Thread: Malware Issue + Cannot Install SpyBot, ERUNT, etc.

    I originally posted another thread, but that was closed down. The link is . I cannot install the ERUNT program so that is another issue along with not being able to install SpyBot or any other program. Here's the other logs


    DDS (Ver_2011-06-23.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_23
    Run by Breezo at 0:38:22 on 2011-08-07
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4092.2271 [GMT -3:00]
    AV: Norton Internet Security *Enabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Norton Internet Security *Enabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
    FW: Norton Internet Security *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
    ============== Running Processes ===============
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\LSI SoftModem\agr64svc.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files (x86)\Dell AIO Printer 948\dldfmon.exe
    C:\Program Files (x86)\Dell AIO Printer 948\memcard.exe
    C:\Program Files\IDT\WDM\sttray64.exe
    C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\\ccSvcHst.exe
    C:\Program Files (x86)\Lexmark 7100 Series\lxbxmon.exe
    C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    C:\Program Files (x86)\Lexmark 7100 Series\ezprint.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
    C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files (x86)\VueSoft\VueMinder\VueMinder.exe
    C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
    c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files (x86)\ 3\program\soffice.exe
    C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
    C:\Program Files (x86)\ 3\program\soffice.bin
    C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
    C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
    C:\Program Files (x86)\Norton Internet Security\Engine\\ccSvcHst.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    ============== Pseudo HJT Report ===============
    uStart Page =
    uDefault_Page_URL = hxxp://
    mDefault_Page_URL = hxxp://
    mStart Page = hxxp://
    uInternet Settings,ProxyOverride = *.local;<local>
    uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll
    mWinlogon: Userinit=userinit.exe
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\\IPSBHO.DLL
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: hpBHO Class: {abd3b5e1-b268-407b-a150-2641dab8d898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
    BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\\coIEPlg.dll
    TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
    uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    uRun: [Comrade.exe] C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
    uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    uRun: [Messenger (Yahoo!)] "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    uRun: [VueMinder] "C:\Program Files (x86)\VueSoft\VueMinder\VueMinder.exe" 1
    uRunOnce: [*NMRUI] "C:\Users\Anyone Else\Downloads\NPE.exe" /POSTADVSCAN
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
    mRun: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun: [<NO NAME>]
    mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    mRun: [CarboniteSetupLite] "C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
    mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [Dell AIO Printer 948] "C:\Program Files (x86)\Dell AIO Printer 948\fm3032.exe" /s
    mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
    mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
    mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"" /build:7601
    uPolicies-system: WallpaperStyle = 2
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    dPolicies-system: WallpaperStyle = 2
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://
    DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://
    DPF: {C228AEDD-FC47-11D3-AF87-D128A9381404} - hxxp://
    DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://
    TCP: DhcpNameServer =
    TCP: Interfaces\{283C1F69-B409-4F5D-BC5A-6C52D79626E8} : DhcpNameServer =
    TCP: Interfaces\{8AAC2A22-419C-4055-92C2-79DC9B2F1E83} : DhcpNameServer =
    TCP: Interfaces\{8AAC2A22-419C-4055-92C2-79DC9B2F1E83}\37869607D616E6 : DhcpNameServer =
    TCP: Interfaces\{8AAC2A22-419C-4055-92C2-79DC9B2F1E83}\54279636D2E4564777F627B6 : DhcpNameServer =
    TCP: Interfaces\{8AAC2A22-419C-4055-92C2-79DC9B2F1E83}\7516B656455636863547574656E647 : DhcpNameServer =
    TCP: Interfaces\{8AAC2A22-419C-4055-92C2-79DC9B2F1E83}\7516B656455636867457563747 : DhcpNameServer =
    TCP: Interfaces\{8AAC2A22-419C-4055-92C2-79DC9B2F1E83}\C696E6B6379737 : DhcpNameServer =
    TCP: Interfaces\{8AAC2A22-419C-4055-92C2-79DC9B2F1E83}\E4544574541425 : DhcpNameServer =
    Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll
    Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\\CoIEPlg.dll
    mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
    BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    BHO-X64: 0x1 - No File
    BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO-X64: HP Print Enhancer - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\\coIEPlg.dll
    BHO-X64: Symantec NCO BHO - No File
    BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\\IPSBHO.DLL
    BHO-X64: Symantec Intrusion Prevention - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: hpBHO Class: {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
    BHO-X64: HelloWorldBHO - No File
    BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
    BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    BHO-X64: HP Smart BHO Class - No File
    TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\\coIEPlg.dll
    TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll
    TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
    TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    mRun-x64: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
    mRun-x64: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
    mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
    mRun-x64: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
    mRun-x64: [(Default)]
    mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    mRun-x64: [CarboniteSetupLite] "C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=900
    mRun-x64: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [Dell AIO Printer 948] "C:\Program Files (x86)\Dell AIO Printer 948\fm3032.exe" /s
    mRun-x64: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"
    mRun-x64: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    mRun-x64: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
    mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    ================= FIREFOX ===================
    FF - ProfilePath -
    ============= SERVICES / DRIVERS ===============
    R0 SMR200;Symantec SMR Utility Service 2.0.0;C:\Windows\system32\drivers\SMR200.SYS --> C:\Windows\system32\drivers\SMR200.SYS [?]
    R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1008000.029\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1008000.029\SYMEFA64.SYS [?]
    R1 BHDrvx64;Symantec Heuristics Driver;C:\Windows\system32\Drivers\NISx64\1008000.029\BHDrvx64.sys --> C:\Windows\system32\Drivers\NISx64\1008000.029\BHDrvx64.sys [?]
    R1 ccHP;Symantec Hash Provider;C:\Windows\system32\Drivers\NISx64\1008000.029\ccHPx64.sys --> C:\Windows\system32\Drivers\NISx64\1008000.029\ccHPx64.sys [?]
    R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20110805.030\IDSviA64.sys [2011-8-5 488056]
    R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
    R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-3-2 89600]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
    R2 dldf_device;dldf_device;C:\Windows\system32\dldfcoms.exe -service --> C:\Windows\system32\dldfcoms.exe -service [?]
    R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-9-26 189736]
    R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
    R2 Norton Internet Security;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\\ccSvcHst.exe [2010-2-3 117640]
    R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-8-15 228408]
    R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-7-31 136824]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
    R3 SYMNDISV;Symantec Network Filter Driver;C:\Windows\system32\Drivers\NISx64\1008000.029\SYMNDISV.SYS --> C:\Windows\system32\Drivers\NISx64\1008000.029\SYMNDISV.SYS [?]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys --> C:\Windows\system32\DRIVERS\usbfilter.sys [?]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 dldfCATSCustConnectService;dldfCATSCustConnectService;C:\Windows\System32\spool\DRIVERS\x64\3\dldfserv.exe [2007-6-26 33416]
    S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2011-3-23 245760]
    S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\SolidWorks\SolidWorks\swScheduler\DTSCoordinatorService.exe [2010-1-20 87336]
    S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-1-11 1315592]
    S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
    S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
    S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
    S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
    S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
    S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
    =============== Created Last 30 ================
    2011-08-06 21:15:40 96376 ----a-w- C:\Windows\System32\drivers\SMR200.SYS
    2011-08-06 20:55:31 -------- d-----w- C:\Users\Breezo\AppData\Local\NPE
    2011-08-06 07:25:49 -------- d-----w- C:\Users\Breezo\AppData\Local\VueSoft
    2011-08-05 08:22:23 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{71DB6FB2-268C-4203-AD8D-6FC68E6C06DD}\mpengine.dll
    2011-07-25 22:56:59 -------- d-----w- C:\Program Files (x86)\VueSoft
    2011-07-13 21:06:59 4096 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    2011-07-13 21:06:59 4096 ---ha-w- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
    2011-07-13 21:06:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    2011-07-13 21:06:59 3072 ---ha-w- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
    2011-07-13 21:06:21 3137536 ----a-w- C:\Windows\System32\win32k.sys
    2011-07-13 21:05:18 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2011-07-13 21:05:17 338944 ----a-w- C:\Windows\System32\conhost.exe
    2011-07-13 21:05:16 214528 ----a-w- C:\Windows\System32\winsrv.dll
    2011-07-13 21:05:15 243200 ----a-w- C:\Windows\System32\wow64.dll
    2011-07-13 21:05:14 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2011-07-13 21:05:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2011-07-13 21:05:12 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2011-07-13 21:05:10 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2011-07-13 21:05:10 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2011-07-13 21:05:10 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2011-07-13 21:04:58 2048 ----a-w- C:\Windows\SysWow64\user.exe
    ==================== Find3M ====================
    2011-07-03 20:52:10 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-06-03 06:56:38 421888 ----a-w- C:\Windows\System32\KernelBase.dll
    2011-06-03 05:57:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2011-06-03 05:56:11 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
    2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    2011-05-24 22:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe
    2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
    2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
    2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
    2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
    2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
    2011-05-19 06:26:42 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
    2011-05-19 06:26:41 175616 ----a-w- C:\Windows\System32\msclmd.dll
    2011-05-13 21:58:22 17720 ----a-w- C:\Windows\System32\HPMDPCoInst12.dll
    2011-05-13 21:58:16 30008 ----a-w- C:\Windows\System32\drivers\hpdskflt.sys
    2011-05-13 21:58:10 30520 ----a-w- C:\Windows\System32\hpservice.exe
    2011-05-13 21:58:04 20792 ----a-w- C:\Windows\System32\accelerometerdll.DLL
    2011-05-13 21:57:58 43320 ----a-w- C:\Windows\System32\drivers\Accelerometer.sys
    ============= FINISH: 0:40:05.16 ===============


