SharonMA1313

Brilliant - thank you!

I've got a program called Managed Antivirus, and I'll be darned if I can't figure out how to disable. Should I run ComboFix anyway?

Okay ... so far, so good. First scan found two bad files; the second was clean. I've attached the files you requested. You are amazing - thank you! Sharon mbar-log-2013-04-29 (12-16-30).txt mbar-log-2013-04-29 (12-49-42).txt system-log.txt

Here is the report: RogueKiller V8.5.4 [Mar 18 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version Started in : Normal mode User : GMI [Admin rights] Mode : Scan -- Date : 04/29/2013 10:46:48 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 3 ¤¤¤ [HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\Windows\system32\drivers\etc\hosts ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD3200BPVT-75ZEST0 +++++ --- User --- [MBR] a89bc49a2bceadcfae5ceac460d4dfda [bSP] 6d3ef0fbc993db9e4dfa4fe05519e689 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 290204 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_04292013_02d1046.txt >> RKreport[1]_S_04292013_02d1046.txt

Wow, you are fast! Everything seems to be okay ... I've copied the entirety of fixlog.txt. Amazing. Thank you. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 28-04-2013 01 Ran by SYSTEM at 2013-04-29 10:09:42 Run:1 Running from F:\ Boot Mode: Recovery ============================================== HKEY_USERS\GMI\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell value deleted successfully. 2013-04-26 10:47 - 2013-04-26 10:47 - 00000000 ____D C:ProgramData\fnpq not found. C:\Users\GMI\AppData\Roaming\i.ini moved successfully. C:\Users\GMI\Application Data\i.ini not found. ==== End of Fixlog ====

Hi there ... thanks in advance for your help! I've already downloaded and run the Farbar Recovery Scan Tool and have attached the files. I just need help from this point. I so appreciate this!! Thank you, Sharon FRST.txt Search.txt