Win32:Trojan-Gen + Win32:Agent-VGV + Blocked regedit= Oh, Mine!

I’ve got I problem (My Eng is not perfect, so … here could be come mistakes).
Some times later my comp. started to send Spam… As I understood svhost sended packeges (don;t know how to translate) to a lot of SMTP servers… and no one of my 5 Antivirs (Avast+SpyWareTerm+DrWeb CurIT+some alse…) haven’t found no viruses… I’ve tried close 25th port (SMTP port), but regedit was blocked too… so… and every time I got to Internet Avast messeged me, that have found Win32:Trojan-Gen and Win32:Agent-VGV… but every time I’ve delited them, they come back… I’ve made pre-Windows-loading scan… after that I’ve repared Windows at all… nothing… then… there were some new avasts’ bases after that, I’ve delited these files at all… but (!)… after that trafic’s going out faster anf faster!.. and… help me please…(((…
Waiting,
Ben…

I suggest:

  1. Disable System Restore and then reenable it again.
  2. Clean your temporary files.
  3. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
  4. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
  5. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
  6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
  7. Immunize your system with SpywareBlaster or Windows Advanced Care.
  8. Check if you have insecure applications with Secunia Software Inspector.

HI
while you are running down tech’s list
BE SURE TO CLICK MOVE TO CHEST for any AVAST HITS

please post up the avast boot time log so we can see exactly what we are dealing with
please do not delete/remove but take the recommend action -move to chest in case we need to upload for examination

are your current finds in the chest?? (ignore the 3 System backup files in the Avast chest)

if the WORM is not gone after the above post you could try
trend micro’s housecall
for the WIN32 Agent-VGV worm although most things should get this one unless it has recently morphed
http://housecall.antivirus.com/

If the worm is not gone

"1. Disable System Restore and then reenable it again.
2. Clean your temporary files.
3. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
4. Use SUPERantispyware, MBAM or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
"

Already done… first of all done…

wyrmrider, understood only few words… wright antother way, please…
Logs:

With your Avast Scan - did you send all of those hits to the Chest as recommended?
Were there any that could not be dealt with

Tech’s line 4
please scan with Malware bytes anti malware
put a check mark next to all malware and
CLICK REMOVE
post the log

Your Hosts File appears to be corrupted

here is a detailed write up but we are already doing many of these things
http://www.dslreports.com/faq/10131

after running the MBAM scan with HJT and put a checkmark next to all the 01 Hosts related items
in the attached
the formatting sucks but you can see the entries
then click FIX CHECKED
post a new hjt and the MBAM results