Ok....

Just Run Combofix and post its log here please.

here is the combofix log:

ComboFix 09-07-09.08 - Naiem 12/07/2009 19:55.2.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.44.1033.18.2812.1755 [GMT 1:00]
Running from: c:\users\Naiem\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-3301516528-2256398539-3239164289-500
c:\$recycle.bin\S-1-5-21-810512126-1122411183-1779758187-500
c:\windows\Installer\33103230.msi
c:\windows\system32\mdm.exe

.
((((((((((((((((((((((((( Files Created from 2009-06-12 to 2009-07-12 )))))))))))))))))))))))))))))))
.

2009-07-12 19:16 . 2009-07-12 19:17 -------- d-----w- c:\users\Naiem\AppData\Local\temp
2009-07-12 18:26 . 2009-07-12 18:26 -------- d-----w- c:\programdata\AVG Security Toolbar
2009-07-08 12:25 . 2009-07-08 12:25 -------- d-----w- c:\program files\Trend Micro
2009-07-07 19:16 . 2009-07-07 19:16 -------- d-----w- c:\users\Naiem\AppData\Roaming\Malwarebytes
2009-07-07 19:15 . 2009-06-17 10:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-07 19:15 . 2009-07-07 19:15 -------- d-----w- c:\programdata\Malwarebytes
2009-07-07 19:15 . 2009-06-17 10:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-07 19:15 . 2009-07-07 19:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-04 13:22 . 2009-06-23 16:01 327688 ----a-w- c:\programdata\avg8\update\backup\avgldx86.sys
2009-07-04 13:22 . 2009-07-04 13:20 2054424 ----a-w- c:\programdata\avg8\update\backup\avgcorex.dll
2009-07-04 13:22 . 2009-07-04 13:20 2167576 ----a-w- c:\programdata\avg8\update\backup\avgresf.dll
2009-07-04 13:22 . 2009-06-23 16:01 3402008 ----a-w- c:\programdata\avg8\update\backup\avgui.exe
2009-07-04 13:22 . 2009-06-23 16:01 1204504 ----a-w- c:\programdata\avg8\update\backup\avgabout.dll
2009-07-04 13:22 . 2009-06-23 16:01 337176 ----a-w- c:\programdata\avg8\update\backup\avglogx.dll
2009-07-04 13:22 . 2009-06-23 16:01 829208 ----a-w- c:\programdata\avg8\update\backup\avgcfgx.dll
2009-07-04 13:22 . 2009-06-23 16:01 3298072 ----a-w- c:\programdata\avg8\update\backup\setup.exe
2009-07-04 13:19 . 2009-06-23 15:58 1085208 ----a-w- c:\programdata\avg8\update\backup\avgupd.exe
2009-07-04 13:19 . 2009-06-23 15:58 1454360 ----a-w- c:\programdata\avg8\update\backup\avgupd.dll
2009-07-03 22:12 . 2009-07-03 22:12 -------- d-----w- c:\users\Naiem\AppData\Local\Mozilla
2009-07-03 13:39 . 2009-07-03 14:14 -------- d-----w- c:\users\Naiem\.housecall6.6
2009-06-23 16:03 . 2009-06-23 16:01 832144 ----a-w- c:\programdata\avg8\update\backup\AVGToolbarInstal l.exe
2009-06-12 21:25 . 2009-06-10 13:43 -------- d-----w- c:\users\Naiem\Tracing
2009-06-12 21:23 . 2009-06-12 21:23 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-06-12 21:22 . 2009-02-06 17:08 55280 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2009-06-12 21:21 . 2009-06-12 21:21 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-06-12 21:20 . 2006-11-29 12:06 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-06-12 21:20 . 2009-06-12 21:20 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-06-12 21:17 . 2009-06-12 21:23 -------- d-----w- c:\program files\Microsoft
2009-06-12 21:17 . 2009-06-12 21:17 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-06-12 21:16 . 2009-06-12 21:22 -------- d-----w- c:\program files\Windows Live

