0

My internet explorer will launch itself every few minutes or while I'm on the internet will take me back to my start up page (Yahoo) without any reason.
I've got Norton Internet Security 2012 on my computer, I've downloaded and run Malawarebytes which detects nothing and purchase and run ARO 2012 which discovers a number of errors each time it runs. I've noted that when it is doing a deep scan that IE launces at several spots in the process but the filename goes by too quickly for me to capture it.

Can someone help me fix this?

3
Contributors
16
Replies
17
Views
5 Years
Discussion Span
Last Post by PhilliePhan
0

When you say Norton is the problem should I delete the program or change a setting in it?

Thanks.

0

So I changed the setting on my Norton Internet Security to not do the Live update automatically. I reran the scan and this time it located a virus by the name of Downloader Dromedan and supposedly removed it. However when I run a scan in ARO 2012, it still is finding a number of errors and during the scan process it will hit a file which causes IE to launch.
At the end of the scan it lets me fix the errors but then I receive a message that 2 errors found in previous scans will not be removed as I don't have the proper privileges to remove them.

I've tried running Norton's Power Eraser but it doesn't locate any bad files. Can someone please help me get rid of whatever virus or virus remnant I may have this computer.

Thanks

1

Can you run the scans in the linky below and post the requested logs?

http://www.daniweb.com/hardware-and-software/microsoft-windows/viruses-spyware-and-other-nasties/threads/134865/read-me-before-posting-a-request-for-assistance

We no longer have any regular volunteers in this section, but I'll have a look as time permits.
Ideally, I'd just like to see an updated MBAM scanlog along with the DDS scanlog. If you can post the error messages you mentioned as well, that might help too.

-- Also, you should probably ditch ARO 2012. Registry cleaners are generally unnecessary and often do more harm than good. The other things it does can be done manually or with better, and free, tools.... Just my $.02 there.

