cpu usage 100%

[yukukuhi]

I think my pc is infected with malware. please help

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16483 BrowserJavaVersion: 10.21.2
Run by Sai SGK at 18:55:19 on 2013-06-03
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.91.1033.18.3255.2156 [GMT 5.5:30]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe
C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\hp\HP Software Update\hpwuschd2.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Windows\system32\conhost.exe
C:\Users\Sai SGK\AppData\Roaming\Adobe\Flash Player\SpeedCache\mpchc64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Sai SGK\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://tuvaro.com/ws/?source=536c75e7&tbp=homepage&toolbarid=base&u=64d260000000000000006c626d4939de
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - <orphaned>
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Free Download Manager: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - c:\program files\free download manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\HPNetworkCheckPlugin.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [RESTART_STICKY_NOTES] c:\windows\system32\StikyNot.exe
uRun: [SpeedUpSystem] wscript "c:\users\sai sgk\appdata\roaming\adobe\flash player\speedcache\afile.vbs" "c:\users\sai sgk\appdata\roaming\adobe\flash player\speedcache\aso.bat"
mRun: [hpsysdrv] c:\program files\hewlett-packard\hp odometer\hpsysdrv.exe
mRun: [BATINDICATOR] c:\program files\hewlett-packard\hp mainstream keyboard\BATINDICATOR.exe
mRun: [LaunchHPOSIAPP] c:\program files\hewlett-packard\hp mainstream keyboard\LaunchApp.exe
mRun: [HP Remote Solution] c:\program files\hewlett-packard\hp remote solution\HP_Remote_Solution.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SmartMenu] c:\program files\hewlett-packard\hp mediasmart\SmartMenu.exe /background
mRun: [PC-Doctor for Windows localizer] c:\program files\pc-doctor for windows\localizer.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\averhi~1.lnk - c:\program files\common files\avermedia\averquick\AVerHIDReceiver.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\averqu~1.lnk - c:\program files\common files\avermedia\averquick\AVerQuick.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download all with Free Download Manager - c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - c:\program files\free download manager\dllink.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - c:\program files\hewlett-packard\hp support framework\resources\hpnetworkcheck\NCLauncherFromIE.exe
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{65761BBB-314C-497C-B341-7373BFF88A84} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{95278B9B-CEB4-41F9-8410-767709D61073} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\sai sgk\appdata\roaming\mozilla\firefox\profiles\vc9kd8ly.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\programdata\visan\plugins\npRLSecurePluginLayer.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_7_700_202.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
FF - ExtSQL: 2013-05-18 16:51; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\sai sgk\appdata\roaming\mozilla\firefox\profiles\vc9kd8ly.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - ExtSQL: 2013-06-01 09:53; {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}; c:\users\sai sgk\appdata\roaming\mozilla\firefox\profiles\vc9kd8ly.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
FF - ExtSQL: 2013-06-03 17:26; fdm_ffext@freedownloadmanager.org; c:\program files\free download manager\firefox\Extension
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 64d260000000000000006c626d4939de
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15843
FF - user.js: extensions.delta.vrsn - 1.8.21.0
FF - user.js: extensions.delta.vrsni - 1.8.21.0
FF - user.js: extensions.delta.vrsnTs - 1.8.21.018:05:38
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119816&tt=gc_170513_18210
