Follow these steps from essexboy:
Also include a GMER log please
http://www.geekstogo.com/misc/guide_icons/gmer.png
GMER Rootkit Scanner - Download - Homepage
[] Download GMER
[] Extract the contents of the zipped file to desktop.
[*] Double click GMER.exe.
http://img.photobucket.com/albums/v666/sUBs/gmer_zip.gif
[*] If it gives you a warning about rootkit activity and asks if you want to run a full scan…click on NO, then use the following settings for a more complete scan…
[*] In the right panel, you will see several boxes that have been checked. Ensure the following are UNCHECKED …
[] IAT/EAT
[] Drives/Partition other than Systemdrive (typically C:)
[*] Show All (don’t miss this one)
http://www.geekstogo.com/misc/guide_icons/GMER_thumb.jpg
Click the image to enlarge it
[*] Then click the Scan button & wait for it to finish.
[*] Once done click on the [Save…] button, and in the File name area, type in “ark.txt”
[*]Save the log where you can easily find it, such as your desktop.
CautionRootkit scans often produce false positives. Do NOT take any action on any “<— ROOKIT” entries
Please copy and paste the report into your Post.
Thanks for responding.
A few things - since I last posted, I ran another Avast! boot-time scan. It found no malware and just reported an unknown packer error on the MBAM setup file. In the multiple scans I’ve done since the initial infection Sunday night, seven things got moved to the Virus Chest - first came four Win32:Crypt-GMZ [Drp], then a Win32:Rootkit -gen[Rtk], and finally two Win32:Trojan-gen.
Also, I had run OTL earlier, when I was hoping to post a plea for help over at Geeks to Go, and it ran as expected and produced two logs. This time, I downloaded a new copy of the program, and it only produced the OTL log, and not the “Extras” log. I ran it again, and this time, on a hunch, I selected “Use SafeList” under “Extra Registry” (“None” had been automatically selected), but it made no difference, and when the program finished, the selection button had returned to “None”. So I will post that one log. However, I saved the earlier logs and can post them if you want to see them.
I am having the same connection reset problem here that I had at Geeks to Go - I’ll try attaching the files to see if they upload.
As you cannot post the logs due to resets that gives me a good indication as to the infection
Download ComboFix from one of these locations:
* IMPORTANT !!! Save ComboFix.exe to your Desktop
[*]Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
[*]Double click on ComboFix.exe & follow the prompts.
[*]As part of it’s process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it’s strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
[*]Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it’s malware removal procedures.
http://img.photobucket.com/albums/v706/ried7/RcAuto1.gif
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
http://img.photobucket.com/albums/v706/ried7/whatnext.png
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Here’s the ComboFix log. ComboFix required a reboot because it said detected rootkit activity. Also, although I turned off the Avast! online scanner and had disconnected from the internet, during the later stages of the ComboFix scan, requests to connect appeared repeatedly, I think to download a new virus database; the window said it was trying to reach something like “download854.avast.com”. I just kept canceling them until the scan finished. I hope that didn’t create any problems with the scan…
None at all
Infected copy of c:\windows\system32\drivers\termdd.sys was found and disinfected.Bad boy is now dead ;D
Restored copy from - Kitty had a snack
What are your current problems ?
http://img233.imageshack.us/img233/7729/mbamicontw5.gif
Please download Malwarebytes’ Anti-Malware from Here.
Double Click mbam-setup.exe to install the application.
[*]Make sure a checkmark is placed next to Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware, then click Finish.
[*]If an update is found, it will download and install the latest version.
[*]Once the program has loaded, select “Perform Quick Scan”, then click Scan.
[*]The scan may take some time to finish,so please be patient.
[*]When the scan is complete, click OK, then Show Results to view the results.
[*]Make sure that everything is checked, and click Remove Selected.
[]When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
[]The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
[*]Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
Yay!! It looks like the problem is fixed. One of the buttons on my mouse stopped working, but I got it back. The MBAM scan didn’t turn up anything.
Thanks so much for your assistance.
Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org
Database version: 4171
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
6/5/2010 5:17:37 PM
mbam-log-2010-06-05 (17-17-37).txt
Scan type: Quick scan
Objects scanned: 128553
Time elapsed: 10 minute(s), 50 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I will remove my tools now and give some recommendations, but I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean 
A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:
Click Start > Run and copy/paste the following bolded text into the Run box and click OK:
ComboFix /Uninstall
Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself. MBAM can be uninstalled via control panel add/remove along with ERUNT. But they may be useful tools to keep
We will now confirm that your hidden files are set to that, as some of the tools I use will change that
[*]Click Start.
[*]Open My Computer.
[*]Select the Tools menu and click Folder Options.
[*]Select the View Tab.
[*]Under the Hidden files and folders heading select Do not show hidden files and folders.
[]Click Yes to confirm.
[]Click OK.
SPRING CLEAN
Download TFC to your desktop
[*]Open the file and close any other windows.
[*]It will close all programs itself when run, make sure to let it run uninterrupted.
[*]Click the Start button to begin the process. The program should not take long to finish its job
[*]Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
THEN
Download Flush Flash from Here and follow the easy to use instructions on the same page
NEXT
Download and run Puran Disc Defragmenter
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
[*]SpywareBlaster to help prevent spyware from installing in the first place.
http://img233.imageshack.us/img233/7729/mbamicontw5.gif
Malwarebytes. Run weekly to keep your system clean
It is critical to have both a firewall and anti virus to protect your system and to keep them updated.
To keep your operating system up to date visit
[*]Microsoft Windows Update
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?
Keep safe 
I thought I would report back with two odd things that have happened. I use a Microsoft optical trackball instead of a mouse, and in the time since we did the ComboFix remedy, the “Back” button would stop working after using my browser for a while. I could revive it by opening the software for it (Intellipoint). That got annoying, so I checked for an unpdated driver, found one, installed it, and the problem seems to have gone away. But of course, I don’t know for sure that whatever caused the problem in the first place is gone, too.
Today, I got one of those Microsoft error messages about a program needing to close. The program was the HP Framework Component Manager. Microsoft pointed me to a fix on the HP site, which I had actually installed not long ago to keep it from hanging during system shutdown (a little irritation I had put up with for years). But I have never seen it crash and cause this kind of error message before, so I thought it was worth mentioning.
Other than those two things, everything else seems fine.
Might be worth re-installing that hotfix for HP
Have done. Thanks again for all the help.