Infected

here(also it says before the scan that avast! Antivirus *On-access scanning enabled*but i cant disable it if i cant start the antivirus program at all)

ComboFix 10-07-08.02 - Lenovo 10-Jul-10 20:48:13.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3067.2595 [GMT 2]
Running from: c:\documents and settings\Lenovo\Desktop\Combo-Fix.exe
Command switches used :: c:\documents and settings\Lenovo\Desktop\CFScript.txt.txt
AV: avast! Antivirus *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2010-06-10 to 2010-07-10 )))))))))))))))))))))))))))))))
.

2010-07-08 16:39 . 2010-07-08 16:39 -------- d-----w- C:\_OTL
2010-07-04 06:50 . 2010-07-04 06:50 -------- d-----w- c:\windows\system32\?????
2010-07-04 06:50 . 2010-07-04 06:50 -------- d-----w- c:\windows\system32\??
2010-07-04 06:50 . 2010-07-04 06:50 -------- d-----w- c:\windows\system32\?
2010-07-03 16:22 . 2010-07-03 16:28 -------- d-----w- c:\program files\Ask.com
2010-07-03 09:21 . 2010-07-03 09:21 4 ----a-w- c:\windows\vx86036.dat
2010-07-03 09:21 . 2006-03-01 01:10 69632 ----a-w- c:\windows\system32\Crypserv.exe
2010-07-03 09:21 . 2006-01-10 02:47 31846 ----a-w- c:\windows\system32\Ckldrv.sys
2010-07-03 09:21 . 1999-06-18 21:49 165888 ----a-w- c:\windows\Ckconfig.exe
2010-07-03 09:21 . 1996-05-03 17:21 27648 ----a-r- c:\windows\Setup_ck.exe
2010-07-03 09:21 . 1996-05-03 15:36 18432 ----a-w- c:\windows\Setup_ck.dll
2010-07-03 09:21 . 1995-07-04 18:33 11776 ----a-w- c:\windows\Ckrfresh.exe
2010-07-01 12:42 . 2010-05-06 20:39 164048 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-07-01 12:42 . 2010-05-06 20:33 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-07-01 12:42 . 2010-05-06 20:41 307280 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2010-07-01 12:42 . 2010-05-06 20:34 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-07-01 12:42 . 2010-05-06 20:39 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-07-01 12:42 . 2010-05-06 20:33 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-07-01 12:42 . 2010-05-06 20:33 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-07-01 12:42 . 2010-05-06 20:33 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-07-01 12:42 . 2010-05-06 20:59 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-07-01 12:42 . 2010-05-06 20:59 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-07-01 12:42 . 2010-07-01 12:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-06-21 13:19 . 2010-06-30 16:47 -------- d-----w- c:\documents and settings\Lenovo\Application Data\Ludia
2010-06-21 13:19 . 2010-06-30 16:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Ludia
2010-06-14 19:10 . 2010-06-25 14:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Codemasters

