Pancake

Ok....few more things to clean out.


Have "Hijack This" fix all the following items in the list below by placing a check in the appropriate boxes.Confirm that you have only the listed ones checked, then press <Fix checked> and Close HJT.

O2 - BHO: 0 - {316C3DC2-0EE5-4712-A690-BA0BE6D69BE4} - C:\Program Files\Common Files\zyliv.dll
O2 - BHO: (no name) - {CF46BFB3-2ACC-441b-B82B-36B9562C7FF1} - C:\WINDOWS\system32\wxvhaeif.dll
O2 - BHO: (no name) - {E959E770-16F3-4212-B0A9-328F636E93C3} - C:\WINDOWS\system32\pmkhg.dll
O2 - BHO: (no name) - {E9BD0828-1FD9-410C-A50F-43EBE65D310F} - C:\WINDOWS\system32\hgghhef.dll
O4 - HKLM\..\Run: [vihorug] C:\Program Files\ComPlus Applications\vihorug22011.exe
O4 - HKCU\..\Run: [SystemOptimizer] rundll32.exe "C:\WINDOWS\system32\bluovwxw.dll",forkonce
O20 - Winlogon Notify: hgghhef - C:\WINDOWS\system32\hgghhef.dll
O20 - Winlogon Notify: pmkhg - C:\WINDOWS\system32\pmkhg.dll

Reboot...............
==============================

Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

It's IMPORTANT to carry out the instructions in the sequence listed below.


1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.


Open *notepad* and copy/paste the text in the quotebox below into it:


Save this as *CFScript.txt*, in the same location as ComboFix.exe


Image: http://img.photobucket.com/albums/v6...s/CFScript.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at *C:\ComboFix.txt*

*Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall*


===================================================
Please post back ...

C:\ComboFix.txt and a New HijackThis log