Hi thanks for all your help so far! I posted my HJT log but I am a little hesitent about running combo fix because I have AVG 8.5 full ed. and I am only able to disable the resident shield and when I attempted to start combo fix it said that the AVG anti virus and the anti spyware scanners were still running and I could not find any way or any directions on how to disable them. Also I read some post that said combo fix disables your computer from being able to use desktop walll paper or thumbnails, if those are the biggest problems i am willing to take that chance but i was just wondering if there are any other things I should be aware of as a Vista user? Thanks again for everything so far.

Just run Combofix as is,dont worry about the AV...

I cannot figure out how to disable the AVG anti virus and anti spyware and when I attempt to run combo fix it tells me to disable them, or continue to run the program at my own risk. I dont know anything about combo fix so i dont want to run it without following all the directions that you listed above for running the program which includes disabling all other anti virus programs. all I can do with AVG is disable the resident shield I cant seem to be able to disable anything esle. What shoud I do?

Tim,

Pancake is not online currently but, I can help with this. Disabling AVG is just a precaution so ComboFix is not blocked. It is coded like a malware infection so it may be picked up by AVG and blocked. You'll be fine running it with AVG on.

ComboFix 09-06-26.02 - Samual 06/27/2009 17:05.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3069.1393 [GMT -6:00]
Running from: c:\users\Samual\Desktop\Combo-Fax.exe
AV: AVG Anti-Virus *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2009-05-27 to 2009-06-27 )))))))))))))))))))))))))))))))
.

