Access Denied

Please help!!!!!

My computer will not allow me to go into add or delete programs, it says access denier as I do not have authority and to contact the system administrator, this is my PC (laptop) and only myself and my husband have accounts set up on the computer, i've tried under his account and will says the same. How can I get this sorted?

We keep getting this message appear a windows security alert, Warning Potential spyware operation. How can I stop this appearing??

Thanks
Hannah

You may be better off posting this in the [FONT=Verdana]Virus, Spyware & Security forum [/FONT]

Threads merged.

Moved to Virus, Spyware & Security forum.

Let us see a log from HijackThis please.

Download HijackThis to your desktop.
Double-click on the file you just downloaded.
Click on the "Install" button to install.
It will by default install to the directory - C:\Program Files\Trend Micro\HijackThis
Please do not change the default install location.
Upon install, HijackThis should open for you.

Next click on the "Do a system scan and save a log file" button.
HijackThis will scan and then a log will open in notepad.
In the top left of the notepad window click "File" > "Save As" name it hijackthis and then save it to the Desktop.
Please save the log as a text (.txt) file or .log
Do NOT attach MS-Word .DOC files, they will NOT be looked at!
In your post, add the log as an Attachment.
* Don't have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.
** Don't use the Analyse This button. It's findings are dangerous if misinterpreted.

Guide for attaching logs to a post

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:42:43 PM, on 11/25/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\printer.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Samsung\DisplayManager\dmhkcore.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\PCPrivacyTool\mc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
C:\Program Files\Common Files\AVSystemCare\bm.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Easy SpyRemover\EasySpyRemover.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tiscali.co.uk/broadband
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AVStation Premium 3.75] C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\DisplayManager\DMLoader.exe
O4 - HKLM\..\Run: [DisplayManager] C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\AVSystemCare\bm.exe" dm=http://avsystemcare.com; ad=http://avsystemcare.com
O4 - HKLM\..\Run: [Salestart(1)] "C:\Program Files\Common Files\PCPrivacyTool\mc.exe" dm=http://pcprivacytool.com; ad=http://pcprivacytool.com
O4 - HKLM\..\Run: [rtasks] C:\Program Files\AVSystemCare\rtasks.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: system.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: autorun.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Exif Launcher 2.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.co.uk/broadband
O17 - HKLM\System\CCS\Services\Tcpip\..\{6309F0DB-E1B6-4D47-83F0-111ED3BCCD32}: NameServer = 212.139.132.24 212.139.132.25
O20 - AppInit_DLLs: sulimo.dat
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
--
End of file - 9608 bytes

Hope this helps??

You definitely have some very nasty infections.

1. Download Malwarebytes' RogueRemover Free
2. Double click the icon to install RogueRemover and then start the program.
3. Press Check for Updates.
4. This will show you if there is a newer version of the database. Press Download.
5. Go back to the main screen and press Scan.
6. If and when an infection is found, remove all objects found.

=====

Download, install and update Superantispyware (SAS) Don't run this yet.

SUPERAntispyware Free Edition

=====
You may want to print out or copy and paste the rest of the instructions and save them in a text document to your desktop. You will not be able to see them from Safe Mode.

Restart in Safe Mode

* Restart the computer.
* When you see the black-and-white Starting Windows bar at the bottom of the screen, start tapping the F8 key.
* When you get to the boot menu, use the arrow keys to select Safe mode
* Then Press Enter.
* The computer restarts in Safe mode.

=====

Open HijackThis and select "Do a system scan only"

Place a check mark next to: (if found)

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Common Files\AVSystemCare\bm.exe" dm=http://avsystemcare.com; ad=http://avsystemcare.com
O4 - HKLM\..\Run: [Salestart(1)] "C:\Program Files\Common Files\PCPrivacyTool\mc.exe" dm=http://pcprivacytool.com; ad=http://pcprivacytool.com
O4 - HKLM\..\Run: [rtasks] C:\Program Files\AVSystemCare\rtasks.exe
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - Startup: system.exe
O4 - Global Startup: autorun.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System, DisableRegedit=1

Now click "Fix checked"

Exit HijackThis

=====

Now configure and run SUPERAntiSpyware in Safe Mode.

