browser is hijacked & malwarebytes and Hijackthis & super anti spyware won't work

[GretaLovejoy]

====== BHO's ======

BHO: (NO NAME) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn2\yt.dll

BHO: (NO NAME) - {4E7BD74F-2B8D-469E-93BE-BE2DF4D9AE29} - C:\PROGRA~1\COMCAS~2\COMCAS~1.DLL

BHO: (NO NAME) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll

BHO: (NO NAME) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: (NO NAME) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

BHO: (NO NAME) - {D5233FCD-D258-4903-89B8-FB1568E7413D} - mscoree.dll

====== HKLM\~\Run Keys ======

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

[SoundMan] = SOUNDMAN.EXE
[ISUSScheduler] = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
[ISUSPM Startup] = "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
[TkBellExe] = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
[VTTimer] = VTTimer.exe
[NeroFilterCheck] = C:\WINDOWS2\system32\NeroCheck.exe
[tgcmd] = C:\Program Files\Support.com\bin\tgcmd.exe /server /startmonitor /deaf
[iTunesHelper] = "C:\Program Files\iTunes\iTunesHelper.exe"
[QuickTime Task] = "C:\Program Files\QuickTime\qttask.exe" -atboottime
[SunJavaUpdateSched] = "C:\Program Files\Java\jre6\bin\jusched.exe"
[avast!] = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

====== HKCU\~\Run Keys ======

[RegistryMechanic] = C:\Program Files\Registry Mechanic\RegMech.exe /H
[ctfmon.exe] = C:\WINDOWS2\system32\ctfmon.exe

====== DNS Info (List may be empty) ======

HKEY_LOCAL_MACHINE\CCS\~\{15D05C1D-955B-49A3-A7C4-89E81F623D6F}\ NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{51E44CCE-5254-46A0-A128-FF3A5F5054F1}\ NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{92197218-436E-4397-9D76-155CB9A7EC96}\ NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{935AA2C6-93E6-478F-9F0A-5A83D3F15EA6}\ NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{D0D8A17C-48D5-4240-8325-91E9A598090E}\ NameServer=

HKEY_LOCAL_MACHINE\CS001\~\{15D05C1D-955B-49A3-A7C4-89E81F623D6F}\ NameServer=
HKEY_LOCAL_MACHINE\CS001\~\{51E44CCE-5254-46A0-A128-FF3A5F5054F1}\ NameServer=
HKEY_LOCAL_MACHINE\CS001\~\{92197218-436E-4397-9D76-155CB9A7EC96}\ NameServer=
HKEY_LOCAL_MACHINE\CS001\~\{935AA2C6-93E6-478F-9F0A-5A83D3F15EA6}\ NameServer=
HKEY_LOCAL_MACHINE\CS001\~\{D0D8A17C-48D5-4240-8325-91E9A598090E}\ NameServer=



