Ok lets first download Killbox from
http://www.spyware911.net/downloads/KillBox.exe
Open it and in the space perovided paste each line below then tick the delete on reboot oiption followed by the red x. Howwever do not reboot until I teell you specifically please.
These are the files to be pasted:
C:\WINNT\system32\cattrace.exe
C:\WINNT\system32\vidctrl
C:\WINNT\system\kooqkcmmm.exe
C:\WINNT\system32\calpwd.exe
c:\winnt\system32\akexfjx.exe
C:\WINNT\system32\PSof1.exe
Now reboot and upon rebooting I want you to go into safe mode as outlined here :
http://www.cyberanswers.org/forum/index.ph...age&pg=safemode
When in safe mode rescan once again with hijack, insert a check next to these items then click "fix checked"
O2 - BHO: VBRunDLL Class - {197B8CA4-E215-46DD-8F33-E0544A80E5C4} - C:\WINNT\system32\vbrundll.dll
O4 - HKLM\..\Run: [PSof1] C:\WINNT\system32\PSof1.exe
O4 - HKLM\..\Run: [qssh39l] cattrace.exe
O4 - HKLM\..\Run: [regsync] C:\WINNT\system32\regsync.exe
O4 - HKLM\..\Run: [vidctrl] C:\WINNT\system32\vidctrl\vidctrl.exe
O4 - HKLM\..\Run: [ysaagix] c:\winnt\system32\akexfjx.exe r
O4 - HKCU\..\Run: [bB3nRVJEh] calpwd.exe
O16 - DPF: {511073AD-BE56-4D43-AE68-93390514385E} (TechToolsActivex.TechTools) - hcp://system/TechTools.CAB
O16 - DPF: {739E8D90-2F4C-43AD-A1B8-66C356FCEA35} (RunExeActiveX.RunExe) - hcp://system/RunExeActiveX.CAB
Reboot normally, run an online scan at one of these sites
http://www.cyberanswers.org/forum/index.ph...ge&pg=virusscan and be sure to set the auto clean option .
Then rescan again and post a fresh hijack log please.