That code is for Generic Potentially Unwanted Pgm, an as-yet unidentifed malicious software..
Can you connect to one of these sites now, with TDSSServ disabled?
==Please download Malwarebytes' Anti-Malware
from: http://www.majorgeeks.com/Malwarebyt...are_d5756.html
or: http://www.besttechie.net/tools/mbam-setup.exe
=Dclick that file, mbam-setup.exe, to install the application,
-ensure that it is set to update and start, else start it via the icon.
Select "Perform Full Scan", then click Scan; the application will guide you through the remaining steps.
ENSURE that EVERYTHING found has a CHECKMARK against it, then click Remove Selected.
If malware has been found [and removed] MBAM will automatically produce a log for you... do not click the Save Logfile button.
When it completes examine the log: if some files are listed as Delete on Reboot then restart your machine before continuing.
Post the Notepad log [it is also saved under Logs tab in MBAM].
If you can not connect and dl that file, then try this instead:
==Download this file to your DESKTOP: http://download.bleepingcomputer.com/sUBs/ComboFix.exe
.....or this file: http://subs.geekstogo.com/ComboFix.exe
-IMPORTANT! : disconnect from the web, turn off your Antivirus, Antispyware and Firewall for the duration of this scan. Don't forget to reset them before you go back on the web!
- to run it dclick the Combofix.exe icon and follow the prompts to start it. When finished, it will produce a log, C:\Combofix.txt - post that log in your next reply.
A word of caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs reboot to restore the desktop.

Hi gerbil.Seems that I can log in to Major Geeks,but couldn't download Malwarebytes.For besttechie,it returns 404 not found.So,I'm now trying to d/load bleepingcomputer.com,but it takes a while.I don't know why,but the d/load speed is very slow.I'll get back to you soon as I finish accomplish all the instruction you gave me.Thanks.

Hello gerbil,I've just finish scanning using Combofix.It takes quite a while,but I manage to complete it as you asked me to do.Here's the log - ComboFix 08-12-03.04 - sam08 2008-12-04 23:56:57.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1614 [GMT 8:00]
Running from: c:\documents and settings\sam08\Desktop\comfix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\crypts.dll
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Drivers\TDSSmxoe.sys
c:\windows\system32\pthreadVC.dll
c:\windows\system32\rs32net.exe
c:\windows\system32\TDSScixx.dll
c:\windows\system32\TDSSmhxw.dll
c:\windows\system32\TDSSmtpe.dat
c:\windows\system32\TDSSncur.dll
c:\windows\system32\TDSSnmxh.log
c:\windows\system32\TDSSoeqh.dll
c:\windows\system32\TDSSqxtx.dll
c:\windows\system32\TDSSwgod.log
c:\windows\system32\TDSSyavu.dll
D:\resycled
d:\resycled\boot.com

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NPF
-------\Legacy_TDSSSERV.SYS
-------\Service_NPF
-------\Service_TDSSserv.sys


((((((((((((((((((((((((( Files Created from 2008-11-04 to 2008-12-04 )))))))))))))))))))))))))))))))
.

