OK, this is my first stab at fixing someone else's malware problem. So you may want to wait to implement until my solution has been vetted by someone more knowledgable.
First, Download ComboFix (Avenger or MalwareBytes might also work)
http://forums.techguy.org/malware-removal-hijackthis-logs/836138-problem-rootkit-agent.html
(look at the bottom of the page for the links and some instructions) and/or Google them to find the downloads. You may not be able to retrieve them from the official sites.
SuperAntiSpyware should be able to kill off HP_admin.
Optional, but not in my opinion: download a good hosts file like this one:
http://www.mvps.org/winhelp2002/hosts.htm
it's easy to read. All the sites listed are bad. If you inadvertantly click on one while in your browser the address is CHANGED to your local machine. So you don't go to the bad spot. Look about halfway down the page for the download and/or to just look at the entries. And if you can't get to a site or advert you want to go to, simply remove it from the hosts. file using Notepad or WordPad.
Second, turn off your system restore. Right click My Computer, select Properties. Select the System Restore tab. Click the turn off checkbox and select apply. This will remove all the restore points you've made so far. But they are probably infected so they're not usable anyway.
Next, << I >> would disconnect from the internet. Just pull the router plug.
Third, shut down or suspend all other programs including the firewall, any anti-virus such as AVG and Symantec/Norton. You can do this from the icons on the system tray and verify in the task manager.
Fourth, I would clean out the prefetch directory/folder. It's in C:\windows\prefetch. Open it, select all files and delete them all. (there's a registry entry for this you can change later if you want to know more).
Fifth, for grins and optional, open the device manager (right click My Computer, Properties, hardware, device manager). Once there click View, Show Hidden Devices. Open Non Plug and Play and uacd should be there. (you can manually remove it, but let's let ComboFix do it - that's not the only step). You can also verify the location of HP_admin by looking in your docs and settings.
Sixth, install and run ComboFix to fix uacd (and it will also install the windows recovery console, a useful tool). Run SuperAntiSpyware and it will kill HP_Admin.
Here is where I'd install the hosts. file. If you have XP it's at C:\windows\system32\drivers\etc\hosts. You can rename the one that's there or delete it. Or if you downloaded it from the site above, it may install it for you, I don't remember.
Reattach to the internet. Reboot (this shuold go fast since no prefetch). Verify both problems are gone (see fifth step above). Verify your virus checker and firewall are running. Turn on system restore.
Last, you may want to do some clean up in MSConfig, but deal with that later. I think that's it. This has taken me FOREVER to type. Hope it helps you. Good luck!
