Trojan.Zlob.G Please HELP NEEDED

Hello. Its my finals week now and I have to write a tons of papers. Today I was streaming a video and I got this virus Trojan.Zlob.G My operating system is Windows Vista and Internet Explorer nor Firefox work! It is the same problem as many people described in the previous forums. I have no idea how to deal with this and I am going crazy. Could you please help? Thank you very much

I am sorry I will post the hijack log in a second!

This is my hijack log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:19:34 PM, on 12/7/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\TRCMan\TRCMan.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe
C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\taskeng.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\Windows\System32\notepad.exe
G:\Hijack(GP)This.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:81
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TRCMan] C:\Program Files\TOSHIBA\TRCMan\TRCMan.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\Sidebar.exe" /autorun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ccEvtMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ccSetMgr - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - Unknown owner - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 12107 bytes

Uninstall List:

2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office system
Ad-Aware
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 9 ActiveX
Adobe Reader 8.1.2
AppCore
Apple Mobile Device Support
Apple Software Update
Atheros Driver Installation Program
Atheros Wi-Fi Protected Setup Library
AV
AVG Free 8.0
Avira AntiVir Personal - Free Antivirus
Bluetooth Stack for Windows by Toshiba
Bonjour
Camera Assistant Software for Toshiba
Canon MP Navigator EX 1.0
Canon MP210 series
Canon MP210 series User Registration
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
Catalyst Control Center - Branding
ccCommon
CCleaner (remove only)
CD/DVD Drive Acoustic Silencer
CyberLink PowerCinema for TOSHIBA
DVD MovieFactory for TOSHIBA
GearDrvs
GearDrvs
Google Earth
Google Updater
HijackThis 2.0.2
ICQ6
iTunes
Java(TM) 6 Update 3
JumpStart Advanced Kindergarten
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Memeo AutoBackup
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.0.4)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MyMemoryMaker
Norton 360
Norton 360
Norton 360
Norton 360
Norton 360 (Symantec Corporation)
Norton 360 Help
Norton Confidential Browser Component
Norton Confidential Web Authentification Component
Norton Confidential Web Protection Component
Picasa 2
QuickBooks Financial Center
QuickTime
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
ScanSoft OmniPage SE 4
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB955936)
Security Update for 2007 Microsoft Office System (KB955936)
Security Update for Microsoft Office Excel 2007 (KB955470)
Security Update for Microsoft Office Excel 2007 (KB955470)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Windows Media Encoder (KB954156)
Skype™ 3.8
SPBBC 32bit
Steam
SuppSoft
Symantec Technical Support Controls
SymNet
Synaptics Pointing Device Driver
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
Toshiba Registration
TOSHIBA Remote Control Manager
TOSHIBA SD Memory Utilities
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
Update for Microsoft Office Access 2007 Help (KB957241)
Update for Microsoft Office Excel 2007 Help (KB957242)
Update for Microsoft Office Excel 2007 Help (KB957242)
Update for Microsoft Office OneNote 2007 Help (KB957245)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Outlook 2007 Help (KB957246)
Update for Microsoft Office PowerPoint 2007 Help (KB957247)
Update for Microsoft Office PowerPoint 2007 Help (KB957247)
Update for Microsoft Office Publisher 2007 Help (KB957249)
Update for Microsoft Office Word 2007 Help (KB957252)
Update for Microsoft Office Word 2007 Help (KB957252)
Update for Microsoft Script Editor Help (KB957253)
Update for Microsoft Script Editor Help (KB957253)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb957829)
Vista Codec Package
Windows Live installer
Windows Live Messenger
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
WinRAR archiver

Hello.

1. Download this file - combofix.exe
2. Double click combofix.exe & follow the prompts, but select NO when asked to install the recovery console.
3. When finished, it shall produce a log for you. Post that log in your next reply.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

Ok i did what you asked me to do, But now not even my windows explorer works, so i turn on the pc and there is a blank desktop...


ComboFix 08-12-06.06 - Martin 2008-12-07 15:24:18.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1808 [GMT -6:00]
Running from: G:\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2008-11-07 to 2008-12-07 )))))))))))))))))))))))))))))))
.