2008-12-02 22:46 . 2008-12-02 22:46 <DIR> d-------- C:\Deckard
2008-12-02 18:20 . 2008-04-14 08:12 116,224 --a--c--- c:\windows\system32\dllcache\xrxwiadr.dll
2008-12-02 18:20 . 2001-08-17 22:37 99,865 --a--c--- c:\windows\system32\dllcache\xlog.exe
2008-12-02 18:20 . 2001-08-17 22:37 27,648 --a--c--- c:\windows\system32\dllcache\xrxftplt.exe
2008-12-02 18:20 . 2001-08-17 22:36 23,040 --a--c--- c:\windows\system32\dllcache\xrxwbtmp.dll
2008-12-02 18:20 . 2004-08-03 22:29 19,455 --a--c--- c:\windows\system32\dllcache\wvchntxx.sys
2008-12-02 18:20 . 2008-04-14 02:46 19,200 --a--c--- c:\windows\system32\dllcache\wstcodec.sys
2008-12-02 18:20 . 2008-04-14 08:12 18,944 --a--c--- c:\windows\system32\dllcache\xrxscnui.dll
2008-12-02 18:20 . 2001-08-17 12:11 16,970 --a--c--- c:\windows\system32\dllcache\xem336n5.sys
2008-12-02 18:20 . 2004-08-03 22:29 12,063 --a--c--- c:\windows\system32\dllcache\wsiintxx.sys
2008-12-02 18:20 . 2001-08-17 22:37 4,608 --a--c--- c:\windows\system32\dllcache\xrxflnch.exe
2008-12-02 18:18 . 2001-08-17 22:36 495,616 --a--c--- c:\windows\system32\dllcache\sblfx.dll
2008-12-02 18:17 . 2001-08-17 13:28 899,146 --a--c--- c:\windows\system32\dllcache\r2mdkxga.sys
2008-12-02 18:16 . 2001-08-17 13:28 802,683 --a--c--- c:\windows\system32\dllcache\ltsm.sys
2008-12-02 18:15 . 2008-04-14 08:11 702,845 --a--c--- c:\windows\system32\dllcache\i81xdnt5.dll
2008-12-02 18:14 . 2001-08-17 14:56 1,733,120 --a--c--- c:\windows\system32\dllcache\g400d.dll
2008-12-02 18:13 . 2001-08-17 12:13 980,034 --a--c--- c:\windows\system32\dllcache\cicap.sys
2008-12-02 18:12 . 2001-08-17 13:28 871,388 --a--c--- c:\windows\system32\dllcache\bcmdm.sys
2008-12-02 18:11 . 2001-08-17 13:28 762,780 --a--c--- c:\windows\system32\dllcache\3cwmcru.sys
2008-11-30 12:36 . 2008-12-04 21:36 2,259 --a------ c:\windows\system32\TDSSnrsr.dll
2008-11-30 12:28 . 2008-11-30 12:28 104,448 --a------ c:\windows\system32\winhlp.exe
2008-11-30 12:24 . 2008-11-30 12:25 2 --a------ C:\1151076018
2008-11-29 20:37 . 2008-11-29 22:45 <DIR> d-------- c:\documents and settings\sam08\Application Data\vlc
2008-11-28 17:42 . 2008-11-28 17:41 410,976 --a------ c:\windows\system32\deploytk.dll
2008-11-28 17:25 . 2008-11-28 17:25 <DIR> d-------- c:\windows\system32\LogFiles
2008-11-28 16:10 . 2008-11-28 17:44 <DIR> d-------- c:\program files\Java
2008-11-28 16:10 . 2008-11-28 17:41 73,728 --a------ c:\windows\system32\javacpl.cpl
2008-11-25 20:43 . 2008-11-25 20:43 <DIR> d-------- c:\program files\CCleaner
2008-11-23 10:43 . 2008-11-23 10:43 <DIR> d--h----- c:\documents and settings\All Users\Application Data\CanonBJ
2008-11-23 10:43 . 2005-03-25 13:10 139,776 --a------ c:\windows\system32\CNMLM76.DLL
2008-11-23 10:43 . 2005-03-09 02:17 90,112 -ra------ c:\windows\system32\CNMCP76.exe
2008-11-23 10:43 . 2005-03-25 13:00 8,704 --a------ c:\windows\system32\CNMVS76.DLL
2008-11-23 10:37 . 2008-04-14 02:47 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2008-11-23 10:37 . 2008-04-14 02:47 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2008-11-22 14:14 . 2008-11-30 18:15 <DIR> d-------- c:\documents and settings\sam08\Application Data\dvdcss
2008-11-17 00:19 . 2008-11-17 00:19 <DIR> d-------- c:\windows\system32\scripting
2008-11-17 00:19 . 2008-11-17 00:19 <DIR> d-------- c:\windows\system32\en
2008-11-17 00:19 . 2008-11-17 00:19 <DIR> d-------- c:\windows\system32\bits
2008-11-17 00:17 . 2008-11-17 00:17 <DIR> d-------- c:\windows\ServicePackFiles
2008-11-16 01:18 . 2008-11-16 01:18 <DIR> d--h----- c:\windows\PIF
2008-11-15 22:33 . 2008-12-04 09:57 <DIR> d-------- c:\documents and settings\sam08\.tfo3
2008-11-15 22:32 . 2008-12-04 09:57 <DIR> d-------- c:\program files\ThinkFree Office
2008-11-15 17:39 . 2008-11-15 17:39 <DIR> d-------- c:\documents and settings\sam08\Application Data\Media Player Classic
2008-11-15 07:25 . 2008-04-14 08:12 2,134,528 --a--c--- c:\windows\system32\dllcache\smtpsnap.dll
2008-11-15 07:24 . 2008-04-14 08:11 1,888,992 --a--c--- c:\windows\system32\dllcache\ati3duag.dll
2008-11-13 18:41 . 2008-11-13 18:41 <DIR> d-------- c:\program files\ConvertHelper
2008-11-13 15:58 . 2008-11-13 15:58 <DIR> d-------- c:\program files\IObit
2008-11-13 14:04 . 2008-11-13 14:19 <DIR> d-------- c:\program files\BitComet
2008-11-13 12:54 . 2008-11-13 13:23 <DIR> d-------- c:\windows\BDOSCAN8
2008-11-13 03:02 . 2008-11-13 03:02 <DIR> d-------- c:\program files\MSXML 6.0
2008-11-13 03:01 . 2008-12-02 20:40 <DIR> d--h----- c:\windows\$hf_mig$
2008-11-13 03:01 . 2008-11-13 03:01 <DIR> d-------- c:\program files\MSXML 4.0
2008-11-13 03:00 . 2004-08-04 07:56 221,184 --a------ c:\windows\system32\wmpns.dll
2008-11-13 03:00 . 2007-08-10 20:46 26,488 --a------ c:\windows\system32\spupdsvc.exe
2008-11-12 19:34 . 2008-11-12 19:34 <DIR> d-------- c:\documents and settings\sam08\dwhelper
2008-11-12 19:34 . 2008-11-12 19:34 <DIR> d-------- c:\documents and settings\LocalService\Application Data\SACore
2008-11-12 18:35 . 2008-11-12 18:35 <DIR> d-------- c:\documents and settings\sam08\Application Data\Malwarebytes
2008-11-12 18:28 . 2008-11-12 18:28 <DIR> d-------- c:\documents and settings\sam08\WINDOWS
2008-11-12 17:19 . 2008-11-12 17:19 <DIR> d-------- c:\documents and settings\sam08\Application Data\TMP

