got rid of the few things on hjt and tried to install MBA-M but when i try to install it does nothing so im running the online scanner and i will post the log when its done.

ok here are the logs:
HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:51:33 PM, on 6/23/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Documents and Settings\Paul\My Documents\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rowclan.net/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_13\bin\ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_13\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_13\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1235679700293
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15034/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD10EBEF-DD5D-4A51-BEC8-18C88B0A5203}: NameServer = 216.145.243.22 209.242.0.2
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe

--
End of file - 5771 bytes

online scanner

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=6
# iexplore.exe=6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
# OnlineScanner.ocx=1.0.0.5863
# api_version=3.0.2
# EOSSerial=ca543a938a12174a93bc299b7dd604fc
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2009-06-23 07:49:23
# local_time=2009-06-23 02:49:23 (-0600, Central Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=2054 21 100 98 31426250000
# scanned=132386
# found=7
# cleaned=7
# scan_time=2456
C:\Documents and Settings\Paul\Local Settings\Temp\eoxwrancms.tmp Win32/TrojanClicker.Punad.AA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000
C:\Documents and Settings\Paul\Local Settings\Temp\incosnet.tmp a variant of Win32/Kryptik.VE trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000
C:\Documents and Settings\Paul\Local Settings\Temp\prun.tmp Win32/TrojanClicker.Punad.AA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000
C:\Documents and Settings\Paul\Local Settings\Temp\qdnnosexfy.tmp a variant of Win32/Kryptik.VE trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000
C:\Program Files\EGLAC\EGLAC.exe probably unknown NewHeur_PE virus (deleted - quarantined) 00000000000000000000000000000000
C:\Program Files\Oxin's Style!\Everlust\Oxin's Style!\Binaries\3DSexVilla2-051.001.exe a variant of Win32/Packed.Themida application (cleaned by deleting - quarantined) 00000000000000000000000000000000
C:\WINDOWS\system32\net.net Win32/TrojanClicker.Punad.AA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000

got MBA-M installed and ran in, then for the past hour or 2 have been trying to get back into normal windows.It kept crashing every time i tried to start it then i went in to safe mode and started backing up stuff and decided to try 1 last time.It got to the welcome screen then had an error and took forever to start but finally did then said cannot find c:\program. But at least its working again now. here is the log:

Malwarebytes' Anti-Malware 1.38
Database version: 2326
Windows 5.1.2600 Service Pack 2

6/23/2009 4:56:07 PM
mbam-log-2009-06-23 (16-56-07).txt

Scan type: Full Scan (C:\|E:\|)
Objects scanned: 229050
Time elapsed: 28 minute(s), 59 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:26:15 PM, on 6/24/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Paul\My Documents\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rowclan.net/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_13\bin\ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_13\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_13\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1235679700293
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15034/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD10EBEF-DD5D-4A51-BEC8-18C88B0A5203}: NameServer = 216.145.243.22 209.242.0.2
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe

--
End of file - 6131 bytes

Wanted to make sure everything was working for a few days before i posted and seems like its working alot better only thing that was weird was it crashed the one time on restart but has been fine since.

Thank you very much for the help, Paul.

I figured i would run MBA-M again and the uacinit.dll file is back and it cant seem to delete it on reboot. Here is the log:
Malwarebytes' Anti-Malware 1.38
Database version: 2326
Windows 5.1.2600 Service Pack 2

6/29/2009 10:05:43 AM
mbam-log-2009-06-29 (10-05-43).txt

Scan type: Full Scan (C:\|)
Objects scanned: 224446
Time elapsed: 24 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
\\?\globalroot\systemroot\system32\UACwvgkialmtjlptwp.dll (Trojan.TDSS) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\UAC (Rootkit.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
\\?\globalroot\systemroot\system32\UACwvgkialmtjlptwp.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uacinit.dll (Trojan.Agent) -> Delete on reboot.

here is a HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:55:28 AM, on 6/29/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Documents and Settings\Paul\My Documents\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rowclan.net/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_13\bin\ssv.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WD Drive Manager] C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\paul\paul.exe" /runcleanupscript
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_13\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_13\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1235679700293
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V02002/ocx/15034/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{BD10EBEF-DD5D-4A51-BEC8-18C88B0A5203}: NameServer = 216.145.243.22 209.242.0.2
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: WD Drive Manager Service (WDBtnMgrSvc.exe) - WDC - C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe

--
End of file - 6738 bytes

Ran combofix here is the log:

ComboFix 09-06-29.07 - Paul 06/30/2009 22:22.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.2046.1619 [GMT -5:00]
Running from: c:\documents and settings\Paul\Desktop\yeah.exe
AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: BitDefender Firewall *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\21029.exe
c:\windows\system32\drivers\UACopuneiqawwgroej.sys
c:\windows\system32\UACacnbdymdtpjlgju.dll
c:\windows\system32\UAChlmxcuorlxuedxx.dll
c:\windows\system32\uacinit.dll
c:\windows\system32\UACkbdmxmhkeyspfvy.log
c:\windows\system32\UACkgxekubkaovpjdn.log
c:\windows\system32\UACltahurhkllrnupt.db
c:\windows\system32\UACqaunhqfpqakjtoi.dll
c:\windows\system32\UACsmlnlufobhaavak.dll
c:\windows\system32\uactmp.db
c:\windows\system32\UACugkwvwvnotsodad.log
c:\windows\system32\UACuhsvsggbukjmbwd.dat
c:\windows\system32\UACvyoylpkxykqavkv.dll
c:\windows\system32\UACwvgkialmtjlptwp.dll
E:\autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_UACd.sys

((((((((((((((((((((((((( Files Created from 2009-06-01 to 2009-07-01 )))))))))))))))))))))))))))))))
.

2009-07-01 00:55 . 2009-03-09 20:27 453456 ----a-w- c:\windows\system32\d3dx10_41.dll
2009-07-01 00:55 . 2009-03-09 20:27 1846632 ----a-w- c:\windows\system32\D3DCompiler_41.dll
2009-07-01 00:55 . 2009-03-16 19:18 69448 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2009-07-01 00:55 . 2009-03-16 19:18 517448 ----a-w- c:\windows\system32\XAudio2_4.dll
2009-07-01 00:55 . 2009-03-16 19:18 235352 ----a-w- c:\windows\system32\xactengine3_4.dll
2009-07-01 00:55 . 2009-03-16 19:18 22360 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2009-07-01 00:55 . 2009-03-09 20:27 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll
2009-06-29 18:04 . 2009-06-29 18:04 -------- d-----w- c:\program files\Microsoft
2009-06-29 18:03 . 2009-06-29 18:02 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-29 18:01 . 2009-06-29 18:01 152576 ----a-w- c:\documents and settings\Paul\Application Data\Sun\Java\jre1.6.0_14\lzma.dll
2009-06-29 17:43 . 2009-06-29 17:53 152576 ----a-w- c:\documents and settings\Paul\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-06-29 01:49 . 2009-06-29 01:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard
2009-06-29 00:18 . 2009-07-01 01:25 -------- d-----w- c:\program files\World of Warcraft
2009-06-23 23:15 . 2009-06-23 23:15 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-06-23 20:56 . 2009-06-23 20:56 -------- d-----w- c:\documents and settings\Paul\Application Data\Malwarebytes
2009-06-23 20:53 . 2009-06-17 16:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-23 20:53 . 2009-06-23 20:56 -------- d-----w- c:\program files\paul
2009-06-23 20:53 . 2009-06-23 20:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-23 20:53 . 2009-06-17 16:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-23 19:02 . 2009-06-23 19:02 -------- d-----w- c:\program files\ESET
2009-06-22 01:04 . 2009-06-22 03:36 -------- d--h--w- C:\$AVG8.VAULT$
2009-06-21 01:24 . 2009-06-21 01:24 -------- d-----w- c:\documents and settings\Paul\Application Data\Software Informer
2009-06-18 01:51 . 2009-06-22 02:46 -------- d-----w- c:\documents and settings\All Users\Application Data\12811564
2009-06-18 01:51 . 2009-06-18 02:20 -------- d-----w- c:\documents and settings\All Users\Application Data\92821556
2009-06-18 01:04 . 2009-06-18 01:05 -------- d-----w- c:\documents and settings\Paul\Application Data\PeaZip
2009-06-18 01:03 . 2009-06-18 01:03 -------- d-----w- c:\program files\PeaZip
2009-06-11 22:29 . 2009-06-11 22:29 41808 ----a-w- c:\windows\system32\xfcodec.dll
2009-06-10 13:28 . 2009-06-10 13:28 3510272 ----a-w- c:\windows\system32\nvgames.dll
2009-06-10 13:28 . 2009-06-10 13:28 4022272 ----a-w- c:\windows\system32\nvdisps.dll
2009-06-10 13:28 . 2009-06-10 13:28 86016 ----a-w- c:\windows\system32\nvmctray.dll
2009-06-10 13:28 . 2009-06-10 13:28 143360 ----a-w- c:\windows\system32\nvcolor.exe
2009-06-10 13:28 . 2007-05-11 11:03 8429568 ----a-w- c:\windows\system32\nvcpl.dll
2009-06-10 13:28 . 2007-05-11 11:03 163908 ----a-w- c:\windows\system32\nvsvc32.exe
2009-06-10 13:28 . 2009-06-10 13:28 229376 ----a-w- c:\windows\system32\nvmccs.dll
2009-06-10 11:03 . 2009-06-10 11:03 671744 ----a-w- c:\windows\system32\nvcuvid.dll
2009-06-10 11:03 . 2009-06-10 11:03 1580550 ----a-w- c:\windows\system32\nvdata.bin
2009-06-10 11:03 . 2009-06-10 11:03 1310720 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-06-06 08:08 . 2009-06-06 08:08 -------- d-----w- c:\windows\system32\wbem\Repository
2009-06-06 08:05 . 2009-06-06 08:05 -------- d-----w- c:\documents and settings\Paul\Local Settings\Application Data\Google
2009-06-06 07:49 . 2009-06-06 08:05 -------- d-----w- c:\documents and settings\Paul\Application Data\BitDefender(3)

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-01 03:20 . 2007-12-08 17:46 -------- d-----w- c:\program files\Xfire
2009-07-01 01:47 . 2007-12-08 17:46 -------- d-----w- c:\documents and settings\Paul\Application Data\Xfire
2009-07-01 01:20 . 2007-10-11 23:53 81984 -c--a-w- c:\windows\system32\bdod.bin
2009-07-01 01:19 . 2007-10-12 00:07 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-07-01 01:18 . 2007-10-12 00:07 -------- d-----w- c:\program files\AGEIA Technologies
2009-06-29 18:02 . 2007-10-18 18:38 -------- d-----w- c:\program files\Java
2009-06-29 01:44 . 2007-10-28 02:13 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-06-29 01:43 . 2007-11-08 23:33 138920 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-06-29 01:43 . 2007-11-08 23:32 189072 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-06-26 02:44 . 2009-01-03 22:27 -------- d-----w- c:\program files\CoD RconTool
2009-06-24 18:28 . 2009-03-19 04:13 -------- d-----w- c:\program files\Feudalism2_at
2009-06-23 19:28 . 2008-11-02 04:05 -------- d-----w- c:\program files\EGLAC
2009-06-22 23:47 . 2007-10-14 20:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Viewpoint
2009-06-22 03:24 . 2009-01-28 16:38 -------- d-----w- c:\program files\Bonjour
2009-06-21 01:24 . 2008-12-22 21:39 -------- d-----w- c:\documents and settings\Paul\Application Data\IObit
2009-06-21 01:22 . 2008-05-09 02:55 -------- d-----w- c:\program files\RivaTuner v2.09
2009-06-21 01:22 . 2008-01-26 20:59 -------- d-----w- c:\program files\Rigs of Rods 0.34
2009-06-21 01:22 . 2008-01-11 01:34 -------- d-----w- c:\documents and settings\Paul\Application Data\Ventrilo
2009-06-21 01:22 . 2007-10-14 20:25 -------- d-----w- c:\program files\AIM6
2009-06-21 01:22 . 2007-10-13 21:11 -------- d-----w- c:\program files\Rigs Of Rods Vehicle Editor
2009-06-10 11:03 . 2008-03-04 16:02 1720320 ----a-w- c:\windows\system32\nvcuda.dll
2009-06-10 11:03 . 2007-10-11 19:26 457248 -c--a-w- c:\windows\system32\nvudisp.exe
2009-06-10 11:03 . 2007-06-28 16:43 9998336 ----a-w- c:\windows\system32\nvoglnt.dll
2009-06-10 11:03 . 2007-06-28 16:43 815104 ----a-w- c:\windows\system32\nvapi.dll
2009-06-10 11:03 . 2007-06-28 16:43 8087712 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-06-10 11:03 . 2007-06-28 16:43 5908608 ----a-w- c:\windows\system32\nv4_disp.dll
2009-06-10 11:03 . 2007-06-28 16:43 151552 ----a-w- c:\windows\system32\nvcodins.dll
2009-06-10 11:03 . 2007-06-28 16:43 151552 ----a-w- c:\windows\system32\nvcod.dll
2009-06-06 08:08 . 2007-10-11 18:48 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-06 08:08 . 2009-04-22 00:04 -------- d-----w- c:\program files\Apple Software Update
2009-06-06 08:08 . 2007-11-28 02:22 -------- d-----w- c:\program files\QuickTime
2009-06-06 08:08 . 2009-04-22 00:05 -------- d-----w- c:\program files\iPod
2009-06-06 08:08 . 2009-04-22 00:05 -------- d-----w- c:\program files\iTunes
2009-06-06 08:08 . 2009-04-22 19:03 -------- d-----w- c:\program files\Rockstar Games(2)
2009-06-06 08:07 . 2009-05-27 00:10 -------- d-----w- c:\program files\LucasArts(2)
2009-06-06 08:05 . 2009-04-08 00:00 -------- d-----w- c:\documents and settings\Paul\Application Data\BitDefender
2009-06-06 08:05 . 2007-10-11 23:53 -------- d-----w- c:\program files\BitDefender
2009-06-06 08:05 . 2007-10-11 23:52 -------- d-----w- c:\program files\Common Files\BitDefender
2009-06-06 07:49 . 2009-03-04 03:24 -------- d-----w- c:\program files\Windows Desktop Search
2009-06-06 07:49 . 2007-10-19 04:04 -------- d-----w- c:\program files\Google
2009-06-06 07:46 . 2007-10-11 18:45 -------- d-----w- c:\program files\Common Files\InstallShield
2009-06-04 21:39 . 2007-10-11 18:45 457248 -c--a-w- c:\windows\system32\NVUNINST.EXE
2009-05-18 20:50 . 2009-05-18 20:50 -------- d-----w- c:\program files\Gamepitstop.ru
2009-05-13 21:58 . 2009-05-13 21:58 -------- d-----w- c:\program files\Firefly Studios
2009-05-06 02:54 . 2009-04-22 00:05 -------- d-----w- c:\documents and settings\Paul\Application Data\Apple Computer
2009-04-28 14:55 . 2009-04-28 14:55 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
2009-04-20 02:30 . 2009-04-20 02:30 132 ----a-w- C:\httpdwl.dat
2009-04-07 15:50 . 2009-04-07 15:50 288024 ----a-w- c:\windows\system32\PhysXCplUI.exe
2009-04-07 15:50 . 2009-04-07 15:50 288024 ----a-w- c:\windows\system32\PhysXCompatCplUI.exe
2009-03-05 23:08 . 2009-04-08 00:04 49664 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2007-12-13 2051096]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2007-12-13 2095640]
"WD Drive Manager"="c:\program files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe" [2008-05-16 430080]
"BDAgent"="c:\program files\BitDefender\BitDefender 2009\bdagent.exe" [2009-06-06 778240]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2009\IEShow.exe" [2009-02-23 69632]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-29 148888]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-05-11 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-06-10 86016]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-06-10 1657376]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\UnrealTournament\\System\\UnrealTournament.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaW.exe"=
"c:\\Program Files\\Activision\\Call of Duty - World at War\\CoDWaWmp.exe"=

R2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [10/6/2008 6:16 PM 82696]
R2 WDBtnMgrSvc.exe;WD Drive Manager Service;c:\program files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [5/16/2008 6:12 PM 102400]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [9/18/2008 12:09 PM 111112]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\drivers\bdfndisf.sys [2/12/2009 4:52 PM 104328]
S2 bdzh;bdzh;c:\windows\system32\drivers\nyzk.sys --> c:\windows\system32\drivers\nyzk.sys [?]
S2 wlaq;wlaq;c:\windows\system32\drivers\ncxoddfj.sys --> c:\windows\system32\drivers\ncxoddfj.sys [?]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [1/20/2009 7:16 PM 172032]
S3 chdrvr01;CH Control Manager Driver 1;c:\windows\system32\DRIVERS\chdrvr01.sys --> c:\windows\system32\DRIVERS\chdrvr01.sys [?]
S3 chdrvr03;CH Control Manager Driver 3;c:\windows\system32\DRIVERS\chdrvr03.sys --> c:\windows\system32\DRIVERS\chdrvr03.sys [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [6/23/2009 3:53 PM 38160]
S3 RTCore32;RTCore32;c:\program files\EVGA Precision\RTCore32.sys [5/25/2005 1:39 PM 4608]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [10/11/2007 1:45 PM 176128]
S3 TCCrystalCpuInfo;TCCrystalCpuInfo;\??\c:\docume~1\Paul\LOCALS~1\Temp\TCCpuInfo.sys --> c:\docume~1\Paul\LOCALS~1\Temp\TCCpuInfo.sys [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [1/6/2009 3:12 PM 11520]
S4 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\Viewpoint\Common\ViewpointService.exe" --> c:\program files\Viewpoint\Common\ViewpointService.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.rowclan.net/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
Trusted Zone: microsoft.com\ www.update
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
FF - ProfilePath - c:\documents and settings\Paul\Application Data\Mozilla\Firefox\Profiles\blyr0fgy.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.rowclan.net/index.php
FF - component: c:\program files\Mozilla Firefox\components\FFComm.dll
FF - plugin: c:\program files\Haihaisoft Universal Player\Codec\Plugins\nppl3260.dll
FF - plugin: c:\program files\Haihaisoft Universal Player\Codec\Plugins\npqtplugin.dll
FF - plugin: c:\program files\Haihaisoft Universal Player\Codec\Plugins\nprpjplug.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-30 22:28
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1202660629-1897051121-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:a4,5a,02,4c,a6,c3,d1,94,cd,69,e6,72,45,b0,d2,e4,d2,85,5b,60,71,
1e,97,9d,04,fd,94,87,77,8d,f4,d4,9d,0c,3f,45,cc,2e,87,6a,ed,cf,71,9a,f2,01,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(1044)
c:\windows\system32\nvappfilter.dll
.
Completion time: 2009-07-01 22:30
ComboFix-quarantined-files.txt 2009-07-01 03:30

Pre-Run: 87,705,153,536 bytes free
Post-Run: 88,096,174,080 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn /usepmtimer

222