2008-12-07 14:17 . 2008-12-07 14:17 d-------- c:\windows\System32\drivers\Avg
2008-12-07 14:17 . 2008-12-07 14:17 97,928 --a------ c:\windows\System32\drivers\avgldx86.sys
2008-12-07 14:17 . 2008-12-07 14:17 10,520 --a------ c:\windows\System32\avgrsstx.dll
2008-12-07 14:16 . 2008-12-07 14:16 d-------- c:\users\All Users\avg8
2008-12-07 14:16 . 2008-12-07 14:16 d-------- c:\programdata\avg8
2008-12-07 14:16 . 2008-12-07 14:16 d-------- c:\program files\AVG
2008-12-06 20:47 . 2008-12-07 12:50 d-------- c:\users\Martin\Random
2008-12-06 20:46 . 2008-12-06 20:47 d-------- c:\users\Martin\Squash
2008-12-06 19:32 . 2008-12-06 19:32 95 --a------ c:\windows\ka.ini
2008-12-06 19:31 . 2008-12-06 19:32 d-------- c:\users\All Users\Knowledge Adventure
2008-12-06 19:31 . 2008-12-06 19:32 d-------- c:\programdata\Knowledge Adventure
2008-12-06 19:31 . 2008-12-06 19:31 d-------- c:\program files\Common Files\Knowledge Adventure
2008-12-06 19:30 . 2008-12-06 19:30 d-------- c:\users\Martin\AppData\Roaming\InstallShield
2008-12-06 00:56 . 2008-12-06 19:21 d-------- c:\users\Martin\Snow Fight
2008-12-04 12:20 . 2008-12-04 12:22 d-------- c:\users\Martin\Thanksgiving
2008-11-26 10:39 . 2008-10-20 23:25 1,645,568 --a------ c:\windows\System32\connect.dll
2008-11-26 10:39 . 2008-08-27 21:40 712,704 --a------ c:\windows\System32\WindowsCodecs.dll
2008-11-26 10:39 . 2008-08-27 21:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll
2008-11-26 10:39 . 2008-08-27 21:40 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll
2008-11-26 10:39 . 2008-10-21 21:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll
2008-11-17 00:03 . 2008-12-02 22:59 54,156 --ah----- c:\windows\QTFont.qfn
2008-11-17 00:03 . 2008-11-17 00:03 1,409 --a------ c:\windows\QTFont.for
2008-11-15 12:57 . 2008-11-15 12:57 dr-h----- c:\users\Martin\AppData\Roaming\SecuROM
2008-11-15 12:57 . 2008-11-15 12:57 107,888 --a------ c:\windows\System32\CmdLineExt.dll
2008-11-15 12:56 . 2008-11-15 12:56 d-------- c:\users\All Users\Media Center Programs
2008-11-15 12:56 . 2008-11-15 12:56 d-------- c:\programdata\Media Center Programs
2008-11-15 12:44 . 2007-03-12 16:42 3,495,784 --a------ c:\windows\System32\d3dx9_33.dll
2008-11-15 12:44 . 2007-03-12 16:42 1,123,696 --a------ c:\windows\System32\D3DCompiler_33.dll
2008-11-15 12:44 . 2007-03-15 16:57 443,752 --a------ c:\windows\System32\d3dx10_33.dll
2008-11-15 12:41 . 2008-11-15 12:41 d--hs---- c:\windows\ftpcache
2008-11-11 20:01 . 2008-09-04 23:14 1,191,936 --a------ c:\windows\System32\msxml3.dll
2008-11-11 20:01 . 2008-08-26 19:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys
2008-11-11 20:00 . 2008-09-09 21:40 1,334,272 --a------ c:\windows\System32\msxml6.dll
2008-11-07 08:35 . 2008-10-16 15:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2008-11-07 08:35 . 2008-10-16 14:56 1,524,736 --a------ c:\windows\System32\wucltux.dll
2008-11-07 08:35 . 2008-10-16 15:12 561,688 --a------ c:\windows\System32\wuapi.dll
2008-11-07 08:35 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll
2008-11-07 08:35 . 2008-10-16 14:55 83,456 --a------ c:\windows\System32\wudriver.dll
2008-11-07 08:35 . 2008-10-16 15:09 51,224 --a------ c:\windows\System32\wuauclt.exe
2008-11-07 08:35 . 2008-10-16 15:09 43,544 --a------ c:\windows\System32\wups2.dll
2008-11-07 08:35 . 2008-10-16 15:08 34,328 --a------ c:\windows\System32\wups.dll
2008-11-07 08:35 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-07 18:10 --------- d-----w c:\users\Martin\AppData\Roaming\Skype
2008-12-07 18:10 --------- d-----w c:\users\Martin\AppData\Roaming\Hide IP NG
2008-12-07 18:10 --------- d-----w c:\users\Martin\AppData\Roaming\DAEMON Tools
2008-12-07 18:10 --------- d-----w c:\users\Martin\AppData\Roaming\CyberLink
2008-12-07 18:10 --------- d-----w c:\users\Martin\AppData\Roaming\Canon
2008-12-07 18:10 --------- d-----w c:\users\Martin\AppData\Roaming\Apple Computer
2008-12-07 17:55 --------- d-----w c:\users\Martin\AppData\Roaming\skypePM
2008-12-07 01:31 --------- d-----w c:\program files\Jumpstart
2008-12-07 00:18 --------- d-----w c:\programdata\Google Updater
