gerbil i apologie not doing what u suggested i was stuck working 16 hour dats the last 7 days but here it is im really tired and baffled but i'm always booker with a thank u for ur help
HERES COMBO FIX REPORT

ComboFix 08-09-05.05 - booker 2008-09-07 0:45:44.1 - NTFSx86

Running from: C:\Documents and Settings\booker.HOME-5214237687\Desktop\ddddaannniiwwweeebb\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
The following files were disabled during the run:
C:\Program Files\iolo\Common\Lib\sguard.dll


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\booker.HOME-5214237687\ResErrors.log
C:\WINDOWS\Downloaded Program Files\Quarantine
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\keyboard1.dat
C:\WINDOWS\system32\_000008_.tmp.dll
C:\WINDOWS\tdgdrs33.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_6TO4
-------\Legacy_DHLP
-------\Legacy_IPRIP
-------\Service_6to4
-------\Service_Iprip


((((((((((((((((((((((((( Files Created from 2008-08-07 to 2008-09-07 )))))))))))))))))))))))))))))))
.

2008-10-06 18:51 . 2008-09-07 00:54 <DIR> d-------- C:\temp\WERe9e6.dir00
2008-10-06 18:48 . 2008-09-07 00:54 <DIR> d-------- C:\temp\WER6ac8.dir00
2008-09-23 07:09 . 2008-08-23 00:45 <DIR> d-------- C:\temp\QuickCam_11.80.1065
2008-09-23 03:06 . 2008-08-30 06:47 <DIR> d-------- C:\temp\WERf0b7.dir00
2008-09-23 01:06 . 2008-08-30 06:47 <DIR> d-------- C:\temp\WER8778.dir00
2008-09-07 00:55 . 2008-09-07 00:55 53,248 --a------ C:\temp\catchme.dll
2008-09-07 00:54 . 2008-09-07 00:54 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-09-07 00:54 . 2008-09-07 00:54 1,409 --a------ C:\WINDOWS\QTFont.for
2008-09-07 00:53 . 2008-09-07 00:53 <DIR> d-------- C:\temp\WPDNSE
2008-09-07 00:51 . 2008-09-07 00:51 16,384 --a----t- C:\temp\Perflib_Perfdata_32c.dat
2008-09-06 19:45 . 2008-09-07 00:54 <DIR> d-------- C:\temp\{C90C518C-0720-4961-B9B5-B579B33311AB}
2008-09-06 15:18 . 2008-09-07 00:52 <DIR> d-------- C:\temp\nsb6.tmp
2008-09-06 15:07 . 2008-09-07 00:54 <DIR> d-------- C:\temp\WER5e41.dir00
2008-09-06 14:55 . 2008-09-07 00:54 <DIR> d-------- C:\temp\WERad76.dir00
2008-09-05 08:38 . 2008-09-05 08:38 <DIR> d-------- C:\WINDOWS\system32\IOSUBSYS
2008-09-05 08:38 . 2008-09-05 08:38 <DIR> d-------- C:\temp\Picasa3
2008-09-05 08:38 . 2008-09-07 00:52 <DIR> d-------- C:\temp\nsu7D.tmp
2008-09-04 20:44 . 2008-09-04 20:44 <DIR> d-------- C:\temp\Google Gadget Cache
2008-08-30 22:19 . 2008-08-30 22:41 <DIR> d-------- C:\Program Files\EsetOnlineScanner
2008-08-30 15:44 . 2008-09-04 21:06 <DIR> d-------- C:\temp\wzf3e4
2008-08-30 15:42 . 2008-09-04 21:06 <DIR> d-------- C:\temp\wz0a83
2008-08-30 07:57 . 2008-08-30 07:57 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-30 07:57 . 2008-08-30 07:57 <DIR> d-------- C:\Documents and Settings\booker.HOME-5214237687\Application Data\Malwarebytes
2008-08-30 07:57 . 2008-08-30 07:57 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2008-08-30 07:57 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-30 07:57 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-08-23 01:24 . 2008-08-23 01:24 <DIR> d-------- C:\temp\{ECAB36B7-1453-4DA2-8308-CCA67D1DA735}
2008-08-23 01:24 . 2008-08-30 06:48 <DIR> d-------- C:\temp\{8F5E9A50-4A68-43F2-86D4-A696B7E2A532}
2008-08-23 01:20 . 2008-08-30 06:48 <DIR> d-------- C:\temp\{D9C5206A-F48C-443C-84FE-F673674A4322}
2008-08-23 01:20 . 2008-08-23 01:20 <DIR> d-------- C:\temp\{A3516346-06FD-4EB7-93D1-803542A697C1}
2008-08-23 00:47 . 2008-08-30 06:48 <DIR> d-------- C:\temp\{A90AA336-24E8-4F06-9977-29ED693FC233}
2008-08-23 00:35 . 2008-09-23 03:03 <DIR> d-------- C:\temp\~nsu.tmp
2008-08-23 00:08 . 2008-08-23 00:12 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ascentive
2008-08-23 00:05 . 2008-08-30 06:48 <DIR> d-------- C:\temp\{6E58355A-6911-4A35-8A3B-808AB3A22FA7}
2008-08-23 00:05 . 2008-08-23 00:05 <DIR> d-------- C:\temp\{3EC28456-29D6-40AB-B438-41CF3CCAD4CF}
2008-08-23 00:05 . 2008-08-30 06:48 <DIR> d-------- C:\temp\{2A89E315-2DEC-42E4-934C-C94533E628E1}
2008-08-23 00:05 . 2007-07-03 11:48 20,480 --a------ C:\WINDOWS\system32\SysRestore.dll
