Search Redirector Malware. Please Help!

[Rich Deez]

The system is running good. we do not use it for much. mainly the internet and that redirector was making me crazy, but you guys fixed that and I thank you for it. after this is all done I am going to install the antivirus you guys have along with the S&D resident.
thanks again
Rich





ComboFix 11-04-06.03 - Tracy Taylor 04/07/2011 9:13.4.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.578 [GMT -7:00]
Running from: c:\documents and settings\Tracy Taylor\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Tracy Taylor\Desktop\CFScript.txt
.
file zipped: c:\windows\uzuqeboqutun.dll
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\uzuqeboqutun.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-03-07 to 2011-04-07 )))))))))))))))))))))))))))))))
.
.
2014-01-29 05:26 . 2014-01-29 05:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Knowledge Adventure
2014-01-29 04:54 . 2014-01-29 04:54 -------- d-----w- c:\program files\Common Files\Knowledge Adventure
2014-01-27 03:27 . 1999-05-07 07:00 244232 ------w- c:\windows\system32\msflxgrd.ocx
2014-01-27 03:27 . 1996-06-07 06:06 189952 ----a-w- c:\windows\Qcard32.dll
2014-01-26 01:22 . 2001-08-17 21:57 16128 -c--a-w- c:\windows\system32\dllcache\modemcsa.sys
2014-01-26 01:22 . 2001-08-17 21:57 16128 ----a-w- c:\windows\system32\drivers\MODEMCSA.sys
2014-01-26 01:22 . 2008-04-13 18:45 26112 ----a-w- c:\windows\system32\drivers\usbser.sys
2014-01-26 01:01 . 2014-01-26 01:01 -------- d-----w- c:\documents and settings\Tracy Taylor\Local Settings\Application Data\Help
2014-01-26 00:04 . 2014-01-26 00:04 -------- d-sh--w- c:\documents and settings\Tracy Taylor\UserData
2014-01-25 04:18 . 2014-01-25 04:18 -------- d-----w- c:\documents and settings\Tracy Taylor\Bluetooth Software
2014-01-25 04:14 . 2014-01-25 04:14 -------- d-----w- c:\program files\Bluetooth
2014-01-24 02:33 . 2014-01-24 02:33 -------- d-----w- c:\documents and settings\Tracy Taylor\Local Settings\Application Data\Toshiba
2014-01-22 07:06 . 2010-08-04 22:34 -------- d-----w- c:\windows\system32\LogFiles
2014-01-22 06:58 . 2008-04-13 18:56 30592 ------w- c:\windows\system32\drivers\rndismpx.sys
2014-01-22 06:58 . 2008-04-13 18:56 12800 ------w- c:\windows\system32\drivers\usb8023x.sys
2014-01-22 06:56 . 2014-01-22 06:56 -------- d-----w- c:\windows\Downloaded Installations
2011-04-06 21:48 . 2011-04-06 21:48 -------- d-----w- c:\program files\ESET
2011-04-06 21:42 . 2011-04-06 21:42 -------- d-----w- c:\program files\Common Files\Java
2011-04-06 21:41 . 2011-04-06 21:41 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-04-06 21:41 . 2011-04-06 21:41 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-06 21:41 . 2011-04-06 21:41 -------- d-----w- c:\program files\Java
2011-04-06 21:13 . 2011-04-06 21:15 -------- d-----w- c:\program files\Common Files\Adobe
2011-03-31 06:01 . 2011-03-31 06:02 -------- d-----w- c:\program files\ERUNT
2011-03-28 05:04 . 2011-03-28 05:04 -------- d-----w- c:\documents and settings\Tracy Taylor\Local Settings\Application Data\TuneUpMedic
2011-03-28 04:45 . 2011-03-28 04:45 -------- d-----w- c:\documents and settings\Tracy Taylor\Application Data\ParetoLogic
2011-03-28 04:45 . 2011-03-28 04:45 -------- d-----w- c:\documents and settings\Tracy Taylor\Application Data\DriverCure
2011-03-28 04:44 . 2011-03-28 05:38 -------- d-----w- c:\documents and settings\All Users\Application Data\ParetoLogic
2011-03-28 01:45 . 2011-03-28 01:45 -------- d--h--w- c:\windows\msdownld.tmp
2011-03-28 01:44 . 2011-03-28 01:44 -------- d-----w- c:\program files\Microsoft
2011-03-28 01:44 . 2011-03-28 01:44 -------- d-----w- c:\program files\MSN Toolbar
2011-03-28 01:43 . 2011-03-28 01:43 -------- d-----w- c:\program files\Microsoft Silverlight
2011-03-28 01:41 . 2011-03-28 01:44 -------- d-----w- c:\program files\Bing Bar Installer
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-31 05:49 . 2009-08-18 18:30 564632 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\wlidui.dll
2011-03-31 05:49 . 2009-08-18 18:24 18328 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-07 22:55 . 2011-02-07 22:55 1409 ----a-w- c:\windows\QTFont.for
2011-02-05 01:48 . 2006-03-02 18:38 456192 ------w- c:\windows\system32\encdec.dll
2011-02-05 01:48 . 2006-03-02 18:39 291840 ----a-w- c:\windows\system32\sbe.dll
2011-02-02 07:58 . 2006-03-02 21:23 2067456 ------w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2006-03-02 21:23 677888 ------w- c:\windows\system32\mstsc.exe
2011-01-21 14:44 . 2006-03-02 18:39 439296 ------w- c:\windows\system32\shimgvw.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2004-12-30 65536]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-17 761945]
"Toshiba Hotkey Utility"="c:\program files\Toshiba\Windows Utilities\Hotkey.exe" [2006-02-20 1589248]
