Bankerfox.a on 2 user accounts, i can only get in as a guest.

I keep getting a whole lot of pop-ups saying that files are infected. I am not sure what to do, i have been reading about it. Please help me!! Thank you

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  
• Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

• Click on Yes, to continue scanning for malware.
  
• When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.
  

Thank you for the reply, I have followed your instructions. combofix's log can be found at C:/ComboFix.txt. I installed combofix on my desktop and followed the instructions. I still have not turned my anti-virus or anything back on, please let me know when i can do do. Thank you very much:)

Did the log launch?

I just need the log contents posted here.

ComboFix 10-02-18.07 - Billy 02/18/2010 19:33:04.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.531 [GMT -6:00]
Running from: c:\documents and settings\Billy\desktop\commy.exe
Command switches used :: /stepdel
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Billy\Local Settings\Application Data\ioulwm
c:\documents and settings\Billy\Local Settings\Application Data\ioulwm\qafmsftav.exe
c:\windows\AegisP.inf
c:\documents and settings\Billy\Local Settings\Application Data\ioulwm\qafmsftav.exe
c:\windows\system32\drivers\1028_DELL_XPS_MM061 .MRK
c:\windows\system32\drivers\DELL_XPS_MM061 .MRK

.
((((((((((((((((((((((((( Files Created from 2010-01-19 to 2010-02-19 )))))))))))))))))))))))))))))))
.

