Virus/Spyware Issue - Cannot Clean!!!

========== FILES ==========
C:\flawlesstracks+aceofclubsfreebeat.mp3 moved successfully.
C:\flawlessrnb+simplerb.mp3 moved successfully.
LoadLibrary failed for c:\windows\z9870troj595.ocx
c:\windows\z9870troj595.ocx NOT unregistered.
c:\windows\z9870troj595.ocx moved successfully.
C:\Kanye West feat. Young Jeezy - Amazing.mp3 moved successfully.
c:\docume~1\admin\applic~1\LimeWire\promotion moved successfully.
c:\docume~1\admin\applic~1\LimeWire\mozilla-profile\updates\0 moved successfully.
c:\docume~1\admin\applic~1\LimeWire\mozilla-profile\updates moved successfully.
c:\docume~1\admin\applic~1\LimeWire\mozilla-profile\extensions moved successfully.
c:\docume~1\admin\applic~1\LimeWire\mozilla-profile\Cache moved successfully.
c:\docume~1\admin\applic~1\LimeWire\mozilla-profile moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\res\html moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\res\fonts moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\res\entityTables moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\res\dtd moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\res moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\plugins moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\modules moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\greprefs moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\dictionaries moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\defaults\profile\US\chrome moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\defaults\profile\US moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\defaults\profile\chrome moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\defaults\profile moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\defaults\pref moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\defaults\autoconfig moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\defaults moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\components moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner\chrome moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser\xulrunner moved successfully.
c:\docume~1\admin\applic~1\LimeWire\browser moved successfully.
c:\docume~1\admin\applic~1\LimeWire\.AppSpecialShare moved successfully.
c:\docume~1\admin\applic~1\LimeWire moved successfully.
C:\Thisis50.com-Eminem - 3 A.M..mp3 moved successfully.
c:\windows\5b7as9arse190z5.bin moved successfully.
c:\windows\system32\38e5vi91318z.exe moved successfully.
C:\readyrockproductions+kanyewestfkidcudilonelyfreedownload.mp3 moved successfully.
C:\Lost In The Crowd (Prod. By Sinima).mp3 moved successfully.
c:\windows\system32\598ethzef3102.cpl moved successfully.
C:\thepuzzleproductions+feelinmyselfthecarter2freedl.mp3 moved successfully.
C:\flawlesstracks+justmusicfreebeat.mp3 moved successfully.
c:\windows\52z4t5rea924573.exe moved successfully.
c:\windows\2z107ha5ktoo96e.cpl moved successfully.
LoadLibrary failed for c:\windows\system32\580dzw9loader2558.ocx
c:\windows\system32\580dzw9loader2558.ocx NOT unregistered.
c:\windows\system32\580dzw9loader2558.ocx moved successfully.
LoadLibrary failed for c:\windows\system32\3bbd5wnlo9der141z.ocx
c:\windows\system32\3bbd5wnlo9der141z.ocx NOT unregistered.
c:\windows\system32\3bbd5wnlo9der141z.ocx moved successfully.
c:\docume~1\admin\applic~1\uTorrent moved successfully.
c:\windows\20282not-a5ziru956a.cpl moved successfully.
LoadLibrary failed for c:\windows\system32\28753wor97z0.ocx
c:\windows\system32\28753wor97z0.ocx NOT unregistered.
c:\windows\system32\28753wor97z0.ocx moved successfully.
c:\windows\4de5spyzare1589.exe moved successfully.
c:\windows\system32\3f009hreatz1540.cpl moved successfully.
c:\windows\system32\3b75ba9kzoor1541.cpl moved successfully.
LoadLibrary failed for c:\windows\system32\242th5ef279z.ocx
c:\windows\system32\242th5ef279z.ocx NOT unregistered.
c:\windows\system32\242th5ef279z.ocx moved successfully.
LoadLibrary failed for c:\windows\system32\9e0cad5ware1z6.dll
c:\windows\system32\9e0cad5ware1z6.dll NOT unregistered.
c:\windows\system32\9e0cad5ware1z6.dll moved successfully.
LoadLibrary failed for c:\windows\system32\168edo9n5oader2431z.ocx
c:\windows\system32\168edo9n5oader2431z.ocx NOT unregistered.
c:\windows\system32\168edo9n5oader2431z.ocx moved successfully.
c:\windows\system32\29548wormzad.bin moved successfully.
c:\windows\system32\109abackdoo52576z.bin moved successfully.
c:\windows\system32\17717vi95z671.bin moved successfully.
c:\windows\3a9dspzr5e2999.bin moved successfully.
LoadLibrary failed for c:\windows\9955wzrm27c9.ocx
c:\windows\9955wzrm27c9.ocx NOT unregistered.
c:\windows\9955wzrm27c9.ocx moved successfully.
LoadLibrary failed for c:\windows\system32\5ef5thze9t8444.dll
c:\windows\system32\5ef5thze9t8444.dll NOT unregistered.
c:\windows\system32\5ef5thze9t8444.dll moved successfully.
LoadLibrary failed for c:\windows\system32\6069st5az2302.dll
c:\windows\system32\6069st5az2302.dll NOT unregistered.
c:\windows\system32\6069st5az2302.dll moved successfully.
c:\windows\z0899w5rm58d.bin moved successfully.
c:\windows\4d55spzware2689.exe moved successfully.
c:\windows\5az6backdoo9452.exe moved successfully.
c:\windows\system32\32076v5ru9z22.exe moved successfully.
c:\windows\system32\325289pambzt796.bin moved successfully.
LoadLibrary failed for c:\windows\5z60backd9or2954.dll
c:\windows\5z60backd9or2954.dll NOT unregistered.
c:\windows\5z60backd9or2954.dll moved successfully.
c:\windows\7zafs5yware6039.bin moved successfully.
LoadLibrary failed for c:\windows\2311ztro51709.dll
c:\windows\2311ztro51709.dll NOT unregistered.
c:\windows\2311ztro51709.dll moved successfully.
c:\windows\system32\3e475a9zdoor1747.bin moved successfully.