Cheers :)
PP

Edited by PhilliePhan

0

``Here is the DDS scanlog 1.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64 
Internet Explorer: 9.0.8112.16421
Run by Claudia at 20:54:57 on 2012-06-06
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6092.3516 [GMT -4:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe
C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10n_ActiveX.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Claudia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\28ZB3L4T\ATF-Cleaner.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: TrueSuite Website Log On: {8590886e-ec8c-43c1-a32c-e4c2b0b6395b} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{266DDDEB-3F0F-4B26-8FC8-1C45AC700588} : DhcpNameServer = 75.75.75.75 75.75.76.76
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: EasyBits ShellExecute Hook: {e54729e8-bb3d-4270-9d49-7389ea579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64:     AcroIEHelperStub - No File
BHO-X64: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll
BHO-X64:     Norton Identity Protection - No File
BHO-X64: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\IPS\IPSBHO.DLL
BHO-X64:     Norton Vulnerability Protection - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
BHO-X64:     TSBHO Class - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64:     URLRedirectionBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\coIEPlg.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun-x64: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun-x64: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun-x64: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
SEH-X64: EasyBits ShellExecute Hook: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWow64\EZUPBH~1.DLL
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\BASHDefs\20120531.001\BHDrvx64.sys [2012-6-5 1160824]
R1 ccSet_NIS;Norton Internet Security Settings Manager;C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys --> C:\Windows\system32\drivers\NISx64\1307010.005\ccSetx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.7.1.5\Definitions\IPSDefs\20120605.001\IDSviA64.sys [2012-6-5 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1307010.005\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\NISx64\1307010.005\SYMNETS.SYS --> C:\Windows\system32\Drivers\NISx64\1307010.005\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-9-26 89600]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-1-24 901184]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-1-24 991296]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe [2011-6-21 514232]
R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-2-18 265544]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-2-17 682040]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-2-28 92216]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-9-26 13336]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-6-5 654408]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe [2012-6-2 138232]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-9-26 2656280]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-1-24 1298496]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\system32\DRIVERS\btmaux.sys --> C:\Windows\system32\DRIVERS\btmaux.sys [?]
R3 btmhsf;btmhsf;C:\Windows\system32\DRIVERS\btmhsf.sys --> C:\Windows\system32\DRIVERS\btmhsf.sys [?]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\system32\DRIVERS\clwvd.sys --> C:\Windows\system32\DRIVERS\clwvd.sys [?]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-6-3 138912]
R3 hpCMSrv;HP Connection Manager 4.0 Service;C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-2-15 1071160]
R3 iBtFltCoex;iBtFltCoex;C:\Windows\system32\DRIVERS\iBtFltCoex.sys --> C:\Windows\system32\DRIVERS\iBtFltCoex.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\system32\DRIVERS\RtsPStor.sys --> C:\Windows\system32\DRIVERS\RtsPStor.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-3-2 183560]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-2-4 340240]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-06-07 00:28:20 --------    d-----w-    C:\Users\Claudia\AppData\Local\Wild Tangent
2012-06-06 00:39:52 34152   ----a-w-    C:\Windows\System32\drivers\GEARAspiWDM.sys
2012-06-06 00:39:17 --------    d-----w-    C:\Windows\System32\drivers\NBRTWizardx64\0405000.022
2012-06-06 00:39:17 --------    d-----w-    C:\Windows\System32\drivers\NBRTWizardx64
2012-06-06 00:39:16 --------    d-----w-    C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
2012-06-05 00:32:45 --------    d-----w-    C:\Users\Claudia\AppData\Roaming\IDT
2012-06-04 00:10:30 476960  ----a-w-    C:\Windows\SysWow64\npdeployJava1.dll
2012-06-03 23:57:15 --------    d-----w-    C:\Windows\SysWow64\Wat
2012-06-03 23:57:15 --------    d-----w-    C:\Windows\System32\Wat
2012-06-03 23:34:33 --------    d-----w-    C:\Program Files (x86)\MSXML 4.0
2012-06-03 23:30:54 23408   ----a-w-    C:\Windows\System32\drivers\fs_rec.sys
2012-06-03 23:30:53 81408   ----a-w-    C:\Windows\System32\imagehlp.dll
2012-06-03 23:30:53 5120    ----a-w-    C:\Windows\SysWow64\wmi.dll
2012-06-03 23:30:53 5120    ----a-w-    C:\Windows\System32\wmi.dll
2012-06-03 23:30:53 220672  ----a-w-    C:\Windows\System32\wintrust.dll
2012-06-03 23:30:53 172544  ----a-w-    C:\Windows\SysWow64\wintrust.dll