* Under Configuration and Preferences, click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked:
+ Close browsers before scanning
+ Scan for tracking cookies
+ Terminate memory threats before quarantining.
+ Please leave the others unchecked.
+ Click the Close button to leave the control center screen.
* On the main screen, under Scan for Harmful Software click Scan your computer.
* On the left check C:\Fixed Drive.
* On the right, under Complete Scan, choose Perform Complete Scan.
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK.
* Make sure everything in the white box has a check next to it, then click Next.
* It will quarantine what it found and if it asks if you want to reboot, click Yes.
* To retrieve the removal information please do the following:
+ After reboot, double-click the SUPERAntiSpyware icon on your desktop.
+ Click Preferences. Click the Statistics/Logs tab.
+ Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
+ It will open in your default text editor (such as Notepad/Wordpad).
+ Save the notepad file to your desktop by clicking (in notepad) "File" "Save As"
* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
* Please add the log as an attachment along with a new HijackThis log in the next post.

=====

Next Post please add as attachments
SUPERAntiSpyware log
New HijackThis log

This is the SuperAntiSpyware Results:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 11/26/2007 at 08:56 AM
Application Version : 3.9.1008
Core Rules Database Version : 3259
Trace Rules Database Version: 1270
Scan type : Quick Scan
Total Scan Time : 00:09:24
Memory items scanned : 564
Memory threats detected : 0
Registry items scanned : 720
Registry threats detected : 0
File items scanned : 8656
File threats detected : 84
Adware.Tracking Cookie
C:\Documents and Settings\Hannah\Cookies\hannah@www.burstbeacon[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@archant.122.2o7[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wfmigoajiko.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wfk4widpifo.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@overture[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wflokpczkbq.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@stat.errclean[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@ads.associatedconte nt[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@1070878818[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@doubleclick[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@ads.pointroll[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@burstnet[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wjmywjdjokp.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@atdmt[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@roiservice[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@122.2o7[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@apmebf[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wjlyehcjkdo.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wblogncpagp.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@mediaplex[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@indextools[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wgmyagajsdo.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@phillyburbscom.112. 2o7[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@1069870899[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@serving-sys[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@questionmarket[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wfk4cpcjshq.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@1057062368[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@adserver[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@rotator.adjuggler[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@haymarket[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@ad.yieldmanager[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wjlyalcpcfo.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@adrevolver[3].txt
C:\Documents and Settings\Hannah\Cookies\hannah@adrevolver[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@ehg-autotrader.hitbox[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@revsci[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@a[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wckigncpmfo.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@whatcar[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wjkoejdjmgp.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@tracking.webdiversi ty.co[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wglyuiazacp.stats.esomniture[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@tradedoubler[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@pistonheads[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@tribalfusion[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wgl4qic5mlp.stats.esomniture[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@anat.tacoda[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@next[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6whkiaodzcfo.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@hitbox[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@haynet.adbureau[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@paypal.112.2o7[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wfliujajshp.stats.esomniture[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@1066670941[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wgliglc5aco.stats.esomniture[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@h.starware[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@edge.ru4[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wgkiohcpmgo.stats.esomniture[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wfkysjazkgp.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@amazonms.122.2o7[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@msnportal.112.2o7[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@bluestreak[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@stat.dealtime[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wfliemdzahq.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@1071238990[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@1070144314[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wjlycmajsfo.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@advertising[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@bs.serving-sys[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@1066767647[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@media.adrevolver[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@adtech[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wjlyqgd5ido.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@dealtime[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@tacoda[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@tracking.summitmedi a.co[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wjmikjczihq.stats.esomniture[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@www.burstnet[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@statcounter[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@try.starware[2].txt
C:\Documents and Settings\Hannah\Cookies\hannah@statse.webtrendsliv e[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@clickbank[1].txt
C:\Documents and Settings\Hannah\Cookies\hannah@e-2dj6wbliskcjibo.stats.esomniture[2].txt