2008-08-23 00:03 . 2008-08-30 06:48 <DIR> d-------- C:\temp\{CCDC7478-97CC-4933-92F4-B836890DEFCB}
2008-08-23 00:01 . 2008-08-30 06:48 <DIR> d-------- C:\temp\{2FAFDCAB-0E6C-4547-BB5E-96367B673B4C}
2008-08-22 23:59 . 2008-09-06 19:46 <DIR> d-------- C:\Program Files\Ascentive
2008-08-22 23:59 . 2007-08-10 12:56 303,104 --a------ C:\WINDOWS\system32\ciplListBar.ocx
2008-08-22 23:59 . 2007-08-10 12:56 224,016 --a------ C:\WINDOWS\system32\tabctl32.ocx
2008-08-22 23:59 . 2008-04-29 13:14 208,896 --a------ C:\WINDOWS\system32\ConTest.dll
2008-08-22 23:59 . 2007-08-10 12:56 155,648 --a------ C:\WINDOWS\system32\ciplImageList.ocx
2008-08-22 23:58 . 2008-08-22 23:59 <DIR> d-------- C:\temp\{C36080B7-84C3-4839-8B16-973DBC1CA2D7}
2008-08-22 23:58 . 2008-08-30 06:48 <DIR> d-------- C:\temp\{408419FF-C461-4DCE-814D-8CD1C398DE23}
2008-08-22 22:41 . 2008-08-30 06:47 <DIR> d-------- C:\temp\WERf713.dir00
2008-08-22 16:45 . 2008-08-22 16:48 <DIR> d-------- C:\temp\plugtmp-6
2008-08-21 01:02 . 2008-08-21 01:03 <DIR> d-------- C:\temp\iss33.tmp
2008-08-21 01:00 . 2008-08-21 01:00 <DIR> d-------- C:\temp\iss17.tmp
2008-08-20 21:53 . 2008-08-21 16:20 <DIR> d-------- C:\temp\WER2ba3.dir00
2008-08-20 19:38 . 2008-08-21 16:20 <DIR> d-------- C:\temp\WER2a7a.dir00
2008-08-20 04:31 . 2008-08-20 04:31 53,365 --a------ C:\WINDOWS\system32\COMPROHESIVE
2008-08-19 20:22 . 2008-08-22 21:07 <DIR> d-------- C:\temp\plugtmp-5
2008-08-19 17:12 . 2008-08-19 17:12 <DIR> d-------- C:\Program Files\Solitaire.Com
2008-08-19 13:59 . 2008-08-19 22:13 <DIR> d-------- C:\temp\WERe465.dir00
2008-08-19 05:22 . 2008-08-21 09:38 <DIR> d-------- C:\Program Files\Steam
2008-08-18 21:41 . 2008-08-19 12:36 <DIR> d-------- C:\temp\WERb528.dir00
2008-08-18 21:34 . 2008-08-19 12:36 <DIR> d-------- C:\temp\WERf5a3.dir00
2008-08-18 21:33 . 2008-08-19 12:36 <DIR> d-------- C:\temp\WERdc43.dir00
2008-08-18 21:17 . 2008-08-19 12:36 <DIR> d-------- C:\temp\WER8a9e.dir00
2008-08-18 20:43 . 2008-08-18 20:43 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-08-17 15:10 . 2008-08-19 12:36 <DIR> d-------- C:\temp\WER43b3.dir00
2008-08-17 15:05 . 2008-08-19 12:36 <DIR> d-------- C:\temp\WERadbd.dir00
2008-08-14 03:06 . 2008-09-07 00:52 <DIR> d--h----- C:\temp\Temporary Directory 3 for OpticalMouse-MicroInnovations-.zip
2008-08-14 03:05 . 2008-09-07 00:52 <DIR> d--h----- C:\temp\Temporary Directory 2 for OpticalMouse-MicroInnovations-.zip
2008-08-14 01:02 . 2008-08-21 16:55 <DIR> d-------- C:\WINDOWS\Logs
2008-08-12 20:30 . 2008-08-19 12:47 <DIR> d-------- C:\temp\plugtmp-4
2008-08-12 18:29 . 2008-08-12 18:29 <DIR> d-------- C:\temp\MCA6D.tmp
2008-08-12 18:29 . 2002-03-13 08:50 23,296 --a------ C:\WINDOWS\system32\drivers\NaiFiltr.sys
2008-08-12 18:28 . 2008-09-04 21:06 <DIR> d-------- C:\temp\vsoaol8026.tmp
2008-08-12 17:18 . 2008-08-12 17:19 <DIR> d-------- C:\temp\CDM
2008-08-12 11:19 . 2008-08-31 08:48 <DIR> d-------- C:\Program Files\PowerArchiver
2008-08-12 11:19 . 2008-08-12 11:19 <DIR> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\ConeXware
2008-08-12 09:49 . 2008-09-07 00:52 <DIR> d--h----- C:\temp\Temporary Directory 1 for OpticalMouse-MicroInnovations-.zip
2008-08-12 09:49 . 2008-08-12 09:49 <DIR> d-------- C:\Program Files\Browser Mouse
2008-08-12 09:49 . 2000-05-09 22:29 6,205 --a------ C:\WINDOWS\system32\LWBHMVXD.VXD
2008-08-12 05:27 . 2008-08-19 12:36 <DIR> d-------- C:\temp\WER6d96.dir00
2008-08-12 05:23 . 2008-08-19 12:36 <DIR> d-------- C:\temp\WERfd71.dir00
2008-08-12 05:22 . 2008-08-19 12:36 <DIR> d-------- C:\temp\WER3812.dir00
2008-08-10 17:18 . 2008-08-19 12:47 <DIR> d-------- C:\temp\pftA.tmp
2008-08-10 16:31 . 2008-08-19 12:46 <DIR> d-------- C:\temp\pft13.tmp
2008-08-10 03:29 . 2008-08-10 03:29 6,656 --ahs---- C:\Thumbs.db
2008-08-09 03:23 . 2008-08-09 03:24 <DIR> d-------- C:\temp\plugtmp-3
2008-08-07 20:12 . 2008-09-07 00:56 <DIR> d-------- C:\Documents and Settings\booker.HOME-5214237687\Application Data\OpenOffice.org2
2008-08-07 20:10 . 2008-08-07 20:10 <DIR> d-------- C:\Program Files\OpenOffice.org 2.4