    D: is FIXED (NTFS) - 15 GiB total, 2.519 GiB free.
    E: is CDROM ()
    ==== Disabled Device Manager Items =============
    ==== System Restore Points ===================
    RP166: 7/11/2011 4:01:48 PM - Scheduled Checkpoint
    RP167: 7/14/2011 3:42:30 AM - Windows Update
    RP168: 7/23/2011 6:17:27 PM - Windows Update
    RP169: 7/25/2011 2:17:23 AM - Removed Apple Application Support
    RP170: 7/25/2011 2:19:03 AM - Removed Apple Application Support
    RP171: 7/25/2011 2:20:38 AM - Removed Apple Mobile Device Support
    RP172: 7/25/2011 2:24:06 AM - Removed Apple Software Update
    RP173: 7/25/2011 2:26:01 AM - Removed VoiceOver Kit
    RP174: 7/25/2011 7:55:43 PM - Installed VueMinder Calendar Lite
    RP175: 7/29/2011 3:30:49 PM - Windows Update
    RP176: 8/2/2011 12:42:33 PM - Windows Update
    ==== Installed Programs ======================
    Update for Microsoft Office 2007 (KB2508958)
    Activate Norton Online Backup
    ActiveCheck component for HP Active Support Library
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.4.5 MUI
    Adobe Shockwave Player 11.5
    AMD USB Filter Driver
    Atheros Driver Installation Program
    AviSynth 2.5
    Carbonite Online Backup Setup
    Catalyst Control Center - Branding
    Catalyst Control Center Core Implementation
    Catalyst Control Center Graphics Full Existing
    Catalyst Control Center Graphics Full New
    Catalyst Control Center Graphics Light
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center Graphics Previews Vista
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Choice Guard
    Cisco Network Magic
    Compatibility Pack for the 2007 Office system
    Corel Paint Shop Pro Photo X2
    Corel VideoStudio 12
    CyberLink DVD Suite
    Dell Driver Download Manager
    Dev-C++ 5 beta 9 release (
    DivX Setup
    DVD Decrypter (Remove Only)
    DVD Shrink 3.2
    Family Feud 2
    Family Feud Battle of the Sexes
    GameSpy Comrade
    Homepage Protection
    HP Advisor
    HP Customer Experience Enhancements
    HP Games
    HP MediaSmart DVD
    HP MediaSmart Internet TV
    HP MediaSmart Live TV
    HP MediaSmart Movie Themes
    HP MediaSmart Music/Photo/Video
    HP MediaSmart SlingPlayer
    HP MediaSmart Software Notebook Demo
    HP MediaSmart Webcam
    HP Quick Launch Buttons
    HP Setup
    HP Support Assistant
    HP Update
    HP User Guides 0153
    HP Wireless Assistant
    HPAsset component for HP Active Support Library
    IDT Audio
    Java Auto Updater
    Java(TM) 6 Update 23
    JMicron Flash Media Controller Driver
    Junk Mail filter update
    LightScribe System Software
    Microsoft .NET Framework 1.1
    Microsoft Live Search Toolbar
    Microsoft Office 2003 Web Components
    Microsoft Office 2007 Service Pack 2 (SP2)
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office Home and Student 2007
    Microsoft Office Live Add-in 1.5
    Microsoft Office OneNote MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Suite Activation Assistant
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual Studio 2005 Tools for Applications - ENU
    Microsoft Works
    Mozilla Firefox 4.0 (x86 en-US)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    muvee Reveal Seagate Edition
    Network Magic
    Norton Internet Security 3.3
    Pure Networks Platform
