BleepingComputer.com: I keep getting redirected to other sties when using my browser

I recently had the cycbot virus on my computer until today when I simply paid somebody else to fix it for me. My PC seems to be functioning pretty well now aside from the fact that whenever I use either IE or firefox I get randomly redirected to other irrelevant websites, usually when I click on a link from a web search (google, bing ect.). I really have no idea why this is happening. I'm not sure what information to provide. I've tried doing a full system scan using Kaspersky anti virus and it doesn't pick anything up. Any help?

(Moderator edit: post moved to more appropriate forum. jgw)

This post has been edited by jgweed: 08 September 2011 - 07:15 AM

Ooops, sorry 'bout that. Where should I put this thread?

EDIT: Disregard that, I'm an idiot.

This post has been edited by sync666: 08 September 2011 - 08:39 AM

Welcome aboard

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=============================================================================

Please download MiniToolBox and run it.

Checkmark following boxes:

• Report IE Proxy Settings
  
• Report FF Proxy Settings
  
• List content of Hosts
  
• List IP configuration
  
• List last 10 Event Viewer log
  
• List Installed Programs
  
• List Users, Partitions and Memory size

Click Go and post the result.

=============================================================================

Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

=============================================================================

Please download GMER from one of the following locations and save it to your desktop:

• Main Mirror
  This version will download a randomly named file (Recommended)
  
• Zipped Mirror
  This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.

• Disconnect from the Internet and close all running programs.
  
• Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  
• Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  
• Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
  
  
  
  
• GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  
• If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  
• Now click the Scan button. If you see a rootkit warning window, click OK.
  
• When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  
• Click the Copy button and paste the results into your next reply.
  
• Exit GMER and be sure to re-enable your anti-virus, Firewall and any other security programs you had disabled.

IMPORTANT! If for some reason GMER refuses to run, try again.
If it still fails, try to UN-check "Devices" in right pane.
If still no joy, try to run it from Safe Mode.

Sorry for the delayed reply, here are the logs:

Results of screen317's Security Check version 0.99.7
Windows 7 (UAC is disabled!)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
Kaspersky Internet Security 2011
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Java™ 6 Update 20
Out of date Java installed!
Adobe Flash Player 10.1.53.64
Adobe Reader 9.1.2
Out of date Adobe Reader installed!
Mozilla Firefox (3.6.22)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Kaspersky Lab Kaspersky Internet Security 2011 avp.exe
Kaspersky Lab Kaspersky Internet Security 2011 x64 klwtblfs.exe
``````````End of Log````````````


MiniToolBox by Farbar
Ran by Tim (administrator) on 10-09-2011 at 11:52:29
Windows 7 Home Premium (X64)

***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================


95.64.61.145 www.google.com
95.64.61.146 www.bing.com


========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Tim-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 84-2B-2B-9D-0D-CC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8cd2:a132:8de4:58db%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.12(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, 10 September 2011 8:52:32 AM
Lease Expires . . . . . . . . . . : Saturday, 10 September 2011 12:22:38 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 243542827
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-17-64-A1-84-2B-2B-9D-0D-CC
DNS Servers . . . . . . . . . . . : 211.31.138.11
211.29.132.12
198.142.0.51
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{08B96084-FE7F-4F20-8FF4-8F3AA7422A8F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:289b:3d6a:8db2:b866(Preferred)
Link-local IPv6 Address . . . . . : fe80::289b:3d6a:8db2:b866%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dnspax.mel.optusnet.com.au
Address: 211.31.138.11

Name: google.com
Addresses: 74.125.237.83
74.125.237.84
74.125.237.80
74.125.237.81
74.125.237.82


Pinging google.com [74.125.237.81] with 32 bytes of data:
Reply from 74.125.237.81: bytes=32 time=24ms TTL=56
Reply from 74.125.237.81: bytes=32 time=26ms TTL=56

Ping statistics for 74.125.237.81:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 24ms, Maximum = 26ms, Average = 25ms
Server: dnspax.mel.optusnet.com.au
Address: 211.31.138.11

Name: yahoo.com
Addresses: 72.30.2.43
98.137.149.56
209.191.122.70
67.195.160.76
69.147.125.65


Pinging yahoo.com [69.147.125.65] with 32 bytes of data:
Reply from 69.147.125.65: bytes=32 time=256ms TTL=51
Reply from 69.147.125.65: bytes=32 time=285ms TTL=51

Ping statistics for 69.147.125.65:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 256ms, Maximum = 285ms, Average = 270ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...84 2b 2b 9d 0d cc ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.12 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.12 276
192.168.0.12 255.255.255.255 On-link 192.168.0.12 276
192.168.0.255 255.255.255.255 On-link 192.168.0.12 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.12 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.12 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:289b:3d6a:8db2:b866/128
On-link
11 276 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::289b:3d6a:8db2:b866/128
On-link
11 276 fe80::8cd2:a132:8de4:58db/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/09/2011 11:59:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/09/2011 11:59:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/09/2011 08:53:56 AM) (Source: MsiInstaller) (User: Tim)Tim
Description: Product: Roxio Easy CD and DVD Burning -- Error 1706.No valid source could be found for product Roxio Easy CD and DVD Burning. The Windows Installer cannot continue.

Error: (09/09/2011 08:53:10 AM) (Source: MsiInstaller) (User: Tim)Tim
Description: Product: Roxio Easy CD and DVD Burning -- Error 1706.No valid source could be found for product Roxio Easy CD and DVD Burning. The Windows Installer cannot continue.

Error: (09/09/2011 08:52:53 AM) (Source: MsiInstaller) (User: Tim)Tim
Description: Product: Roxio Easy CD and DVD Burning -- Error 1706.No valid source could be found for product Roxio Easy CD and DVD Burning. The Windows Installer cannot continue.

Error: (09/09/2011 01:16:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/09/2011 01:16:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/09/2011 01:16:50 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.

Error: (09/09/2011 00:30:48 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.

Error: (09/09/2011 00:30:26 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (09/10/2011 09:00:11 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MANDY-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{08B96084-FE7F-4F20-8FF4-8F3AA7422A8F}.
The master browser is stopping or an election is being forced.

Error: (09/10/2011 08:52:43 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (09/10/2011 08:52:43 AM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (09/10/2011 08:52:39 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RxFilter

Error: (09/10/2011 08:52:31 AM) (Source: Service Control Manager) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (09/10/2011 08:36:22 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Driver Service service has reported an invalid current state 32.

Error: (09/10/2011 08:36:07 AM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer MANDY-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{08B96084-FE7F-4F20-8FF4-8F3AA7422A8F}.
The master browser is stopping or an election is being forced.

Error: (09/10/2011 08:35:06 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RxFilter

Error: (09/10/2011 08:35:00 AM) (Source: Service Control Manager) (User: )
Description: The SessionLauncher service failed to start due to the following error:
%%2

Error: (09/10/2011 04:55:03 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Driver Service service has reported an invalid current state 32.


Microsoft Office Sessions:
=========================
Error: (09/09/2011 11:59:34 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (09/09/2011 11:59:34 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (09/09/2011 08:53:56 AM) (Source: MsiInstaller)(User: Tim)Tim
