Microsoft.Windows.RedirectedHosts removal help

[Whitepanther]

I have been trying to fix this problem for a week now but have not been able to correct this problem. IE is opening unwanted pages, spybot finds but will not remove Fraud.WindowsProtectionSuite and Microsoft.Windows.RedirectedHosts , can someone please help. I have also run malwarebytes and it finds nothing. Now I have ran erunt and am ready to get rid of this problem. Here is the log file from Hijack this.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:46:51 PM, on 11/16/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\WINDOWS\vsnpstd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SNPSTD2] C:\WINDOWS\vsnpstd2.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WeatherEye] C:\Documents and Settings\PSL\Local Settings\Application Data\TheWeatherNetwork\WeatherEye\WeatherEye.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1240066174968
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1ca1979e86c8eea) (gupdate1ca1979e86c8eea) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Super_DVD_Creator_9.8\NMSAccessU.exe

--
End of file - 7167 bytes

[Shaba]

Hi Whitepanther

Please post spybot report next

[Whitepanther]

Updated spybot and ran again. Also disabled tea timer.

Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
4-open-davinci.com=74.125.45.100

Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
securitysoftwarepayments.com=74.125.45.100

Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
privatesecuredpayments.com=74.125.45.100

Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
secure.privatesecuredpayments.com=74.125.45.100

Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
getantivirusplusnow.com=74.125.45.100

Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
secure-plus-payments.com=74.125.45.100

Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
www.getantivirusplusnow.com=74.125.45.100

Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
www.secure-plus-payments.com=74.125.45.100

Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
www.getavplusnow.com=74.125.45.100

Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
safebrowsing-cache.google.com=74.125.45.100

Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
www.securesoftwarebill.com=74.125.45.100

Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
secure.paysecuresystem.com=74.125.45.100

Fraud.WindowsProtectionSuite: [SBI $B197733A] Redirected host (Redirected host, nothing done)
paysoftbillsolution.com=74.125.45.100

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.ae=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.as=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.at=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.az=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.ba=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.be=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.bg=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.bs=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.ca=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.cd=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.gh=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.hk=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.jm=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.mx=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.my=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.na=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.nf=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.ng=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.ch=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.np=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.pr=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.qa=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.sg=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.tj=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.tw=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.dj=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.de=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.dk=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.dm=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.ee=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.fi=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.fm=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.fr=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.ge=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.gg=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.gm=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.gr=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.ht=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.ie=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.im=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.in=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.it=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.ki=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.la=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.li=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.lv=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.ma=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.ms=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.mu=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.mw=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.nl=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.no=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.nr=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.nu=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.pl=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.pn=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.pt=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.ro=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.ru=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.rw=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.sc=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.se=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.sh=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.si=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.sm=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.sn=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.st=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.tl=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.tm=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.tt=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.us=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.vu=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.ws=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.co.ck=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.co.id=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.co.il=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.co.in=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.co.jp=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.co.kr=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.co.ls=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.co.ma=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.co.nz=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.co.tz=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.co.ug=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.co.uk=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.co.za=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.co.zm=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.af=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.ag=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.ar=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.au=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.bn=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.br=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.by=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.bz=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.cu=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.ec=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
google.com.fj=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.ae=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.as=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.at=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.az=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.ba=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.be=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.bg=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.bs=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.ca=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.cd=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.gh=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.hk=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.jm=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.mx=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.my=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.na=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.nf=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.ng=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.ch=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.np=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.pr=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.qa=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.sg=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.tj=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.tw=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.dj=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.de=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.dk=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.dm=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.ee=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.fi=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.fm=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.fr=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.ge=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.gg=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.gm=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.gr=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.ht=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.ie=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.im=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.in=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.it=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.ki=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.la=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.li=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.lv=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.ma=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.ms=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.mu=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.mw=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.nl=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.no=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.nr=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.nu=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.pl=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.pn=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.pt=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.ro=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.ru=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.rw=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.sc=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.se=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.sh=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.si=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.sm=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.sn=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.st=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.tl=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.tm=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.tt=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.us=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.vu=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.ws=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.co.ck=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.co.id=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.co.il=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.co.in=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.co.jp=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.co.kr=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.co.ls=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.co.ma=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.co.nz=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.co.tz=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.co.ug=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.co.uk=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.co.za=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.co.zm=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.af=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.ag=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.ar=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.au=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.bn=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.br=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.by=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.bz=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.cu=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.ec=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $10125F65] Redirected host (Redirected host, nothing done)
www.google.com.fj=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $67934675] Redirected host (Redirected host, nothing done)
bing.com=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $67934675] Redirected host (Redirected host, nothing done)
www.bing.com=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $67934675] Redirected host (Redirected host, nothing done)
search.yahoo.com=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $67934675] Redirected host (Redirected host, nothing done)
www.search.yahoo.com=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $67934675] Redirected host (Redirected host, nothing done)
search.live.com=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $67934675] Redirected host (Redirected host, nothing done)
search.msn.com=88.198.198.204

