kevinf80

Yes please just follow the steps posted..

Run the fixes as advised at this link: http://theitbros.com/microsoft-security-essentials-error-upon-windows-startup-0x80070002/ does that help?

Sounds ok to me, be aware the ESET online scan is very thorough so will take a few hours to complete.

FRST logs do not show anything obviously malicious, I only give new instructions for thorough scans to ensure we`ve missed no remnants of previous infections. If you are considering a re-install of the system obviously that is a better option as you will have a clean slate, your choice I guess.

Open CCleaner, select > tools > start up, under the windows tab make changes as follows, only if you agree: Select each entry then use the commands in the right hand pane to make changes. Red = Delete Blue = Disable Green = leave as set. Yes HKCU:Run AdobeBridge Yes HKCU:Run DisplayFusion Binary Fortress Software "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe" Yes HKCU:Run News.net C:\Program Files\News.net\BreakingNews\DesktopContainer.exe Yes HKCU:Run Sidebar Microsoft Corporation C:\Program Files\Windows Sidebar\sidebar.exe /autoRun No HKCU:Run Workrave The Workrave development team C:\Program Files (x86)\Workrave\lib\workrave.exe Yes HKLM:Run AdobeAAMUpdater-1.0 Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" Yes HKLM:Run AdobeCS6ServiceManager Adobe Systems Incorporated "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin Yes HKLM:Run AVG_UI AVG Technologies CZ, s.r.o. "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY No HKLM:Run BeatsOSDApp Hewlett-Packard C:\Program Files\IDT\WDM\beats64.exe Yes HKLM:Run HP Software Update Hewlett-Packard C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe Yes HKLM:Run hpsysdrv Hewlett-Packard c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe Yes HKLM:Run PDF Complete PDF Complete Inc C:\Program Files (x86)\PDF Complete\pdfsty.exe Yes HKLM:Run SwitchBoard Adobe Systems Incorporated C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe Yes HKLM:Run SysTrayApp IDT, Inc. C:\Program Files\IDT\WDM\sttray64.exe No Startup User OpenOffice.org 3.3.lnk C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE I`m unsure what you refer to about MSE, has that completed after the recommended restart/retry. If not run the following and try again: Download Services Repair tool, available here - http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe and Save it to your Desktop. Right click on it and select Run As Administrator, follow the prompts. It should reboot when it finishes. If not reboot it yourself. Kevin

Continue: Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop. Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator Click on the Scan button. AdwCleaner will begin...be patient as the scan may take some time to complete. When it's done you'll see: Pending: Uncheck any elements you don't want removed. Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review. Look over the log especially under Files/Folders for any program you want to save. If there's a program you want to save, just uncheck it from AdwCleaner. If you're not sure, post the log for review. If you're ready to clean it all up.....click the Clean button. After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically. Copy and paste the contents of that logfile in your next reply. A copy of that logfile will also be saved in the C:\AdwCleaner folder. Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine To restore an item that has been deleted (if necessary): Go to Tools > Quarantine Manager > check what you want restored > now click on Restore. Next, Run Malwarebytes, Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal. Please Update and run a Quick Scan with Malwarebytes Anti-Malware, Make sure that everything is checked, and click Remove Selected on any found items. Post the produced log Next, We need to run an online AV scan to ensure there are no remnants of any infection left on your system, this scan can take several hours to complete, it is very thorough and well worth running, please be patient and let it complete: Run Eset Online Scanner **Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET. Turn off the real time scanner of any existing antivirus program while performing the online scan click on the Run ESET Online Scanner button Tick the box next to YES, I accept the Terms of Use. Click Start When asked, allow the add/on to be installed Click Start Make sure that the option Remove found threats is unticked Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked. Click Scan wait for the virus definitions to be downloaded Wait for the scan to finish When the scan is complete If no threats were found put a checkmark in "Uninstall application on close" close program report to me that nothing was found If threats were found click on "list of threats found" click on "export to text file" and save it as ESET SCAN and save to the desktop Click on back put a checkmark in "Uninstall application on close" click on finish close program copy and paste the report here Finally.. Download Security Check by screen317 from either of the following: http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe Save it to your Desktop. Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked. A Notepad document should open automatically called checkup.txt; please post the contents of that document. Let me see those logs... Kevin