Description: Product: Roxio Easy CD and DVD Burning -- Error 1706.No valid source could be found for product Roxio Easy CD and DVD Burning. The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/09/2011 08:53:10 AM) (Source: MsiInstaller)(User: Tim)Tim
Description: Product: Roxio Easy CD and DVD Burning -- Error 1706.No valid source could be found for product Roxio Easy CD and DVD Burning. The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/09/2011 08:52:53 AM) (Source: MsiInstaller)(User: Tim)Tim
Description: Product: Roxio Easy CD and DVD Burning -- Error 1706.No valid source could be found for product Roxio Easy CD and DVD Burning. The Windows Installer cannot continue.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/09/2011 01:16:50 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (09/09/2011 01:16:50 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (09/09/2011 01:16:50 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (09/09/2011 00:30:48 AM) (Source: SideBySide)(User: )
Description: c:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dllc:\program files (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll2

Error: (09/09/2011 00:30:26 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8


=========================== Installed Programs ============================

Adobe Flash Player 10 ActiveX (Version: 10.3.183.7)
Adobe Flash Player 10 Plugin (Version: 10.1.53.64)
Adobe Reader 9.1.2 (Version: 9.1.2)
µTorrent (Version: 3.0.0)
Click to Call with Skype (Version: 5.6.8153)
Dell DataSafe Local Backup - Support Software
Dell DataSafe Local Backup (Version: 9.4.40)
Dell Dock (Version: 2.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
DirectXInstallService (Version: 9.0.2)
EMC 10 Content (Version: 1.0.035)
EMCGadgets64 (Version: 1.0.302)
Intel® Control Center (Version: 1.2.0.1006)
Intel® Rapid Storage Technology (Version: 9.5.0.1037)
IrfanView (remove only) (Version: 4.30)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (64-bit) (Version: 6.0.200)
Java™ 6 Update 20 (Version: 6.0.200)
Junk Mail filter update (Version: 14.0.8117.416)
Kaspersky Internet Security 2011 (Version: 11.0.1.400)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Search Enhancement Pack (Version: 1.2.123.0)
Microsoft Silverlight (Version: 3.0.40624.0)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
MotioninJoy ds3 driver version 0.6.0003 (Version: 0.5.0001)
Mozilla Firefox (3.6.22) (Version: 3.6.22 (en-GB))
MSVCRT (Version: 14.0.1468.721)
Multimedia Card Reader (Version: 1.4.915.1)
Nexon Game Manager
NVIDIA Drivers (Version: 1.10)
NVIDIA PhysX (Version: 9.09.0814)
Realtek High Definition Audio Driver (Version: 6.0.1.5953)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy CD and DVD Burning (Version: 10.3)
Roxio Easy CD and DVD Burning (Version: 10.3.106)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio File Backup (Version: 1.3.0)
Roxio Update Manager (Version: 6.0.0)
Skype™ 5.5 (Version: 5.5.115)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
THX TruStudio PC (Version: 1.0)
VD64Inst (Version: 1.00.0000)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Toolbar (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8117.0416)
WinRAR 4.01 (64-bit) (Version: 4.01.0)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 3959.08 MB
Available physical RAM: 2563.01 MB
Total Pagefile: 7916.3 MB
Available Pagefile: 6310.45 MB
Total Virtual: 4095.88 MB
Available Virtual: 3986.04 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:920.56 GB) (Free:762.85 GB) NTFS

========================= Users: ========================================

User accounts for \\TIM-PC

Administrator Guest Tim


**** End of log ****


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7688

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

10/09/2011 11:57:21 AM
mbam-log-2011-09-10 (11-57-21).txt

Scan type: Quick scan
Objects scanned: 176925
Time elapsed: 1 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\temp\R66v.exe (Exploit.Drop) -> Quarantined and deleted successfully.


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-09-10 12:09:30
Windows 6.1.7600
Running: jgl0y57r.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792

---- EOF - GMER 1.0.15 ----

We'll start with fixing your "hosts" file.

Please, go here: http://support.microsoft.com/kb/972034#FixItForMeAlways and click on "Fix it" button to reset your "hosts" file.

Re-run MiniToolbox with only this checked:

List content of Hosts

Post MT log.

This is all I got:

MiniToolBox by Farbar
Ran by Tim (administrator) on 10-09-2011 at 13:28:01
Windows 7 Home Premium (X64)

***************************************************************************
Hosts file not detected in the default directory

**** End of log ****

We need to rebuild "hosts" file.

Open Notepad.
Paste the following text into it:

# Copyright © 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost

Go File>Save As and...

1. Name the file hosts. (no extension; make sure there is just a "dot" at the end <--- VERY IMPORTANT!)
2. Make sure, "Save as type:" is set to "All Files (*.*)
3. File is saved to C:\WINDOWS\SYSTEM32\DRIVERS\ETC folder



Re-run MT and post its log.

Here:

MiniToolBox by Farbar
Ran by Tim (administrator) on 10-09-2011 at 13:58:47
Windows 7 Home Premium (X64)

***************************************************************************
========================= Hosts content: =================================




**** End of log ****

Good.
How is redirection?

everything seems to be going smoothly, thank you for the help.

Cool

Run couple more tools for me...

Download Temp File Cleaner (TFC)
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

Please run a free online scan with the ESET Online Scanner

• Disable your antivirus program
  
• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• Accept any security warnings from your browser.
  
• Check Scan archives
  
• Click Start
  
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  
• When the scan completes, push List of found threats
  
• Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.