    Realtek 8136 8168 8169 Ethernet Driver
    Seagate Manager Installer
    Security Update for 2007 Microsoft Office System (KB2288621)
    Security Update for 2007 Microsoft Office System (KB2288931)
    Security Update for 2007 Microsoft Office System (KB2345043)
    Security Update for 2007 Microsoft Office System (KB2509488)
    Security Update for 2007 Microsoft Office System (KB969559)
    Security Update for 2007 Microsoft Office System (KB976321)
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft Office 2007 System (KB2541012)
    Security Update for Microsoft Office Excel 2007 (KB2541007)
    Security Update for Microsoft Office InfoPath 2007 (KB979441)
    Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
    Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
    Security Update for Microsoft Office system 2007 (972581)
    Security Update for Microsoft Office system 2007 (KB974234)
    Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
    Security Update for Microsoft Office Word 2007 (KB2344993)
    Sid Meier's Civilization 4 Gold
    SkillSoft Course Manager
    SolidWorks 2010 x64 Edition SP02.1
    SolidWorks eDrawings 2010
    TI Connect 1.6
    Update for 2007 Microsoft Office System (KB2284654)
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft Office 2007 Help for Common Features (KB963673)
    Update for Microsoft Office 2007 System (KB2539530)
    Update for Microsoft Office Excel 2007 Help (KB963678)
    Update for Microsoft Office OneNote 2007 (KB980729)
    Update for Microsoft Office OneNote 2007 Help (KB963670)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669)
    Update for Microsoft Office Script Editor Help (KB963671)
    Update for Microsoft Office Word 2007 Help (KB963665)
    VC80CRTRedist - 8.0.50727.4053
    VueMinder Calendar Lite
    West Point Bridge Designer 2011 (2nd Edition) (remove only)
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Mail
    Windows Live Messenger
    Windows Live Upload Tool
    Windows Live Writer
    Windows Media Encoder 9 Series
    Yahoo! Messenger
    Yahoo! Software Update
    Yahoo! Toolbar
    ==== Event Viewer Messages From Past Week ========
    8/6/2011 9:38:33 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the dldfCATSCustConnectService service to connect.
    8/6/2011 9:38:33 PM, Error: Service Control Manager [7000] - The dldfCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    8/6/2011 9:38:15 PM, Error: ACPI [13] - : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
    8/6/2011 3:40:28 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    8/6/2011 3:40:26 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
    8/6/2011 3:40:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    8/6/2011 3:40:26 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    8/6/2011 3:40:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    8/6/2011 3:40:15 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    8/6/2011 3:40:08 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccHP discache eeCtrl IDSVia64 spldr SRTSP SRTSPX SYMTDI Wanarpv6
    7/31/2011 6:33:57 PM, Error: Service Control Manager [7034] - The Internet Connection Sharing (ICS) service terminated unexpectedly. It has done this 1 time(s).
    ==== End Of File ===========================

