Menda

Thank you for all your help. Yes, I have changed all my current passwords. I thank you for the valuable information and I will definitely read those guides you have provided. You may close this.

My apologies, I thought it would be easier to read in Code tags. ComboFix 10-12-09.04 - Michael J 11/12/2010 12:05:56.2.6 - x86 Microsoft Windows 7 Professional 6.1.7600.0.1252.61.1033.18.3327.1872 [GMT 11:00] Running from: c:\users\Michael J\Desktop\ComboFix.exe SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7} * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_monitor ((((((((((((((((((((((((( Files Created from 2010-11-11 to 2010-12-11 ))))))))))))))))))))))))))))))) . 2010-12-11 01:10 . 2010-12-11 01:10 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-12-11 01:05 . 2010-12-11 01:05 -------- d-----w- C:\32788R22FWJFW 2010-12-10 22:31 . 2010-12-10 22:31 -------- d-----w- c:\windows\en 2010-12-10 22:28 . 2010-12-10 22:28 -------- dc----w- c:\windows\system32\DRVSTORE 2010-12-10 22:28 . 2010-09-22 13:21 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2010-12-10 22:25 . 2010-12-10 22:25 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2010-12-10 22:18 . 2010-12-10 22:18 -------- d-----w- c:\program files\MSN Toolbar 2010-12-10 22:18 . 2010-12-10 22:18 -------- d-----w- c:\program files\Bing Bar Installer 2010-12-10 22:18 . 2010-12-10 22:18 469256 ----a-w- c:\program files\Common Files\Windows Live\.cache\2d5114411cb98b807\InstallManager_WLE_WLE.exe 2010-12-10 22:18 . 2010-12-10 22:18 15712 ----a-w- c:\program files\Common Files\Windows Live\.cache\1f01ff4f1cb98b806\MeshBetaRemover.exe 2010-12-10 22:18 . 2010-12-10 22:18 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\1be8a5c11cb98b805\DSETUP.dll 2010-12-10 22:18 . 2010-12-10 22:18 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\1be8a5c11cb98b805\DXSETUP.exe 2010-12-10 22:18 . 2010-12-10 22:18 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\1be8a5c11cb98b805\dsetup32.dll 2010-12-10 22:17 . 2010-12-10 22:17 94040 ----a-w- c:\program files\Common Files\Windows Live\.cache\16f7c62b1cb98b804\DSETUP.dll 2010-12-10 22:17 . 2010-12-10 22:17 525656 ----a-w- c:\program files\Common Files\Windows Live\.cache\16f7c62b1cb98b804\DXSETUP.exe 2010-12-10 22:17 . 2010-12-10 22:17 1691480 ----a-w- c:\program files\Common Files\Windows Live\.cache\16f7c62b1cb98b804\dsetup32.dll 2010-12-10 22:17 . 2010-12-10 22:17 -------- d-----w- c:\program files\Microsoft Silverlight 2010-12-10 22:17 . 2010-12-10 22:17 6260088 ----a-w- c:\program files\Common Files\Windows Live\.cache\e392e841cb98b803\Silverlight.4.0.exe 2010-12-10 22:17 . 2010-08-11 04:44 2983424 ----a-w- c:\windows\system32\UIRibbon.dll 2010-12-10 22:17 . 2010-08-11 04:35 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll 2010-12-10 22:17 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL 2010-12-10 22:17 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll 2010-12-10 22:17 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll 2010-12-10 22:16 . 2010-12-10 23:06 -------- d-----w- c:\users\Michael J\AppData\Local\Windows Live 2010-12-06 07:58 . 2010-12-06 07:58 -------- d-----w- c:\windows\system32\xlive 2010-12-06 07:58 . 2010-12-06 07:58 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2010-12-05 07:36 . 2010-12-06 06:17 -------- d-----w- c:\users\Michael J\AppData\Roaming\Systweak 2010-12-05 07:36 . 2010-12-06 06:17 -------- d-----w- c:\programdata\Systweak 2010-12-05 06:49 . 2010-12-05 06:49 -------- d-----w- c:\programdata\IObit 2010-12-05 06:48 . 2010-12-05 06:48 -------- d-----w- c:\program files\IObit 2010-12-05 03:54 . 2010-12-05 03:54 -------- d-----w- c:\users\Michael J\AppData\Roaming\SUPERAntiSpyware.com 2010-12-05 03:54 . 