2010-02-18 21:50 . 2010-02-18 21:50 -------- d-----w- c:\documents and settings\Guest\Local Settings\Application Data\Threat Expert
2010-02-18 02:11 . 2010-02-18 02:11 -------- d-----w- c:\documents and settings\Billy\Local Settings\Application Data\Threat Expert
2010-02-18 00:41 . 2010-02-18 00:41 -------- d-----w- c:\documents and settings\owner\Local Settings\Application Data\Threat Expert
2010-02-18 00:37 . 2010-01-21 23:21 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-02-18 00:37 . 2010-01-21 23:21 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-02-18 00:37 . 2010-01-21 23:21 1652688 ----a-w- c:\windows\PCTBDCore.dll
2010-02-18 00:37 . 2010-01-21 23:21 767952 ----a-w- c:\windows\BDTSupport.dll
2010-02-18 00:37 . 2009-10-28 07:36 1152444 ----a-w- c:\windows\UDB.zip
2010-02-18 00:37 . 2008-11-26 18:08 131 ----a-w- c:\windows\IDB.zip
2010-02-18 00:29 . 2010-02-05 15:17 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-02-18 00:29 . 2009-10-06 22:31 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-02-18 00:29 . 2009-09-23 22:10 207280 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-02-18 00:28 . 2010-02-05 15:25 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-02-18 00:28 . 2010-02-18 13:43 -------- d-----w- c:\program files\Spyware Doctor
2010-02-18 00:28 . 2010-02-18 00:37 -------- d-----w- c:\program files\Common Files\PC Tools
2010-02-18 00:28 . 2010-02-18 00:28 -------- d-----w- c:\documents and settings\owner\Application Data\PC Tools
2010-02-18 00:28 . 2010-02-18 00:28 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Tools
2010-02-18 00:28 . 2010-02-19 01:33 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-02-17 23:56 . 2010-02-17 23:56 -------- d-----w- c:\program files\Windows Live Safety Center
2010-02-14 03:33 . 2010-02-14 03:33 127903 ----a-w- c:\documents and settings\Billy\Application Data\Move Networks\uninstall.exe
2010-02-14 03:33 . 2010-02-14 03:36 -------- d-----w- c:\documents and settings\Billy\Application Data\Move Networks
2010-02-13 16:01 . 2009-08-07 01:23 274288 ----a-w- c:\windows\system32\mucltui.dll
2010-02-13 16:01 . 2009-08-07 01:23 215920 ----a-w- c:\windows\system32\muweb.dll
2010-02-13 04:08 . 2010-02-13 04:08 -------- d-----w- c:\program files\QuickTime
2010-02-12 23:35 . 2010-02-12 23:35 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-07 04:05 . 2010-02-07 04:05 -------- d-----w- c:\documents and settings\Billy\Application Data\PokerCreations
2010-02-07 04:02 . 2010-02-16 04:54 -------- d-----w- c:\documents and settings\Billy\Application Data\UFC Poker
2010-02-07 04:02 . 2010-02-07 04:02 -------- d-----w- c:\program files\UFC Poker
2010-02-07 02:38 . 2010-02-07 02:38 -------- d-sh--w- c:\documents and settings\Guest\PrivacIE
2010-02-07 02:38 . 2010-02-18 21:50 -------- d-----w- c:\documents and settings\Guest\Application Data\StumbleUpon
2010-02-06 22:51 . 2010-02-19 00:49 -------- d-----w- c:\documents and settings\owner\Application Data\StumbleUpon
2010-02-04 23:58 . 2010-02-04 23:59 -------- d-----w- c:\documents and settings\Billy\Application Data\StumbleUpon
2010-02-04 23:58 . 2010-02-04 23:58 -------- d-----w- c:\program files\StumbleUpon
2010-02-01 01:30 . 2010-02-17 22:21 -------- dc----w- C:\$AVG8.VAULT$
2010-01-31 21:46 . 2010-01-31 21:46 -------- d-----w- c:\documents and settings\Billy\Local Settings\Application Data\Xenocode
2010-01-31 20:12 . 2010-01-31 20:12 -------- d-----w- c:\documents and settings\Guest\Local Settings\Application Data\WMTools Downloaded Files
2010-01-31 20:11 . 2010-01-31 20:11 12328 ----a-w- c:\documents and settings\Guest\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-31 16:52 . 2010-02-17 22:19 -------- d-----w- c:\documents and settings\Billy\Local Settings\Application Data\xqrerl
2010-01-31 16:51 . 2010-01-31 16:51 -------- d-----w- c:\windows\Sun
2010-01-31 16:43 . 2010-01-31 16:43 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2010-01-31 16:38 . 2010-01-31 16:38 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2010-01-31 03:13 . 2010-02-19 00:50 -------- d-----w- c:\documents and settings\owner\Local Settings\Application Data\AskToolbar
2010-01-31 02:21 . 2010-01-31 02:21 0 ----a-w- c:\documents and settings\Billy\Application Data\FrostWire\.NetworkShare\Incomplete\T-4506256-LimeWireWin4.16.6.exe
2010-01-31 02:06 . 2010-02-01 01:25 -------- d-----w- c:\documents and settings\Billy\Local Settings\Application Data\AskToolbar
2010-01-31 01:51 . 2010-01-31 04:07 -------- d-----w- c:\documents and settings\Billy\Application Data\FrostWire
2010-01-31 01:50 . 2010-01-31 01:50 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-01-31 01:50 . 2010-01-31 01:50 -------- d-----w- c:\program files\Java
2010-01-31 01:50 . 2010-01-31 01:50 152576 ----a-w- c:\documents and settings\Billy\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
2010-01-31 01:48 . 2010-01-31 01:48 -------- d-----w- c:\program files\Ask.com
2010-01-30 16:50 . 2010-01-30 16:50 -------- d-----w- c:\documents and settings\Billy\Local Settings\Application Data\Identities
2010-01-30 16:39 . 2010-01-30 16:39 -------- d-----w- c:\documents and settings\owner\Local Settings\Application Data\Google
2010-01-30 15:39 . 2010-01-30 15:38 2066200 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgcorex.dll
2010-01-30 15:39 . 2010-01-30 15:38 3530520 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgui.exe
2010-01-30 07:20 . 2010-01-30 07:20 -------- d-----w- c:\documents and settings\Billy\Application Data\vlc
2010-01-30 06:00 . 2010-01-30 06:00 -------- d-----w- c:\documents and settings\Billy\Local Settings\Application Data\Google
2010-01-30 06:00 . 2010-01-31 16:38 -------- d-----w- c:\program files\Google
2010-01-30 05:59 . 2010-01-30 05:59 1975408 ----a-w- c:\documents and settings\All Users\Application Data\NOS\Adobe_Downloads\GoogleToolbarInstaller_en32_signed.exe
2010-01-30 05:58 . 2010-01-30 15:34 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2010-01-30 05:15 . 2010-01-30 05:15 115512 ----a-w- c:\documents and settings\owner\Application Data\FCTB000060531\Toolbar\Uninst.exe
2010-01-30 01:11 . 2010-02-18 02:16 12328 ----a-w- c:\documents and settings\Billy\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-01-30 01:08 . 2010-01-30 01:08 -------- d-sh--w- c:\documents and settings\Billy\IECompatCache
2010-01-30 01:07 . 2010-01-30 01:07 -------- d-sh--w- c:\documents and settings\Billy\PrivacIE
2010-01-30 01:06 . 2010-01-30 01:06 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-01-29 22:45 . 2010-01-29 22:45 -------- d-----w- c:\documents and settings\All Users\Application Data\Qwest
2010-01-29 22:45 . 2010-01-29 22:45 -------- d-----w- c:\windows\XSxS
2010-01-29 22:45 . 2010-01-29 22:45 -------- d-----w- c:\program files\Xenocode
2010-01-29 22:45 . 2010-01-29 22:45 -------- d-----w- c:\documents and settings\owner\Local Settings\Application Data\Xenocode
2010-01-26 19:02 . 2010-01-26 19:02 -------- d-----w- c:\documents and settings\owner\Application Data\vlc
2010-01-26 18:53 . 2010-01-26 18:53 -------- d-sh--w- c:\documents and settings\owner\IECompatCache
2010-01-26 00:59 . 2010-01-26 00:59 -------- d-----w- c:\documents and settings\owner\Local Settings\Application Data\Identities
2010-01-25 20:20 . 2010-01-25 20:20 1478936 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.dll
2010-01-25 20:20 . 2010-01-25 20:20 1143064 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgupd.exe
2010-01-25 20:20 . 2010-01-25 20:19 759064 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avginet.dll
2010-01-25 20:20 . 2010-01-25 20:19 587032 ----a-w- c:\documents and settings\All Users\Application Data\avg8\update\backup\avgiproxy.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-18 01:58 . 2009-09-30 16:38 12328 -c--a-w- c:\documents and settings\owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-14 03:33 . 2009-05-27 23:29 4183416 ----a-w- c:\documents and settings\Billy\Application Data\Move Networks\plugins\npqmp071502000008.dll
2010-01-06 22:39 . 2010-01-30 05:20 1477 ----a-w- c:\documents and settings\Billy\Application Data\FCTB000060531\Toolbar\patch.bat
2010-01-06 22:39 . 2010-01-30 05:15 1477 ----a-w- c:\documents and settings\owner\Application Data\FCTB000060531\Toolbar\patch.bat
2010-01-06 19:47 . 2009-09-30 18:05 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2010-01-06 19:47 . 2009-09-30 18:05 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-01-06 19:47 . 2009-09-30 18:05 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-12-31 16:50 . 2008-04-14 06:45 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:14 . 2008-04-14 11:42 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-16 18:43 . 2009-09-28 22:00 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2008-04-14 11:41 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-08 19:26 . 2008-04-14 06:54 2145280 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 18:43 . 2008-04-14 00:01 2023936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-04 18:22 . 2008-04-14 06:47 455424 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-03 07:11 . 2010-01-31 03:32 394240 ----a-w- c:\documents and settings\Guest\Application Data\FCTB000060531\Toolbar\emailchecker_plugin.dll
2009-12-03 07:11 . 2010-01-30 05:20 394240 ----a-w- c:\documents and settings\Billy\Application Data\FCTB000060531\Toolbar\emailchecker_plugin.dll
2009-12-03 07:11 . 2010-01-30 05:15 394240 ----a-w- c:\documents and settings\owner\Application Data\FCTB000060531\Toolbar\emailchecker_plugin.dll
2009-11-28 05:36 . 2010-01-31 03:32 371200 ----a-w- c:\documents and settings\Guest\Application Data\FCTB000060531\Toolbar\RSSReader_plugin.dll
2009-11-28 05:36 . 2010-01-30 05:20 371200 ----a-w- c:\documents and settings\Billy\Application Data\FCTB000060531\Toolbar\RSSReader_plugin.dll
2009-11-28 05:36 . 2010-01-30 05:15 371200 ----a-w- c:\documents and settings\owner\Application Data\FCTB000060531\Toolbar\RSSReader_plugin.dll
2009-11-27 17:11 . 2008-04-14 11:42 1291776 ----a-w- c:\windows\system32\quartz.dll
2009-11-27 17:11 . 2008-04-14 05:42 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:07 . 2001-08-23 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:07 . 2001-08-17 22:36 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:07 . 2008-04-14 11:42 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:07 . 2008-04-14 11:41 84992 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:07 . 2008-04-14 05:41 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-21 15:51 . 2008-04-14 11:41 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-11-19 00:40 1196936 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FC78E410-0EFA-4BEC-B283-D1DB1922F420}]
2010-01-30 05:15 1445888 ----a-w- c:\program files\CoolChaser Layout Auto Insert\Toolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{B0208007-27C1-4BCD-93EF-EFF5DB61FC22}"= "c:\program files\CoolChaser Layout Auto Insert\Toolbar.dll" [2010-01-30 1445888]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-11-19 1196936]