    BUMP! OK, still need help.

    Hello makaveliliveson,

    Quote Originally Posted by makaveliliveson View Post
    BUMP! OK, still need help.
    FYI. Besides the one provided previously, another link to a sticky. Bump and Topic May Be Closed

    If you have waited four days or longer for assistance, please start a topic in this sub-forum and post with a link back to your topic in the Malware forum, so that we know who you are and your topic is not archived.
    The Waiting Room: Post here if waiting for help four days
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

    Please read Before You Post
    While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

    Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.

    Forum policy, if no reply in 3 days your thread will be closed. Reply to this thread only by using the Submit Reply and do not start any new topics.

    Download Combofix from any of the links below. You must rename it before saving it. Save it to your desktop.

    Link 1
    Link 2

    * IMPORTANT !!! Save ComboFix.exe to your Desktop

    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
    • See this Link for programs that need to be disabled and instruction on how to disable them.
    • Remember to re-enable them when we're done.

    • Double click on ComboFix.exe & follow the prompts.

    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Click on Yes, to continue scanning for malware.

    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

    *If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

    Thank you for the assistance, Ken. I have been doing a backup since yesterday, and I have only a few hundred GB left to backup right now. I am unable to install ERUNT to backup my registry. Any ideas on how to get this working?

  6. #6
    Well, at this point I am not sure if malware is preventing it, see if you can run Combofix, if not run Malwarebytes

    Please download Malwarebytes from Here or Here

    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform quick scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected .
    • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
    Post the report please
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

    I am sorry I haven't posted any of my logs yet, but I am still trying to backup my computer. I am using my external drive to backup my system so it is taking a long time. Hopefully it will not be too much longer. I apologize for any inconvenience this is causing to you, Ken.

  8. #8
    Not a problem, but post those logs when you can so we can see if your not able to run some programs is a windows issue or malware related
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

    Default ComboFix Log

    Ok, so I finally got my system backup done, and I ran ComboFix. It took like an hour, and that seemed a little long. Also, now my administrator account is jacked up. It won't let me open anything because it says a registry key is marked for deletion. Don't know if that's useful information, but it seemed strange.

