thefeedonline redirect of window ie8 and foxfire! virus!

here we go...  i have been dealing with this for a week now. 

 

norton finds nothing now.  but found a virus called TROJAN HORSE and cleaned it on the 20th.

 

Malwarebytes finds the following:

 

Malwarebytes' Anti-Malware 1.41

Database version: 2861

Windows 5.1.2600 Service Pack 3

 

9/27/2009 3:36:53 PM

mbam-log-2009-09-27 (15-36-53).txt

 

Scan type: Full Scan (C:\|D:\|K:\|)

Objects scanned: 346225

Time elapsed: 3 hour(s), 18 minute(s), 47 second(s)

 

Memory Processes Infected: 0

Memory Modules Infected: 1

Registry Keys Infected: 0

Registry Values Infected: 2

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 7

 

Memory Processes Infected:

(No malicious items detected)

 

Memory Modules Infected:

C:\WINDOWS\system32\calc.dll (Backdoor.Bot) -> Delete on reboot.

 

Registry Keys Infected:

(No malicious items detected)

 

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\calc (Backdoor.Bot) -> Delete on reboot.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\calc (Trojan.Downloader) -> Delete on reboot.

 

Registry Data Items Infected:

(No malicious items detected)

 

Folders Infected:

(No malicious items detected)

 

Files Infected:

C:\WINDOWS\system32\calc.dll (Backdoor.Bot) -> Delete on reboot.

C:\Documents and Settings\HP_Administrator.WALKERFAMILY\protect.dll (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator.WALKERFAMILY\Start Menu\Programs\Startup\scandisk.dll (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\Documents and Settings\LocalService\protect.dll (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP187\A0048796.dll (Backdoor.Bot) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator.WALKERFAMILY\Start Menu\Programs\Startup\scandisk.lnk (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Documents and Settings\HP_Administrator.WALKERFAMILY\Local Settings\Temp\nsrbgxod.bak (Trojan.Agent) -> Delete on reboot. 

 

Big issue is after I reboot.  The are still there...

 

I can't even get to safemode to try running programs here.  

 

I really need some help.

 

I get redirected when I try to click on links in sites.  I am unable to log in into https:// sites.  

 

Help please...

 

Stacey