Please help with this hijackthis log

HijackThis logs are not the first step. They are the last step.

You need to follow some guidelines. See the stickies on the main page of the Spyware Forum. HijackThis is the last step (also your is out of date).

Please follow all the steps in this Sticky thread < READ ME FIRST: Basic Spyware, Trojan And Virus Removal > If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.

After doing the above (I giving us feedback on it) now you can go to the link Pegg gave you on the HijackThis (I'll repeat it below along with a repeat of important bold print info from that tutorial).

NOTE: Per the tutorial in this Sticky thread < Hijack This Tutorial And How To Post Your Log File > your log file file has been removed and/or converted to a text attachment.

Update! Due to Hijack This logs destroying search engine and web site searches, we now ask you do not post your Hijack This log file unless requested by us. It is for advanced users, so if you do not understand how to use it, you do not need it....yet. Instead, please tell us in your post what symptoms you are experiencing so we can try and resolve it that way. When, and if, we ask you to post your log file, please attach it as a file. To do this save the log file and select manage attachments in a new thread to upload it. All running programs should be closed, including your web browser, e-mail, items in the tray, anything you can close... Close before running Hijack This!

Do not to install Hijack This to the Desktop, a temp folder or choose run from the download. Place it in its own folder, for example C:\Program Files\HJT

I changed your HJT log into an attachment for you this time. From now on, do not put them inline and do not post one unless we ask for it.

So now having said all the above (and I do want you to run that stuff anyway), here is a bunch of stuff to fix that the scans most likely will not:

Click Start, and then click Run. (The Run dialog box appears.)
Type, or copy and paste, the following text:
regsvr32 /u C:\WINDOWS\lbbho.dll
then click OK. If a dialog box confirming this action appears, click OK.

Run HijackThis and put a check mark on the following items but DO NOT click Fix until you exit all Internet Explorer sessions:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O2 - BHO: C:\WINDOWS\lbbho.dll - {DF4EC265-299A-4594-919E-BFB9F841CAA5} - C:\WINDOWS\lbbho.dll
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)

I also see a few unknow items are in your LSP chain and it could be causing slow down problems. The lspak.dll file belongs to the Virtumundo malware while the cdlsp.dll file is part of the couponDeals stuff. So we need to fix the 010 entries.

Now click here to download LspFix. Save it, extract the files from the ZIP file to a location you can find and then run the executable file (the .exe).

And click the "I know what I'm doing" checkbox.

Check all instances of lspak.dll and cdlsp.dll (and nothing else), and move them to the "Remove" pane. Then click Finish.

Now start your computer in Safe Mode
Enable viewing of hidden files and folders: http://forums.majorgeeks.com/showthread.php?t=37650

Now use Windows Explorer to locate and delete:
C:\WINDOWS\lbbho.dll
C:\WINDOWS\System32\lspak.dll
C:\WINDOWS\System32\cdlsp.dll

Now reboot in normal mode and post a new HJT log as an attachment.

Question: Do you use a Proxy server to access the Internet? I wondering why Comcast has these lines added on your PC.

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = sas.se1.attbb.net:8000
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.se1.attbb.net

 

Have you run CWshredder too? Yes, Mozilla FireFox is a good program to try.

 

Go here: http://www.bandwidthplace.com/speedtest/
and select your connection type (Cable, DSL, Dial-up, etc) then click Start (follow the prompts) and tell me the results. By the way what connection type do you have?