And here is the HiJackThis Log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:02:38 AM, on 11/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\bgsvcgen.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Samsung\DisplayManager\dmhkcore.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\FinePixViewer\QuickDCF2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tiscali.co.uk/broadband
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uk.red.clientapps.yahoo.com/c...o/bt_side.html
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AVStation Premium 3.75] C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\DisplayManager\DMLoader.exe
O4 - HKLM\..\Run: [DisplayManager] C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [Easy SpyRemover] C:\Program Files\Easy SpyRemover\EasySpyRemover.exe /smart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Exif Launcher 2.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.tiscali.co.uk/broadband
O17 - HKLM\System\CCS\Services\Tcpip\..\{6309F0DB-E1B6-4D47-83F0-111ED3BCCD32}: NameServer = 212.139.132.24 212.139.132.25
O20 - AppInit_DLLs: sulimo.dat
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: B's Recorder GOLD Library General Service (bgsvcgen) - B.H.A Corporation - C:\WINDOWS\system32\bgsvcgen.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
--
End of file - 9092 bytes

Great steps to follow, even I managed to it.

Thanks, whats next??

Can you get to add/remove programs now?

If so go there and look for and uninstall East Spy Remover.

No, I still get the warning appear which reads:
'This operation has been cancelled due to restrictions in effect on this computer, please contact your system administator'.

Boot into safe mode.

Restart your computer and keep hitting F8. You should get a menu. Choose the upmost (safe mode). When selecting accounts be sure to pick the admin account.
Go into add/remove programs. It should work. Otherwise try killing the process (which may or may not be called "EasySpyRemover.exe" or similar). Try accessing add/remove again.

Tried but still no joy, same message appears.

Let's try this.

CCleaner
If you do not have CCleaner please download and install it. Download CCleaner (we will use this in a minute)

==

Enable Viewing Of Hidden System Files & Folders

1. Right Click Start.
2. Select Control Panel.
3. Select the Tools menu and click Folder Options.
4. Select the View Tab.
5. Under the Hidden files and folders heading select Show hidden files and folders.
6. Uncheck the Hide extensions for known file types option.
7. Uncheck the Hide protected operating system files (recommended) option.
8. Click Apply.
9. Click OK.

==

Go to Start > Run > type Sevices.msc and click OK.
Find the EasySpyRemover and right click it and select Properties
Next to the Startup Type: use the dropdown box and select Disabled click OK.

Close the Services window.

==

You may want to boot into safe mode before uninstalling this to have the best chance at removal.

Open CCleaner.
Next click on the Tools tab and you will see a uninstall list.
Right click on any entry you want to uninstall and choose Run Uninstaller.
Remove any entry that has to do with:

Easy SpyRemover (if there)Also look for anything else that is installed that you do not know about and uninstall it.

==

If Easy SpyRemover was not in the CCleaner add/remove programs list, open this folder and see if there is an uninstaller in it and run it there.

Then locate and delete the following bold files (if there).

C:\Program Files\Easy SpyRemover

==

Please download Combofix by sUBs from either here or here

Save Combofix.exe to your your Desktop.

1. Double click combofix.exe & follow the prompts. (from the keyboard select 1 and press enter)
2. When finished, it will produce a log for you.
3. Attach that log in your next reply.

Note:
Do not mouseclick combofix's window while it's running. That may cause your computer to stall


==

Next post please add the combofix log.