2012-06-03 23:30:53 159232  ----a-w-    C:\Windows\SysWow64\imagehlp.dll
2012-06-03 21:43:39 125872  ----a-w-    C:\Windows\System32\GEARAspi64.dll
2012-06-03 21:43:39 106928  ----a-w-    C:\Windows\SysWow64\GEARAspi.dll
2012-06-03 21:43:17 --------    d-----w-    C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-06-03 21:43:17 --------    d-----w-    C:\Program Files\iTunes
2012-06-03 21:43:17 --------    d-----w-    C:\Program Files\iPod
2012-06-03 21:43:17 --------    d-----w-    C:\Program Files (x86)\iTunes
2012-06-03 21:42:43 --------    d-----w-    C:\Users\Claudia\AppData\Local\Apple
2012-06-03 21:42:20 --------    d-----w-    C:\Program Files\Bonjour
2012-06-03 21:42:20 --------    d-----w-    C:\Program Files (x86)\Bonjour
2012-06-03 20:57:23 --------    d-----w-    C:\Users\Claudia\AppData\Local\Apple Computer
2012-06-03 20:55:23 --------    dc----w-    C:\Users\Claudia\AppData\Local\MigWiz
2012-06-03 20:48:58 --------    d-----w-    C:\Program Files (x86)\Microsoft Synchronization Services
2012-06-03 20:47:41 --------    d-----w-    C:\Program Files (x86)\Microsoft Visual Studio 8
2012-06-03 20:46:43 --------    d-----w-    C:\Program Files (x86)\Microsoft Analysis Services
2012-06-03 20:46:37 --------    d-----w-    C:\Windows\SHELLNEW
2012-06-03 20:46:26 --------    d-----w-    C:\Users\Claudia\AppData\Local\Microsoft Help
2012-06-03 20:21:35 --------    d-----w-    C:\Users\Claudia\AppData\Roaming\Sammsoft
2012-06-03 20:21:25 --------    d-----w-    C:\Program Files (x86)\ARO 2012
2012-06-03 12:48:57 509952  ----a-w-    C:\Windows\System32\ntshrui.dll
2012-06-03 12:47:58 1918320 ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2012-06-03 12:47:57 936960  ----a-w-    C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-06-03 12:47:57 1367552 ----a-w-    C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-06-03 12:47:56 77312   ----a-w-    C:\Windows\System32\packager.dll
2012-06-03 12:47:56 67072   ----a-w-    C:\Windows\SysWow64\packager.dll
2012-06-03 12:47:56 1731920 ----a-w-    C:\Windows\System32\ntdll.dll
2012-06-03 12:47:56 1292080 ----a-w-    C:\Windows\SysWow64\ntdll.dll
2012-06-03 04:35:49 --------    d-----w-    C:\Users\Claudia\AppData\Roaming\Malwarebytes
2012-06-03 04:35:45 --------    d-----w-    C:\ProgramData\Malwarebytes
2012-06-03 04:35:44 24904   ----a-w-    C:\Windows\System32\drivers\mbam.sys
2012-06-03 04:35:44 --------    d-----w-    C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-03 04:31:52 --------    d-----w-    C:\Users\Claudia\AppData\Local\CrashDumps
2012-06-03 04:01:03 --------    d-----w-    C:\Program Files (x86)\Common Files\Symantec Shared
2012-06-03 03:57:39 405624  ----a-r-    C:\Windows\System32\drivers\NISx64\1307010.005\symnets.sys
2012-06-03 03:57:39 1092728 ----a-r-    C:\Windows\System32\drivers\NISx64\1307010.005\SymEFA64.sys
2012-06-03 03:57:38 737912  ----a-r-    C:\Windows\System32\drivers\NISx64\1307010.005\srtsp64.sys
2012-06-03 03:57:38 451192  ----a-r-    C:\Windows\System32\drivers\NISx64\1307010.005\SymDS64.sys
2012-06-03 03:57:38 37496   ----a-r-    C:\Windows\System32\drivers\NISx64\1307010.005\srtspx64.sys
2012-06-03 03:57:38 190072  ----a-r-    C:\Windows\System32\drivers\NISx64\1307010.005\Ironx64.sys
2012-06-03 03:57:38 167048  ----a-r-    C:\Windows\System32\drivers\NISx64\1307010.005\ccSetx64.sys
2012-06-03 03:57:34 --------    d-----w-    C:\Windows\System32\drivers\NISx64\1307010.005
2012-06-03 03:52:43 --------    d-----w-    C:\Users\Claudia\AppData\Local\ATI
2012-06-03 03:51:44 --------    d-----w-    C:\Users\Claudia\AppData\Roaming\Intel Corporation
2012-06-03 03:51:41 --------    d-----w-    C:\Users\Claudia\AppData\Roaming\hpqLog
2012-06-03 03:51:40 --------    d-----w-    C:\Users\Claudia\AppData\Roaming\Synaptics
2012-06-03 03:51:12 --------    d-----w-    C:\Windows\SysWow64\%COREALLUSERPATH%
2012-06-03 03:50:53 --------    d-----w-    C:\Users\Claudia\AppData\Local\RemEngine
2012-06-03 03:47:41 --------    d-----w-    C:\Users\Claudia\AppData\Local\Hewlett-Packard
2012-06-03 03:47:30 --------    d-----w-    C:\Users\Claudia\AppData\Local\Hewlett-Packard_Company
2012-06-03 03:47:18 9216    ----a-w-    C:\Windows\System32\rdrmemptylst.exe
2012-06-03 03:47:18 77312   ----a-w-    C:\Windows\System32\rdpwsx.dll
2012-06-03 03:47:18 149504  ----a-w-    C:\Windows\System32\rdpcorekmts.dll
2012-06-03 03:47:17 826880  ----a-w-    C:\Windows\SysWow64\rdpcore.dll
2012-06-03 03:47:17 23552   ----a-w-    C:\Windows\System32\drivers\tdtcp.sys
2012-06-03 03:47:17 210944  ----a-w-    C:\Windows\System32\drivers\rdpwd.sys
2012-06-03 03:47:17 1031680 ----a-w-    C:\Windows\System32\rdpcore.dll
.
==================== Find3M  ====================
.
2012-06-04 00:10:19 472864  ----a-w-    C:\Windows\SysWow64\deployJava1.dll
2012-06-03 03:57:45 175736  ----a-w-    C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-03-31 06:05:57 5559664 ----a-w-    C:\Windows\System32\ntoskrnl.exe
2012-03-31 04:39:37 3968368 ----a-w-    C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39:37 3913072 ----a-w-    C:\Windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10:03 3146240 ----a-w-    C:\Windows\System32\win32k.sys
2012-03-17 07:58:57 75120   ----a-w-    C:\Windows\System32\drivers\partmgr.sys
.
============= FINISH: 20:55:24.17 ===============
**