====== Folders and Files from "%\" and "%\Windows" Created Last 60 Days ======

9/10/2009 6:38:49 AM 0 C:\Adobe
9/10/2009 6:38:49 AM 0 C:\Adobe\Photoshop Album
9/10/2009 6:38:49 AM 0 C:\Adobe\Photoshop Album\3.0
9/10/2009 6:38:49 AM 0 C:\Adobe\Photoshop Album\Catalogs
10/1/2009 7:23:56 PM 8146174 C:\cmdcons
10/1/2009 7:24:03 PM 860672 C:\cmdcons\SYSTEM32
10/7/2009 11:04:24 PM 0 C:\Downloads
10/8/2009 12:48:46 AM 531802867 C:\MSOCache
10/8/2009 12:48:46 AM 531802867 C:\MSOCache\All Users
10/8/2009 4:38:32 AM 201804780 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9
10/8/2009 4:38:33 AM 2010844 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES
10/8/2009 4:38:33 AM 1887642 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES
10/8/2009 4:38:33 AM 804080 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON
10/8/2009 4:38:33 AM 804080 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED
10/8/2009 4:38:33 AM 804080 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW
10/8/2009 4:38:33 AM 109120 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\COMMON\MSSHARED\DW\1033
10/8/2009 4:38:33 AM 1083562 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE
10/8/2009 4:38:33 AM 1083562 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11
10/8/2009 4:38:33 AM 295479 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\PFILES\MSOFFICE\OFFICE11\1033
10/8/2009 4:38:33 AM 89136 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\SETUP
10/8/2009 4:38:33 AM 34066 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS
10/8/2009 4:38:33 AM 34066 C:\MSOCache\All Users\90000409-6000-11D3-8CFE-0150048383C9\FILES\WINDOWS\INF
10/8/2009 12:49:19 AM 1632850 C:\MSOCache\All Users\{90120000-0010-0409-0000-0000000FF1CE}-C
10/8/2009 12:49:02 AM 15669675 C:\MSOCache\All Users\{90120000-0016-0409-0000-0000000FF1CE}-C
10/8/2009 12:49:14 AM 15068409 C:\MSOCache\All Users\{90120000-0018-0409-0000-0000000FF1CE}-C
10/8/2009 12:49:36 AM 17027228 C:\MSOCache\All Users\{90120000-001B-0409-0000-0000000FF1CE}-C
10/8/2009 12:49:20 AM 52395081 C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C
10/8/2009 12:49:20 AM 22914224 C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.en
10/8/2009 12:49:32 AM 16972298 C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.es
10/8/2009 12:49:30 AM 11999590 C:\MSOCache\All Users\{90120000-002C-0409-0000-0000000FF1CE}-C\Proof.fr
10/8/2009 12:49:05 AM 32655135 C:\MSOCache\All Users\{90120000-00A1-0409-0000-0000000FF1CE}-C
10/8/2009 12:48:46 AM 32869192 C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C
10/8/2009 12:48:59 AM 108872 C:\MSOCache\All Users\{90120000-0115-0409-0000-0000000FF1CE}-C\1033
10/8/2009 12:49:40 AM 162680517 C:\MSOCache\All Users\{91120000-002F-0000-0000-0000000FF1CE}-C
10/3/2009 4:42:26 PM 85 C:\RECYCLER
10/3/2009 4:42:26 PM 85 C:\RECYCLER\S-1-5-21-299502267-1275210071-839522115-1009
10/1/2009 7:24:09 PM 306 2080 C:\Boot.bak
10/1/2009 7:24:04 PM 260272 2080 C:\cmldr
10/25/2009 4:13:34 AM 132300 2080 C:\ComboFix.txt
10/25/2009 4:58:36 AM 2111 2080 C:\Files.txt
9/8/2009 9:11:38 AM 1154482176 38 C:\pagefile.sys
9/30/2009 10:20:49 PM 232 2082 C:\sqmdata02.sqm
9/30/2009 10:20:49 PM 244 2082 C:\sqmnoopt02.sqm

[GretaLovejoy]

====== Files under "\Administrator\Startup" Last 60 Days======



====== Files under "\All Users\Startup" Last 60 Days======


====== Files and Folders under "\Program Files" Last 60 Days======

9/25/2009 3:03:41 AM 657408 C:\Program Files\Alex Feinman
10/24/2009 10:37:55 PM 5545 C:\Program Files\Browser Hijack Recover
10/8/2009 12:53:43 AM 8152064 C:\Program Files\Microsoft.NET
10/14/2009 5:11:15 AM 869270 C:\Program Files\MSECACHE
10/10/2009 8:39:56 PM 12973823 C:\Program Files\TeamViewer
9/30/2009 8:01:23 PM 434226 C:\Program Files\Trend Micro
10/14/2009 5:11:39 AM 142742 C:\Program Files\Windows Installer Clean Up

====== Files under "\System32\Drivers" Last 60 Days======


====== Files Deleted under "%Temp%" ======


3 Files deleted

====== Files and Folders under "All Users\Application Data" Last 60 Days======


====== Values under HKLM\Software\microsoft\shared tools\msconfig\startupreg ======

HKLM\Software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup
HKLM\Software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
HKLM\Software\microsoft\shared tools\msconfig\startupreg\RaidTool