2010-12-05 03:54 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2010-12-05 03:54 . 2010-12-05 03:54 -------- d-----w- c:\program files\SUPERAntiSpyware 2010-12-01 10:02 . 2010-12-01 10:02 444952 ----a-w- c:\windows\system32\wrap_oal.dll 2010-12-01 10:02 . 2010-12-01 10:02 109080 ----a-w- c:\windows\system32\OpenAL32.dll 2010-12-01 10:02 . 2010-12-01 10:02 -------- d-----w- c:\program files\OpenAL 2010-12-01 05:19 . 2010-12-01 05:19 -------- d-----w- c:\users\Michael J\AppData\Local\Electronic Arts 2010-12-01 05:19 . 2010-12-01 05:19 -------- d-----w- c:\programdata\Electronic Arts 2010-11-26 07:18 . 2010-11-26 07:18 -------- d-----w- c:\users\Michael J\AppData\Roaming\Malwarebytes 2010-11-26 07:18 . 2010-11-29 06:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-11-26 07:18 . 2010-11-29 06:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-11-26 07:18 . 2010-11-26 07:18 -------- d-----w- c:\programdata\Malwarebytes 2010-11-26 07:18 . 2010-12-04 23:57 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-11-26 05:30 . 2010-11-26 05:30 -------- d-----w- c:\program files\Hand-Crafted Software 2010-11-26 05:27 . 2010-11-26 05:29 -------- d-----w- c:\users\Michael J\AppData\Roaming\JonDo 2010-11-26 05:07 . 2010-11-26 05:07 -------- d-----w- c:\users\Michael J\AppData\Roaming\Creative Software 2010-11-25 21:16 . 2010-11-25 21:16 -------- d-----w- c:\program files\S.A.D 2010-11-18 09:56 . 2010-11-26 06:01 -------- d-----w- c:\users\Michael J\AppData\Local\Google . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-08 09:02 . 2010-08-22 09:56 138416 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2010-12-08 09:02 . 2010-08-31 09:58 268720 ----a-w- c:\windows\system32\PnkBstrB.xtr 2010-12-08 09:02 . 2010-08-22 09:55 268720 ----a-w- c:\windows\system32\PnkBstrB.exe 2010-12-08 09:01 . 2010-08-22 09:55 218496 ----a-w- c:\windows\system32\PnkBstrB.ex0 2010-11-19 10:35 . 2010-08-22 09:55 75136 ----a-w- c:\windows\system32\PnkBstrA.exe 2010-11-09 15:54 . 2010-11-09 15:54 49016 ----a-w- c:\windows\system32\sirenacm.dll 2010-11-09 15:28 . 2010-11-09 15:28 301936 ----a-w- c:\windows\WLXPGSS.SCR 2010-10-24 08:15 . 2010-08-22 09:56 138056 ----a-w- c:\users\Michael J\AppData\Roaming\PnkBstrK.sys 2010-10-22 22:26 . 2010-10-05 06:07 2601752 ----a-w- c:\windows\system32\pbsvc_moh.exe 2010-10-15 03:32 . 2010-10-15 03:32 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-10-13 14:36 . 2010-10-13 14:36 15451288 ----a-w- c:\windows\system32\xlive.dll 2010-10-13 14:36 . 2010-10-13 14:36 13642904 ----a-w- c:\windows\system32\xlivefnt.dll 2010-09-21 03:03 . 2010-09-21 03:03 208768 ----a-w- c:\windows\system32\LIVESSP.DLL 2010-09-16 06:55 . 2010-09-16 06:55 176128 ----a-w- c:\windows\system32\atiesrxx.exe 2010-09-16 06:55 . 2010-09-16 06:54 3392000 ----a-w- c:\windows\system32\atiumdva.dll 2010-09-16 06:55 . 2010-09-16 06:55 6380032 ----a-w- c:\windows\system32\drivers\atikmdag.sys 2010-09-16 06:55 . 2010-09-16 06:55 221696 ----a-w- c:\windows\system32\drivers\atikmpag.sys 2010-09-16 06:55 . 2009-10-19 13:12 3914240 ----a-w- c:\windows\system32\atidxx32.dll 2010-09-16 06:55 . 2010-09-16 06:55 30208 ----a-w- c:\windows\system32\atiuxpag.dll 2010-09-16 06:55 . 2010-09-16 06:55 46080 ----a-w- c:\windows\system32\aticalrt.dll 2010-09-16 06:55 . 2010-09-16 06:55 44032 ----a-w- c:\windows\system32\aticalcl.dll 2010-09-16 06:54 . 2010-09-16 06:54 15830016 ----a-w- c:\windows\system32\atioglxx.dll 2010-09-16 06:54 . 2010-09-16 06:54 28160 ----a-w- c:\windows\system32\atiu9pag.dll 2010-09-16 06:54 . 2010-09-16 06:54 19968 ----a-w- c:\windows\system32\atigktxx.dll 2010-09-16 06:54 . 