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-07 02:44 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-06 22:18 --------- d-----w C:\Program Files\Google
2008-08-31 15:35 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
2008-08-31 01:11 --------- d-----w C:\Program Files\NovaLogic
2008-08-30 15:56 --------- d-----w C:\Program Files\PremierOpinion
2008-08-21 18:49 --------- d-----w C:\Program Files\GPL 2004 DEMO
2008-08-21 18:39 --------- d-----w C:\Program Files\SpaceHaste
2008-08-21 12:04 --------- d-----w C:\Program Files\Common Files\Logitech
2008-08-21 08:03 --------- d-----w C:\Program Files\Logitech
2008-08-21 08:01 --------- d-----w C:\Program Files\DivX
2008-08-21 08:00 --------- d-----w C:\Program Files\Creative
2008-08-21 07:55 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Logitech
2008-08-21 07:54 --------- d-----w C:\Program Files\GedSmart
2008-08-20 00:12 --------- d-----w C:\Documents and Settings\booker.HOME-5214237687\Application Data\Solitaire.Com
2008-08-19 12:56 --------- d-----w C:\Program Files\Java
2008-08-13 01:29 --------- d-----w C:\Program Files\McAfee.com
2008-08-12 22:55 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
2008-08-12 18:46 --------- d-----w C:\Program Files\WinAce
2008-08-11 00:20 --------- d-----w C:\Program Files\Common Files\LogiShrd
2008-08-07 18:32 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2008-07-23 03:28 --------- d-----w C:\Documents and Settings\booker.HOME-5214237687\Application Data\ErrorSmart
2008-07-22 23:06 --------- d-----w C:\Program Files\NOS
2008-07-22 23:06 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\NOS
2008-07-22 05:54 --------- d-----w C:\Program Files\Common Files\Adobe AIR
2008-07-22 05:53 --------- d-----w C:\Program Files\Common Files\Adobe
2008-07-20 20:25 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\MumboJumbo
2008-07-14 11:04 --------- d-----w C:\Program Files\EZ Emoticons
2008-05-01 09:54 784 ----a-w C:\Documents and Settings\booker.HOME-5214237687\Application Data\mpauth.dat
1998-10-24 07:00 700 -csha-w C:\WINDOWS\dv11mxv_0$1_783482.drv
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-29 68856]
"SMSystemAnalyzer"="C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe" [2006-12-20 557056]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2007-05-17 780312]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-05-17 505368]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 267048]
"VirusScannerPro"="C:\PROGRA~1\AVANQU~1\SYSTEM~1\MemCheck.exe" [2008-02-01 173312]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-02 13529088]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-02 86016]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-09-04 29744]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-02-01 385024]
"P17Helper"="P17.dll" [2005-05-03 C:\WINDOWS\system32\P17.dll]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 C:\WINDOWS\KHALMNPR.Exe]
"nwiz"="nwiz.exe" [2008-05-02 C:\WINDOWS\system32\nwiz.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-09-21 C:\WINDOWS\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]
"SetDefaultMIDI"="MIDIDef.exe" [2002-12-02 C:\WINDOWS\MIDIDEF.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-04 44544]
"RunNarrator"="Narrator.exe" [2008-04-14 C:\WINDOWS\system32\narrator.exe]
"DefaultP17MIDI"="MIDIDEF.EXE" [2002-12-02 C:\WINDOWS\MIDIDEF.EXE]
"DefaultP17"="P17Def.Exe" [2005-05-02 C:\WINDOWS\P17DEF.EXE]