====== Services ( Services that are Whitelisted are not shown) ======

aswFsBlk (aswFsBlk)- C:\WINDOWS2\system32\DRIVERS\aswFsBlk.sys - Auto/Running
aswSP (avast! Self Protection)- C:\WINDOWS2\system32\drivers\aswSP.sys - System/Running
ctljystk (Creative SBLive! Gameport)- C:\WINDOWS2\system32\DRIVERS\ctljystk.sys - Manual/Running
ezplay (VSO Software ezplay)- C:\WINDOWS2\system32\Drivers\ezplay.sys - Manual/Stopped
FET5X86V (VIA Rhine-Family Fast-Ethernet Adapter Driver Service)- C:\WINDOWS2\system32\DRIVERS\fetnd5bv.sys - Manual/Running
FETNDIS (VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver)- C:\WINDOWS2\system32\DRIVERS\fetnd5.sys - Manual/Stopped
FileDisk (FileDisk)- C:\WINDOWS2\system32\drivers\FileDisk.sys - System/Running
FreshIO (FreshIO)- \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys - Manual/Stopped
hotcore2 (hotcore2)- C:\WINDOWS2\system32\drivers\hotcore2.sys - Boot/Running
hotcore3 (hotcore3)- C:\WINDOWS2\system32\drivers\hotcore3.sys - Boot/Running
hpt3xx (hpt3xx)- - Disabled/Stopped
irda (IrDA Protocol)- C:\WINDOWS2\system32\DRIVERS\irda.sys - Auto/Running
irsir (Microsoft Serial Infrared Driver)- C:\WINDOWS2\system32\DRIVERS\irsir.sys - Manual/Running
JL2005 (JL2005A Toy Camera)- C:\WINDOWS2\system32\Drivers\toywdm.sys - Manual/Stopped
mbmiodrvr (mbmiodrvr)- \??\C:\WINDOWS2\system32\mbmiodrvr.sys - System/Running
MCSTRM (MCSTRM)- - Auto/Stopped
NdisIP (Microsoft TV/Video Connection)- C:\WINDOWS2\system32\DRIVERS\NdisIP.sys - Manual/Stopped
pcouffin (VSO Software pcouffin)- C:\WINDOWS2\system32\Drivers\pcouffin.sys - Manual/Stopped
pctplsg (pctplsg)- \??\C:\WINDOWS2\system32\drivers\pctplsg.sys - Manual/Stopped
pmxscan (Visioneer USB Kernel)- C:\WINDOWS2\system32\DRIVERS\usbscan.sys - Manual/Stopped
Rasirda (WAN Miniport (IrDA))- C:\WINDOWS2\system32\DRIVERS\rasirda.sys - Manual/Running
SABProcEnum (SABProcEnum)- \??\C:\Program Files\Internet Explorer\SABProcEnum.sys - Manual/Stopped
SASDIFSV (SASDIFSV)- \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS - System/Running
SASENUM (SASENUM)- \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS - Manual/Stopped
SASKUTIL (SASKUTIL)- \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys - System/Running
SLIP (BDA Slip De-Framer)- C:\WINDOWS2\system32\DRIVERS\SLIP.sys - Manual/Stopped
SRS_SSCFilter (SRS Labs Audio Sandbox (WDM))- C:\WINDOWS2\system32\drivers\srs_sscfilter_i386.sy s - Manual/Stopped
StillCam (Still Serial Digital Camera Driver)- C:\WINDOWS2\system32\DRIVERS\serscan.sys - Manual/Running
TfFsMon (TfFsMon)- C:\WINDOWS2\system32\drivers\TfFsMon.sys - Boot/Stopped
TfNetMon (TfNetMon)- \??\C:\WINDOWS2\system32\drivers\TfNetMon.sys - Manual/Stopped
TfSysMon (TfSysMon)- C:\WINDOWS2\system32\drivers\TfSysMon.sys - Boot/Stopped
uagp35 (Microsoft AGPv3.5 Filter)- C:\WINDOWS2\system32\DRIVERS\uagp35.sys - Boot/Running
uts_bus (UTStarcom USB Composite Device driver (WDM))- C:\WINDOWS2\system32\DRIVERS\uts_bus.sys - Manual/Stopped
uts_mdfl (UTStarcom USB Modem Filter)- C:\WINDOWS2\system32\DRIVERS\uts_mdfl.sys - Manual/Stopped
uts_mdm (UTStarcom USB Modem Drivers)- C:\WINDOWS2\system32\DRIVERS\uts_mdm.sys - Manual/Stopped
uts_serd (UTStarcom USB Diagnostic Serial Port (WDM))- C:\WINDOWS2\system32\DRIVERS\uts_serd.sys - Manual/Stopped
viagfx (viagfx)- C:\WINDOWS2\system32\DRIVERS\vtmini.sys - Manual/Running
viamraid (viamraid)- C:\WINDOWS2\system32\DRIVERS\viamraid.sys - Boot/Running
ViBus (ViBus)- C:\WINDOWS2\system32\DRIVERS\ViBus.sys - Boot/Running
videX32 (videX32)- C:\WINDOWS2\system32\DRIVERS\videX32.sys - Boot/Running
ViPrt (VIA SATA IDE Device Driver)- C:\WINDOWS2\system32\DRIVERS\ViPrt.sys - Boot/Running
WpdUsb (WpdUsb)- C:\WINDOWS2\system32\DRIVERS\wpdusb.sys - Manual/Stopped

