Posting for help again

Hello. I'm not sure if I did something wrong in that I am no longer receiving help for anything that I have posted lately. If I did something that does not follow protocol, please let me know so I can fix it. :smile: Thanks. Is Touch no longer on this forum as he was helping me and then it seemed as if communication has stopped completely-again, maybe I missed a forum rule or something??.
Anyway, I will re-post what I need help with again here!

I have a refurbished computer(Windows XP, SP3) and wanted to check/scan it to see if there is any kind of tracking type of thing on it before I use it to check my email or go to places that are password protected. I am not sure how to do this so any help would be welcome. At this point, I have another issue as well as when my kids were playing on one of their kid friendly sites the computer began freaking out and the screen was flashing, etc. I shut it down immediately and turned it back on. It is working but we are getting some pop ups now. Again, not sure how to scan to be sure this system is clean all the way around-especially after what just happened with the flashing, etc. Thanks in advance for your help!

Have you any antivirus software already installed on your computer?

What are the pop ups showing? It could be one of the many fake rogue antispyware programmes that are doing the rounds.

If you already have antivirus software a first step would be to scan your computer in Safe Mode. You may have to scan several times before any malware shows up.

If you have no antivirus software installed, try downloading Malwarebytes anti-Malware Free. It does not provide real-time protection but is a useful tool to begin with.

I hope that is something to get you started.

THere is something on my computer called clamvirus. I updated it and ran the scan. It found some sort of trojan and removed it. It also found a bunch of 'locked files" that could not be scanned so I have no idea what they are. I downloaded AVI and scanned the system and it too found a bunch of locked files but no virus or anything. The pop ups continue and I at this point and just hoping that when this system was refurbished that some sort of tracking thing was not placed into this computer. Not sure what to do now. I think I will download malwarebytes and scan the system and also use CCleaner. Any thoughts would be helpful!! Thanks!!

After MalwareBytes also run ComboFix and TDSSKiller. If your desktop shortcuts or the Program files menu are missing, I suggest not to run CCleaner.

Please download ComboFix by sUBs.
https://download.bleepingcomputer.com/sUBs/ComboFix.exe

STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply.
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.

ComboFix tutorial:
https://www.bleepingcomputer.com/combofix/how-to-use-combofix

Also run TDSSKiller:
https://support.kaspersky.com/viruses/solutions?qid=208280684

Please post the logfiles.

Hi! Thank you so much for your help. I did not end up running CCleaner. Here is the log from Combofix. I will run TDSSKiller shortly and post any logfiles from that. Thanks again for your help. Oh, do you know of Clamvirus? Is it something that I need or is it safe to uninstall? Thanks!