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-02 05:16 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2008-12-02 05:09 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-02 05:09 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-15 14:19 --------- d-----w c:\program files\McAfee
2008-11-12 14:15 --------- d-----w c:\program files\Google
2008-11-12 13:45 --------- d-----w c:\program files\Trend Micro
2008-11-12 11:17 --------- d-----w c:\documents and settings\All Users\Application Data\McAfee
2008-11-12 11:02 --------- d-----w c:\documents and settings\All Users\Application Data\SiteAdvisor
2008-11-12 11:00 --------- d-----w c:\program files\Common Files\McAfee
2008-11-12 10:59 --------- d-----w c:\program files\McAfee.com
2008-11-12 10:41 --------- d-----w c:\program files\Common Files\Adobe AIR
2008-11-12 10:40 --------- d-----w c:\program files\Common Files\Adobe
2008-11-12 10:39 --------- d-----w c:\program files\VideoLAN
2008-11-12 10:38 --------- d-----w c:\program files\DivX
2008-11-12 10:35 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-12 10:29 --------- d-----w c:\program files\TM Net
2008-11-12 10:29 --------- d-----w c:\program files\Common Files\FTL Shared
2008-11-12 10:25 11 ----a-w C:\SelfTests.dat
2008-11-12 10:23 --------- d-----w c:\program files\WinPcap
2008-11-12 09:19 --------- d-----w c:\program files\Marvell
2008-11-12 08:42 --------- d-----w c:\program files\Common Files\InstallShield
2008-11-12 08:26 --------- d-----w c:\program files\microsoft frontpage
2008-11-12 08:22 --------- d-----w c:\program files\Windows Media Connect 2
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 06:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 06:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 06:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 06:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 06:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 06:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 06:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 06:08 34,328 ----a-w c:\windows\system32\wups.dll
2008-10-16 06:06 268,648 ----a-w c:\windows\system32\mucltui.dll
2008-10-16 06:06 208,744 ----a-w c:\windows\system32\muweb.dll
2008-09-30 08:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:14 1,307,648 ----a-w c:\windows\system32\msxml6.dll
2008-09-04 17:15 1,106,944 ----a-w c:\windows\system32\msxml3.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-01-09 8523776]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-01-09 81920]
"%FP%TM Net fts.exe"="c:\program files\TM Net\tmnet streamyx dialer\fts.exe" [2004-01-07 77312]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2008-07-11 641208]
"McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2008-06-13 1176808]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-16 479232]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-28 136600]
"nwiz"="nwiz.exe" [2008-01-09 c:\windows\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-06-13 c:\windows\RTHDCPL.EXE]
"SkyTel"="SkyTel.EXE" [2007-05-28 c:\windows\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IE7-11"="advpack.dll" [2008-08-26 c:\windows\system32\advpack.dll]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\McAfee\\MNA\\McNASvc.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"17182:TCP"= 17182:TCP:BitComet 17182 TCP
"17182:UDP"= 17182:UDP:BitComet 17182 UDP
"10920:TCP"= 10920:TCP:BitComet 10920 TCP
"10920:UDP"= 10920:UDP:BitComet 10920 UDP
"14531:TCP"= 14531:TCP:BitComet 14531 TCP
"14531:UDP"= 14531:UDP:BitComet 14531 UDP
"21508:TCP"= 21508:TCP:BitComet 21508 TCP
"21508:UDP"= 21508:UDP:BitComet 21508 UDP
"27182:TCP"= 27182:TCP:BitComet 27182 TCP
"27182:UDP"= 27182:UDP:BitComet 27182 UDP