====== Uninstall List ======

7-Zip 4.57
AC3 Decoder
AC3File (remove only)
Active GIF Creator 2.22
Adobe Audition 3.0
Adobe Flash Player 10 ActiveX
Adobe Photoshop Elements
Adobe Shockwave Player 11.5
Adobe SVG Viewer 3.0
Adobe Photoshop CS3
Adobe Soundbooth CS3 Codecs
Adobe ExtendScript Toolkit 2
Adobe Color Common Settings
Adobe Illustrator CS3
Adobe Soundbooth CS3
AI RoboForm (All Users)
AliveGlow Plugin
AMPHIOTIK ENHANCER 2.04
Arachnophilia 5.2
Audacity 1.2.6
avast! Antivirus
Band-in-a-Box 2007 Demo
Desktop Doctor
Comcast High-Speed Internet Install Wizard
Comcast Toolbar
Cool Edit Pro 2.0
Creative DVD Audio Plugin for Audigy Series
db audioware mastering plugins 1.05c
DriverMax 4
DriverMax 5
DubIt
DVD Shrink 3.2
Easy CD Clone
Easy Graphic Converter 3.0
EximiousSoft GIF Creator V3.18
Eye Candy 3
Firebird SQL Server - MAGIX Edition
Firehand Lightning
Flash Slideshow Maker Pro 4.88
Glitter Frame GIF Maker V1.4
GoldWave v5.23
Microsoft Office Home and Student 2007
iDailyDiary 3.41
Microsoft Internationalized Domain Names Mitigation APIs
Windows Internet Explorer 7
ACT! ® 2005
VIA Platform Device Manager
InterActual Player
IsoBuster 1.9.1
iZotope Ozone 3
iZotope Ozone 4
Uninstall JL2005A Toy Camera
Windows Genuine Advantage Validation Tool (KB892130)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows Media Player 6.4 (KB925398)
Hotfix for Windows Media Format 11 SDK (KB929399)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Hotfix for Windows Media Player 11 (KB939683)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Update for Windows XP (KB951072-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Update for Windows XP (KB951978)
Security Update for Windows XP (KB952004)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Security Update for Windows Media Player (KB952069)
Hotfix for Windows XP (KB952287)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB953839)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player (KB954155)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Hotfix for Windows XP (KB954550-v5)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Update for Windows XP (KB955839)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Critical Update for Windows Media Player 11 (KB959772)
Security Update for Windows XP (KB960225)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Hotfix for Windows XP (KB961118)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows Internet Explorer 7 (KB963027)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Security Update for Windows XP (KB968537)
Security Update for Windows Media Player (KB968816)
Security Update for Windows XP (KB969059)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970483)
Hotfix for Windows XP (KB970653-v3)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows Media Player (KB973540)
Update for Windows XP (KB973815)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
K-Lite Codec Pack 4.7.5 (Basic)
KoolMoves 5.6
KPT 6