Please ignore instructions from Mrk23, that user is not authorized to give advice/help in this forum... I`m looking at your logs and will reply shortly

Apologies I miss of the attachment, is attached now... Regarding MSE, re-install from here: http://www.microsoft.com/en-gb/download/details.aspx?id=5201 when installed re-boot your PC, now run the removal tool from Bleeping Computers or run Revo, does it uninstall correctly? fixlist.txt

Hello and P2P/Piracy Warning: Next, Download Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. Kevin

MSE is still showing as installed in the Security Check log? See if it can be uninstalled with the following: Please download and install Revo Uninstaller Free Double click Revo Uninstaller to run it. From the list of programs double click on The Program to remove When prompted if you want to uninstall click Yes. Be sure the Moderate option is selected then click Next. The program will run, If prompted again click Yes When the built-in uninstaller is finished click on Next. Once the program has searched for leftovers click Next. Check/tick the bolded items only on the list then click Delete When prompted click on Yes and then on next. Put a check on any folders that are found and select delete When prompted select yes then on next Once done click Finish. Next, Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into. NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work. Run FRST and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt). That will confirm the removal action, delete if successful. Next, Delete FRST.exe from your Desktop or the folder it was saved to, navigate to and delete its folder C:\FRST Next, Download OTC by OldTimer from here http://oldtimer.geekstogo.com/OTC.exe or here http://www.itxassociates.com/OT-Tools/OTC.exe and save to your Desktop. Double click icon to start the program. If you are using Vista or Windows 7 accept UAC Then Click the big button. You will get a prompt saying "Begining Cleanup Process". Please select Yes. Restart your computer when prompted. This will remove tools we have used and itself. Any tools/logs remaining on the Desktop or downloads folder can be deleted. Next, Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Upgrading Java: Go to http://java.com/en/ and click on "Do I have Java" It will check your current version and then offer to update to the latest version Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it. ***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them. Make sure these are removed: Java™ 6 Update 22 Java 7 Update 25 Next, Download and install CCleaner from here: ] Ensure to select Slim version. (No Toolbar) Then select the items you wish to clean up. In the Windows Tab: Clean all entries in the "Internet Explorer" section except Cookies if you want to keep those. Clean all the entries in the "Windows Explorer" section. Clean all entries in the "System" section. Clean all entries in the "Advanced" section. Clean any others that you choose. Make sure "Wipe free space" is unticked, this will dramatically increase scan time if selected. In the Applications Tab: Clean all except cookies in the Firefox/Mozilla section if you use it. Clean all in the Opera section if you use it. Clean Sun Java in the Internet Section. Clean any others that you choose. 4. Click the "Run Cleaner" button. 5. A pop up box will appear advising this process will permanently delete files from your system. 6. Click "OK" and it will scan and clean your system. 7. Click "exit" when done. CCleaner is an excellent Utility and well worth keeping, bottom left hand corner of main interface is link "Online Help" use that link to get the full instructions for this very handy application. Next, Re-open CCleaner, select tools > start up > windows tab > the start up list will populate, select "save to text file" tab at bottom right hand corner, copy that file to next reply. Also let me know how your system is responding, also if any remaining issues or concerns... Kevin

