Well, your machine actually appears to be clean. The red colored folders from the GMER scan are normal and necessary for Windows to function properly. So far, all of the scan logs you've submitted have come back clean so I do not believe you are infected with malware. At this point, how is your machine running? Are you experiencing lock-ups? Is your internet browser being redirected to sites other than what you are requesting?
Just as one final clean up and left-over check, let's run these two scans:
Please download and scan with SUPERAntiSpyware Free
- Double-click SUPERAntiSypware.exe and use the default settings for installation.
- An icon will be created on your desktop. Double-click that icon to launch the program.
- If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
- If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
- In the Main Menu, click the Preferences... button.
- Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
- Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
- Close browsers before scanning.
- Scan for tracking cookies.
- Terminate memory threats before quarantining.
- Click the "Close" button to leave the Control Center screen.
- Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
- If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
- Click the Scan your computer... button.
- After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
- Make sure everything has a checkmark next to it and click "Next".
- A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
- If asked if you want to reboot, click "Yes" and reboot normally.
To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
- Click the View Scan Logs button at the bottom.
- This will open the Scanner Logs Window.
- Click on the log to highlight it and then click on View Selected Log to open it.
- Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.
ESET Online Scanner:
Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
Post the logs from the two scans, along with a description of how your machine is running.