OTMoveIt3 by OldTimer - Version 1.0.11.0 log created on 04262009_141146

Okay, that should do it for the malware, but now lets get you protected.

Please install Avira antivirus otherwise you won't be protected.

1) Antivir PersonalEditionClassic
-Free anti-virus software for Windows.
-Detects and removes more than 50,000 viruses. Free support.

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts.

• Now open HijackThis.
  
• When Hijack This opens, click "Open the Misc Tools section"
  
• Then select "Open Uninstall Manager"
  
• Click on "Save List..." (generates uninstall_list.txt)
  
• Click Save, copy and paste the results in your next post.
  

2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
AC3Filter (remove only)
Adobe AIR
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Reader 9.1
Adobe Setup
Adobe Setup
Adobe Setup
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
AIM 6
Antares Auto-Tune v4.39
Apple Software Update
ATI - Software Uninstall Utility
ATI Display Driver
Broadcom Gigabit Integrated Controller
CCleaner (remove only)
Choice Guard
COMODO Firewall Pro
COMODO SafeSurf
Cool Edit Pro 2.0
Dell Wireless WLAN Card
DivX Codec
DivX Player
DivX Plus DirectShow Filters
DivX Web Player
Download Updater (AOL LLC)
Driver Magician Lite 3.5
getPlus(R) for Adobe
HijackThis 2.0.2
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB943232)
ijji Auto Installer
Java(TM) 6 Update 13
Java(TM) 6 Update 4
Java(TM) 6 Update 5
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Junk Mail filter update
Learning Essentials for Microsoft Office
LimeWire 5.1.2
Malwarebytes' Anti-Malware
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Math
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Student with Encarta Premium 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows XP Video Decoder Checkup Utility
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
musicshakeENG
MV RegClean 5.9 English
Nero 8
neroxml
PDF Settings
PLAYSTATION(R)Network Downloader
PowerISO
PSP Video 9 2.25
QuickTime
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB960003)
Security Update for Microsoft Office Excel 2007 (KB959997)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Security Update for Visio 2007 (KB947590)
Security Update for Windows XP (KB923789)
Segoe UI
Spelling Dictionaries Support For Adobe Reader 9
SUPERAntiSpyware Free Edition
Uniblue RegistryBooster 2
Unity Web Player
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb962871)
VC 9.0 Runtime
VC80CRTRedist - 8.0.50727.762
VCRedistSetup
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
Windows Defender
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
WinRAR archiver
Xvid 1.1.3 final uninstall
Yahoo! Messenger
Yahoo! Software Update

