before i post the log, i have a few problems with this infection. first, pc-cillin doesn't detect it. so i tried housecall on trend micro's website, it doesn't find anything either. tried free scan on panda's website, same thing. tried AVG 7 it won't finish installing, there is an error on the last step. in addition to all of that, when i ctrl+alt+del taskmanager, logoff, and shutdown are disabled. tried running taskman from cmd prompt and run, both will not work. i cannot access the run menu at all. when i click it i get this error message, "this operation has been cancelled due to restrictions in effect on this computer. please contact your system administrator." also, internet explorer has disabled my ability to set home page. here is my hjt log.

i read through the pre-work sticky and performed all of the tasks in safe mode. my problem still persists. my hjt log is in the attachment.

Attached Files

hijackthis.log (6.1 KB, 1 views)

Please download Combofix from HERE or HERE

Save ComboFix to the desktop.
1. Double click on combo.exe & follow the prompts.
2. When finished, it will produce a logfile located at C:\ComboFix.txt.
3. Copy and Paste the contents of that log in your next reply with a new hijackthis log. Do not use Code or html unless asked for.
Note: Do not mouseclick combofix's window while it is running. That may cause your system to stall/hang.

k, ran combofix.exe and hjt again. here are the logs.

Attached Files

	hijackthis.log (5.9 KB, 1 views)
	ComboFix.txt (12.1 KB, 2 views)

Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.
It's IMPORTANT to carry out the instructions in the sequence listed below.

1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Open *notepad* and copy/paste the text in the quotebox below into it:

Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop.


Refering to the picture above, drag CFScript.txt into ComboFix.exe
Restart your computer.
When finished, it shall produce a log for you at C:\ComboFix.txt
Please copy and paste the ComboFix.txt along with a fresh HijackThis log in your next reply please.

*Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall*

k, here's the new combofix and hjt log.

Attached Files

	ComboFix.txt (13.8 KB, 1 views)
	hijackthis.log (5.9 KB, 1 views)

Ok.Just need to tidy these up and you are all done

Have "Hijack This" fix all the following items in the list below by placing a check in the appropriate boxes.Confirm that you have only the listed ones checked, then press <Fix checked> and Close HJT.

O24 - Desktop Component 0: (no name) - C:\Program Files\WindowsUpdate\woqoqakik.html
O24 - Desktop Component 1: (no name) - C:\Program Files\MSN\tenen.html

========================

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. It is possible that you may be running Java code in your applications that absolutely require a specific version of the JRE to run.
Please follow these steps to remove older version Java components and update.
Updating Java:
Download the latest version of the Java Runtime Environment - (JRE) 6 Update 3.
Scroll down to where it says "Java Runtime Environment (JRE) 6u3 allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u3-windows-i586-p.exe to install the newest version.

=============================

Follow the instructions here and download Service Pack (SP2)


post a new HJT log when done...