We need to remove FRST, first it is very important to deal with its Quarantine folder using FRST itself.. OK, we continue: Delete any fixlist.txt file previously used, continue: Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into. NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work. Run FRST and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt). That will confirm the removal action, delete if successful. Next, Delete FRST.exe from your Desktop or the folder it was saved to, navigate to and delete its folder C:\FRST Next, Re-open to run it. (Vista and Win 7 users accept UAC alert) Click on the button. Click Yes to begin the cleanup process and remove tools, including this application You may be asked to reboot the machine to finish the cleanup process - if so, choose Yes Any tools/logs left on the desktop or downloads folders can be deleted Next, Download and install CCleaner from here: ] Ensure to select Slim version. (No Toolbar) Then select the items you wish to clean up. In the Windows Tab: Clean all entries in the "Internet Explorer" section except Cookies if you want to keep those. Clean all the entries in the "Windows Explorer" section. Clean all entries in the "System" section. Clean all entries in the "Advanced" section. Clean any others that you choose. Make sure "Wipe free space" is unticked, this will dramatically increase scan time if selected. In the Applications Tab: Clean all except cookies in the Firefox/Mozilla section if you use it. Clean all in the Opera section if you use it. Clean Sun Java in the Internet Section. Clean any others that you choose. 4. Click the "Run Cleaner" button. 5. A pop up box will appear advising this process will permanently delete files from your system. 6. Click "OK" and it will scan and clean your system. 7. Click "exit" when done. CCleaner is an excellent Utility and well worth keeping, bottom left hand corner of main interface is link "Online Help" use that link to get the full instructions for this very handy application. Next, Re-open CCleaner > select > tools > start up, The start up entry list will populate, look to the bottom right hand corner, Select "save to text file" button. Copy paste that file to next reply. Also let me know if there are any remaining issues/concerns.. Kevin fixlist.txt

OK, run the following: 1.Download Malwarebytes Anti-Rootkit from this link: http://www.malwarebytes.org/products/mbar/ 2. Unzip the File to a convenient location. (Recommend the Desktop) 3. Open the folder where the contents were unzipped to run mbar.exe 4. Double-click on the mbar.exe file, you may receive a User Account Control prompt asking if you are sure you wish to allow the program to run. Please allow the program to run and MBAR will now start to install any necessary drivers that are required for the program to operate correctly. If a rootkit is interfering with the installation of the drivers you will see a message that states that the DDA driver was not installed and that you should reboot your computer to install it. You will see this image: 5. If you receive this message, please click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer. Once the computer is rebooted and you login, MBAR will automatically start and you will now be at the start screen. (If no Rootkit warning you will go from step 4 to 6.) 6. The following image opens, select Next. 7. The following image opens, select Update 8. When the update completes select Next. 9. In the following window ensure "Targets" are ticked. Then select "Scan" 10. If an infection is found select the "Cleanup Button" to remove threats, Reboot if prompted. Wait while the system shuts down and the cleanup process is performed. 11. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click "Cleanup Button" once more and repeat the process. 12. If no threats were found you will see the following image, Select Exit: 13. Verify that your system is now running normally, making sure that the following items are functional: Internet access Windows Update Windows Firewall 14. If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included within Malwarebytes Anti-Rootkit folder. 15. Select "Y" from your Keyboard, tap Enter. 16. The fix will be applied, select any key to Exit. 17. Let me know how your system now responds. Copy and paste the two following logs from the mbar folder: System - log Mbar - log Date and time of scan will also be shown Next, If the logs from MBAR are clean also do this: Go to the following link: http://www.ehow.com/how_2110924_reset-back-factory-default-settings.html follow the instructions and reset your router. Next, Please download MiniToolBox, save it to your desktop and run it. Checkmark the following checkboxes: Flush DNS Report IE Proxy Settings Reset IE Proxy Settings Report FF Proxy Settings Reset FF Proxy Settings List content of Hosts List IP configuration List Winsock Entries List last 10 Event Viewer log List Installed Programs List Devices List Users, Partitions and Memory size. List Minidump Files Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

OK, post logs from OTL when ready, also let me know if any issues or concerns remain...

TDSSKiller log is good, Couple of services are set incorrectly as shown in the FSS log: The start type of BITS service is set to Demand. The default start type is Auto. Select the Windows key and R key together, in the run box type services.msc and hit enter. In the services window scroll down to the following entry: Background Intelligent Transfer Service(BITS) Right click on that entry and select "Properties" in the new window change the start up type from "Demand" to "Automatic" select Apply then ok. Next, Same again for this entry: The start type of wuauserv service is set to Disabled. The default start type is Auto. Scroll to Windows Update (wuauserv) Right click on that entry and select "Properties" in the new window change the start up type from "Demand" to "Automatic" select Apply then ok. Next, Same again for this entry: The start type of PlugPlay service is set to Disabled. The default start type is Auto. Scroll to Plug and Play Right click on that entry and select "Properties" in the new window change the start up type from "Demand" to "Automatic" select Apply then ok. Close out the services window, re-boot your PC. Run a full scan with Malwarebytes, post that log. Let me know how your PC responds, what issues/concerns remain...