Hello.
I don't see Avira on that list, please install it now using my above instructions. You will get infected again if you don't.

Go to Start > Control Panel > Add/Remove Programs and remove the following programs.

• Java(TM) 6 Update 4
  
• Java(TM) 6 Update 5
  
• Java(TM) 6 Update 6
  
• Java(TM) 6 Update 7
  
• LimeWire 5.1.2
  
• Uniblue RegistryBooster 2
  
• Viewpoint Media Player
  

We can remove OTMoveIt now.

• Please double-click OTMoveIt3.exe to run it again.
  
• Press the green CleanUp! button.
  
• Press Yes cleanup process prompt, do the same for the reboot prompt.
  

How is the machine running now?

well i was able to do what u said...i was able to d/l and update Avira, gonna use the scan now...but still cant update malwarebytes and still seems like microsoft is still being blocked.

I think the downloading updates is most likely causing by the Comodo firewall you have installed.
Right click the Comodo tray icon > Exit it.

Try again now.

[or temporarily uninstall it]

hmm its not that...just turned it off and still cant d/l updates to anti virus programs

Okay, run this next scan and see if it picks anything up.

* Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

• Doubleclick the drweb-cureit.exe file and Allow to run the express scan
  
• This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  
• Once the short scan has finished, Click Options > Change settings
  
• Choose the "Scan"-tab, remove the mark at "Heuristic analysis".
  
• Back at the main window, mark the drives that you want to scan.
  
• Select all drives. A red dot shows which drives have been chosen.
  
• Click the green arrow at the right, and the scan will start.
  
• Click 'Yes to all' if it asks if you want to cure/move the file.
  
• When the scan has finished, look if you can click next icon next to the files found:
  
• If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
  
  This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
  
• After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
  
• Save the report to your desktop. The report will be called DrWeb.csv
  
• Close Dr.Web Cureit.
  
• Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.
  
• After reboot, post the contents of the log from Dr.Web you saved previously in your next reply.
  

Well it says no viruses found...alright now this is getting weird. now i dont know what could be blocking mircosoft and anti virus program updates...

Download Combofix again, but just run it normally this time. Don't try a CFScript.

ComboFix 09-04-25.A3 - Admin 04/27/2009 11:06.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.268 [GMT -4:00]
Running from: c:\documents and settings\Admin\Desktop\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated)
FW: COMODO Firewall Pro *disabled*
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2009-05-27 to 2009-4-27 )))))))))))))))))))))))))))))))
.