ComboFix 11-07-11.02 - User 07/11/2011 10:26:25.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.407 [GMT -4:00]
Running from: c:\documents and settings\User\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Play Pickle\plAYpicklelib32.dll
c:\program files\Play Pickle\ppTL.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-06-11 to 2011-07-11 )))))))))))))))))))))))))))))))
.
.
2011-07-07 14:43 . 2011-07-07 14:43 -------- d-sh--w- c:\documents and settings\User\IECompatCache
2011-07-04 16:06 . 2011-07-04 16:06 -------- d-----w- c:\program files\Common Files\Real
2011-07-04 16:02 . 2002-11-12 16:22 569397 ----a-w- c:\program files\Internet Explorer\PLUGINS\RichFX\Player\nprfxins.dll
2011-07-04 16:02 . 2011-07-04 16:06 -------- d-----w- c:\program files\Rhapsody
2011-07-01 23:17 . 2011-07-04 04:32 -------- d-----w- c:\documents and settings\User\Application Data\vlc
2011-06-26 22:45 . 2011-06-26 22:45 -------- d-----w- c:\documents and settings\User\Application Data\Wave Systems Corp
2011-06-26 17:26 . 2011-06-26 17:26 -------- d-----w- c:\documents and settings\User\Application Data\Unity
2011-06-26 12:32 . 2011-06-26 12:32 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Unity
2011-06-24 23:32 . 2011-06-24 23:32 -------- d-----w- c:\program files\Common Files\Adobe
2011-06-24 23:29 . 2011-06-24 23:29 -------- d-----w- c:\program files\Common Files\Adobe AIR
2011-06-24 23:29 . 2011-06-24 23:38 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Adobe
2011-06-24 17:08 . 2011-06-24 23:38 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Temp
2011-06-24 16:20 . 2011-06-24 16:20 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2011-06-24 14:03 . 2011-06-24 14:03 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2011-06-24 14:03 . 2011-06-24 23:18 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Google
2011-06-24 14:03 . 2011-06-26 22:52 -------- d-----w- c:\program files\Google
2011-06-24 14:02 . 2011-06-24 14:10 -------- d-----w- c:\windows\system32\Adobe
2011-06-23 20:19 . 2011-06-25 00:07 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\AskToolbar
2011-06-23 20:19 . 2011-06-23 20:20 -------- d-----w- c:\program files\Ask.com
2011-06-23 20:19 . 2011-06-23 20:19 -------- d-----w- C:\Firefox
2011-06-23 20:18 . 2011-06-23 20:18 -------- d-----w- c:\program files\The Weather Channel FW
2011-06-23 20:18 . 2011-06-23 20:18 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\The Weather Channel
2011-06-23 20:17 . 2011-07-11 14:28 -------- d-----w- c:\program files\Play Pickle
2011-06-19 17:22 . 2011-06-19 17:22 -------- d-----w- c:\program files\Microsoft Encarta
2011-06-19 17:20 . 2011-06-19 17:21 -------- d-----w- c:\program files\Microsoft Picture It! 2002
2011-06-19 17:16 . 2011-06-19 17:19 -------- d-----w- c:\program files\Microsoft Streets & Trips
2011-06-19 17:14 . 2011-06-19 17:16 -------- d-----w- c:\program files\Microsoft Money
2011-06-19 17:12 . 2011-06-19 17:12 -------- d-----w- c:\program files\Microsoft ActiveSync
2011-06-19 17:12 . 2011-06-19 17:12 -------- d-----w- c:\windows\ShellNew
2011-06-19 17:11 . 2011-06-19 17:13 -------- d-----w- c:\program files\Microsoft Works
2011-06-19 17:10 . 2011-06-19 17:10 -------- d-----w- c:\program files\Microsoft Works Suite 2002
2011-06-17 23:04 . 2011-06-17 23:04 -------- d-----w- c:\documents and settings\All Users\Application Data\WEBREG
2011-06-17 23:03 . 2011-06-17 23:03 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\HP
2011-06-17 23:02 . 2011-06-17 23:05 -------- d-----w- c:\documents and settings\User\Application Data\HP
2011-06-17 23:02 . 2009-04-16 18:08 123904 ----a-w- c:\windows\system32\hpf3l70v.dll
2011-06-17 23:02 . 2009-04-16 18:08 312832 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpfpp70v.dll
2011-06-17 22:58 . 2011-06-17 23:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2011-06-17 22:58 . 2011-06-17 22:58 -------- d-----w- c:\documents and settings\User\Application Data\Yahoo!
2011-06-17 22:58 . 2011-06-17 22:58 -------- d-----w- c:\program files\Yahoo!
2011-06-17 22:58 . 2011-06-17 22:58 -------- d-----w- c:\windows\Cache
2011-06-17 22:58 . 2011-06-17 22:58 -------- d-----w- c:\program files\Coupons
2011-06-17 22:58 . 2011-06-17 22:58 -------- d-----w- c:\program files\HP Photo Creations
2011-06-17 22:58 . 2011-06-17 22:58 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Photo Creations
2011-06-17 22:58 . 2011-07-03 02:33 -------- d-----w- c:\documents and settings\User\Application Data\HpUpdate
2011-06-17 22:57 . 2011-06-17 22:57 -------- d-----w- c:\documents and settings\All Users\Application Data\HP Product Assistant
2011-06-17 22:55 . 2011-06-17 23:03 -------- d-----w- c:\program files\HP
2011-06-17 20:56 . 2011-06-17 20:56 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Identities
2011-06-12 18:25 . 2011-06-12 18:25 -------- d-----w- c:\documents and settings\User\Application Data\OpenOffice.org
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-25 11:36 . 2009-11-05 12:53 385024 ----a-w- c:\windows\system32\html.iec
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-11-05 . 600D58665D16BFBB776EFEFB0E80532D . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-05-17 17:29 1490312 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-05-17 1490312]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-10-11 14940040]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2010-06-04 822384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-03 7630848]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"WorksFUD"="c:\program files\Microsoft Works\wkfud.exe" [2001-10-06 24576]
"Microsoft Works Portfolio"="c:\program files\Microsoft Works\WksSb.exe" [2001-08-23 331830]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2001-08-17 28738]
"MoneyStartUp10.0"="c:\program files\Microsoft Money\System\Activation.exe" [2001-07-25 241714]
"Play Pickle"="c:\program files\Play Pickle\playpickle32.exe" [2011-06-23 109056]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-05-17 395144]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]
"IE8"="advpack.dll" [2009-11-05 128512]
.
c:\documents and settings\User\Start Menu\Programs\Startup\
OpenOffice.org 3.2.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-12-15 384000]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Microsoft Works Calendar Reminders.lnk - c:\program files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [2001-8-7 24633]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ClamWin]
2010-04-14 00:14 86016 ----a-w- c:\program files\ClamWin\bin\ClamTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 11:00 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 14:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-10-03 18:07 7630848 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-10-03 18:07 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-10-03 18:07 1617920 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2006-07-27 18:19 282624 ----a-w- c:\windows\stsystra.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 16:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-07-11 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-05-17 17:29]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://aol.com/
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.11.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, https://www.gmer.net
Rootkit scan 2011-07-11 10:30
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2340)
c:\windows\system32\WININET.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\IEFRAME.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Wave Systems Corp\Common\DataServer.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\NTRU Cryptosystems\NTRU Hybrid TSS v2.0.25\bin\tcsd_win32.exe
c:\program files\OpenOffice.org 3\program\soffice.exe
c:\program files\OpenOffice.org 3\program\soffice.bin
c:\windows\system32\wscntfy.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Completion time: 2011-07-11 10:32:17 - machine was rebooted
ComboFix-quarantined-files.txt 2011-07-11 14:32
.
Pre-Run: 630,148,403,200 bytes free
Post-Run: 630,859,644,928 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 2F2DDD783EAF875BDD9790C8EF9FECE1