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-10 08:04 . 2009-12-09 01:09 3846976 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2010-07-09 16:59 . 2009-12-09 03:17 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-07-09 08:11 . 2009-12-08 20:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-07-07 20:48 . 2010-01-01 20:12 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-07-06 10:30 . 2009-12-09 01:15 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-07-05 11:16 . 2009-12-09 01:12 31966 ----a-w- c:\windows\system32\nvModes.dat
2010-07-01 12:45 . 2009-12-09 03:07 -------- d-----w- c:\program files\Alwil Software
2010-06-27 19:48 . 2009-12-09 00:47 63240 ----a-w- c:\documents and settings\Lenovo\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-06-24 07:33 . 2009-12-08 20:27 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-06-14 19:08 . 2010-06-14 19:08 -------- d-----w- c:\program files\BRS
2010-06-14 19:08 . 2010-06-14 19:08 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2010-06-14 19:08 . 2010-06-14 19:08 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2010-06-14 19:08 . 2010-06-14 19:08 -------- d-----w- c:\program files\OpenAL
2010-06-14 13:00 . 2010-06-10 07:41 -------- d-----w- c:\documents and settings\All Users\Application Data\BioWare
2010-06-10 08:34 . 2010-02-17 10:46 -------- d-----w- c:\program files\SystemRequirementsLab
2010-06-10 08:33 . 2010-02-17 10:46 -------- d-----w- c:\documents and settings\Lenovo\Application Data\SystemRequirementsLab
2010-06-10 08:32 . 2010-06-10 08:32 290816 ----a-w- c:\documents and settings\Lenovo\Application Data\SystemRequirementsLab\SRLProxy_nvd_4.dll
2010-06-10 08:32 . 2010-06-10 08:32 290816 ----a-w- c:\documents and settings\Lenovo\Application Data\SystemRequirementsLab\SRLProxy_nvd_3.dll
2010-06-10 08:32 . 2010-06-10 08:32 290816 ----a-w- c:\documents and settings\Lenovo\Application Data\SystemRequirementsLab\SRLProxy_nvd_2.dll
2010-06-10 08:32 . 2010-06-10 08:32 290816 ----a-w- c:\documents and settings\Lenovo\Application Data\SystemRequirementsLab\SRLProxy_nvd_1.dll
2010-06-10 07:29 . 2010-01-12 13:06 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-06-09 13:40 . 2009-12-08 20:45 -------- d-----w- c:\program files\Common Files\InstallShield
2010-06-03 09:58 . 2010-03-31 07:38 -------- d-----w- c:\documents and settings\Lenovo\Application Data\Graphisoft
2010-06-01 14:06 . 2010-06-01 14:06 4096 ----a-w- c:\windows\d3dx.dat
2010-06-01 14:06 . 2010-06-01 14:06 -------- d-----w- c:\documents and settings\Lenovo\Application Data\GamesCafe
2010-05-29 14:47 . 2010-03-07 11:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Ubisoft
2010-05-27 16:59 . 2010-05-27 16:59 503808 ----a-w- c:\documents and settings\Lenovo\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4b61ae59-n\msvcp71.dll
2010-05-27 16:59 . 2010-05-27 16:59 499712 ----a-w- c:\documents and settings\Lenovo\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4b61ae59-n\jmc.dll
2010-05-27 16:59 . 2010-05-27 16:59 348160 ----a-w- c:\documents and settings\Lenovo\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-4b61ae59-n\msvcr71.dll
2010-05-27 16:59 . 2010-05-27 16:59 61440 ----a-w- c:\documents and settings\Lenovo\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b3f9584-n\decora-sse.dll
2010-05-27 16:59 . 2010-05-27 16:59 12800 ----a-w- c:\documents and settings\Lenovo\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-1b3f9584-n\decora-d3d.dll
2010-05-25 17:10 . 2010-05-25 17:10 -------- d-----w- c:\documents and settings\Lenovo\Application Data\YoudaGames
2010-05-19 18:12 . 2009-12-09 03:05 -------- d-----w- c:\program files\Java
2010-05-13 14:36 . 2010-05-12 17:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Fugazo
2010-05-13 14:36 . 2010-05-13 14:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2010-05-03 07:56 . 2010-06-08 12:46 38784 ----a-w- c:\documents and settings\Lenovo\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-04-29 13:39 . 2009-12-08 20:31 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-29 13:39 . 2009-12-08 20:31 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-12 15:29 . 2010-05-19 18:12 411368 ----a-w- c:\windows\system32\deployJava1.dll
.