2009-06-27 07:31 . 2009-06-27 07:31 -------- d-----w- c:\users\Guest\AppData\Roaming\Apple Computer
2009-06-25 07:21 . 2009-06-25 07:21 -------- d-----w- c:\program files\iPod
2009-06-25 07:21 . 2009-06-25 07:21 -------- d-----w- c:\program files\iTunes
2009-06-25 07:17 . 2009-06-25 07:18 -------- d-----w- c:\program files\QuickTime
2009-06-25 07:14 . 2009-06-25 07:15 -------- d-----w- c:\windows\LastGood
2009-06-25 07:08 . 2009-06-25 07:08 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.2.0.23\SetupAdmin.exe
2009-06-25 06:27 . 2009-06-25 06:36 -------- d-s---w- C:\Combo-Fix
2009-06-23 02:35 . 2009-06-23 02:35 -------- d-----w- c:\users\Samual\AppData\Roaming\Malwarebytes
2009-06-23 02:34 . 2009-06-17 17:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-23 02:34 . 2009-06-23 02:34 -------- d-----w- c:\programdata\Malwarebytes
2009-06-23 02:34 . 2009-06-23 02:35 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-23 02:34 . 2009-06-17 17:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-21 20:50 . 2009-06-21 20:50 -------- d-----w- c:\users\Guest\AppData\Local\AVG Security Toolbar
2009-06-21 18:53 . 2009-06-14 22:08 1004800 ----a-w- c:\programdata\AVG Security Toolbar\IEToolbar.dll
2009-06-21 18:45 . 2009-06-21 18:45 -------- d-----w- c:\users\Samual\AppData\Local\AVG Security Toolbar
2009-06-21 18:30 . 2009-06-20 22:21 90632 ----a-w- c:\programdata\avg8\update\backup\avgtdix.sys
2009-06-21 18:30 . 2009-06-20 22:21 98440 ----a-w- c:\programdata\avg8\update\backup\avgldx86.sys
2009-06-21 18:30 . 2009-06-20 22:21 12936 ----a-w- c:\programdata\avg8\update\backup\avgrkx86.sys
2009-06-21 18:30 . 2009-06-20 22:21 10520 ----a-w- c:\programdata\avg8\update\backup\avgrsstx.dll
2009-06-21 18:30 . 2009-06-20 22:21 26824 ----a-w- c:\programdata\avg8\update\backup\avgmfx86.sys
2009-06-21 18:30 . 2009-06-20 22:20 287000 ----a-w- c:\programdata\avg8\update\backup\avgrsx.exe
2009-06-21 18:29 . 2009-06-21 18:53 -------- d-----w- c:\programdata\AVG Security Toolbar
2009-06-21 18:24 . 2009-06-20 22:20 652056 ----a-w- c:\programdata\avg8\update\backup\avgupd.exe
2009-06-21 18:24 . 2009-06-20 22:20 443672 ----a-w- c:\programdata\avg8\update\backup\avgiproxy.exe
2009-06-21 18:24 . 2009-06-20 22:20 1123072 ----a-w- c:\programdata\avg8\update\backup\avgupd.dll
2009-06-21 18:24 . 2009-06-20 22:20 584472 ----a-w- c:\programdata\avg8\update\backup\avginet.dll
2009-06-21 04:00 . 2009-06-26 06:27 -------- d--h--w- C:\$AVG8.VAULT$
2009-06-20 22:21 . 2009-06-21 18:28 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-06-20 22:21 . 2009-06-21 18:28 12552 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2009-06-20 22:21 . 2009-06-21 18:28 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-06-20 22:21 . 2009-06-21 18:28 327688 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-20 22:21 . 2009-06-21 18:28 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-20 22:21 . 2009-06-27 12:03 -------- d-----w- c:\windows\system32\drivers\Avg
2009-06-20 22:20 . 2009-06-20 22:20 -------- d-----w- c:\program files\AVG
2009-06-20 22:20 . 2009-06-22 23:53 -------- d-----w- c:\programdata\avg8
2009-06-20 19:56 . 2009-06-20 19:56 -------- d-----w- c:\programdata\17596024
2009-06-20 09:00 . 2008-11-06 08:03 -------- d-----w- C:\SDFix
2009-06-20 08:54 . 2009-06-20 08:55 -------- d-----w- c:\users\Samual\.housecall6.6
2009-06-20 07:43 . 2009-06-20 08:46 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-06-20 07:43 . 2009-06-20 07:43 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-06-16 06:35 . 2009-06-16 06:35 97144 ----a-w- c:\users\Samual\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe
2009-06-16 06:35 . 2009-06-17 07:45 4183416 ----a-w- c:\users\Samual\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll
2009-06-15 00:41 . 2009-06-15 00:41 -------- d-----w- c:\users\Samual\AppData\Roaming\GARMIN
2009-06-15 00:41 . 2009-06-15 00:41 -------- d-----w- c:\program files\Garmin GPS Plugin
2009-06-15 00:40 . 2009-06-15 00:40 -------- d-----w- c:\program files\DIFX
2009-06-15 00:39 . 2009-06-15 00:39 -------- d-----w- c:\program files\Garmin
2009-06-13 19:51 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll
2009-06-13 19:51 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll
2009-06-11 18:56 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-06-11 18:56 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll
2009-06-11 18:56 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-06-08 21:56 . 2009-06-08 21:59 -------- d-----w- c:\users\Guest\AppData\Local\Microsoft Games