2009-12-21 12:06 . 2009-12-21 12:06 8377 ----a-w c:\windows\system32\4fa5t9zef530.cpl
2009-07-26 20:29 . 2009-07-26 20:29 16883 ----a-w c:\windows\7f9cdownloaz5r1948.cpl
2009-07-22 23:13 . 2009-07-22 23:13 12505 ----a-w c:\windows\system32\2f29th5zat10422.exe
2009-07-21 00:31 . 2009-07-21 00:31 6973 ----a-w c:\windows\system32\59101spyze5.exe
2009-07-17 13:39 . 2009-07-17 13:39 11311 ----a-w c:\windows\system32\56549rojdz.exe
2009-07-16 17:51 . 2009-07-16 17:51 7602 ----a-w c:\windows\7bf9thrza52974.exe
2009-07-16 00:44 . 2009-07-16 00:44 10747 ----a-w c:\windows\system32\6b095zdware17279.exe
2009-07-14 19:00 . 2009-07-14 19:00 11557 ----a-w c:\windows\1z3eba5kdo9r1613.ocx
2009-07-11 04:38 . 2009-07-11 04:38 17601 ----a-w c:\windows\system32\29570sp955z.bin
2009-07-04 10:10 . 2009-07-04 10:10 13637 ----a-w c:\windows\5527szy9are2860.exe
2009-07-02 16:01 . 2009-07-02 16:01 10568 ----a-w c:\windows\20907z59us6dc.cpl
2009-07-01 18:42 . 2009-07-01 18:42 13548 ----a-w c:\windows\157bthzef3905.dll
2009-07-01 17:51 . 2009-07-01 17:51 17526 ----a-w c:\windows\system32\6894azd5are2493.bin
2009-06-28 23:44 . 2009-06-28 23:44 14649 ----a-w c:\windows\22598not-a5virzsab.dll
2009-06-28 02:30 . 2009-06-28 02:30 7072 ----a-w c:\windows\system32\96avi5z738.cpl
2009-06-26 21:16 . 2009-06-26 21:16 9991 ----a-w c:\windows\system32\69e45owzloader3214.ocx
2009-06-26 17:40 . 2009-06-26 17:40 9026 ----a-w c:\windows\system32\2c5e9pzrse1809.bin
2009-06-26 04:04 . 2009-06-26 04:04 9588 ----a-w c:\windows\system32\1c4e9ownzoader1650.ocx
2009-06-25 12:08 . 2009-06-25 12:08 8860 ----a-w c:\windows\system32\199005pz747.ocx
2009-06-24 12:59 . 2009-06-24 12:59 8257 ----a-w c:\windows\8915virz95ff.bin
2009-06-23 12:27 . 2009-06-23 12:27 17967 ----a-w c:\windows\6b56spz9se2994.bin
2009-06-21 21:28 . 2009-06-21 21:28 11646 ----a-w c:\windows\10550tzoj419.exe
2009-06-21 18:41 . 2009-06-21 18:41 18397 ----a-w c:\windows\system32\1385zspy93f.bin
2009-06-20 07:26 . 2009-06-20 07:26 3231 ----a-w c:\windows\14955sp513z.ocx
2009-06-18 13:38 . 2009-06-18 13:38 13147 ----a-w c:\windows\953tzief1291.exe
2009-06-17 20:00 . 2009-06-17 20:00 8490 ----a-w c:\windows\198959orm3ez5.exe
2009-06-17 16:02 . 2009-06-17 16:02 3932 ----a-w c:\windows\system32\91557spambzt55a.ocx
2009-06-14 17:12 . 2009-06-14 17:12 8610 ----a-w c:\windows\z3542n5t-a-vir9sec.ocx
2009-06-12 16:30 . 2009-06-12 16:30 12406 ----a-w c:\windows\51972zpy289.ocx
2009-06-11 22:46 . 2009-06-11 22:46 16775 ----a-w c:\windows\system32\6a9th5ezt99437.dll
2009-06-11 13:16 . 2009-06-11 13:16 6060 ----a-w c:\windows\9416hzcktoo560d.exe
2009-06-10 19:22 . 2009-06-10 19:22 4957 ----a-w c:\windows\z2551t9oj37.ocx
2009-06-10 02:50 . 2009-06-10 02:50 14671 ----a-w c:\windows\system32\58d6thre9520685z.dll
2009-06-08 03:34 . 2009-06-08 03:34 17853 ----a-w c:\windows\9944hz5kt9ol155.dll
2009-06-08 03:32 . 2009-06-08 03:32 8558 ----a-w c:\windows\system32\76349r5j592z.exe