Here is DDS Scan Log 3

.
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 6/2/2012 11:45:17 PM
System Uptime: 6/6/2012 4:13:03 PM (4 hours ago)
.
Motherboard: Hewlett-Packard |  | 1659
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz | CPU1 | 792/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 684 GiB total, 566.625 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 1.612 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP15: 6/3/2012 10:21:02 PM - ARO 2012 Sun, Jun 03, 12  22:21
RP16: 6/3/2012 11:22:35 PM - Windows Update
RP17: 6/4/2012 1:31:32 PM - Windows Update
RP18: 6/4/2012 1:47:06 PM - ARO 2012 Mon, Jun 04, 12  13:47
RP19: 6/4/2012 8:15:46 PM - ARO 2012 Mon, Jun 04, 12  20:15
RP20: 6/4/2012 9:04:41 PM - Windows Update
RP21: 6/5/2012 6:26:02 PM - Windows Update
RP22: 6/5/2012 7:55:06 PM - ARO 2012 Tue, Jun 05, 12  19:55
RP23: 6/5/2012 9:57:15 PM - Windows Update
RP24: 6/6/2012 7:29:54 PM - ARO 2012 Wed, Jun 06, 12  19:29
RP25: 6/6/2012 7:34:30 PM - ARO 2012 Wed, Jun 06, 12  19:34
RP26: 6/6/2012 7:39:30 PM - ARO 2012 Wed, Jun 06, 12  19:39
RP27: 6/6/2012 7:43:35 PM - ARO 2012 Wed, Jun 06, 12  19:43
RP28: 6/6/2012 7:47:25 PM - ARO 2012 Wed, Jun 06, 12  19:47
.
==== Installed Programs ======================
.
ActiveCheck component for HP Active Support Library
Adobe Flash Player 10 ActiveX
Adobe Reader X MUI
Adobe Shockwave Player 11.5
Agatha Christie - Peril at End House
Apple Application Support
Apple Software Update
Bejeweled 2 Deluxe
Bejeweled 3
Bing Bar
Blackhawk Striker 2
Blasterball 3
Blio
Bounce Symphony
Build-a-lot 2
Cake Mania
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
CyberLink YouCam
D3DX10
Diner Dash 2 Restaurant Rescue
Dora's World Adventure
Energy Star Digital Logo
ESU for Microsoft Windows 7
Evernote v. 4.2.2
Farm Frenzy
FATE - The Traitor Soul
HP Connection Manager
HP Customer Experience Enhancements
HP Documentation
HP Games
HP MovieStore
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Setup
HP Setup Manager
HP SimplePass 2011
HP Software Framework
HP Support Assistant
HPAsset component for HP Active Support Library
IDT Audio
Intel(R) Display Audio Driver
Intel(R) Management Engine Components
Intel(R) Rapid Storage Technology
Intel(R) Wireless Display
Java Auto Updater
Java(TM) 6 Update 32
Junk Mail filter update
Magic Desktop
Mah Jong Medley
Malwarebytes Anti-Malware version 1.61.0.1400
Mesh Runtime
Microsoft Office 2010
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft WSE 3.0 Runtime
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery P.I. - Stolen in San Francisco
Namco All-Stars PAC-MAN
Norton Bootable Recovery Tool Wizard
Norton Internet Security
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
PX Profile Update
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
Recovery Manager
Renesas Electronics USB 3.0 Host Controller Driver
RoxioNow Player
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Slingo Supreme
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life
Wheel of Fortune 2
WildTangent Games App (HP Games)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
6/5/2012 8:40:04 PM, Error: iaStor [9]  - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
6/3/2012 7:59:43 PM, Error: Service Control Manager [7023]  - 
.
==== End Of File ===========================
0

Here is the GMER One.log as I'm unable to attach the file as it was saved as txt file.

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-06-06 22:35:18
Windows 6.1.7601 Service Pack 1 
Running: e53qgden.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac7289b5a06c                      
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ac7289b5a06c (not active ControlSet)  

---- EOF - GMER 1.0.15 ----

Here's the e Malwarebytes log.

Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.07.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Claudia :: CLAUDIA-HP [administrator]

Protection: Enabled

6/6/2012 10:36:09 PM
mbam-log-2012-06-06 (22-36-09).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 347976
Time elapsed: 22 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

During both scans the internet tried to launch but I had disconnected from the internet connection so I received the cannot connect error message. I haven't run the ARO 2012 scan but can if you would like to see it's log I can run it.

Thank you so much in advance for helping me out and getting this resolved. I really appreciate it.

Claudia

1

Thank you so much in advance for helping me out and getting this resolved. I really appreciate it.

Hi Claudia,

Happy to try to help :)

Those scanlogs look clean to me.
Let's see if we can isolate what is launching Internet Explorer.

Please download Process Explorer from the linky below.
http://download.sysinternals.com/files/ProcessExplorer.zip

-- Extract the Process Explorer Folder from the ZIP and onto the Desktop.
-- Open the foder and run Procexp.exe.

Just leave PE open and running until Internet Explorer launches on its own. Once IE opens, you should be able to see it reflected in the Process Explorer window. If you were to launch IE yourself in the usual manner, it will be located in the tree under Explorer.exe (which is Windows Explorer).
If something else launches it, IE will be in that tree, under the program that launched it.

Anyhoo, once Internet Explorer launches on its own, please click the File tab in in the upper left of the Process Explorer window and select Save As and save the log to the desktop as PE Log 1 and please post that for me.

Let's see if that shows us what is launching IE.

Cheers :)
PP

Edited by PhilliePhan

0

Here is the log information. Again I wasn't able to attach the saved file as it is in txt format.