C:\Documents and Settings\booker.HOME-5214237687\Start Menu\Programs\Startup\
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe [2008-01-21 393216]
QuickLink Mobile.lnk - C:\Program Files\Verizon Wireless\QuickLink Mobile\QuickLink Mobile.exe [2006-06-27 917504]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R0 fasttrak;fasttrak;C:\WINDOWS\system32\DRIVERS\fasttrak.sys [2002-04-23 73856]
R0 videX32;videX32;C:\WINDOWS\system32\DRIVERS\videX32.sys [2006-02-23 9728]
R2 NwSapAgent;SAP Agent;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 KFilter;KFilter;C:\PROGRA~1\AVANQU~1\SYSTEM~1\KFilter.sys [2008-01-31 53329]
R3 TFilter;TFilter;C:\PROGRA~1\AVANQU~1\SYSTEM~1\TFilter.sys [2008-01-31 20225]
S3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2004-12-16 42496]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-09-04 29744]
S3 lgatbus;LG USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\lgatbus.sys [2002-10-15 43024]
S3 lgatmdm;LG CDMA USB Modem Drivers;C:\WINDOWS\system32\DRIVERS\lgatmdm.sys [2002-10-15 77104]
S3 lgatserd;LG CDMA USB Modem Diagnostic Serial Port Drivers (WDM);C:\WINDOWS\system32\DRIVERS\lgatserd.sys [2002-10-15 60816]
S3 MailScan;MailScan;C:\PROGRA~1\AVANQU~1\SYSTEM~1\MailScan.sys [2008-02-01 20464]
S3 p17filt;p17filt;C:\WINDOWS\system32\drivers\p17filt.sys [2006-03-20 1452032]
S3 p2pgasvc;Peer Networking Group Authentication;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2pimsvc;Peer Networking Identity Manager;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 p2psvc;Peer Networking;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 PLUsbbc2;Hi-Speed USB Bridge Cable Driver;C:\WINDOWS\system32\Drivers\usbbc2.sys [2003-03-04 7936]
S3 PNRPSvc;Peer Name Resolution Protocol;C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 SaiH0109;SaiH0109;C:\WINDOWS\system32\DRIVERS\SaiH0109.sys [2007-05-01 132232]
S3 SaiU0109;SaiU0109;C:\WINDOWS\system32\DRIVERS\SaiU0109.sys [2007-05-01 28416]
S4 Boonty Games;Boonty Games;C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe [2007-08-10 69120]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\setup.exe
.
Contents of the 'Scheduled Tasks' folder
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-Cmaudio - cmicnfg.cpl
HKU-Default-Run-msnmsgr - C:\Program Files\MSN Messenger\msnmsgr.exe
SharedTaskScheduler-{588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
SharedTaskScheduler-{1b40d2ad-d237-4544-b1e1-0bf75bf8fcc0} - (no file)


