Spyware - Help!

Got a stupid Spyware problem that wouldn't even allow me to run HJTsetup. Kindly advise how to proceed

rightclick it and rename the .exe and download and run mbam as well, rename that .exe as well :

http://www.malwarebytes.org/mbam.php

I'm still not able to run mbam even after changing the name. It still shows that the .exe is infected. I cant run any .exe files !

run it from windows in safe mode

Ran it in the safe mode, removed the virus detected, but cant use my web browsers anymore.

See if the exe's work in normal mode and do a rescan with mbam (but update it first) and try to post a hijackthis log

The exe's work in the normal mode. But for me to update mbam I'd have to get on to the browser which isn't possible now. BTW, the syware was 'Antivirus Soft' I guess.

well redownload Mbam on an usb from the pc where you are posting from on this forum and run mbam from usb in normal mode

Also download combofix on that usb, copy it on the desktop of the infected pc and run it and post the log here :

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

[Malwarebytes' Anti-Malware 1.44]

Malwarebytes' Anti-Malware 1.44
Database version: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

2/6/2010 3:19:16 PM
mbam-log-2010-02-06 (15-19-16).txt

Scan type: Full Scan (C:\|)
Objects scanned: 177664
Time elapsed: 48 minute(s), 42 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

ComboFix 10-02-05.04 - KB 02/06/2010  15:23:49.6.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1014.562 [GMT -6:00]
Running from: F:\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Outdated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\KAUSTU~1\LOCALS~1\Temp\CDM\{CC1DDFD2-A1AC-4A9B-A07B-6CD5526A7974}\x64\csnpstd3.dll
c:\docume~1\KAUSTU~1\LOCALS~1\Temp\CDM\{CC1DDFD2-A1AC-4A9B-A07B-6CD5526A7974}\x64\rsnpx64.dll
c:\docume~1\KAUSTU~1\LOCALS~1\Temp\CDM\{CC1DDFD2-A1AC-4A9B-A07B-6CD5526A7974}\x64\snpstd3.sys
c:\docume~1\KAUSTU~1\LOCALS~1\Temp\CDM\{CC1DDFD2-A1AC-4A9B-A07B-6CD5526A7974}\x64\vsnpx64.dll
c:\documents and settings\KB\Local Settings\Temp\CDM\{CC1DDFD2-A1AC-4A9B-A07B-6CD5526A7974}\x64\csnpstd3.dll
c:\documents and settings\KB\Local Settings\Temp\CDM\{CC1DDFD2-A1AC-4A9B-A07B-6CD5526A7974}\x64\rsnpx64.dll
c:\documents and settings\KB\Local Settings\Temp\CDM\{CC1DDFD2-A1AC-4A9B-A07B-6CD5526A7974}\x64\snpstd3.sys
c:\documents and settings\KB\Local Settings\Temp\CDM\{CC1DDFD2-A1AC-4A9B-A07B-6CD5526A7974}\x64\vsnpx64.dll
c:\windows\a3kebook.ini
c:\windows\akebook.ini
c:\windows\ANS2000.INI

.
(((((((((((((((((((((((((   Files Created from 2010-01-06 to 2010-02-06  )))))))))))))))))))))))))))))))
.