Process PID CPU Private Bytes Working Set Description Company Name
System Idle Process 0 91.60 0 K 24 K
System 4 0.26 320 K 12,672 K
Interrupts n/a 1.32 0 K 0 K Hardware Interrupts and DPCs
smss.exe 352 560 K 1,208 K
csrss.exe 488 < 0.01 2,416 K 4,832 K
conhost.exe 1636 1,076 K 2,788 K
wininit.exe 604 1,688 K 4,580 K
services.exe 712 6,384 K 10,820 K
svchost.exe 844 0.03 4,512 K 10,172 K Host Process for Windows Services Microsoft Corporation
unsecapp.exe 2696 2,124 K 5,648 K
WmiPrvSE.exe 2992 0.04 5,696 K 11,576 K
BioMonitor.exe 4140 1,488 K 4,916 K BioMonitor HP
btplayerctrl.exe 4344 2,360 K 5,800 K Bluetooth Media Player Controller Intel Corporation
unsecapp.exe 4380 2,212 K 6,316 K Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation
BingBar.exe 5696 3,352 K 8,384 K Bing Client Extensions Microsoft Corporation.
BingApp.exe 4272 1,648 K 5,988 K Bing Client Application Process Microsoft Corporation.
dllhost.exe 5308 2,816 K 7,384 K
FlashUtil10n_ActiveX.exe 3276 1,652 K 5,652 K Adobe® Flash® Player Installer/Uninstaller 10.2 r152 Adobe Systems, Inc.
TrueSuiteService.exe 908 1,840 K 5,388 K HP Service HP
TouchControl.exe 3960 4,472 K 13,020 K TouchControl HP
svchost.exe 968 0.02 7,220 K 11,568 K Host Process for Windows Services Microsoft Corporation
atiesrxx.exe 136 1,736 K 4,472 K AMD External Events Service Module AMD
atieclxx.exe 1452 2,672 K 6,900 K
svchost.exe 548 0.10 21,424 K 25,328 K Host Process for Windows Services Microsoft Corporation
svchost.exe 384 180,240 K 190,864 K Host Process for Windows Services Microsoft Corporation
WUDFHost.exe 1380 < 0.01 7,928 K 7,676 K
wlanext.exe 1628 9,512 K 19,388 K
dwm.exe 3800 1.06 65,624 K 52,828 K Desktop Window Manager Microsoft Corporation
svchost.exe 952 0.73 38,164 K 56,836 K Host Process for Windows Services Microsoft Corporation
taskeng.exe 5856 2,508 K 6,672 K Task Scheduler Engine Microsoft Corporation
YCMMirage.exe 6052 < 0.01 1,728 K 632 K YouCam Mirage CyberLink
stacsv64.exe 1040 0.01 12,868 K 9,224 K IDT PC Audio IDT, Inc.
svchost.exe 1232 0.03 10,788 K 18,216 K Host Process for Windows Services Microsoft Corporation
hpservice.exe 1332 < 0.01 1,888 K 4,804 K HpService Hewlett-Packard Company
svchost.exe 1540 0.02 26,512 K 31,116 K Host Process for Windows Services Microsoft Corporation
spoolsv.exe 1720 7,656 K 13,640 K Spooler SubSystem App Microsoft Corporation
svchost.exe 1760 3,020 K 6,892 K Host Process for Windows Services Microsoft Corporation
svchost.exe 1796 0.01 25,800 K 29,716 K Host Process for Windows Services Microsoft Corporation
AESTSr64.exe 1884 1,324 K 2,928 K Andrea filters APO access service (64-bit) Andrea Electronics Corporation
AppleMobileDeviceService.exe 1912 0.01 3,216 K 9,440 K MobileDeviceService Apple Inc.
devmonsrv.exe 1940 2,600 K 6,652 K Bluetooth Device Monitor Intel Corporation
mDNSResponder.exe 1996 2,716 K 6,148 K Bonjour Service Apple Inc.
svchost.exe 2032 1,840 K 4,804 K Host Process for Windows Services Microsoft Corporation
EvtEng.exe 1252 9,820 K 17,392 K Intel(R) PROSet/Wireless Event Log Service Intel(R) Corporation
ezSharedSvcHost.exe 1816 < 0.01 1,540 K 5,216 K
svchost.exe 2056 0.50 8,116 K 35,096 K Host Process for Windows Services Microsoft Corporation
HPClientServices.exe 2088 3,988 K 8,128 K HP Client Services Hewlett-Packard Company
HPWMISVC.exe 2132 3,432 K 8,232 K HP Quick Launch WMI Service Hewlett-Packard Development Company, L.P.
ccSvcHst.exe 2192 0.05 29,088 K 12,060 K Symantec Service Framework Symantec Corporation
ccSvcHst.exe 3932 1.35 83,880 K 18,580 K
RegSrvc.exe 2240 2,428 K 6,864 K Intel(R) PROSet/Wireless Registry Service Intel(R) Corporation
RNowSvc.exe 2272 2,544 K 4,992 K Windows Service App Roxio
SeaPort.EXE 2320 4,412 K 9,668 K
svchost.exe 2368 2,096 K 6,356 K Host Process for Windows Services Microsoft Corporation
WLIDSVC.EXE 2404 < 0.01 7,008 K 15,836 K
WLIDSVCM.EXE 2500 1,556 K 3,524 K
obexsrv.exe 2432 2,860 K 7,008 K Bluetooth OBEX Service Intel Corporation
HPAuto.exe 2580 3,424 K 1,752 K HP Usage Improvement Tracking Hewlett-Packard
svchost.exe 3324 2,624 K 6,236 K Host Process for Windows Services Microsoft Corporation
taskhost.exe 3736 8,436 K 9,820 K Host Process for Windows Tasks Microsoft Corporation
mediasrv.exe 4040 < 0.01 4,076 K 7,788 K Bluetooth Media Service Intel Corporation
iPodService.exe 1104 0.01 3,396 K 7,876 K iPodService Module (64-bit) Apple Inc.
SearchIndexer.exe 4812 < 0.01 36,120 K 19,900 K Microsoft Windows Search Indexer Microsoft Corporation
wmpnetwk.exe 4220 0.02 13,360 K 14,836 K Windows Media Player Network Sharing Service Microsoft Corporation
svchost.exe 3892 0.72 11,308 K 14,656 K Host Process for Windows Services Microsoft Corporation
mscorsvw.exe 976 7,844 K 13,084 K .NET Runtime Optimization Service Microsoft Corporation
IAStorDataMgrSvc.exe 7084 0.03 18,816 K 16,452 K IAStorDataSvc Intel Corporation
LMS.exe 204 0.01 2,556 K 4,920 K Local Manageability Service Intel Corporation
mbamservice.exe 2352 110,588 K 53,452 K Malwarebytes Anti-Malware Malwarebytes Corporation
PresentationFontCache.exe 3712 32,752 K 26,412 K PresentationFontCache.exe Microsoft Corporation
UNS.exe 6528 3,172 K 7,348 K User Notification Service Intel Corporation
OSPPSVC.EXE 2312 5,060 K 12,812 K
hpqWmiEx.exe 4508 4,064 K 8,888 K hpqwmiex Module Hewlett-Packard Company
hpCMSrv.exe 4724 3,500 K 8,016 K HP Connection Manager Service Hewlett-Packard Development Company L.P.
taskhost.exe 5608 7,416 K 14,036 K
lsass.exe 728 10,184 K 17,868 K Local Security Authority Process Microsoft Corporation
lsm.exe 736 3,108 K 4,740 K
csrss.exe 628 0.41 3,216 K 29,644 K
winlogon.exe 668 3,108 K 7,216 K
explorer.exe 3824 0.01 35,688 K 57,484 K Windows Explorer Microsoft Corporation
igfxtray.exe 3080 3,048 K 7,300 K igfxTray Module Intel Corporation
hkcmd.exe 3192 2,804 K 7,092 K hkcmd Module Intel Corporation
igfxpers.exe 3212 3,152 K 8,088 K persistence Module Intel Corporation
sttray64.exe 3224 8,976 K 19,612 K IDT PC Audio IDT, Inc.
SynTPEnh.exe 3236 < 0.01 12,500 K 18,728 K Synaptics TouchPad Enhancements Synaptics Incorporated
SynTPHelper.exe 4836 1,580 K 3,716 K
iFrmewrk.exe 3280 10,668 K 22,380 K Intel(R) PROSet/Wireless Framework Intel(R) Corporation
rundll32.exe 3292 3,280 K 9,892 K Windows host process (Rundll32) Microsoft Corporation
sidebar.exe 3360 9,836 K 26,420 K Windows Desktop Gadgets Microsoft Corporation
procexp.exe 1560 2,160 K 7,100 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
procexp64.exe 6544 1.55 23,912 K 41,776 K Sysinternals Process Explorer Sysinternals - www.sysinternals.com
iexplore.exe 360 < 0.01 8,564 K 20,812 K Internet Explorer Microsoft Corporation
iexplore.exe 3532 0.03 97,204 K 113,780 K Internet Explorer Microsoft Corporation
IAStorIcon.exe 4388 < 0.01 47,756 K 44,212 K IAStorIcon Intel Corporation
nusb3mon.exe 4476 0.01 1,788 K 5,380 K USB 3.0 Monitor Renesas Electronics Corporation
AdobeARM.exe 4600 5,492 K 12,572 K Adobe Reader and Acrobat Manager Adobe Systems Incorporated
HPOSD.exe 4636 < 0.01 10,176 K 11,060 K HP On Screen Display Hewlett-Packard Development Company, L.P.
mbamgui.exe 4672 2,872 K 7,560 K Malwarebytes Anti-Malware Malwarebytes Corporation
iTunesHelper.exe 4864 < 0.01 3,792 K 11,516 K iTunesHelper Apple Inc.
jusched.exe 4872 1,216 K 4,408 K Java(TM) Update Scheduler Sun Microsystems, Inc.
MOM.exe 6584 0.01 43,880 K 4,036 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.
CCC.exe 6764 < 0.01 102,600 K 4,564 K Catalyst Control Center: Host application ATI Technologies Inc.
hpCaslNotification.exe 812 31,712 K 9,596 K hpCaslNotification Hewlett-Packard Development Company L.P.
ielowutil.exe 4168 1,448 K 528 K Internet Low-Mic Utility Tool Microsoft Corporation