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
FF - user.js: extensions.tuvaro.hpOld0 -
FF - user.js: extensions.tuvaro.tlbrSrchUrl - hxxp://tuvaro.com/ws/?source=536c75e7&tbp=main&toolbarid=base&u=64d260000000000000006c626d4939de&q=
FF - user.js: extensions.tuvaro.id - 64d260000000000000006c626d4939de
FF - user.js: extensions.tuvaro.appId - {2768469C-717B-401F-8532-C6D88BAE0339}
FF - user.js: extensions.tuvaro.instlDay - 15847
FF - user.js: extensions.tuvaro.vrsn - 1.8.17.3
FF - user.js: extensions.tuvaro.vrsni - 1.8.17.3
FF - user.js: extensions.tuvaro.vrsnTs - 1.8.17.39:48:06
FF - user.js: extensions.tuvaro.prtnrId - tuvaro
FF - user.js: extensions.tuvaro.prdct - tuvaro
FF - user.js: extensions.tuvaro.aflt - orgnl
FF - user.js: extensions.tuvaro.smplGrp - none
FF - user.js: extensions.tuvaro.tlbrId - base
FF - user.js: extensions.tuvaro.instlRef - 536c75e7
FF - user.js: extensions.tuvaro.dfltLng -
FF - user.js: extensions.tuvaro.excTlbr - false
FF - user.js: extensions.tuvaro.ffxUnstlRst - false
FF - user.js: extensions.tuvaro.admin - false
FF - user.js: extensions.tuvaro.cam -
FF - user.js: extensions.tuvaro.autoRvrt - false
FF - user.js: extensions.tuvaro.rvrt - false
FF - user.js: extensions.tuvaro.hmpg - true
FF - user.js: extensions.tuvaro.hmpgUrl - hxxp://tuvaro.com/ws/?source=536c75e7&tbp=homepage&toolbarid=base&u=64d260000000000000006c626d4939de
FF - user.js: extensions.tuvaro.dfltSrch - true
FF - user.js: extensions.tuvaro.srchPrvdr - Tuvaro
FF - user.js: extensions.tuvaro.kw_url - hxxp://tuvaro.com/ws/?source=536c75e7&tbp=url&toolbarid=base&u=64d260000000000000006c626d4939de&q=
FF - user.js: extensions.tuvaro.dnsErr - true
FF - user.js: extensions.tuvaro.newTab - true
FF - user.js: extensions.tuvaro.newTabUrl - chrome://tuvaro/content/new browser tab.html?source=536c75e7&tbp=tab&u=64d260000000000000006c626d4939de
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-2-8 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 245048]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-2-8 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-2-8 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-3-29 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-3-1 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-2-8 170808]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]
R2 AVerRemote;AVerRemote;c:\program files\common files\avermedia\service\AVerRemote.exe [2013-5-11 348160]
R2 AVerScheduleService;AVerScheduleService;c:\program files\common files\avermedia\service\AVerScheduleService.exe [2013-5-11 389120]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-5-14 4937264]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-4-18 283136]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\hewlett-packard\hp support framework\HPSA_Service.exe [2012-9-27 86528]
R3 AVER_H193;AVerMedia H193 Video Capture;c:\windows\system32\drivers\AVer888RC.sys [2009-8-21 461952]
R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:\windows\system32\drivers\AVerPola.sys [2013-5-11 314752]
R3 AVPolCIR;AVerMedia USB Polaris Series Custom IR Service;c:\windows\system32\drivers\AVPolCIR.sys [2013-5-11 32896]
R3 CXCIR;AVerMedia Consumer Infrared Receiver;c:\windows\system32\drivers\AVer888RCIR.sys [2009-8-21 33280]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-8-21 189440]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\drivers\netr28.sys [2009-5-20 599040]
S3 PCDSRVC{4F253FFC-7957E8FC-06000000}_0;PCDSRVC{4F253FFC-7957E8FC-06000000}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\pc-doctor for windows\pcdsrvc.pkms [2009-9-17 20848]
.
=============== Created Last 30 ================
.
2013-06-03 11:56:04 -------- d-----w- c:\users\sai sgk\appdata\roaming\Free Download Manager
2013-06-03 09:15:23 -------- d-----w- c:\users\sai sgk\appdata\roaming\Malwarebytes
2013-06-03 09:15:11 -------- d-----w- c:\programdata\Malwarebytes
