Vista Security Center infection - tried everything!!!

I have been looking for hours and have tried everything I have found... to no avail. I cannot: open any antivirus, open any downloaded programs, restore, access my c drive, enter safe mode, run or search for the program, rename anything and anytime I access programs online, it shuts down my IE and the pop-ups return. The only thing I have managed is to bring up task manager... woopee. I read in another post about posting some logs; I could not even download the last program, so I only have these two logs...

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
ProfileImagePath REG_EXPAND_SZ %systemroot%\system32\config\systemprofile

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
ProfileImagePath REG_EXPAND_SZ %SystemRoot%\ServiceProfiles\LocalService

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20
ProfileImagePath REG_EXPAND_SZ %SystemRoot%\ServiceProfiles\NetworkService

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-828089013-1078894694-3421599472-1000
ProfileImagePath REG_EXPAND_SZ C:\Users\Kindra

ProfileImagePath REG_EXPAND_SZ %SystemRoot%\ServiceProfiles\LocalService
ProfileImagePath REG_EXPAND_SZ %SystemRoot%\ServiceProfiles\NetworkService
SystemRoot REG_SZ C:\Windows


and

Running from: C:\Users\Kindra\Desktop\Win32kDiag.exe

Log file at : C:\Users\Kindra\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\Windows'...



Cannot access: C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl

I realize there are numerous posts regarding this, but I have not been able to do any of the suggested solutions. Please help... also, not computer stupid, but not entirely literate either.... HELP!!!!

Sorry, got ahead of myself. Here is the Hijack Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:32 AM, on 3/11/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files (x86)\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e.exe
C:\Users\Kindra\Desktop\winlogon.scr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe (file missing)
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11788 bytes

Okay, it is 1240 and I have to sign off for now, but I will check back asap... please someone help!!!

Hi again. Please do these steps in order.

1. Please download TFC by OldTimer to your desktop

• Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  
• It will close all programs when run, so make sure you have saved all your work before you begin.
  
• Click the Start
  button to begin the process. Depending on how often you clean temp
  files, execution time should be anywhere from a few seconds to a minute
  or two. Let it run uninterrupted to completion.
  
• Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

2. Please download Malwarebytes Anti-Malware from Malwarebytes.org.
Alternate link: BleepingComputer.com.
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• Please save the log to a location you will remember.
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy and paste the entire report in your next reply.
  

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

3. Please visit this webpage for instructions for downloading and running SUPERAntiSpyware (SAS) to scan and remove malware from your computer:

http://www.bleepingcomputer.com/virus-removal/how-to-use-superantispyware-tutorial

Post the log from SUPERAntiSpyware when you've accomplished that.

4. Please run a free online scan with the ESET Online Scanner

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic
  

5. Post the following in your next reply:

• MBAM log
  
• SAS log
  
• ESET log

And, please tell me how your computer is doing.

Sorry so long in responding, my computer got completely locked up. I was somehow able to (after hundreds of attempts!) get the computer to boot in safe mode, did a system restore to two days before the virus, and started on the steps outlined above. Both the Malware and Superspy scans took over and hour and a half each, so I haven't finished the last scan. I will do so this evening and then finally post the reports here. I don't want anyone to think I was not grateful for this help!!! Thanks!!!

Ok. Post it when you want me to review it.

Okay, finally done.

MBAM Log
Malwarebytes' Anti-Malware 1.44
Database version: 3855
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

3/11/2010 9:39:40 PM
mbam-log-2010-03-11 (21-39-40).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 311427
Time elapsed: 1 hour(s), 29 minute(s), 20 second(s)

SuperAntiSpyware Log
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 03/11/2010 at 11:17 PM

Application Version : 4.34.1000

Core Rules Database Version : 4665
Trace Rules Database Version: 2477

Scan type : Complete Scan
Total Scan Time : 01:22:09

Memory items scanned : 708
Memory threats detected : 0
Registry items scanned : 7647
Registry threats detected : 0
File items scanned : 38704
File threats detected : 178