0

The previous list didn't format properly so here it is again in proper format.

Thanks again
Claudia

Process PID CPU Private Bytes   Working Set Description Company Name
System Idle Process 0   91.60   0 K 24 K        
System  4   0.26    320 K   12,672 K        
 Interrupts n/a 1.32    0 K 0 K Hardware Interrupts and DPCs    
 smss.exe   352     560 K   1,208 K     
csrss.exe   488 < 0.01   2,416 K 4,832 K     
 conhost.exe    1636        1,076 K 2,788 K     
wininit.exe 604     1,688 K 4,580 K     
 services.exe   712     6,384 K 10,820 K        
  svchost.exe   844 0.03    4,512 K 10,172 K    Host Process for Windows Services   Microsoft Corporation
   unsecapp.exe 2696        2,124 K 5,648 K     
   WmiPrvSE.exe 2992    0.04    5,696 K 11,576 K        
   BioMonitor.exe   4140        1,488 K 4,916 K BioMonitor  HP
   btplayerctrl.exe 4344        2,360 K 5,800 K Bluetooth Media Player Controller   Intel Corporation
   unsecapp.exe 4380        2,212 K 6,316 K Sink to receive asynchronous callbacks for WMI client application   Microsoft Corporation
   BingBar.exe  5696        3,352 K 8,384 K Bing Client Extensions  Microsoft Corporation.
   BingApp.exe  4272        1,648 K 5,988 K Bing Client Application Process Microsoft Corporation.
   dllhost.exe  5308        2,816 K 7,384 K     
   FlashUtil10n_ActiveX.exe 3276        1,652 K 5,652 K Adobe® Flash® Player Installer/Uninstaller 10.2 r152    Adobe Systems, Inc.
  TrueSuiteService.exe  908     1,840 K 5,388 K HP Service  HP
   TouchControl.exe 3960        4,472 K 13,020 K    TouchControl    HP
  svchost.exe   968 0.02    7,220 K 11,568 K    Host Process for Windows Services   Microsoft Corporation
  atiesrxx.exe  136     1,736 K 4,472 K AMD External Events Service Module  AMD
   atieclxx.exe 1452        2,672 K 6,900 K     
  svchost.exe   548 0.10    21,424 K    25,328 K    Host Process for Windows Services   Microsoft Corporation
  svchost.exe   384     180,240 K   190,864 K   Host Process for Windows Services   Microsoft Corporation
   WUDFHost.exe 1380    < 0.01   7,928 K 7,676 K     
   wlanext.exe  1628        9,512 K 19,388 K        
   dwm.exe  3800    1.06    65,624 K    52,828 K    Desktop Window Manager  Microsoft Corporation
  svchost.exe   952 0.73    38,164 K    56,836 K    Host Process for Windows Services   Microsoft Corporation
   taskeng.exe  5856        2,508 K 6,672 K Task Scheduler Engine   Microsoft Corporation
    YCMMirage.exe   6052    < 0.01   1,728 K 632 K   YouCam Mirage   CyberLink
  stacsv64.exe  1040    0.01    12,868 K    9,224 K IDT PC Audio    IDT, Inc.
  svchost.exe   1232    0.03    10,788 K    18,216 K    Host Process for Windows Services   Microsoft Corporation
  hpservice.exe 1332    < 0.01   1,888 K 4,804 K HpService   Hewlett-Packard Company
  svchost.exe   1540    0.02    26,512 K    31,116 K    Host Process for Windows Services   Microsoft Corporation
  spoolsv.exe   1720        7,656 K 13,640 K    Spooler SubSystem App   Microsoft Corporation
  svchost.exe   1760        3,020 K 6,892 K Host Process for Windows Services   Microsoft Corporation
  svchost.exe   1796    0.01    25,800 K    29,716 K    Host Process for Windows Services   Microsoft Corporation
  AESTSr64.exe  1884        1,324 K 2,928 K Andrea filters APO access service (64-bit)  Andrea Electronics Corporation
  AppleMobileDeviceService.exe  1912    0.01    3,216 K 9,440 K MobileDeviceService Apple Inc.
  devmonsrv.exe 1940        2,600 K 6,652 K Bluetooth Device Monitor    Intel Corporation
  mDNSResponder.exe 1996        2,716 K 6,148 K Bonjour Service Apple Inc.
  svchost.exe   2032        1,840 K 4,804 K Host Process for Windows Services   Microsoft Corporation
  EvtEng.exe    1252        9,820 K 17,392 K    Intel(R) PROSet/Wireless Event Log Service  Intel(R) Corporation
  ezSharedSvcHost.exe   1816    < 0.01   1,540 K 5,216 K     
  svchost.exe   2056    0.50    8,116 K 35,096 K    Host Process for Windows Services   Microsoft Corporation
  HPClientServices.exe  2088        3,988 K 8,128 K HP Client Services  Hewlett-Packard Company
  HPWMISVC.exe  2132        3,432 K 8,232 K HP Quick Launch WMI Service Hewlett-Packard Development Company, L.P.
  ccSvcHst.exe  2192    0.05    29,088 K    12,060 K    Symantec Service Framework  Symantec Corporation
   ccSvcHst.exe 3932    1.35    83,880 K    18,580 K        
  RegSrvc.exe   2240        2,428 K 6,864 K Intel(R) PROSet/Wireless Registry Service   Intel(R) Corporation
  RNowSvc.exe   2272        2,544 K 4,992 K Windows Service App Roxio
  SeaPort.EXE   2320        4,412 K 9,668 K     
  svchost.exe   2368        2,096 K 6,356 K Host Process for Windows Services   Microsoft Corporation
  WLIDSVC.EXE   2404    < 0.01   7,008 K 15,836 K        
   WLIDSVCM.EXE 2500        1,556 K 3,524 K     
  obexsrv.exe   2432        2,860 K 7,008 K Bluetooth OBEX Service  Intel Corporation
  HPAuto.exe    2580        3,424 K 1,752 K HP Usage Improvement Tracking   Hewlett-Packard
  svchost.exe   3324        2,624 K 6,236 K Host Process for Windows Services   Microsoft Corporation
  taskhost.exe  3736        8,436 K 9,820 K Host Process for Windows Tasks  Microsoft Corporation
  mediasrv.exe  4040    < 0.01   4,076 K 7,788 K Bluetooth Media Service Intel Corporation
  iPodService.exe   1104    0.01    3,396 K 7,876 K iPodService Module (64-bit) Apple Inc.
  SearchIndexer.exe 4812    < 0.01   36,120 K    19,900 K    Microsoft Windows Search Indexer    Microsoft Corporation
  wmpnetwk.exe  4220    0.02    13,360 K    14,836 K    Windows Media Player Network Sharing Service    Microsoft Corporation
  svchost.exe   3892    0.72    11,308 K    14,656 K    Host Process for Windows Services   Microsoft Corporation
  mscorsvw.exe  976     7,844 K 13,084 K    .NET Runtime Optimization Service   Microsoft Corporation
  IAStorDataMgrSvc.exe  7084    0.03    18,816 K    16,452 K    IAStorDataSvc   Intel Corporation
  LMS.exe   204 0.01    2,556 K 4,920 K Local Manageability Service Intel Corporation
  mbamservice.exe   2352        110,588 K   53,452 K    Malwarebytes Anti-Malware   Malwarebytes Corporation
  PresentationFontCache.exe 3712        32,752 K    26,412 K    PresentationFontCache.exe   Microsoft Corporation
  UNS.exe   6528        3,172 K 7,348 K User Notification Service   Intel Corporation
  OSPPSVC.EXE   2312        5,060 K 12,812 K        
  hpqWmiEx.exe  4508        4,064 K 8,888 K hpqwmiex Module Hewlett-Packard Company
  hpCMSrv.exe   4724        3,500 K 8,016 K HP Connection Manager Service   Hewlett-Packard Development Company L.P.
  taskhost.exe  5608        7,416 K 14,036 K        
 lsass.exe  728     10,184 K    17,868 K    Local Security Authority Process    Microsoft Corporation
 lsm.exe    736     3,108 K 4,740 K     
csrss.exe   628 0.41    3,216 K 29,644 K        
winlogon.exe    668     3,108 K 7,216 K     
explorer.exe    3824    0.01    35,688 K    57,484 K    Windows Explorer    Microsoft Corporation
 igfxtray.exe   3080        3,048 K 7,300 K igfxTray Module Intel Corporation
 hkcmd.exe  3192        2,804 K 7,092 K hkcmd Module    Intel Corporation
 igfxpers.exe   3212        3,152 K 8,088 K persistence Module  Intel Corporation
 sttray64.exe   3224        8,976 K 19,612 K    IDT PC Audio    IDT, Inc.
 SynTPEnh.exe   3236    < 0.01   12,500 K    18,728 K    Synaptics TouchPad Enhancements Synaptics Incorporated
  SynTPHelper.exe   4836        1,580 K 3,716 K     
 iFrmewrk.exe   3280        10,668 K    22,380 K    Intel(R) PROSet/Wireless Framework  Intel(R) Corporation
 rundll32.exe   3292        3,280 K 9,892 K Windows host process (Rundll32) Microsoft Corporation
 sidebar.exe    3360        9,836 K 26,420 K    Windows Desktop Gadgets Microsoft Corporation
 procexp.exe    1560        2,160 K 7,100 K Sysinternals Process Explorer   Sysinternals - www.sysinternals.com
  procexp64.exe 6544    1.55    23,912 K    41,776 K    Sysinternals Process Explorer   Sysinternals - www.sysinternals.com
 iexplore.exe   360 < 0.01   8,564 K 20,812 K    Internet Explorer   Microsoft Corporation
  iexplore.exe  3532    0.03    97,204 K    113,780 K   Internet Explorer   Microsoft Corporation
IAStorIcon.exe  4388    < 0.01   47,756 K    44,212 K    IAStorIcon  Intel Corporation
nusb3mon.exe    4476    0.01    1,788 K 5,380 K USB 3.0 Monitor Renesas Electronics Corporation
AdobeARM.exe    4600        5,492 K 12,572 K    Adobe Reader and Acrobat Manager    Adobe Systems Incorporated
HPOSD.exe   4636    < 0.01   10,176 K    11,060 K    HP On Screen Display    Hewlett-Packard Development Company, L.P.
mbamgui.exe 4672        2,872 K 7,560 K Malwarebytes Anti-Malware   Malwarebytes Corporation
iTunesHelper.exe    4864    < 0.01   3,792 K 11,516 K    iTunesHelper    Apple Inc.
jusched.exe 4872        1,216 K 4,408 K Java(TM) Update Scheduler   Sun Microsystems, Inc.
MOM.exe 6584    0.01    43,880 K    4,036 K Catalyst Control Center: Monitoring program Advanced Micro Devices Inc.
 CCC.exe    6764    < 0.01   102,600 K   4,564 K Catalyst Control Center: Host application   ATI Technologies Inc.
hpCaslNotification.exe  812     31,712 K    9,596 K hpCaslNotification  Hewlett-Packard Development Company L.P.
ielowutil.exe   4168        1,448 K 528 K   Internet Low-Mic Utility Tool   Microsoft Corporation
1

