Pages are redirected and Spybot and Malwarebytes won't run

[bjacks9]

ComboFix 09-05-08.03 - Bianca 05/08/2009 19:58.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3062.2146 [GMT -5:00]
Running from: c:\users\Bianca\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2009-04-09 to 2009-05-09 )))))))))))))))))))))))))))))))
.

2009-05-08 05:49 . 2009-05-08 05:49 -------- d-----w C:\rsit
2009-05-07 05:50 . 2009-05-08 19:48 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-05-05 22:42 . 2009-04-06 20:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-05 22:42 . 2009-04-06 20:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-05 22:42 . 2009-05-05 23:33 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-03 07:36 . 2009-05-05 20:23 -------- d-----w c:\program files\Spyware Terminator
2009-05-03 07:22 . 2009-05-03 07:22 -------- d-----w c:\program files\Alwil Software
2009-05-03 06:00 . 2009-05-03 06:00 -------- d-----w c:\program files\Hewlett-Packard
2009-05-03 05:57 . 2009-05-03 05:57 -------- d-----w c:\programdata\Hewlett-Packard
2009-05-03 05:57 . 2009-05-03 05:57 -------- d-----w c:\users\All Users\Hewlett-Packard
2009-05-03 05:46 . 2009-05-03 08:29 -------- d---a-w c:\programdata\TEMP
2009-05-03 05:46 . 2009-05-03 08:29 -------- d---a-w c:\users\All Users\TEMP
2009-05-03 05:38 . 2007-03-15 20:32 118272 ----a-w c:\windows\system32\hpz3l5ha.dll
2009-05-03 05:32 . 2009-05-03 06:00 142972 ----a-w c:\windows\hpoins21.dat
2009-05-03 05:32 . 2008-01-24 02:29 7262 ------w c:\windows\hpomdl21.dat
2009-05-03 05:31 . 2007-12-07 15:55 271704 ----a-w c:\windows\system32\hpzids01.dll
2009-05-03 05:31 . 2007-11-02 02:28 364544 ----a-w c:\windows\system32\hppldcoi.dll
2009-05-03 05:31 . 2007-11-02 02:28 729088 ----a-w c:\windows\system32\hpowiax5.dll
2009-05-03 05:31 . 2007-11-02 02:28 303104 ----a-w c:\windows\system32\hpovst12.dll
2009-05-03 05:31 . 2007-11-02 02:28 970752 ----a-w c:\windows\system32\hpotiop5.dll
2009-04-30 05:27 . 2008-06-20 01:14 97800 ----a-w c:\windows\system32\infocardapi.dll
2009-04-30 05:27 . 2008-06-20 01:14 105016 ----a-w c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-04-30 05:27 . 2008-06-20 01:14 622080 ----a-w c:\windows\system32\icardagt.exe
2009-04-30 05:27 . 2008-06-20 01:14 11264 ----a-w c:\windows\system32\icardres.dll
2009-04-30 05:27 . 2008-06-20 01:14 43544 ----a-w c:\windows\system32\PresentationHostProxy.dll
2009-04-30 05:27 . 2008-06-20 01:14 781344 ----a-w c:\windows\system32\PresentationNative_v0300.dll
2009-04-30 05:27 . 2008-06-20 01:14 326160 ----a-w c:\windows\system32\PresentationHost.exe
2009-04-30 05:19 . 2008-07-27 18:03 96760 ----a-w c:\windows\system32\dfshim.dll
2009-04-30 05:18 . 2008-07-27 18:03 282112 ----a-w c:\windows\system32\mscoree.dll
2009-04-30 05:18 . 2008-07-27 18:03 41984 ----a-w c:\windows\system32\netfxperf.dll
2009-04-30 05:18 . 2008-07-27 18:03 158720 ----a-w c:\windows\system32\mscorier.dll
2009-04-30 05:18 . 2008-07-27 18:03 83968 ----a-w c:\windows\system32\mscories.dll
2009-04-16 14:39 . 2008-12-06 04:42 376832 ----a-w c:\windows\system32\winhttp.dll
2009-04-09 18:24 . 2009-04-09 18:24 -------- d-----w c:\users\Bianca\AppData\Local\Apps
2009-04-09 18:24 . 2009-04-09 18:24 -------- d-----w c:\users\Bianca\AppData\Local\Deployment