2008-12-01 14:38 --------- d-----w c:\programdata\Microsoft Help
2008-11-07 02:54 --------- d-----w c:\program files\Common Files\Steam
2008-11-05 21:11 --------- d-----w c:\program files\ProxyPlus
2008-10-25 18:54 --------- d-----w c:\program files\THQ
2008-10-21 16:21 --------- d-----w c:\programdata\Symantec
2008-10-15 12:22 --------- d-----w c:\program files\Windows Mail
2008-10-15 03:20 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2008-10-15 03:19 103,736 ----a-w c:\windows\System32\PnkBstrB.exe
2008-10-14 00:00 66,872 ----a-w c:\windows\System32\PnkBstrA.exe
2008-10-08 06:09 --------- d-----w c:\programdata\Apple Computer
2008-10-08 06:09 --------- d-----w c:\program files\VistaCodecPack
2008-10-08 05:59 --------- d-----w c:\program files\Norton 360
2008-10-02 03:49 827,392 ----a-w c:\windows\System32\wininet.dll
2008-09-30 22:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll
2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe
2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe
2008-09-18 04:56 147,456 ----a-w c:\windows\System32\Faultrep.dll
2008-09-18 04:56 125,952 ----a-w c:\windows\System32\wersvc.dll
2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys
2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini
2008-08-29 13:40 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-08-29 13:40 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-08-29 13:40 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2008-08-21 21:46 13 --sh--r c:\windows\System32\drivers\fbd.sys
2008-08-21 21:46 4 --sh--r c:\windows\System32\drivers\taishop.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\Sidebar.exe" [2008-01-20 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-20 125952]
"Smax4v"="c:\users\Martin\AppData\Roaming\Google\windep.exe" [2008-12-07 128000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"TRCMan"="c:\program files\TOSHIBA\TRCMan\TRCMan.exe" [2008-01-11 692224]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-15 448080]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-17 1295656]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 115816]
"PCMAgent"="c:\program files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe" [2007-12-13 143360]
"CLMLServer"="c:\program files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe" [2008-02-14 184320]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-07 1261336]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-29 c:\windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"msacm.divxa32"= divxa32.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{806D78B3-015C-4722-9DB5-A35C81FBB93D}"= c:\program files\CyberLink\PowerCinema for TOSHIBA\PowerCinema.exe:CyberLink PowerCinema
"{D65BA80A-4847-49F9-8154-3AAD5008E39B}"= c:\program files\CyberLink\PowerCinema for TOSHIBA\PCMService.exe:CyberLink PowerCinema Resident Program
"{FB9826A3-C8DD-40FC-8CA4-24624870C415}"= c:\program files\CyberLink\PowerCinema for TOSHIBA\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{7DE3F918-8D69-41D4-99C3-88D389826E89}"= c:\program files\CyberLink\PowerCinema for TOSHIBA\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{8D419721-5E67-4049-BAC8-0508B389A962}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{9B17E516-8B7E-4AB2-B9AD-8852061E167C}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{4FD5D316-EB6E-41D6-B39F-66E465CB2D78}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0D5F2E5D-7DA0-4AEE-A1E3-3E121C54B6CD}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{57F3CE0A-2842-40EB-A16B-34D7227038FD}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{9D0E0E46-A252-4188-9565-5682779BADFE}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{30AC1AA6-9DA1-4116-A32F-FFECFE0812A7}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"TCP Query User{44DCE38D-4A4B-433E-A992-0FB292A86851}c:\\matov folder\\command and conquer zero hours\\game.dat"= UDP:c:\matov folder\command and conquer zero hours\game.dat:game.dat
"UDP Query User{50358FBC-9FDD-4186-9866-BC391C87A2A3}c:\\matov folder\\command and conquer zero hours\\game.dat"= TCP:c:\matov folder\command and conquer zero hours\game.dat:game.dat
