@sereena , just to let you know that you have installed on your system some complex malware. :smiley:

Do the following…

Open notepad and copy/paste all text present inside the code box below:


KillAll::

Folder::
c:\documents and settings\Administrator\Application Data\Ywcoce

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9190:TCP"=-

Driver::
errf
AMService
jnlpdpeaz
krfntdy
rtlwm

NetSvc::
jnlpdpeaz
rtlwm

File::
c:\windows\system32\drivers\aabgcg.sys
c:\windows\TEMP\qjgi\setup.exe

Firefox::
FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kwjbn76x.default\
FF - prefs.js: keyword.URL - hxxp://www.scanquery.com/?tmp=nemo_results_removelink&prt=ScnqryPB&keywords=

Rootkit::
c:\windows\system32\cacaw.dll

FileLook::
c:\windows\system32\bootcfgt.dll


Save this as CFScript.txt

http://img213.imageshack.us/img213/1218/cfscript1.gif

Close all browser windows and refering to the picture above.

Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will will re-run. When finished, it will produce a log for you.
Attach the contents of the log in your next reply. (typical location: C:[b]ComboFix.txt[/b] )