Here is the log from TDSSKiller....

2011/07/11 10:58:14.0345 3268 TDSS rootkit removing tool 2.5.9.0 Jul 1 2011 18:45:21
2011/07/11 10:58:14.0720 3268 ================================================================================
2011/07/11 10:58:14.0720 3268 SystemInfo:
2011/07/11 10:58:14.0720 3268
2011/07/11 10:58:14.0720 3268 OS Version: 5.1.2600 ServicePack: 3.0
2011/07/11 10:58:14.0720 3268 Product type: Workstation
2011/07/11 10:58:14.0720 3268 ComputerName: BUSINESS
2011/07/11 10:58:14.0720 3268 UserName: User
2011/07/11 10:58:14.0720 3268 Windows directory: C:\WINDOWS
2011/07/11 10:58:14.0720 3268 System windows directory: C:\WINDOWS
2011/07/11 10:58:14.0720 3268 Processor architecture: Intel x86
2011/07/11 10:58:14.0720 3268 Number of processors: 2
2011/07/11 10:58:14.0720 3268 Page size: 0x1000
2011/07/11 10:58:14.0720 3268 Boot type: Normal boot
2011/07/11 10:58:14.0720 3268 ================================================================================
2011/07/11 10:58:15.0595 3268 Initialize success
2011/07/11 10:58:17.0939 0188 ================================================================================
2011/07/11 10:58:17.0939 0188 Scan started
2011/07/11 10:58:17.0939 0188 Mode: Manual;
2011/07/11 10:58:17.0939 0188 ================================================================================
2011/07/11 10:58:19.0158 0188 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/07/11 10:58:19.0220 0188 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/07/11 10:58:19.0283 0188 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/07/11 10:58:19.0361 0188 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2011/07/11 10:58:19.0455 0188 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
2011/07/11 10:58:19.0580 0188 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/07/11 10:58:19.0595 0188 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/07/11 10:58:19.0658 0188 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/07/11 10:58:19.0673 0188 atmeltpm (dbf0d7e2df33b469eb55406fea759350) C:\WINDOWS\system32\DRIVERS\atmeltpm.sys
2011/07/11 10:58:19.0752 0188 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/07/11 10:58:19.0783 0188 b57w2k (d0692f7b8217e3b82d2bfac535816117) C:\WINDOWS\system32\DRIVERS\b57xp32.sys
2011/07/11 10:58:19.0830 0188 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/07/11 10:58:19.0892 0188 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/07/11 10:58:19.0955 0188 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/07/11 10:58:19.0986 0188 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/07/11 10:58:20.0017 0188 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/07/11 10:58:20.0158 0188 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/07/11 10:58:20.0189 0188 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/07/11 10:58:20.0267 0188 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/07/11 10:58:20.0298 0188 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/07/11 10:58:20.0330 0188 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/07/11 10:58:20.0408 0188 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/07/11 10:58:20.0470 0188 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/07/11 10:58:20.0642 0188 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/07/11 10:58:20.0689 0188 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/07/11 10:58:20.0736 0188 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/07/11 10:58:20.0767 0188 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
2011/07/11 10:58:20.0798 0188 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/07/11 10:58:20.0845 0188 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/07/11 10:58:20.0877 0188 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/07/11 10:58:20.0908 0188 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/07/11 10:58:20.0986 0188 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/07/11 10:58:21.0033 0188 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/07/11 10:58:21.0048 0188 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/07/11 10:58:21.0064 0188 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/07/11 10:58:21.0095 0188 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/07/11 10:58:21.0220 0188 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
2011/07/11 10:58:21.0252 0188 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/07/11 10:58:21.0345 0188 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
2011/07/11 10:58:21.0361 0188 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/07/11 10:58:21.0377 0188 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/07/11 10:58:21.0455 0188 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/07/11 10:58:21.0486 0188 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/07/11 10:58:21.0517 0188 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/07/11 10:58:21.0611 0188 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/07/11 10:58:21.0627 0188 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/07/11 10:58:21.0642 0188 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/07/11 10:58:21.0705 0188 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/07/11 10:58:21.0736 0188 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/07/11 10:58:21.0845 0188 MBAMProtector (3d2c13377763eeac0ca6fb46f57217ed) C:\WINDOWS\system32\drivers\mbam.sys