"{E7979F6C-DAFE-47EF-98D2-F71C3FD1ADDA}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{EED1AA2E-4FB6-4646-8592-AB206234777F}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{D114284B-7DF2-4EE9-AC1C-2A3A90F2F65C}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{4E988905-E41B-40AF-98F6-BDA806CBCB55}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{524021D1-F097-453E-AA5A-764960AEAA93}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{C554D7F9-F2D2-44FB-9FE6-DFEDB3BDC1CD}c:\\matov folder\\steam\\steamapps\\tatar@ovsiste.sk\\counter-strike source\\hl2.exe"= UDP:c:\matov folder\steam\steamapps\tatar@ovsiste.sk\counter-strike source\hl2.exe:hl2
"UDP Query User{2E0167BA-5039-46D0-82AF-3B1716FD83E2}c:\\matov folder\\steam\\steamapps\\tatar@ovsiste.sk\\counter-strike source\\hl2.exe"= TCP:c:\matov folder\steam\steamapps\tatar@ovsiste.sk\counter-strike source\hl2.exe:hl2
"TCP Query User{35ED73E0-EA0B-43EE-967C-F967D3C902DD}c:\\matov folder\\need for speed\\online\\bombd.exe"= UDP:c:\matov folder\need for speed\online\bombd.exe:bombd
"UDP Query User{A78AEE20-6E33-4669-A4DD-35646EA89CAE}c:\\matov folder\\need for speed\\online\\bombd.exe"= TCP:c:\matov folder\need for speed\online\bombd.exe:bombd
"TCP Query User{524C00A2-F853-4835-9B16-5246889C41B0}c:\\program files\\electronic arts\\need for speed prostreet\\online\\bombd.exe"= UDP:c:\program files\electronic arts\need for speed prostreet\online\bombd.exe:bombd
"UDP Query User{D8EBA051-AB7B-45F5-9151-28E6D4FAC155}c:\\program files\\electronic arts\\need for speed prostreet\\online\\bombd.exe"= TCP:c:\program files\electronic arts\need for speed prostreet\online\bombd.exe:bombd
"{E0579686-466B-49E3-9C2A-A8796B4CA121}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{0392436E-DDAD-4754-8664-EB7D5B0D40BD}c:\\matov folder\\warcraft\\war3.exe"= UDP:c:\matov folder\warcraft\war3.exe:war3
"UDP Query User{ADE20DE8-6E7A-4C3B-9DCC-E07E7396767E}c:\\matov folder\\warcraft\\war3.exe"= TCP:c:\matov folder\warcraft\war3.exe:war3
"TCP Query User{AA2BF521-86F6-4B49-A2C8-94441FC73775}c:\\program files\\proxyway\\proxyway.exe"= UDP:c:\program files\proxyway\proxyway.exe:ProxyWay
"UDP Query User{0249BE91-D34D-46EE-B331-EDF48BE979A5}c:\\program files\\proxyway\\proxyway.exe"= TCP:c:\program files\proxyway\proxyway.exe:ProxyWay
"TCP Query User{46F196B8-C8EC-48E2-9E10-C2FCC73FDF2F}c:\\matov folder\\steam\\steamapps\\tatar@ovsiste.sk\\counter-strike\\hl.exe"= UDP:c:\matov folder\steam\steamapps\tatar@ovsiste.sk\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{CB34DDAD-CE98-4AE5-AAB3-B823F67B8208}c:\\matov folder\\steam\\steamapps\\tatar@ovsiste.sk\\counter-strike\\hl.exe"= TCP:c:\matov folder\steam\steamapps\tatar@ovsiste.sk\counter-strike\hl.exe:Half-Life Launcher
"{CFC5482D-2D8A-4EDF-B2B2-A6BA3B5D1E6F}"= UDP:c:\program files\THQ\Company of Heroes\RelicCOH.exe:Company of Heroes - Opposing Fronts
"{C07CDB9A-B733-40D1-B8BD-BE45063FFD7A}"= TCP:c:\program files\THQ\Company of Heroes\RelicCOH.exe:Company of Heroes - Opposing Fronts
"{09D0BEE4-FB96-4F5C-8008-C4EE1D929411}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"= c:\toshiba\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine
"c:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"= c:\toshiba\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-12-07 97928]
R1 IDSvix86;Symantec Intrusion Prevention Driver;\??\c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20081014.001\IDSvix86.sys [2008-10-14 270384]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwf.sys [2008-06-16 20352]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-07 231704]
R2 ConfigFree Service;ConfigFree Service;"c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe" [2007-12-25 40960]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;"c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe" [2007-12-03 126976]
R3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2008-02-12 7168]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\Drivers\SYMNDISV.SYS [2007-01-09 38200]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\Jumpstart\jswpsapi.exe [2008-06-16 937984]