2010-02-02 03:32 . 2010-02-06 20:28   --------   d-----w-   c:\program files\Binary
2010-01-31 05:42 . 2010-02-06 04:13   --------   d-----w-   c:\documents and settings\KB\Local Settings\Application Data\ddasrp
2010-01-21 04:39 . 2010-01-21 04:39   --------   d-----w-   c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2010-01-21 04:39 . 2010-01-21 04:39   --------   d-----w-   c:\documents and settings\KB\Application Data\Office Genuine Advantage
2010-01-13 00:31 . 2009-11-21 15:51   471552   ------w-   c:\windows\system32\dllcache\aclayers.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-06 00:54 . 2009-06-10 03:29   --------   d-----w-   c:\program files\Common Files\AOL
2010-02-02 01:11 . 2008-09-17 15:32   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2010-02-01 04:48 . 2007-09-12 22:34   --------   d-----w-   c:\program files\WebEx
2010-01-31 05:49 . 2006-08-30 23:35   72824   ----a-w-   c:\documents and settings\KB\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-27 05:19 . 2006-08-23 14:39   --------   d-----w-   c:\program files\Google
2010-01-14 17:12 . 2009-10-03 04:59   181120   ------w-   c:\windows\system32\MpSigStub.exe
2010-01-13 02:34 . 2009-01-24 01:10   --------   d-----w-   c:\documents and settings\All Users\Application Data\Microsoft Help
2010-01-07 22:07 . 2008-09-17 15:32   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 22:07 . 2008-09-17 15:32   19160   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-01-05 10:00 . 2004-08-11 22:00   832512   ----a-w-   c:\windows\system32\wininet.dll
2010-01-05 10:00 . 2009-01-28 07:54   78336   ----a-w-   c:\windows\system32\ieencode.dll
2010-01-05 10:00 . 2004-08-11 22:00   17408   ----a-w-   c:\windows\system32\corpol.dll
2010-01-04 07:37 . 2009-12-03 23:23   79488   ----a-w-   c:\documents and settings\KB\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-12-30 08:55 . 2006-09-09 20:02   --------   d-----w-   c:\documents and settings\KB\Application Data\Skype
2009-12-13 20:14 . 2009-04-25 18:59   --------   d-----w-   c:\documents and settings\KB\Application Data\uTorrent
2009-12-12 21:20 . 2009-12-04 03:59   --------   d-----w-   c:\documents and settings\All Users\Application Data\4f604f1
2009-12-09 01:49 . 2009-04-02 23:53   56816   ----a-w-   c:\windows\system32\drivers\avgntflt.sys
2009-11-21 15:51 . 2004-08-11 22:00   471552   ----a-w-   c:\windows\AppPatch\aclayers.dll
2009-06-10 03:26 . 2009-06-10 03:26   14519936   ----a-w-   c:\program files\Install_AIM.exe
2009-04-11 17:26 . 2009-04-11 17:26   3734784   ----a-w-   c:\program files\FoxitReader30_enu_Setup.exe
2009-04-04 21:30 . 2009-04-04 21:30   16438680   ----a-w-   c:\program files\jre-6u13-windows-i586-p-s.exe
2009-04-02 23:50 . 2009-04-02 23:50   30001096   ----a-w-   c:\program files\avira_antivir_personal_en.exe
2009-03-29 16:45 . 2009-03-29 16:45   3190688   ----a-w-   c:\program files\ccsetup218.exe
2009-03-14 01:18 . 2009-03-14 01:18   3184816   ----a-w-   c:\program files\ccsetup217.exe
2009-02-11 05:01 . 2009-02-11 04:57   15023   ----a-w-   c:\program files\MBA Associate Project Evaluation.docx
2009-02-01 22:16 . 2009-02-01 22:16   1011568   ----a-w-   c:\program files\MoveMediaPlayer_071101000055.exe
2009-01-26 02:36 . 2009-01-26 02:34   7518240   ----a-w-   c:\program files\Firefox Setup 3.0.5.exe
2009-01-24 16:29 . 2009-01-24 16:29   16710688   ----a-w-   c:\program files\IE8-WindowsXP-x86-ENU.exe
2009-01-24 16:25 . 2009-01-24 16:25   27024112   ----a-w-   c:\program files\PowerPointViewer.exe
2009-01-24 16:22 . 2009-01-24 16:21   956344   ----a-w-   c:\program files\SaveAsPDFandXPS.exe
2009-01-18 16:19 . 2009-01-18 16:19   2594000   ----a-w-   c:\program files\adventure_sports.exe
2008-09-20 03:28 . 2008-09-20 03:28   812344   ----a-w-   c:\program files\HJTInstall.exe
2008-09-18 19:41 . 2008-09-18 19:41   9722720   ----a-w-   c:\program files\spybotsd152.exe
2008-07-20 16:54 . 2008-07-20 16:54   2919360   ----a-w-   c:\program files\ccsetup209.exe
2008-02-03 16:45 . 2008-02-03 16:45   2353778   ----a-w-   c:\program files\gt8demo.exe
2008-01-28 10:18 . 2008-01-28 10:18   28868320   ----a-w-   c:\program files\FileFormatConverters.exe
2008-01-09 23:46 . 2008-01-09 23:46   17323216   ----a-w-   c:\program files\DivXBundle.exe
2007-12-28 07:20 . 2007-12-28 07:20   3327869   ----a-w-   c:\program files\SopCast.zip
2007-09-01 15:42 . 2007-09-01 15:42   6018096   ----a-w-   c:\program files\Firefox Setup 2.0.0.6.exe
2007-03-26 02:11 . 2007-03-26 02:08   413696   ----a-w-   c:\program files\MINITAB_14.20_(05-Mo_Rental).exe
2006-10-11 03:57 . 2006-10-11 03:56   63809907   ----a-w-   c:\program files\QC2_Setup.exe
2006-10-11 03:08 . 2006-10-11 03:08   78562818   ----a-w-   c:\program files\MTB1420_30DAY.exe
2006-10-08 06:14 . 2006-10-08 06:14   8591360   ----a-w-   c:\program files\winvpn-48-students.exe
2006-09-07 03:11 . 2006-09-07 03:09   21290704   ----a-w-   c:\program files\AdbeRdr708_en_US.exe
2006-09-03 01:21 . 2006-09-03 01:21   10332640   ----a-w-   c:\program files\SkypeSetup.exe
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-09-02 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2006-10-29 185896]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages   REG_MULTI_SZ      msv1_0 wvauth