[GretaLovejoy]

LADSPA_plugins-win-0.4.15
L&H TTS3000 British English
Logo Design Studio
Microsoft .NET Framework 1.1 Security Update (KB953297)
Macromedia Director MX 2004
MAGIX Screenshare 4.3.6.1987 (US)
Malwarebytes' Anti-Malware
Maximus
Microsoft .NET Framework 1.1
Microsoft .NET Framework 3.5 SP1
MixPad
Motherboard Monitor 5
Mozilla Firefox (3.5.3)
Microsoft Compression Client Pack 1.0 for Windows XP
Mystical 2.0
Nero Suite
nLite 1.4.9.1
Microsoft National Language Support Downlevel APIs
PAN Fire 3.1
Personal Timeclock version 4.3
Photo-Brush 5.2
Photodex Presenter
PhotoFiltre
PhotoMix 5.3
Picasa 3
Picture Navigator
Professor Answers
Professor Teaches Dreamweaver MX 2004
Professor Teaches Flash MX 2004
Professor Teaches FrontPage 2000
Professor Teaches HTML Fundamentals
Professor Teaches Photoshop CS
Professor Teaches PowerPoint 2000
ProShow Gold
RarZilla Free Unrar 2.52
RealPlayer
Registry Mechanic 8.0
Responsive Time Logger
Advanced RealMedia Export Plug-in for Premiere 6.0
Security Task Manager 1.7e
SmartFTP Client 2.0 Setup Files (remove only)
Speed Video Converter 3.0.15
Alien Skin Splat! 1.0 Demo
Surround Meter 5.1 demo
t@b Media Converter (GUI for sox, mencoder) v0.951-686
TeamViewer 4
Host Department Demobar
Torq 1.0.6 (Build006 -- Dec 18 2007)
Trellian Button Factory
Lernout & Hauspie TruVoice American English TTS Engine
UTStarcom USB Modem Software
VideoReDo/Plus Version 2.5.6.512
VideoLAN VLC media player 0.8.6f
VIA Rhine-Family Fast-Ethernet Adapter
Voxengo BMS VST 1.2
VST Bridge 1.1
S3 S3Display
S3 S3Gamma2
S3 S3Info2
S3 S3Overlay
Wave Arts MultiDynamics
Wave Arts Power Suite
WavePad Uninstall
Web Gallery Wizard PRO 1.5.3225.0
Web CEO 6.5
Website Puller
WebSnapshot 2.0 Demo
WeBuilder 2006 v7.3
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Notifications (KB905474)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
WinHTTrack Website Copier 3.43
Windows Media Format 11 runtime
Windows Media Player 11
Microsoft User-Mode Driver Framework Feature Pack 1.0
WWAYM - NWEQ V1.21
WYSIWYG Web Builder 3.3
Yahoo! Toolbar
Yahoo! Browser Services
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! SiteBuilder
Yahoo! Software Update
Yahoo! Install Manager
Yahoo! Mail Quick Select Tool (PhotoMail)
ZoneAlarm
ZyGoVideo 2.0
PDFCreator
Adobe Photoshop CS3
Adobe XMP DVA Panels CS3
Apple Software Update
Adobe Soundbooth CS3 Codecs
Adobe Help Viewer CS3
Macromedia Dreamweaver MX 2004
Digidesign Dynamics III 6.9
Sony Noise Reduction Plug-In 2.0h
Adobe Bridge Start Meeting
QuickTime
OpenOffice.org 2.0
ACT!
Sonic Foundry VideoFactory 2.0c
ACID Pro 7.0
Ulead PhotoImpact 12
Windows Installer Clean Up
ebgcSDK
Google Toolbar for Internet Explorer
Adobe WinSoft Linguistics Plugin
MSXML 6 Service Pack 2 (KB954459)
InterVideo WinDVD 5
Adobe ExtendScript Toolkit 2
Google Earth
Adobe After Effects 6.0
Platform
Google Toolbar for Internet Explorer
Java(TM) 6 Update 16
ebgcSDK
Adobe Stock Photos CS3
Macromedia Flash 8
Rhapsody Player Engine
Ulead Photo Express 5 SE
WebFldrs XP
MSXML 4.0 SP2 (KB927978)
ebgcInfra
Apple Mobile Device Support
Sony Sound Forge 7.0
Adobe® Photoshop® Album Starter Edition 3.0
Macromedia Fireworks 8
Ulead VideoStudio 8.0 SE DVD
Adobe Setup
Windows Live Messenger
Adobe Color EU Extra Settings