*Newly Created Service* - AVGLDX86
*Newly Created Service* - AVGMFX86
*Newly Created Service* - COMHOST
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder

2008-12-07 c:\windows\Tasks\User_Feed_Synchronization-{3FB2D258-458C-4224-B88B-8FAC9435781D}.job
- c:\windows\system32\msfeedssync.exe [2008-01-20 20:24]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-TOSCDSPD - TOSCDSPD.EXE


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = local
uInternet Settings,ProxyServer = 127.0.0.1:81
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FireFox -: Profile - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\hvpvdt9f.default\
FF -: plugin - c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\VistaCodecPack\QT\Plugins\npqtplugin.dll
FF -: plugin - c:\program files\VistaCodecPack\QT\Plugins\npqtplugin2.dll
FF -: plugin - c:\program files\VistaCodecPack\QT\Plugins\npqtplugin3.dll
FF -: plugin - c:\program files\VistaCodecPack\QT\Plugins\npqtplugin4.dll
FF -: plugin - c:\program files\VistaCodecPack\QT\Plugins\npqtplugin5.dll
FF -: plugin - c:\program files\VistaCodecPack\QT\Plugins\npqtplugin6.dll
FF -: plugin - c:\program files\VistaCodecPack\QT\Plugins\npqtplugin7.dll
FF -: plugin - c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF -: plugin - c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-07 15:26:20
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(580)
c:\users\Martin\AppData\Roaming\Google\dplsmjk.dll
.
Completion time: 2008-12-07 15:27:25
ComboFix-quarantined-files.txt 2008-12-07 21:27:19

Pre-Run: 142,660,608,000 bytes free
Post-Run: 142,781,079,552 bytes free

233 --- E O F --- 2008-12-04 17:19:19

Hello.
I see you are running Avira and AVG. Running two AV's (Anti-virus) can be bad, they conflict and cause more problems.

• Click Start >> Control Panel.
  
• Under the Programs click Uninstall a Program
  
• Highlight AVG8
  
• Click on the Uninstall/Change button at the top.
  

Now open a new notepad file.
Input this into the notepad file:

File::
c:\users\Martin\AppData\Roaming\Google\windep.exe

Registry::
"Smax4v"=

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix.exe again, agree to it's terms and allow it to run, it may want to reboot after it's done. Post the resulting log back here.

Ok i got that:

ComboFix 08-12-06.06 - Martin 2008-12-07 15:54:08.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1999 [GMT -6:00]
Running from: G:\ComboFix.exe
Command switches used :: c:\users\Martin\Desktop\CFscript.txt
* Created a new restore point

FILE ::
c:\users\Martin\AppData\Roaming\Google\windep.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\Martin\AppData\Roaming\Google\windep.exe

.
((((((((((((((((((((((((( Files Created from 2008-11-07 to 2008-12-07 )))))))))))))))))))))))))))))))
.