Adware.Tracking Cookie
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@burstnet[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@media6degrees[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@advertising[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@pointroll[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@cdn4.specificclick[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@insightexpressai[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@bs.serving-sys[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@247realmedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@trafficmp[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@serving-sys[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@atdmt[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@specificclick[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@invitemedia[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@lucidmedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@ads.pointroll[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@content.yieldmanager[3].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@doubleclick[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@oasn04.247realmedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@t.pointroll[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@a1.interclick[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@apmebf[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@casalemedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@track.freezinger[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@adserve.amazingrewardsonline[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@specificmedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@mediaplex[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@interclick[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@avgtechnologies.112.2o7[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@tribalfusion[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@content.yieldmanager[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\kindra@www.burstnet[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@www.socialtrack[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@lfstmedia[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@target.db.advertising[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@westernunionglobal.112.2o7[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@trafficmp[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@randomhouse.122.2o7[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ads.addynamix[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@clients.pointroll[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@richmedia.yahoo[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@imrworldwide[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ads.pointroll[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ads.pointroll[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@dc.tremormedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@media.adfrontiers[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@advertising[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@content.yieldmanager[3].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@adecn[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@doubleclick[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@atdmt[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ads.veoh[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@247realmedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@azjmp[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@content.yieldmanager[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@smartadserver[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ads.ad4game[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@oasc12.247realmedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@www.googleadservices[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@www.googleadservices[5].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@yieldmanager[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@avgtechnologies.112.2o7[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ad.jmg[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ev.ads.pointroll[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@www.googleadservices[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@cdn4.specificclick[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@s.clickability[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@pointroll[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@entrepreneur.122.2o7[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@oasn04.247realmedia[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@statcounter[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@statcounter[3].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@adtech[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@apmebf[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@videoegg.adbureau[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ad.wsod[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@network.alluremedia.com[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@sales.liveperson[3].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@sales.liveperson[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@intermundomedia[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@specificmedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@lucidmedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@starz.122.2o7[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@affiliate.zantracker[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@atlas.entrepreneur[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@adserver.adtechus[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@higheroneaccount[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@adinterax[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@burstbeacon[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@dmtracker[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@invitemedia[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@invitemedia[3].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@invitemedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@media6degrees[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ads.bootcampmedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@statse.webtrendslive[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@app.insightgrit[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@interclick[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@paypal.112.2o7[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@adbureau[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@linksynergy[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@vantagemedia.vameusc[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@msnservices.112.2o7[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@login.tracking101[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@bravenet[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@insightexpressai[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@bs.serving-sys[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@guthyrenker.112.2o7[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ads.bridgetrack[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@entrepreneur[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@kontera[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@clicksor[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@cgm.adbureau[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@adlegend[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@adserve.brandgivewaycentre[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ads.comotionmedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@myroitracking[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@track.freezinger[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@media.expedia[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@gr.burstnet[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ad.yieldmanager[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@casalemedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@www.burstbeacon[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@mediaplex[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@xm.xtendmedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@toplist[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ads.ourstage[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ads.belointeractive[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ads.undertone[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ehg-techtarget.hitbox[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@rotator.adjuggler[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@microsoftwindows.112.2o7[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@csi-tracking[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@zillow.adbureau[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@zedo[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@tacoda[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@a1.interclick[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@highbeam.122.2o7[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@rotator.hadj7.adjuggler[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@insightbb[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@www.velmedia[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@questionmarket[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@tribalfusion[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@revsci[3].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@realmedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@eas.apm.emediate[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@questionmarket[3].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@qnsr[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@adbrite[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@serving-sys[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@www.burstnet[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@crackle[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@revsci[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@nextag[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@popcapgames.122.2o7[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@network.realmedia[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@network.realmedia[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@www.burstnet[3].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@xiti[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@chitika[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@burstnet[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@fastclick[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@realmedia[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@specificclick[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ads.financialcontent[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@adbrite[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@advertising.healthguru[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@viacom.adbureau[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@lynxtrack[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@server.cpmstar[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@stat.onestat[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@adserve.amazingrewardsonline[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ehg-yamahamotors.hitbox[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@electronicarts.112.2o7[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@ads.hairboutique[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@at.atwola[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@collective-media[2].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@surveymonkey.122.2o7[1].txt
C:\Users\Kindra\AppData\Roaming\Microsoft\Windows\Cookies\Low\kindra@yieldmanager[2].txt

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

The ESET scan did not give me a log, I checked the file, but nothing is there except the activex and the uninstall. It found and deleted one file.