"SmoothView"="c:\program files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe" [2005-04-27 122880]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-11-03 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-11-03 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-11-03 118784]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-11-28 602182]
"Pinger"="c:\toshiba\ivp\ism\pinger.exe" [2005-03-18 151552]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"Bing Bar"="c:\program files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe" [2010-04-27 243544]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-12 288088]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-03-03 98304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-16 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
.
c:\documents and settings\Tracy Taylor\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
RAMASST.lnk - c:\windows\system32\RAMASST.exe [2006-3-2 155648]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk.disabled]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk.disabled
backup=c:\windows\pss\Windows Search.lnk.disabledCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Tracy Taylor^Start Menu^Programs^Startup^Microsoft Office OneNote 2003 Quick Launch.lnk]
path=c:\documents and settings\Tracy Taylor\Start Menu\Programs\Startup\Microsoft Office OneNote 2003 Quick Launch.lnk
backup=c:\windows\pss\Microsoft Office OneNote 2003 Quick Launch.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2006-03-03 00:02 98304 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"CFSvcs"=2 (0x2)
"btwdins"=2 (0x2)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe"
"High Definition Audio Property Page Shortcut"=CHDAudPropShortcut.exe
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" -osboot
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Spybot - Search & Destroy\\SpybotSD.exe"=
"c:\\Program Files\\Spybot - Search & Destroy\\SDUpdate.exe"=
"c:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"=
"c:\\Program Files\\FinalMediaPlayer\\FMPCheckForUpdates.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 1:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/31/2010 9:09 AM 135664]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [3/2/2006 11:39 AM 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 1:16 PM 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-07 c:\windows\Tasks\Final Media Player Update Checker.job
- c:\program files\FinalMediaPlayer\FMPCheckForUpdates.exe [2010-08-10 05:22]
.
2011-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 16:09]
.
2011-04-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 16:09]
.
2011-04-07 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2232643574-1403717830-2536427291-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 19:33]
.
2011-04-07 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2232643574-1403717830-2536427291-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 19:33]
.
2007-01-20 c:\windows\Tasks\Registration reminder 2.job
- c:\windows\system32\OOBE\oobebaln.exe [2006-03-02 00:12]
.
2007-01-20 c:\windows\Tasks\Registration reminder 3.job
- c:\windows\system32\OOBE\oobebaln.exe [2006-03-02 00:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
Trusted Zone: turbotax.com
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} - hxxp://games.king.com/ctl/kingcomie.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-07 09:21
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@DACL=(02 0010)
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@DACL=(02 0010)
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@DACL=(02 0010)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2764)
c:\windows\system32\WININET.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\btncopy.dll
c:\program files\ArcSoft\Software Suite\PhotoImpression\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\windows\system32\DVDRAMSV.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\toshiba\IVP\swupdate\swupdtmr.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\SearchIndexer.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Synaptics\SynTP\Toshiba.exe
c:\windows\system32\igfxext.exe
c:\windows\eHome\ehmsas.exe
c:\progra~1\MICROS~4\wcescomm.exe
c:\progra~1\MICROS~4\rapimgr.exe
c:\progra~1\Intel\Wireless\Bin\Dot1XCfg.exe
.
**************************************************************************
.
Completion time: 2011-04-07 09:25:58 - machine was rebooted
ComboFix-quarantined-files.txt 2011-04-07 16:25
ComboFix2.txt 2011-04-06 22:45
ComboFix3.txt 2011-04-06 20:10
ComboFix4.txt 2011-04-04 03:55
.
Pre-Run: 74,713,395,200 bytes free
Post-Run: 74,731,638,784 bytes free
.
- - End Of File - - 0F6DF1E4584ECC3705E09FEE83B67C3B
Upload was successful