XVID Codec Installation
ebgcRes
Adobe Audition 3.0
Adobe Linguistics CS3
Macromedia Extension Manager
neroxml
iTunes
Paragon Total Defrag 2009
Windows Genuine Advantage v1.3.0254.0
Adobe Setup
ebgcRes
Screenblast ACID 4.0
Sony Vegas 5.0d
Macromedia Flash Player 8
Windows Media Player Firefox Plugin
Adobe Fonts All
Adobe Color Common Settings
Adobe Asset Services CS3
Microsoft Visual C++ 2005 Redistributable
Microsoft Works 7.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft DirectX SDK (June 2006)
Text-To-Speech-Runtime
Camtasia Studio 5
CorelDRAW Graphics SUite X4 - ICA
CorelDRAW Graphics Suite X4 - Capture
CorelDRAW Graphics Suite X4 - Draw
CorelDRAW Graphics Suite X4 - PP
CorelDRAW Graphics Suite X4 - Content
CorelDRAW Graphics Suite X4 - Filters
CorelDRAW Graphics Suite X4 - FontNav
CorelDRAW Graphics Suite X4 - Lang EN
Digidesign Free Bomb Factory Plug-Ins 7.4
Adobe Setup
MSXML 4.0 SP2 (KB954430)
Microsoft Visual C Runtime
Macromedia Flash 8 Video Encoder
Microsoft Money 2004 System Pack
Adobe Device Central CS3
Adobe Type Support
Adobe Common File Installer
Microsoft Software Update for Web Folders (English) 12
Microsoft Office Excel MUI (English) 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Word MUI (English) 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Proof (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proof (French) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office OneNote MUI (English) 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office FrontPage 2003
Adobe Anchor Service CS3
Microsoft Office PowerPoint Viewer 2003
Macromedia Flash Player 8 Plugin
Microsoft Office Home and Student 2007
Microsoft Office 2007 Service Pack 2 (SP2)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Excel 2007 (KB969682)
Update for 2007 Microsoft Office System (KB967642)
Security Update for 2007 Microsoft Office System (KB969679)
Security Update for Microsoft Office Word 2007 (KB969604)
Security Update for Microsoft Office system 2007 (KB974234)
Macromedia FreeHand MXa
Windows Live Sign-in Assistant
Adobe Color NA Recommended Settings
Adobe Bridge CS3
CorelDRAW Graphics Suite X4 - IPM
Adobe Photoshop Lightroom 2.5
Adobe Captivate 2
Adobe CMaps
Adobe Color - Photoshop Specific
Microsoft .NET Framework 3.0 Service Pack 2
Adobe Soundbooth CS3
Windows Live installer
PDF Settings
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch
Adobe Reader 8.1.2
Adobe Camera Raw 4.0
Visual Basic for Applications (R) Core - English
Adobe Default Language CS3
CorelDRAW Graphics Suite X4 - VBA
MSXML 4.0 SP2 (KB936181)
Microsoft .NET Framework 2.0 Service Pack 2
SmartFTP Client 2.0
TimePanic
Microsoft XML Parser
Paragon Partition Manager 8.0 Professional
Microsoft .NET Framework 1.1
SUPERAntiSpyware Professional
Microsoft .NET Framework 3.5 SP1
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Aud-X
Adobe Version Cue CS3 Client
Adobe Setup
Adobe PDF Library Files
Adobe Setup
Adobe XMP Panels CS3
Web Chrono Desktop
U3Launcher
Visual Basic for Applications (R) Core
Adobe Color JA Extra Settings
ISO Recorder
Free Natural text to speech reader
Photo Slide Show Application
Adobe Update Manager CS3
Adobe Setup
Adobe Illustrator CS3
Update Manager
Realtek AC'97 Audio