2013-06-03 09:15:10 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-03 09:15:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-06-01 04:12:30 -------- d-----w- c:\programdata\IDM
2013-06-01 04:12:29 -------- d-----w- c:\users\sai sgk\appdata\roaming\DMCache
2013-05-30 11:16:37 -------- d-----w- c:\users\sai sgk\appdata\roaming\FlashgetSetup
2013-05-30 11:16:37 -------- d-----w- c:\users\sai sgk\appdata\roaming\BITS
2013-05-30 11:16:29 -------- d-----w- c:\program files\FlashGet Network
2013-05-30 11:11:29 -------- d-----w- C:\Downloads
2013-05-30 11:10:26 -------- d-----w- c:\program files\Free Download Manager
2013-05-26 11:49:39 -------- d-----w- C:\Recorded Videos
2013-05-24 13:43:19 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-05-24 13:43:19 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-05-24 13:38:01 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-05-24 13:38:01 49472 ----a-w- c:\windows\system32\netfxperf.dll
2013-05-24 13:38:01 297808 ----a-w- c:\windows\system32\mscoree.dll
2013-05-24 13:38:01 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2013-05-24 13:38:01 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-05-24 13:26:06 5120 ----a-w- c:\windows\system32\wmi.dll
2013-05-24 13:26:06 19312 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-05-24 13:26:06 158720 ----a-w- c:\windows\system32\imagehlp.dll
2013-05-24 13:20:09 801792 ----a-w- c:\windows\system32\FntCache.dll
2013-05-24 13:20:09 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-05-24 13:20:09 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-05-24 13:20:09 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll
2013-05-24 13:20:09 135168 ----a-w- c:\windows\system32\XpsRasterService.dll
2013-05-24 13:20:08 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-05-24 13:20:08 442880 ----a-w- c:\windows\system32\XpsPrint.dll
2013-05-24 13:20:08 3181568 ----a-w- c:\windows\system32\mf.dll
2013-05-24 13:20:08 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-05-24 13:20:08 196608 ----a-w- c:\windows\system32\mfreadwrite.dll
2013-05-24 13:20:08 107520 ----a-w- c:\windows\system32\cdd.dll
2013-05-24 13:12:46 -------- d-----w- c:\program files\MSXML 4.0
2013-05-24 12:55:10 123904 ----a-w- c:\windows\system32\poqexec.exe
2013-05-24 12:54:54 690688 ----a-w- c:\windows\system32\msvcrt.dll
2013-05-24 12:54:52 285696 ----a-w- c:\windows\system32\winlogon.exe
2013-05-24 12:54:52 2614272 ----a-w- c:\windows\explorer.exe
2013-05-24 12:53:37 36864 ----a-w- c:\windows\system32\tsgqec.dll
2013-05-24 12:53:37 2691072 ----a-w- c:\windows\system32\mstscax.dll
2013-05-24 12:53:37 131072 ----a-w- c:\windows\system32\aaclient.dll
2013-05-24 12:52:52 826368 ----a-w- c:\windows\system32\rdpcore.dll
2013-05-24 12:52:52 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-05-24 12:52:50 2048 ----a-w- c:\windows\system32\tzres.dll
2013-05-24 12:51:49 1034240 ----a-w- c:\windows\system32\mstsc.exe
2013-05-24 12:50:58 954752 ----a-w- c:\windows\system32\mfc40.dll
2013-05-24 12:50:58 954288 ----a-w- c:\windows\system32\mfc40u.dll
2013-05-24 12:49:49 338944 ----a-w- c:\windows\system32\drivers\afd.sys
2013-05-24 12:49:36 316928 ----a-w- c:\windows\system32\spoolsv.exe
2013-05-24 12:49:16 69632 ----a-w- c:\windows\system32\drivers\bowser.sys
2013-05-24 12:47:36 294912 ----a-w- c:\windows\system32\umpnpmgr.dll
2013-05-24 12:46:38 376832 ----a-w- c:\windows\system32\dpnet.dll
2013-05-24 12:46:37 67584 ----a-w- c:\windows\system32\asycfilt.dll
2013-05-24 12:46:36 768512 ----a-w- c:\windows\system32\localspl.dll
2013-05-24 12:46:36 1236992 ----a-w- c:\windows\system32\msxml3.dll
2013-05-24 12:46:35 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-05-24 12:46:32 530432 ----a-w- c:\windows\system32\comctl32.dll
2013-05-24 12:46:31 4247040 ----a-w- c:\program files\windows nt\accessories\wordpad.exe
2013-05-24 12:46:31 1413632 ----a-w- c:\windows\system32\ole32.dll
2013-05-24 12:46:30 516096 ----a-w- c:\program files\windows mail\wab.exe
2013-05-24 12:46:30 132608 ----a-w- c:\windows\system32\cabview.dll