[Blade81]

It's time to secure your system to prevent against further intrusions then


THESE STEPS ARE VERY IMPORTANT

Let's reset system restore
Reset and Re-enable your System Restore to remove infected files that have been backed up by Windows. The files in System Restore are protected to prevent any programs changing those files. This is the only way to clean these files: You will lose all previous restore points which are likely to be infected. Please note you need Administrator Access to do clean the restore points.

1. Turn off System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.

2. Reboot.

3. Turn ON System Restore.
On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
UN-Check *Turn off System Restore*.
Click Apply, and then click OK.
NOTE: only do this ONCE,NOT on a regular basis



Now lets uninstall ComboFix:

• Click START then RUN
• Now copy-paste Combofix /uninstall in the runbox and click OK

UPDATING WINDOWS AND INTERNET EXPLORER

IMPORTANT: You Need to Update Windows and Internet Explorer to protect your computer from the malware that is around on the Internet. Please go to the windows update site to get the critical updates.

If you are running Microsoft Office, or any portion thereof, go to the Microsoft's Office Update site and make sure you have at least all the critical updates installed (Free) Microsoft Office Update.


Make your Internet Explorer more secure

This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt
Change the Download unsigned ActiveX controls to Disable
Change the Initialize and script ActiveX controls not marked as safe to Disable
Change the Installation of desktop items to Prompt
Change the Launching programs and files in an IFRAME to Prompt
Change the Navigate sub-frames across different domains to Prompt
When all these settings have been made, click on the OK button.
If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.



The following are recommended third party programs that are designed to keep your computer clean. A link as well as a brief description is included with each item.

• Download and run Secunia Personal Software Inspector (PSI) and fix its findings.
• Get Anti Virus Software and keep it updated - Most AVs will update automatically, but if not I would recommend making updating the AV the first job every time the PC is connected to the internet. An AV that is using defs that are seven days old is not going to be much protection. If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out. Good free antivirus programs are:
  Antivir
  Avast!
  Good commercial ones are from:
  Kaspersky and
  ESET
• Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly. For more info, check this webpage out.
  If you don't have a 3rd party firewall or a router behind NAT then I recommend getting one. I recommend either Online Armor Free or Comodo Firewall Pro (If you choose Comodo: Uncheck during installation Install Comodo HopSurf.., Make Comodo my default search provider and Make Comodo Search my homepage and install firewall ONLY!). Both providers have support forums that help with configuration related questions.

Just a final reminder for you. I am trying to stress these two points.
UPDATE UPDATE UPDATE!!! Make sure you do this about every 1-2 weeks.
Make sure all of your security programs are up to date.
Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


Once again, please post and tell me how things are going with your system... problems etc.

Have a great day,
Blade

[Blade81]

Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.

Note:If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh DDS log and a link to your previous thread.

If it has been less than three days since your last response and you need the thread re-opened, please send me or other MOD a private message (pm). A valid, working link to the closed topic is required.