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\McAfee\SiteAdvisor\McSACore.exe" [2008-11-12 203280]
.
Contents of the 'Scheduled Tasks' folder

2008-11-14 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2008-07-09 18:10]

2008-11-30 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2008-07-09 18:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm
FireFox -: Profile - c:\documents and settings\sam08\Application Data\Mozilla\Firefox\Profiles\sppmb9tg.default\
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - c:\program files\Java\jre6\bin\new_plugin\npjp2.dll
FF -: plugin - c:\program files\Mozilla Firefox\plugins\npdeploytk.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-04 23:59:12
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(580)
c:\program files\McAfee\SiteAdvisor\saHook.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\windows\system32\rundll32.exe
c:\progra~1\COMMON~1\McAfee\MNA\McNASvc.exe
c:\progra~1\COMMON~1\McAfee\McProxy\McProxy.exe
c:\progra~1\McAfee\VIRUSS~1\Mcshield.exe
c:\program files\McAfee\MPF\MpfSrv.exe
c:\program files\McAfee\MSK\msksrver.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2008-12-05 0:01:50 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-04 16:01:31

Pre-Run: 9,544,310,784 bytes free
Post-Run: 9,515,438,080 bytes free

237 --- E O F --- 2008-12-02 12:40:57
Hope we'll get all this over soon.Is there anything else,just tell me. I really appreciate your helpful efforts.Thank you.

Sham, please delete these files:

c:\windows\system32\TDSSnrsr.dll
c:\windows\system32\winhlp.exe
c:\documents and settings\sam08\.tfo3

This is a good delete tool if you require it:
==This one is a general purpose deleter, Unlocker: http://filehippo.com/download_unlocker/
Dclick the exe to install it, unchecking the updater and assistant boxes. It runs from the rclick context menu, and that is cool.
But they should delete in Safe Mode, if not normal mode. Tell me if you cannot find any of them.
Now try to folow the MBAM instructions. Do a quick scan, then follow with a hijackthis log, please.

Hi gerbil,I can't find the 3 files: c:\windows\system32\TDSSnrsr.dll
c:\windows\system32\winhlp.exe
c:\documents and settings\sam08\.tfo3
As for MBAM,as I told you,I only can enter the website Master Geek, but I can't download the application.What should I do now?

Sorry gerbil.I have deleted all the files that you ask me to.And here is HJT log- Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:21:59 AM, on 12/5/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TM Net\tmnet streamyx dialer\fts.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\TM Net\Diagnostic Tool\tmnet connect.exe
C:\Program Files\TM Net\tmnet streamyx dialer\fwportal.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [%FP%TM Net fts.exe] "C:\Program Files\TM Net\tmnet streamyx dialer\fts.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\RunOnce: [IE7-11] rundll32 advpack.dll,LaunchINFSection NR_IE7en.inf,AfterUserStart (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IE7-11] rundll32 advpack.dll,LaunchINFSection NR_IE7en.inf,AfterUserStart (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{841AAABE-BD17-4865-A202-0C7938A8C935}: NameServer = 202.188.0.133 202.188.1.5
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 8045 bytes

Sham... sorry.. this c:\documents and settings\sam08\.tfo3 is actually a folder .tfo3. Delete that folder.
So how is web access now?

Hello gerbil.Sorry for not replying to your last message.I was away to my brothers,and unfortunately there was no Internet connection at his place.About my problem,I am going to reformat my PC.It's the best way that I should do,because there still problems after problems arise.Seems there's no solution.By the way,for all this time,I would like to thank you for your endless efforts.I really appreciate it.

Okay, sham, you are at the sharp end, experience what I cannot see. Sorry I could not help further.

Hi gerbil,thanks for your reply.I think it will be the right move to make. Since the last time I deleted the files and folders,there were mess in the registry system (several program stopped working).I don't know what has happened and I began frustrated and tired of all these.But you were a great help during the period and maybe it have to be end like these.One thing that obvious to me is there will always help from Daniweb.com.You guys really rock.Thanks.