Malware Removal Help Win7 32

I have read the Malware removal guide but had some questions first before I run it.

I have four admin uses accounts. My current account is JGF2 where I see most of the issues.

JGF1 Previous account no longer used suspected of account corruption
JGF2 Current active account
JGF3 Account used only to transfer files from JGF1 to JGF2
JGF4 New account created to see if the current problem was an account corruption or on all accounts.

My question is which account should I run the scan on or should I create a new account to do it?

Background

My problem is suspected malware. It seems to be able to detect and disable super antispyware Spybot search and destroy seems to run but it may be hiding from it also.

One of the key manifestations has been setting the IE cache to 0. I do not care about IE so much but that cache affects outlook which I run daily. I can boot into safe mode and restore the cache. Running outlook seems to trigger the malware but I am sure other things will as well. Another symptom is the Nvida driver has stopped working. This will happen a number of times then the screen will go black with windows still running. I have tried numerous different drivers and diagnostics failed to find any graphic card faults.

My PC is nine years old. It was one of the original HP Windows Media PCs M9000t. It was upgraded from Vista to WIN7 32. My primary use is to run WMC and use the disks as a DVR most recordings are encrypted from cable using DRM. I also use this as my home PC for bills and email. I have removed most of the optional disks while trouble shooting. In April I was having freezing problems and seeing some smart errors. I replaced one of the disks then it started happening on the Crive. Windows rebooted and tried to do recovery for me and I lost access to the drive. As I was busy at the time I sent the drive out for recovery. I got all my data back. I loaded it onto a new SSD, made it bootable and that is what I am using today.

Firefox runs fine. I am running outlook 2007 and office 2007. If the cache is 0 IE will not load. Outlook can not load web images and sometimes tries to connect the original web site going into a loop.

I am reluctant to reinstall windows as I know I will lose access to all my encrypted content. Besides having to reload all my other applications. If I have to do this I might as well get a new PC with more memory and load Win7/64. Hope you can help get this fixed and access to my content.

 

Here are the requested Logs

 

Kestrel, thanks for the help, hope you feel better.

I have changed some reg setting mostly trying to get the ie cache to work right but I never changed or added any WPAD settings.

 

I reran RK but It did not come with any WPAD entries here is the LOG I did not clean anything yet.

 

I left RK up overnight on the results screen and it crashed. Rerunning scans but need to go to work will post results tonight.

PC is running better no longer is the internet cache being affected. I now can run outlook and IE which was the first problem I encountered. I did unload all addins and options. I have seen a few Nvidia driver failures and recover but I am beginning to think based on the event log that is due to the system protection running out of space. Unlike before the screen does not stay off but recovers.

Super anti spyware still has not run. It may have something t0o do with too many installation attempts or spybot may have been running. I have uninstalled and cleaned up the remnants in the program files directory. Watching it start up and then get shut down was one of the alarm bells that malware may be running. Let me know if you want to me try and install again.

 

RK crashed again, reinstalled and ran scan same results RK3.log cleaned temp keys and reran scan log attached RK4.

 

I uninstalled spybot search and destroy, installed superantispyware and ran it. In idle it got shut down. I uninstalled superandtispyware with revo and reinstalled.
Seems to be more stable but the only thing it finds is tracking cookies.

 

Sorry for the delay was in NYC yesterday. I am not sure. I can install and run Super antispywear once, all it finds are tracking cookies. If I try a second scan or reboot and scan it gets an error and shuts down. I disabled Microsoft Security essentials in case that had an impact but the results was the same. Outlook and IE are working and I am not seeing any other strange behavior.

Faulting application name: SUPERAntiSpyware.exe, version: 6.0.0.1222, time stamp: 0x578e75de
Faulting module name: SUPERAntiSpyware.exe, version: 6.0.0.1222, time stamp: 0x578e75de
Exception code: 0xc0000005
Fault offset: 0x0009005c
Faulting process id: 0x3ac
Faulting application start time: 0x01d1e418692d124a
Faulting application path: C:\Program Files\SUPERAntiSpyware2\SUPERAntiSpyware.exe
Faulting module path: C:\Program Files\SUPERAntiSpyware2\SUPERAntiSpyware.exe
Report Id: b3a72193-500f-11e6-85bb-001d60e13123

 

Here are the FarBar logs

 

I was a little worried about starting normal as I usually have a number of startup items disabled. I was not expecting this problem. All I did was change the boot from selective to normal and restarted.

"0xc000000e The boot selection failed because a required device is inaccessible,"

Looking for advice since it will not boot up into windows checked BIOS and SSD is still the priority boot device. All I can think to do is put in the windows CD and run a repair. That is what I did originally to make this SSD bootable,

Your guidance please.

 

Repaired boot, here are the first FARBAR and MGTools log.

 

Here is the 2nd run of FARBAR testing superantispyware now.

 

Superantisypware is still closing down. You may be right it just may be a software incompatability with that software, W32 and my machine. I was just running it as an attempt to check for malware when I kept losing the IE cache which has been fixed. I was worried that some software was shutting it down because it scans. If the scan are clean and you think the machine is clean of malware I will try to put it back into production.

What software do you recommend I run for antivirus and anti-malware.

 

I tried all them before and spent Sunday trying them again, Almost all are geared to getting the SuperAntiSpyware package to install. That is not my problem it installs fine and will even run a scan it then errors out. I even tried the HTML scan and it did the same thing installed the package and then error-ed out. The only one that seemed like stand alone was the com file SASSAFERUN.com but all it did was display an definitions out of date and took you to the web page.

I notice this is a new version 6 which need some updates to work with my old W32 system at this point I am not thinking it is a malware issue.

Here are the errors again

The SASDIFSV service failed to start due to the following error:
Cannot create a file when that file already exists.

Faulting application name: d296f234-4887-4fa8-a30b-edf7cfa54024.com, version: 6.0.0.1222, time stamp: 0x578e75de
Faulting module name: d296f234-4887-4fa8-a30b-edf7cfa54024.com, version: 6.0.0.1222, time stamp: 0x578e75de
Exception code: 0xc0000005
Fault offset: 0x0009005c
Faulting process id: 0x17fc
Faulting application start time: 0x01d1e5c1cad5ef24
Faulting application path: C:\Program Files\SUPERAntiSpyware\d296f234-4887-4fa8-a30b-edf7cfa54024.com
Faulting module path: C:\Program Files\SUPERAntiSpyware\d296f234-4887-4fa8-a30b-edf7cfa54024.com
Report Id: 0ff2e1fe-51b5-11e6-971c-001d60e13123

 

If I have issues I will post in software first. Looks like the PC is clean now. Any recommendations of software to run to keep it clean.

I also want to express my appreciation for all the help, guidance and patience you have provided me on this issue. This support is outstanding.