antivirus live

Anti Virus live attached to my computer and I can't get into anything without it popping up. How do I remove it??

Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Post the log from ComboFix when you've accomplished that.

ComboFix 10-01-26.01 - Samantha's 01/26/2010 13:56:24.1.2 - x86 NETWORK
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.238.61 [GMT -5:00]
Running from: c:\documents and settings\Samantha's\My Documents\fix1combo.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Samantha's\Local Settings\Application Data\sghoyb
c:\documents and settings\Samantha's\Local Settings\Application Data\sghoyb\xfwjsysguard.exe
c:\recycler\S-1-5-21-1084323996-473595231-595801551-500
c:\recycler\S-1-5-21-1098446862-152709782-4103956408-500
c:\recycler\S-1-5-21-1400017469-654540944-3146042151-500
c:\recycler\S-1-5-21-154583795-176248638-2662859644-500
c:\recycler\S-1-5-21-1584450710-811814693-2865043677-500
c:\recycler\S-1-5-21-1757981266-1801674531-725345543-500
c:\recycler\S-1-5-21-2530479773-2230874288-861715809-500
c:\recycler\S-1-5-21-272103683-1963388116-1085801163-500

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_PassThru


((((((((((((((((((((((((( Files Created from 2009-12-26 to 2010-01-26 )))))))))))))))))))))))))))))))
.

2010-01-06 03:21 . 2010-01-06 03:21 -------- d-----w- c:\documents and settings\Samantha's\Application Data\Template

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-26 15:27 . 2010-01-26 15:27 -------- d-----w- c:\program files\Trend Micro
2009-12-21 19:14 . 2005-06-18 03:49 916480 ----a-w- c:\winnt\system32\wininet.dll
2009-12-02 12:42 . 2005-11-12 15:09 -------- d-----w- c:\program files\Google
2009-11-11 22:29 . 2009-11-11 22:29 152576 ----a-w- c:\documents and settings\Samantha's\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-11 22:29 . 2009-11-11 22:29 79488 ----a-w- c:\documents and settings\Samantha's\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2005-11-12 15:10 . 2005-11-12 15:10 774144 -c--a-w- c:\program files\RngInterstitial.dll
2005-01-19 03:43 . 2005-01-19 03:43 251 -c--a-w- c:\program files\wt3d.ini
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-23 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\winnt\ehome\ehtray.exe" [2008-04-14 50176]
"ATIModeChange"="Ati2mdxx.exe" [2001-09-04 28672]
"NeroCheck"="c:\winnt\System32\NeroCheck.exe" [2001-07-09 155648]
"StacSysTray"="c:\program files\SigmaTel\C-Major Audio\ControlPanel\StacSysTray.exe" [2003-10-24 962560]
"IgfxTray"="c:\winnt\System32\igfxtray.exe" [2003-07-10 155648]
"HotKeysCmds"="c:\winnt\System32\hkcmd.exe" [2003-07-10 114688]
"Motive SmartBridge"="c:\progra~1\VERIZO~1\SMARTB~1\MotiveSB.exe" [2005-01-09 385024]
"Lexmark X1100 Series"="c:\program files\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 57344]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2003-08-19 110592]
"Microsoft Works Update Detection"="c:\program files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [2003-09-14 50688]
"mmtask"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe" [2005-05-09 53248]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-08-07 77824]
"PRONoMgr.exe"="c:\program files\Intel\NCS\PROSet\PRONoMgr.exe" [2003-03-11 86016]
"Gateway Ink Monitor"="c:\program files\Gateway Utilities\GWInkMonitor.exe" [2003-06-25 303180]
"RealTray"="c:\program files\Real\RealPlayer\RealPlay.exe" [2009-03-07 26112]
"lxdumon.exe"="c:\program files\Lexmark 5600-6600 Series\lxdumon.exe" [2008-09-10 676520]
"lxduamon"="c:\program files\Lexmark 5600-6600 Series\lxduamon.exe" [2008-09-10 16040]
"Lexmark 5600-6600 Series Fax Server"="c:\program files\Lexmark 5600-6600 Series\fm3032.exe" [2008-09-10 311976]
"HostManager"="c:\program files\Common Files\AOL\1241165257\ee\AOLSoftware.exe" [2008-06-24 41824]
"SSP Notifier"="c:\program files\Fisher-Price\FP3 Player\sspnotifier.exe" [2006-07-12 20480]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
America Online 9.0 Tray Icon.lnk - c:\program files\America Online 9.0\aoltray.exe [2009-3-7 36953]
Verizon Online Support Center.lnk - c:\program files\Verizon Online\bin\matcli.exe [2005-1-9 204800]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINNT\\system32\\LEXPPS.EXE"=
"c:\\WINNT\\system32\\lxducoms.exe"=
"c:\\Program Files\\Lexmark 5600-6600 Series\\lxduamon.exe"=
"c:\\Program Files\\Lexmark 5600-6600 Series\\frun.exe"=
"c:\\Program Files\\Abbyy FineReader 6.0 Sprint\\Scan\\ScanMan6.exe"=
"c:\\Program Files\\Lexmark 5600-6600 Series\\lxdufax.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\America Online 9.0\\waol.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\acsd.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R2 CX88XBAR;AVerMedia AVerTV MPEG Crossbar;c:\winnt\system32\drivers\cx88xbar.sys [10/26/2003 1:40 AM 6912]
R2 lxdu_device;lxdu_device;c:\winnt\system32\lxducoms.exe -service --> c:\winnt\system32\lxducoms.exe -service [?]
R3 {E2B953A7-195A-44F9-9BA3-3D5F4E32BB55};AIM 3.0 Part 01 Codec Driver CH-7009-B;c:\winnt\system32\drivers\wa301b.sys [8/3/2003 11:15 PM 33847]
R3 CXAVSAUD;AVerMedia AVerTV AvStream Audio Capture;c:\winnt\system32\drivers\cxavsaud.sys [10/26/2003 1:40 AM 8320]
R3 HidFP;HID Front Panel Driver Service;c:\winnt\system32\drivers\HidFP.sys [1/1/1980 4128]
S2 lxduCATSCustConnectService;lxduCATSCustConnectService;c:\winnt\system32\spool\drivers\w32x86\3\lxduserv.exe [3/8/2009 2:45 PM 98984]
.
Contents of the 'Scheduled Tasks' folder

