Sorry for the delay.
You are running two antivirus programs> AVG and Avira. Please remove one of them. Update and do a full system scan with the AV you keep. Save the log.
I advise you to change your passwords. Some of the malware may have compromised the current passwords.
Please reopen HijackThis to 'do system scan only'.
Check the following entries if present:
C:\Program Files\Viewpoint\Common\ViewpointService.exe
(The following are all portals to AOL:
http://hp-desktop.aol.com/)
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://us7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-us7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us7.hpwis.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-us7.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-us7.hpwis.com/
P2P Warning: Advise Stop, then Uninstall.
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fmz.qiwa.com
Free Music Zilla is a simple tool specialized for social music downloading, ... A P2P file-sharing freeware fully compatible with BitTorrent ...
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
Close all open Windows except HijackThis. Click on 'Fix Checked'
Boot into Safe Mode
[*] Restart your computer and start pressing the F8 key on your keyboard.
[*] Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.
Click on Start> Run> type in msconfig> enter> Selective Startup> Startup tab> UNCHECK all Viewpoint and FreeZilla entries> Apply> OK.
Suggest both Viewpoint and FreeZilla be uninstalled in Add/Remove Programs in the control Panel.
Please temporarily disable this Real Time Protection:
Disable AdWatch:
- Right click on the Ad-Watch icon in the system tray.
- At the bottom of the screen there will be two checkable items:
[o] Active: This will turn Ad-Watch On\Off without closing it.
[o]Automatic: Suspicious activity will be blocked automatically.
- Uncheck both of those boxes.
(When done, you can re-enable it using the same steps but this time check both boxes.)
Please download ComboFix
HERE:
- With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
- Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection.
- Run Combo-Fix.exe and follow the prompts.
(Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later.)
- Wait for the scan to be completed.
- If it requires a reboot, please do it.
• After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)
Do not click on the ComoboFix window, as it may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Follow with new scan with HijackThis. Attach new log.
Summary:
Remove one AV program.
Do scan with remaining AV program. Attach log.
Remove HijackThis entries.
Stop AdWatch
Run Combofix and attach report
new log for HijackThis.