2013-05-24 12:46:30 109056 ----a-w- c:\windows\system32\t2embed.dll
2013-05-24 12:46:29 82944 ----a-w- c:\windows\system32\iccvid.dll
2013-05-24 12:46:29 197632 ----a-w- c:\windows\system32\ir32_32.dll
2013-05-24 12:44:41 292864 ----a-w- c:\windows\system32\apphelp.dll
2013-05-24 12:42:34 850432 ----a-w- c:\windows\system32\sbe.dll
2013-05-24 12:42:34 642048 ----a-w- c:\windows\system32\CPFilters.dll
2013-05-24 12:42:34 199680 ----a-w- c:\windows\system32\mpg2splt.ax
2013-05-24 12:42:04 187240 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-05-24 12:42:04 1287528 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-24 12:41:52 541184 ----a-w- c:\windows\system32\kerberos.dll
2013-05-24 12:41:36 41472 ----a-w- c:\windows\system32\browcli.dll
2013-05-24 12:41:36 102912 ----a-w- c:\windows\system32\browser.dll
2013-05-24 12:41:35 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe
2013-05-24 12:41:35 57856 ----a-w- c:\windows\system32\rdpwsx.dll
2013-05-24 12:41:35 363520 ----a-w- c:\windows\system32\StructuredQuery.dll
2013-05-24 12:41:35 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll
2013-05-24 12:41:34 70656 ----a-w- c:\windows\system32\fontsub.dll
2013-05-24 12:41:34 67072 ----a-w- c:\windows\system32\packager.dll
2013-05-24 12:41:33 245616 ----a-w- c:\windows\system32\drivers\volsnap.sys
2013-05-24 12:41:32 738816 ----a-w- c:\windows\system32\wmpmde.dll
2013-05-24 12:39:54 56688 ----a-w- c:\windows\system32\drivers\partmgr.sys
2013-05-23 12:56:56 -------- d-----w- c:\users\sai sgk\appdata\roaming\Auslogics
2013-05-23 12:56:55 -------- d-----w- c:\program files\Auslogics
2013-05-23 04:25:29 -------- d-----w- c:\users\sai sgk\appdata\roaming\BitTorrent
2013-05-22 04:21:24 -------- d-----w- c:\users\sai sgk\appdata\roaming\uTorrent
2013-05-22 04:18:13 -------- d-----w- c:\users\sai sgk\appdata\local\CRE
2013-05-22 04:18:03 -------- d-----w- c:\program files\Conduit
2013-05-22 04:18:02 -------- d-----w- c:\users\sai sgk\appdata\local\Conduit
2013-05-22 04:15:10 -------- d-----w- c:\users\sai sgk\appdata\local\Google
2013-05-22 04:03:58 -------- d-----w- c:\users\sai sgk\appdata\local\sabnzbd
2013-05-21 13:21:41 -------- d-----w- c:\users\sai sgk\appdata\roaming\.BitTornado
2013-05-21 13:21:09 -------- d-----w- c:\program files\BitTornado
2013-05-20 13:15:41 -------- d-----w- c:\program files\MPC-HC
2013-05-20 05:21:13 -------- d-----w- c:\users\sai sgk\appdata\roaming\Visan
2013-05-20 05:18:08 -------- d-----w- c:\programdata\Visan
2013-05-20 04:50:48 -------- d-----w- c:\programdata\HP Photo Creations
2013-05-20 04:50:48 -------- d-----w- c:\program files\HP Photo Creations
2013-05-20 04:50:45 -------- d-----w- c:\program files\Coupons
2013-05-20 04:50:19 273256 ------w- c:\windows\system32\HPDiscoPM9311.dll
2013-05-20 04:48:51 -------- d-----w- c:\users\sai sgk\appdata\local\HP
2013-05-19 13:00:34 -------- d-----w- c:\users\sai sgk\appdata\local\Macromedia
2013-05-19 12:48:31 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-19 12:48:31 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-18 12:37:00 -------- d-----w- c:\users\sai sgk\appdata\local\Bundled software uninstaller
2013-05-18 12:34:47 -------- d-----w- c:\users\sai sgk\appdata\roaming\Babylon
2013-05-18 12:34:47 -------- d-----w- c:\programdata\Babylon
2013-05-18 11:26:47 -------- d-----w- c:\program files\VirtualDub
2013-05-17 11:29:02 -------- d-----w- c:\users\sai sgk\appdata\roaming\foobar2000
2013-05-17 11:28:57 -------- d-----w- c:\program files\foobar2000
2013-05-15 12:31:35 -------- d-----w- c:\users\sai sgk\appdata\roaming\VideoReDo-TVSuite4
2013-05-15 12:31:35 -------- d-----w- c:\program files\VideoReDoTVSuite4
2013-05-15 12:28:53 -------- d-----w- c:\users\sai sgk\appdata\roaming\AccurateRip
2013-05-15 12:27:57 4779592 ----a-w- c:\windows\system32\SpoonUninstall.exe
2013-05-15 12:27:46 -------- d-----w- c:\program files\Illustrate
