you wont fix your problems until you remove that malware. unfortunately not all signature base scanners will detect and remove it. your bet bet is to do a hjt scan, save the log and post it on the cnet HJT forums.
an alternative is
there are many more also.
hjt can be downloaded here, change teh executable name before you run teh scan for maximum effect.
one tool you might need to delete startup entries for the malware is autoruns. deleting teh startup then rebooting means files can easily be deleted. there might be more than one piece of malware there so best to get hjt log analysed first.
antihookexec is a program you can run in conjunction with anti malware apps. it helps these programs detect user mode rootkits, which are used to hide malware elements
pop the antihookexec.exe into C:\windows\system32 folder. and from teh command line you can run programs by typing
antihookexec "C:\program files\autoruns\autoruns.exe"
or you can put auto runs into your system32 folder and type in a command line
i would run antihookexec in conjunction with autoruns and HJT.
you might find that you may have a rootkit, which is stealth malware.
rootkitty is included on UBCD, you need a windows xp installation disc to make a UBCD though. UBCD can be used for many diagnostics including unimpeded virus scans. rootkitty does two scans, one when windows is booted is loaded normally, you save teh results to a text file, and another scan when booted with UBCD, save teh results to a text file and compare them. its finds discrepencies, or hidden software.
rootkit revealer searches for api hooking, which finds user mode rootkits.
icesword finds dkom rootkits and other kernel mode rootkits
darkspy is a superior rootkit finder if used correctly. it installs its own rootkit so to speak to hide itself. it has different modes and does and online offline scans.
gmer is a kernel mode anti rootkit app, it find the most common types of hooking
these will produce false posatives because they are heuristic scanners, not definition based. so do scans and make logs and post them on legitimate IT help sites.
one thing to remeber is before removing a rootkit, remove its startup entry first with HJT or autoruns if you can. reboot then you can do your business. im sure if you find a good HJT forum they will have guides how to remove malware.
before doing any rootkit scans, disconnect from the internet physically. close down all security applications, like firewall, anti virus, anti spyware. this is to minimise false pasatives.
prevention is better than cure:-
get rid of avg it is absolute rubbish. weather you like it or not is iirelevant it just does not do a good job at all. use avast. its free and has anti rootkit GMER technology
also download sandboxie, there is an explination with simple pictures to what it does on its homepage. it catches 99% of browser based nasties. use it in conjunction with your browser
problem is when you run your browser all its application data is loaded into teh sandbox, so any changes you make will be made to the sandboxed version, this includes bookmarks, noscript rules, etc. so when you delete it your bookmarks etc will be lost. to get round it you can make a batch file to run before you delete it. bookmarks for firefox are stored in a file called sqlite, search for it. im not sure where ie stores its bookmarks as i dont use it, and i have yet to find out whene noscript stores its rules.
use firefox(because its better) with:-
http://noscript.net/ - blocks scripts which is a common way to transmit malware. easy to use.
https://addons.mozilla.org/en-US/firefox/addon/3456 - Web Of Trust, provides ratings on weather a website is trusted or not, its is a top program. keep it updated to be effective.
last but not least
http://www.abelhadigital.com/ - if you keep it regularly updated it will simply block bad websited. how it does it is through your HOST file foud C:\windows\system32\drivers\etc\hosts it can be opened and edited with a text editor.
after updating you might find that a website youw ant to use is blocked, like myspace for example. open your hosts with a text editor and press ctrl + f, this will prompt a "find" box. type myspace.com and delete all the entries for myspace. then save. that is the basics of editing your host file.
anythin you want to block, use teh format that is already there, there will be thousands of entries made by hostman. note hostman does not need to run constantly, only when updating.
phew, hope this helps. i passionately hate malware =)