You are now COOKIN!
Great job!
In normal mode in all user accounts?
Run ComboFix again in normal mode as it had findings need to confirm clean!
HJT in normal mode.
OK there are signs of Norton in the HJT log. Are you usning Avast now?
Run HJT Scan only and select and Fix all lines listed below
Any line that has (file missing) and/or (no file) at the END of the line, ONLY at the end Plus the following.
O8 - Extra context menu item: &Search - ?p=ZJxdm172YYUS.
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: Comodo Application Agent (CmdAgent) - Unknown owner - C:\Program Files\Comodo\Firewall\cmdagent.exe (file missing)
And if not using Norton/Symantec any line that contains the word Symantec.
If Norton was once used but now uninstalled let me know and I will post links to the removal tools.
Do Temp and Reg cleanup
Run CCleaner
http://www.ccleaner.com/download/builds (get SLIM at bottom no Yahoo toolbar)
Run twice or more on Cleanup temps, then on left click Registry then Scan for issues also repeat till clean. You may have this from the 8 Steps.
Run ATF-Cleaner
http://majorgeeks.com/ATF_Cleaner_d4949.html Temp and Registry, repeatedly until no more found.
KCleaner
ftp://ftp2.kcsoftwares.com/kcsoftwa/files/kcleaner.exe
Fantastic cleaner.
(When installing uncheck Relevant Knowledge do not install)
-------------------------------------------------------------------------------------
The issues can and are likely found is in System Restore so do the below
Start-Programs-Accessories-System Tools-Disk- System Restore and create a new Restore point. Name it "Cleanup at TechSpot".
Then Start-Programs-Accessories-System Tools-Disk Cleanup
Click OK to accept C:
Select all Boxes
Then click More Options
Here click System Restore and OK to "Are you sure" and the OK to Run.
As this runs it clears all but the most recent Restore Point but it does one other thing that can contain infested files and a huge amount of disk space.
It clears what is known as Shadow copies which are used by specialized back up programs.
This is if you have the Volume Shadow Copy running which is the default.
-------------------------------------------------------------------------------------
ERUNT
Add a redundent Reg backup, get and install ERUNT let it add itself to startup and do a backup on install check all boxes.
ERUNT
http://www.larshederer.homepage.t-online.de/erunt/
Yes! Even if you use system restore and other backups Registry and Images.
Go here Download DrWeb
https://www.techspot.com/vb/post724044-3.html
Then....
Boot to Safe Mode only! Not with Networking and run...
DrWeb will fisrt do an Express Scan on its own when it completes then you should do a full scan.
The first Virus it finds select Cure and it will use this as the default automatically for all the rest. What it can't fix will be Quarantined!
This will take a while based on CPU and HD speed and size, but is worth it!
Mike