I need help with malware. Logs attached.

[prettypumpkins]

I need help with my computer. It keeps on installaing rogue antiviruses randomly. I have been having this problem for quite sometime. I ran spybot S&D. It said I had this virus called Microsoft.Windows.Redirectedhosts and that it could not remove it. What should I do to fix my computer? I have posted the suggested logs. Thanks for any help!

[Saving space, attachment deleted by admin]

[SuperDave]

Hello prettypumpkins and welcome to Computer Hope Forum. My name is Superdave but you can just call me SD. I will be helping you out with your particular problem on your computer. I'm really sorry for the long delay. We are working day and night and can't keep ahead of the infections.I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

Download Disable/Remove Windows Messenger to the desktop to remove Windows Messenger.

Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Unzip the file on the desktop. Open the MessengerDisable.exe and choose the bottom box - Uninstall Windows Messenger and click Apply.

Exit out of MessengerDisable then delete the two files that were put on the desktop.

I notice that you are running a P2P program (uTorrent) on your computer. While this program may be safe, the files you download with this program is a major source of a lot of infections. Therefore, I strongly urge you to uninstall it.

Add or Remove Programs

1. Click on the Windows Start button and click on the Control Panel
2. In the Control Panel window, double-click Add or Remove Programs icon.
3. When the Add or Remove Programs window has fully populated, check for uTorrent and uninstall it.

Download HostsXpert

•Unzip HostXpert to your Desktop

•Open up the HostXpert program.

•Make sure that the "Make Hosts Writable?" button in the upper right corner is enabled.

•Click Create Back Up

•Then click on Restore Microsoft's Host Files

•Close the HostXpert program

Open HijackThis and select Do a system scan only

Place a check mark next to the following entries: (if there)

O4 - HKLM\..\Run: [Alcmtr] "ALCMTR.EXE"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [uTorrent] "C:\Documents and Settings\Nate\My Documents\The Stuff'\utorrent_001.exe"
O4 - HKLM\..\Run: [HotKeysCmds] \"C:\WINDOWS\system32\hkcmd.exe\"
(Description: Intel hotkey applet. Unnecessary. Removing this will free up a small amount of system resources.)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] \"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe\"
(Description: Adobe reader startup - unnecessarily uses system resources.)
O4 - HKLM\..\Run: [SunJavaUpdateSched] \"C:\Program Files\Java\jre6\bin\jusched.exe\"
(Description: Sun Java update scheduler. Checks for updates. Not necessary. Removing this entry will free up a small amount of system resources.)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - AppInit_DLLs: cru629.dat

Important: Close all open windows except for HijackThis and then click Fix checked.

Once completed, exit HijackThis.

Please post another HJT log.