2011/07/11 10:58:21.0939 0188 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/07/11 10:58:21.0986 0188 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/07/11 10:58:22.0064 0188 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/07/11 10:58:22.0080 0188 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/07/11 10:58:22.0111 0188 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/07/11 10:58:22.0189 0188 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/07/11 10:58:22.0220 0188 MRxSmb (0ea4d8ed179b75f8afa7998ba22285ca) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/07/11 10:58:22.0283 0188 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/07/11 10:58:22.0330 0188 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/07/11 10:58:22.0330 0188 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/07/11 10:58:22.0423 0188 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/07/11 10:58:22.0470 0188 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/07/11 10:58:22.0548 0188 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/07/11 10:58:22.0580 0188 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/07/11 10:58:22.0673 0188 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/07/11 10:58:22.0767 0188 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/07/11 10:58:22.0783 0188 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/07/11 10:58:22.0877 0188 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/07/11 10:58:22.0908 0188 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/07/11 10:58:22.0955 0188 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/07/11 10:58:22.0986 0188 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/07/11 10:58:23.0017 0188 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/07/11 10:58:23.0095 0188 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/07/11 10:58:23.0205 0188 nv (5b86ee468f48f53154ecf4590e60cb20) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2011/07/11 10:58:23.0330 0188 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/07/11 10:58:23.0408 0188 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/07/11 10:58:23.0439 0188 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/07/11 10:58:23.0548 0188 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/07/11 10:58:23.0595 0188 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/07/11 10:58:23.0673 0188 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/07/11 10:58:23.0705 0188 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/07/11 10:58:23.0736 0188 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/07/11 10:58:23.0908 0188 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/07/11 10:58:23.0923 0188 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2011/07/11 10:58:23.0955 0188 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/07/11 10:58:23.0970 0188 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/07/11 10:58:24.0095 0188 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/07/11 10:58:24.0127 0188 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/07/11 10:58:24.0205 0188 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/07/11 10:58:24.0236 0188 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/07/11 10:58:24.0298 0188 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/07/11 10:58:24.0345 0188 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/07/11 10:58:24.0423 0188 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/07/11 10:58:24.0455 0188 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/07/11 10:58:24.0517 0188 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/07/11 10:58:24.0580 0188 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/07/11 10:58:24.0595 0188 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/07/11 10:58:24.0611 0188 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/07/11 10:58:24.0627 0188 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys
2011/07/11 10:58:24.0736 0188 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/07/11 10:58:24.0783 0188 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/07/11 10:58:24.0877 0188 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/07/11 10:58:24.0939 0188 STHDA (8990440e4b2a7ca5a56a1833b03741fd) C:\WINDOWS\system32\drivers\sthda.sys
2011/07/11 10:58:25.0033 0188 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/07/11 10:58:25.0064 0188 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/07/11 10:58:25.0142 0188 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/07/11 10:58:25.0220 0188 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/07/11 10:58:25.0267 0188 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/07/11 10:58:25.0314 0188 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/07/11 10:58:25.0345 0188 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/07/11 10:58:25.0408 0188 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/07/11 10:58:25.0502 0188 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/07/11 10:58:25.0533 0188 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/07/11 10:58:25.0611 0188 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/07/11 10:58:25.0658 0188 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/07/11 10:58:25.0705 0188 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
2011/07/11 10:58:25.0752 0188 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/07/11 10:58:25.0830 0188 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/07/11 10:58:25.0861 0188 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/07/11 10:58:25.0923 0188 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/07/11 10:58:25.0955 0188 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/07/11 10:58:26.0002 0188 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/07/11 10:58:26.0080 0188 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/07/11 10:58:26.0173 0188 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2011/07/11 10:58:26.0220 0188 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/07/11 10:58:26.0236 0188 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/07/11 10:58:26.0267 0188 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/07/11 10:58:26.0345 0188 Boot (0x1200) (00d76d5c8a7850e8500495f8acada7c6) \Device\Harddisk0\DR0\Partition0
2011/07/11 10:58:26.0361 0188 ================================================================================
2011/07/11 10:58:26.0361 0188 Scan finished
2011/07/11 10:58:26.0361 0188 ================================================================================
2011/07/11 10:58:26.0361 3880 Detected object count: 0
2011/07/11 10:58:26.0361 3880 Actual detected object count: 0