Can you reinstall F-Secure, reboot then run the following: Download OTL from any of the following links and save to your desktop. http://itxassociates.com/OT-Tools/OTL.com http://oldtimer.geekstogo.com/OTL.exe http://www.itxassociates.com/OT-Tools/OTL.scr Double click the OTL icon to start the tool. (Note: If you are running on Vista or Windows 7 accept UAC alert) When the window appears, underneath Output at the top, make sure Standard output is selected. Select Scan all users Change Drivers to All Under the Extra Registry section, check Use SafeList In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check". Click Run Scan and let the program run uninterrupted. When the scan is complete, two text files will be created on your Desktop. OTL.Txt <- this one will be opened Extras.txt <- this one will be minimized Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of OTL.Txt and the Extras.txt in your next reply.

To return your computer to a Normal startup mode when complete, follow these steps: Open msconfig... On the General tab, click Normal Startup - load all device drivers and services, and then click OK. When you are prompted, click Restart. As you`ve uninstalled MSE just delete the short cut, is no use.... Regarding F-Secure, i`d recommend that you uninstall and reinstall, see if that helps.. Next, Download Farbar Service Scanner from here: http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/ and run it on the computer with the issue. Make sure the following options are checked: Internet Services Windows Firewall System Restore Security Center/Action Center Windows Update Windows Defender Press "Scan". It will create a log (FSS.txt) in the same directory the tool is run. Please copy and paste the log to your reply. Kevin..

Yes all looks good, run this please: Download Security Check by screen317 from either of the following: http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe Save it to your Desktop. Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked. A Notepad document should open automatically called checkup.txt; please post the contents of that document. Post that log, if you have no remaining issues or concerns we can clean up.. OK!

As you have AVG installed and running maybe is a good idea to remove MSE, I too am concerned that it may still be exploited... A removal tool is available here: http://www.bleepingcomputer.com/download/microsoft-security-essentials-removal-tool/ use that and see if it works, Next, I`d still like another look at your system, run the following: 1.Download Malwarebytes Anti-Rootkit from this link: http://www.malwarebytes.org/products/mbar/ 2. Unzip the File to a convenient location. (Recommend the Desktop) 3. Open the folder where the contents were unzipped to run mbar.exe 4. Double-click on the mbar.exe file, you may receive a User Account Control prompt asking if you are sure you wish to allow the program to run. Please allow the program to run and MBAR will now start to install any necessary drivers that are required for the program to operate correctly. If a rootkit is interfering with the installation of the drivers you will see a message that states that the DDA driver was not installed and that you should reboot your computer to install it. You will see this image: 5. If you receive this message, please click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer. Once the computer is rebooted and you login, MBAR will automatically start and you will now be at the start screen. (If no Rootkit warning you will go from step 4 to 6.) 6. The following image opens, select Next. 7. The following image opens, select Update 8. When the update completes select Next. 9. In the following window ensure "Targets" are ticked. Then select "Scan" 10. If an infection is found select the "Cleanup Button" to remove threats, Reboot if prompted. Wait while the system shuts down and the cleanup process is performed. 11. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click "Cleanup Button" once more and repeat the process. 12. If no threats were found you will see the following image, Select Exit: 13. Verify that your system is now running normally, making sure that the following items are functional: Internet access Windows Update Windows Firewall 14. If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included within Malwarebytes Anti-Rootkit folder. 15. Select "Y" from your Keyboard, tap Enter. 16. The fix will be applied, select any key to Exit. 17. Let me know how your system now responds. Copy and paste the two following logs from the mbar folder: System - log Mbar - log Date and time of scan will also be shown Thanks, Kevin...