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-09 00:54 . 2008-04-18 18:31 12 ----a-w c:\windows\bthservsdp.dat
2009-05-08 22:55 . 2009-03-15 05:31 -------- d-----w c:\program files\QuickTime
2009-05-03 05:57 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat
2009-05-03 05:57 . 2006-11-02 10:25 143360 ----a-w c:\windows\inf\infstrng.dat
2009-05-03 05:38 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat
2009-05-03 01:05 . 2008-04-18 20:45 -------- d-----w c:\program files\Java
2009-05-02 22:03 . 2008-09-28 02:48 79488 ----a-w c:\users\Bianca\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-16 15:05 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-04-08 16:47 . 2009-04-08 16:47 -------- d-----w c:\program files\iTunes
2009-04-08 16:47 . 2009-04-08 16:47 -------- d-----w c:\program files\iPod
2009-04-08 16:47 . 2008-09-28 22:40 -------- d-----w c:\program files\Common Files\Apple
2009-03-30 06:39 . 2008-12-16 11:06 -------- d-----w c:\program files\Common Files\Adobe
2009-03-19 21:32 . 2009-04-08 16:47 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-17 03:38 . 2009-04-16 14:39 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-16 14:39 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-12 22:44 . 2009-02-08 06:03 -------- d-----w c:\program files\DivX
2009-03-09 10:19 . 2008-12-14 20:14 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-08 11:34 . 2009-04-30 05:16 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 11:34 . 2009-04-30 05:16 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 11:33 . 2009-04-30 05:16 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 11:33 . 2009-04-30 05:16 109056 ----a-w c:\windows\system32\iesysprep.dll
2009-03-08 11:33 . 2009-04-30 05:16 109568 ----a-w c:\windows\system32\PDMSetup.exe
2009-03-08 11:33 . 2009-04-30 05:16 132608 ----a-w c:\windows\system32\ieUnatt.exe
2009-03-08 11:33 . 2009-04-30 05:16 107520 ----a-w c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-04-30 05:16 107008 ----a-w c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-04-30 05:16 103936 ----a-w c:\windows\system32\SetDepNx.exe
2009-03-08 11:33 . 2009-04-30 05:16 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 11:32 . 2009-04-30 05:16 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 11:32 . 2009-04-30 05:16 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 11:32 . 2009-04-30 05:16 66560 ----a-w c:\windows\system32\wextract.exe
2009-03-08 11:32 . 2009-04-30 05:16 169472 ----a-w c:\windows\system32\iexpress.exe
2009-03-08 11:31 . 2009-04-30 05:16 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 11:31 . 2009-04-30 05:16 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 11:31 . 2009-04-30 05:16 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 11:22 . 2009-04-30 05:16 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-03 04:46 . 2009-04-16 14:39 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-16 14:39 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:39 . 2009-04-16 14:39 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-16 14:39 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-16 14:39 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-16 14:39 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-16 14:39 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-16 14:39 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-16 14:39 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-16 14:39 17408 ----a-w c:\windows\system32\iashost.exe
2009-02-24 23:57 . 2008-11-17 13:40 3668480 ----a-w c:\windows\system32\drivers\NETw5v32.sys
2009-02-13 08:49 . 2009-04-16 14:39 72704 ----a-w c:\windows\system32\secur32.dll
2009-02-13 08:49 . 2009-04-16 14:39 1255936 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 03:10 . 2009-03-11 04:55 2033152 ----a-w c:\windows\system32\win32k.sys
2008-01-21 02:43 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini
2009-01-01 11:46 . 2009-01-01 11:46 88 --sh--r c:\windows\System32\AD236D7EC7.sys
2009-01-01 11:46 . 2009-01-01 11:46 2828 --sha-w c:\windows\System32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( SnapShot@2009-05-09_00.34.24 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2009-05-09 00:56 50952 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-05-09 00:56 69682 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-09-28 02:45 . 2009-05-09 00:53 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-09-28 02:45 . 2009-05-08 22:19 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-09-28 02:45 . 2009-05-08 22:19 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-09-28 02:45 . 2009-05-09 00:53 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-09-28 02:45 . 2009-05-09 00:53 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-09-28 02:45 . 2009-05-08 22:19 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-09-28 02:50 . 2009-05-09 00:56 9242 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-4186168276-927285951-146734101-1000_UserData.bin
+ 2009-05-09 00:54 . 2009-05-09 00:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2009-05-09 00:27 . 2009-05-09 00:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-05-09 00:54 . 2009-05-09 00:54 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-05-09 00:27 . 2009-05-09 00:27 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="c:\program files\AIM6\aim6.exe" [2008-10-21 50472]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Google Update"="c:\users\Bianca\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-04-09 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-02-09 198160]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-02-21 17:26 98304 ----a-w c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /A:* /L:English /KBD:3