------- Sigcheck -------

[-] 2008-08-29 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell]
@="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}"
[HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}]
2010-05-06 21:02 151648 ----a-w- c:\program files\Alwil Software\Avast5\snxPlugins.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-05-14 307768]
"DAEMON Tools Lite"="d:\programs\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"PC Suite Tray"="d:\programs\Nokia PC Suite\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="nwiz.exe" [2009-06-03 1657376]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-03 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-06-03 13754368]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"USBScan.exe"="c:\program files\USBScan\USBScan.exe" [2009-05-28 1358848]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-12-08 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2009-06-12 4464640]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2009-06-10 1282048]
"QuickTime Task"="d:\programs\Quick Time\qttask.exe" [2007-10-19 286720]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-1-18 576104]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"d:\\Programs\\Opera 10.5\\opera.exe"=
"d:\\Programs\\SopCast\\adv\\SopAdver.exe"=
"d:\\Programs\\SopCast\\SopCast.exe"=
"d:\\Games\\Ubisoft\\AssassinsCreedIIGame.exe"=
"d:\\Games\\Ubisoft\\AssassinsCreedII.exe"=
"d:\\Games\\Ubisoft\\UPlayBrowser.exe"=
"d:\\Games\\Ubisoft\\Assassin's Creed II\\server.exe"=
"d:\\Games\\Prince of Persia The Forgotten Sands\\Prince of Persia.exe"=
"d:\\Games\\Prince of Persia The Forgotten Sands\\GameSettings.exe"=
"d:\\Games\\Prince of Persia The Forgotten Sands\\gu.exe"=
"d:\\Games\\Prince of Persia The Forgotten Sands\\UPlayBrowser.exe"=
"c:\\Program Files\\Ubisoft\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [01-Jul-10 14:42 307280]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [01-Jul-10 14:42 164048]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [01-Jul-10 14:42 19024]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [09-Dec-09 03:22 9472]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [12-May-09 03:49 56480]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [09-Dec-09 15:57 691696]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [14-Jan-10 13:59 135664]
S3 cpuz130;cpuz130;\??\c:\docume~1\Lenovo\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> c:\docume~1\Lenovo\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [09-Dec-09 03:22 160256]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19-Feb-10 13:37 517096]
.
Contents of the 'Scheduled Tasks' folder

2010-05-03 c:\windows\Tasks\AdobeAAMUpdater-1.0-HOME-Lenovo.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2010-05-03 01:44]

2010-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-14 11:59]

2010-07-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-14 11:59]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\documents and settings\Lenovo\Application Data\Mozilla\Firefox\Profiles\cvbb60f6.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\documents and settings\Lenovo\Application Data\Mozilla\Firefox\Profiles\cvbb60f6.default\extensions\{2df59417-4325-4c0e-ab72-c6530b54d93d}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\Lenovo\Application Data\Mozilla\Firefox\Profiles\cvbb60f6.default\extensions\{2df59417-4325-4c0e-ab72-c6530b54d93d}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\Lenovo\Application Data\Mozilla\Firefox\Profiles\cvbb60f6.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npmidas.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: d:\programs\Opera 10.5\program\plugins\npdsplay.dll
FF - plugin: d:\programs\Opera 10.5\program\plugins\npqtplugin.dll
FF - plugin: d:\programs\Opera 10.5\program\plugins\npqtplugin2.dll
FF - plugin: d:\programs\Opera 10.5\program\plugins\npqtplugin3.dll
FF - plugin: d:\programs\Opera 10.5\program\plugins\npqtplugin4.dll
FF - plugin: d:\programs\Opera 10.5\program\plugins\npqtplugin5.dll
FF - plugin: d:\programs\Opera 10.5\program\plugins\npqtplugin6.dll
FF - plugin: d:\programs\Opera 10.5\program\plugins\npqtplugin7.dll
FF - plugin: d:\programs\Opera 10.5\program\plugins\npwmsdrm.dll
FF - plugin: d:\programs\Quick Time\Plugins\npqtplugin.dll
FF - plugin: d:\programs\Quick Time\Plugins\npqtplugin2.dll
FF - plugin: d:\programs\Quick Time\Plugins\npqtplugin3.dll
FF - plugin: d:\programs\Quick Time\Plugins\npqtplugin4.dll
FF - plugin: d:\programs\Quick Time\Plugins\npqtplugin5.dll
FF - plugin: d:\programs\Quick Time\Plugins\npqtplugin6.dll
FF - plugin: d:\programs\Quick Time\Plugins\npqtplugin7.dll

---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.proxy.type", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accelerometer.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-10 20:50
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-448539723-1390067357-1801674531-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:44,d6,e7,11,4d,62,e5,8b,29,36,72,f8,56,31,6d,38,2e,0c,50,77,8a,c5,dd,
48,02,d7,42,46,69,90,b1,c2,51,05,98,14,df,4c,47,70,4e,a6,33,89,17,5c,b2,30,\
"??"=hex:d9,e4,2f,bb,bf,e8,3e,77,09,cd,85,03,85,39,df,5b

