Thank you very much for the quick response!
Here's what I've done so far:
Blacklight and Panda are either not available or not Vista compatible, but I found AVG Anti-rootkit free. The results:
C:\Windows\System32\drivers\srosa.sys,Hidden driver file
C:\Windows\System32\drivers\srosa.sys,Hidden File
C:\Windows\System32\IME\shared,Hidden Directory
C:\Windows\System32\IME\shared\IMCCPHR.exe,Hidden File
C:\Windows\System32\IME\shared\IMEAPIS.DLL,Hidden File
C:\Windows\System32\IME\shared\imecfm.dll,Hidden File
C:\Windows\System32\IME\shared\IMEPADSM.DLL,Hidden File
C:\Windows\System32\IME\shared\IMEPADSV.EXE,Hidden File
C:\Windows\System32\IME\shared\IMETIP.DLL,Hidden File
C:\Windows\System32\IME\shared\imever.dll,Hidden File
C:\Windows\System32\IME\shared\IMJKAPI.DLL,Hidden File
C:\Windows\System32\IME\shared\MSCAND20.DLL,Hidden File
Although these results are from the second scan. I previously removed hidr.exe, since I saw this in the recommended threads. Should I remove the rest also?
I have Superantispyware, but it gives me a blue screen a few minutes after starting the scan in normal mode. In safe mode only cookies appear.
I tried scheduling an Avast boottime scan but although the simp files are there, they won't start.
No improvement yet. What's next?