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{3AAC6ED9-7D0D-4184-95FF-266A310A24BD}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{43F18DCE-EBDF-4C73-A30A-11BA45EB4484}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{6C5250C3-C999-4A8C-BF92-675B7B332939}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{BB1CCCAF-13C1-43BC-8BC9-7B06B77A90FE}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{C703B52B-BC16-47E5-B616-D04A7A65F75E}"= UDP:c:\program files\AIM6\aim6.exe:AIM
"{80ABEA69-D70D-43EE-9C0B-E432B9C1D82E}"= TCP:c:\program files\AIM6\aim6.exe:AIM
"{41E652EC-8BD2-4C9A-8687-103E380DA04E}"= UDP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"{D40DD85A-3E55-4FBB-B56D-96C1E32DE702}"= TCP:c:\program files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{A5B3E980-0AFE-4173-A384-5E776A4F69D5}c:\\program files\\aim6\\aim6.exe"= UDP:c:\program files\aim6\aim6.exe:AIM
"UDP Query User{9358B5AB-9346-4F39-B392-5F0BE7890740}c:\\program files\\aim6\\aim6.exe"= TCP:c:\program files\aim6\aim6.exe:AIM
"{6B556088-F87B-4918-B01C-27698C994185}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"TCP Query User{7CD67BD6-F5FB-4FE6-93FB-50AD0A7A901A}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{B035308C-6184-4082-9183-34F632FD5010}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"{4CC22439-C81B-4BD5-B888-F0A700FA2DE1}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{2DAA9095-EA10-4C0D-B337-0C49C0E1C07B}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{B1249374-57D7-4467-A59E-EB8C6483E2A6}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{05A91259-65B4-4649-8043-1D34376D6956}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{AE4827FD-1C27-444F-BA57-DB6C0052F4C5}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"{AC9C91C7-CF67-47DE-AD38-4F82B7F23F41}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"{544876C1-94E4-4C32-8CFF-0D75437F44EF}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{8D197BDF-133C-4560-A841-4DDC9BFB018C}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"TCP Query User{D4073495-00E2-410E-9C2E-65C35F238CCF}c:\\program files\\real\\realplayer\\realplay.exe"= UDP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{949040F7-4352-4A75-B68E-95D2A2917D16}c:\\program files\\real\\realplayer\\realplay.exe"= TCP:c:\program files\real\realplayer\realplay.exe:RealPlayer
"{02389D2C-68E8-4BE0-9DA9-1E25BACA3EFD}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{1557277D-E346-43BE-A70A-58AEACF74A22}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{917B2585-DF48-4FDC-A446-503112AD14F8}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{52F50369-F4C4-4370-82C3-0AE17AFF5C7D}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{C7A411DE-7A04-4312-8283-DAFB5E8DF042}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{58C3B322-C606-40FF-9117-2B8095C7A9BA}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{C8227F87-E9D1-4563-9032-B9C8794A1100}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{CADA53C9-10CE-45FF-BCA2-2EBB05B73B18}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{6F49F373-CEEF-479C-B842-6727BA3DAA64}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{51D2F2EA-CF33-4255-8EFA-C12789914190}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{52DCFD74-384C-4D97-8FD7-18BBFB7FF635}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{0418654A-9721-4164-BF5C-B6C92F273498}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpofxm08.exe:hpofxm08.exe
"{C94B8677-3C03-4167-9A87-4DB10977FC2F}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{7B41FD43-D89E-4528-B06F-88FCFBA640D2}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposfx08.exe:hposfx08.exe
"{386E81B0-9F19-43F4-8977-33E81F4AE10A}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{465D6C59-4B30-4681-830E-611690CA9E5C}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{22228EE3-5970-44BC-AB21-F02869DAA667}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{D6905BDF-6798-452D-AECF-9D16A6E3E411}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpzwiz01.exe:hpzwiz01.exe
"{7F510633-51CE-45A6-BB2E-779F8266EB27}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{019EF530-11FB-4984-BCF0-A24A5A7751BB}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{0FBCEB77-BD19-416C-8BD0-219432508FB7}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqnrs08.exe:hpqnrs08.exe
"{FF8AB834-9815-4D82-9CEF-BC4084F80A0E}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqnrs08.exe:hpqnrs08.exe
"{862D5BA3-F14F-4947-A4C8-F7065BC644D7}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{9AE7D2C9-F83E-43C1-972B-86F2DB07FD0D}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{10A843EF-D494-4991-BC6F-32FCF1FA0195}"= Disabled:UDP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{D6029FAF-F92D-4A8F-A02C-36C32209554E}"= Disabled:TCP:c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R2 regi;regi;c:\windows\System32\drivers\regi.sys [4/17/2007 10:09 PM 11032]
R2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [9/27/2008 11:31 PM 104960]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\System32\drivers\ArcSoftKsUFilter.sys [9/27/2008 11:31 PM 17408]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [11/17/2008 8:40 AM 3668480]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\System32\drivers\R5U870FLx86.sys [4/18/2008 1:33 PM 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\System32\drivers\R5U870FUx86.sys [4/18/2008 1:33 PM 43904]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [4/18/2008 1:34 PM 9344]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [4/18/2008 1:34 PM 818688]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [4/18/2008 3:18 PM 28464]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [9/28/2008 5:09 PM 33752]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [9/27/2008 11:26 PM 104288]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [9/27/2008 11:26 PM 350048]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [9/27/2008 11:26 PM 63328]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [4/18/2008 3:48 PM 333088]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [4/18/2008 3:49 PM 87328]
S4 Keenfinder Service;Keenfinder Service;"c:\program files\Keenfinder\keenfinder.exe" "c:\program files\Keenfinder\keenfinder.dll" Service --> c:\program files\Keenfinder\keenfinder.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - g:\autorun\Autorun.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-05-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4186168276-927285951-146734101-1000.job
- c:\users\Bianca\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-09 18:24]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Bianca\AppData\Roaming\Mozilla\Firefox\Profiles\4fu0f9j2.default\
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-08 20:01
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(2976)
c:\windows\system32\btncopy.dll
.
Completion time: 2009-05-09 20:03
ComboFix-quarantined-files.txt 2009-05-09 01:02
ComboFix2.txt 2009-05-09 00:45
ComboFix3.txt 2009-05-09 00:36

