...I also ran Hijack This and
found nothing suspicious.
What version of HijackThis? How do you know there's nothing suspicious in
the log? See below ("When all else fails...").
Dealing with Trojans & Hijackware (Do parts A and B):
A. Removing Trojans and Trojanware with Sysclean
Create a new folder named Sysclean (e.g., C:\Program files\Sysclean or just
a desktop folder). Download 'Sysclean.com' from
http://www.trendmicro.com/download/dcs.asp to this folder. Download the
latest 'Trend Pattern File' zip (e.g., lpt123.zip) from
http://www.trendmicro.com/download/pattern.asp and extract its contents to
the same folder; see the Readme text file for instructions.
Delete Temporary Internet Files (IE Tools>Internet Options>General)
accepting the option to delete all offline content. Reboot and delete
contents of TEMP folders and Recycle Bin.
Close all running programs including your anti-virus application, go
offline, and run Sysclean. For best results, do nothing with the machine
until the scan completes.
If the scan shows any infections in System Restore files:
(1) create a new Restore Point (Start>Programs>Accessories>System
Tools>System Restore), then
(2) delete all but the most recent Restore Point
(Start>Programs>Accessories>System Tools>Disk Cleanup>More options [tab]).
Afterwards, update your own anti-virus application and perform another full
system scan.
B. Hijackware
Help with Hijackware (all are MS MVP sites)
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/Darnit.htm
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine.blogspot.com/
Run the following tools in this order with nothing else running in
background:
1. CWShredder v2.13 (choose Fix, not Scan)
2. Ad-Aware SE (Reconfigure per
http://aumha.net/viewtopic.php?t=5877; Fix
all found)
3. OPTIONAL: Spybot (RTFM; Immunize first and then scan; Generally, fix
everything in red)
Important: You must seek updates for Ad-Aware and Spybot before each and
every use, even "right out of the box". But even they can't catch
everything, 24/7.
When all else fails, HijackThis
(
http://aumha.net/downloads/hijackthis.zip) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware. **Post
your files to
http://forums.spywareinfo.com/,
http://castlecops.com/forum67.html or
http://aumha.net/viewforum.php?f=30
for expert analysis, not here.**
[Alternate download pages for many of the above tools may be found at
http://aumha.org/a/parasite.htm.]
So How Did I Get Infected Anyway?
http://boards.cexx.org/viewtopic.php?t=957