[HKEY_USERS\S-1-5-21-448539723-1390067357-1801674531-1003\Software\SecuROM\License information*]
"datasecu"=hex:e2,cc,e0,36,07,5e,ca,4f,da,a8,e6,10,20,80,ad,9c,07,09,1a,c8,62,
df,ef,12,ea,39,b4,83,9e,66,63,5b,e3,61,af,e4,40,5d,1e,00,49,12,94,a1,47,a2,\
"rkeysecu"=hex:f5,a4,f7,89,1f,a8,9f,b0,8a,07,e2,0e,41,af,c1,2a
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3604)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2010-07-10 20:51:48
ComboFix-quarantined-files.txt 2010-07-10 18:51
ComboFix2.txt 2010-07-10 08:14

Pre-Run: 86,849,531,904 bytes free
Post-Run: 86,841,536,512 bytes free

- - End Of File - - 6B815881F064D50D41F25500CE69BB94

Hello.
Nearly done.

Submit a file for analysis.

1. Please visit this website: Jotti's Malware Scanner
   
2. Press the "Browse" button and locate the following file in bold:
   C:\WINDOWS\system32\sfcfiles.dll
   
3. Press the "Submit File button to submit the file for analysis.
   
4. Allow it to be scanned, it could take a few minutes depending on server load.
   
5. Copy and paste the result back here.
   

Filename: sfcfiles.dll
Status:
Scan finished. 0 out of 19 scanners reported malware.
Scan taken on: Tue 1 Jun 2010 18:41:49 (CET) Permalink

File size: 1614848 bytes
Filetype: PE32 executable for MS Windows (DLL) (console) Intel 80386 32-bit
MD5: 362bc5af8eaf712832c58cc13ae05750
SHA1: c8c2d44f34115f27f10bc435dd986d4eff00fe3f

Please download the current version of HijackThis from HERE

• Double click and run the installer.
  
• It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  
• After installing, you should get the user agreement, press accept and Hijack This will run.
  
• When Hijack This opens, click "Open the Misc Tools section"
  
• Then select "Open Uninstall Manager"
  
• Click on "Save List..." (generates uninstall_list.txt)
  
• Click Save, copy and paste the results in your next post.
  

again i get this message "You must enter a message when posting."

so ill send it like this

Hello.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

Run ESET Online Scan
Please do an online scan with ESET Online Scanner. Please use Internet Explorer as it uses ActiveX.

• Check (tick) this box: YES, I accept the Terms of Use.
  
• Click on the Start button next to it.
  
• When prompted to run ActiveX. click Yes.
  
• You will be asked to install an ActiveX. Click Install.
  
• Once installed, the scanner will be initialized.
  
• After the scanner is initialized, click Start.
  
• Check (tick) Remove found threats box.
  
• Check (tick) Scan unwanted applications.
  
• Click on Scan.
  
• It will start scanning. Please be patient.
  
• Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.
  

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# IEXPLORE.EXE=7.00.6000.16705 (vista_gdr.080618-1506)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=43aa1ca7fffe44408edff32afb4fd145
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-07-14 07:56:55
# local_time=2010-07-14 09:56:55 (+0100, Central Europe Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=768 16777175 100 0 1101898 1101898 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=20519
# found=0
# cleaned=0
# scan_time=373
esets_scanner_update returned -1 esets_gle=53251
# version=7
# IEXPLORE.EXE=7.00.6000.16705 (vista_gdr.080618-1506)
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=43aa1ca7fffe44408edff32afb4fd145
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-07-14 08:34:56
# local_time=2010-07-14 10:34:56 (+0100, Central Europe Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=768 16777175 100 0 1102680 1102680 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=88951
# found=2
# cleaned=2
# scan_time=1870
D:\Instalacije\Splinter Cell Conviction\0426_scc_sr-mp_crack\ubiorbitapi_r2.dll a variant of Win32/Packed.VMProtect.AAA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
D:\Instalacije\Splinter Cell Conviction\SKIDROW\src\system\ubiorbitapi_r2.dll a variant of Win32/Packed.VMProtect.AAA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

How is the machine running now?

Now its running as it should be but i still get that message when i turn on the laptop, this

and still having issue with this
http://www.GeekPolice.net/internet-networking-f8/internet-download-speed-issue-t22652.htm
other than that its ok.

Hello.
Avast maybe corrupt, try uninstalling it, then re-install it.

Ok now its working, but i still have that issue with the internet speed that i have posted(the link) in my previous post.(if you have time please take a look)

Hello.
We'll continue that thread over there, we can call this thread closed now.