Pre-Run: 138,050,850,816 bytes free
Post-Run: 138,025,824,256 bytes free

274 --- E O F --- 2009-05-08 08:00

[peku006]

Hi bjacks9

1 - Clean temp files

• Download and Run ATF Cleaner
  Download ATF (Atribune Temp File) Cleaner© by Atribune to your desktop.Double-click ATF Cleaner.exe to open it.
  
  Under Main choose:
  • Windows Temp
    Current User Temp
    All Users Temp
    Temporary Internet Files
    Prefetch
    Java Cache
    *The other boxes are optional*
    Then click the Empty Selected button.
  
  if you use Firefox:
  • Click Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
  
  if you use Opera:
  • Click Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click NO at the prompt.
  
  
  Click Exit on the Main menu to close the program

2 - Kaspersky Online Scan

Please go to Kaspersky website and perform an online antivirus scan.

1. Read through the requirements and privacy statement and click on Accept button.
2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
3. When the downloads have finished, click on Settings.
4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
   • Spyware, Adware, Dialers, and other potentially dangerous programs
     Archives
     Mail databases
5. Click on My Computer under Scan.
6. Once the scan is complete, it will display the results. Click on View Scan Report.
7. You will see a list of infected items there. Click on Save Report As....
8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
9. Please post this log in your next reply.