2009-06-07 20:05 . 2009-06-07 20:05 11927 ----a-w c:\windows\system32\3d95thiz5551.cpl
2009-06-06 18:21 . 2009-06-06 18:21 17968 ----a-w c:\windows\27653zot-5-virus2559.bin
2009-06-06 07:34 . 2009-06-06 07:34 12709 ----a-w c:\windows\10254viruz6d9.exe
2009-06-06 02:06 . 2009-06-06 02:06 9452 ----a-w c:\windows\system32\27z33sp9mbot591.exe
2009-06-06 02:01 . 2009-06-06 02:01 8283 ----a-w c:\windows\system32\3395hazktoo51b2.exe
2009-06-06 00:52 . 2009-06-06 00:52 13763 ----a-w c:\windows\system32\z1007v9ru5544.cpl
2009-06-05 12:11 . 2009-06-05 12:11 3672 ----a-w c:\windows\system32\9653vizus859.dll
2009-06-05 12:03 . 2009-06-05 12:03 9594 ----a-w c:\windows\12399not-a-v5rus36z.bin
2009-06-03 12:20 . 2009-06-03 12:20 14855 ----a-w c:\windows\system32\5019szambot295.dll
2009-06-03 09:31 . 2009-06-03 09:31 8515 ----a-w c:\windows\system32\267z5w9rm7a4.dll
2009-06-03 03:42 . 2009-06-03 03:42 16534 ----a-w c:\windows\system32\53999spy6dz.cpl
2009-06-02 10:08 . 2009-06-02 10:08 11181 ----a-w c:\windows\9997steal575z.dll
2009-06-01 04:40 . 2009-06-01 04:40 6668 ----a-w c:\windows\system32\z535vi9202.bin
2009-05-26 05:27 . 2009-05-26 05:27 2556 ----a-w c:\windows\system32\290559reatz4993.bin
2009-05-25 20:21 . 2009-05-25 20:21 9325 ----a-w c:\windows\system32\7729t5iefz282.ocx
2009-05-23 01:03 . 2009-05-23 01:03 9789 ----a-w c:\windows\system32\10599spzf5.ocx
2009-05-22 16:40 . 2009-05-22 16:40 10254 ----a-w c:\windows\191fs5ealz543.bin
2009-05-21 22:03 . 2009-05-21 22:03 2766 ----a-w c:\windows\7f54baz9door3183.ocx
2009-05-21 08:42 . 2009-05-21 08:42 9533 ----a-w c:\windows\system32\74a1a5dwaze9599.bin
2009-05-21 05:11 . 2009-05-21 05:11 14942 ----a-w c:\windows\818359t-a-virusz49.dll
2009-05-20 18:21 . 2009-05-20 18:21 7755 ----a-w c:\windows\system32\1dd2z5re9t19943.cpl
2009-05-20 14:35 . 2009-05-20 14:35 9083 ----a-w c:\windows\system32\4z55vi91961.bin
2009-05-20 03:16 . 2009-05-20 03:16 8707 ----a-w c:\windows\19798hzcktool3295.exe
2009-05-18 16:08 . 2009-05-18 16:08 10220 ----a-w c:\windows\system32\23z599ot-a-virusa5.bin
2009-05-18 12:12 . 2009-05-18 12:12 5824 ----a-w c:\windows\system32\4c9teal5831z.cpl
2009-05-18 01:44 . 2009-05-18 01:44 15932 ----a-w c:\windows\6945thief2z165.cpl
2009-05-17 07:04 . 2009-05-17 07:04 3967 ----a-w c:\windows\system32\15d3b9ckdoor2752z.dll
2009-05-17 04:37 . 2009-05-17 04:37 13548 ----a-w c:\windows\system32\17775t9oz12f.bin
2009-05-17 00:26 . 2009-05-17 00:26 16673 ----a-w c:\windows\system32\94825orm2b9z.cpl
2009-05-15 08:20 . 2009-05-15 08:20 9584 ----a-w c:\windows\system32\29699noz-a-virus195.cpl
2009-05-15 00:13 . 2009-05-15 00:13 17264 ----a-w c:\windows\39190szambot5e4.exe
2009-05-14 07:35 . 2009-05-14 07:35 6659 ----a-w c:\windows\7czdspyw5re1988.dll
2009-05-14 07:22 . 2009-05-14 07:22 11712 ----a-w c:\windows\3179thiez26925.exe
2009-05-14 03:45 . 2009-05-14 03:45 8818 ----a-w c:\windows\34z5ba59door36.dll
2009-05-12 10:59 . 2009-05-12 10:59 8837 ----a-w c:\windows\system32\59c6zparse4025.cpl
