Hello again,
You seem to have the old Ewido which is AVG Anti Spyware now. Please
remove Ewido from Add/Remove Programs in Control Panel.
===========================
Run HiJackThis;
1. Click "
Open the Misc Tools Section"
2. Click "
Open Process manager"
Next, while holding down the CTRL key, locate (if present) and click on (highlight) each of the following;
C:\WINDOWS\scvhost.exe <===
be very careful about the spelling.
Now double-check and make sure that only those item(s) above are highlighted, then click "
Kill process". Now, click "
Refresh", check again, and repeat this step if any remain.
Still on
Misc Tools
Click on
Delete a File On Reboot
Click once on the file below to select it:
c:\windows\
scvhost.exe
Click on the
Back button to exit Process Manager
Now, back at the main screen of HijackThis, click on
Scan and put a check in front of the following
O4 - HKLM\..\Run: [Windows] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [Windows] C:\WINDOWS\scvhost.exe
O4 - HKLM\..\RunServices: [Windows] C:\WINDOWS\scvhost.exe
Make sure that all browsers/windows/applications, etc other than HijackThis are closed before clicking on "
fix checked".
==============================
Delete the following
files and
folders:
C:\Program Files\
ewido anti-spyware 4.0
C:\Program Files\
CAA iRC
C:\
SDFix
SDFix from your desktop:
===============================
Please download hoster from the link below.
Download the Hoster Here:
http://www.funkytoad.com/download/hoster.zip- Unzip Hoster to your desktop
- Open up the Hoster program.
- Make sure that the "make hosts writable?" button in the upper right corner is enabled.
- Click back up Host files
- then click Restore original host files
- Close program when complete.
Warning: if you use a customized hosts file to block certain sites then this will overwrite all those entries as well and you will need to re enter them
=============================
I noticed that you are using a lot of file sharing programs. I think the nature of P2P filesharing is so that even if one is using a "clean" program, many of the files downloaded from non-documented sources have the potential of being infected. So, regardless of whether one is using a "clean" program, one may still be prone to infection by malware. I would recommend that you stay away from them.
=============================
Download the latest version of
Java Runtime Environment (JRE) 5.0 Update 10.
- Scroll down to where it says " Java Runtime Environment (JRE) 5.0 Update 10
The J2SE Runtime Environment (JRE) allows end-users to run Java applications.".
- Click the "Download" button to the right.
- Check the box that says: "Accept License Agreement".
- The page will refresh.
- Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
- Close any programs you may have running - especially your web browser.
- Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
- Check any item with Java Runtime Environment (JRE or J2SE) in the name.
- Click the Remove or Change/Remove button.
- Repeat as many times as necessary to remove each Java versions.
- Reboot your computer once all Java components are removed.
- Then from your desktop double-click on jre-1_5_0_010-windowsi586-p.exe to install the newest version.
==============================
Please post back
a fresh HijackThis log and let me know how the computer is running now.