Hi Claudia,

The log doesn't show any obvious culprit. If a separate program is launching IE, it is not showing.
I doubt it is malware, but let's try one more scan:
Please run the ESET Online Scanner and post the scanlog for me.

If that comes back completely clean, you can try a couple more things:
-- Reset IE as per the linky and see if that stops the problem. I suggest using doing this manually as per the linky rather than downloading the automated fix.
-- If that fails, please Install Firefox and be sure to set Firefox as your Default Browser.
Then, let me know if IE still opens by itself (or, if Firefox opens by itself) and we'll go from there.

Cheers :)
PP

Edited by PhilliePhan

0

So tired to run the ESET Online Scanner but when it hit up against a file during the scan that caused Iexplorer to launch it didn't complete the scan and now it's telling me in cannot download updates and to check my proxy settings.

However while searching through my programs I discovered that I have two Internet Explorer icons on under Computer\Local Disk(C:)\Program Files and the other under Computer\Local Disk (C:)\Program Files (x86).

Could this be the problem? Also recently my HP Connection Manager has been given me an error message when it tries to launch. I Not really sure what the program does but perhaps this is causing an issue or has been comprised.

0

However while searching through my programs I discovered that I have two Internet Explorer icons on under Computer\Local Disk(C:)\Program Files and the other under Computer\Local Disk (C:)\Program Files (x86).

That is normal for your computer (64-bit Win7). No worries there.

Also recently my HP Connection Manager has been given me an error message when it tries to launch. I Not really sure what the program does but perhaps this is causing an issue or has been comprised.

I do not know - I do not think it is part of the problem. What is the error message?

when it hit up against a file during the scan that caused Iexplorer to launch it didn't complete the scan
Did you see what file that was? That would help if we could pin it down.

Let's also go ahead and run combofix and see what shakes out.
Please follow the steps in this linky very carefully and run combofix as it directs.
Please post the resulting log for me and we'll work from there. Let me know if you run into any problems along the way.

PP:)

Edited by PhilliePhan

0

Sorry but I've been away and just got a chance to run combofix. Below is the log that was created. After Combofix was completed the system rebooted and when I tried to access the internet it told me that IE wasn't available as it was scheduled to be deleted. This morning when I turned the computer on, IE was available again.

