With that gone, you no longer see the results of the infection, but you're still not clean. The site that added this to your menu has hijacked your browser, so if you don't pay attention, you'll just keep getting the entry added to your menu. And you also have a couple of trojans and downloaders, which you should get rid of.
Before we start, you need to get some anti-virus software. Download
AVG Free, update it, and scan with it in Safe Mode. You should do the same with
SUPERAntiSpyware. Scanning with those should get rid of most of your infections, but just in case, I will instruct you on what needs to be removed...
Once we start, you won't have access to this post anymore, so I recommend that you
print out this post or save it to a Notepad file. Open HijackThis and scan again. Check the following entries, but don't do anything to them yet...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www/the-exit.com/search
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = http://www.the-exit.com/search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.the-exit.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.the-exit.com/search
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.the-exit.com/search
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,(Default) = http://www.the-exit.com/search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.the-exit.com
O4 - HKLM\..\Run: [RelevantKnowledge] c:\winnt\system32\rlvknlg.exe -boot
O4 - HKLM\..\Run: [erwghjjrjt] c:\winnt\system32\drivers\ucbcg.exe
O15 - Trusted Zone: http://www.neopets.com
O16 - DPF: {00000000-0000-0000-0000-100005000004} - http://code.trasferimento.biz/l/4c791e23a585b1d7ea5127848837a5ed_35.exe
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/4h/player.virtools.com/downloads/player/Inst all3.0/Installer.exe
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/ install/installer.exe
O20 - Winlogon Notify: RelevantKnowledge - C:\WINNT\system32\rlls.dllNow, close
all windows (including this one) besides HijackThis, then click Fix Checked. Close HijackThis and
reboot into Safe Mode and
enable hidden files and folders.
Navigate to and delete the following file(s) if present...
c:\winnt\system32\drivers\ucbcg.exe
C:\WINNT\system32\rlls.dll
c:\winnt\system32\rlvknlg.exeOnce you've done all of this, reboot into Normal Mode and post a new HijackThis log so we can see if there's any other junk we need to clean up. Let me know how everything's running now and if you had any problems following my steps.