2009-06-08 05:05 . 2009-06-08 05:06 -------- d--h--w- c:\users\Samual\AppData\Roaming\GTek
2009-06-08 05:01 . 2009-06-08 05:06 -------- d--ha-w- c:\programdata\GTek
2009-06-08 05:01 . 2009-06-08 05:06 -------- d-----w- c:\program files\Linksys EasyLink Advisor
2009-06-08 01:12 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-06-08 01:12 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNativ e_v0300.dll
2009-06-08 01:12 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2009-06-08 01:12 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2009-06-08 01:12 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-06-08 01:12 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-06-08 01:12 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2009-06-08 01:02 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-06-08 01:02 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-06-08 01:02 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-06-08 01:01 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-06-08 01:01 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-06-25 07:21 . 2008-08-30 03:50 -------- d-----w- c:\program files\Common Files\Apple
2009-06-23 19:11 . 2008-06-05 17:29 12 ----a-w- c:\windows\bthservsdp.dat
2009-06-20 21:56 . 2008-08-30 03:32 115088 ----a-w- c:\users\Samual\AppData\Local\GDIPFONTCACHEV1.DAT
2009-06-20 21:52 . 2008-08-30 00:13 -------- d-----w- c:\programdata\Microsoft Help
2009-06-17 07:50 . 2008-06-05 18:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-17 07:45 . 2009-05-06 22:50 127872 ----a-w- c:\users\Samual\AppData\Roaming\Move Networks\uninstall.exe
2009-06-17 07:45 . 2009-05-06 22:50 -------- d-----w- c:\users\Samual\AppData\Roaming\Move Networks
2009-06-03 04:44 . 2009-06-03 04:44 0 ----a-w- c:\users\Guest\AppData\Roaming\wklnhst.dat
2009-05-28 01:56 . 2008-11-23 05:27 680 ----a-w- c:\users\Samual\AppData\Local\d3d9caps.dat
2009-05-26 15:34 . 2009-05-26 15:34 -------- d-----w- c:\users\Guest\AppData\Roaming\ATI
2009-05-26 15:34 . 2009-05-26 15:34 -------- d-----w- c:\users\Guest\AppData\Roaming\CiscoCAA
2009-05-26 15:33 . 2009-05-26 15:33 115088 ----a-w- c:\users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2009-05-26 05:40 . 2009-05-26 05:40 -------- d-----w- c:\program files\EA SPORTS
2009-05-13 08:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-06 22:50 . 2009-05-01 06:30 4183416 ----a-w- c:\users\Samual\AppData\Roaming\Move Networks\plugins\npqmp071500000347.dll
2009-04-24 16:05 . 2009-06-11 18:53 827904 ----a-w- c:\windows\system32\wininet.dll
2009-04-24 16:02 . 2009-06-11 18:53 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-24 13:44 . 2009-06-11 18:53 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-04-03 23:18 . 2009-04-03 23:18 0 ----a-w- c:\windows\PowerReg.dat
2009-01-24 22:37 . 2008-09-07 18:10 88 --sh--r- c:\windows\System32\D2FF2F3359.sys
2009-01-24 22:37 . 2008-09-07 18:10 3608 --sha-w- c:\windows\System32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 22:08 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"CollaborationHost"="c:\windows\system32\p2phost.e xe" [2008-01-21 192000]
"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-11-23 203720]
"VMpTtray.exe"="c:\program files\Sony\VAIO Media plus\VMpTtray.exe" [2008-03-09 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2008-04-04 317280]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-15 136600]
"AML"="c:\program files\Sony\VAIO Launcher\AML.exe" [2008-03-26 1093632]
"VAIOMyMemCenter"="c:\program files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe" [2008-02-29 679936]
"VWLASU"="c:\program files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe" [2008-02-19 24576]
"SmartWiHelper"="c:\program files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe" [2008-05-30 73728]
"VAIO Help and Support Demo"="c:\program files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe" [2007-08-28 290816]
"VAIORegistration"="c:\program files\Sony\First Experience\WelcomeLauncher.exe" [2007-10-17 20480]
"VAIOSurvey"="c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe" [2007-07-20 577536]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-05-14 177472]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2009-02-27 38768]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2009-02-27 640376]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-21 1948440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-06-05 292136]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-04-29 6111232]

