:31 . 2014-02-01 17:31 71680 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-02-01 17:31 . 2014-02-01 17:31 1767936 ----a-w- c:\windows\system32\wininet.dll
2014-02-01 17:31 . 2014-02-01 17:31 158720 ----a-w- c:\windows\system32\msls31.dll
2014-02-01 17:31 . 2014-02-01 17:31 523264 ----a-w- c:\windows\system32\vbscript.dll
2014-02-01 17:31 . 2014-02-01 17:31 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2014-02-01 17:31 . 2014-02-01 17:31 150528 ----a-w- c:\windows\system32\iexpress.exe
2014-02-01 17:31 . 2014-02-01 17:31 138752 ----a-w- c:\windows\system32\wextract.exe
2014-02-01 17:31 . 2014-02-01 17:31 137216 ----a-w- c:\windows\system32\ieUnatt.exe
2014-02-01 17:31 . 2014-02-01 17:31 12800 ----a-w- c:\windows\system32\mshta.exe
2014-02-01 17:31 . 2014-02-01 17:31 73728 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-02-01 17:31 . 2014-02-01 17:31 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-02-01 17:31 . 2014-02-01 17:31 38400 ----a-w- c:\windows\system32\imgutil.dll
2014-02-01 17:31 . 2014-02-01 17:31 2877952 ----a-w- c:\windows\system32\jscript9.dll
2014-02-01 17:31 . 2014-02-01 17:31 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-02-01 17:31 . 2014-02-01 17:31 61952 ----a-w- c:\windows\system32\tdc.ocx
2014-02-01 17:31 . 2014-02-01 17:31 109056 ----a-w- c:\windows\system32\iesysprep.dll
2014-02-01 17:31 . 2014-02-01 17:31 361984 ----a-w- c:\windows\system32\html.iec
2014-02-01 17:31 . 2014-02-01 17:31 61440 ----a-w- c:\windows\system32\iesetup.dll
2014-02-01 17:31 . 2014-02-01 17:31 719360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-02-01 17:31 . 2014-02-01 17:31 23040 ----a-w- c:\windows\system32\licmgr10.dll
2014-02-01 17:31 . 2014-02-01 17:31 1441280 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-01 17:30 . 2014-02-01 17:30 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-02-01 17:30 . 2014-02-01 17:30 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-02-01 17:30 . 2014-02-01 17:30 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-02-01 17:30 . 2014-02-01 17:30 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-02-01 17:30 . 2014-02-01 17:30 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-02-01 17:30 . 2014-02-01 17:30 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-02-01 17:30 . 2014-02-01 17:30 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-02-01 17:30 . 2014-02-01 17:30 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-02-01 17:30 . 2014-02-01 17:30 1158144 ----a-w- c:\windows\system32\XpsPrint.dll
2014-02-01 17:30 . 2014-02-01 17:30 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-02-01 17:30 . 2014-02-01 17:30 906240 ----a-w- c:\windows\system32\FntCache.dll
2014-02-01 17:30 . 2014-02-01 17:30 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2014-02-01 17:30 . 2014-02-01 17:30 364544 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-02-01 17:30 . 2014-02-01 17:30 2284544 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-02-01 17:30 . 2014-02-01 17:30 1247744 ----a-w- c:\windows\system32\DWrite.dll
2014-02-01 17:30 . 2014-02-01 17:30 249856 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-02-01 17:30 . 2014-02-01 17:30 220160 ----a-w- c:\windows\system32\d3d10core.dll
2014-02-01 17:30 . 2014-02-01 17:30 207872 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-02-01 17:30 . 2014-02-01 17:30 161792 ----a-w- c:\windows\system32\d3d10_1.dll
2014-02-01 17:30 . 2014-02-01 17:30 1230336 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-01 17:30 . 2014-02-01 17:30 1080832 ----a-w- c:\windows\system32\d3d10.dll
2014-02-01 17:30 . 2014-02-01 17:30 604160 ----a-w- c:\windows\system32\d3d10level9.dll
2014-02-01 17:30 . 2014-02-01 17:30 3419136 ----a-w- c:\windows\system32\d2d1.dll
2014-02-01 17:30 . 2014-02-01 17:30 293376 ----a-w- c:\windows\system32\dxgi.dll
2014-02-01 17:30 . 2014-02-01 17:30 1988096 ----a-w- c:\windows\system32\d3d10warp.dll
2014-02-01 17:30 . 2014-02-01 17:30 187392 ----a-w- c:\windows\system32\UIAnimation.dll
2014-02-01 17:29 . 2014-02-01 17:29 1505280 ----a-w- c:\windows\system32\d3d11.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2009-11-24 14:48 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2009-11-24 14:48 62832 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TouchFreeze"="c:\users\Clare\AppData\Local\Programs\TouchFreeze\TouchFreeze.exe" [2012-07-24 40960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-06-19 249856]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2009-08-01 458844]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-03 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-03 174104]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-03 151064]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-08-07 186904]
