OK a bit of malware to clean first.. You are running ESET and Avast (which has been installed in two different places)
Download and Install Combofix Download
ComboFix from one of the following locations:
Link 1 Link 2 VERY IMPORTANT !!! Save ComboFix.exe to your
Desktop *
IMPORTANT -
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link
here - Double click on ComboFix.exe & follow the prompts.
- Accept the disclaimer and allow to update if it asks
- When finished, it shall produce a log for you.
- Please include the C:\ComboFix.txt in your next reply.[/b]
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.Please make sure you include the combo fix log in your next reply as well as describe how your computer is running nowTHENCAUTION : This fix is only valid for this specific machine, using it on another may break your computer and must be run from safe mode Open
notepad and copy/paste the text in the quotebox below into it:
CreateRestorePoint:
HKLM\...\Run: [AvastUI.exe] => "AvastUI.exe" /nogui
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5088456 2015-01-28] (ESET)
HKU\S-1-5-21-3265623674-1887083672-3469687245-1009\...\MountPoints2: {2d435b36-e506-11d9-9b78-e6b009352ae7} - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => ashShell.dll No File
Winsock: Catalog5 01 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 03 mswsock.dll No File ATTENTION: LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 04 mswsock.dll No File
Winsock: Catalog9 05 mswsock.dll No File
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-28] (AVAST Software)
Toolbar: HKU\S-1-5-21-3265623674-1887083672-3469687245-1009 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-29] [not signed]
S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576 2015-01-28] (ESET)
S2 avast! Antivirus; "AvastSvc.exe" [X]
S2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24016 2015-11-20] (AVAST Software)
S2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [81168 2015-11-20] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55200 2015-11-20] (AVAST Software)
S0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49776 2015-11-20] (AVAST Software)
S1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [794952 2015-11-20] (AVAST Software)
S1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [435464 2015-11-20] (AVAST Software)
S3 aswStmXP; C:\WINDOWS\system32\drivers\aswStmXP.sys [167152 2015-11-20] (AVAST Software)
S3 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57888 2015-11-20] (AVAST Software)
S0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [209432 2015-11-20] (AVAST Software)
S1 BANTExt; C:\WINDOWS\System32\Drivers\BANTExt.sys [3840 2013-09-10] () [File not signed]
S1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [193464 2015-01-30] (ESET)
S1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [135808 2015-01-30] (ESET)
R1 epfwtdir; C:\WINDOWS\System32\DRIVERS\epfwtdir.sys [120304 2015-01-30] (ESET)
2015-11-20 18:16 - 2014-11-28 13:19 - 00794952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-11-20 18:16 - 2014-11-28 13:19 - 00435464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-11-20 18:16 - 2014-11-28 13:19 - 00209432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-11-20 18:16 - 2014-11-28 13:19 - 00081168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-11-20 18:16 - 2014-11-28 13:19 - 00057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-11-20 18:16 - 2014-11-28 13:19 - 00055200 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-11-20 18:16 - 2014-11-28 13:19 - 00049776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-11-20 18:16 - 2014-11-28 13:19 - 00024016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-11-20 13:57 - 2010-01-15 17:19 - 00002497 _____ C:\Documents and Settings\HP_Owner\Desktop\Microsoft Word.lnk
2015-11-20 18:17 - 2015-11-20 18:16 - 00167152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStmXP.sys
2015-11-20 18:16 - 2015-11-20 18:16 - 00322760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-11-20 18:16 - 2015-11-20 18:16 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-11-22 09:11 - 2015-11-22 09:11 - 00000000 ____D C:\Program Files\AVAST Software
2015-11-21 20:03 - 2015-11-21 20:03 - 00000000 ____D C:\Program Files\AVAST Software(2)
2015-11-22 10:50 - 2014-11-28 13:20 - 00000368 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
Save this as
fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that