Drop.Agent.AB + Ramnit.C + possibly redirect on friends machine

Dear Major Geeks,

a friend of mine asked me to look at his laptop. It has the only version of his dissertation on it. OF COURSE NO BACKUPS:.........

it started off with a redirect off of google search results like Brüno on wikipedia (don't ask how i know) would link to an ad page ...douglas.com...

i cleared the usual caches and the Temp files, started scanning with ccleaner, mbam, spybot and sophos and defender. Only MBAM would find 6 files which i was able to delete clear by booting off a Ubuntu disk. After rebooting windows MBAM found 4 more files that weren't there before. So i got my hands on a Desinfec't 2011 DVD and booted into the altered Ubuntu and started scanning with the installed programms. These are Avira, Bitdefende, ClamAV and Kaspersky. All updated etc. It is now 5 hours into the Avira Scan (the first of the bunch) and i have about 900 hits on HTML/Drop.Agent.AB and a couple of W32/Ramnit.C hits.

I'm not even sure what will happen when the scan is finished (I read in a German forum that the 2011 Version only shows you the files, and frankly I'm not that fluent in Ubuntu).

The Laptop is a Dell running Win7 Home or Pro. The Virus that MBAM had originally found was a password logger. While that was still active the System Restore Tab was missing and msconfig etc couldn't be started. Also updates of Antivirus software was blocked. Eversince the Laptop is with me i haven't let it online. I don't want to infect my own system while is still don't know how to get rid of it. I can't believe the stupidity sometimes but then again i bet he didnt mean to.

The data on the laptop represents 4 years of work so formatting or at least not cleaning up files in not an option. I have never seen anything like this. Sooooooo many infected files. I need help majorgeeks.

 

The Scan with Desinfec't is still running.... in its 18th hour. as soon as it i can reboot in windows ill let you know. Thanks in advance. (salut) private peppermintyish

 

As i know found out my frenemy had his laptop online at his work place and the local admin has no clue about virusprotection. So my question would be is if Eset finds no viruses does that mean the machine(s) is(are) clean?