Here are the results:

ComboFix 07-11-19.4 - Hannah 2007-11-26 19:38:03.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.68 [GMT 0:00]
Running from: C:\Documents and Settings\Hannah\Local Settings\Temporary Internet Files\Content.IE5\IV4761GN\ComboFix[1].exe
* Created a new restore point
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Hannah\ResErrors.log
C:\Documents and Settings\Olly\ResErrors.log
C:\Program Files\Common Files\PCPrivacyTool
C:\Program Files\Common Files\PCPrivacyTool\mc.exe
.
((((((((((((((((((((((((( Files Created from 2007-10-26 to 2007-11-26 )))))))))))))))))))))))))))))))
.
2007-11-26 19:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-11-26 19:31 40,960 --a------ C:\WINDOWS\system32\exitwx.exe
2007-11-26 19:17 <DIR> d-------- C:\Program Files\Yahoo!
2007-11-26 19:17 <DIR> d-------- C:\Program Files\CCleaner
2007-11-26 18:08 <DIR> d-------- C:\Documents and Settings\Olly\Application Data\SUPERAntiSpyware.com
2007-11-25 20:49 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2007-11-25 20:43 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2007-11-25 20:43 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\ATI
2007-11-25 20:39 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-11-25 20:39 <DIR> d-------- C:\Documents and Settings\Hannah\Application Data\SUPERAntiSpyware.com
2007-11-25 20:39 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-11-25 20:38 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-11-25 20:34 <DIR> d-------- C:\Program Files\RogueRemover FREE
2007-11-25 19:39 <DIR> d-------- C:\Program Files\Easy SpyRemover
2007-11-25 19:36 <DIR> d-------- C:\Program Files\Trend Micro
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2007-11-15 21:13 --------- d-----w C:\Program Files\FinePixViewer
2007-10-21 08:23 --------- d-----w C:\Documents and Settings\Olly\Application Data\CyberLink
2007-10-21 08:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\CyberLink
2007-10-21 07:21 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2003-08-27 22:19 36,963 ----a-r C:\Program Files\Common Files\SM1updtr.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 16:24]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2007-08-07 18:27]
"eyeBeam SIP Client"="" []
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0\bin\jusched.exe" [2006-08-10 21:23]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-03 01:41]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-05 00:44 C:\WINDOWS\RTHDCPL.exe]
"EDS"="C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe" [2006-03-28 20:27]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-07 21:44]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 20:32 C:\WINDOWS\AGRSMMSG.exe]
"AVStation Premium 3.75"="C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe" [2006-05-13 00:27]
"MagicKeyboard"="C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe" [2006-05-18 05:24]
"farstone"="" []
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-03 03:24]
"BatteryManager"="C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe" [2006-04-25 21:05]
"DMHotKey"="C:\Program Files\Samsung\DisplayManager\DMLoader.exe" [2005-11-23 18:18]
"DisplayManager"="C:\Program Files\Samsung\DisplayManager\DisplayManager.exe" [2006-05-04 02:22]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 16:32]
"SM1BG"="C:\WINDOWS\SM1BG.EXE" [2003-08-27 22:20]
"adiras"="adiras.exe" []
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 01:41]
"NeroCheck"="C:\WINDOWS\system32\\NeroCheck.ex e" [2001-07-09 10:50]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-07-22 18:04]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 21:32]
"Easy SpyRemover"="C:\Program Files\Easy SpyRemover\EasySpyRemover.exe" []
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 12:00]
C:\Documents and Settings\Hannah\Start Menu\Programs\Startup\
Microsoft Find Fast.lnk - C:\Program Files\Microsoft Office\Office\FINDFAST.EXE [1996-12-04]
Office Startup.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE [1996-12-04]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 11:44:06]
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2007-03-19 07:01:32]
Exif Launcher 2.lnk - C:\Program Files\FinePixViewer\QuickDCF2.exe [2007-08-18 17:35:13]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 03:21:22]
[hklm\software\microsoft\windows\currentversion\exp lorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
.
Contents of the 'Scheduled Tasks' folder
"2007-11-09 20:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - Hannah.job"
- C:\PROGRA~1\NORTON~1\Navw32.exeh/task:
.
************************************************** ************************
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-26 19:43:12
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************** ************************
.
Completion time: 2007-11-26 19:46:59 - machine was rebooted
.
--- E O F ---


I can now access add/remove programs.
Thank you for all your help, site is fantastic!!!!

Do I need to complete anything else??