c:\users\Samual\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\
MLB.TV NexDef Plug-in.lnk - c:\users\Samual\AppData\Local\Autobahn\mlb-nexdef-autobahn.exe [2009-4-1 801032]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-10-30 748072]
Clean Access Agent.lnk - c:\program files\Cisco Systems\Clean Access Agent\CCAAgent.exe [2007-6-28 2056266]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2007-11-12 972064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-05-16 00:20 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dl l

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{E494BE1F-BC4E-4799-9997-C27C368AFB44}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{04107931-AE7E-4351-8EB9-22F4958FD3F0}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{5E7F5E00-F9CB-40B2-A718-BDB4F1D39D81}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{966CC88B-055F-4F18-8D70-7769044304C4}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{0BB4DB76-743B-482D-AE46-C7F23F0F17D0}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{07AA9F87-C6D4-4C13-A262-7C0D59D106CB}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{F061FBFE-E28D-4527-BE0E-AE3CF0831268}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{3E857DCB-3866-4460-8E20-010E0E98203B}"= UDP:c:\program files\Sony\VAIO Media plus\VMp.exe:VAIO Media plus
"{DA9EC3E8-2C9C-44DC-9711-781AA43E2108}"= TCP:c:\program files\Sony\VAIO Media plus\VMp.exe:VAIO Media plus
"{52FFA4B1-C6CA-45CB-AFF7-652A40F51B91}"= UDP:c:\program files\Sony\VAIO Media plus\SOHDms.exe:VAIO Media plus Digital Media Server
"{7A98AC6E-ADC5-491E-B380-95BC5EB9771A}"= TCP:c:\program files\Sony\VAIO Media plus\SOHDms.exe:VAIO Media plus Digital Media Server
"{8ED0FC13-81A9-47FE-B28A-BB6D920B4CB1}"= UDP:c:\program files\Sony\VAIO Media plus\SOHCImp.exe:VAIO Media plus Content Importer
"{F729502F-D48F-44E0-A3AA-2B7EB5E62F95}"= TCP:c:\program files\Sony\VAIO Media plus\SOHCImp.exe:VAIO Media plus Content Importer
"{FCFDB050-A989-44A9-BBF6-30A7269418A7}"= UDP:c:\program files\Sony\VAIO Media plus\SOHDs.exe:VAIO Media plus Device Searcher
"{DA552C62-BD52-4D76-B651-82F5C8C36B62}"= TCP:c:\program files\Sony\VAIO Media plus\SOHDs.exe:VAIO Media plus Device Searcher
"TCP Query User{22EFFFF2-885D-456F-8D1B-C2B20259FAF2}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{98BC2610-E291-4E34-A8F2-0775368C4450}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"TCP Query User{AEBE48C4-40E6-47A1-9772-F9A1D5B62C0B}c:\\program files\\java\\jre6\\bin\\java.exe"= UDP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{C3EEC867-C867-4A16-AF1A-7356C9433BF1}c:\\program files\\java\\jre6\\bin\\java.exe"= TCP:c:\program files\java\jre6\bin\java.exe:Java(TM) Platform SE binary
"{49D8BF34-7A09-4452-9952-0A19B503C167}"= UDP:5353:Adobe CSI CS4
"{BB6FE77A-5B25-476B-975F-40C8D6502B76}"= UDP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e:Adobe CSI CS4
"{00C0A112-2C66-4D28-A100-E14E1C741777}"= TCP:c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e:Adobe CSI CS4
"{F4055C52-688C-4BB6-A525-3819148EDEB8}"= UDP:3703:Adobe Version Cue CS4 Server
"{168BD02C-3EA6-4455-B025-724D16C12A27}"= UDP:3704:Adobe Version Cue CS4 Server
"{EDE97EDB-F824-4AC5-823B-CBC04CA62345}"= UDP:51000:Adobe Version Cue CS4 Server
"{379CB3D6-06EE-4E24-A6E6-FC840D53D3BD}"= UDP:51001:Adobe Version Cue CS4 Server
"{1CEBA8B3-DE02-4FCE-BB63-1D331D0BFE90}"= UDP:c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:Adobe Version Cue CS4 Server
"{06BD9585-09E8-4175-9392-DF231433234F}"= TCP:c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe:Adobe Version Cue CS4 Server
"{227B811A-FFB2-4B8D-9DEB-A01040F4FF92}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{8AADF6B6-D586-42B3-A3C2-99978E59DCA5}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{788F3196-C824-450E-BB1E-9B399120EDE2}c:\\program files\\ea sports\\mvp baseball 2004\\mvp2004.exe"= UDP:c:\program files\ea sports\mvp baseball 2004\mvp2004.exe:mvp2004
"UDP Query User{ED238CEE-1E76-4A2B-8154-EB26BCD5C08F}c:\\program files\\ea sports\\mvp baseball 2004\\mvp2004.exe"= TCP:c:\program files\ea sports\mvp baseball 2004\mvp2004.exe:mvp2004
"TCP Query User{2D3001CD-DDC5-4137-8DF1-1B9272A4B708}c:\\program files\\ea sports\\mvp baseball 2004\\mvp2004.exe"= UDP:c:\program files\ea sports\mvp baseball 2004\mvp2004.exe:mvp2004
"UDP Query User{AE75FA49-D4E5-4D82-9D66-4952A7A7425D}c:\\program files\\ea sports\\mvp baseball 2004\\mvp2004.exe"= TCP:c:\program files\ea sports\mvp baseball 2004\mvp2004.exe:mvp2004
"TCP Query User{B8373CD1-D2BA-427E-8A0D-DF0BC4AF7B1D}c:\\program files\\bitcomet\\bitcomet.exe"= UDP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{DD397E82-844F-4EEE-ADD5-B409A8EE9EF3}c:\\program files\\bitcomet\\bitcomet.exe"= TCP:c:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"{2A1A39D7-01FB-4E4E-82DF-E396938F27FF}"= c:\program files\AVG\AVG8\avgam.exe:avgam.exe
"{94914885-14D1-4181-B098-A70D85844184}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{2CE3137C-1D66-4408-BFA7-2BEB93071421}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{3ED5DB19-8A26-46EC-921A-AFDAD411D9B7}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{B7A64E4E-CC3F-4975-AF71-46CC82F8CBD6}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