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-07-12 18:39 . 2008-06-26 06:07 -------- d-----w- c:\programdata\hpqLog
2009-07-12 18:37 . 2008-12-29 19:25 6416 ----a-w- c:\windows\bthservsdp.dat
2009-07-12 18:32 . 2008-12-29 14:40 -------- d-----w- c:\programdata\avg8
2009-07-04 13:20 . 2008-12-29 14:40 335752 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-29 20:59 . 2008-12-29 12:01 99864 ----a-w- c:\users\Naiem\AppData\Local\GDIPFONTCACHEV1.DAT
2009-06-29 11:26 . 2008-06-26 06:34 -------- d-----w- c:\programdata\Microsoft Help
2009-06-29 11:24 . 2008-12-30 12:14 -------- d-----w- c:\program files\Microsoft Works
2009-06-27 22:04 . 2008-12-29 17:17 -------- d-----w- c:\users\Naiem\AppData\Roaming\Azureus
2009-06-23 16:01 . 2009-05-06 09:06 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-06-23 16:01 . 2008-12-29 14:40 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-11 11:07 . 2008-12-31 18:17 -------- d-----w- c:\program files\epson
2009-06-05 22:56 . 2009-06-02 09:44 -------- d-----w- c:\program files\Common Files\Apple
2009-06-05 22:56 . 2009-01-26 20:40 -------- d-----w- c:\programdata\Apple Computer
2009-06-04 22:43 . 2009-06-04 22:43 -------- d-----w- c:\users\Naiem\AppData\Roaming\dvdcss
2009-06-02 21:20 . 2009-06-02 20:41 19165248 ----a-w- c:\users\Naiem\AppData\Roaming\TomTom\HOME\Profile s\f1ugm3vz.default\Updates\v2_6_2_1586_win.exe
2009-06-02 20:42 . 2009-06-02 20:42 -------- d-----w- c:\programdata\TomTom
2009-06-02 20:40 . 2009-06-02 20:40 -------- d-----w- c:\users\Naiem\AppData\Roaming\TomTom
2009-06-02 11:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-06-02 11:49 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-06-02 11:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-06-02 11:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-06-02 11:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-06-02 11:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-06-02 11:49 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-06-02 11:41 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-06-02 10:52 . 2008-12-29 14:05 -------- d-----w- c:\program files\Spyware Doctor
2009-06-02 09:49 . 2009-06-02 09:47 -------- d-----w- c:\users\Naiem\AppData\Roaming\Apple Computer
2009-06-02 09:47 . 2009-06-02 09:47 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-02 09:46 . 2009-06-02 09:46 -------- d-----w- c:\program files\Bonjour
2009-06-02 09:38 . 2009-06-02 09:37 -------- d-----w- c:\program files\QuickTime
2009-06-01 13:21 . 2009-06-01 13:21 -------- d-----w- c:\programdata\Trusteer
2009-05-22 17:10 . 2009-05-22 17:08 -------- d-----w- c:\program files\Common Files\PC Tools
2009-05-22 17:08 . 2009-05-22 17:08 -------- d-----w- c:\programdata\PC Tools
2009-05-16 11:18 . 2009-05-16 11:18 -------- d-----w- c:\program files\Microsoft Silverlight
2009-05-14 21:20 . 2009-05-14 21:17 -------- d-----w- c:\program files\Common Files\Macromedia
2009-05-14 21:18 . 2009-05-14 21:17 -------- d-----w- c:\program files\Macromedia
2009-05-09 19:23 . 2009-01-28 11:42 175 ----a-w- c:\users\Naiem\AppData\Roaming\Azureus\restart.bat
2009-05-09 05:50 . 2009-06-10 19:39 915456 ----a-w- c:\windows\system32\wininet.dll
2009-05-09 05:34 . 2009-06-10 19:39 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-05-05 08:05 . 2009-02-07 20:22 44544 ----a-w- c:\windows\system32\agremove.exe
2009-04-23 12:15 . 2009-06-10 19:39 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-23 12:14 . 2009-06-10 19:40 623616 ----a-w- c:\windows\system32\localspl.dll
2009-04-21 11:39 . 2009-06-10 19:40 2034688 ----a-w- c:\windows\system32\win32k.sys
2008-06-26 06:17 . 2008-06-26 06:17 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 15:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"accrdsub"="c:\program files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-15 293168]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2008-06-02 238984]
"CognizanceTS"="c:\progra~1\HEWLET~1\IAM\Bin\ASTSV CC.dll" [2008-05-21 24848]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1045800]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-04-15 70912]
"File Sanitizer"="c:\program files\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2008-05-14 10244096]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-05-14 177456]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-23 1948440]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2008-04-04 1314816]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-5-13 727592]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll c:\windows\System32\avgrsstx.dll c:\windows\System32\APSHook.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^DVD Check.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DVD Check.lnk
backup=c:\windows\pss\DVD Check.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{5624E07B-FF7A-470D-B9BD-C4BF4924A032}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"TCP Query User{EE13EBC5-4045-418C-A808-D9CD9E6C2DC4}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{DF144E39-3634-43BB-81E7-47440F6D8D36}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{68262F5A-9DF0-449E-87E6-AB19B5DAAB03}c:\\program files\\trackmania united\\tmunited.exe"= UDP:c:\program files\trackmania united\tmunited.exe:TmUnited
"UDP Query User{745A1361-8AF2-4E12-BEBA-12770CD94963}c:\\program files\\trackmania united\\tmunited.exe"= TCP:c:\program files\trackmania united\tmunited.exe:TmUnited
"{E33BAFF6-0629-4418-9552-066F0CA9FE4F}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{B3462A85-EC41-4222-B80A-37AE0BFC4735}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{B682C092-DC0E-437B-A5B8-3286B950EAD9}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{D3DF1CD2-94E1-442E-A559-E2BCE8D31BC7}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{965CDFA6-D6C1-4502-8495-2F865E3D41A9}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{8FB6C205-B37B-44B8-A995-67E4AB1BBDE3}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{FBB8DB13-9CAD-4FB7-BADF-1AD0591EE5B6}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"TCP Query User{3A9F9B6E-D367-4B74-97D4-A76407FB7150}c:\\program files\\tmunitedforever\\tmforever.exe"= UDP:c:\program files\tmunitedforever\tmforever.exe:TmForever
"UDP Query User{16D8AD92-4B38-42B1-A91F-A7C715F55C47}c:\\program files\\tmunitedforever\\tmforever.exe"= TCP:c:\program files\tmunitedforever\tmforever.exe:TmForever
"TCP Query User{ECA6D5D6-759C-441E-A49B-ABD51A7ECC9B}c:\\program files\\valve\\steam\\steamapps\\eightball_ogk\\cou nter-strike source\\hl2.exe"= UDP:c:\program files\valve\steam\steamapps\eightball_ogk\counter-strike source\hl2.exe:hl2
"UDP Query User{FBEBA908-7C5C-4E7D-AFD0-CF065BF621EA}c:\\program files\\valve\\steam\\steamapps\\eightball_ogk\\cou nter-strike source\\hl2.exe"= TCP:c:\program files\valve\steam\steamapps\eightball_ogk\counter-strike source\hl2.exe:hl2
"TCP Query User{07D5F0B1-5FD1-4ADE-B356-E4E6C00B4128}c:\\users\\naiem\\desktop\\music\\gen erator.exe"= UDP:c:\users\naiem\desktop\music\generator.exe:gen erator.exe
"UDP Query User{44AC1A7F-87CE-4378-8590-BE63F6A6498F}c:\\users\\naiem\\desktop\\music\\gen erator.exe"= TCP:c:\users\naiem\desktop\music\generator.exe:gen erator.exe
"{B9EF8FB5-EB4D-40D8-B1A0-0D624614ED8A}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"{4A2885DA-2482-4348-A4BC-C5E2955D4C13}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"TCP Query User{06AB387A-6173-41BF-B16B-99D85FA1DAED}c:\\program files\\vuze\\azureus.exe"= UDP:c:\program files\vuze\azureus.exe:Azureus
"UDP Query User{8A16D463-B6A0-4053-962E-094F45EBC02B}c:\\program files\\vuze\\azureus.exe"= TCP:c:\program files\vuze\azureus.exe:Azureus
"TCP Query User{D5415538-69AB-42B9-A1F1-0B9DD50D8ED3}c:\\greenfoot\\greenfoot.exe"= UDP:c:\greenfoot\greenfoot.exe:greenfoot
"UDP Query User{D5319866-D8A2-4F66-A3BB-450FB1E5CA7E}c:\\greenfoot\\greenfoot.exe"= TCP:c:\greenfoot\greenfoot.exe:greenfoot
"TCP Query User{F613522E-23AD-4CCA-809B-C6D5C6A914C4}c:\\program files\\java\\jdk1.6.0_12\\jre\\bin\\java.exe"= UDP:c:\program files\java\jdk1.6.0_12\jre\bin\java.exe:Java(TM) Platform SE binary
"UDP Query User{67774053-D7E7-4C68-A547-176989532D05}c:\\program files\\java\\jdk1.6.0_12\\jre\\bin\\java.exe"= TCP:c:\program files\java\jdk1.6.0_12\jre\bin\java.exe:Java(TM) Platform SE binary
"{E9AB72CE-6D8E-4D28-BED5-6A37357DA2AF}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{208867F9-739E-441E-9554-09333EBAA462}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{BA2B32CB-6617-4C60-8052-FC31593A6B57}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync

R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [22/05/2009 18:08 130936]
R0 SbAlg;SbAlg;c:\windows\System32\drivers\SbAlg.sys [30/05/2008 17:37 51376]
R0 SbFsLock;SbFsLock;c:\windows\System32\drivers\SbFs Lock.sys [30/05/2008 17:37 12928]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [29/12/2008 15:40 335752]
R1 RapportKELL;RapportKELL;c:\program files\Trusteer\Rapport\bin\RapportKELL.sys [24/02/2009 11:59 57320]
R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [24/02/2009 11:59 238952]
R1 RsvLock;RsvLock;c:\windows\System32\drivers\rsvloc k.sys [30/05/2008 17:37 12496]
R2 accoca;ActivClient Middleware Service;c:\program files\ActivIdentity\ActivClient\accoca.exe [16/05/2007 00:08 182576]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [21/01/2008 03:23 21504]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [21/01/2008 03:23 21504]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [29/12/2008 15:40 298776]
R2 HP ProtectTools Service;HP ProtectTools Service;c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [02/06/2008 18:32 18944]
R2 HpFkCryptServicerive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [30/05/2008 17:36 256512]
R2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files\Hewlett-Packard\File Sanitizer\HPFSService.exe [26/06/2008 08:14 77824]
R2 hpsrv;HP Service;c:\windows\System32\hpservice.exe [07/04/2008 19:13 24936]
R2 pdfcDispatcher;PDF Document Manager;c:\program files\PDF Complete\pdfsvc.exe [26/06/2008 07:20 576024]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [26/06/2008 08:15 193840]
S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [01/06/2009 14:21 648424]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [21/01/2008 03:23 179712]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssflt r.sys [12/06/2009 22:22 55280]
S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 18:08 533360]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [29/12/2008 15:06 348752]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker ASChannel
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder

2009-07-02 c:\windows\Tasks\HPCeeScheduleForNaiem.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-06-26 22:07]

2009-07-12 c:\windows\Tasks\User_Feed_Synchronization-{80339441-5D0D-4C46-B4C8-036292FD3A18}.job
- c:\windows\system32\msfeedssync.exe [2009-05-16 11:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://yahoo.co.uk/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=83&bd=all&pf=c mnb
uInternet Settings,ProxyOverride = *.local
IE: &AOL Toolbar Search - c:\programdata\AOL\ieToolbar\resources\en-GB\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
FF - ProfilePath - c:\users\Naiem\AppData\Roaming\Mozilla\Firefox\Pro files\iyrnuvtv.default\
FF - prefs.js: browser.startup.homepage - hxxp://yahoo.co.uk/
FF - plugin: c:\program files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nppl3260.dl l
FF - plugin: c:\program files\ACE Mega CoDecS Pack\SystemS\RealMedia\Browser\plugins\nprpjplug.d ll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_sett ing", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter ", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-07-12 20:16
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\p dfcDispatcher]
"ImagePath"="c:\program files\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ***\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ***\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ***\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ***\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(896)
c:\windows\System32\APSHook.dll

- - - - - - - > 'lsass.exe'(672)
c:\windows\System32\APSHook.dll
c:\program files\Hewlett-Packard\IAM\bin\ASWLNPkg.dll
c:\program files\Hewlett-Packard\IAM\bin\ItMsg.dll
.
Completion time: 2009-07-12 20:23
ComboFix-quarantined-files.txt 2009-07-12 19:23

Pre-Run: 167,493,509,120 bytes free
Post-Run: 167,514,976,256 bytes free

320 --- E O F --- 2009-06-02 11:05

Ok.Thats fixed the malware so you should be fine now.

This will clear away any of the files and folders that were created by ComboFix.
Go to :
Start > Run then copy and paste the following highlighted (blue) text below into the box and click OK.

ComboFix /u

Please read these for future reference it may save you future problems:
http://www.pchelpforum.com/new-hijac...ing-sites.html
http://www.pchelpforum.com/new-hijac...-infected.html
http://www.pchelpforum.com/progress-...afterwork.html

hi,

my laptop is still running slowly the cpu usage in the task manager is always over 90%.

Okay - next step - try some serious housekeeping.

Download CCleaner from CCleaner - Download
Then install.
I suggest when asked untick all the options apart from the top one

CCleaner:

Under the Cleaner section: select “Run Cleaner”

Under the Registry section: select “Scan for Issues”

(when asked about registry “Backup” save & then accept where it saves it to.)
then “Fix Selected Issues”

Do the Registry option again..(and again until no issues found)

Report back..................

sorry for the late reply, my laptop is working a little better after running ccleaner but the cpu usage is still over 60% even if i'm doing nothing. and most program still work slow.

Can you name the processes taking up the highest percentage of the CPU time?