Thank you for your time,,I really appreciate it.
Your welcome
First please disable Avira as instructed previously.
Next.
ComboFix - CFScript
This script is for this user and computer ONLY! Using this tool incorrectly could cause problems with your operating system... preventing it from ever starting again!
You will not have Internet access when you execute ComboFix. All open windows will need to be closed!
- Please open Notepad and copy/paste all the text below... into the window:
- Code: Select all
AWF:: c:\hp\drivers\hplsbwatcher\bak c:\program files\Common Files\Symantec Shared\bak c:\program files\Common Files\Symantec Shared\Security Center\bak c:\program files\Hewlett-Packard\HP Boot Optimizer\bak c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\bak c:\program files\HP\HP Software Update\bak c:\program files\Panicware\Pop-Up Stopper Free Edition\bak c:\program files\Philips\Philips Device Manager\bin\bak c:\program files\Philips\Philips Lime Service\bin\bak c:\program files\QuickTime\bak c:\windows\system32\bak File:: c:\windows\system32\drivers\lqezni.sys c:\windows\system32\sys64_nov.exe c:\documents and settings\HP_Owner\sys64_nov.exe c:\windows\system32\CustomEvents.dll c:\windows\aaceeg.tmp c:\windows\Tasks\At23.job c:\windows\system32\Event Agent\bin\smss .exe c:\windows\system32\Event Agent\Bin\spoolsv .exe c:\windows\system32\Event Agent\lsass .exe c:\windows\system32\Event Agent\Bin\services .exe Folder:: c:\documents and settings\HP_Owner\Application Data\AVG8 c:\program files\Coupons c:\documents and settings\All Users\Application Data\Symantec c:\program files\Common Files\Symantec Shared c:\program files\Symantec Driver:: zgvldmpsnivf Registry:: [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Event Agent] "c:\windows\system32\CustomEvents.dll"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "sys64_nov"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "sys64_nov"=- Firefox:: c:\documents and settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\kbl8dbm6.default\extensions\letssyncpublisher@letssync.com
- Save it to your desktop as CFScript.txt
- Please disable any Antivirus or Firewall you have active, as shown in this topic. Please close all open application windows.
*Only* when the 2 items above (Step 3) have been taken care of... - Drag the CFScript.txt (icon) into the ComboFix.exe icon... as seen in the image below:
This will cause ComboFix to run again.
Do Not use your keyboard or mouse click anywhere in the ComboFix window, as this may cause the program to stall or crash.
Do Not touch your computer when ComboFix is running! - When finished ComboFix will create a log file... you can save this file to a convenient place.
** Enable your Antivirus and Firewall, before connecting to the Internet again! **
In your next reply.
1. ComboFix log.