R0 AvgRkx86;avgrkx86.sys;c:\windows\System32\drivers\ avgrkx86.sys [6/20/2009 4:21 PM 12552]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [6/20/2009 4:21 PM 327688]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [6/20/2009 4:21 PM 108552]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [6/21/2009 12:28 PM 298776]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [4/17/2007 9:09 PM 11032]
R2 RtkHDMIService;RtkHDMIService;c:\windows\RTKAUDIOS ERVICE.EXE [6/5/2008 12:12 PM 98304]
R2 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [8/29/2008 6:27 PM 104288]
R2 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [8/29/2008 6:27 PM 350048]
R2 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [8/29/2008 6:27 PM 63328]
R2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [8/29/2008 6:33 PM 104960]
R2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [6/5/2008 2:00 PM 411488]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [6/5/2008 12:58 PM 333088]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\System32\drivers\ArcSoftKsUFilte r.sys [8/29/2008 6:33 PM 17408]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [6/5/2008 12:19 PM 28464]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [6/5/2008 11:34 AM 9344]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [8/15/2008 5:46 AM 284016]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [6/5/2008 12:59 PM 87328]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.atcomet.com/b/
uInternet Settings,ProxyOverride = *.local
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Samual\AppData\Roaming\Mozilla\Firefox\Pr ofiles\auda3i92.default\
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\users\Samual\AppData\Roaming\Mozilla\Firefox\Pr ofiles\auda3i92.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll
FF - plugin: c:\users\Samual\AppData\Roaming\Move Networks\plugins\npqmp071500000347.dll
FF - plugin: c:\users\Samual\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-06-27 17:15
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ***\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(9600)
c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
.
Completion time: 2009-06-27 17:19
ComboFix-quarantined-files.txt 2009-06-27 23:19

Pre-Run: 138,874,200,064 bytes free
Post-Run: 147,873,613,824 bytes free

265 --- E O F --- 2009-06-25 14:00

I dont see anymore malware in the log so you should be fine now...but I would just like you ro run this.

Go to http://www.kaspersky.com/kos/eng/par...avwebscan.html
Answer Yes, when prompted to install an ActiveX component.

• The program will then begin downloading the latest definition files.
• Once the files have been downloaded click on NEXT
• Locate the Scan Settings button & configure to:
  • Scan using the following Anti-Virus database:
    • Extended
  • Scan Options:
    • Scan Archives
    • Scan Mail Bases
• Click OK & have it scan My Computer
• Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
  
  
  
  
• Click the Save as Text button to save the file to your desktop so that you may post it in your next reply

* Turn off the real time scanner of any existing antivirus program while performing the online scan



============================


This will clear away any of the files and folders that were created by ComboFix.
Go to :
Start > Run then copy and paste the following highlighted text below into the box and click OK.

ComboFix /u

Please read these for future reference it may save you future problems:

http://www.pchelpforum.com/new-hijac...ing-sites.html
http://www.pchelpforum.com/new-hijac...-infected.html
http://www.pchelpforum.com/progress-...afterwork.html

There is at present a Virut infection contaminating computers. One of the ways it infiltrates is via an exploit in older versions of Adobe.To avoid a possible format make sure yours is updated to the latest version..

I didnt quite understand your instruction about clearing away the files created by combfix?


KASPERSKY ONLINE SCANNER 7.0 REPORT
Sunday, July 5, 2009
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Saturday, July 04, 2009 22:24:38
Records in database: 2427672
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\

Scan statistics:
Files scanned: 204433
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 11:19:17

No malware has been detected. The scan area is clean.

The selected area was scanned.