Hi Tena,

Had to break out some "old school" cleaning steps for you

FIRST:
Please Download KillBox.exe to your desktop. Just leave it for now.



Please print out or save these instructions locally so that you can Disconnect from the Internet and operate with All Browser Windows CLOSED.
Please make sure the Viewing of Hidden Files is Enabled.

Now, look in Task Manager (Ctrl-Alt-Del) for the following running processes and try to end them, if found:

PUTA!!.COM
SPEEDY.PIF

Now scan with HijackThis and Check the Boxes for the following, if they remain:

F1 - win.ini: run=c:\windows\puta!!.com,c:\windows\speedy.pif

O2 - BHO: (no name) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - (no file)
O2 - BHO: (no name) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - (no file)

O4 - HKLM\..\Run: [PutAS!] C:\WINDOWS\Puta!!.com
O4 - HKLM\..\Run: [Spees3] C:\WINDOWS\Speedy.pif

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} -

Again, make sure All Browser Windows are Closed when you Click FIX.

NEXT:
Please run killbox.exe.

Now, you will be entering the two baddiesitems into KillBox. Please select the “Delete on Reboot” and “End Explorer Shell While Killing File ” Options. Enter or Copy&Paste each of the following into the box, making sure Delete on Reboot and End Explorer Shell While Killing File are Checked for each entry. Click the Red X to Delete each one, but DO NOT Allow your machine to Reboot until both items have been entered:

C:\WINDOWS\PUTA!!.COM
C:\WINDOWS\SPEEDY.PIF

After both baddies have been entered and you are prompted to reboot, ALLOW KillBox to Reboot your computer.

Reboot to Normal Windows and Scan with HijackThis and attach that log.
Let me know of any problems you may have encountered with the above instructions and how your computer is running now. I will try to check back when time permits.

** Also, please use Windows Explorer to look for these folders on your compy:

C:\Windows\Puta!!.dat
C:\Windows\Calote!.dat
C:\Windows\Vacas!
C:\Windows\Vagabu!
C:\Windows\scrupd.exe
C:\putas!!
C:\Windows\Banda!
C:\Windows\Podre!!


Let me know what you find.

Best luck
PP