2013-05-14 13:24:44 866720 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-05-14 13:24:44 788896 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-14 13:24:43 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-05-14 13:13:09 -------- d-----w- c:\program files\aMule
2013-05-14 12:59:05 -------- d-----w- c:\users\sai sgk\appdata\roaming\aMule
2013-05-14 03:55:18 -------- d-----w- c:\program files\AvsP
2013-05-14 03:54:35 -------- d-----w- c:\program files\AviSynth 2.5
2013-05-13 13:44:43 -------- d-----w- c:\users\sai sgk\appdata\roaming\AVG2013
2013-05-13 13:44:07 -------- d-----w- c:\users\sai sgk\appdata\roaming\TuneUp Software
2013-05-13 13:43:55 -------- d--h--w- C:\$AVG
2013-05-13 13:43:55 -------- d-----w- c:\programdata\AVG2013
2013-05-13 13:43:36 -------- d-----w- c:\program files\AVG
2013-05-13 13:35:15 -------- d--h--w- c:\programdata\Common Files
2013-05-13 13:35:15 -------- d-----w- c:\users\sai sgk\appdata\local\MFAData
2013-05-13 13:35:15 -------- d-----w- c:\users\sai sgk\appdata\local\Avg2013
2013-05-13 13:35:15 -------- d-----w- c:\programdata\MFAData
2013-05-13 13:34:33 -------- d-----w- c:\program files\VideoLAN
2013-05-13 13:33:09 178688 ----a-w- c:\windows\system32\unrar.dll
2013-05-13 12:26:26 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-05-13 12:26:20 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-05-13 12:26:13 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-05-13 12:26:13 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-05-12 10:55:31 -------- d-----w- c:\users\sai sgk\appdata\local\Microsoft Games
2013-05-12 10:20:48 -------- d-----w- c:\users\sai sgk\appdata\local\Programs
2013-05-12 06:01:37 22944 ----a-w- c:\windows\system32\drivers\cpqdfw.sys
2013-05-12 06:00:41 -------- d-----w- c:\programdata\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2013-05-12 06:00:29 -------- d-----w- c:\users\sai sgk\appdata\roaming\hpqLog
2013-05-12 06:00:16 -------- d-----w- C:\swsetup
2013-05-12 05:42:46 -------- d-----w- c:\users\sai sgk\appdata\roaming\HP Support Assistant
2013-05-12 05:42:45 -------- d-----w- c:\users\sai sgk\appdata\roaming\HpUpdate
2013-05-12 05:36:33 -------- d-----w- c:\users\sai sgk\appdata\local\Adobe
2013-05-12 05:35:07 -------- d-----w- c:\program files\common files\Adobe Systems Shared
2013-05-11 10:44:12 -------- d-----w- c:\programdata\AVerTV
2013-05-11 10:44:05 -------- d-----w- c:\users\sai sgk\appdata\local\AVerMedia
2013-05-11 04:34:24 -------- d-----w- c:\users\sai sgk\appdata\local\CyberLink
2013-05-11 04:34:23 -------- d-----w- c:\users\sai sgk\appdata\local\PowerCinema
2013-05-11 04:28:13 -------- d-----w- C:\New Folder
2013-05-11 04:05:01 -------- d-----w- c:\program files\PowerISO
2013-05-11 00:22:55 1320960 ----a-w- c:\windows\system32\CertEnroll.dll
2013-05-11 00:22:54 507568 ----a-w- c:\windows\system32\winload.exe
2013-05-11 00:22:54 442920 ----a-w- c:\windows\system32\winresume.exe
2013-05-11 00:22:37 257024 ----a-w- c:\windows\system32\msv1_0.dll
2013-05-11 00:22:32 34816 ----a-w- c:\windows\system32\msasn1.dll
2013-05-11 00:22:13 -------- d--h--w- C:\hp
2013-05-11 00:22:12 -------- d-----w- c:\windows\system32\OEM
2013-05-11 00:22:12 -------- d-----w- c:\windows\Panther
2013-05-10 13:28:30 24576 ----a-w- c:\windows\system32\cxtvrate.dll
2013-05-10 13:28:30 18432 ----a-w- c:\windows\system32\cpnotify.ax
2013-05-10 13:28:30 -------- d-----w- c:\windows\Driver Cache
2013-05-10 13:17:10 6906960 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{606a50d8-1396-4aef-bf21-01baf06e2c2c}\mpengine.dll
2013-05-10 13:17:07 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-05-10 13:15:31 -------- d-----w- c:\users\sai sgk\appdata\local\Mozilla
2013-05-10 13:15:27 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-05-10 12:56:19 -------- d-----w- c:\users\sai sgk\appdata\local\Hewlett-Packard
2013-05-10 11:32:38 -------- d-----w- c:\programdata\Norton
2013-05-10 11:32:19 -------- d-----w- c:\programdata\NortonInstaller