"DellControlPoint"="c:\program files\Dell\Dell ControlPoint\Dell.ControlPoint.exe" [2009-11-02 657920]
"DellConnectionManager"="c:\program files\Dell\Dell ControlPoint\Connection Manager\Dell.UCM.exe" [2009-12-22 1845248]
"WavXMgr"="c:\program files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe" [2010-01-05 147328]
"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2010-01-05 34232]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-06-24 140520]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-03-18 188416]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2013-03-19 280576]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Dell ControlPoint System Manager.lnk - c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgr.exe [2009-12-10 1327392]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
TdmNotify.lnk - c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe [2009-11-24 132456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 wvauth
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICF]
2013-09-02 06:44 3331920 ----a-w- c:\program files\Internet Content Filter\mfp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-06-15 15:33 141624 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 21:16 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-07-25 162672]
R3 NvtSp50;NvtSp50 NDIS Protocol Driver;c:\windows\system32\Drivers\NvtSp50.sys [x]
R3 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe86.sys [2009-07-02 47104]
R3 risdpcie;risdpcie;c:\windows\system32\DRIVERS\risdpe86.sys [2009-07-01 49152]
R3 rixdpcie;rixdpcie;c:\windows\system32\DRIVERS\rixdpe86.sys [2009-07-05 38400]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-18 1343400]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2013-08-07 213232]
S1 NEOFLTR_700_16899;Juniper Networks TDI Filter Driver (NEOFLTR_700_16899);c:\windows\system32\Drivers\NEOFLTR_700_16899.SYS [2010-10-23 84336]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2009-05-15 1803512]
S2 buttonsvc32;Dell ControlPoint Button Service;c:\program files\Dell\Dell ControlPoint\DCPButtonSvc.exe [2009-11-20 278304]
S2 dcpsysmgrsvc;Dell ControlPoint System Manager;c:\program files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe [2009-12-10 386848]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-08-07 169320]
S2 mfeicfcore;McAfee Internet Content Filter Core Service;c:\program files\Internet Content Filter\mfeicfcore.exe [2013-09-02 2048504]
S2 mfeicfupdate;McAfee Internet Content Filter Update Service;c:\program files\Internet Content Filter\UpdateService.exe [2013-09-02 1654520]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2013-08-07 172416]
S2 SMManager;Smith Micro Connection Manager Service;c:\program files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe [2009-12-22 77312]
S3 acpials;ALS Sensor Filter;c:\windows\system32\DRIVERS\acpials.sys [2009-07-13 7680]
S3 ATSwpWDF;AuthenTec TruePrint USB WDF Driver;c:\windows\system32\Drivers\ATSwpWDF.sys [2009-05-16 540288]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-22 29472]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2009-05-26 122368]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2013-08-07 365224]
S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETw5s32.sys [2009-09-15 6114816]
S4 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S4 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S4 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S4 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]
S4 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S4 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - Avgldx86
*Deregistered* - MBAMSwissArmy
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPService REG_MULTI_SZ HPSLPSVC
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-01 22:28]
.
2014-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-16 21:02]
.
2014-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-05-16 21:02]
.
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.bbc.co.uk/newsuInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to iPod Converter - c:\users\Clare\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-AVG_TRAY - c:\program files\AVG\AVG10\avgtray.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(756)
c:\windows\system32\wvauth.DLL
c:\program files\Wave Systems Corp\Common\CryptoManager.dll
c:\windows\system32\tcg15.dll
c:\program files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\Tsp1.dll
c:\windows\system32\wclient14.dll
c:\program files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll
.
Completion time: 2014-03-22 17:16:30
ComboFix-quarantined-files.txt 2014-03-22 17:16
.
Pre-Run: 190,471,864,320 bytes free
Post-Run: 189,994,872,832 bytes free
.
- - End Of File - - D8B25D57B632959824DA5E5D2C0E0AED
A36C5E4F47E84449FF07ED3517B43A31