Thank you very much, greatly appreciated

Hi

Please run a SysProt log for us so we can check your system for rootkit activity. You will need to disable Norton auto-protect while you run the scan.

Once it is downloaded to your desktop, right click on the SysProt icon, go to properties, and click unblock and apply.

Choose log, check all the boxes except show hidden objects only and scan.

You will be able to post the log here using the "add attachments" link just below the orange post button.

http://homepages.slingshot.co.nz/~crutches/SysProt

Quads 

Here it is:

I scanned it with AVG still intact, now i can delete this right? and enable Norton?

Hi

1.  Download Combofix  to your Desktop, http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Don't use yet.

2. I have Personal Messaged you the script between the lines, look for the yellow envelope at the upper right hand side.   Copy the Script.

3.  Open Notepad and paste it in to notepad with the first line being killall::

4. Save the script as "CFScript.txt"       CFScript.txt is what you see on your desktop after saving.

5. Disable Nortons Auto-Protect and Firewall. PLUS AVG as well

6.  Drag and drop CFScript.txt on top of Combofix.exe, like when you drop files into the recycle bin.

7. Combofix will start,  When it is scanning don't move the mouse cursor inside the box, can cause freezing.

Combofix will create a log at the finish

Quads 

Hi Quads,

Combofix detected the following real time scanner to be active, Norton Internet Security,

but i disabled auto protect and firewall already.... i went to settings:Basic security: auto protect off, 

for the firewall, i went to Norton Internet Security Settings which is also in the settings tab, and i went to personal firewall and turned it off

is that correct? Or did i forgot something

Right click the systray icon and see what it says on the menu??

Quads 

Here:

<<Edit: image resized to fit into the screen>>

2nd one:

<<Edit: Image resized to fit into the screen>>

Hi

1. Disable the Spyware protection to

2. before you drop the CFScript on Combofix Close your browser

Quads 

Like that?

<<edit: Image resized for better viewing>>

But the home screen still says its secure...sorry, i really don't know how, i looked up on internet already...

<<Edit: Image resized for better viewing>>

OK 

It could be that it's the way the Rootkit is fooling things, or the fact you have AVG and Norton installed.

Just dump CFScript.txt on top of Combofix.exe and go for it.

Quads 

Ok, the log is complete, i saved it, but i cannot open anything, firefox, opera,...etc, or word files...

anything i try to open gives me a messege "illegal operation attempted on a registry key that has been marked for deletion" 

but the pictures that i've uploaded previously can still be opened.....

Hi

Please post the Combofix. log

Quads 

here

Ok try

Quads 

I did, and the same messege pops up, im using my old, virus free, i hope computer,

and the same message pops up........

do i just restart?

After typing 'netsh winsock reset" and clicking Ok you have to restart the PC for it to take effect

Quads 

i meant that after i click ok, the message pops up

Yep