Microsoft.Windows.RedirectedHosts: [SBI $B89FBA81] Redirected host (Redirected host, nothing done)
www.securesoftwarebill.com=74.125.45.100

Microsoft.Windows.RedirectedHosts: [SBI $19781685] Redirected host (Redirected host, nothing done)
secure.paysecuresystem.com=74.125.45.100

Microsoft.Windows.RedirectedHosts: [SBI $CEFF52BA] Redirected host (Redirected host, nothing done)
paysoftbillsolution.com=74.125.45.100

Right Media: Tracking cookie (Internet Explorer: PSL) (Cookie, fixed)



--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-11-13 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi (*)
2009-11-10 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2009-10-13 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2009-11-17 Includes\HijackersC.sbi (*)
2009-10-20 Includes\Keyloggers.sbi (*)
2009-10-20 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-11-10 Includes\Malware.sbi (*)
2009-11-18 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2009-11-17 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2009-11-10 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-11-03 Includes\Spyware.sbi (*)
2009-11-10 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2009-11-17 Includes\Trojans.sbi (*)
2009-11-17 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

[Shaba]

Download HostsXpert and unzip it to your desktop.

Open HostsXpert that you earlier unzipped on your desktop

• Click "Make Hosts Writable?" upper right corner (if available)
• Click "Restore Microsoft's Original Hosts File" and then click OK
• Close HostsXpert

Note; IF you used any custom Hosts (eg. MVPS Hosts), you will have put them back manually

Run a new scan with spybot and post back what it found if anything.

[Whitepanther]

Tried to and HostsXpert tells me Hosts file is marked as a "system file" and can not be manipulated. Then the next screen also tells me it is also a "hidden file" and cannot be manipulated. So did not restore anything yet. Did you still want spybot report? There as no place to check make writeable I could find...

[Whitepanther]

Sorry the make writable button was in the top left corner but would do nothing when i click on it!

[Shaba]

OK, then we use brute force.

Download OTMoveIt by Old Timer and save it to your Desktop.

• Double-click OTM.exe. (Vista users, please right click on OTM.exe and select "Run as an Administrator")
• Copy the lines in the codebox below.

Code:

:files
c:\windows\system32\drivers\etc\hosts

• Return to OTMoveIt, right click in the Paste Instructions for Items to be Moved window (under the yellow bar) and choose Paste.
• Click the red Moveit! button.
• Copy everything in the Results window (under the green bar), and paste it in your next reply.
• Close OTMoveIt
  Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Please do also again that HostsXpert thing and let me know if it helped.

[Whitepanther]

I think we are getting there! OTM let me move the file without restarting, HostsExpert let me restore original hosts file I think, it did not say it had changed anything but did act different this time and had no errors. When I ran spybot it only found one problem tracking cookie and was able to fix it. Also it finally let me immunize all Global (Hosts) this time. I had not be able to since the problem started. Whats next?

Results from OTM under green bar:

========== FILES ==========
c:\windows\system32\drivers\etc\hosts moved successfully.

OTM by OldTimer - Version 3.1.2.0 log created on 11212009_075928

Full report from spybot:

Right Media: Tracking cookie (Internet Explorer: PSL) (Cookie, fixed)



--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-11-13 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-11-04 advcheck.dll (1.6.5.20)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi (*)
2009-11-10 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2009-10-13 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2009-11-17 Includes\HijackersC.sbi (*)
2009-10-20 Includes\Keyloggers.sbi (*)
2009-10-20 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-11-10 Includes\Malware.sbi (*)
2009-11-18 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2009-11-17 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2009-11-10 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-11-03 Includes\Spyware.sbi (*)
2009-11-10 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2009-11-17 Includes\Trojans.sbi (*)
2009-11-17 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

[Whitepanther]

Above I said full report from spybot but was just results not full report!

[Shaba]

That is fine

Please go to Kaspersky website and perform an online antivirus scan.

1. Read through the requirements and privacy statement and click on Accept button.
2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
3. When the downloads have finished, click on Settings.
4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
   • Spyware, Adware, Dialers, and other potentially dangerous programs
     Archives
     
5. Click on My Computer under Scan.
6. Once the scan is complete, it will display the results. Click on View Scan Report.
7. You will see a list of infected items there. Click on Save Report As....
8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
9. Please post this log in your next reply along with a fresh HijackThis log.