My wife was surfing on her week old xp laptop and had one of those phony virus scan pop-ups pop up. She clicked the x in the corner and it proceeded to install something and showed websites made to look like windows setup screens. She knew she had screwed up so she ran norton internet security 2008 and did a quick scan. Scan found nothing so she restarted the laptop. Once it booted up she tried to open nis so she could scan again and clicking on the shortcut did nothing, clicked the program icon on start menu/programs still nothing. So she finally confessed to me what happened and I confirm that nis will not run. I grab the cd and uninstall then reinstall it, do a full scan (it found nothing) reboot and nis runs in background as if nothings wrong. Ok so a reinstall fixed norton internet security but I am still worried about letting the laptop network with other pcs so I disable wifi call it a night. Next day I install malwarebytes, it finds nothing. Install hijackthis and I get the below log. So I guess I just want someone to look this log over and let me know if I'm ok to use this computer on my network. I scanned with both of the above mentioned programs in safe mode and still found nothing. It bothers me that something was able to make norton completely unusable and it can't find it. I also noticed that there is a list of about 50 prefetch files that were all modified at around the time the popup attacked so any ideas or help with any of this would be appreciated.