======== Other Info ========

TOTAL PHYSICAL RAM: 770 MB

Boot Info

[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOW S2
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS2="Micr osoft Windows XP Professional" /fastdetect /NoExecute=OptIn
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Micro soft Windows XP Professional" /fastdetect


OS Type: Microsoft Windows XP Professional
Build: 5.1.2600
Service Pack: 3.0


====== Files with Hidden Attributes======

C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys
C:\NTDETECT.COM

[GretaLovejoy]

hey, when I do a Google search now and click on the links I actually am able go there now. not being redirected but still can't run Malwarebytes or super anti spyware without that error Should I uninstall and re-install?

[touch]

Quote:

Should I uninstall and re-install?

Yes, please do.

However, I would like to check and see if you have any rootkits ->

Click here
and download the installer for Gmer to your desktop, then click that file to run Gmer.


If on it's opening scan Gmer locates items shown in red or indicates "hidden" or "rootkit", stop there, and click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please. We don't want any crashes just from taking an initial look at things.

If not, then click on Scan (before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan).

When completed, click on the Copy button and rightclick on your Desktop, choose "New" > Text document. Once the file is created, open it and rightclick again and choose Paste. Copy the information and post it here please.

You can break logs into parts and use separate posts here when replying and posting the log files, if needed.

[GretaLovejoy]

below is the gmer opening scan log but it wasn't in red it is listed under the Malware/Rootkit tab in gmer but it just looks like my avast anti virus. I will post the gmer scan log next
GMER 1.0.15.15087 - http://www.gmer.net
Rootkit quick scan 2009-10-27 15:44:29
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\GRETA~1.VEL\LOCALS~1\Temp\pxliypog.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- EOF - GMER 1.0.15 ----

[GretaLovejoy]

while the gmer scan was running I got this error:

svhost.exe-Application error:
the instruction at "0x751aaedc" referenced memory at "0x751aaedc" The required data was not placed into memory because an I/O error status of "0xc000009a"

Click on OK to terminate the program
click on cancel to debug the program.

The gmer scan appeared to stop so this is the log it produced:

GMER 1.0.15.15087 - http://www.gmer.net
Rootkit scan 2009-10-27 17:46:22
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\GRETA~1.VEL\LOCALS~1\Temp\pxliypog.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xF50C76B8]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xF50C7574]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xF50C7A52]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xF50C714C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xF50C764E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xF50C708C]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xF50C70F0]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xF50C776E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xF50C772E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xF50C78AE]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS2\system32\services.exe[636] @ C:\WINDOWS2\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00380002
IAT C:\WINDOWS2\system32\services.exe[636] @ C:\WINDOWS2\system32\services.exe [KERNEL32.dll!CreateProcessW] 00380000
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\Explorer.EXE [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\ADVAPI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\RPCRT4.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\Secur32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\msvcrt.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\ole32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\NETAPI32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\WININET.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\USERENV.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\iphlpapi.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\WS2_32.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)
IAT C:\WINDOWS2\Explorer.EXE[1500] @ C:\WINDOWS2\system32\WS2HELP.dll [KERNEL32.dll!GetProcAddress] [5CB77774] C:\WINDOWS2\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume2 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume3 hotcore3.sys (A part of Paragon System Utilities/Paragon Software Group)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

[GretaLovejoy]

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@DeviceNotSelectedTimeout 15
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@GDIProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@Spooler yes
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@swapdisk
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@TransmissionRetryTimeout 90
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@USERProcessHandleQuota 10000
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs C:\WINDOWS2\system32\acaptuser32.dll
Reg HKLM\SOFTWARE\Classes\CLSID\{EF27587A-20B5-B0C9-4E69-D0844D68FE60}\InprocServer32@ C:\WINDOWS2\system32\msvidctl.dll
Reg HKLM\SOFTWARE\Classes\CLSID\{EF27587A-20B5-B0C9-4E69-D0844D68FE60}\InprocServer32@ThreadingModel Apartment
Reg HKLM\SOFTWARE\Classes\CLSID\{EF27587A-20B5-B0C9-4E69-D0844D68FE60}\TypeLib@ {B0EDF154-910A-11D2-B632-00C04F79498E}