2008-12-07 15:51 . 2008-12-07 15:51 d-------- c:\users\All Users\Avg8
2008-12-07 15:51 . 2008-12-07 15:51 d-------- c:\programdata\Avg8
2008-12-06 20:47 . 2008-12-07 12:50 d-------- c:\users\Martin\Random
2008-12-06 20:46 . 2008-12-06 20:47 d-------- c:\users\Martin\Squash
2008-12-06 19:32 . 2008-12-06 19:32 95 --a------ c:\windows\ka.ini
2008-12-06 19:31 . 2008-12-06 19:32 d-------- c:\users\All Users\Knowledge Adventure
2008-12-06 19:31 . 2008-12-06 19:32 d-------- c:\programdata\Knowledge Adventure
2008-12-06 19:31 . 2008-12-06 19:31 d-------- c:\program files\Common Files\Knowledge Adventure
2008-12-06 19:30 . 2008-12-06 19:30 d-------- c:\users\Martin\AppData\Roaming\InstallShield
2008-12-06 00:56 . 2008-12-06 19:21 d-------- c:\users\Martin\Snow Fight
2008-12-04 12:20 . 2008-12-04 12:22 d-------- c:\users\Martin\Thanksgiving
2008-11-26 10:39 . 2008-10-20 23:25 1,645,568 --a------ c:\windows\System32\connect.dll
2008-11-26 10:39 . 2008-08-27 21:40 712,704 --a------ c:\windows\System32\WindowsCodecs.dll
2008-11-26 10:39 . 2008-08-27 21:40 425,472 --a------ c:\windows\System32\PhotoMetadataHandler.dll
2008-11-26 10:39 . 2008-08-27 21:40 347,136 --a------ c:\windows\System32\WindowsCodecsExt.dll
2008-11-26 10:39 . 2008-10-21 21:57 241,152 --a------ c:\windows\System32\PortableDeviceApi.dll
2008-11-17 00:03 . 2008-12-02 22:59 54,156 --ah----- c:\windows\QTFont.qfn
2008-11-17 00:03 . 2008-11-17 00:03 1,409 --a------ c:\windows\QTFont.for
2008-11-15 12:57 . 2008-11-15 12:57 dr-h----- c:\users\Martin\AppData\Roaming\SecuROM
2008-11-15 12:57 . 2008-11-15 12:57 107,888 --a------ c:\windows\System32\CmdLineExt.dll
2008-11-15 12:56 . 2008-11-15 12:56 d-------- c:\users\All Users\Media Center Programs
2008-11-15 12:56 . 2008-11-15 12:56 d-------- c:\programdata\Media Center Programs
2008-11-15 12:44 . 2007-03-12 16:42 3,495,784 --a------ c:\windows\System32\d3dx9_33.dll
2008-11-15 12:44 . 2007-03-12 16:42 1,123,696 --a------ c:\windows\System32\D3DCompiler_33.dll
2008-11-15 12:44 . 2007-03-15 16:57 443,752 --a------ c:\windows\System32\d3dx10_33.dll
2008-11-15 12:41 . 2008-11-15 12:41 d--hs---- c:\windows\ftpcache
2008-11-11 20:01 . 2008-09-04 23:14 1,191,936 --a------ c:\windows\System32\msxml3.dll
2008-11-11 20:01 . 2008-08-26 19:05 212,480 --a------ c:\windows\System32\drivers\mrxsmb10.sys
2008-11-11 20:00 . 2008-09-09 21:40 1,334,272 --a------ c:\windows\System32\msxml6.dll
2008-11-07 08:35 . 2008-10-16 15:13 1,809,944 --a------ c:\windows\System32\wuaueng.dll
2008-11-07 08:35 . 2008-10-16 14:56 1,524,736 --a------ c:\windows\System32\wucltux.dll
2008-11-07 08:35 . 2008-10-16 15:12 561,688 --a------ c:\windows\System32\wuapi.dll
2008-11-07 08:35 . 2008-10-16 14:08 162,064 --a------ c:\windows\System32\wuwebv.dll
2008-11-07 08:35 . 2008-10-16 14:55 83,456 --a------ c:\windows\System32\wudriver.dll
2008-11-07 08:35 . 2008-10-16 15:09 51,224 --a------ c:\windows\System32\wuauclt.exe
2008-11-07 08:35 . 2008-10-16 15:09 43,544 --a------ c:\windows\System32\wups2.dll
2008-11-07 08:35 . 2008-10-16 15:08 34,328 --a------ c:\windows\System32\wups.dll
2008-11-07 08:35 . 2008-10-16 13:56 31,232 --a------ c:\windows\System32\wuapp.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-07 18:10 --------- d-----w c:\users\Martin\AppData\Roaming\Skype
2008-12-07 18:10 --------- d-----w c:\users\Martin\AppData\Roaming\Hide IP NG
2008-12-07 18:10 --------- d-----w c:\users\Martin\AppData\Roaming\DAEMON Tools
2008-12-07 18:10 --------- d-----w c:\users\Martin\AppData\Roaming\CyberLink
2008-12-07 18:10 --------- d-----w c:\users\Martin\AppData\Roaming\Canon
2008-12-07 18:10 --------- d-----w c:\users\Martin\AppData\Roaming\Apple Computer
2008-12-07 17:55 --------- d-----w c:\users\Martin\AppData\Roaming\skypePM
2008-12-07 01:31 --------- d-----w c:\program files\Jumpstart
2008-12-07 00:18 --------- d-----w c:\programdata\Google Updater
2008-12-01 14:38 --------- d-----w c:\programdata\Microsoft Help
2008-11-07 02:54 --------- d-----w c:\program files\Common Files\Steam
2008-11-05 21:11 --------- d-----w c:\program files\ProxyPlus
2008-10-25 18:54 --------- d-----w c:\program files\THQ
2008-10-21 16:21 --------- d-----w c:\programdata\Symantec
2008-10-15 12:22 --------- d-----w c:\program files\Windows Mail
2008-10-15 03:20 22,328 ----a-w c:\windows\system32\drivers\PnkBstrK.sys
2008-10-15 03:19 103,736 ----a-w c:\windows\System32\PnkBstrB.exe
2008-10-14 00:00 66,872 ----a-w c:\windows\System32\PnkBstrA.exe
2008-10-08 06:09 --------- d-----w c:\programdata\Apple Computer
2008-10-08 06:09 --------- d-----w c:\program files\VistaCodecPack
2008-10-08 05:59 --------- d-----w c:\program files\Norton 360
2008-10-02 03:49 827,392 ----a-w c:\windows\System32\wininet.dll
2008-09-30 22:43 1,286,152 ----a-w c:\windows\System32\msxml4.dll
2008-09-18 05:09 3,601,464 ----a-w c:\windows\System32\ntkrnlpa.exe
2008-09-18 05:09 3,549,240 ----a-w c:\windows\System32\ntoskrnl.exe
2008-09-18 04:56 147,456 ----a-w c:\windows\System32\Faultrep.dll
2008-09-18 04:56 125,952 ----a-w c:\windows\System32\wersvc.dll
2008-09-18 02:16 2,032,640 ----a-w c:\windows\System32\win32k.sys
2008-01-21 02:43 174 --sha-w c:\program files\desktop.ini
2008-08-29 13:40 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-08-29 13:40 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-08-29 13:40 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2008-08-21 21:46 13 --sh--r c:\windows\System32\drivers\fbd.sys
2008-08-21 21:46 4 --sh--r c:\windows\System32\drivers\taishop.sys
.