2010-09-16 06:54 43520 ----a-w- c:\windows\system32\ati2edxx.dll 2010-09-16 06:54 . 2010-09-16 06:54 4375552 ----a-w- c:\windows\system32\aticaldd.dll 2010-09-16 06:54 . 2010-09-16 06:54 101904 ----a-w- c:\windows\system32\drivers\AtihdW73.sys 2010-09-16 06:54 . 2010-09-16 06:54 528384 ----a-w- c:\windows\system32\aticfx32.dll 2010-09-16 06:54 . 2010-09-16 06:54 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll 2010-09-16 06:54 . 2010-09-16 06:54 65536 ----a-w- c:\windows\system32\coinst.dll 2010-09-16 06:54 . 2010-09-16 06:54 52736 ----a-w- c:\windows\system32\atimpc32.dll 2010-09-16 06:54 . 2010-09-16 06:54 52736 ----a-w- c:\windows\system32\amdpcom32.dll 2010-09-16 06:54 . 2010-09-16 06:54 12800 ----a-w- c:\windows\system32\atiglpxx.dll 2010-09-16 06:54 . 2010-09-16 06:54 356352 ----a-w- c:\windows\system32\atipdlxx.dll 2010-09-16 06:54 . 2010-09-16 06:54 159744 ----a-w- c:\windows\system32\atitmmxx.dll 2010-09-16 06:54 . 2010-09-16 06:54 11776 ----a-w- c:\windows\system32\atimuixx.dll 2010-09-16 06:54 . 2010-09-16 06:54 278528 ----a-w- c:\windows\system32\Oemdspif.dll 2010-09-16 06:54 . 2010-09-16 06:53 4032512 ----a-w- c:\windows\system32\atiumdag.dll 2010-09-16 06:53 . 2010-09-16 06:53 450560 ----a-w- c:\windows\system32\ATIDEMGX.dll 2010-09-16 06:53 . 2010-09-16 06:53 380928 ----a-w- c:\windows\system32\atieclxx.exe 2010-09-16 06:53 . 2010-09-16 06:53 143360 ----a-w- c:\windows\system32\atiapfxx.exe 2010-09-16 06:53 . 2010-09-16 06:53 241664 ----a-w- c:\windows\system32\atiadlxx.dll 2010-09-14 17:50 . 2010-09-26 01:45 472808 ----a-w- c:\windows\system32\deployJava1.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files\Steam\steam.exe" [2010-11-16 1242448] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-11-09 4240760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720] "UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "RemoteControl8"="c:\program files\CyberLink\PowerDVD8\PDVD8Serv.exe" [2009-04-15 91432] "PDVD8LanguageShortcut"="c:\program files\CyberLink\PowerDVD8\Language\Language.exe" [2009-04-15 50472] "UpdatePPShortCut"="c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-02-17 218408] "LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2008-10-01 548864] "UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2009-09-29 210216] "Arctosa"="c:\program files\Razer\Arctosa\razerhid.exe" [2008-10-06 147456] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-08-12 2215064] "IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-11 1468256] "Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2008-04-04 88584] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-03-17 8546848] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-25 98304] "ATICustomerCare"="c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe" [2010-03-04 311296] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0sasnative32 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-09-20 12:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-09-22 17:47 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)] 2010-11-29 06:42 963976 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware] 2010-11-29 06:42 443728 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 01:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2010-11-22 16:29 2424560 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe R3 BCASPROT;Advanced System Protector;c:\program files\Systweak\Advanced System Protector\sasprot32.