ComboFix 12-06-15.06 - Claudia 06/15/2012  21:07:55.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6092.4084 [GMT -4:00]
Running from: c:\users\Claudia\Downloads\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
(((((((((((((((((((((((((   Files Created from 2012-05-16 to 2012-06-16  )))))))))))))))))))))))))))))))
.
.
2012-06-16 01:02 . 2012-06-16 01:02 --------    d-----w-    c:\program files\iTunes
2012-06-16 01:02 . 2012-06-16 01:02 --------    d-----w-    c:\program files (x86)\iTunes
2012-06-16 01:02 . 2012-06-16 01:02 --------    d-----w-    c:\program files\iPod
2012-06-11 00:22 . 2009-07-14 01:41 258048  ----a-w-    c:\windows\system32\Spool\prtprocs\x64\hpfppw73.dll
2012-06-10 21:25 . 2012-06-16 00:15 --------    d-----w-    c:\windows\system32\drivers\NISx64\1207000.00D
2012-06-10 20:35 . 2009-05-18 17:17 34152   ----a-w-    c:\windows\system32\drivers\GEARAspiWDM.sys
2012-06-10 20:35 . 2008-04-17 16:12 126312  ----a-w-    c:\windows\system32\GEARAspi64.dll
2012-06-10 20:35 . 2008-04-17 16:12 107368  ----a-w-    c:\windows\SysWow64\GEARAspi.dll
2012-06-10 20:35 . 2012-06-10 20:35 --------    dc----w-    c:\windows\system32\DRVSTORE
2012-06-10 20:35 . 2012-06-10 20:35 --------    d-----w-    c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-06-10 20:35 . 2012-06-10 20:35 --------    d-----w-    c:\programdata\Apple Computer
2012-06-10 20:34 . 2012-06-10 20:34 --------    d-----w-    c:\program files (x86)\Apple Software Update
2012-06-10 20:34 . 2012-06-10 20:34 --------    d-----w-    c:\program files\Common Files\Apple
2012-06-10 20:34 . 2012-06-10 20:34 --------    d-----w-    c:\program files\Bonjour
2012-06-10 20:34 . 2012-06-10 20:34 --------    d-----w-    c:\program files (x86)\Bonjour
2012-06-10 20:34 . 2012-06-16 01:02 --------    d-----w-    c:\program files (x86)\Common Files\Apple
2012-06-10 20:34 . 2012-06-10 20:34 --------    d-----w-    c:\programdata\Apple
2012-06-10 20:25 . 2012-06-10 20:25 --------    d-----w-    c:\program files (x86)\Microsoft Synchronization Services
2012-06-10 20:25 . 2012-06-10 20:25 --------    d-----w-    c:\program files (x86)\Microsoft.NET
2012-06-10 20:25 . 2012-06-10 20:25 --------    d-----w-    c:\program files (x86)\Microsoft Sync Framework
2012-06-10 20:23 . 2012-06-10 20:23 --------    d-----w-    c:\program files (x86)\Microsoft Visual Studio 8
2012-06-10 20:23 . 2012-06-10 20:23 --------    d-----w-    c:\program files (x86)\Microsoft Analysis Services
2012-06-10 20:22 . 2012-06-10 20:26 --------    d-----w-    c:\windows\SHELLNEW
2012-06-10 20:22 . 2012-06-10 20:29 --------    d-----w-    c:\programdata\Microsoft Help
2012-06-10 20:22 . 2012-06-10 20:22 --------    d-----r-    C:\MSOCache
2012-06-10 19:58 . 2012-06-10 19:58 --------    d-----w-    c:\program files (x86)\Common Files\Java
2012-06-10 19:58 . 2012-06-10 19:58 476960  ----a-w-    c:\windows\SysWow64\npdeployJava1.dll
2012-06-10 19:58 . 2012-06-10 19:58 --------    d-----w-    c:\program files (x86)\Java
2012-06-10 19:39 . 2012-01-25 06:38 77312   ----a-w-    c:\windows\system32\rdpwsx.dll
2012-06-10 19:39 . 2012-01-25 06:38 149504  ----a-w-    c:\windows\system32\rdpcorekmts.dll
2012-06-10 19:39 . 2012-01-25 06:33 9216    ----a-w-    c:\windows\system32\rdrmemptylst.exe
2012-06-10 19:39 . 2012-02-17 06:38 1031680 ----a-w-    c:\windows\system32\rdpcore.dll
2012-06-10 19:39 . 2012-02-17 05:34 826880  ----a-w-    c:\windows\SysWow64\rdpcore.dll
2012-06-10 19:39 . 2012-02-17 04:58 210944  ----a-w-    c:\windows\system32\drivers\rdpwd.sys
2012-06-10 19:39 . 2012-02-17 04:57 23552   ----a-w-    c:\windows\system32\drivers\tdtcp.sys
2012-06-10 19:38 . 2012-06-10 19:46 --------    d-----w-    c:\users\Claudia
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-10 20:02 . 2011-09-27 02:37 174200  ----a-w-    c:\windows\system32\drivers\SYMEVENT64x86.SYS
2012-06-10 19:58 . 2011-06-21 19:44 472864  ----a-w-    c:\windows\SysWow64\deployJava1.dll
2012-06-10 19:39 . 2010-06-24 18:33 19736   ----a-w-    c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-15 336384]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-02-15 94264]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2011-01-25 75048]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2010-11-09 586296]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-16 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-16 932288]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-03-16 61112]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-01-27 318520]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ    kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 CLKMSVC10_38F51D56;CyberLink Product - 2011/09/26 19:41;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-01-25 241648]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-01-24 1298496]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 hpCMSrv;HP Connection Manager 4.0 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-02-15 1071160]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-12-28 31124344]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-02-04 340240]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1207000.00D\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1207000.00D\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120531.001\BHDrvx64.sys [2012-06-01 1160824]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120608.001\IDSvia64.sys [2012-06-08 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1207000.00D\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1207000.00D\SYMNETS.SYS [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-01-24 901184]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-01-24 991296]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-02-18 265544]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-02-28 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe [2011-04-17 130008]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_38F51D56
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-03-11 1128448]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-02-04 1933584]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-01-24 10355200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{E92D47A1-D27D-430A-8368-0BAFD956507D} - c:\program files (x86)\InstallShield Installation Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\18.7.0.13\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\18.7.0.13\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2012-06-15  21:16:12 - machine was rebooted
ComboFix-quarantined-files.txt  2012-06-16 01:16
.
Pre-Run: 670,324,387,840 bytes free
Post-Run: 669,938,925,568 bytes free
.
- - End Of File - - 4E050BFD51BFD3BDA689AB43A613063D
0

Hi Claudia,

I do not see anything there that could be responsible for your IE issues.
-- Please follow the steps in the linky below to remove combofix from your machine:
Uninstall Combofix
Let me know if you have any trouble with this since you did not run combofix from the Desktop.

Have you tried any of my other suggestions? If not, give these a go:
Reset IE as per the linky and see if that helps. I suggest doing this manually as per the link rather than downloading the automated fix.

If that fails, Install Firefox and make sure it is set as your default browser and then let me know if IE still opens on its own or whether Firefox now opens on its own.

Cheers :)
PP

Edited by PhilliePhan

0

I tried uninstalling Combofix as directed in the link but my computer is not showing any uninstall file. Is there another way to delete it from my system?

I've installed Firefox and it seems to work faster than IE has been operating and I'll let you know how it goes after using it for a while. Hopefully I won't be having anymore issues with IE.

Thanks again for all your help! :-)

0

Thanks again for all your help! :-)

Happy to try to help! :)
I definitely prefer Firefox / Opera / Chrome or any other alternative browser to IE. I like Firefox the best as far as being able to customize it with a million add-ons.

Unfortunately, switching browsers is not really a solution to the problem.
Let me know if IE keeps opening on its own or if Firefox starts exhibiting this behavior.

-- Did you get any error message when uninstalling combofix?

PP :)

Edited by PhilliePhan

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.