Userinit infection and maybe others?

Hello.
Nearly there now, just the stuff in this post to do, then we can call this a wrap.

These files
c:\windows\Internet Logs\xD***.tmp are created by Zone Alarm.
To stop the creation of these files execute this.

Open ZoneAlarm control.
Select Alerts and Logs on the left Pane.
Set Event Logging to Off.
Close ZoneAlarm control.

I see that you are running Frostwire and Bittorrent.
P2P(Peer to peer) applications are designed to help you easily share and distribute files between you and a group of people. But they can also be used to distribute malware, and thus are not considered safe.
The removal of these programs is optional, but highly recommended.
Should you choose to remove them, but you are having trouble doing so, please let me know in your next post here and I will aid you.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs if present.

• Bittorrent
  
• Frostwire
  

Please download the OTMoveIt3 by OldTimer.

• Save it to your desktop.
  
• Please double-click OTMoveIt3.exe to run it.
  
• Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :files
  c:\windows\Tasks\txbquqdc.job
  c:\windows\Internet Logs\xD*.tmp
  
  :reg
  [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
  "c:\\Documents and Settings\\Jennifer.STATIONERY\\My Documents\\Private\\FrostWire\\FrostWire.exe"=-
  "c:\\Program Files\\BitComet\\BitComet.exe"=-
  "c:\\Program Files\\DNA\\btdna.exe"=-
  "%windir%\\system32\\drivers\\svchost.exe"=-
  
  
  
• Return to OTMoveIt3, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  
• Click the red Moveit! button.
  
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTMoveIt3
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.

There was no event logging option in my ZoneAlarm but I turned Alert Events off, if that was it. There was also an option for Archive log text files daily.

Bittorrent also wasn't present in the program list. I would like to keep frostwire though.

Here is the log:

========== FILES ==========
c:\windows\Tasks\txbquqdc.job moved successfully.
c:\windows\Internet Logs\xDB1.tmp moved successfully.
c:\windows\Internet Logs\xDB10.tmp moved successfully.
c:\windows\Internet Logs\xDB11.tmp moved successfully.
c:\windows\Internet Logs\xDB12.tmp moved successfully.
c:\windows\Internet Logs\xDB13.tmp moved successfully.
c:\windows\Internet Logs\xDB14.tmp moved successfully.
c:\windows\Internet Logs\xDB15.tmp moved successfully.
c:\windows\Internet Logs\xDB16.tmp moved successfully.
c:\windows\Internet Logs\xDB17.tmp moved successfully.
c:\windows\Internet Logs\xDB18.tmp moved successfully.
c:\windows\Internet Logs\xDB19.tmp moved successfully.
c:\windows\Internet Logs\xDB1A.tmp moved successfully.
c:\windows\Internet Logs\xDB1B.tmp moved successfully.
c:\windows\Internet Logs\xDB1C.tmp moved successfully.
c:\windows\Internet Logs\xDB1D.tmp moved successfully.
c:\windows\Internet Logs\xDB1E.tmp moved successfully.
c:\windows\Internet Logs\xDB1F.tmp moved successfully.
c:\windows\Internet Logs\xDB2.tmp moved successfully.
c:\windows\Internet Logs\xDB20.tmp moved successfully.
c:\windows\Internet Logs\xDB21.tmp moved successfully.
c:\windows\Internet Logs\xDB22.tmp moved successfully.
c:\windows\Internet Logs\xDB23.tmp moved successfully.
c:\windows\Internet Logs\xDB24.tmp moved successfully.
c:\windows\Internet Logs\xDB25.tmp moved successfully.
c:\windows\Internet Logs\xDB26.tmp moved successfully.
c:\windows\Internet Logs\xDB27.tmp moved successfully.
c:\windows\Internet Logs\xDB28.tmp moved successfully.
c:\windows\Internet Logs\xDB29.tmp moved successfully.
c:\windows\Internet Logs\xDB2A.tmp moved successfully.
c:\windows\Internet Logs\xDB2B.tmp moved successfully.
c:\windows\Internet Logs\xDB2C.tmp moved successfully.
c:\windows\Internet Logs\xDB2D.tmp moved successfully.
c:\windows\Internet Logs\xDB2E.tmp moved successfully.
c:\windows\Internet Logs\xDB2F.tmp moved successfully.
c:\windows\Internet Logs\xDB3.tmp moved successfully.
c:\windows\Internet Logs\xDB30.tmp moved successfully.
c:\windows\Internet Logs\xDB31.tmp moved successfully.
c:\windows\Internet Logs\xDB32.tmp moved successfully.
c:\windows\Internet Logs\xDB33.tmp moved successfully.
c:\windows\Internet Logs\xDB34.tmp moved successfully.
c:\windows\Internet Logs\xDB35.tmp moved successfully.
c:\windows\Internet Logs\xDB36.tmp moved successfully.
c:\windows\Internet Logs\xDB37.tmp moved successfully.
c:\windows\Internet Logs\xDB38.tmp moved successfully.
c:\windows\Internet Logs\xDB39.tmp moved successfully.
c:\windows\Internet Logs\xDB3A.tmp moved successfully.
c:\windows\Internet Logs\xDB3B.tmp moved successfully.
c:\windows\Internet Logs\xDB3C.tmp moved successfully.
c:\windows\Internet Logs\xDB3D.tmp moved successfully.
c:\windows\Internet Logs\xDB3E.tmp moved successfully.
c:\windows\Internet Logs\xDB3F.tmp moved successfully.
c:\windows\Internet Logs\xDB4.tmp moved successfully.
c:\windows\Internet Logs\xDB40.tmp moved successfully.
c:\windows\Internet Logs\xDB41.tmp moved successfully.
c:\windows\Internet Logs\xDB42.tmp moved successfully.
c:\windows\Internet Logs\xDB43.tmp moved successfully.
c:\windows\Internet Logs\xDB44.tmp moved successfully.
c:\windows\Internet Logs\xDB45.tmp moved successfully.
c:\windows\Internet Logs\xDB46.tmp moved successfully.
c:\windows\Internet Logs\xDB47.tmp moved successfully.
c:\windows\Internet Logs\xDB48.tmp moved successfully.
c:\windows\Internet Logs\xDB49.tmp moved successfully.
c:\windows\Internet Logs\xDB4A.tmp moved successfully.
c:\windows\Internet Logs\xDB4B.tmp moved successfully.
c:\windows\Internet Logs\xDB4C.tmp moved successfully.
c:\windows\Internet Logs\xDB4D.tmp moved successfully.
c:\windows\Internet Logs\xDB4E.tmp moved successfully.
c:\windows\Internet Logs\xDB4F.tmp moved successfully.
c:\windows\Internet Logs\xDB5.tmp moved successfully.
c:\windows\Internet Logs\xDB50.tmp moved successfully.
c:\windows\Internet Logs\xDB51.tmp moved successfully.
c:\windows\Internet Logs\xDB52.tmp moved successfully.
c:\windows\Internet Logs\xDB53.tmp moved successfully.
c:\windows\Internet Logs\xDB54.tmp moved successfully.
c:\windows\Internet Logs\xDB55.tmp moved successfully.
c:\windows\Internet Logs\xDB56.tmp moved successfully.
c:\windows\Internet Logs\xDB57.tmp moved successfully.
c:\windows\Internet Logs\xDB58.tmp moved successfully.
c:\windows\Internet Logs\xDB59.tmp moved successfully.
c:\windows\Internet Logs\xDB5A.tmp moved successfully.
c:\windows\Internet Logs\xDB5B.tmp moved successfully.
c:\windows\Internet Logs\xDB5C.tmp moved successfully.
c:\windows\Internet Logs\xDB5D.tmp moved successfully.
c:\windows\Internet Logs\xDB5E.tmp moved successfully.
c:\windows\Internet Logs\xDB5F.tmp moved successfully.
c:\windows\Internet Logs\xDB6.tmp moved successfully.
c:\windows\Internet Logs\xDB60.tmp moved successfully.
c:\windows\Internet Logs\xDB61.tmp moved successfully.
c:\windows\Internet Logs\xDB62.tmp moved successfully.
c:\windows\Internet Logs\xDB63.tmp moved successfully.
c:\windows\Internet Logs\xDB64.tmp moved successfully.
c:\windows\Internet Logs\xDB65.tmp moved successfully.
c:\windows\Internet Logs\xDB66.tmp moved successfully.
c:\windows\Internet Logs\xDB67.tmp moved successfully.
c:\windows\Internet Logs\xDB68.tmp moved successfully.
c:\windows\Internet Logs\xDB69.tmp moved successfully.
c:\windows\Internet Logs\xDB6A.tmp moved successfully.
c:\windows\Internet Logs\xDB6B.tmp moved successfully.
c:\windows\Internet Logs\xDB6C.tmp moved successfully.
c:\windows\Internet Logs\xDB6D.tmp moved successfully.
c:\windows\Internet Logs\xDB7.tmp moved successfully.
c:\windows\Internet Logs\xDB8.tmp moved successfully.
c:\windows\Internet Logs\xDB9.tmp moved successfully.
c:\windows\Internet Logs\xDBA.tmp moved successfully.
c:\windows\Internet Logs\xDBB.tmp moved successfully.
c:\windows\Internet Logs\xDBC.tmp moved successfully.
c:\windows\Internet Logs\xDBD.tmp moved successfully.
c:\windows\Internet Logs\xDBE.tmp moved successfully.
c:\windows\Internet Logs\xDBF.tmp moved successfully.
========== REGISTRY ==========
Registry key HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List not found.
Registry key HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List not found.
Registry key HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List not found.
Registry key HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List not found.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02282009_161058

Okay, but be careful what you download, there is no way of knowing that files that are downloaded are clean or not.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

Click Start >> Run and then copy/paste the following into the box and hit Enter:
"%userprofile%\Desktop\GooredFix.exe" /uninstall
note the space between " /
If any of your security programs query a new Registry/AutoStart value being added please allow the changes.

How is the machine running now?

So far so good. Thanks again for helping!