2005-01-08 c:\winnt\Tasks\ISP signup reminder 2.job
- c:\winnt\System32\OOBE\oobebaln.exe [2003-10-07 00:12]

2005-01-22 c:\winnt\Tasks\ISP signup reminder 3.job
- c:\winnt\System32\OOBE\oobebaln.exe [2003-10-07 00:12]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.9and10news.com/
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
DPF: Microsoft XML Parser for Java - file://c:\winnt\Java\classes\xmldso.cab
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-eiavmpig - c:\documents and settings\Samantha's\Local Settings\Application Data\sghoyb\xfwjsysguard.exe
HKLM-Run-eiavmpig - c:\documents and settings\Samantha's\Local Settings\Application Data\sghoyb\xfwjsysguard.exe
AddRemove-HijackThis - c:\documents and settings\Samantha's\My Documents\HijackThis.exe
AddRemove-Verizon Online Support Center - c:\progra~1\VERIZO~1\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-26 14:21
Windows 5.1.2600 Service Pack 3 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2120)
c:\winnt\system32\WININET.dll
c:\program files\Gateway Utilities\inkpeek.dll
c:\winnt\system32\ieframe.dll
c:\winnt\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\winnt\system32\LEXBCES.EXE
c:\winnt\system32\LEXPPS.EXE
c:\progra~1\COMMON~1\AOL\ACS\acsd.exe
c:\winnt\ehome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\winnt\system32\lxducoms.exe
c:\program files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
c:\winnt\System32\wdfmgr.exe
c:\winnt\wanmpsvc.exe
c:\winnt\system32\wscntfy.exe
c:\winnt\ehome\ehmsas.exe
c:\progra~1\SigmaTel\C-MAJO~1\CONTRO~1\stacsrv.exe
c:\program files\Lexmark X1100 Series\lxbkbmon.exe
c:\program files\Lexmark 5600-6600 Series\lxduMsdMon.exe
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\progra~1\MI3AA1~1\rapimgr.exe
c:\program files\Verizon Online\bin\mpbtn.exe
.
**************************************************************************
.
Completion time: 2010-01-26 14:33:35 - machine was rebooted
ComboFix-quarantined-files.txt 2010-01-26 19:33

Pre-Run: 58,376,437,760 bytes free
Post-Run: 58,375,802,880 bytes free

- - End Of File - - E1E8E235ECE70F429E9C51DED1D79CD8

Hi again. Please do these steps in order.

1. Please download TFC by OldTimer to your desktop

• Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  
• It will close all programs when run, so make sure you have saved all your work before you begin.
  
• Click the Start
  button to begin the process. Depending on how often you clean temp
  files, execution time should be anywhere from a few seconds to a minute
  or two. Let it run uninterrupted to completion.
  
• Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

2. Please download Malwarebytes Anti-Malware from Malwarebytes.org.
Alternate link: BleepingComputer.com.
(Note: if you already have the program installed, just follow the directions. No need to re-download or re-install!)

Double Click mbam-setup.exe to install the application.

(Note: if you already have the program installed, open Malwarebytes from the Start Menu or Desktop shortcut, click the Update tab, and click Check for Updates, before doing the scan as instructed below!)

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• Please save the log to a location you will remember.
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy and paste the entire report in your next reply.
  

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

3. Please visit this webpage for instructions for downloading and running SUPERAntiSpyware (SAS) to scan and remove malware from your computer:

http://www.bleepingcomputer.com/virus-removal/how-to-use-superantispyware-tutorial

Post the log from SUPERAntiSpyware when you've accomplished that.

4. Please run a free online scan with the ESET Online Scanner

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic
  

5. Post the following in your next reply:

• MBAM log
  
• SAS log
  
• ESET log

And, please tell me how your computer is doing.