Considering what I've had you run so far, the system is full of malware, particularly entries for System Fix.. I'm going to get some of it out, then I'll directly what to do after:

1. For Eset: Please download OTMovit by Old Timer and save to your desktop.

• Double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  Code:

   
  :Files 
  C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe 
  C:\Program Files\Loaris\Trojan Remover 1.2\ltr12.exe 
  C:\Users\CHINA\Downloads\Unlocker1.9.1.exe
  :Commands
  [purity]
  [emptytemp]
  [start explorer]
  [Reboot]

• Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
• Click the red Moveit! button.
• A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
• Close OTMoveIt3

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
=======================================
2. For HijackThis: Please reopen HJT to do system scan only. Check each of the following, if found:
R3 - URLSearchHook: (no name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O3 - Toolbar: PandoraTV Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (file missing)
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [facemoods] "C:\Program Files\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED

Close all Windows except HJT and click on Fix Checked.
=========================================
Please go ahead and run these. I'll be back in the morning with the OTL fix. There were so many entries to remove I had to set up another fix- I'm going to try and get all the System Fix entries off the system, then I'll have you run Combofix. It is on your system and has set up the Qoobox which is the Quarantine folder.

I am just beat and am going to close down early tomight.

Are you by any chance using an ISP in the Arab Emirates? This is a global board, so I have to ask.
IP 213.42.20.20 > country: AE
IP 195.229.241.222> AE
IP 168.254.254 > unknown
DhcpNameServer = 213.42.20.20 195.229.241.222
-------------------------------------------
If the answer is NO, please do the following:
You will need to do a DNS Flush, then reset your router.
Start> Run> type cmd> enter> at the C prompt type ipconfig /flushdns (note space before the /)

Exit the Command prompt when finished and shut the system down.-

• 
  [1]. Shut down your computer, and any other computer connected to your router.
  [2]. On the back of the router, there should be a small hole or button labelled RESET. Using a bent paper clip or similar item, hold that in continuously for twenty seconds.
  [3]. Unplug the router. Wait sixty seconds.
  [4].Now holding again the reset button, plug it back in. Continue holding the reset button for twenty seconds. Unplug the router again.
  [5].With the router unplugged, start your computer.
  [6].Connect to the router again. The turn the router back on.
  [7].When it stabilizes, reboot your workstation and try to access the internet. If you have any issues, access the Router configuration page and re-enter your authentication information.
  [8]. Reboot the system and test the internet. You may have to reconfigure the router settings based on your setup.

=======================================
Please see the end of my Reply #9 for these instructions:
Download CKScanner and save to your desktop.
======================================
OTL Custom Scan Fixes

• Run OTL
• Copy the contents of the Code box and paste in the Custom Scans/Fixes box at the bottom:
  
  Code:

  :OTL
  IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSour...ctid=CT1561552
  IE - HKCU\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found
  IE - HKCU\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No CLSID value found
  FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
  FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.4.1
  O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
  O3 - HKLM\..\Toolbar: (no name) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - No CLSID value found.
  O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  O33 - MountPoints2\{7fd9d173-2f85-11e0-9e54-001a8040a472}\Shell - "" = AutoRun
  O33 - MountPoints2\{7fd9d173-2f85-11e0-9e54-001a8040a472}\Shell\AutoRun\command - "" = "E:\WD SmartWare.exe" autoplay=true
  O33 - MountPoints2\{f3197f3d-8621-11e0-ae3d-e0d8d184ce50}\Shell - "" = AutoRun
  O33 - MountPoints2\{f3197f3d-8621-11e0-ae3d-e0d8d184ce50}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
  O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
  [2011/11/29 18:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\Loaris
  [2011/11/27 22:18:49 | 000,000,000 | ---D | C] -- C:\Windows\Sun
  [2011/11/27 20:48:47 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer
  [2011/11/27 19:59:08 | 000,000,000 | ---D | C] -- C:\Users\CHINA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
  [2011/11/26 23:44:43 | 000,000,000 | ---D | C] -- C:\microsoft
  [2011/11/26 19:30:24 | 000,000,000 | ---D | C] -- C:\temp
  [2011/11/15 22:00:22 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
  [2011/11/29 21:43:31 | 000,302,592 | ---- | M] () -- C:\Users\CHINA\Desktop\rwr6icjr.exe
  [2011/11/27 19:59:14 | 000,000,320 | ---- | M] () -- C:\ProgramData\~HSPrahzOqQdUyT
  [2011/11/27 19:59:14 | 000,000,224 | ---- | M] () -- C:\ProgramData\~HSPrahzOqQdUyTr
  [2011/11/27 19:59:08 | 000,000,673 | ---- | M] () -- C:\Users\CHINA\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
  [2011/11/27 19:59:08 | 000,000,649 | ---- | M] () -- C:\Users\CHINA\Desktop\System Fix.lnk
  [2011/11/27 19:57:59 | 000,000,336 | ---- | M] () -- C:\ProgramData\HSPrahzOqQdUyT
  [2011/11/16 19:10:23 | 000,003,584 | ---- | M] () -- C:\Users\CHINA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  [2011/11/12 22:43:00 | 000,000,436 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for CHINA.job
  [2011/12/04 21:02:48 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
  [2011/11/27 19:59:14 | 000,000,224 | ---- | C] () -- C:\ProgramData\~HSPrahzOqQdUyTr
  [2011/11/27 19:59:13 | 000,000,320 | ---- | C] () -- C:\ProgramData\~HSPrahzOqQdUyT
  [2011/11/27 19:59:08 | 000,000,673 | ---- | C] () -- C:\Users\CHINA\Application Data\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk
  [2011/11/27 19:59:08 | 000,000,649 | ---- | C] () -- C:\Users\CHINA\Desktop\System Fix.lnk
  [2011/11/27 19:57:59 | 000,000,336 | ---- | C] () -- C:\ProgramData\HSPrahzOqQdUyT
  [2011/06/15 20:09:29 | 000,000,000 | ---D | M] -- C:\Users\CHINA\AppData\Roaming\LimeWireTurbo
  
