Sorry for the delay.
1. You are running two antivirus programs: Symantec and Avast. Please uninstall one of them. If you decide to remove the Symantec programs, you can use the
Norton Removal Tool.
2. It appears that you have or may have had the
Cognizance Identity and Access Management Suite (Cognizance IAM). There is a temp entry left from it as well as a Registry entry.
So lets remove the temp files:
TFC (Temp File Cleaner)
Download
TFC to your desktop
- Open the file and close any other windows.
- It will close all programs itself when run, make sure to let it run uninterrupted.
- Click the Start button to begin the process. The program should not take long to finish its job
- Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
TFC only cleans temp folders. TFC will not clean URL history, prefetch, or cookies. Depending on how often someone cleans their temp folders, their system hardware, and how many accounts are present, it can take anywhere from a few seconds to a minute or more. TFC will completely clear all temp files where other temp file cleaners may fail.
TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC.
TFC (Temp File Cleaner) will clear out all temp folders for all user accounts (temp, IE temp, java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
After you do those 2 things, please do the following:
3. Please download ComboFix
HERE:
- With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
- Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection.
- Run Combo-Fix.exe and follow the prompts.
(Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later.)
- Wait for the scan to be completed.
- If it requires a reboot, please do it.
• After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)
Do not click on the ComoboFix window, as it may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
After completing 1,2 and 3, please run a full system scan with the antivirus program you kept. Save the log. Attach to the next reply.
Also include the report from Combofix and new log from a rescan with HijackThis.
Then we'll see what, if anything is left and some HijackThis files will need removing. (I'll tell you which ones though-don't remove any on your own.
Summary:
Remove one of the AV programs.
Do system scan with remaining AV and save, then attach log.
Run the Temp File Cleaner
Run Combofix, attach report
Run new HJT and attach new log.
One more thing: Click on Start> Run> type in services.msc> right click on Background Intelligent Transfer Service> Properties> set Startup type to Manual.