Welcome aboard! 

lets get to it

Download OTL  to your Desktop.

http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Select All Users
• Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
consrv.dll
explorer.exe

netbt.sys

atapi.sys

volsnap.sys

redbook.sys

lsi_sas.sys

lsi_scsi.sys

cdrom*

tcpip.sys
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
C:\Windows\assembly\tmp\U\*.* /s

C:\Program Files\Common Files\ComObjects\*.* /s
CREATERESTOREPOINT

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • attach both logs

 NEXT

Download aswmbr.exe ( 1.8mb ) to your desktop. 

http://public.avast.com/~gmerek/aswMBR.htm
 Double click the aswMBR.exe to run it  Click the "Scan" button to start scan.

• 

• Click the [Scan] button to start scan

  

• On completion of the scan click [Save log], save it to your desktop and post in your next reply.

Hi MK,

Here are the logs

Thanks

Terry

Anyone out there who can help or is Malwarekiller a lone ranger when it comes to fighting the above?

Thanks

Terry

Hi sorry for late response...

Download ComboFix from the any of the locations given in this website:

• • http://www.bleepingcomputer.com/download/anti-viru​s/combofix
    IMPORTANT !!! You need to Save ComboFix.exe to your Desktop
    • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you are still unsure on how to do this, see here
    • Double click on ComboFix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    • If you already have the Recovery Console preinstalled, it will not ask for the following. If it does prompt, allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    
    
    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
    
    
    
    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
    
    
    
    Click Yes, to continue scanning for malware. Please be patient and don't use the PC whilst it is scanning.
    
    When finished, it shall produce a log for you. Please copy & paste the contents of this log (also found at C:\ComboFix.txt) in your next reply at your topic.

Hi Mk,

Thanks for getting back to me. I know you want all current security off before run ComboFix but it is IMPOSSIBLE to completely remove TrendMicro OfficeScan. I have ran the uninstall and then restarted machine. As far as Add/Remove programs and Start Menu Entries and Startup items in MSCONFIG are concerned, it is gone but ComboFix keeps saying that it is still running. So....I ran ComboFix anyway, said that has infected TCP/IP Stack, really difficult to remove blah blah, then done its stuff, restarted, done a load of processes and then said reboot machine again...except it didn't. It got stuck on that screen for about an hour. I ended up manually rebooting (I know it says you shouldn't but literally it was stuck. Wasn't even seeing a lit up "working" light on my PC). Then it came up and generated a log. A copy of which I've attached here.

Thanks in advance

Terry

Alright! combofix got the most of it.

delete the current version of combofix from desktop and download a new one and run it and attach the log.

Hi MK,

Re-ran combofix as advised, didn't get the warning about rootkit being present that is difficult to remove etc (so that's a good sign). However, once CF had ran the processes, before it generated a report, I got windows error boxes, the ones that say "This program has encountered an error and had to close, click to send error report to windows" blah blah

The programs that encountered errors were:

Realtek HD Audio

PDF Sentry

The Realtek box closed itself eventually wheras the PDF sentry would not close until I clicked the "Debug" option. Clicking "Don't send error report" kept making a windows error noise

Log attached

Thanks

Terry

As an addition step it's recommended that you download other free anti-malware software from the list below and run a full system scan :

•  Microsoft Safety Scanner
•  ESET Online Scanner
•  SuperAntiSpyware Free

Ok thanks

If they come up clean, am I in the all clear?!

Thanks

Terry