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\booker.HOME-5214237687\Application Data\Mozilla\Firefox\Profiles\k0zmzvbx.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.com/
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npqtplugin8.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npqtplugin9.dll
FF -: plugin - C:\Program Files\QuickTime\Plugins\npqtplugin8.dll
FF -: plugin - C:\Program Files\QuickTime\Plugins\npqtplugin9.dll
FF -: plugin - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
.
.
------- File Associations (Beta) -------
.
JSEFile=NOTEPAD.EXE %1
VBEFile=NOTEPAD.EXE %1
VBSFile=NOTEPAD.EXE %1
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 00:55:23
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\TEMP\sv9l5.tmp
C:\TEMP\sv9l5.tmp

scan completed successfully
hidden files: 2

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\Program Files\iolo\Common\Lib\sguard.dll

PROCESS: C:\WINDOWS\system32\lsass.exe
-> C:\Program Files\iolo\Common\Lib\sguard.dll

PROCESS: C:\WINDOWS\explorer.exe
-> C:\Program Files\iolo\Common\Lib\sguard.dll

PROCESS: C:\WINDOWS\system32\csrss.exe
-> C:\Program Files\iolo\Common\Lib\sguard.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe
C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\snmp.exe
C:\PROGRA~1\AVANQU~1\SYSTEM~1\MXTask.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRA~1\AVANQU~1\SYSTEM~1\MXTask.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Completion time: 2008-09-07 1:09:47 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-07 08:09:37

Pre-Run: 38,670,258,176 bytes free
Post-Run: 38,901,612,544 bytes free

292 --- E O F --- 2008-09-07 07:58:14

==Please go to this web page http://virusscan.jotti.org/, click browse and submit this file for examination:
C:\WINDOWS\dv11mxv_0$1_783482.drv
Post the report in your next reply.
Okay, now disconnect from the web and turn off your Antivirus and Firewall while this next part runs.
==Please copy the text in the box to a notepad [format/wordwrap unchecked] and save as CFScript.txt to where you saved Combofix -that is, to a folder or your desktop.
Good. Now drag CFScript.txt onto Combofix [drag the icon if on your desktop, or the filename if in a folder]. Combofix will start, let it run, if your firewall prompts then allow all; post the log.
==Run CCleaner in all accounts.
==Please use IE or Firefox to do an online scan at panda:- http://www.pandasecurity.com/activescan/index/
-First Register [otherwise there will be no disinfection, merely detection] with a valid email address for the free online virus scan and follow through.
Unlike Kaspersky this scan does not require Java.
Please ATTACH to your post the log it produces.
==Post a fresh hijackthis scan log also.

Randal, I modified the code to run with Combofix; if you have not already done this step please use the following script instead of that in the post above [it includes a couple of files I missed].
And I would like to see the results of a PandaActiveScan. I am interested in those NewFiles you mention.

Randal, normally I would have simply deleted your whole C:\temp folder with its contents but it would appear that you have used it as a download folder, plus as a store for some of your own files. This directory should be reserved for system use, then its contents can be systematically deleted from time to time. May I suggest that you create Downloads and Scratch Pad folders?
Anyway, the prospect of deleting all those file idents made me hopeful that Combofix would ignore them... it doesn't [I just tested it on my machine] so I have had to reissue the block of text for saving as CFScript.txt. Use this lot:

And run that PandaActiveScan!