2013-05-10 11:31:03 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2013-05-10 11:31:01 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2013-05-10 11:30:25 -------- d-----w- c:\program files\Microsoft
2013-05-10 11:30:10 -------- d-----w- c:\program files\Windows Live SkyDrive
2013-05-10 11:29:45 -------- d-----w- c:\windows\PCHEALTH
2013-05-10 11:29:32 74520 ----a-w- c:\program files\common files\windows live\.cache\a49832d51ce4d71\DSETUP.dll
2013-05-10 11:29:32 484632 ----a-w- c:\program files\common files\windows live\.cache\a49832d51ce4d71\DXSETUP.exe
2013-05-10 11:29:32 1670936 ----a-w- c:\program files\common files\windows live\.cache\a49832d51ce4d71\dsetup32.dll
2013-05-10 11:29:16 141402440 ----a-w- c:\program files\common files\windows live\.cache\wlc16AB.tmp
2013-05-10 11:29:10 -------- d-----w- c:\program files\common files\Windows Live
2013-05-10 11:28:46 537248 ----a-w- c:\program files\online services\omnifone\MusicStation.exe
2013-05-10 11:26:14 -------- d-----w- c:\programdata\WildTangent
2013-05-10 11:26:14 -------- d-----w- c:\program files\HP Games
2013-05-10 11:26:13 -------- d-----r- c:\program files\Online Services
2013-05-10 11:21:57 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll
2013-05-10 11:21:57 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll
2013-05-10 11:21:57 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe
2013-05-10 11:21:57 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll
2013-05-10 11:21:57 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll
2013-05-10 11:21:57 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll
2013-05-10 11:21:57 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll
2013-05-10 11:16:59 -------- d-----w- c:\programdata\PC-Doctor for Windows
2013-05-10 11:16:47 -------- d-----w- c:\program files\PC-Doctor for Windows
2013-05-10 11:14:51 -------- d---a-w- c:\program files\common files\LS Getting Started
2013-05-10 11:08:01 -------- d-----w- c:\program files\PlayReady
2013-05-10 11:06:40 831488 ----a-w- c:\windows\RtlExUpd.dll
2013-05-10 11:06:40 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2013-05-10 11:06:40 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2013-05-10 11:06:40 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2013-05-10 11:06:40 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2013-05-10 11:06:40 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2013-05-10 11:06:40 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2013-05-10 11:06:40 -------- d--h--w- c:\program files\Temp
2013-05-10 11:06:39 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2013-05-10 11:06:39 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2013-05-10 11:05:48 -------- d-----w- c:\windows\system32\wbem\Performance
2013-05-10 11:05:37 -------- d-----w- c:\windows\system32\AGEIA
2013-05-10 11:05:34 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2013-05-10 11:04:14 -------- dc-h--w- c:\programdata\{D441869F-BEC4-446D-9888-C5CA29F160F9}
2013-05-10 11:02:36 -------- d-----w- c:\program files\hp
2013-05-10 11:01:38 253952 ----a-w- c:\windows\system32\cPC_DMIRD.dll
2013-05-10 10:59:58 -------- d-sh--w- c:\windows\Installer
2013-05-10 10:56:38 584296 ----a-w- c:\windows\system32\nvuninst.exe
2013-05-10 10:56:03 -------- d-----w- c:\program files\Realtek
2013-05-10 10:56:02 -------- d-----w- c:\windows\system32\RTCOM
.
==================== Find3M ====================
.
2013-04-25 15:00:16 5041848 ----a-w- c:\users\sai sgk\appdata\roaming\idman615f.exe
2013-04-12 13:58:11 1210728 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-03-28 21:23:48 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-03-20 21:38:24 182072 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2013-03-19 05:06:09 3958120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-03-19 05:06:09 3902312 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-19 04:54:22 38912 ----a-w- c:\windows\system32\csrsrv.dll
2013-03-19 02:50:03 69632 ----a-w- c:\windows\system32\smss.exe
.
============= FINISH: 18:55:40.49 ===============