((((((((((((((((((((((((((((( snapshot@2008-12-07_15.26.47.12 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-12-07 20:14:24 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-12-07 21:46:22 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-12-07 20:14:24 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-12-07 21:46:22 2,048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-12-07 20:17:03 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-12-07 21:50:40 262,144 --sha-w c:\windows\ServiceProfiles\LocalService\NTUSER.DAT
- 2008-12-07 20:17:09 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-12-07 21:51:13 262,144 --sha-w c:\windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2008-12-07 20:18:57 102,194 ----a-w c:\windows\System32\perfc009.dat
+ 2008-12-07 21:53:51 102,194 ----a-w c:\windows\System32\perfc009.dat
- 2008-12-07 20:18:57 598,588 ----a-w c:\windows\System32\perfh009.dat
+ 2008-12-07 21:53:52 598,588 ----a-w c:\windows\System32\perfh009.dat
- 2008-12-07 20:16:24 8,138 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-185379766-2671556060-1075924701-1000_UserData.bin
+ 2008-12-07 21:48:26 8,352 ----a-w c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-185379766-2671556060-1075924701-1000_UserData.bin
- 2008-12-07 20:16:24 93,730 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-12-07 21:48:25 93,978 ----a-w c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.

*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\Sidebar.exe" [2008-01-20 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-20 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"TRCMan"="c:\program files\TOSHIBA\TRCMan\TRCMan.exe" [2008-01-11 692224]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2007-06-15 448080]
"ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-06-17 1295656]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2007-01-09 115816]
"PCMAgent"="c:\program files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe" [2007-12-13 143360]
"CLMLServer"="c:\program files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe" [2008-02-14 184320]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-29 c:\windows\RtHDVCpl.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\COMMON~1\ULEADS~1\vio\dvacm.acm
"msacm.divxa32"= divxa32.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{806D78B3-015C-4722-9DB5-A35C81FBB93D}"= c:\program files\CyberLink\PowerCinema for TOSHIBA\PowerCinema.exe:CyberLink PowerCinema
"{D65BA80A-4847-49F9-8154-3AAD5008E39B}"= c:\program files\CyberLink\PowerCinema for TOSHIBA\PCMService.exe:CyberLink PowerCinema Resident Program
"{FB9826A3-C8DD-40FC-8CA4-24624870C415}"= c:\program files\CyberLink\PowerCinema for TOSHIBA\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{7DE3F918-8D69-41D4-99C3-88D389826E89}"= c:\program files\CyberLink\PowerCinema for TOSHIBA\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{8D419721-5E67-4049-BAC8-0508B389A962}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{9B17E516-8B7E-4AB2-B9AD-8852061E167C}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{4FD5D316-EB6E-41D6-B39F-66E465CB2D78}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0D5F2E5D-7DA0-4AEE-A1E3-3E121C54B6CD}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{57F3CE0A-2842-40EB-A16B-34D7227038FD}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{9D0E0E46-A252-4188-9565-5682779BADFE}c:\\program files\\icq6\\icq.exe"= UDP:c:\program files\icq6\icq.exe:ICQ Library
"UDP Query User{30AC1AA6-9DA1-4116-A32F-FFECFE0812A7}c:\\program files\\icq6\\icq.exe"= TCP:c:\program files\icq6\icq.exe:ICQ Library
"TCP Query User{44DCE38D-4A4B-433E-A992-0FB292A86851}c:\\matov folder\\command and conquer zero hours\\game.dat"= UDP:c:\matov folder\command and conquer zero hours\game.dat:game.dat
"UDP Query User{50358FBC-9FDD-4186-9866-BC391C87A2A3}c:\\matov folder\\command and conquer zero hours\\game.dat"= TCP:c:\matov folder\command and conquer zero hours\game.dat:game.dat
"{E7979F6C-DAFE-47EF-98D2-F71C3FD1ADDA}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{EED1AA2E-4FB6-4646-8592-AB206234777F}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{D114284B-7DF2-4EE9-AC1C-2A3A90F2F65C}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{4E988905-E41B-40AF-98F6-BDA806CBCB55}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{524021D1-F097-453E-AA5A-764960AEAA93}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{C554D7F9-F2D2-44FB-9FE6-DFEDB3BDC1CD}c:\\matov folder\\steam\\steamapps\\tatar@ovsiste.sk\\counter-strike source\\hl2.exe"= UDP:c:\matov folder\steam\steamapps\tatar@ovsiste.sk\counter-strike source\hl2.exe:hl2
"UDP Query User{2E0167BA-5039-46D0-82AF-3B1716FD83E2}c:\\matov folder\\steam\\steamapps\\tatar@ovsiste.sk\\counter-strike source\\hl2.exe"= TCP:c:\matov folder\steam\steamapps\tatar@ovsiste.sk\counter-strike source\hl2.exe:hl2
"TCP Query User{35ED73E0-EA0B-43EE-967C-F967D3C902DD}c:\\matov folder\\need for speed\\online\\bombd.exe"= UDP:c:\matov folder\need for speed\online\bombd.exe:bombd
"UDP Query User{A78AEE20-6E33-4669-A4DD-35646EA89CAE}c:\\matov folder\\need for speed\\online\\bombd.exe"= TCP:c:\matov folder\need for speed\online\bombd.exe:bombd
"TCP Query User{524C00A2-F853-4835-9B16-5246889C41B0}c:\\program files\\electronic arts\\need for speed prostreet\\online\\bombd.exe"= UDP:c:\program files\electronic arts\need for speed prostreet\online\bombd.exe:bombd
"UDP Query User{D8EBA051-AB7B-45F5-9151-28E6D4FAC155}c:\\program files\\electronic arts\\need for speed prostreet\\online\\bombd.exe"= TCP:c:\program files\electronic arts\need for speed prostreet\online\bombd.exe:bombd
"{E0579686-466B-49E3-9C2A-A8796B4CA121}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{0392436E-DDAD-4754-8664-EB7D5B0D40BD}c:\\matov folder\\warcraft\\war3.exe"= UDP:c:\matov folder\warcraft\war3.exe:war3
"UDP Query User{ADE20DE8-6E7A-4C3B-9DCC-E07E7396767E}c:\\matov folder\\warcraft\\war3.exe"= TCP:c:\matov folder\warcraft\war3.exe:war3
"TCP Query User{AA2BF521-86F6-4B49-A2C8-94441FC73775}c:\\program files\\proxyway\\proxyway.exe"= UDP:c:\program files\proxyway\proxyway.exe:ProxyWay
"UDP Query User{0249BE91-D34D-46EE-B331-EDF48BE979A5}c:\\program files\\proxyway\\proxyway.exe"= TCP:c:\program files\proxyway\proxyway.exe:ProxyWay
"TCP Query User{46F196B8-C8EC-48E2-9E10-C2FCC73FDF2F}c:\\matov folder\\steam\\steamapps\\tatar@ovsiste.sk\\counter-strike\\hl.exe"= UDP:c:\matov folder\steam\steamapps\tatar@ovsiste.sk\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{CB34DDAD-CE98-4AE5-AAB3-B823F67B8208}c:\\matov folder\\steam\\steamapps\\tatar@ovsiste.sk\\counter-strike\\hl.exe"= TCP:c:\matov folder\steam\steamapps\tatar@ovsiste.sk\counter-strike\hl.exe:Half-Life Launcher
"{CFC5482D-2D8A-4EDF-B2B2-A6BA3B5D1E6F}"= UDP:c:\program files\THQ\Company of Heroes\RelicCOH.exe:Company of Heroes - Opposing Fronts
"{C07CDB9A-B733-40D1-B8BD-BE45063FFD7A}"= TCP:c:\program files\THQ\Company of Heroes\RelicCOH.exe:Company of Heroes - Opposing Fronts

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\TOSHIBA\\ivp\\NetInt\\Netint.exe"= c:\toshiba\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine
"c:\\TOSHIBA\\Ivp\\ISM\\pinger.exe"= c:\toshiba\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger

R1 IDSvix86;Symantec Intrusion Prevention Driver;\??\c:\progra~2\Symantec\DEFINI~1\SymcData\idsdefs\20081014.001\IDSvix86.sys [2008-10-14 270384]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\DRIVERS\jswpslwf.sys [2008-06-16 20352]
R2 ConfigFree Service;ConfigFree Service;"c:\program files\TOSHIBA\ConfigFree\CFSvcs.exe" [2007-12-25 40960]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;"c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe" [2007-12-03 126976]
R3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [2008-02-12 7168]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\Drivers\SYMNDISV.SYS [2007-01-09 38200]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\Jumpstart\jswpsapi.exe [2008-06-16 937984]

