Just need to make sure these files are gone.Are you still getting the popup? It looks like it has been fixed.

Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.
It's IMPORTANT to carry out the instructions in the sequence listed below.
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Open *notepad* and copy/paste the red text in the code box below into it:
Save this as CFScript.txt, in the same location as ComboFix.exe which is on the Desktop.


Refering to the picture above, drag CFScript.txt into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt
Please copy and paste the ComboFix.txt in your next reply please.

*Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.Altering this script in any way could damage your computer*

thanks man.. i can access my folder option and task manager again.. it looks like all popups disappear.. when i trying to scan, the windows-no disk not come out, after my windows start i am not getting any popup..

i want to ask several questions...
- is there any possibilities my PC can be infected by this virus again??
- why my AVG 8.5 cant detect any virus but mbam can?
- in AVG resident shield, can i activate tracking cookies scan and delete any tracking cookies? is those tracking cookies dangerous for my PC?
- is there any anti virus/spyware that better than AVG or at least can i combine it with other malware?
- what is mbam and combofix anyway? you said it dangerous if being used by beginner..


here is the log:

ComboFix 09-10-06.04 - Jimmy 10/08/2009 7:56.2.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.648 [GMT 7:00]
Running from: c:\documents and settings\Jimmy\Desktop\FIX\ComFx.exe
Command switches used :: c:\documents and settings\Jimmy\Desktop\FIX\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FILE ::
"c:\docume~1\Jimmy\LOCALS~1\Temp\RNC13.tmp"
.

((((((((((((((((((((((((( Files Created from 2009-09-08 to 2009-10-08 )))))))))))))))))))))))))))))))
.

2009-10-07 08:34 . 2009-10-07 08:41 -------- d-----w- C:\ComFx
2009-10-07 08:08 . 2009-10-07 08:08 -------- d-----w- c:\documents and settings\Jimmy\Application Data\Malwarebytes
2009-10-07 08:08 . 2009-09-10 07:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-07 08:08 . 2009-10-07 08:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-07 08:08 . 2009-10-07 08:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-10-07 08:08 . 2009-09-10 07:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-07 08:05 . 2009-10-07 08:05 -------- d--h--w- c:\windows\PIF
2009-10-06 01:16 . 2009-10-06 01:16 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-10-04 13:57 . 2001-08-17 06:56 7552 -c--a-w- c:\windows\system32\dllcache\sonypvu1.sys
2009-10-04 13:57 . 2001-08-17 06:56 7552 ----a-w- c:\windows\system32\drivers\SONYPVU1.SYS
2009-09-25 12:42 . 2001-08-17 15:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll
2009-09-25 12:42 . 2001-08-17 15:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll
2009-09-25 12:42 . 2001-08-17 15:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll
2009-09-25 12:42 . 2001-08-17 15:36 8192 ----a-w- c:\windows\system32\kbdkor.dll
2009-09-25 12:42 . 2001-08-17 07:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll
2009-09-25 12:42 . 2001-08-17 07:55 6144 ----a-w- c:\windows\system32\kbd101c.dll
2009-09-25 12:42 . 2001-08-17 07:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll
2009-09-25 12:42 . 2001-08-17 07:55 5632 ----a-w- c:\windows\system32\kbd103.dll
2009-09-25 12:42 . 2001-08-17 07:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll
2009-09-25 12:42 . 2001-08-17 07:55 6144 ----a-w- c:\windows\system32\kbd101b.dll
2009-09-25 12:42 . 2008-04-13 22:39 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll
2009-09-25 12:42 . 2008-04-13 22:39 6144 ----a-w- c:\windows\system32\kbd106.dll
2009-09-20 03:32 . 2009-09-20 03:32 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2009-09-20 03:15 . 2009-09-20 03:16 -------- d-----w- c:\documents and settings\Jimmy\Application Data\Ventrilo

