Welcome to TechSpot, oates. I';d like to get you back on track. Unfortunately, the information you've had so far is useless and incorrect.
Your searches are going to a website in Poland- your Host files have been hijacked.
Please reopen Hijackthis to
'do system scan only'. Check each of the following if present: Note: the 2 Optional Removals are in green. Check all others:
O1 - Hosts: ::1 localhost
O1 - Hosts: 91.212.127.227 antiviraprof-2009.microsoft.com
O1 - Hosts: 91.212.127.227 antiviraprof2009.com
O1 - Hosts: 91.212.127.227 www.antiviraprof2009.com
O1 - Hosts: 78.159.110.41 www.google.com
O1 - Hosts: 78.159.110.41 www.google.de
O1 - Hosts: 78.159.110.41 www.google.fr
O1 - Hosts: 78.159.110.41 www.google.co.uk
O1 - Hosts: 78.159.110.41 www.google.com.br
O1 - Hosts: 78.159.110.41 www.google.it
O1 - Hosts: 78.159.110.41 www.google.es
O1 - Hosts: 78.159.110.41 www.google.co.jp
O1 - Hosts: 78.159.110.41 www.google.com.mx
O1 - Hosts: 78.159.110.41 www.google.ca
O1 - Hosts: 78.159.110.41 www.google.com.au
O1 - Hosts: 78.159.110.41 www.google.nl
O1 - Hosts: 78.159.110.41 www.google.co.za
O1 - Hosts: 78.159.110.41 www.google.be
O1 - Hosts: 78.159.110.41 www.google.gr
O1 - Hosts: 78.159.110.41 www.google.at
O1 - Hosts: 78.159.110.41 www.google.se
O1 - Hosts: 78.159.110.41 www.google.ch
O1 - Hosts: 78.159.110.41 www.google.pt
O1 - Hosts: 78.159.110.41 www.google.dk
O1 - Hosts: 78.159.110.41 www.google.fi
O1 - Hosts: 78.159.110.41 www.google.ie
O1 - Hosts: 78.159.110.41 www.google.no
O1 - Hosts: 78.159.110.41 search.yahoo.com
O1 - Hosts: 78.159.110.41 us.search.yahoo.com
O1 - Hosts: 78.159.110.41 uk.search.yahoo.com
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) (AVG)
O15 - Trusted Zone: .somethingcool.com[/url] (HKLM)>> See Optional 1
O17 - HKLM\Software\..\Telephony: DomainName = lesterville.wan>> See Optional 2
Optional 1: Trusted Zone: somethingcool.com
I would encourage removing this from the Trusted sites. It is a legitimate entry, but no reason for it to be able to pass the lower security for this zone-
Optional 2: unidentified> lesterville.wan
I can't identify this. Do you have a network set up in the Lesterville area or group> If not, check for removal.
Close all Windows except HijackThis and click on
"Fix Check."
Please download ComboFix
HERE:
- With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
- Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection.
- Run Combo-Fix.exe and follow the prompts.
(Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later.)
- Wait for the scan to be completed.
- If it requires a reboot, please do it.
• After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)
Notes:
1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Include Combofix report in next reply.
You have 2 out of date Adobe Reader entries. These are vulnerabilities: Acrobat 5.0 and Acrobat 7.0
Visit this
Adobe Reader site get the most current version, v9.xx
Uninstall any earlier updates as they are vulnerabilities.
Rescan with HijackThis and include a new log.