FYI-Malewarebytes found no infected files.

Thanks for the logs.
I assume you mean Clamwin since that's what's showing in the log?
ClamWin is an open source free antivirus. As shown in the CF log it doesn't seem to be running. ComboFix doesn't detect any security software there at all. You can uninstall ClamWin if you like since it doesn't seem to be running in the startup unless someone disabled it on purpose. There are also other free antivirus out there. I'm using MSE now but I used to have free Avast antivirus.

Is the PC still having those popups?
I would uninstall these unnecessary programs below.
Ask.com
Play Pickle

Okay, thanks. I will uninstall ClamWin as I never disabled it. It was on here when I received the refurbished computer and I never did anything with it. Just wanted to be sure it is safe to remove. I'll try the Avast. Sorry, but what is MSE? My computer is not having popups!! :o) BTW...do you see anything in the logs that shows any type of tracking thing...I want to be able to do my work on sites that are password protected without being vulnerable. Thanks for your help!!!!

I don't see any password stealer or infostealer nor a keylogger in the logs but you never really know since it's possible for one or two scanners to miss some nasties.
You could also try using an online Kaspersky scan or using Kaspersky's removal tool, or another online scanner like Eset scan.

MSE is the "Microsoft Security Essentials" free antivirus, sorry for posting the abbreviated name MSE.
https://www.microsoft.com/en-au/security_essentials/default.aspx