Diab Soule

Here I have a combo fix log if that is needed to review first. ComboFix 14-08-19.01 - Timelord 08/20/2014 19:06:54.13.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1900.852 [GMT -5:00] Running from: c:\users\Timelord\Desktop\more ing time pent on security issues tuesday\ComboFix.exe AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289} FW: ESET Personal firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2} SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} SP: Windows Defender *Disabled/Updated* {D

I have discovered that PUM.homepage has been screwing up my browser. Steps to remove this would be greatly appreciated. Thanks again

I ran rogue killer of the problem. Now I am unable to use security when I go in to properties. Trusted installer is locking me out of any kind of mod and/or regenerates itself hidden. Effectively keeping me from doing a complete re-install.with all traces removed. Tried taking ownership.........SURVEY SAYS.......baaaaah X. Changing Permissions..........SURVEY SAYS........baaaaaaaaaaaah X. Need a correct answer or strike 3. lol........Need any type of logs?

when I ran rogue killer it picked up some registry problems that were disabling things. Information I have gathered from others having same issues is that it may be registry edit virus and/or asterisk logger trying to nab my passwords. I am also getting the message: ERROR communicating with Kernel! I tried using eset's solution but it didn't help. [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001..........................example Today when I log on Windows Media Center has made its way to my tray and is running. starts in:%windir%\ehome target:%win

Hello, I have tried all I know to do before seeking help. My HIPS log contains the following: 8/12/2014 9:55:34 PM C:\Windows\System32\services.exe Modify startup settings HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TrustedInstaller\Start allowed Automatic mode 8/12/2014 10:03:36 PM C:\Windows\System32\services.exe Modify startup settings HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\efavdrv\Start allowed Automatic mode 8/12/2014 10:40:08 PM C:\Windows\System32\services.exe Modify startup settings HKEY_LOCAL_MACHINE\SYSTEM

thanks......all is good now

Ditto--------have received notice 5 times today