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-10-08 00:45 . 2009-08-22 10:49 -------- d-----w- c:\documents and settings\Jimmy\Application Data\Orbit
2009-10-07 09:24 . 2009-08-24 02:40 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2009-10-06 15:57 . 2009-08-22 11:04 -------- d-----w- c:\documents and settings\Jimmy\Application Data\foobar2000
2009-10-06 11:18 . 2009-08-31 09:10 -------- d-----w- c:\program files\BitComet
2009-09-08 08:32 . 2009-08-22 10:56 4212 ---h--w- c:\windows\system32\zllictbl.dat
2009-08-31 12:47 . 2009-08-31 12:47 -------- d-----w- c:\program files\Microsoft
2009-08-31 12:46 . 2009-08-31 12:46 -------- d-----w- c:\program files\Windows Live
2009-08-30 11:24 . 2009-08-29 07:48 -------- d-----w- c:\program files\Garena
2009-08-30 05:22 . 2009-08-20 14:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-08-29 14:48 . 2009-08-22 10:49 -------- d-----w- c:\program files\Orbitdownloader
2009-08-27 10:35 . 2009-08-27 10:35 -------- d-----w- c:\documents and settings\Jimmy\Application Data\Media Player Classic
2009-08-27 09:15 . 2009-08-22 10:41 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-27 09:15 . 2009-08-22 10:41 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-27 09:15 . 2009-08-22 10:41 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-27 09:09 . 2009-08-21 07:59 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-08-27 09:08 . 2009-08-27 09:08 -------- d-----w- c:\documents and settings\Jimmy\Application Data\InstallShield
2009-08-26 01:05 . 2009-08-26 01:05 -------- d-----w- c:\program files\MSXML 4.0
2009-08-24 12:13 . 2009-08-24 12:13 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2009-08-24 02:40 . 2009-08-24 02:40 -------- d-----w- c:\documents and settings\LocalService\Application Data\AVGTOOLBAR
2009-08-24 02:39 . 2009-08-22 10:41 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-08-24 02:23 . 2009-08-24 02:22 -------- d-----w- c:\program files\Axesstel
2009-08-23 07:42 . 2009-08-20 14:17 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-22 14:55 . 2009-08-22 14:55 0 ----a-w- c:\windows\nsreg.dat
2009-08-22 14:54 . 2009-08-22 14:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-08-22 14:53 . 2009-08-22 10:43 -------- d-----w- c:\documents and settings\Jimmy\Application Data\Yahoo!
2009-08-22 14:53 . 2009-08-22 10:43 -------- d-----w- c:\program files\Yahoo!
2009-08-22 14:52 . 2009-08-22 10:43 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-08-22 14:03 . 2009-08-22 14:03 -------- d-----w- c:\documents and settings\Jimmy\Application Data\MSNInstaller
2009-08-22 13:57 . 2009-08-22 13:57 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-22 13:47 . 2009-08-22 13:47 -------- d-----w- c:\program files\Common Files\Windows Live
2009-08-22 13:32 . 2009-08-22 10:56 -------- d-----w- c:\documents and settings\All Users\Application Data\MailFrontier
2009-08-22 11:04 . 2009-08-22 11:04 -------- d-----w- c:\program files\foobar2000
2009-08-22 10:50 . 2009-08-22 10:50 -------- d-----w- c:\program files\7-Zip
2009-08-22 10:50 . 2009-08-22 10:50 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-08-22 10:49 . 2009-08-22 10:49 -------- d-----w- c:\documents and settings\Jimmy\Application Data\GrabPro
2009-08-22 10:48 . 2009-08-22 10:44 -------- d-----w- c:\documents and settings\Jimmy\Application Data\DAEMON Tools Lite
2009-08-22 10:47 . 2009-08-22 10:41 -------- d-----w- c:\documents and settings\Jimmy\Application Data\AVGTOOLBAR
2009-08-22 10:47 . 2009-08-22 10:47 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-08-22 10:47 . 2009-08-22 10:47 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-08-22 10:44 . 2009-08-22 10:44 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-08-22 10:43 . 2009-08-22 10:43 -------- d-----w- c:\program files\CCleaner
2009-08-22 10:41 . 2009-08-22 10:41 -------- d-----w- c:\program files\AVG
2009-08-22 10:41 . 2009-08-22 10:41 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-08-22 10:27 . 2009-08-22 10:27 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-08-22 09:57 . 2009-08-22 09:57 -------- d-----w- c:\program files\Marvell
2009-08-22 09:56 . 2009-08-20 14:40 -------- d-----w- c:\program files\Common Files\InstallShield
2009-08-22 09:56 . 2009-08-22 09:56 -------- d-----w- c:\program files\Realtek Sound Manager
2009-08-22 09:56 . 2009-08-22 09:56 -------- d-----w- c:\program files\AvRack
2009-08-22 09:54 . 2009-08-22 09:54 -------- d-----w- c:\program files\Intel
2009-08-21 08:01 . 2009-08-21 08:01 -------- d-----w- c:\documents and settings\Jimmy\Application Data\CyberLink
2009-08-21 08:01 . 2009-08-21 08:01 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-08-21 08:00 . 2009-08-21 07:59 -------- d-----w- c:\program files\CyberLink
2009-08-20 14:43 . 2009-08-20 14:13 23576 ----a-w- c:\documents and settings\Jimmy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-20 14:43 . 2009-08-20 14:43 128 ----a-w- c:\documents and settings\Jimmy\Local Settings\Application Data\fusioncache.dat
2009-08-20 14:35 . 2009-08-20 14:29 94187 ----a-w- c:\windows\HPHins03.dat
2009-08-20 14:35 . 2009-08-20 14:35 -------- d-----w- c:\program files\Hewlett-Packard
2009-08-20 14:35 . 2009-08-20 14:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Hewlett-Packard
2009-08-20 14:35 . 2009-08-20 14:30 -------- d-----w- c:\program files\HP
2009-08-20 14:34 . 2009-08-20 14:34 -------- d-----w- c:\program files\Common Files\HP
2009-08-20 14:22 . 2009-08-20 14:22 -------- d-----w- c:\program files\Microsoft Works
2009-08-20 14:17 . 2009-08-20 14:17 -------- d-----w- c:\documents and settings\Jimmy\Application Data\InterTrust
2009-08-20 14:00 . 2009-08-20 14:00 -------- d-----w- c:\program files\microsoft frontpage
2009-08-20 13:57 . 2009-08-20 13:57 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-08-05 09:01 . 2008-04-14 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-29 04:37 . 2008-04-14 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-07-29 04:37 . 2008-04-14 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-07-26 09:44 . 2009-07-26 09:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-17 19:01 . 2008-04-14 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-12 05:21 . 2008-04-14 12:00 233472 ----a-w- c:\windows\system32\wmpdxm.dll
2007-04-06 01:40 . 2009-08-24 02:23 118784 ----a-r- c:\program files\MSP_Uninstall.exe
2007-04-04 07:24 . 2009-08-24 02:23 90112 ----a-r- c:\program files\axesstel.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 09:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
"ccleaner"="c:\program files\CCleaner\ccleaner.exe" [2009-05-07 1561840]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86 \3\hpztsb11.exe" [2004-04-06 172032]
"HPHUPD06"="c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 49152]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 49152]
"HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 241664]
"HPHmon06"="c:\windows\system32\hphmon06.exe" [2004-06-07 659456]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-04-19 7700480]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2007-04-19 86016]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 56928]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 54832]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-10-07 2023704]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\xxx.exe" [2009-09-10 1312080]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-04-19 1626112]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\SOUNDMAN.EXE [2005-04-15 77824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Orbit.lnk - c:\program files\Orbitdownloader\orbitdm.exe [2009-8-22 1719496]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-27 09:15 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Orbitdownloader\\orbitdm.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [8/22/2009 5:41 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [8/22/2009 5:41 PM 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [8/24/2009 9:39 AM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [8/24/2009 9:39 AM 297752]
R3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\drivers\Axtmvflt.sys [8/22/2009 5:19 PM 3456]
R3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\drivers\Axtmvmdm.sys [8/22/2009 5:19 PM 40064]
R3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\drivers\Axtmvprt.sys [8/22/2009 5:19 PM 38784]
S3 GarenaPEngine;GarenaPEngine; [x]
.
Contents of the 'Scheduled Tasks' folder