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-08-23 1343400] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-10-15 691696] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-09-16 176128] S2 DriveHQ FileManagerFun;DriveHQ FileManagerFun;c:\program files\DriveHQ\DriveHQ FileManager\DHQFMSvc.exe [2009-04-01 45568] S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-08-12 810144] S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2010-07-29 96920] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-11-29 363344] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-09-16 6380032] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-09-16 221696] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2010-09-16 101904] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-11-29 20952] S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2009-06-19 604672] . . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\users\Michael J\AppData\Roaming\Mozilla\Firefox\Profiles\3mxok4nw.default\ FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Extension: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Extension: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} . - - - - ORPHANS REMOVED - - - - HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-3190900179-3420051416-1164175200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" [HKEY_USERS\S-1-5-21-3190900179-3420051416-1164175200-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" [HKEY_USERS\S-1-5-21-3190900179-3420051416-1164175200-1000\Software\SecuROM\License information*] "datasecu"=hex:c5,97,59,20,8b,21,29,f3,5c,01,5c,06,78,e5,12,73,b6,78,58,e0,f1, de,62,b2,ad,d5,ae,4e,6a,d2,1c,63,ff,4a,ef,71,c6,b5,23,af,99,e3,59,fc,b7,76,\ "rkeysecu"=hex:4c,4d,cc,f8,ea,5f,10,02,8c,7d,ee,f9,30,37,0b,02 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'Explorer.exe'(6016) c:\program files\DriveHQ\DriveHQ FileManager\ShellCopyHookDLL.dll c:\program files\DriveHQ\DriveHQ FileManager\LoadStringDll.dll c:\program files\DriveHQ\DriveHQ FileManager\funlib.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\atieclxx.exe c:\windows\system32\PnkBstrA.exe c:\program files\CyberLink\Shared files\RichVideo.exe c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe c:\windows\system32\sppsvc.exe c:\windows\system32\taskhost.exe c:\windows\system32\DllHost.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\\?\c:\windows\system32\wbem\WMIADAP.EXE . ************************************************************************** . Completion time: 2010-12-11 12:16:10 - machine was rebooted ComboFix-quarantined-files.txt 2010-12-11 01:16 Pre-Run: 769,941,434,368 bytes free Post-Run: 769,806,909,440 bytes free - - End Of File - - ACA1AFE4B0BCA2E9CFE24DBD7564AA0A Nothing seems to have been deleted but the taskman registry value no longer appears.

Sorry for the delayed response. Combo fix log as requested: Well my computer is behaving as it normally would. The reason why I am checking for malware is because of the hi-jacking of several email accounts of mine.

I have completed a full system scan, nothing was found.

Unfortunately some accounts of mine have been stolen and I suspect it is because of Malware. I have done several scans with MBAM/ESET but have found nothing. However I recently did a scan with Super Anti-Spyware and I found a malware piece/strand, can be seen here: http://i56.tinypic.com/rm1idz.jpg Here is my HJT log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 4:15:25 PM, on 5/12/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16671) Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe C:\Program Files\lg_fwupdate\fwupdate.exe C:\Program Files\Razer\Arctosa\razerhid.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Steam\Steam.exe C:\Windows\notepad.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Michael J\Downloads\HijackThis(3).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: