MBA-M log:
Malwarebytes' Anti-Malware 1.07
Database version: 467

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 181654
Time elapsed: 1 hour(s), 12 minute(s), 59 second(s)

Memory Processes Infected: 4
Memory Modules Infected: 4
Registry Keys Infected: 22
Registry Values Infected: 20
Registry Data Items Infected: 3
Folders Infected: 14
Files Infected: 210

Memory Processes Infected:
c:\program files\common files\storageprotector\strpmon .exe (Rogue.SystemErrorFixer) -> Unloaded process successfully.
c:\program files\common files\storageprotector\strpmon .exe (Rogue.SystemErrorFixer) -> Unloaded process successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Unloaded process successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Unloaded process successfully.

Memory Modules Infected:
C:\WINDOWS\system32\amddqsom.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\bdlyfppb.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\lfhbmpac.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINDOWS\system32\vtutu.dll (Trojan.Vundo) -> Unloaded module successfully.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{20e95601-8278-4eea-b84f-242df7ae2e66} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{20e95601-8278-4eea-b84f-242df7ae2e66} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{a95b2816-1d7e-4561-a202-68c0de02353a} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a95b2816-1d7e-4561-a202-68c0de02353a} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{11a69ae4-fbed-4832-a2bf-45af82825583} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Storageprotector (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{43132710-a996-478a-863b-7d0765b643d5} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(9) (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(19) (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(18) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(17) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(16) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(15) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(14) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(13) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(12) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(11) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(10) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(8) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(7) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(6) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(5) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(4) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(3) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(2) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart(1) (Rogue.Storageprotector) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Salestart (Rogue.Storageprotector) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Vundo) -> Data: c:\windows\system32\vtutu.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtutu -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\vtutu -> Delete on reboot.

Folders Infected:
C:\Documents and Settings\All Users\Application Data\SalesMonitor (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SalesMonitor\Data (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiSpyware 2007 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiSpyware 2007\bak (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiSpyware 2007\bak\bak (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Storageprotector (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Storageprotector\Data (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\WinAntiSpyware 2007 (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\WinAntiSpyware 2007\Logs (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\WinAntiSpyware 2007 Free (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.

Files Infected:
c:\program files\common files\storageprotector\strpmon .exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
c:\program files\common files\storageprotector\strpmon .exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\amddqsom.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\mosqddma.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bdlyfppb.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\bppfyldb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ibljpbjv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vjbpjlbi.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lfhbmpac.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\capmbhfl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nsmcexef.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\fexecmsn.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tqhiopcc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ccpoihqt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vtutu.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\vtutu.exe (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ututv.ini (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\ututv.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xafwfbcr.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rcbfwfax.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ylbkaleq.dllbox (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\afjyqmuk.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\cacooyjy.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\caqlyuvv.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\dlwixoql.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\dswtmhmj.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\dyekuyln.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\efcgxlvu.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\exjegpqb.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\gcaaqyqf.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\gfnsaqmf.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\gitobxmn.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\glcjwfdv.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\gxwbvyhb.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\hknbrhhh.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\hqhmhmdi.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\jqkbaytg.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\kaxqtjro.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\kjymxiuq.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\lfnhfjob.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\lnbofxck.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\lpllfrfy.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\mihungvi.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\mlaitrtq.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\mofugclq.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\nephiqpn.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\ngproxvf.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\oxjhwwnr.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\peuagbsx.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\qrjatydi.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\qvlnnfkd.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\roamakdt.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\sdoxevme.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\sheqipoi.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\snancrds.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\tevobesr.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP109.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP11B.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP2E61.tmp (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP461A.tmp (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP4620.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP4629.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP6307.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP7746.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP7926.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP792F.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP794A.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP8787.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP8793.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP8799.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMP87A5.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMPAC.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMPBB.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMPC9.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMPDE.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMPF0.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\TMPF2.tmp (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\ujjivnwv.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\ukssxmod.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\urclqecd.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\vhgtvwel.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\vntmrykt.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\wjiumwsc.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\xaisfvxg.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\xdyitjoc.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\xihvkrno.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\xqedqkpr.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\xunsrkcf.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\xysjgjdy.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\ymqysuwq.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\ywssmfiq.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Local Settings\Temp\ywuecxwm.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiSpyware 2007\uwas7cw.exe (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiSpyware 2007\bak\bak\WAS7Mon.exe (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-3874938436-2547159655-1528358104-1009\Dc67\bin\matrix.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-3874938436-2547159655-1528358104-1009\Dc67\bin\matrix.dll.1194711701.old (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-3874938436-2547159655-1528358104-1009\Dc67\bin\matrix.dll.1195315464.old (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-3874938436-2547159655-1528358104-1009\Dc67\bin\matrix.dll.1196195676.old (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP12\A0006463.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0007002.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0007019.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0008017.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0009017.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0009053.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0009054.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0010053.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0010055.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0011053.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0011056.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0011090.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0011092.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0011094.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0012116.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0012118.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0012120.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0013090.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0013092.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0013094.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0013124.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0013129.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0013161.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0013166.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP14\A0013185.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP20\A0019412.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP20\A0020413.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP20\A0020436.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP20\A0021436.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP20\A0022438.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP20\A0022459.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP20\A0022463.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP20\A0023463.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP20\A0024460.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP20\A0024464.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP20\A0025490.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP20\A0025494.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP20\A0026494.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP21\A0028755.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP21\A0028760.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP21\A0029758.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP21\A0029760.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP22\A0029859.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP23\A0029894.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP23\A0029898.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP23\A0031900.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP24\A0033226.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP24\A0033230.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP24\A0034221.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP24\A0034230.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP24\A0034266.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{00EFF98B-5705-4D9A-BA78-7681A60AFB54}\RP24\A0034275.exe (Rogue.SystemErrorFixer) -> Quarantined and deleted successfully.
C:\WINDOWS\17PHolmes1285.exe (Trojan.DownLoader) -> Quarantined and deleted successfully.
C:\WINDOWS\offun.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\rau001978.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\retadpu572.exe (Trojan.Agant) -> Quarantined and deleted successfully.
C:\WINDOWS\TISKY009.exe (Adware.ZenoSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\tk58.exe (Trojan.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\TTC-4444.exe (Adware.TTC) -> Quarantined and deleted successfully.
C:\WINDOWS\Downloaded Program Files\UWA7P_0001_N91M0809NetInstaller.exe (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\windows (Trojan.Zapchast) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\Abbr (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\ProductCode (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiSpyware 2007\err.log (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiSpyware 2007\WAS7Mon.exe (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\WinAntiSpyware 2007\bak\WAS7Mon.exe (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\icmntr.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\icthis.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\ictmdl.dll (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\ictun.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\icun.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\isfmdl.dll (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\isfmm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\isfmntr.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\isfun.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Program Files\Video Add-on\uninst.exe (Trojan.Zlob) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Storageprotector\Data\em (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Storageprotector\Data\oid (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Storageprotector\Data\user (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon .exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Storageprotector\strpmon.exe (Rogue.Storageprotector) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\WinAntiSpyware 2007\Logs\update.log (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Compaq_Owner\Application Data\WinAntiSpyware 2007 Free\description.txt (Rogue.WinAntiSpyware) -> Quarantined and deleted successfully.
C:\WINDOWS\images.zip (Worm.NetSky) -> Quarantined and deleted successfully.
C:\WINDOWS\mrofinu1285.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\wr.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\tcb.pmw (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Yazzle1119OinAdmin.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\Yazzle1281OinAdmin.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\WINDOWS\9129837.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Guest.YOUR-D0F670B45A\Local Settings\Temp\mshtml2.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nelson\Start Menu\Programs\Startup\Think-Adz.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\Nelson\Start Menu\Programs\Startup\TA_Start.lnk (Malware.Trace) -> Quarantined and deleted successfully.

Combofix log:

ComboFix 08-03-07.4 - Compaq_Owner 2008-03-08 0:26:55.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.117 [GMT -5:00]
Running from: C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\int_rem.bat
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\License_Manager
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\QuickTime\QTTask .exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\fse
C:\Temp\fse\tmpZTF.log
C:\WINDOWS\baaadd.ini
C:\WINDOWS\BM7b351950.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\crosof~1.net
C:\WINDOWS\crosof~1.net\j?vaw.exe
C:\WINDOWS\ddaaab.dll
C:\WINDOWS\pskt.ini
C:\WINDOWS\ssembl~1
C:\WINDOWS\stem~1
C:\WINDOWS\stem~1\??stem\
C:\WINDOWS\stem~1\rundll32.exe
C:\WINDOWS\system32\alqywqkh.dll
C:\WINDOWS\system32\amddqsom.dll
C:\WINDOWS\system32\avfliqwm.dll
C:\WINDOWS\system32\baayyhkj.dll
C:\WINDOWS\system32\bdlyfppb.dll
C:\WINDOWS\system32\bppfyldb.ini
C:\WINDOWS\system32\cfqrmtbo.dll
C:\WINDOWS\system32\ctfmon.exe.tmp
C:\WINDOWS\system32\dvifotjb.dll
C:\WINDOWS\system32\erdgvdxe.dll
C:\WINDOWS\system32\evndcvcm.dll
C:\WINDOWS\system32\faypimal.dll
C:\WINDOWS\system32\glyraphp.dll
C:\WINDOWS\system32\grpwxodq.dll
C:\WINDOWS\system32\hpxgbwth.dll
C:\WINDOWS\system32\ivjcswrs.dll
C:\WINDOWS\system32\iwwfkjdv.dll
C:\WINDOWS\system32\jipjcufq.dll
C:\WINDOWS\system32\lfhbmpac.dll
C:\WINDOWS\system32\ljxpnata.dll
C:\WINDOWS\system32\lniyeysd.dll
C:\WINDOWS\system32\luflcnyc.dll
C:\WINDOWS\system32\lulfraxh.dll
C:\WINDOWS\system32\maogjxyx.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mrtkaeaw.dll
C:\WINDOWS\system32\nvktngwg.dll
C:\WINDOWS\system32\nyossclw.dll
C:\WINDOWS\system32\otwgsawm.dll
C:\WINDOWS\system32\pihkcnjr.dll
C:\WINDOWS\system32\pyyobvbc.dll
C:\WINDOWS\system32\qqxqefbe.dll
C:\WINDOWS\system32\quligxew.dll
C:\WINDOWS\system32\reqjqxoe.dll
C:\WINDOWS\system32\rgeaayhf.dll
C:\WINDOWS\system32\rytpmmwj.dll
C:\WINDOWS\system32\system.exe
C:\WINDOWS\system32\thylfnwu.dll
C:\WINDOWS\system32\tqsupyhj.dll
C:\WINDOWS\system32\ufrftlgk.dll
C:\WINDOWS\system32\uogjvymh.dll
C:\WINDOWS\system32\ututv.ini
C:\WINDOWS\system32\uwvsluhw.dll
C:\WINDOWS\system32\vtutu.dll
C:\WINDOWS\system32\widgskub.dll
C:\WINDOWS\system32\wpyrdevm.dll
C:\WINDOWS\system32\xdpjllhy.dll
C:\WINDOWS\system32\xdqrprov.dll
C:\WINDOWS\system32\xwuhxxny.dll
C:\WINDOWS\system32\ylumvmjs.dll
C:\WINDOWS\system32\yudjrchd.dll
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-02-08 to 2008-03-08 )))))))))))))))))))))))))))))))
.

2008-03-07 19:35 . 2008-03-07 19:35 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
2008-03-07 19:28 . 2008-03-07 19:28 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-03-07 19:28 . 2008-03-07 19:28 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-05 21:07 . 2008-03-05 21:07 326,656 --a------ C:\WINDOWS\system32\RCX4B.tmp
2008-03-04 23:15 . 2008-03-04 23:15 326,656 --a------ C:\WINDOWS\system32\RCX44.tmp
2008-03-04 15:33 . 2008-03-05 07:12 1,494 ---hs---- C:\WINDOWS\system32\emcbsbik.ini
2008-03-03 23:38 . 2008-03-08 00:21 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-03 23:38 . 2008-03-03 23:38 1,409 --a------ C:\WINDOWS\QTFont.for
2008-03-03 23:36 . 2008-03-03 23:36 326,656 --a------ C:\WINDOWS\system32\RCX41.tmp
2008-03-03 15:31 . 2008-03-04 15:32 1,314 ---hs---- C:\WINDOWS\system32\wqvpfgxw.ini
2008-03-02 08:44 . 2008-03-03 15:25 1,194 ---hs---- C:\WINDOWS\system32\csiuloni.ini
2008-02-29 18:36 . 2008-02-29 18:36 326,656 --a------ C:\WINDOWS\system32\RCX3E.tmp
2008-02-29 15:32 . 2008-03-02 08:41 1,074 ---hs---- C:\WINDOWS\system32\pprkuifl.ini
2008-02-28 15:28 . 2008-02-29 15:29 774 ---hs---- C:\WINDOWS\system32\xorohqel.ini
2008-02-26 21:14 . 2008-02-28 15:28 654 ---hs---- C:\WINDOWS\system32\sroikmrx.ini
2008-02-25 19:10 . 2008-02-26 21:11 534 ---hs---- C:\WINDOWS\system32\xchqoame.ini
2008-02-25 18:07 . 2008-02-25 18:08 294 ---hs---- C:\WINDOWS\system32\tcecreer.ini
2008-02-24 13:28 . 2008-02-24 13:28 d-------- C:\Program Files\Webroot
2008-02-24 13:28 . 2008-02-24 13:28 d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2008-02-24 13:28 . 2008-02-24 13:28 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Webroot
2008-02-24 13:28 . 2008-02-24 13:28 d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2008-02-24 13:28 . 2008-01-04 20:56 1,526,640 --a------ C:\WINDOWS\WRSetup.dll
2008-02-24 13:28 . 2008-01-04 20:34 163,696 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys
2008-02-24 13:28 . 2008-01-04 20:34 23,920 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
2008-02-24 13:28 . 2008-01-04 20:34 21,872 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys
2008-02-24 13:28 . 2008-01-04 20:34 20,336 --a------ C:\WINDOWS\system32\drivers\SSFS0BB9.sys
2008-02-24 13:23 . 2008-02-24 13:25 d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2008-02-24 11:32 . 2008-02-24 11:32 d-------- C:\Program Files\Enigma Software Group
2008-02-23 16:36 . 2008-02-24 16:37 1,154,241 ---hs---- C:\WINDOWS\system32\ikrvtjmh.ini
2008-02-23 15:30 . 2008-02-23 15:31 1,153,692 ---hs---- C:\WINDOWS\system32\rbkugrmv.ini
2008-02-22 15:30 . 2008-02-22 22:47 1,154,857 ---hs---- C:\WINDOWS\system32\jgyqprlr.ini
2008-02-21 15:34 . 2008-02-22 15:26 1,154,361 ---hs---- C:\WINDOWS\system32\qurpshjd.ini
2008-02-20 15:29 . 2008-02-21 15:29 1,207,013 ---hs---- C:\WINDOWS\system32\ntcpimka.ini
2008-02-18 21:05 . 2008-02-20 15:28 1,250,261 ---hs---- C:\WINDOWS\system32\pqpcnvbh.ini
2008-02-18 11:06 . 2008-02-18 21:05 1,238,973 ---hs---- C:\WINDOWS\system32\rxfdbuje.ini
2008-02-17 22:30 . 2008-02-17 22:30 d-------- C:\WINDOWS\.jagex_cache_32
2008-02-17 22:20 . 2008-02-18 11:05 1,248,947 ---hs---- C:\WINDOWS\system32\enldmlcr.ini
2008-02-16 22:21 . 2008-02-17 02:06 1,248,767 ---hs---- C:\WINDOWS\system32\tdwjuhba.ini
2008-02-16 22:07 . 2007-06-28 18:52 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-02-16 22:07 . 2007-06-28 18:54 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-02-16 22:07 . 2007-06-28 18:55 77,824 --a------ C:\WINDOWS\system32\xvid.ax
2008-02-16 21:55 . 2008-02-16 21:56 d-------- C:\Program Files\AVI MPEG Video Converter
2008-02-15 22:19 . 2008-02-16 22:19 1,248,647 ---hs---- C:\WINDOWS\system32\bmttocru.ini
2008-02-15 21:19 . 2008-02-15 21:20 1,248,467 ---hs---- C:\WINDOWS\system32\yrhtflmr.ini
2008-02-14 21:19 . 2008-02-15 12:22 1,242,300 ---hs---- C:\WINDOWS\system32\nhrmnthc.ini
2008-02-12 21:22 . 2008-02-13 16:09 1,235,221 ---hs---- C:\WINDOWS\system32\kfjnncvu.ini
2008-02-11 23:56 . 2008-02-12 20:36 1,222,540 ---hs---- C:\WINDOWS\system32\vexnjjpj.ini
2008-02-11 01:08 . 2008-02-11 01:08 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-02-11 01:08 . 2008-02-11 01:08 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-02-11 00:58 . 2008-02-11 00:58 d-------- C:\Program Files\Trend Micro
2008-02-10 19:51 . 2008-02-10 20:07 9,296 --a------ C:\22.exe
2008-02-09 21:16 . 2008-02-10 17:49 1,220,770 ---hs---- C:\WINDOWS\system32\tthlccou.ini
2008-02-09 14:34 . 2008-02-09 14:34 dr------- C:\Documents and Settings\All Users\Application Data\SalesMon
2008-02-08 22:13 . 2008-02-09 02:14 137,248 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-02-08 22:13 . 2008-02-09 02:14 4,128 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-02-08 22:13 . 2008-02-09 02:14 2,684 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-02-08 22:13 . 2008-02-09 02:14 1,460 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-02-08 22:12 . 2008-02-08 22:12 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-02-08 22:12 . 2008-02-10 17:46 364,544 --a------ C:\WINDOWS\mrofinu1285.exe.tmp
2008-02-08 21:40 . 2007-10-10 18:55 6,065,664 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-02-08 21:40 . 2007-06-30 22:31 2,455,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-02-08 21:40 . 2007-06-30 22:36 991,232 --------- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-02-08 21:40 . 2007-10-10 18:55 459,264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-02-08 21:40 . 2007-10-10 18:55 383,488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-02-08 21:40 . 2007-10-10 18:55 267,776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-02-08 21:40 . 2007-10-10 18:55 63,488 --------- C:\WINDOWS\system32\dllcache\icardie.dll
2008-02-08 21:40 . 2007-10-10 18:55 52,224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-02-08 21:40 . 2007-10-10 05:59 13,824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-08 19:29 . 2008-03-05 21:08 15,360 --a------ C:\WINDOWS\system32\ctfmon .exe
2008-02-08 16:21 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-08 15:36 . 2008-02-08 15:36 d-------- C:\Program Files\MSXML 4.0

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-08 05:36 --------- d-----w C:\Program Files\QuickTime
2008-03-08 05:36 --------- d-----w C:\Program Files\iTunes
2008-03-04 02:59 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\uTorrent
2008-02-27 21:08 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\AdobeUM
2008-02-27 20:41 --------- d-----w C:\Program Files\Combined Community Codec Pack
2008-02-24 17:49 --------- d-----w C:\Program Files\Sonic
2008-02-24 15:08 --------- d-----w C:\Program Files\iPod
2008-02-17 03:07 --------- d-----w C:\Program Files\XviD
2008-02-13 01:23 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer
2008-02-09 03:35 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-09 03:34 --------- d-----w C:\Program Files\Common Files\Command Software
2008-02-09 00:26 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-02-09 00:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-02-08 21:20 --------- d-----w C:\Program Files\Java
2008-02-08 20:23 --------- d-----w C:\Program Files\PC-Doctor 5 for Windows
2008-02-08 02:43 --------- d-----w C:\Program Files\Apple Software Update
2008-02-08 02:23 --------- d-----w C:\Program Files\Google
2008-02-08 02:00 --------- d-----w C:\Program Files\WildTangent
2008-01-26 21:21 --------- d-----w C:\Program Files\World of Warcraft
2008-01-26 01:30 --------- d-----w C:\Program Files\7-Zip
2008-01-14 05:36 5,197 ----a-w C:\is9.exe
2008-01-02 19:44 3,029,431 ----a-w C:\steam.exe
2007-10-02 18:51 2,674,688 ----a-w C:\Documents and Settings\Compaq_Owner\Application Data\Steam.dll
2007-03-29 14:57 6,656 ----a-w C:\Documents and Settings\Compaq_Owner\Application Data\sx.exe
2006-10-01 21:38 22 --sha-w C:\WINDOWS\SMINST\HPCD.sys
.

<pre>

----a-w            27,136 2007-02-08 22:40:48  C:\hp\bin\cloaker .exe

----a-w           307,200 2008-02-19 02:04:39  C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager .exe

----a-w            50,528 2007-02-05 20:26:05  C:\Program Files\AIM6\aim6 .exe

----a-w           344,064 2007-02-08 22:40:28  C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx .exe

----a-w           180,269 2008-03-02 13:41:29  C:\Program Files\Common Files\Real\Update_OB\realsched .exe

----a-w            52,848 2008-02-08 22:00:43  C:\Program Files\Common Files\Symantec Shared\ccApp .exe

----a-w           218,240 2008-02-08 22:00:53  C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt .exe

----a-w           847,872 2008-02-24 17:39:04  C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter3 .exe

----a-w           249,856 2007-02-07 05:31:45  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                                 .exe

----a-w           577,536 2007-02-07 05:29:36  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                                .exe

----a-w           577,536 2007-02-07 03:45:18  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                               .exe

----a-w           577,536 2007-02-06 20:24:04  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                              .exe

----a-w           577,536 2007-02-05 20:25:02  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                             .exe

----a-w           577,536 2007-02-05 02:15:54  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                            .exe

----a-w           577,536 2007-02-04 20:30:06  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                           .exe

----a-w           577,536 2007-02-04 03:42:20  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                          .exe

----a-w           577,536 2007-02-03 23:49:31  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                         .exe

----a-w           577,536 2008-02-03 14:10:03  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                        .exe

----a-w           577,536 2008-02-03 06:22:07  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                       .exe

----a-w           577,536 2008-02-03 01:18:38  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                      .exe

----a-w           577,536 2008-02-02 16:42:30  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                     .exe

----a-w           577,536 2008-02-01 20:46:12  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                    .exe

----a-w           577,536 2008-02-01 20:24:40  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                   .exe

----a-w           577,536 2008-01-31 20:24:48  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                  .exe

----a-w           577,536 2008-01-31 02:06:28  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                 .exe

----a-w           577,536 2008-01-30 20:28:12  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                                .exe

----a-w           577,536 2008-01-29 21:16:31  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                               .exe

----a-w           577,536 2008-01-29 20:26:38  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                              .exe

----a-w           577,536 2008-01-28 20:25:39  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                             .exe

----a-w           577,536 2008-01-27 17:24:07  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                            .exe

----a-w           577,536 2008-01-26 20:59:29  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                           .exe

----a-w           577,536 2008-01-26 15:35:53  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                          .exe

----a-w           577,536 2008-01-25 16:21:11  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                         .exe

----a-w           577,536 2008-01-25 01:47:56  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                        .exe

----a-w           577,536 2008-01-25 01:34:29  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                       .exe

----a-w           577,536 2008-01-25 01:26:40  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                      .exe

----a-w           577,536 2007-01-24 14:23:51  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                     .exe

----a-w           577,536 2007-01-23 16:42:43  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                    .exe

----a-w           577,536 2007-01-23 16:25:36  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                   .exe

----a-w           577,536 2007-01-23 00:48:06  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                  .exe

----a-w           577,536 2007-01-22 20:34:51  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                 .exe

----a-w           577,536 2007-01-22 20:23:53  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                                .exe

----a-w           577,536 2007-01-22 01:08:56  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                               .exe

----a-w           577,536 2007-01-21 23:08:16  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                              .exe

----a-w           577,536 2008-01-21 15:26:49  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                             .exe

----a-w           577,536 2008-01-20 18:39:47  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                            .exe

----a-w           577,536 2008-01-20 08:37:27  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                           .exe

----a-w           577,536 2008-01-20 02:15:04  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                          .exe

----a-w           577,536 2008-01-19 14:34:43  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                         .exe

----a-w           577,536 2008-01-18 20:30:46  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                        .exe

----a-w           577,536 2008-01-18 01:11:49  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                       .exe

----a-w           577,536 2008-01-17 02:42:23  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                      .exe

----a-w           577,536 2008-01-17 02:14:22  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                     .exe

----a-w           577,536 2008-01-16 20:26:23  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                    .exe

----a-w           577,536 2008-01-15 20:29:15  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                   .exe

----a-w           577,536 2008-01-15 02:14:22  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                  .exe

----a-w           577,536 2008-01-14 20:25:40  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                 .exe

----a-w           577,536 2008-01-13 15:59:26  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                                .exe

----a-w           577,536 2008-01-13 15:33:34  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                               .exe

----a-w           577,536 2008-01-13 02:20:48  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                              .exe

----a-w           577,536 2008-01-12 15:56:11  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                             .exe

----a-w           577,536 2008-01-11 20:25:48  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                            .exe

----a-w           577,536 2008-01-11 04:22:42  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                           .exe

----a-w           577,536 2008-01-10 21:30:31  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                          .exe

----a-w           577,536 2008-01-09 20:27:04  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                         .exe

----a-w           577,536 2008-01-08 20:27:47  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                        .exe

----a-w           577,536 2008-01-07 22:51:06  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                       .exe

----a-w           577,536 2008-01-07 20:30:46  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                      .exe

----a-w           577,536 2008-01-07 01:24:02  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                     .exe

----a-w           577,536 2008-01-06 19:15:59  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                    .exe

----a-w           577,536 2008-01-06 08:46:24  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                   .exe

----a-w           577,536 2008-01-05 18:28:42  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                  .exe

----a-w           577,536 2008-01-05 18:19:42  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                 .exe

----a-w           577,536 2008-01-04 17:49:14  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp                .exe

----a-w           577,536 2008-01-04 02:12:51  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp               .exe

----a-w           577,536 2008-02-11 04:42:03  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp              .exe

----a-w           577,536 2008-02-10 22:46:34  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp             .exe

----a-w           577,536 2008-02-10 14:27:29  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp            .exe

----a-w           577,536 2008-02-10 03:16:52  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp           .exe

----a-w           577,536 2008-02-10 02:08:58  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp          .exe

----a-w           577,536 2008-02-09 21:39:08  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp         .exe

----a-w           577,536 2008-02-09 20:06:08  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp        .exe

----a-w           577,536 2008-02-09 19:39:56  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp       .exe

----a-w           577,536 2008-02-09 18:48:05  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp      .exe

----a-w           577,536 2008-02-09 16:31:54  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp     .exe

----a-w           577,536 2008-02-09 16:05:52  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp    .exe

----a-w           577,536 2008-02-09 03:05:15  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp   .exe

----a-w           577,536 2008-02-09 01:06:45  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp  .exe

----a-w           577,536 2008-02-09 00:26:57  C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp .exe

----a-w            49,152 2008-02-10 22:47:49  C:\Program Files\HP\HP Software Update\HPwuSchd2 .exe

----a-w           267,048 2008-03-08 05:20:36  C:\Program Files\iTunes\iTunesHelper .exe

----a-w            36,975 2007-02-08 22:40:25  C:\Program Files\Java\jre1.5.0_05\bin\jusched .exe

----a-w           132,496 2008-02-10 22:47:56  C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe

----a-w         1,694,208 2008-02-10 22:48:58  C:\Program Files\Messenger\msmsgs .exe

----a-w            53,248 2008-02-08 20:25:45  C:\Program Files\PC-Doctor 5 for Windows\RunProfiler .exe

----a-w           286,720 2007-01-24 14:24:49  C:\Program Files\QuickTime\qttask                                                            .exe

----a-w           640,512 2007-01-24 14:24:01  C:\Program Files\QuickTime\qttask                                                           .exe

----a-w           640,512 2007-01-23 16:42:45  C:\Program Files\QuickTime\qttask                                                          .exe

----a-w           640,512 2007-01-23 16:25:38  C:\Program Files\QuickTime\qttask                                                         .exe

----a-w           640,512 2007-01-23 00:48:09  C:\Program Files\QuickTime\qttask                                                        .exe

----a-w           640,512 2007-01-22 20:34:54  C:\Program Files\QuickTime\qttask                                                       .exe

----a-w           640,512 2007-01-22 20:23:56  C:\Program Files\QuickTime\qttask                                                      .exe

----a-w           640,512 2007-01-22 01:08:59  C:\Program Files\QuickTime\qttask                                                     .exe

----a-w           640,512 2007-01-21 23:08:19  C:\Program Files\QuickTime\qttask                                                    .exe

----a-w           640,512 2008-01-21 15:26:52  C:\Program Files\QuickTime\qttask                                                   .exe

----a-w           640,512 2008-01-20 18:39:51  C:\Program Files\QuickTime\qttask                                                  .exe

----a-w           640,512 2008-01-20 08:37:29  C:\Program Files\QuickTime\qttask                                                 .exe

----a-w           640,512 2008-01-20 02:15:07  C:\Program Files\QuickTime\qttask                                                .exe

----a-w           640,512 2008-01-19 14:34:50  C:\Program Files\QuickTime\qttask                                               .exe

----a-w           640,512 2008-01-18 20:30:53  C:\Program Files\QuickTime\qttask                                              .exe

----a-w           640,512 2008-01-18 01:11:52  C:\Program Files\QuickTime\qttask                                             .exe

----a-w           640,512 2008-01-18 01:04:12  C:\Program Files\QuickTime\qttask                                            .exe

----a-w           640,512 2008-01-17 20:28:30  C:\Program Files\QuickTime\qttask                                           .exe

----a-w           640,512 2008-01-17 02:42:25  C:\Program Files\QuickTime\qttask                                          .exe

----a-w           640,512 2008-01-17 02:14:30  C:\Program Files\QuickTime\qttask                                         .exe

----a-w           640,512 2008-01-16 20:26:27  C:\Program Files\QuickTime\qttask                                        .exe

----a-w           640,512 2008-01-15 20:29:20  C:\Program Files\QuickTime\qttask                                       .exe

----a-w           640,512 2008-01-15 02:14:25  C:\Program Files\QuickTime\qttask                                      .exe

----a-w           640,512 2008-01-14 20:25:43  C:\Program Files\QuickTime\qttask                                     .exe

----a-w           640,512 2008-01-14 05:33:48  C:\Program Files\QuickTime\qttask                                    .exe

----a-w           640,512 2008-01-13 15:59:28  C:\Program Files\QuickTime\qttask                                   .exe

----a-w           640,512 2008-01-13 15:33:37  C:\Program Files\QuickTime\qttask                                  .exe

----a-w           640,512 2008-01-13 02:20:50  C:\Program Files\QuickTime\qttask                                 .exe

----a-w           640,512 2008-01-12 15:56:13  C:\Program Files\QuickTime\qttask                                .exe

----a-w           385,024 2006-02-07 05:31:59  C:\Program Files\QuickTime\qttask                               .exe

----a-w           738,816 2007-02-07 05:29:44  C:\Program Files\QuickTime\qttask                              .exe

----a-w           738,816 2007-02-07 03:45:36  C:\Program Files\QuickTime\qttask                             .exe

----a-w           738,816 2007-02-06 20:24:12  C:\Program Files\QuickTime\qttask                            .exe

----a-w           738,816 2007-02-06 13:06:03  C:\Program Files\QuickTime\qttask                           .exe

----a-w           738,816 2007-02-05 20:25:09  C:\Program Files\QuickTime\qttask                          .exe

----a-w           738,816 2007-02-05 02:16:00  C:\Program Files\QuickTime\qttask                         .exe

----a-w           738,816 2007-02-04 20:30:11  C:\Program Files\QuickTime\qttask                        .exe

----a-w           738,816 2007-02-04 03:42:26  C:\Program Files\QuickTime\qttask                       .exe

----a-w           738,816 2007-02-03 23:49:39  C:\Program Files\QuickTime\qttask                      .exe

----a-w           738,816 2008-02-03 18:28:10  C:\Program Files\QuickTime\qttask                     .exe

----a-w           738,816 2008-02-03 14:10:07  C:\Program Files\QuickTime\qttask                    .exe

----a-w           738,816 2008-02-03 06:22:14  C:\Program Files\QuickTime\qttask                   .exe

----a-w           385,024 2008-03-06 02:07:49  C:\Program Files\QuickTime\QTTask                .exe

----a-w           738,816 2008-03-06 02:07:16  C:\Program Files\QuickTime\QTTask               .exe

----a-w           738,816 2008-03-05 12:10:13  C:\Program Files\QuickTime\QTTask              .exe

----a-w           738,816 2008-03-05 04:15:14  C:\Program Files\QuickTime\QTTask             .exe

----a-w           738,816 2008-03-04 04:36:04  C:\Program Files\QuickTime\QTTask            .exe

----a-w           738,816 2008-03-01 10:59:57  C:\Program Files\QuickTime\QTTask           .exe

----a-w           738,816 2008-02-29 23:36:09  C:\Program Files\QuickTime\QTTask          .exe

----a-w           738,816 2008-02-29 05:11:36  C:\Program Files\QuickTime\QTTask         .exe

----a-w           738,816 2008-02-26 20:59:17  C:\Program Files\QuickTime\QTTask        .exe

----a-w           738,816 2008-02-25 03:43:22  C:\Program Files\QuickTime\QTTask       .exe

----a-w           738,816 2008-02-24 21:43:05  C:\Program Files\QuickTime\QTTask      .exe

----a-w           738,816 2008-02-24 18:31:30  C:\Program Files\QuickTime\QTTask     .exe

----a-w           738,816 2008-02-24 17:59:38  C:\Program Files\QuickTime\QTTask    .exe

----a-w           738,816 2008-02-24 17:37:57  C:\Program Files\QuickTime\QTTask   .exe

----a-w           738,816 2008-02-24 16:50:46  C:\Program Files\QuickTime\QTTask  .exe

----a-w           738,816 2008-02-24 15:14:32  C:\Program Files\QuickTime\QTTask .exe

----a-w         5,367,664 2008-03-08 05:20:42  C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI .exe

----a-w           189,952 2007-02-07 05:31:46  C:\WINDOWS\wkssvr .exe

----a-w           237,568 2008-02-10 22:47:39  C:\WINDOWS\SMINST\RECGUARD .EXE

----a-w            52,736 2007-02-08 22:40:24  C:\WINDOWS\system\hpsysdrv .exe

----a-w            15,360 2008-03-06 02:08:38  C:\WINDOWS\system32\ctfmon .exe

</pre>

-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w 67,112 2006-08-01 21:35:36 C:\Program Files\AIM\bak\aim.exe
----a-w 24,080 2007-08-23 04:01:23 C:\Program Files\AIM\aim.exe

----a-w 50,736 2007-04-27 21:17:26 C:\Program Files\AIM6\bak\aim6.exe

----a-w 57,344 2002-05-22 15:57:16 C:\Program Files\AIM95\bak\aim.exe

----a-w 344,064 2006-04-05 02:05:00 C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe
----a-w 344,064 2005-08-14 12:05:00 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

----a-w 185,896 2007-03-26 03:46:16 C:\Program Files\Common Files\Real\Update_OB\bak\realsched.exe

----a-w 249,856 2005-11-10 00:29:16 C:\Program Files\Hewlett-Packard\HP Boot Optimizer\bak\HPBootOp.exe
----a-w 577,536 2008-02-08 01:29:57 C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe

----a-w 49,152 2005-02-17 14:11:42 C:\Program Files\HP\HP Software Update\bak\HPwuSchd2.exe
----a-w 377,856 2008-02-10 22:46:36 C:\Program Files\HP\HP Software Update\HPwuSchd2.exe

----a-w 1,592 2007-11-16 21:26:11 C:\Program Files\Steam\bak\ClientRegistry.blob
----a-w 335,992 2007-10-03 21:47:28 C:\Program Files\Steam\ClientRegistry.blob

----a-w 1,258,744 2007-09-01 03:07:11 C:\Program Files\Steam\bak\Steam.exe
----a-w 28,176 2007-10-03 22:02:27 C:\Program Files\Steam\Steam.exe

----a-w 29,228 2007-11-12 04:01:56 C:\Program Files\Steam\bak\Steamexe__237340__2007_11_12T4_1_52C5859.mdmp

----a-w 29,228 2007-11-16 21:26:11 C:\Program Files\Steam\bak\Steamexe__237340__2007_11_16T21_26_8C8296.mdmp

----a-w 29,228 2007-11-03 15:14:32 C:\Program Files\Steam\bak\Steamexe__237340__2007_11_3T15_14_30C8828.mdmp

----a-w 2,560,000 2007-09-13 01:33:30 C:\Program Files\Veoh Networks\Veoh\bak\VeohClient.exe
----a-w 3,252,224 2007-10-03 15:46:40 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

----a-w 237,568 2005-07-23 06:14:00 C:\WINDOWS\SMINST\bak\RECGUARD.EXE
----a-w 573,952 2008-02-11 04:42:02 C:\WINDOWS\SMINST\RECGUARD.EXE

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCDrProfiler"="" []
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask .exe" [2008-03-05 21:07 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [ ]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [ ]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Compaq Connections.lnk - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe [2006-02-22 10:39:49 36903]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-11 23:23:26 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ylbkaleq]
ylbkaleq.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-08 00:49:23
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
.
**************************************************************************
.
Completion time: 2008-03-08 0:54:51 - machine was rebooted [Compaq_Owner]
ComboFix-quarantined-files.txt 2008-03-08 05:54:28
.
2008-02-09 02:46:54 --- E O F ---

HiJackThis log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:58:56 AM, on 3/8/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: HpWebHelper - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask .exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O20 - Winlogon Notify: ylbkaleq - ylbkaleq.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 4964 bytes

sorry it took me so long to get back, my internet was out for a while so i couldn't get back here

here's the log:
Find AWF report by noahdfear ©2006
Version 1.40

The current date is: Sun 03/16/2008
The current time is: 16:40:19.53

bak folders found
~~~~~~~~~~~

Directory of C:\WINDOWS\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\AIM\BAK

08/01/2006 05:35 PM 67,112 aim.exe
1 File(s) 67,112 bytes

Directory of C:\PROGRA~1\AIM6\BAK

04/27/2007 05:17 PM 50,736 aim6.exe
1 File(s) 50,736 bytes

Directory of C:\PROGRA~1\AIM95\BAK

05/22/2002 11:57 AM 57,344 aim.exe
1 File(s) 57,344 bytes

Directory of C:\PROGRA~1\MSNMES~1\BAK

0 File(s) 0 bytes

Directory of C:\PROGRA~1\STEAM\BAK

11/16/2007 05:26 PM 1,592 ClientRegistry.blob
08/31/2007 11:07 PM 1,258,744 Steam.exe
11/12/2007 12:01 AM 29,228 Steamexe__237340__2007_11_12T4_1_52C5859.mdmp
11/16/2007 05:26 PM 29,228 Steamexe__237340__2007_11_16T21_26_8C8296.mdmp
11/03/2007 11:14 AM 29,228 Steamexe__237340__2007_11_3T15_14_30C8828.mdmp
5 File(s) 1,348,020 bytes

Directory of C:\WINDOWS\SMINST\BAK

07/23/2005 02:14 AM 237,568 RECGUARD.EXE
1 File(s) 237,568 bytes

Directory of C:\PROGRA~1\ATITEC~1\ATICON~1\BAK

04/04/2006 10:05 PM 344,064 atiptaxx.exe
1 File(s) 344,064 bytes

Directory of C:\PROGRA~1\HEWLET~1\HPBOOT~1\BAK

11/09/2005 08:29 PM 249,856 HPBootOp.exe
1 File(s) 249,856 bytes

Directory of C:\PROGRA~1\HP\HPSOFT~1\BAK

02/17/2005 10:11 AM 49,152 HPwuSchd2.exe
1 File(s) 49,152 bytes

Directory of C:\PROGRA~1\VEOHNE~1\VEOH\BAK

09/12/2007 09:33 PM 2,560,000 VeohClient.exe
1 File(s) 2,560,000 bytes

Directory of C:\PROGRA~1\COMMON~1\REAL\UPDATE~1\BAK

03/25/2007 11:46 PM 185,896 realsched.exe
1 File(s) 185,896 bytes

Duplicate files of bak directory contents
~~~~~~~~~~~~~~~~~~~~~~~

24080 Aug 23 2007 "C:\Program Files\AIM\aim.exe"
67112 Aug 1 2006 "C:\Program Files\AIM\bak\aim.exe"
57344 May 22 2002 "C:\Program Files\AIM95\bak\aim.exe"
50528 Jan 3 2008 "C:\Program Files\AIM6\aim6.exe"
50736 Apr 27 2007 "C:\Program Files\AIM6\bak\aim6.exe"
50768 Aug 28 2006 "C:\Program Files\Common Files\AOL\1161455191\ee\aim6.exe"
24080 Aug 23 2007 "C:\Program Files\AIM\aim.exe"
67112 Aug 1 2006 "C:\Program Files\AIM\bak\aim.exe"
57344 May 22 2002 "C:\Program Files\AIM95\bak\aim.exe"
225 Mar 11 2008 "C:\Program Files\Steam\ClientRegistry.blob"
1592 Nov 16 2007 "C:\Program Files\Steam\bak\ClientRegistry.blob"
3029431 Jan 2 2008 "C:\steam.exe"
1258744 Aug 31 2007 "C:\Program Files\Steam\bak\Steam.exe"
1249280 Sep 23 2006 "C:\Program Files\Valve\Steam\Steam.exe"
29228 Nov 3 2007 "C:\Program Files\Steam\bak\Steamexe__237340__2007_11_3T15_14_30C8828.mdmp"
29228 Nov 12 2007 "C:\Program Files\Steam\bak\Steamexe__237340__2007_11_12T4_1_52C5859.mdmp"
29228 Nov 16 2007 "C:\Program Files\Steam\bak\Steamexe__237340__2007_11_16T21_26_8C8296.mdmp"
573952 Feb 11 2008 "C:\WINDOWS\SMINST\RECGUARD.EXE"
237568 Jul 23 2005 "C:\WINDOWS\SMINST\bak\RECGUARD.EXE"
344064 Aug 14 2005 "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
344064 Apr 4 2006 "C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe"
249856 Nov 9 2005 "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\bak\HPBootOp.exe"
37286 Apr 1 2007 "C:\Program Files\HP\HP Software Update\HPwuSchd2.exe1175891165"
49152 Feb 17 2005 "C:\Program Files\HP\HP Software Update\bak\HPwuSchd2.exe"
3252224 Oct 3 2007 "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"
2560000 Sep 12 2007 "C:\Program Files\Veoh Networks\Veoh\bak\VeohClient.exe"
180269 Feb 22 2006 "C:\Program Files\Common Files\Real\Update_OB\realsched.exe1187841370"
185896 Mar 25 2007 "C:\Program Files\Common Files\Real\Update_OB\bak\realsched.exe"

end of report

Sorry again about how long it took :\, and all the help is greatly appreciated that you've already given :D

here's the combofix log:
ComboFix 08-03-14.4 - Compaq_Owner 2008-03-16 20:14:01.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.217 [GMT -4:00]
Running from: C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Compaq_Owner\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\22.exe
C:\Documents and Settings\Compaq_Owner\Application Data\sx.exe
C:\is9.exe
C:\WINDOWS\mrofinu1285.exe.tmp
C:\WINDOWS\system32\bmttocru.ini
C:\WINDOWS\system32\csiuloni.ini
C:\WINDOWS\system32\emcbsbik.ini
C:\WINDOWS\system32\enldmlcr.ini
C:\WINDOWS\system32\ikrvtjmh.ini
C:\WINDOWS\system32\jgyqprlr.ini
C:\WINDOWS\system32\kfjnncvu.ini
C:\WINDOWS\system32\nhrmnthc.ini
C:\WINDOWS\system32\ntcpimka.ini
C:\WINDOWS\system32\pprkuifl.ini
C:\WINDOWS\system32\pqpcnvbh.ini
C:\WINDOWS\system32\qurpshjd.ini
C:\WINDOWS\system32\rbkugrmv.ini
C:\WINDOWS\system32\RCX3E.tmp
C:\WINDOWS\system32\RCX41.tmp
C:\WINDOWS\system32\RCX44.tmp
C:\WINDOWS\system32\RCX4B.tmp
C:\WINDOWS\system32\rxfdbuje.ini
C:\WINDOWS\system32\sroikmrx.ini
C:\WINDOWS\system32\tcecreer.ini
C:\WINDOWS\system32\tdwjuhba.ini
C:\WINDOWS\system32\tthlccou.ini
C:\WINDOWS\system32\vexnjjpj.ini
C:\WINDOWS\system32\wqvpfgxw.ini
C:\WINDOWS\system32\xchqoame.ini
C:\WINDOWS\system32\xorohqel.ini
C:\WINDOWS\system32\yrhtflmr.ini
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\22.exe
C:\Documents and Settings\All Users\Application Data\SalesMon
C:\Documents and Settings\Compaq_Owner\Application Data\sx.exe
C:\Documents and Settings\Compaq_Owner\err.log
C:\is9.exe
C:\Program Files\WildTangent
C:\Program Files\WildTangent\Apps\GameChannel\Games\045C89A0-CA37-443C-8826-F750227DE69C\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\05E21449-3BA3-42BF-BBDA-95205F4EA40A\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\0BD36D37-C5D7-4B96-B64A-CB2C3A82EC4D\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\29FF6D07-4A15-41F1-9D5E-E0F3A58012C6\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\3330A279-CC39-4A17-AE19-DA464B26AD9A\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\3B3B73D1-DC4A-4780-B0E4-E823D08B3397\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\422C7575-C10D-4795-87FA-9972765379E6\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\52AEBC18-F252-4B0C-B3E1-724537D9F873\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\53474592-01BC-4338-8647-FE350957D912\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\5AF1DD17-7B06-45EF-8592-2E524E458BAB\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\63E4EC24-7173-4E1F-9C77-B4403CBCF91F\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\66195170-D19D-46C5-8FB7-8A4630071ADC\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\75528D5F-DD82-402E-BA7C-045B7DC6A712\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\85CF9BF3-1057-468C-962D-31BAABC6AC72\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\8D11F98B-4931-44F6-8FC6-971CCBBBB131\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\9448DE42-C017-4A3E-A0BB-C50BF673E9E0\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\997DD523-B925-4C73-970B-C201E8F781AD\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\9D7E7CDA-051E-4B0D-8CEE-58F41F449CF9\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\BBCBAA5D-AC5A-4098-A53E-EC60A68F38F9\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\BBE9E0F3-11F7-4424-9905-8E0153E872C1\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\BFAF1EEC-E987-415B-BCB8-80CDB0BC6CDF\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\C43D84CD-EBFC-48D3-A330-7868C8AD415A\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\C6D35CCA-3F9E-4B6E-A17F-409EE7379D6B\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\D84AC71A-75E8-4709-8BA5-4B46EAC00C5E\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\DE87FA96-7840-420C-86F9-33F3B7B3CED1\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\E1A0F769-A43A-4DDB-9F73-12791E453557\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\E618FC78-EE4F-4243-8409-078EB5E0B1F6\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\F05A08BF-E600-4FBD-A53A-3D47296B1275\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\F19E8CDF-5EFD-45E0-9FAF-66CBAE84B1D9\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\FA6A73EB-40AB-4B58-851D-3892B3C10EF6\def.dat
C:\Program Files\WildTangent\Apps\hpuninstall.exe
C:\Program Files\WildTangent\Apps\icon.ico
C:\Program Files\WildTangent\Apps\lic.exe
C:\Program Files\WildTangent\Apps\onplay.exe
C:\Program Files\WildTangent\Apps\sm_contests.ico
C:\Program Files\WildTangent\Apps\sm_wildboards.ico
C:\WINDOWS\Downloaded Program Files\USDR6_0001_D08M0404NetInstaller.exe
C:\WINDOWS\mrofinu1285.exe.tmp
C:\WINDOWS\system32\bmttocru.ini
C:\WINDOWS\system32\csiuloni.ini
C:\WINDOWS\system32\emcbsbik.ini
C:\WINDOWS\system32\enldmlcr.ini
C:\WINDOWS\system32\ikrvtjmh.ini
C:\WINDOWS\system32\jgyqprlr.ini
C:\WINDOWS\system32\kfjnncvu.ini
C:\WINDOWS\system32\nhrmnthc.ini
C:\WINDOWS\system32\ntcpimka.ini
C:\WINDOWS\system32\pprkuifl.ini
C:\WINDOWS\system32\pqpcnvbh.ini
C:\WINDOWS\system32\qurpshjd.ini
C:\WINDOWS\system32\rbkugrmv.ini
C:\WINDOWS\system32\RCX3E.tmp
C:\WINDOWS\system32\RCX41.tmp
C:\WINDOWS\system32\RCX44.tmp
C:\WINDOWS\system32\RCX4B.tmp
C:\WINDOWS\system32\rxfdbuje.ini
C:\WINDOWS\system32\sroikmrx.ini
C:\WINDOWS\system32\tcecreer.ini
C:\WINDOWS\system32\tdwjuhba.ini
C:\WINDOWS\system32\tthlccou.ini
C:\WINDOWS\system32\vexnjjpj.ini
C:\WINDOWS\system32\wqvpfgxw.ini
C:\WINDOWS\system32\xchqoame.ini
C:\WINDOWS\system32\xorohqel.ini
C:\WINDOWS\system32\yrhtflmr.ini

.
((((((((((((((((((((((((( Files Created from 2008-02-17 to 2008-03-17 )))))))))))))))))))))))))))))))
.

2008-03-12 15:30 . 2008-03-12 15:30 118 --a------ C:\WINDOWS\system32\MRT.INI
2008-03-07 20:35 . 2008-03-07 20:35 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
2008-03-07 20:28 . 2008-03-07 20:28 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-03-07 20:28 . 2008-03-07 20:28 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-04 00:38 . 2008-03-16 20:20 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-04 00:38 . 2008-03-08 10:54 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-24 14:28 . 2008-02-24 14:28 d-------- C:\Program Files\Webroot
2008-02-24 14:28 . 2008-02-24 14:28 d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2008-02-24 14:28 . 2008-02-24 14:28 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Webroot
2008-02-24 14:28 . 2008-02-24 14:28 d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2008-02-24 14:28 . 2008-01-04 21:56 1,526,640 --a------ C:\WINDOWS\WRSetup.dll
2008-02-24 14:28 . 2008-01-04 21:34 163,696 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys
2008-02-24 14:28 . 2008-01-04 21:34 23,920 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
2008-02-24 14:28 . 2008-01-04 21:34 21,872 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys
2008-02-24 14:28 . 2008-01-04 21:34 20,336 --a------ C:\WINDOWS\system32\drivers\SSFS0BB9.sys
2008-02-24 14:23 . 2008-02-24 14:25 d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2008-02-24 12:32 . 2008-02-24 12:32 d-------- C:\Program Files\Enigma Software Group
2008-02-17 23:30 . 2008-02-17 23:30 d-------- C:\WINDOWS\.jagex_cache_32

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-17 00:20 --------- d-----w C:\Program Files\Steam
2008-03-17 00:20 --------- d-----w C:\Program Files\AIM6
2008-03-17 00:20 --------- d-----w C:\Program Files\AIM
2008-03-17 00:13 --------- d-----w C:\Program Files\QuickTime
2008-03-17 00:13 --------- d-----w C:\Program Files\PC-Doctor 5 for Windows
2008-03-17 00:13 --------- d-----w C:\Program Files\iTunes
2008-03-17 00:13 --------- d-----w C:\Program Files\AIM95
2008-03-17 00:12 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-08 16:55 --------- d-----w C:\Program Files\Viewpoint
2008-03-08 16:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-03-08 16:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-03-04 02:59 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\uTorrent
2008-02-27 21:08 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\AdobeUM
2008-02-27 20:41 --------- d-----w C:\Program Files\Combined Community Codec Pack
2008-02-24 17:49 --------- d-----w C:\Program Files\Sonic
2008-02-24 15:08 --------- d-----w C:\Program Files\iPod
2008-02-17 03:07 --------- d-----w C:\Program Files\XviD
2008-02-17 02:56 --------- d-----w C:\Program Files\AVI MPEG Video Converter
2008-02-13 01:23 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer
2008-02-11 06:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-02-11 05:58 --------- d-----w C:\Program Files\Trend Micro
2008-02-09 07:14 4,128 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-02-09 07:14 2,684 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-02-09 07:14 137,248 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-02-09 07:14 1,460 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-02-09 03:35 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-09 03:34 --------- d-----w C:\Program Files\Common Files\Command Software
2008-02-09 03:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-02-09 00:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-02-08 21:20 --------- d-----w C:\Program Files\Java
2008-02-08 20:36 --------- d-----w C:\Program Files\MSXML 4.0
2008-02-08 02:43 --------- d-----w C:\Program Files\Apple Software Update
2008-02-08 02:23 --------- d-----w C:\Program Files\Google
2008-01-26 21:21 --------- d-----w C:\Program Files\World of Warcraft
2008-01-26 01:30 --------- d-----w C:\Program Files\7-Zip
2008-01-02 19:44 3,029,431 ----a-w C:\steam.exe
2007-12-20 21:51 242,136 ----a-w C:\WINDOWS\is.exe
2007-12-19 21:05 559,062 ----a-w C:\WINDOWS\zasss.exe
2007-12-19 21:02 559,062 ----a-w C:\WINDOWS\zass.exe
2007-12-19 21:01 559,062 ----a-w C:\WINDOWS\zas2.exe
2007-12-19 20:55 559,062 ----a-w C:\WINDOWS\zas.exe
2007-10-02 18:51 2,674,688 ----a-w C:\Documents and Settings\Compaq_Owner\Application Data\Steam.dll
2006-10-01 21:38 22 --sha-w C:\WINDOWS\SMINST\HPCD.sys
.

<pre>

----a-w         5,367,664 2008-03-08 05:20:42  C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI .exe

</pre>

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-03-05 22:08 15360]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2007-04-27 17:17 50736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCDrProfiler"="" []
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-03-25 23:46 185896]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-08 01:20 267048]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [ ]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Compaq Connections.lnk - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe [2006-02-22 11:39:49 36903]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 00:23:26 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Steam\\steamapps\\bboywu123@hotmail.com\\counter-strike\\hl.exe"=

R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-16 20:20:39
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\MRT.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
.
**************************************************************************
.
Completion time: 2008-03-16 20:24:26 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-17 00:24:21
ComboFix2.txt 2008-03-08 05:54:52
.
2008-03-12 19:30:21 --- E O F ---

Eset log:

# version=4
# OnlineScanner.ocx=1.0.0.635
# OnlineScannerDLLA.dll=1, 0, 0, 79
# OnlineScannerDLLW.dll=1, 0, 0, 78
# OnlineScannerUninstaller.exe=1, 0, 0, 49
# vers_standard_module=2950 (20080316)
# vers_arch_module=1.064 (20080214)
# vers_adv_heur_module=1.064 (20070717)
# EOSSerial=cf051677e5a9c243b3b549feb35066a2
# end=finished
# remove_checked=false
# unwanted_checked=true
# utc_time=2008-03-17 08:13:53
# local_time=2008-03-17 04:13:53 (-0500, Eastern Daylight Time)
# country="United States"
# osver=5.1.2600 NT Service Pack 2
# scanned=465340
# found=64
# scan_time=70744
C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\TuneUp Utilities 2007 + keygen\Keygen.exe probably a variant of Win32/IRCBot trojan F19E36FD1CC19C74FC792C137A2A87E1
C:\Documents and Settings\Compaq_Owner\My Documents\Downloads\TuneUp Utilities 2007 + keygen\Keygen.exe »RAR »Loader.exe probably a variant of Win32/IRCBot trojan 00000000000000000000000000000000
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe1175891165 Win32/TrojanDownloader.Agent.AWF trojan CC2A9E0EECC74F83CFD7ACE6B259020C
C:\Program Files\QuickTime\QTTask.exe Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000
C:\QooBox\Quarantine\catchme2008-03-08_ 04917.14.zip Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000
C:\QooBox\Quarantine\catchme2008-03-08_ 04917.14.zip »ZIP »SpySweeperUI.exe Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000
C:\QooBox\Quarantine\C\22.exe.vir Win32/TrojanDownloader.Small.IAW trojan 66061F51C9DB08A88A239CE666EB4AE1
C:\QooBox\Quarantine\C\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Program Files\iTunes\iTunesHelper.exe.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000
C:\QooBox\Quarantine\C\Program Files\QuickTime\QTTask .exe.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\ddaaab.dll.vir a variant of Win32/Adware.Virtumonde application 62C9D67737E375E9A3C43958C334CF17
C:\QooBox\Quarantine\C\WINDOWS\mrofinu1285.exe.tmp.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\CROSOF~1.NET\j?vaw.exe.vir a variant of Win32/Adware.PurityScan application C46319BA626C4E85C048B619C651C125
C:\QooBox\Quarantine\C\WINDOWS\Downloaded Program Files\USDR6_0001_D08M0404NetInstaller.exe.vir Win32/Adware.WinFixer application 75B7AE455149FB627E19FF5AC66136FF
C:\QooBox\Quarantine\C\WINDOWS\STEM~1\rundll32.exe.vir Win32/TrojanDownloader.PurityScan.CX trojan 6218EE8593007B35E6691411ED887CD8
C:\QooBox\Quarantine\C\WINDOWS\system32\alqywqkh.dll.vir Win32/Adware.Virtumonde application 2F392259415632B60D72A723BE97FE29
C:\QooBox\Quarantine\C\WINDOWS\system32\avfliqwm.dll.vir Win32/Adware.Virtumonde application CAC24EA43B647FCA46EFD9B0E32C9CA2
C:\QooBox\Quarantine\C\WINDOWS\system32\baayyhkj.dll.vir Win32/Adware.Virtumonde application 23F2783C3F86F198437DD0DCDB0C880B
C:\QooBox\Quarantine\C\WINDOWS\system32\cfqrmtbo.dll.vir Win32/Adware.Virtumonde application 395A2365D7BD1EE9ED1419673FD02ECC
C:\QooBox\Quarantine\C\WINDOWS\system32\ctfmon.exe.tmp.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\system32\dvifotjb.dll.vir Win32/Adware.AdMedia application CF0A0D83ED7D9248B0066839E767BDE3
C:\QooBox\Quarantine\C\WINDOWS\system32\erdgvdxe.dll.vir Win32/Adware.Virtumonde application 8DCA75B7905A5362A3C155913BDBF25D
C:\QooBox\Quarantine\C\WINDOWS\system32\evndcvcm.dll.vir Win32/BHO.NCC trojan B72E5E2C03D1C5F3D2AB14CD71387DE3
C:\QooBox\Quarantine\C\WINDOWS\system32\faypimal.dll.vir Win32/BHO.NCC trojan 50B02319E0E97C8F5E67C0BC9950541A
C:\QooBox\Quarantine\C\WINDOWS\system32\glyraphp.dll.vir Win32/BHO.NCC trojan BA2AAFD6CD5F14DB1B4F612C6C74CA9E
C:\QooBox\Quarantine\C\WINDOWS\system32\grpwxodq.dll.vir Win32/BHO.NCC trojan 233BF53133289255837C857A6E49542B
C:\QooBox\Quarantine\C\WINDOWS\system32\hpxgbwth.dll.vir Win32/BHO.NCC trojan 50B02319E0E97C8F5E67C0BC9950541A
C:\QooBox\Quarantine\C\WINDOWS\system32\ivjcswrs.dll.vir Win32/Adware.AdMedia application CF0A0D83ED7D9248B0066839E767BDE3
C:\QooBox\Quarantine\C\WINDOWS\system32\iwwfkjdv.dll.vir Win32/Adware.Virtumonde application 23F2783C3F86F198437DD0DCDB0C880B
C:\QooBox\Quarantine\C\WINDOWS\system32\jipjcufq.dll.vir Win32/Adware.Virtumonde application 158644BAE826A56445C708A8A4AF7061
C:\QooBox\Quarantine\C\WINDOWS\system32\luflcnyc.dll.vir Win32/BHO.NCC trojan 233BF53133289255837C857A6E49542B
C:\QooBox\Quarantine\C\WINDOWS\system32\maogjxyx.dll.vir Win32/Adware.Virtumonde application 90DE8B558E1A49FDAA10813E2A576238
C:\QooBox\Quarantine\C\WINDOWS\system32\mrtkaeaw.dll.vir Win32/Adware.Virtumonde application 23F2783C3F86F198437DD0DCDB0C880B
C:\QooBox\Quarantine\C\WINDOWS\system32\nvktngwg.dll.vir Win32/Adware.Virtumonde application BD64C0C5EC7FC9B74069F34AEA36C73B
C:\QooBox\Quarantine\C\WINDOWS\system32\nyossclw.dll.vir Win32/Adware.Virtumonde application 395A2365D7BD1EE9ED1419673FD02ECC
C:\QooBox\Quarantine\C\WINDOWS\system32\otwgsawm.dll.vir Win32/Adware.AdMedia application CF0A0D83ED7D9248B0066839E767BDE3
C:\QooBox\Quarantine\C\WINDOWS\system32\pihkcnjr.dll.vir Win32/Adware.Virtumonde application E9046DD8F0B41A1EAA8F01C670DC2DC8
C:\QooBox\Quarantine\C\WINDOWS\system32\pyyobvbc.dll.vir Win32/Adware.Virtumonde application 4FE20657273CB08A6F122DD8FC70FDB6
C:\QooBox\Quarantine\C\WINDOWS\system32\qqxqefbe.dll.vir Win32/Adware.AdMedia application CF0A0D83ED7D9248B0066839E767BDE3
C:\QooBox\Quarantine\C\WINDOWS\system32\RCX3E.tmp.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\system32\RCX41.tmp.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\system32\RCX44.tmp.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\system32\RCX4B.tmp.vir Win32/TrojanDropper.Agent.DGO virus 00000000000000000000000000000000
C:\QooBox\Quarantine\C\WINDOWS\system32\rgeaayhf.dll.vir Win32/BHO.NCC trojan C07C0EC91D1135F832B5096730F732CA
C:\QooBox\Quarantine\C\WINDOWS\system32\rytpmmwj.dll.vir Win32/Adware.Virtumonde application F49336BA2A1B7B888ECEA6CBABD27DBB
C:\QooBox\Quarantine\C\WINDOWS\system32\system.exe.vir a variant of Win32/Rbot trojan 76B26527E2F56F4A59E59493D0E3EF84
C:\QooBox\Quarantine\C\WINDOWS\system32\thylfnwu.dll.vir Win32/Adware.AdMedia application CF0A0D83ED7D9248B0066839E767BDE3
C:\QooBox\Quarantine\C\WINDOWS\system32\ufrftlgk.dll.vir Win32/Adware.Virtumonde application F49336BA2A1B7B888ECEA6CBABD27DBB
C:\QooBox\Quarantine\C\WINDOWS\system32\uogjvymh.dll.vir Win32/Adware.AdMedia application CF0A0D83ED7D9248B0066839E767BDE3
C:\QooBox\Quarantine\C\WINDOWS\system32\uwvsluhw.dll.vir Win32/BHO.NCC trojan ED2A95C061EB39E67956DFF9DCD69C53
C:\QooBox\Quarantine\C\WINDOWS\system32\widgskub.dll.vir Win32/BHO.NCC trojan D8935EEE0D775EEA5F9D79C589665B71
C:\QooBox\Quarantine\C\WINDOWS\system32\wpyrdevm.dll.vir Win32/Adware.SecToolbar application 0A1AE5EA30870419BDA034591D06E135
C:\QooBox\Quarantine\C\WINDOWS\system32\xdpjllhy.dll.vir Win32/Adware.AdMedia application CF0A0D83ED7D9248B0066839E767BDE3
C:\QooBox\Quarantine\C\WINDOWS\system32\xdqrprov.dll.vir Win32/Adware.AdMedia application 80C11B78524CC2563049CE02FD4A796A
C:\QooBox\Quarantine\C\WINDOWS\system32\xwuhxxny.dll.vir Win32/Adware.AdMedia application CF0A0D83ED7D9248B0066839E767BDE3
C:\QooBox\Quarantine\C\WINDOWS\system32\ylumvmjs.dll.vir Win32/Adware.AdMedia application CF0A0D83ED7D9248B0066839E767BDE3
C:\QooBox\Quarantine\C\WINDOWS\system32\yudjrchd.dll.vir Win32/BHO.NCC trojan 233BF53133289255837C857A6E49542B
C:\RECYCLER\S-1-5-21-3874938436-2547159655-1528358104-1009\Dc57.8\VirusProtect 3.8.exe Win32/Adware.VirusProtectPro application 9FEE3C104C96AB567E84B9F56D3731A5
C:\RECYCLER\S-1-5-21-3874938436-2547159655-1528358104-1009\Dc67\bin\crap.1191449408.old probably a variant of Win32/TrojanDropper.Agent trojan 6FAB1437EE102254F4009FD0726424B9
C:\RECYCLER\S-1-5-21-3874938436-2547159655-1528358104-1009\Dc67\bin\crap.1192575766.old probably a variant of Win32/TrojanClicker.Agent trojan C1EE9137236415676CB5992DC0DB82ED
C:\WINDOWS\wkssvr.exe probably a variant of Win32/IRCBot trojan 39D05436D9F485897F8EEE46CCBF0F6C
C:\WINDOWS\Downloaded Program Files\amm06.ocx probably a variant of Win32/Adware.Agent application 9A2BDD7E97C9F1272208B385C40AB180
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USDR6_0001_D08M0404NetInstaller.exe Win32/Adware.WinFixer application 75B7AE455149FB627E19FF5AC66136FF

HJT log:

ComboFix 08-03-14.4 - Compaq_Owner 2008-03-16 20:14:01.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.217 [GMT -4:00]
Running from: C:\Documents and Settings\Compaq_Owner\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Compaq_Owner\Desktop\CFScript.txt
* Created a new restore point