[HKEY_CLASSES_ROOT\clsid\{b0208007-27c1-4bcd-93ef-eff5db61fc22}]
[HKEY_CLASSES_ROOT\FCTB000060531.IEToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{80E55E64-0B78-4AA3-B48A-6CBF0536832A}]
[HKEY_CLASSES_ROOT\FCTB000060531.IEToolbar]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{B0208007-27C1-4BCD-93EF-EFF5DB61FC22}"= "c:\program files\CoolChaser Layout Auto Insert\Toolbar.dll" [2010-01-30 1445888]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-11-19 1196936]

[HKEY_CLASSES_ROOT\clsid\{b0208007-27c1-4bcd-93ef-eff5db61fc22}]
[HKEY_CLASSES_ROOT\FCTB000060531.IEToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{80E55E64-0B78-4AA3-B48A-6CBF0536832A}]
[HKEY_CLASSES_ROOT\FCTB000060531.IEToolbar]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-03-31 138008]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-03-31 138008]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-03-31 162584]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-03-16 1392640]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-02-13 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-01-06 19:47 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
2010-01-30 15:38 2043160 ----a-w- c:\progra~1\AVG\AVG8\avgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 11:42 110592 ----a-w- c:\windows\system32\bthprops.cpl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
2007-10-08 19:13 1101824 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]
2007-10-08 19:18 995328 ----a-w- c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2007-05-10 15:22 405504 ----a-w- c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2010-01-30 06:00 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2006-03-08 17:48 761947 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\CoolChaser Layout Auto Insert\\TroubleShooter.exe"=
"c:\\Program Files\\CoolChaser Layout Auto Insert\\ToolbarUpdate.exe"=

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2/17/2010 6:29 PM 207280]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [9/30/2009 12:05 PM 335240]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [9/30/2009 12:05 PM 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [9/30/2009 12:04 PM 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [9/30/2009 12:04 PM 297752]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\Spyware Doctor\BDT\BDTUpdateService.exe [2/17/2010 6:37 PM 112592]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/31/2010 10:38 AM 135664]
S3 StumbleUponUpdateService;StumbleUponUpdateService;c:\program files\StumbleUpon\StumbleUponUpdateService.exe [12/8/2009 4:41 PM 120232]
.
Contents of the 'Scheduled Tasks' folder

2010-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 16:38]

2010-02-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-31 16:38]

2010-02-19 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-11-19 00:40]

2010-02-19 c:\windows\Tasks\User_Feed_Synchronization-{04D9CD86-57E2-4EB5-8DC0-E926614F6D87}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 09:31]

2010-02-19 c:\windows\Tasks\User_Feed_Synchronization-{50381236-D4BE-4455-8C52-E7B5BBE8B168}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 09:31]
.
.
------- Supplementary Scan -------
.
IE: StumbleUpon PhotoBlog It! - StumbleUponIEBar.dll/blogimage
LSP: c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
.
- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
HKCU-Run-huutcopu - c:\documents and settings\Billy\Local Settings\Application Data\ioulwm\qafmsftav.exe
HKLM-Run-huutcopu - c:\documents and settings\Billy\Local Settings\Application Data\ioulwm\qafmsftav.exe
MSConfigStartUp-qvwcuhfj - c:\documents and settings\Billy\Local Settings\Application Data\xqrerl\mvrgsysguard.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-18 19:37
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(968)
c:\windows\System32\BCMLogon.dll
c:\windows\system32\netprovcredman.dll
c:\windows\system32\igfxdev.dll

- - - - - - - > 'winlogon.exe'(2736)
c:\windows\System32\BCMLogon.dll
c:\windows\system32\netprovcredman.dll

- - - - - - - > 'lsass.exe'(1024)
c:\program files\Common Files\PC Tools\Lsp\PCTLsp.dll
.
Completion time: 2010-02-18 19:38:54
ComboFix-quarantined-files.txt 2010-02-19 01:38

Pre-Run: 71,237,431,296 bytes free
Post-Run: 71,624,753,152 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 1883A763E83D53F28F01D0A96F6A70A9

Please download Cheetah-Anti-Rogue, and save to your Desktop.

• Double-click on Cheetah-Anti-Rogue.zip, and extract the file to your Desktop.
  
• Double-click on Cheetah-Anti-Rogue.cmd to start.
  
• It will finish quickly and launch a log.
  
• Post the contents of it in your next reply.

I am not sure what happened, but it is not longer doing this anymore.

Doing what?

If you post a log, I can check for sure. I would like to make sure your computer is clean, and your computer is very secure.

Still with us? If so, please do the following:

Please download DDS by sUBs from BleepingComputer.com or Forospyware.com and save it to your Desktop.

Note: Before scanning, make sure all other running programs are closed. There shouldn't be any scheduled antivirus scans running while the scan is being performed. Do not use your computer for anything else during the scan.

• Double click on the DDS icon, allow it to run.
• A small box will open, with an explanation about the tool. No input is needed, the scan is running.
• Notepad will open with the results, click Yes to the Optional_Scan
• Please follow the instructions that pop up for posting the results.
• Close the program window, and delete the program from your Desktop.