  :Reg
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
  helpfile [open] -- Reg Error: Key error.
  regfile [merge] -- Reg Error: Key error.
  txtfile [edit] -- Reg Error: Key error.
  Folder [explore] -- Reg Error: Value error.
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
  "VistaSp1" = Reg Error: Unknown registry data type -- File not found
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  "LimeWireTurbo" = LimeWireTurbo
  "NSS" = Norton Security Scan
  
  :Commands
  [purity]
  [emptytemp]
  [emptyflash]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run uninterrupted, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

=============================================
When you have completed the instructions in the previous reply and this current reply, please reboot the computer.Make an attempt to scan with Combofix again> give it time to complete- the more files on a system, the longer it takes. If it won't run, please tell me exactly what happens when you try>
If you get an expired notice when you attempt to use Combofix, uninstall the program you now have

Uninstall ComboFix and all Backups of the files it deleted

• Click START> then RUN
• Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
  
  Then go back to the instructions in Reply #8, download again, run the scan.

Okay, thanks. Then skip the part for the DNS flush and resetting the router and go on with the rest.

Okay, a summary
Asked but not answered: What site did you use for this?
c:\Users\CHINA\download\installer_adobe_acrobat_7_0_professional_7_0_english.exe
PUP.SmsPay.PGen) This is not from the Adobe site.
---------------------------------
What you've done:
1. Mbam scan deletes some malware
2. DDS freeze in middle>
3. Ran Safe Mode> Proxy> Tdss (clean)> Rkill> Still no DDS
4. Full mbam> some malware
5. HJT + fix
6. Combofix hangs,
7. Eset, then OTM
8. CK scan (clean)
9. OTL
10. OTL fix won't run.
===============================================
Reboot the Computer
Describe current problems you are having
=============================================
Revamping:
2. DDS:
Please download this file: xp_scr_fix

Unpack (unzip) the file onto your desktop and double-click it. You will be asked if you wish to merge the file with you registry, say Yes.

You should then be able to run DDS.scr. It's the .scr file extension causing the problem.
======================================
6. NOTE: If, for some reason, Combofix refuses to run, try one of the following:
1. Run Combofix from Safe Mode.
2. Delete Combofix file, download fresh one, but rename combofix.exe to
friday.exe BEFORE saving it to your desktop.
Do NOT run it yet.
-------------------------------------
[Remove the RKill you have now. Download new>>
Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
There are 4 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

• Rkill.com
• Rkill.scr
• Rkill.pif
• Rkill.exe
  
• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run then try to immediately run the following>>>>.

Please download exeHelper by Raktor and save it to your desktop.

• Double-click on exeHelper.com or exeHelper.scr to run the fix tool.
• A black window should pop up, press any key to close once the fix is completed.
• A log file called exehelperlog.txt will be created and should open at the end of the scan)
• A copy of that log will also be saved in the directory where you ran exeHelper.com
• Copy and paste the contents of exehelperlog.txt in your next reply.

Note: If the window shows a message that says "Error deleting file", please re-run the tool again before posting a log and then post the two logs together (they both will be in the one file).

Rkill instructions
Once you've gotten one of them to run

• immediately double click on friday.exe to run
• If normal mode still doesn't work, run BOTH tools from safe mode.

If you have done #2, please post BOTH logs, rKill and Combofix.
Note: Do not reboot after running the above scans> go right on to Combofix
Note 2: If Combofix says 'expired', click on the Refresh button in the toolbar.

Holiday Notice! I will not be working on the threads Sat. Dec. 24 or Sunday Dec. 25. I will begin with the oldest threads first on Monday. I will do my best to get you finished or as far along as I can before that. Please do not send a PM during those days.