Everything seems to be working like a champ now. What would you suggest I do in order to prevent this thing from hitting me again?

Thanks a million for your help!

To manually create a new Restore Point

• Go to Control Panel and select System and Maintenance
  
• Select System
  
• On the left select Advance System Settings and accept the warning if you get one
  
• Select System Protection Tab
  
• Select Create at the bottom
  
• Type in a name i.e. Clean
  
• Select Create

Now we can purge the infected ones

• Go back to the System and Maintenance page
  
• Select Performance Information and Tools
  
• On the left select Open Disk Cleanup
  
• Select Files from all users and accept the warning if you get one
  
• In the drop down box select your main drive i.e. C
  
• For a few moments the system will make some calculations
  
• Select the More Options tab
  
• In the System Restore and Shadow Backups select Clean up
  
• Select Delete on the pop up
  
• Select OK
  
• Select Delete

You are now done

To remove all of the tools we used and the files and folders they created, please do the following:
Please download OTC.exe by OldTimer:

• Save it to your Desktop.
  
• Double click OTC.exe.
  
• Click the CleanUp! button.
  
• If you are prompted to Reboot during the cleanup, select Yes.
  
• The tool will delete itself once it finishes.
  

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

==

Please download TFC by OldTimer to your desktop

• Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  
• It will close all programs when run, so make sure you have saved all your work before you begin.
  
• Click the Start
  button to begin the process. Depending on how often you clean temp
  files, execution time should be anywhere from a few seconds to a minute
  or two. Let it run uninterrupted to completion.
  
• Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

==

Download Security Check by screen317 from SpywareInfoforum.org or Changelog.fr.

• Save it to your Desktop.
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Have been trying for some time to download OTC. When I click the link, it opens a new window and sits there forever... will try again later...

OK. No biggie. Continue with Security Check.

The OTC only deleted itself...

Here is the log from the security check.

Results of screen317's Security Check version 0.99.1
Windows Vista (UAC is enabled)
Out of date service pack!!
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
AVG Free 8.5
Avira AntiVir Personal - Free Antivirus
WMIC entry does not exist for antivirus; attempting automatic update.
Avira updated!
``````````````````````````````
Anti-malware/Other Utilities Check:
SUPERAntiSpyware Free Edition
Java(TM) 6 Update 15
Java(TM) 6 Update 7
Out of date Java installed!
Adobe Flash Player 10
Adobe Reader 9.3
``````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSASCui.exe
``````````````````````````````
DNS Vulnerability Check:
Unknown. This method cannot test your vulnerability to DNS cache poisoning.

`````````End of Log```````````

BTW - I updated Java and SP2...

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

Firewall

• Tallemu Online Armor: the free version is just as good as the premium. I have linked you to the free version.
  
• Comodo Firewall: the free version is just as good as the premium. I have linked you to the free version. The optional security suite enhances the firewall by 40% increase. If you would like to install the suite that includes antivirus, then remove your old antivirus first.
  
• PC Tools Firewall Plus: free and excellent firewall.

AntiSpyware

• SpywareBlaster
  SpywareBlaster is a program that prevents spyware from installing on your computer. A tutorial on using SpywareBlaster may be found here.
  
• Spybot - Search & Destroy.
  Spybot - Search & Destroy is a spyware and adware removal program. It also has realtime protection, TeaTimer to help safeguard your computer against spyware. (The link for Spybot - Search & Destroy contains a tutorial that will help you download, install, and begin using Spybot).
  

NOTE: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Rogue programs help
There are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:
http://www.spywarewarrior.com/rogue_anti-spyware.htm

Securing your computer

• Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  
• hpHosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.
  

Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:

• Firefox may be downloaded from here: http://www.getfirefox.com
  
• Opera is available here: http://www.opera.com/download/
  

See this page for more info about malware and prevention.

Thank you for choosing GeekPolice. Please see this page if you would like to leave feedback or contribute to our site. Do you have any more questions?

No, I am so thankful for all your help! Will definitely see about donating and will be sure to let everyone know about you guys!

Thanks again!

You're welcome.