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder

2008-12-07 c:\windows\Tasks\User_Feed_Synchronization-{3FB2D258-458C-4224-B88B-8FAC9435781D}.job
- c:\windows\system32\msfeedssync.exe [2008-01-20 20:24]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Smax4v - c:\users\Martin\AppData\Roaming\Google\windep.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = local
uInternet Settings,ProxyServer = 127.0.0.1:81
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FireFox -: Profile - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\hvpvdt9f.default\
FF -: plugin - c:\program files\Google\Google Updater\2.4.1368.5602\npCIDetect13.dll
FF -: plugin - c:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\program files\VistaCodecPack\QT\Plugins\npqtplugin.dll
FF -: plugin - c:\program files\VistaCodecPack\QT\Plugins\npqtplugin2.dll
FF -: plugin - c:\program files\VistaCodecPack\QT\Plugins\npqtplugin3.dll
FF -: plugin - c:\program files\VistaCodecPack\QT\Plugins\npqtplugin4.dll
FF -: plugin - c:\program files\VistaCodecPack\QT\Plugins\npqtplugin5.dll
FF -: plugin - c:\program files\VistaCodecPack\QT\Plugins\npqtplugin6.dll
FF -: plugin - c:\program files\VistaCodecPack\QT\Plugins\npqtplugin7.dll
FF -: plugin - c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF -: plugin - c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-07 15:56:40
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-12-07 15:57:49
ComboFix-quarantined-files.txt 2008-12-07 21:57:45
ComboFix2.txt 2008-12-07 21:27:27

Pre-Run: 142,610,964,480 bytes free
Post-Run: 142,807,875,584 bytes free

242 --- E O F --- 2008-12-04 17:19:19

Looks good, what problems remain?

OK IT WORKS NOW!!! Thank you very much!!! I Appreciate it!!! My pc is just kinda slow now, any reccomendations? Any reccomendations for antiviruses? anti spywares? I usually use CCleaner after browsing the internet, then i use Avira and Ad-Aware and I had symantec but it expired, u recommend me to buy it again? Some recommendations for free antiviruses? Your help much appreciated!!!

Slow down.

No, don't go back to Symantec.
But I post some tips, we need to update Java to prevent more infections.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Updating Java:

• Download the latest version of Java SE Runtime Environment (JRE) 6 Update 11.
  
• Select the first option where it says "Java SE Runtime Environment (JRE) 6 Update 11".
  
• Click the "Download" button to the right.
  
• In the Window that opens, select your platform and language, check the "agree" box, and click Continue.
  
• Click on the link to download Windows Offline Installation and save to your desktop.
  
• Close any programs you may have running - especially your web browser.
  
• Go to Start > Control Panel double-click on Add or Remove Programs and remove all older versions of Java.
  
• Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  - Examples of older versions in Add or Remove Programs:
  - Java 2 Runtime Environment, SE v1.4.2
  - J2SE Runtime Environment 5.0
  - J2SE Runtime Environment 5.0 Update 2
  
• Click the Remove or Change/Remove button.
  
• Repeat as many times as necessary to remove each Java versions.
  
• Reboot your computer once all Java components are removed.
  
• Then from your desktop double-click on jre-6u11-windows-i586-p.exe that you downloaded to install the newest version.
  

Please make sure the new version of Java is installed before you run JavaRa.

Please download JavaRa from here

• First, unzip it.
  
• Then run JavaRa.
  
• Select English from the drop down menu and press Select.
  
• This will open JavaRa.
  
• Press Remove older versions
  
• Press yes to the prompt.
  
• It will make a log file of what it's removed.
  
• Copy and paste the log back here.
  

This is it:

JavaRa 1.11 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sun Dec 07 16:31:51 2008

Found and removed: C:\Program Files\Java\jre1.6.0_03

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

------------------------------------

Finished reporting.

We need to make a new restore point.

To turn off System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (or the Turn off System Restore on all drives check box), and then click OK.
4. Click Yes when you receive the prompt to the turn off System Restore.

Now we need to make a new restore point.
To turn on System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (To turn on System Restore), and then click OK.


Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers.

1) Please navigate to http://windowsupdate.microsoft.com and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

Ad-Aware SE
A tutorial on using Ad-Aware to remove spyware from your computer may be found here.

Spybot-Search & Destroy
A tutorial on using Spybot to remove spyware from your computer may be found here. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found here.

SpywareGuard
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found here.

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
http://www.mozilla.org/products/firefox/
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
https://addons.mozilla.org/en-US/firefox/addon/722
https://addons.mozilla.org/en-US/firefox/addon/1865

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

5) Finally, consider maintaining a firewall. Some good free firewalls are Kerio, or
Outpost
A tutorial on understanding and using firewalls may be found here.

Please also read Tony Klein's excellent article: How I got Infected in the First Place

Hopefully this should take care of your problems! Good luck.

Thanks once again! Have a nice day!

Since this issue is resolved, this topic is closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else, please open a new topic for your questions.