whats wrong with it

Download the GMER rootkit scan from here: GMER

1. Unzip it and start GMER.
   
2. Click the >>> tab and then click the Scan button.
   
3. Once done, click the Copy button.
   
4. This will copy the results to your clipboard.
   
5. Paste the results in your next reply.
   

Note:
If you're having problems with running GMER.exe, try it in safe mode. This tools works in safe mode.
You can also try renaming it since some malware blocks GMER.

GMER 1.0.15.15077 [11bixzy1.exe] - http://www.gmer.net
Rootkit scan 2009-08-21 07:07:21
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.15 ----

SSDT spov.sys ZwCreateKey [0xB7EA80E0]
SSDT spov.sys ZwEnumerateKey [0xB7EC6CA2]
SSDT spov.sys ZwEnumerateValueKey [0xB7EC7030]
SSDT spov.sys ZwOpenKey [0xB7EA80C0]
SSDT spov.sys ZwQueryKey [0xB7EC7108]
SSDT spov.sys ZwQueryValueKey [0xB7EC6F88]
SSDT spov.sys ZwSetValueKey [0xB7EC719A]

INT 0x62 ? 8A79FBF8
INT 0x63 ? 8A5FAF00
INT 0x73 ? 8A79FBF8
INT 0x73 ? 8A79FBF8
INT 0x73 ? 8A79FBF8
INT 0x73 ? 8A79FBF8
INT 0x73 ? 8A5FAF00
INT 0x73 ? 8A79FBF8
INT 0x82 ? 8A79FBF8
INT 0x83 ? 8A5FAF00
INT 0x94 ? 8A5FAF00
INT 0xB4 ? 8A5FAF00
INT 0xB4 ? 8A5FAF00
INT 0xB4 ? 8A5FAF00
INT 0xB4 ? 8A5FAF00

---- Kernel code sections - GMER 1.0.15 ----

? spov.sys The system cannot find the file specified. !
.text USBPORT.SYS!DllUnload B6E988AC 5 Bytes JMP 8A5FA4E0
.text a07do4kt.SYS B6DD4386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text a07do4kt.SYS B6DD43AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a07do4kt.SYS B6DD43C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH}
.text a07do4kt.SYS B6DD43C9 1 Byte [2E]
.text a07do4kt.SYS B6DD43C9 11 Bytes [2E, 00, 00, 00, 5C, 02, 00, ...] {ADD CS:[EAX], AL; ADD [EDX+EAX+0x0], BL; ADD [EAX], AL; ADD [EAX], AL}
.text ...

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [B7EA9040] spov.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [B7EA913C] spov.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [B7EA90BE] spov.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [B7EA97FC] spov.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [B7EA96D2] spov.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [B7EB9048] spov.sys
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[HAL.dll!KfAcquireSpinLock] 4B8BDF8B
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[HAL.dll!READ_PORT_UCHAR] 8D3F0304
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[HAL.dll!KeGetCurrentIrql] CB033043
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[HAL.dll!KfRaiseIrql] 0673C13B
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[HAL.dll!KfLowerIrql] C13B0003
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[HAL.dll!HalGetInterruptVector] 8366FA72
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[HAL.dll!HalTranslateBusAddress] 75000E7B
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[HAL.dll!KeStallExecutionProcessor] 0B7D80E3
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[HAL.dll!KfReleaseSpinLock] 307B8D00
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 00AA840F
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[HAL.dll!READ_PORT_USHORT] 83660000
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 6A000E7A
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[HAL.dll!WRITE_PORT_UCHAR] C6647400
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[WMILIB.SYS!WmiSystemControl] 4F8B0200
IAT \SystemRoot\System32\Drivers\a07do4kt.SYS[WMILIB.SYS!WmiCompleteRequest] 968D5140

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8A79E1F8
Device \FileSystem\Fastfat \FatCdrom 89A5C500
Device \FileSystem\Udfs \UdfsCdRom 8A312500
Device \FileSystem\Udfs \UdfsDisk 8A312500

AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBPDO-0 8A5F41F8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8A8131F8
Device \Driver\dmio \Device\DmControl\DmConfig 8A8131F8
Device \Driver\dmio \Device\DmControl\DmPnP 8A8131F8
Device \Driver\dmio \Device\DmControl\DmInfo 8A8131F8
Device \Driver\usbuhci \Device\USBPDO-1 8A5F41F8
Device \Driver\usbuhci \Device\USBPDO-2 8A5F41F8
Device \Driver\usbehci \Device\USBPDO-3 8A5FF1F8
Device \Driver\usbuhci \Device\USBPDO-4 8A5F41F8

AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBPDO-5 8A5F41F8
Device \Driver\PCI_PNP4742 \Device\00000049 spov.sys
Device \Driver\usbuhci \Device\USBPDO-6 8A5F41F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 8A7A01F8
Device \Driver\usbehci \Device\USBPDO-7 8A5FF1F8
Device \Driver\Cdrom \Device\CdRom0 8A5FE1F8
Device \Driver\Cdrom \Device\CdRom1 8A5FE1F8
Device \Driver\NetBT \Device\NetBt_Wins_Export 8A278500
Device \Driver\NetBT \Device\NetbiosSmb 8A278500
Device \Driver\NetBT \Device\NetBT_Tcpip_{CD6FF56B-5065-4043-BB0D-4995520082D8} 8A278500

AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

Device \Driver\usbuhci \Device\USBFDO-0 8A5F41F8
Device \Driver\usbuhci \Device\USBFDO-1 8A5F41F8
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 89B68500
Device \Driver\usbuhci \Device\USBFDO-2 8A5F41F8
Device \FileSystem\MRxSmb \Device\LanmanRedirector 89B68500
Device \Driver\usbehci \Device\USBFDO-3 8A5FF1F8
Device \Driver\usbuhci \Device\USBFDO-4 8A5F41F8
Device \Driver\Ftdisk \Device\FtControl 8A7A01F8
Device \Driver\usbuhci \Device\USBFDO-5 8A5F41F8
Device \Driver\usbuhci \Device\USBFDO-6 8A5F41F8
Device \Driver\usbehci \Device\USBFDO-7 8A5FF1F8
Device \Driver\sptd \Device\3690444742 spov.sys
Device \Driver\a07do4kt \Device\Scsi\a07do4kt1Port6Path0Target0Lun0 8A6061F8
Device \Driver\a07do4kt \Device\Scsi\a07do4kt1 8A6061F8
Device \FileSystem\Fastfat \Fat 89A5C500

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Cdfs \Cdfs 8A34B1F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xC5 0x6C 0xDF 0x38 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xCB 0x00 0x0C 0x5C ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x5D 0xD1 0xEF 0x37 ...
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri@start 1
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri@type 1
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri@group file system
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri@imagepath \systemroot\system32\drivers\ovfsthuwtidxwevxtevwcirpdxymepmxuucbvs.sys
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri@inst 0
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main@ver sni060409
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main@cid 01
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main@bid 1019188780-1060284298-507921405-725345543
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main@aid 998
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main@sid 3
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main@feed 0x22 0x64 0x78 0x36 ...
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main@cmddelay 28801
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main@logoffset 118731
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main\delete (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main\ff (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main\ff@extension \\?\C:\Program Files\Mozilla Firefox\extensions\{27CAC14D-C61C-4A2A-95E6-7015D83145D0}
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main\ff@version 1
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main\injector (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main\injector@iexplore.exe ovfsthwi.dll
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main\injector@explorer.exe ovfsthff.dll
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\main\tasks (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\modules (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\modules@ovfsth.sys \systemroot\system32\drivers\ovfsthuwtidxwevxtevwcirpdxymepmxuucbvs.sys
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\modules@ovfsth.dll \systemroot\system32\ovfsthkpjuyjhfuchtrsktkrnhilmonugogkqy.dll
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\modules@ovfsthlog.dat \systemroot\system32\ovfsthlpkntqhcbwtoslvhfoeflmufthhonxpd.dat
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\modules@ovfsthwi.dll \systemroot\system32\ovfsthhcipfaqxguepuctqoxyfwofnbpapvnqy.dll
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\modules@ovfsthff.dll \systemroot\system32\ovfsthinbjutmbesyrljwxkxfpppwwcideofem.dll
Reg HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri\modules@ovfsth.dat \systemroot\system32\ovfsthowyrwapvlsdkowvboamcbfwjrelruxog.dat
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xC5 0x6C 0xDF 0x38 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xCB 0x00 0x0C 0x5C ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x5D 0xD1 0xEF 0x37 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xC5 0x6C 0xDF 0x38 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xCB 0x00 0x0C 0x5C ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x5D 0xD1 0xEF 0x37 ...

---- EOF - GMER 1.0.15 ----

1. Please download The Avenger by Swandog46 to your Desktop
Link: HERE

• Click on Avenger.zip to open the file
  
• Extract avenger.exe to your desktop
  

2. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Registry keys to delete:
HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by clicking on its icon on your desktop.

• Under "Input script here:", paste in the script from the quote box above.
  
• Leave the ticked box "Scan for rootkit" ticked.
  
• Then tick "Disable any rootkits found"
  
• Now click on the Execute to begin execution of the script.
  
• Answer "Yes" twice when prompted.
  
  The Avenger will automatically do the following:
  
  
• It will Restart your computer.
  
• On reboot, it will briefly open a black command window on your desktop, this is normal.
  
• After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  
• The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
  

4. Please copy/paste the content of c:\avenger.txt into your reply.

Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

Registry key "HKLM\SYSTEM\ControlSet003\Services\ovfsthbftirxercrnseomtidbluqxdnftobiri" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

Malwarebytes' Anti-Malware 1.40
Database version: 2675
Windows 5.1.2600 Service Pack 3

8/21/2009 7:41:57 PM
mbam-log-2009-08-21 (19-41-57).txt

Scan type: Quick Scan
Objects scanned: 96767
Time elapsed: 2 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 1
Files Infected: 37

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\tbsb00583.tbsb00583toolbar (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\PC_Antispyware2010 (Rogue.PC_Antispyware2010) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Windows antiVirus pro (Rogue.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\Internet Explorer\LiveInfoPro (Adware.BHO) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Internet Explorer\LiveInfoPro\affid.dat (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\basis.xml (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\bg.jpg (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\icons.bmp (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\icons.bmp_16.bmp (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\icons.bmp_24.bmp (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\icons.bmp_32.bmp (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\info.txt (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\liveinfo_logo.gif (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\liveinfo_logo2.gif (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\liveinfo_logo3.gif (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\liveinfo_logo4.gif (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\liveinfo_logo5.gif (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\mini_logo.bmp (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\radio2.html (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\radio3.html (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\script.html (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\standart_icons.bmp (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\tbhelper.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\tbs_include_script_000666.js (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\tbs_include_script_001203.js (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\tbs_include_script_001359.js (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\tbs_include_script_007269.js (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\tbs_include_script_013174.js (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\tbs_include_script_015435.js (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\tbs_include_script_016286.js (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\tbs_include_script_021605.js (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\tbs_include_script_023250.js (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\tbs_include_script_026591.js (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\tbs_include_script_028434.js (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\tbs_include_script_031265.js (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\toolbar_v0.9.5_w-jsinside-affid-1002.crc (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\uninstall.exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\version.txt (Adware.BHO) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\LiveInfoPro\your_logo.png (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\onhelp.htm (Rogue.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?