FILE ::
C:\22.exe
C:\Documents and Settings\Compaq_Owner\Application Data\sx.exe
C:\is9.exe
C:\WINDOWS\mrofinu1285.exe.tmp
C:\WINDOWS\system32\bmttocru.ini
C:\WINDOWS\system32\csiuloni.ini
C:\WINDOWS\system32\emcbsbik.ini
C:\WINDOWS\system32\enldmlcr.ini
C:\WINDOWS\system32\ikrvtjmh.ini
C:\WINDOWS\system32\jgyqprlr.ini
C:\WINDOWS\system32\kfjnncvu.ini
C:\WINDOWS\system32\nhrmnthc.ini
C:\WINDOWS\system32\ntcpimka.ini
C:\WINDOWS\system32\pprkuifl.ini
C:\WINDOWS\system32\pqpcnvbh.ini
C:\WINDOWS\system32\qurpshjd.ini
C:\WINDOWS\system32\rbkugrmv.ini
C:\WINDOWS\system32\RCX3E.tmp
C:\WINDOWS\system32\RCX41.tmp
C:\WINDOWS\system32\RCX44.tmp
C:\WINDOWS\system32\RCX4B.tmp
C:\WINDOWS\system32\rxfdbuje.ini
C:\WINDOWS\system32\sroikmrx.ini
C:\WINDOWS\system32\tcecreer.ini
C:\WINDOWS\system32\tdwjuhba.ini
C:\WINDOWS\system32\tthlccou.ini
C:\WINDOWS\system32\vexnjjpj.ini
C:\WINDOWS\system32\wqvpfgxw.ini
C:\WINDOWS\system32\xchqoame.ini
C:\WINDOWS\system32\xorohqel.ini
C:\WINDOWS\system32\yrhtflmr.ini
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\22.exe
C:\Documents and Settings\All Users\Application Data\SalesMon
C:\Documents and Settings\Compaq_Owner\Application Data\sx.exe
C:\Documents and Settings\Compaq_Owner\err.log
C:\is9.exe
C:\Program Files\WildTangent
C:\Program Files\WildTangent\Apps\GameChannel\Games\045C89A0-CA37-443C-8826-F750227DE69C\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\05E21449-3BA3-42BF-BBDA-95205F4EA40A\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\0BD36D37-C5D7-4B96-B64A-CB2C3A82EC4D\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\29FF6D07-4A15-41F1-9D5E-E0F3A58012C6\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\3330A279-CC39-4A17-AE19-DA464B26AD9A\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\3B3B73D1-DC4A-4780-B0E4-E823D08B3397\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\422C7575-C10D-4795-87FA-9972765379E6\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\52AEBC18-F252-4B0C-B3E1-724537D9F873\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\53474592-01BC-4338-8647-FE350957D912\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\5AF1DD17-7B06-45EF-8592-2E524E458BAB\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\63E4EC24-7173-4E1F-9C77-B4403CBCF91F\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\66195170-D19D-46C5-8FB7-8A4630071ADC\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\75528D5F-DD82-402E-BA7C-045B7DC6A712\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\85CF9BF3-1057-468C-962D-31BAABC6AC72\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\8D11F98B-4931-44F6-8FC6-971CCBBBB131\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\9448DE42-C017-4A3E-A0BB-C50BF673E9E0\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\997DD523-B925-4C73-970B-C201E8F781AD\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\9D7E7CDA-051E-4B0D-8CEE-58F41F449CF9\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\BBCBAA5D-AC5A-4098-A53E-EC60A68F38F9\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\BBE9E0F3-11F7-4424-9905-8E0153E872C1\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\BFAF1EEC-E987-415B-BCB8-80CDB0BC6CDF\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\C43D84CD-EBFC-48D3-A330-7868C8AD415A\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\C6D35CCA-3F9E-4B6E-A17F-409EE7379D6B\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\D84AC71A-75E8-4709-8BA5-4B46EAC00C5E\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\DE87FA96-7840-420C-86F9-33F3B7B3CED1\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\E1A0F769-A43A-4DDB-9F73-12791E453557\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\E618FC78-EE4F-4243-8409-078EB5E0B1F6\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\F05A08BF-E600-4FBD-A53A-3D47296B1275\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\F19E8CDF-5EFD-45E0-9FAF-66CBAE84B1D9\def.dat
C:\Program Files\WildTangent\Apps\GameChannel\Games\FA6A73EB-40AB-4B58-851D-3892B3C10EF6\def.dat
C:\Program Files\WildTangent\Apps\hpuninstall.exe
C:\Program Files\WildTangent\Apps\icon.ico
C:\Program Files\WildTangent\Apps\lic.exe
C:\Program Files\WildTangent\Apps\onplay.exe
C:\Program Files\WildTangent\Apps\sm_contests.ico
C:\Program Files\WildTangent\Apps\sm_wildboards.ico
C:\WINDOWS\Downloaded Program Files\USDR6_0001_D08M0404NetInstaller.exe
C:\WINDOWS\mrofinu1285.exe.tmp
C:\WINDOWS\system32\bmttocru.ini
C:\WINDOWS\system32\csiuloni.ini
C:\WINDOWS\system32\emcbsbik.ini
C:\WINDOWS\system32\enldmlcr.ini
C:\WINDOWS\system32\ikrvtjmh.ini
C:\WINDOWS\system32\jgyqprlr.ini
C:\WINDOWS\system32\kfjnncvu.ini
C:\WINDOWS\system32\nhrmnthc.ini
C:\WINDOWS\system32\ntcpimka.ini
C:\WINDOWS\system32\pprkuifl.ini
C:\WINDOWS\system32\pqpcnvbh.ini
C:\WINDOWS\system32\qurpshjd.ini
C:\WINDOWS\system32\rbkugrmv.ini
C:\WINDOWS\system32\RCX3E.tmp
C:\WINDOWS\system32\RCX41.tmp
C:\WINDOWS\system32\RCX44.tmp
C:\WINDOWS\system32\RCX4B.tmp
C:\WINDOWS\system32\rxfdbuje.ini
C:\WINDOWS\system32\sroikmrx.ini
C:\WINDOWS\system32\tcecreer.ini
C:\WINDOWS\system32\tdwjuhba.ini
C:\WINDOWS\system32\tthlccou.ini
C:\WINDOWS\system32\vexnjjpj.ini
C:\WINDOWS\system32\wqvpfgxw.ini
C:\WINDOWS\system32\xchqoame.ini
C:\WINDOWS\system32\xorohqel.ini
C:\WINDOWS\system32\yrhtflmr.ini

.
((((((((((((((((((((((((( Files Created from 2008-02-17 to 2008-03-17 )))))))))))))))))))))))))))))))
.

2008-03-12 15:30 . 2008-03-12 15:30 118 --a------ C:\WINDOWS\system32\MRT.INI
2008-03-07 20:35 . 2008-03-07 20:35 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
2008-03-07 20:28 . 2008-03-07 20:28 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-03-07 20:28 . 2008-03-07 20:28 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-03-04 00:38 . 2008-03-16 20:20 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-04 00:38 . 2008-03-08 10:54 1,409 --a------ C:\WINDOWS\QTFont.for
2008-02-24 14:28 . 2008-02-24 14:28 d-------- C:\Program Files\Webroot
2008-02-24 14:28 . 2008-02-24 14:28 d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
2008-02-24 14:28 . 2008-02-24 14:28 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Webroot
2008-02-24 14:28 . 2008-02-24 14:28 d-------- C:\Documents and Settings\All Users\Application Data\Webroot
2008-02-24 14:28 . 2008-01-04 21:56 1,526,640 --a------ C:\WINDOWS\WRSetup.dll
2008-02-24 14:28 . 2008-01-04 21:34 163,696 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys
2008-02-24 14:28 . 2008-01-04 21:34 23,920 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
2008-02-24 14:28 . 2008-01-04 21:34 21,872 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys
2008-02-24 14:28 . 2008-01-04 21:34 20,336 --a------ C:\WINDOWS\system32\drivers\SSFS0BB9.sys
2008-02-24 14:23 . 2008-02-24 14:25 d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2008-02-24 12:32 . 2008-02-24 12:32 d-------- C:\Program Files\Enigma Software Group
2008-02-17 23:30 . 2008-02-17 23:30 d-------- C:\WINDOWS\.jagex_cache_32

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-17 00:20 --------- d-----w C:\Program Files\Steam
2008-03-17 00:20 --------- d-----w C:\Program Files\AIM6
2008-03-17 00:20 --------- d-----w C:\Program Files\AIM
2008-03-17 00:13 --------- d-----w C:\Program Files\QuickTime
2008-03-17 00:13 --------- d-----w C:\Program Files\PC-Doctor 5 for Windows
2008-03-17 00:13 --------- d-----w C:\Program Files\iTunes
2008-03-17 00:13 --------- d-----w C:\Program Files\AIM95
2008-03-17 00:12 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-08 16:55 --------- d-----w C:\Program Files\Viewpoint
2008-03-08 16:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-03-08 16:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2008-03-04 02:59 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\uTorrent
2008-02-27 21:08 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\AdobeUM
2008-02-27 20:41 --------- d-----w C:\Program Files\Combined Community Codec Pack
2008-02-24 17:49 --------- d-----w C:\Program Files\Sonic
2008-02-24 15:08 --------- d-----w C:\Program Files\iPod
2008-02-17 03:07 --------- d-----w C:\Program Files\XviD
2008-02-17 02:56 --------- d-----w C:\Program Files\AVI MPEG Video Converter
2008-02-13 01:23 --------- d-----w C:\Documents and Settings\Compaq_Owner\Application Data\Apple Computer
2008-02-11 06:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-02-11 05:58 --------- d-----w C:\Program Files\Trend Micro
2008-02-09 07:14 4,128 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-02-09 07:14 2,684 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-02-09 07:14 137,248 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-02-09 07:14 1,460 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-02-09 03:35 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-09 03:34 --------- d-----w C:\Program Files\Common Files\Command Software
2008-02-09 03:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-02-09 00:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-02-08 21:20 --------- d-----w C:\Program Files\Java
2008-02-08 20:36 --------- d-----w C:\Program Files\MSXML 4.0
2008-02-08 02:43 --------- d-----w C:\Program Files\Apple Software Update
2008-02-08 02:23 --------- d-----w C:\Program Files\Google
2008-01-26 21:21 --------- d-----w C:\Program Files\World of Warcraft
2008-01-26 01:30 --------- d-----w C:\Program Files\7-Zip
2008-01-02 19:44 3,029,431 ----a-w C:\steam.exe
2007-12-20 21:51 242,136 ----a-w C:\WINDOWS\is.exe
2007-12-19 21:05 559,062 ----a-w C:\WINDOWS\zasss.exe
2007-12-19 21:02 559,062 ----a-w C:\WINDOWS\zass.exe
2007-12-19 21:01 559,062 ----a-w C:\WINDOWS\zas2.exe
2007-12-19 20:55 559,062 ----a-w C:\WINDOWS\zas.exe
2007-10-02 18:51 2,674,688 ----a-w C:\Documents and Settings\Compaq_Owner\Application Data\Steam.dll
2006-10-01 21:38 22 --sha-w C:\WINDOWS\SMINST\HPCD.sys
.

<pre>

----a-w         5,367,664 2008-03-08 05:20:42  C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI .exe

</pre>

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-03-05 22:08 15360]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2007-04-27 17:17 50736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCDrProfiler"="" []
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-03-25 23:46 185896]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-08 01:20 267048]
"SpySweeper"="C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" [ ]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Compaq Connections.lnk - C:\Program Files\Compaq Connections\5577497\Program\Compaq Connections.exe [2006-02-22 11:39:49 36903]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 00:23:26 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Compaq Connections\\5577497\\Program\\Compaq Connections.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Steam\\steamapps\\bboywu123@hotmail.com\\counter-strike\\hl.exe"=

R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-16 20:20:39
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\MRT.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
.
**************************************************************************
.
Completion time: 2008-03-16 20:24:26 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-17 00:24:21
ComboFix2.txt 2008-03-08 05:54:52
.
2008-03-12 19:30:21 --- E O F ---