    ComboFix Log

    ComboFix 11-08-18.02 - Breezo 08/18/2011 16:42:16.1.2 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4092.1191 [GMT -3:00]
    Running from: c:\users\Anyone Else\Desktop\Combo-Fix.exe
    AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
    FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
    SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    c:\users\Anyone Else\AppData\Roaming\Mozilla\Firefox\Profiles\j3e8dco0.default\extensions\{d06b8c0b-cb71-4be4-b8bb-1184c92a9215}
    c:\users\Anyone Else\AppData\Roaming\Mozilla\Firefox\Profiles\j3e8dco0.default\extensions\{d06b8c0b-cb71-4be4-b8bb-1184c92a9215}\chrome.manifest
    c:\users\Anyone Else\AppData\Roaming\Mozilla\Firefox\Profiles\j3e8dco0.default\extensions\{d06b8c0b-cb71-4be4-b8bb-1184c92a9215}\chrome\xulcache.jar
    c:\users\Anyone Else\AppData\Roaming\Mozilla\Firefox\Profiles\j3e8dco0.default\extensions\{d06b8c0b-cb71-4be4-b8bb-1184c92a9215}\defaults\preferences\xulcache.js
    c:\users\Anyone Else\AppData\Roaming\Mozilla\Firefox\Profiles\j3e8dco0.default\extensions\{d06b8c0b-cb71-4be4-b8bb-1184c92a9215}\install.rdf
    c:\users\Public\videos\HP MediaSmart Demo.exe
    ((((((((((((((((((((((((( Files Created from 2011-07-18 to 2011-08-18 )))))))))))))))))))))))))))))))
    2011-08-18 20:35 . 2011-08-18 20:35 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-08-18 19:52 . 2011-08-18 19:52 -------- d-----w- c:\users\Breezo\AppData\Local\CrashDumps
    2011-08-17 09:11 . 2011-08-12 04:10 8862544 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4A76680E-D05A-4802-8674-C29F2AECB2F7}\mpengine.dll
    2011-08-11 15:27 . 2011-06-24 05:25 338432 ----a-w- c:\windows\system32\conhost.exe
    2011-08-06 21:15 . 2011-08-06 21:15 96376 ----a-w- c:\windows\system32\drivers\SMR200.SYS
    2011-08-06 20:55 . 2011-08-06 21:30 -------- d-----w- c:\users\Breezo\AppData\Local\NPE
    2011-08-06 07:25 . 2011-08-06 07:25 -------- d-----w- c:\users\Breezo\AppData\Local\VueSoft
    2011-07-25 22:56 . 2011-07-25 22:56 -------- d-----w- c:\program files (x86)\VueSoft
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    2011-07-25 06:49 . 2010-01-29 18:10 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
    2011-07-25 06:49 . 2010-06-25 22:22 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
    2011-07-25 06:49 . 2010-06-25 22:22 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
    2011-07-23 21:07 . 2010-01-28 02:49 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
    2011-07-23 20:57 . 2010-01-28 02:49 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
    2011-07-23 20:46 . 2010-06-28 17:29 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
    2011-07-23 20:46 . 2010-02-28 18:34 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
    2011-07-16 04:26 . 2011-08-11 15:27 44032 ----a-w- c:\windows\apppatch\acwow64.dll
    2011-07-03 20:52 . 2011-06-17 15:51 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-06-25 10:55 . 2011-06-25 10:55 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
    2011-06-25 10:55 . 2011-06-25 10:55 161792 ----a-w- c:\windows\SysWow64\msls31.dll
    2011-06-25 10:55 . 2011-06-25 10:55 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
    2011-06-25 10:55 . 2011-06-25 10:55 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
    2011-06-25 10:55 . 2011-06-25 10:55 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
    2011-06-25 10:55 . 2011-06-25 10:55 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
    2011-06-25 10:55 . 2011-06-25 10:55 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
    2011-06-25 10:55 . 2011-06-25 10:55 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
    2011-06-25 10:55 . 2011-06-25 10:55 367104 ----a-w- c:\windows\SysWow64\html.iec
    2011-06-25 10:55 . 2011-06-25 10:55 1427456 ----a-w- c:\windows\SysWow64\inetcpl.cpl
    2011-06-25 10:55 . 2011-06-25 10:55 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
    2011-06-25 10:55 . 2011-06-25 10:55 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
    2011-06-25 10:55 . 2011-06-25 10:55 152064 ----a-w- c:\windows\SysWow64\wextract.exe
    2011-06-25 10:55 . 2011-06-25 10:55 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
    2011-06-25 10:55 . 2011-06-25 10:55 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
    2011-06-25 10:55 . 2011-06-25 10:55 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
    2011-06-25 10:55 . 2011-06-25 10:55 11776 ----a-w- c:\windows\SysWow64\mshta.exe
    2011-06-25 10:55 . 2011-06-25 10:55 101888 ----a-w- c:\windows\SysWow64\admparse.dll
    2011-06-25 10:55 . 2011-06-25 10:55 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
    2011-06-25 10:55 . 2011-06-25 10:55 222208 ----a-w- c:\windows\system32\msls31.dll
    2011-06-25 10:55 . 2011-06-25 10:55 173056 ----a-w- c:\windows\system32\ieUnatt.exe
    2011-06-25 10:55 . 2011-06-25 10:55 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
    2011-06-25 10:55 . 2011-06-25 10:55 76800 ----a-w- c:\windows\system32\tdc.ocx
