Win32:crypt-GMZ (DRP)

How do you eliminate and clear all traces of the Win32:crypt-gmz (DRP) revolving infection? It produces objects named C\Windows\temp\xxxx.temp\svchost.exe
where xxxx changes every 10 minutes.

The malware redirects searches on Mozilla and IE8 to questionable advertising sites and prevents use of the BACK button. AVAST blocks and moves the infection to the chest as it transforms itself but the infection reappears minutes later with a different name.

ACTIONS TAKEN

  1. I’ve scanned with Malware Bytes, Spybot, and SuperAntiSpyware and none detect infections.
  2. I delete my temp files every hour
  3. I’ve unchecked “use a proxy server for your LAN” under LAN setting.

Thanks for any guidance.

Follow the instructions listed here for starters: http://forum.avast.com/index.php?topic=53253.0
The guide will tell you to run Mbam then OTL w/instructions.
You already ran Mbam, but probably run it again right before OTL anyway.

Thanks for your response.