We need to remove FRST, first it is very important to deal with its Quarantine folder using FRST itself.. OK, we continue: Delete any fixlist.txt file previously used, continue: Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into. NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work. Run FRST and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt). That will confirm the removal action, delete if successful. Next, Delete FRST.exe from your Desktop or the folder it was saved to, navigate to and delete its folder C:\FRST Next, Uninstall adwcleaner.exe Please close all open programs and internet browsers. Double click on adwcleaner.exe to run the tool. Click on Uninstall Click Yes at Would you like to Uninstall Adwcleaner Next, Remove ESET online scanner (Only If installed): Click Start, type Uninstall a Program into the Search programs and files box, and then press ENTER. Click to select ESET Online Scanner from the listing of installed products, and then click Uninstall/Change from the bar that displays the available tasks. Uninstall ESETonline Scanner, only re-boot if prompted. Next, Download OTC by OldTimer from here http://oldtimer.geekstogo.com/OTC.exe or here http://www.itxassociates.com/OT-Tools/OTC.exe and save to your Desktop. Double click icon to start the program. If you are using Vista or Windows 7 accept UAC Then Click the big button. You will get a prompt saying "Begining Cleanup Process". Please select Yes. Restart your computer when prompted. This will remove tools we have used and itself. Any tools/logs remaining on the Desktop or downloads folder can be deleted. Next, Create a new restore point: 1. Right-click on Computer and go to Properties. 2. Next click on the System Protection link. 3. The System Properties dialog screen opens up and you will want to click on Create. 4. Type in a description for the restore point which will help you remember the point at which it was created. Click on create. 5. You should see the message "The restore point was created successfully To remove all but the most recent restore point do the following: 1. Open Disk Cleanup by clicking the Start button . In the search box, type Disk Cleanup, and then, in the list of results, click Disk Cleanup. 2. If prompted, select the drive that you want to clean up, and then click OK. 3. In the Disk Cleanup for (usually C:\) dialog box, click Clean up system files. Administrator permission required If you're prompted for an administrator password or confirmation, type the password or provide confirmation. 4. If prompted, select the drive that you want to clean up, and then click OK. 5. Click the More Options tab, under System Restore and Shadow Copies, click Clean up. 6. In the Disk Cleanup dialog box, click Delete. 7. Click Delete Files, and then click OK. Re-Boot your PC. Let me know if those steps complete OK, Kevin... fixlist.txt

You need to re-boot for FRST to complete. Also do you know of or trust the proxy server that is active in Firefox....

What is the status of your system now, any remaining issues or concerns? Couple of updates required:- Adobe Reader is outdated... Visit http://get.adobe.com/uk/reader/otherversions/ and download the latest version of Acrobat Reader Step 1 - Select your Operating System. Step 2 - Select your Langauge. Step 3 - Select latest version. Untick the option for any security scanner or toolbar if offered. Download and install. Having the latest updates ensures there are no security vulnerabilities in your system. Next, Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Upgrading Java: Go to http://java.com/en/ and click on "Do I have Java" It will check your current version and then offer to update to the latest version Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it. ***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them. Let me know if updates complete...