    2011-06-25 10:55 . 2011-06-25 10:55 49664 ----a-w- c:\windows\system32\imgutil.dll
    2011-06-25 10:55 . 2011-06-25 10:55 48640 ----a-w- c:\windows\system32\mshtmler.dll
    2011-06-25 10:55 . 2011-06-25 10:55 448512 ----a-w- c:\windows\system32\html.iec
    2011-06-25 10:55 . 2011-06-25 10:55 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
    2011-06-25 10:55 . 2011-06-25 10:55 12288 ----a-w- c:\windows\system32\mshta.exe
    2011-06-25 10:55 . 2011-06-25 10:55 114176 ----a-w- c:\windows\system32\admparse.dll
    2011-06-25 10:55 . 2011-06-25 10:55 111616 ----a-w- c:\windows\system32\iesysprep.dll
    2011-06-25 10:55 . 2011-06-25 10:55 85504 ----a-w- c:\windows\system32\iesetup.dll
    2011-06-25 10:55 . 2011-06-25 10:55 603648 ----a-w- c:\windows\system32\vbscript.dll
    2011-06-25 10:55 . 2011-06-25 10:55 30720 ----a-w- c:\windows\system32\licmgr10.dll
    2011-06-25 10:55 . 2011-06-25 10:55 165888 ----a-w- c:\windows\system32\iexpress.exe
    2011-06-25 10:55 . 2011-06-25 10:55 160256 ----a-w- c:\windows\system32\wextract.exe
    2011-06-25 10:55 . 2011-06-25 10:55 1492992 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-06-11 03:07 . 2011-07-13 21:06 3137536 ----a-w- c:\windows\system32\win32k.sys
    2011-06-03 05:55 . 2010-01-28 02:48 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2011-05-24 22:14 . 2010-02-08 07:54 270720 ------w- c:\windows\system32\MpSigStub.exe
    2011-05-24 11:42 . 2011-06-29 16:36 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
    2011-05-24 10:40 . 2011-06-29 16:36 64512 ----a-w- c:\windows\SysWow64\devobj.dll
    2011-05-24 10:40 . 2011-06-29 16:36 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
    2011-05-24 10:39 . 2011-06-29 16:36 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
    2011-05-24 10:37 . 2011-06-29 16:36 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    *Note* empty entries & legit default entries are not shown
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll" [2011-03-16 214840]
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}]
    2009-06-08 21:41 120104 ----a-w- c:\program files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
    "HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-10-26 1668664]
    "LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
    "Comrade.exe"="c:\program files (x86)\GameSpy\Comrade\Comrade.exe" [2007-05-27 36864]
    "msnmsgr"="c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe" [2009-02-07 3885408]
    "Messenger (Yahoo!)"="c:\progra~2\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]
    "VueMinder"="c:\program files (x86)\VueSoft\VueMinder\VueMinder.exe" [2011-07-23 4924928]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
    "HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
    "Corel File Shell Monitor"="c:\program files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe" [2009-06-22 16712]
    "QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-08-20 322104]
    "NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-05-13 581480]
    "UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
    "HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
    "WirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2009-07-23 498744]
    "CarboniteSetupLite"="c:\program files (x86)\Carbonite\CarbonitePreinstaller.exe" [2009-08-04 318096]
    "MaxMenuMgr"="c:\program files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-09-26 185640]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
    "Dell AIO Printer 948"="c:\program files (x86)\Dell AIO Printer 948\fm3032.exe" [2009-04-27 311976]
    "nmctxth"="c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]
    "nmapp"="c:\program files (x86)\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-09-24 421160]
    "BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
    "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
    c:\users\Anyone Else\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ 3.1.lnk - c:\program files (x86)\ 3\program\quickstart.exe [2010-12-13 1198592] 3.3.lnk - c:\program files (x86)\ 3\program\quickstart.exe [2010-12-13 1198592]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    "WallpaperStyle"= 2
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    @="FSFilter Activity Monitor"
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 dldfCATSCustConnectService;dldfCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\dldfserv.exe [2007-06-26 33416]
    R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
    R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\solidworks\SolidWorks\swScheduler\DTSCoordinatorService.exe [2010-01-20 87336]
    R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-01-11 1315592]
    R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
    R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [x]
    R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
    R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
    R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