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk
backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Cisco Systems VPN Client.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Cisco Systems VPN Client.lnk
backup=c:\windows\pss\Cisco Systems VPN Client.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EMBASSY Trust Suite Secure Update.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\EMBASSY Trust Suite Secure Update.lnk
backup=c:\windows\pss\EMBASSY Trust Suite Secure Update.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint]
2005-10-07 17:13   176128   ----a-r-   c:\program files\Apoint\Apoint.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2008-11-07 20:16   111936   ----a-w-   c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
2009-03-07 22:19   590848   ----a-w-   c:\progra~1\Grisoft\AVGFRE~1\avgcc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12   15360   ------w-   c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
2006-04-06 19:58   1032192   ----a-w-   c:\program files\Dell\QuickSet\quickset.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
2005-09-08 10:20   122940   ----a-w-   c:\windows\system32\DLA\DLACTRLW.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Document Manager]
2006-03-09 17:26   98304   ----a-w-   c:\program files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2005-12-10 01:29   49152   ------w-   c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 17:44   31072   ----a-w-   c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2006-07-14 23:04   77824   ----a-w-   c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2006-07-14 23:08   118784   ----a-w-   c:\windows\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2006-07-14 23:07   94208   ----a-w-   c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
2005-12-28 16:56   602182   ----a-w-   c:\program files\Intel\Wireless\Bin\iFrmewrk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]
2005-12-28 16:55   667718   ----a-w-   c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-03-20 22:34   86960   ----a-w-   c:\program files\Common Files\InstallShield\UpdateService\issch.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-11-20 19:20   290088   ----a-w-   c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold]
2003-09-10 07:24   20480   ------w-   c:\program files\NetWaiting\netwaiting.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2009-07-26 22:44   3883856   ----a-w-   c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-11-04 16:30   413696   ----a-w-   c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2006-03-24 21:30   282624   ----a-w-   c:\windows\stsystra.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2006-08-21 22:37   20053032   -c--a-w-   c:\program files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
2006-09-19 14:07   827392   ----a-w-   c:\windows\vsnpstd3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-04-05 00:42   148888   ----a-w-   c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2006-10-29 05:28   185896   ----a-w-   c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-04 00:20   866584   ----a-w-   c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avginet.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avgemc.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\WINDOWS\\system32\\UStorSrv.exe"=
"c:\\WINDOWS\\system32\\spoolsv.exe"=
"c:\\Program Files\\Grisoft\\AVG Free\\avgupsvc.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [4/2/2009 5:53 PM 108289]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [6/9/2009 9:30 PM 24652]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 6:19 PM 13592]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [9/2/2009 4:06 PM 133104]
.
Contents of the 'Scheduled Tasks' folder

2009-09-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]

2010-02-06 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-02 22:14]

2010-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-02 22:06]

2010-02-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-02 22:06]

2010-02-06 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]

2010-02-06 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 21:07]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-06 15:28
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{2E507E2F-8DE2-B600-388E74CEB17F3DFF}\{1B0F221A-E59F-0B42-732631A91276FA51}\{D15813DF-5A02-67D8-CCD20FCB931DE0AB}*]
"MXWMZBBJPIARSDPHLNYRY5GWLB1"=hex:01,00,01,00,00,00,00,00,0f,06,77,1b,29,4d,3c,
   5b,35,81,92,71,e8,29,5a,84,14,35,16,70,d8,6e,ff,61

[HKEY_LOCAL_MACHINE\software\DeterministicNetworks\DNE\Parameters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,79,00,73,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1284)
c:\windows\system32\WINSPOOL.DRV

- - - - - - - > 'lsass.exe'(1340)
c:\windows\system32\wvauth.dll
c:\windows\system32\biolsp.dll
.
Completion time: 2010-02-06  15:30:31
ComboFix-quarantined-files.txt  2010-02-06 21:30
ComboFix2.txt  2009-04-03 00:29
ComboFix3.txt  2009-04-01 02:07
ComboFix4.txt  2008-09-20 13:56

Pre-Run: 29,175,115,776 bytes free
Post-Run: 29,149,274,112 bytes free

- - End Of File - - D98549FECB0D276DC902016E65EF866E

That should have done the trick

any problems left?

Thanks Man ! Worked perfectly well.

Allright man, glad to hear and well done

Dont forget to update all security patches from windows and your security software as well