You have the About:Blank Homepage Hijacker:
Please re-open HiJackThis and scan.
Check the boxes next to all the entries listed below:
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title =
F2 - REG:system.ini: Shell=Explorer.exe
O4 - HKLM\..\Run: [qhiexnq] c:\windows\system32\evkgki.exe
Something has reset the Policies Explorer. The following files should also be checked- these may be the same file mentioned above. I wanted to be sure to include all of them:
O4 - HKCU\..\Policies\Explorer\Run: [ewfwn.exe] C:\WINDOWS\system\ewfwn.exe
O4 - HKCU\..\Policies\Explorer\Run: [tonhfwdfs.exe] C:\WINDOWS\system\tonhfwdfs.exe
O4 - HKCU\..\Policies\Explorer\Run: [acseixgi.exe] C:\WINDOWS\system\acseixgi.exe
O4 - HKCU\..\Policies\Explorer\Run: [vjineki.exe] C:\WINDOWS\system\vjineki.exe
O4 - HKCU\..\Policies\Explorer\Run: [lwoikrc.exe] C:\WINDOWS\system\lwoikrc.exe
O4 - HKCU\..\Policies\Explorer\Run: [nhtsbguae.exe] C:\WINDOWS\system\nhtsbguae.exe
O4 - HKCU\..\Policies\Explorer\Run: [tflwkopstf.exe] C:\WINDOWS\system\tflwkopstf.exe
O4 - HKCU\..\Policies\Explorer\Run: [pjnrj.exe] C:\WINDOWS\system\pjnrj.exe
O4 - HKCU\..\Policies\Explorer\Run: [vdqswu.exe] C:\WINDOWS\system\vdqswu.exe
O4 - HKCU\..\Policies\Explorer\Run: [tqonwtmm.exe] C:\WINDOWS\system\tqonwtmm.exe
O4 - HKCU\..\Policies\Explorer\Run: [rwugued.exe] C:\WINDOWS\system\rwugued.exe
O4 - HKCU\..\Policies\Explorer\Run: [ionamdu.exe] C:\WINDOWS\system\ionamdu.exe
O4 - HKCU\..\Policies\Explorer\Run: [unvxvuh.exe] C:\WINDOWS\system\unvxvuh.exe
O4 - HKCU\..\Policies\Explorer\Run: [nnrvq.exe] C:\WINDOWS\system\nnrvq.exe
O4 - HKCU\..\Policies\Explorer\Run: [kefdclc.exe] C:\WINDOWS\system\kefdclc.exe
O4 - HKCU\..\Policies\Explorer\Run: [waeqd.exe] C:\WINDOWS\system\waeqd.exe
O4 - HKCU\..\Policies\Explorer\Run: [ocjkfl.exe] C:\WINDOWS\system\ocjkfl.exe
O4 - HKCU\..\Policies\Explorer\Run: [xotadmai.exe] C:\WINDOWS\system\xotadmai.exe
O4 - HKCU\..\Policies\Explorer\Run: [pbvxllmnge.exe] C:\WINDOWS\system\pbvxllmnge.exe
O4 - HKCU\..\Policies\Explorer\Run: [gjowx.exe] C:\WINDOWS\system\gjowx.exe
O4 - HKCU\..\Policies\Explorer\Run: [duvt.exe] C:\WINDOWS\system\duvt.exe
O4 - HKCU\..\Policies\Explorer\Run: [cbhkcse.exe] C:\WINDOWS\system\cbhkcse.exe
O4 - HKCU\..\Policies\Explorer\Run: [nwpmrr.exe] C:\WINDOWS\system\nwpmrr.exe
O4 - HKCU\..\Policies\Explorer\Run: [adckh.exe] C:\WINDOWS\system\adckh.exe
Now close all windows other than HiJackThis, then click Fix Checked.
Close HiJackThisand reboot into Safe Mode:
Start> Run> type in 'msconfig' without quotes>enter> Selective Startup> Startup tab> UNCHECK everything EXCEPT AVG and ZoneAlarm> Apply> OK
Go to the Control Panel? Add/Remove Programs> Uninstall Adobe v6.
Right click on Start> Explore> Windows> System> do a right click> delete on any of the files in the O4 Policy Explorer entries above, such as system\ewfwn.exe and . system\tonhfwdfs.exe. Use the entries above for the list.
When through, Reboot into Normal Mode. You will get a nag message that you can close after checking 'don't show this message again'. You must stay in Selective Sartup.
Please disable the ZoneAlarm firewall when through, rescan with HijackThis and attach the log.
I suggest you consider getting the FoxIt Reader instead of updating to Adobe v9. It handles PDF files the same and does not have the bloat that comes with the Adobe product:
Foxit Reader for Windows:
http://www.foxitsoftware.com/products/
Click on the Get It Free button.