[shelf life]

hi,

Sorry for the delay. If you still help simply reply back and we will check for any potential malware.

[yukukuhi]

thank you,
please help.

[shelf life]

Using explorer look in this path,

c:\users\sai sgk\appdata\roaming\adobe\flash player\speedcache\afile.vbs

or copy/paste: in the search Window after clicking on the start orb:
c:\users\sai sgk\appdata\roaming

Delete the entire adobe folder. If it gives you problems then you can try this;

During a computer restart tap the f8 key. At the options menu chose the first option: safe mode
Log into your normal account. Try deleting the above folder in Safe mode. Reboot normally afterwards.
---------------------------------------------------------

Next get a copy of Malwarebytes:

Please download the free version of Malwarebytes to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.

Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded, select Perform FULL SCAN, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.

Be sure that everything is checked, and click *Remove Selected.*

*A restart of your computer may be required to remove some items. If prompted please restart your computer to complete the fix.*

When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
Post the log in your reply.

-------------------------------------------------------------

Also you run Malwarebytes, get one more tool:

Please download JRT.exe to your desktop.

Double Right click the icon and "run as admin"
The tool will open and start scanning.
Please be patient as this can take a while to complete.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message

Please post the Malwarebytes log and the JRT log in your reply.

[yukukuhi]

mbam log

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.19.04

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Sai SGK :: SHIRDISAIBABA [administrator]

19-06-2013 17:26:54
mbam-log-2013-06-19 (17-26-54).txt

Scan type: Full scan (C:\|D:\|V:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 354595
Time elapsed: 34 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



jrt log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x86
Ran by Sai SGK on 19-06-2013 at 18:11:21.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\esrv.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3289075
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{082228E7-1975-47D6-B393-56B10156AA55}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{3D54E69F-98A9-46A5-ACEC-6CFED697A08D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{587A4289-5A0D-69FD-DF41-7205A86FD8F3}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"



~~~ Files

Successfully deleted: [File] "C:\Windows\system32\roboot.exe"
Successfully deleted: [File] "C:\Windows\couponprinter.ocx"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\Users\Sai SGK\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Sai SGK\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Sai SGK\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Sai SGK\appdata\local\babylon"
Successfully deleted: [Folder] "C:\Users\Sai SGK\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Sai SGK\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Sai SGK\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\coupons"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\Sai SGK\AppData\Roaming\mozilla\firefox\profiles\hab2nhw4.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19-06-2013 at 18:12:31.47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[shelf life]

ok thanks for the info. Malwarebytes log cant look any better. Did you manage to get that adobe folder deleted? Hows the CPU usage? We will get two more downloads to use. The first is similar to JRT in what it does:

Please download Adwcleaner by Xplode onto your desktop.
Right click and select run as admin.
Click on the Search button. After the scan a log file will open.
Close the log file and click the delete button.
Machine will reboot and on start up show a log.
Copy and paste the contents of this log in your reply.
You can also find the logs at C:\AdwCleaner[R1].txt [R2].txt etc as well

After the above you can get combofix. It requires that you read a short guide first before you use it. Read through the guide then apply the directions on your own machine. Please post the adwcleaner log and the combofix log in your reply.
Guide to using: Combofix