3 - Run Hijackthis
Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad

4 - Status Check
Please reply with

1. the Kaspersky online scanner report
2. a fresh HijackThis log

Thanks peku006

[bjacks9]

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7.0 REPORT
Saturday, May 9, 2009
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Saturday, May 09, 2009 19:04:57
Records in database: 2151722
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: no
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 155914
Threat name: 1
Infected objects: 1
Suspicious objects: 0
Duration of the scan: 01:10:33


File name / Threat name / Threats count
C:\Qoobox\Quarantine\C\Windows\System32\gxvxcjtketpdowqntfmyatutvlcrcxqrsnqce.dll.vir Infected: Trojan-Clicker.Win32.Small.aea 1

The selected area was scanned.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:15:59 PM, on 5/9/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AIM6\aim6.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Bianca\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchProtocolHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - (no file)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Bianca\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo1.walgreens.com/WalgreensActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/reso...PUplden-us.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/de...e/HPDEXAXO.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn...tDetection.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8239 bytes

[peku006]

Hi bjacks9

Install anti-virus software

I see no sign of resident anti-virus protection being installed on your computer.
Its critical that you take care of this issue as soon as possible, so I want you to do it right away.
Below are two good, free alternatives. Download and install one of them, but only install one:

• Avira AntiVir
• ALWIL Avast!

How's the computer running now? Any problems?

Thanks peku006

[bjacks9]

It is running better now. Thank you for everything!

Is (File name / Threat name / Threats count
C:\Qoobox\Quarantine\C\Windows\System32\gxvxcjtketpdowqntfmyatutvlcrcxqrsnqce.dll.vir Infected: Trojan-Clicker.Win32.Small.aea 1) not something to worry about?

[peku006]

Hi bjacks9
Great that your machine is running better now, the scans are fine and it looks like your machine is clean

Is (File name / Threat name / Threats count
C:\Qoobox\Quarantine\C\Windows\System32\gxvxcjtketpdowqntfmyatutvlcrcxqrsnqce.dll.vir Infected: Trojan-Clicker.Win32.Small.aea 1) not something to worry about?

do not worry, we will remove it

To remove all of the tools we used and the files and folders they created do the following:

Please download OTCleanIt and save it to desktop.

• Double-click OTCleanIt.exe.
• Click the CleanUp! button.
• Select Yes when the "Begin cleanup Process?" prompt appears.
• If you are prompted to Reboot during the cleanup, select Yes.
• The tool will delete itself once it finishes, if not delete it by yourself.

Note: If you receive a warning from your firewall or other security programs regarding OTCleanIt attempting to contact the internet, please allow it to do so.

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Disable and Enable System Restore-WINDOWS XP
This is a good time to clear your existing system restore points and establish a new clean restore point:

Turn off System Restore

• On the Desktop, right-click My Computer.
• Click Properties.
• Click the System Restore tab.
• Check Turn off System Restore.
• Click Apply, and then click OK.
• Reboot.

Turn ON System Restore

• On the Desktop, right-click My Computer.
• Click Properties.
• Click the System Restore tab.
• UN-Check *Turn off System Restore*.
• Click Apply, and then click OK.

This will remove all restore points except the new one you just created.

Here are some free programs I recommend that could help you improve your computer's security.

Spybot Search and Destroy
Download it from here. Just choose a mirror and off you go.
Find here the tutorial on how to use Spybot properly here

Install SpyWare Blaster
Download it from here
Find here the tutorial on how to use Spyware Blaster here

Install WinPatrol
Download it from here
Here you can find information about how WinPatrol works here

Install FireTrust SiteHound
You can find information and download it from here

Install MVPS Hosts File from here
The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
Find Tutorial here : http://www.mvps.org/winhelp2002/hosts.htm

Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system.
You can use one of these sites to check if any updates are needed for your pc.
Secunia Software Inspector
F-secure Health Check

Visit Microsoft often to get the latest updates for your computer.
http://www.update.microsoft.com

Please check out Tony Klein's article "How did I get infected in the first place?"

Read some information here how to prevent Malware.


Happy safe surfing!

[bjacks9]

Thank you very much! My laptop is now working well!

[peku006]

Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.