    S0 SMR200;Symantec SMR Utility Service 2.0.0;c:\windows\System32\drivers\SMR200.SYS [x]
    S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1008000.029\SYMEFA64.SYS [x]
    S1 BHDrvx64;Symantec Heuristics Driver;c:\windows\System32\Drivers\NISx64\1008000.029\BHDrvx64.sys [x]
    S1 ccHP;Symantec Hash Provider;c:\windows\System32\Drivers\NISx64\1008000.029\ccHPx64.sys [x]
    S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20110817.030\IDSvia64.sys [2011-08-02 488056]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-03 89600]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 dldf_device;dldf_device;c:\windows\system32\dldfcoms.exe [2007-06-26 1052808]
    S2 FreeAgentGoNext Service;Seagate Service;c:\program files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-09-26 189736]
    S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
    S2 Norton Internet Security;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\\ccSvcHst.exe [2009-08-22 117640]
    S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
    S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [x]
    S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-07-27 136824]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
    S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\Drivers\NISx64\1008000.029\SYMNDISV.SYS [x]
    S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x]
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
    2009-06-17 20:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
    Contents of the 'Scheduled Tasks' folder
    2010-11-13 c:\windows\Tasks\Install_NSS.job
    - c:\program files (x86)\DivX\Symantec\scstubinstaller.exe [2010-03-08 18:00]
    --------- x86-64 -----------
    "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-15 171520]
    "dldfmon.exe"="c:\program files (x86)\Dell AIO Printer 948\dldfmon.exe" [2009-04-27 455336]
    "MemoryCardManager"="c:\program files (x86)\Dell AIO Printer 948\memcard.exe" [2009-04-27 410280]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
    "LXBXCATS"="c:\windows\system32\spool\DRIVERS\x64\3\LXBXtime.dll" [2007-03-22 28672]
    "lxbxmon.exe"="c:\program files (x86)\Lexmark 7100 Series\lxbxmon.exe" [2007-05-11 205744]
    "EzPrint"="c:\program files (x86)\Lexmark 7100 Series\ezprint.exe" [2007-05-11 103344]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    ------- Supplementary Scan -------
    uStart Page =
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local;<local>
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
    TCP: DhcpNameServer =
    DPF: {C228AEDD-FC47-11D3-AF87-D128A9381404} - hxxp://
    FF - ProfilePath - c:\users\Breezo\AppData\Roaming\Mozilla\Firefox\Profiles\2pb9yx2g.default\
    FF - prefs.js: network.proxy.type - 0
    - - - - ORPHANS REMOVED - - - -
    Wow6432Node-HKLM-Run-SunJavaUpdateSched - c:\program files (x86)\Java\jre6\bin\jusched.exe
    Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
    HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
    AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
    AddRemove-{B60DCA15-56A3-4D2D-8747-22CF7D7B588B} - c:\program files (x86)\InstallShield Installation Information\{B60DCA15-56A3-4D2D-8747-22CF7D7B588B}\setup.exe
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Norton Internet Security]
    "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\\diMaster.dll\" /prefetch:1"
    --------------------- LOCKED REGISTRY KEYS ---------------------
    @Denied: (A 2) (Everyone)
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"
    @Denied: (A 2) (Everyone)
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    @Denied: (Full) (Everyone)
    ------------------------ Other Running Processes ------------------------
    c:\program files (x86)\Bonjour\mDNSResponder.exe
    c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
    c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
    c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    c:\program files (x86)\Seagate\SeagateManager\Sync\MaxSync.exe
    c:\program files (x86)\ 3\program\soffice.exe
    c:\program files (x86)\ 3\program\soffice.bin
    c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
    c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
    c:\program files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
    Completion time: 2011-08-18 17:58:28 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-08-18 20:58
    Pre-Run: 266,425,008,128 bytes free
    Post-Run: 268,240,805,888 bytes free
    - - End Of File - - 685C4ACB71F374883CC5717F6A7FD88A

  10. #10
    Junior Member
    Join Date
    Aug 2011

    Default MalWareBytes Log

    And here's my log from MalwareBytes. This was done after ComboFix.

    Malware Bytes Log

    Malwarebytes' Anti-Malware

    Database version: 7502

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 9.0.8112.16421

    8/18/2011 6:27:35 PM
    mbam-log-2011-08-18 (18-27-35).txt

    Scan type: Quick scan
    Objects scanned: 190607
    Time elapsed: 6 minute(s), 8 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