We need to run an online AV scan to ensure there are no remnants of any infection left on your system, this scan can take several hours to complete, it is very thorough and well worth running, please be patient and let it complete: Run Eset Online Scanner **Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET. Turn off the real time scanner of any existing antivirus program while performing the online scan click on the Run ESET Online Scanner button Tick the box next to YES, I accept the Terms of Use. Click Start When asked, allow the add/on to be installed Click Start Make sure that the option Remove found threats is unticked Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked. Click Scan wait for the virus definitions to be downloaded Wait for the scan to finish When the scan is complete If no threats were found put a checkmark in "Uninstall application on close" close program report to me that nothing was found If threats were found click on "list of threats found" click on "export to text file" and save it as ESET SCAN and save to the desktop Click on back put a checkmark in "Uninstall application on close" click on finish close program copy and paste the report here Next, Download Farbar Service Scanner from here: http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/ and run it on the computer with the issue. Make sure the following options are checked: Internet Services Windows Firewall System Restore Security Center/Action Center Windows Update Windows Defender Press "Scan". It will create a log (FSS.txt) in the same directory the tool is run. Please copy and paste the log to your reply. Let me see those two logs. My own security set up is :- Windows own Firewall, Microsoft Security Essentials and Malwarebytes Pro. Windows FW and MSE are free, MB does also have a free version, however I prefer the pro version as it provides auto updates and realtime protection. Cost is about £20 for a lifetime license. As an extra layer I also use WinPatrol, the free version is adeqaute for general home use. Available here: http://www.winpatrol.com/download.html For my browser I use Firefox with these addons: Web of Trust, Adblock Plus, Flash Block, NoScipt, Ghostery. When Firefox is open select these keys together :- Ctrl - Shift - A that will access Addons manger, this gives access to find addons, use, start, stop or disable those features etc.... Before using NoScript read from this link http://noscript.net/ makes it easy to understand.... Understanding Windows 7 Firewall - http://windows.microsoft.com/en-GB/windows7/Understanding-Windows-Firewall-settings Understanding Microsoft Security Essentials - http://www.microsoft.com/en-gb/security/pc-security/mse.aspx Understanding Malwarebytes, how to create an exclusion in MSE - http://forums.malwarebytes.org/index.php?showtopic=10138&st=0&p=162100entry162100 Understanding WinPatrol - http://www.winpatrol.com/features.html I also use the Professional version of Sandboxie, I believe there is also free version available. Visit this link http://www.sandboxie.com/ for access to d/l, also make sure to use the "Help and FAQ" option to understand its uses, specifically how to run your browser sandboxed!.

Looks like MSE may have been exploited by malware, leave that for now.... Regarding uTorrent and and other P2P applications, yes remove them from your system, they are open flood gates for infections, also is forum protocol... Next, Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into. NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work. Run FRST and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply. Next, Run Malwarebytes, Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal. Please Update and run a Quick Scan with Malwarebytes Anti-Malware, Make sure that everything is checked, and click Remove Selected on any found items. Post the produced log Next, Please download RogueKiller from here: http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe <- 32 bit version http://www.sur-la-toile.com/RogueKiller/RogueKillerX64.exe <- 64 bit version Make sure to get the correct version for your system. Quit all running programs Please disconnect any USB or external drives from the computer before you run this scan! For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe Wait until Prescan has finished... The following EULA will appear, please select accept Ensure MBR scan, Check faked and AntiRootkit are checked Select Scan When the scan completes select Report, copy and paste that to your reply. The log should be found in RKreport[?].txt on your Desktop Exit/Close RogueKiller Post those logs, give update on current issues concerns... fixlist.txt

I assume as FireFox and Opera are not connecting you have another browser that does? if so which one, IE or Chrome? if you have an active browser do this: Follow the instructions here: https://support.mozilla.org/en-US/kb/uninstall-firefox-from-your-computer fully uninstall and remove Firefox from your PC. Next, Download and install Firefox from here: http://www.mozilla.org/en-US/ Will FF now work?

I do not see an active AV program on your system, there are remnants to Avast, is this correct, do you have an Anti-Virus program installed? Next, Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into. NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work. Run FRST and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply. Next, Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop. Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator Click on the Scan button. AdwCleaner will begin...be patient as the scan may take some time to complete. When it's done you'll see: Pending: Uncheck any elements you don't want removed. Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review. Look over the log especially under Files/Folders for any program you want to save. If there's a program you want to save, just uncheck it from AdwCleaner. If you're not sure, post the log for review. If you're ready to clean it all up.....click the Clean button. After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically. Copy and paste the contents of that logfile in your next reply. A copy of that logfile will also be saved in the C:\AdwCleaner folder. Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine To restore an item that has been deleted (if necessary): Go to Tools > Quarantine Manager > check what you want restored > now click on Restore. Next, Open Malwarebytes, check for updates then run Quick scan. Full instructions follow if Malwarebytes is not installed: Download Malwarebytes from the following link and save it to your desktop.: http://www.malwarebytes.org/mbam.php Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note) Please save the log to a location you will remember. The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy and paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Next, Download Security Check by screen317 from either of the following: http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe Save it to your Desktop. Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked. A Notepad document should open automatically called checkup.txt; please post the contents of that document. Post those logs... fixlist.txt