---- Files - GMER 1.0.15 ----

File C:\Program Files\Individual Software\Professor Teaches Photoshop CS\1F\1f20.wav 0 bytes
File C:\Program Files\Individual Software\Professor Teaches Photoshop CS\1F\1f39.wav 0 bytes
File C:\Program Files\Individual Software\Professor Teaches Photoshop CS\1F\1f58.wav 0 bytes
File C:\Program Files\Individual Software\Professor Teaches Photoshop CS\1F\dragblank.png 0 bytes

---- EOF - GMER 1.0.15 ----

[GretaLovejoy]

I managed to get malwarebytes to run and it found the infections listed in the log below. I am afraid to have malwarebytes remove my C:\windows2\win32k.sys file that is infected with Trojan.Dropper. if removed will it mess up my pc? I have malwarebytes still open waiting to remove the infections till you say it is ok.

Malwarebytes' Anti-Malware 1.41
Database version: 3045
Windows 5.1.2600 Service Pack 3

10/27/2009 8:23:11 PM
mbam-log-2009-10-27 (20-22-48).txt

Scan type: Quick Scan
Objects scanned: 213263
Time elapsed: 18 minute(s), 41 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MultiDynamics_5.dll (Spyware.OnlineGames) -> No action taken.
C:\WINDOWS2\win32k.sys (Trojan.Dropper) -> No action taken.

[GretaLovejoy]

I went ahead and let malwarebytes remove the infected files. what next? Thank you so much for helping me.

[touch]

Quote:

I went ahead and let malwarebytes remove the infected files. what next

Ok, next step is, please post new combofix log.

[GretaLovejoy]

I have tried to run combofix several times and got different errors. I downloaded another copy and renamed it and ran it and it got up to step 50 and was rebooting when it said that the system couldn't find a certain file, I didn't have time to write it down and it rebooted. while I was waiitng for the log file I got a BSOD Bad Pool Caller (I think my ram might be going bad. Anyway I can't seem to run combofix without errors. is there something else I can run instead?

[touch]

Sure ->

Please run: superantispyware onlinescan
Follow the instructions on the site. When downloaded, click on – Check for updates – Button.
Under Configuration and Preferences, click the Preferences button.
Click the Scanning Control tab.
Under Scanner Options make sure the following are checked:
Close browsers before scanning
Scan for tracking cookies
Terminate memory threats before quarantining.
Ignore System Restore/Volume Information on ME and XP
Please leave the others unchecked.
On the main screen, under Scan for Harmful Software click Scan your computer.
On the left check C:\Fixed Drive.
On the right, under Complete Scan, choose Perform Complete Scan.
Click Next to start the scan. Please be patient while it scans your computer.
After the scan is complete a summary box will appear. Click OK.
Make sure everything in the white box has a check next to it, then click Next.
It will quarantine what it found and if it asks if you want to reboot, click
NO.

When the scan have finished ->
Click Preferences . Click the Statistics/Logs tab .
Under Scanner Logs , double-click SUPERAntiSpyware Scan Log .
It will open in your default text editor (such as Notepad/Wordpad).
Save the logfile to desktop
Click close and close again to exit the program.
Reboot, if needed.
Post Superantispyware log, along with new hijackthis log and tell how things are running ?


Click here: HJTInstall.exe
to download HJTinstall.exe
Save HJTinstall.exe to your desktop.
Double click on the HJTinstall.exe icon on your desktop.
By default it will install to C:\Program Files\Trend Micro\Hijack This.
Click I accept
Click on the Do a system scan and save a log file button. It will scan and then ask you to save the log.
Click Save to save the log file and then the log will open in notepad.
Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.

DO NOT have Hijack This fix anything yet.
Most of what it finds will be harmless or even required.