2009-10-07 c:\windows\Tasks\HP Usg Daily.job
- c:\program files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\pexpress\hphped05.exe [2004-06-07 06:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*Yahoo! SearchBar Home Page
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*Yahoo!
IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {0F7C5203-244E-4AB0-BC16-DE1C1132B6B5} = 10.17.3.252 10.17.3.254
FF - ProfilePath - c:\documents and settings\Jimmy\Application Data\Mozilla\Firefox\Profiles\3x3hp0qt.default\
FF - prefs.js: browser.startup.homepage - Welcome to Facebook | Facebook
FF - prefs.js: keyword.URL - hxxp://ide.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_ide&p=
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\compone nts\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\compone nts\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG8\Toolbar\Firefox\avg@igeared\compone nts\xpavgtbapi.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-10-08 07:59
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1911415 6-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macrome d\\Flash\\FlashUtil10c.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1911415 6-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1911415 6-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUt il10c.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1911415 6-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4 C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4 C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4 C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2009-10-08 8:00
ComboFix-quarantined-files.txt 2009-10-08 01:00
ComboFix2.txt 2009-10-07 08:41

Pre-Run: 14,741,614,592 bytes free
Post-Run: 14,713,454,592 bytes free

233 --- E O F --- 2009-09-03 13:13

Ok.That looks good.You should be fine now...Yes you can remove tracking cookies.


This will clear away any of the files and folders that were created by ComboFix.
Go to :
Start > Run then copy and paste the following highlighted (blue) text below into the box and click OK.

ComboFix /u

Please read these for future reference it may save you future problems with malware:

http://www.pchelpforum.com/fixed-hij...afterwork.html
http://www.pchelpforum.com/fixed-hij...happening.html
http://www.pchelpforum.com/fixed-hij...-infected.html

thank you very much bro for helping me until my problem solved.. i cant imagine how can i solve this problem alone..

Your welcome.Glad to help.

oh yea sir.. sorry for troubling you again..

why cant i finish my download?? yesterday i was about to download a script for my homework for internet.. when i downloaded it.. it stop in the middle of downloading, its about 17% of completion and than it stop.. i make sure if my internet connect properly..

then i download anything in another source (dota maps from getdota.com) but when reach 17% it stops again..

from your suggestion, i download some anti spyware like spywarebuster and spywareguard..

is this trouble because i downloaded them and running at the same time or there is another problem??

See if you can download in safe mode.