I followed the 6 steps, unfortunately, Malwarebytes won't scan, GMR will not complete scanning, although it does start and get going, but then it just shuts off and disappears. The main problem is i cannot make any changes to HJT in terms of renaming or uninstalling it, which to me indicates that the virus in some form is still present.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. As far what I have for anti-virus, I have avg and zonealarm currently running.

Which leads to me asking for help here. If this is an issue or makes it difficult for you -- please tell your helper. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus. Since I don't have any information for your system, hopefully the following will include enough for now: If you have AVG on the system, Combofix will not run so it has It's 100% free. There are 3 different versions.

C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. ! ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Internet Explorer\iexplore.exe[340] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215501 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) To learn more and to read the lawsuit, click here. However, when I attempt to update Malwarebytes I receive the following error:PROGRAM_ERROR_UPDATING (5,0, CreateFile)Access Denied. After reading some forum posts, I have tried the following attempts to clean the computer.Initially, Avira AntiVir alerted the following:Virus or unwanted program 'TR/Rootkit.Gen [trojan]'C:\Windows\System32\spool\prtprocs\w32x86\625F93F.tmp.C:\Windows\System32\spool\prtprocs\w32x86\2162F.tmpC:\Windows\System32\drivers\579711D.sys.C:\Windows\System32\drivers\6263E8.tmp.C:\Windows\System32\drivers\1324E9C.sysC:\Windows\System32\drivers\2233E8.tmpC:\Users\liz\AppData\Local\Temp\ldr2220.tmpC:\Users\liz\AppData\Local\Temp\ldr3e4a.tmpC:\Users\liz\AppData\Local\Temp\-213E8.tmpC:\Users\liz\AppData\Local\Temp\ldr3e3b.tmpThe files 'C:\Users\liz\AppData\Local\Temp\ldr3e4a.tmp' & C:\Users\liz\AppData\Local\Temp\ldr224f.tmcontained a virus

A log file called exehelperlog.txt will be created and should open at the end of the scan) A copy of that log will also be saved in the directory where you AV: AVG Internet Security 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} FW: AVG Firewall *Disabled* .

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: http://www.techspot.com/community/topics/google-redirect-also-unable-to-access-exe-files-programs.171402/ The time now is 11:24 AM. -- Mobile_Default -- TSF - v2.0 -- TSF - v1.0 Contact Us - Tech Support Forum - Site Map - Community Rules - Terms of I appreciate it. R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [9/28/2011 8:17 AM 136360] R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [7/16/2010 7:20 AM 10384] R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [4/18/2008 8:59 AM 24652] S2 gupdate1c98c5478f66548;Google Update Service

I have already ran Malwarebytes and nothing was found . If AVG is on system, uninstall it, get temporary AV.

Malware found just in that location is no longer active in the system. Please download exeHelper by Raktor and save it to your desktop.

Sometimes a rootkit will prevent some security scans from running. ======================================== Summary: Run Combofix. If you are unable to create a log because your computer cannot start up successfully please provide detailed information about the Windows version you are using: What we in particular need Checking for numerical processes...

Read my instructions carefully. Try What the Tech -- It's free! Rkill.com Rkill.scr Rkill.exe Double-click on the Rkill desktop icon to run the tool. Boot mode: Normal Running processes: C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files\Hp\HP Software Update\hpwuschd2.exe C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe C:\Program Files\Microsoft

It will allow you to boot up into a special recovery/repair mode if needed. **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal If the removal leaves you with no AV, use one of the following:>> Temporary AV: Use one: Avira-AntiVir-Personal-Free-Antivirus Avast Free Version

Then download the current version and do the scan: Uninstall directions, if needed Click START> then RUN Now type Combofix /Uninstall in the runbox and click OK.