2009-05-09 06:53 . 2009-05-09 06:53 17460 ----a-w c:\windows\z1926spa5bot2089.exe
2009-05-08 23:36 . 2009-05-08 23:36 17392 ----a-w c:\windows\4c57thief99z.exe
2009-05-07 15:19 . 2009-05-07 15:19 9447 ----a-w c:\windows\system32\6346thr5az263319.bin
2009-05-06 16:59 . 2009-05-06 16:59 8356 ----a-w c:\windows\system32\5774no5-9-virus37z.exe
2009-05-03 03:18 . 2009-05-03 03:18 7343 ----a-w c:\windows\15286hacktoo9zee.cpl
2009-05-01 22:13 . 2009-05-01 22:13 3209 ----a-w c:\windows\system32\769zw59m3b2.bin
2009-05-01 06:13 . 2009-05-01 06:13 3223 ----a-w c:\windows\system32\3ea19z5al2051.cpl
2009-04-26 23:35 . 2009-04-26 23:35 14655 ----a-w c:\windows\system32\f28stea598z.exe
2009-04-26 21:07 . 2009-04-26 21:07 -------- d-----w c:\documents and settings\Admin\DoctorWeb
2009-04-26 18:43 . 2009-02-13 15:31 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys
2009-04-26 18:39 . 2009-04-26 18:39 -------- d-----w c:\program files\Avira
2009-04-26 18:39 . 2009-04-26 18:39 -------- d-----w c:\documents and settings\All Users\Application Data\Avira
2009-04-24 17:16 . 2009-04-24 22:37 -------- d-----w c:\documents and settings\Admin\Local Settings\Application Data\Comodo
2009-04-24 17:06 . 2009-04-24 17:05 73728 ----a-w c:\windows\system32\CavEmLSP.dll
2009-04-24 17:05 . 2009-04-24 17:05 434252 ----a-w c:\windows\system32\MSVCRTD.DLL
2009-04-24 17:05 . 2009-04-24 17:05 216576 ----a-w c:\windows\system32\monln.dll
2009-04-24 14:54 . 2009-04-24 14:54 249592 ----a-w c:\windows\system32\cssdll32.dll
2009-04-24 14:53 . 2009-04-24 14:53 -------- d-----w c:\documents and settings\Admin\Application Data\Comodo
2009-04-24 14:53 . 2009-04-24 17:06 -------- d-----w c:\documents and settings\All Users\Application Data\comodo
2009-04-24 14:53 . 2009-04-24 14:53 87056 ----a-w c:\windows\system32\drivers\cmdguard.sys
2009-04-24 14:53 . 2009-04-24 14:53 24208 ----a-w c:\windows\system32\drivers\cmdhlp.sys
2009-04-24 14:53 . 2009-04-24 14:53 143104 ----a-w c:\windows\system32\guard32.dll
2009-04-24 14:53 . 2009-04-24 17:06 -------- d-----w c:\program files\COMODO
2009-04-22 20:10 . 2009-04-06 19:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-22 20:10 . 2009-04-06 19:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-22 20:10 . 2009-04-22 20:12 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-22 19:52 . 2009-04-22 19:52 107 ----a-w c:\windows\WININIT.INI
2009-04-20 02:40 . 2009-04-20 02:40 -------- d-----w c:\documents and settings\Admin\Local Settings\Application Data\Ahead
2009-04-20 01:24 . 2009-04-20 01:24 -------- d-----w c:\program files\Marcos Velasco Security
2009-04-20 01:02 . 2009-04-20 01:02 -------- d-----w c:\documents and settings\Admin\Application Data\Uniblue
2009-04-20 00:02 . 2009-04-20 00:02 -------- d-----w c:\documents and settings\Admin\Application Data\SUPERAntiSpyware.com
2009-04-19 19:40 . 2009-04-19 19:41 -------- d-----w c:\documents and settings\Admin\Application Data\acccore
2009-04-19 18:52 . 2009-04-19 18:52 -------- d-----w c:\documents and settings\Admin\Application Data\DivX
2009-04-19 18:52 . 2009-04-19 18:52 -------- d-----w c:\documents and settings\Admin\Application Data\Syntrillium
2009-04-19 15:47 . 2009-04-27 14:24 -------- d-----w c:\documents and settings\Admin\Local Settings\Application Data\Adobe
2009-04-19 15:17 . 2009-04-19 15:18 -------- d-----w C:\The Inner City V3
2009-04-19 15:16 . 2009-04-25 00:33 -------- d-----w c:\documents and settings\Admin\Application Data\U3
2009-04-19 15:11 . 2009-04-27 14:53 -------- d-----w c:\documents and settings\Admin\Tracing
2009-04-19 14:45 . 2009-04-19 14:45 -------- d-----w c:\documents and settings\Admin\Local Settings\Application Data\Yahoo
2009-04-19 04:54 . 2009-04-19 04:54 -------- d-----w c:\documents and settings\Admin\Local Settings\Application Data\AOL OCP
2009-04-19 04:54 . 2009-04-19 04:54 -------- d-----w c:\documents and settings\Admin\Local Settings\Application Data\AOL
2009-04-19 02:09 . 2009-04-19 02:09 -------- d-sh--w c:\documents and settings\Admin\IETldCache
2009-04-19 02:03 . 2009-04-19 02:03 -------- d-sh--w c:\documents and settings\Admin\IECompatCache
2009-04-19 02:02 . 2009-04-19 02:02 -------- d-sh--w c:\documents and settings\Admin\PrivacIE
2009-04-19 02:02 . 2009-04-19 02:02 -------- d-----w c:\documents and settings\Admin\Application Data\Yahoo!
2009-04-19 02:00 . 2009-04-19 02:00 -------- d-----w c:\documents and settings\Admin\Application Data\Malwarebytes
2009-04-19 01:57 . 2009-04-19 01:57 91736 ----a-w c:\documents and settings\Admin\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-19 01:57 . 2009-04-19 01:57 -------- d-----w c:\documents and settings\Admin\Application Data\Nero
2009-04-18 20:02 . 2009-04-18 20:09 4212 ---ha-w c:\windows\system32\zllictbl.dat
2009-04-18 13:13 . 2009-04-18 13:13 -------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-04-18 06:22 . 2009-04-18 13:13 -------- d-----w c:\program files\SUPERAntiSpyware
2009-04-18 06:22 . 2009-04-18 06:22 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-04-18 00:52 . 2001-08-18 02:36 26112 -c--a-w c:\windows\system32\dllcache\EXCH_seos.dll
2009-04-18 00:51 . 2004-08-10 11:00 37888 -c--a-w c:\windows\system32\dllcache\md5filt.dll
2009-04-18 00:50 . 2004-08-10 11:00 78848 -c--a-w c:\windows\system32\dllcache\dayi.ime

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-26 18:36 . 2008-02-03 00:36 -------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2009-04-26 18:33 . 2008-02-03 18:27 -------- d-----w c:\program files\Java
2009-04-26 16:38 . 2008-03-27 23:24 7527 --sh--w C:\Folder.jpg
2009-04-26 16:38 . 2008-03-27 23:24 2220 --sh--w C:\AlbumArtSmall.jpg
2009-04-25 18:22 . 2008-12-26 17:22 3833 --sh--w C:\AlbumArt_{8A12F43A-4C49-4496-9179-E6528EF15051}_Large.jpg
2009-04-25 18:22 . 2008-12-26 17:22 1245 --sh--w C:\AlbumArt_{8A12F43A-4C49-4496-9179-E6528EF15051}_Small.jpg
2009-04-24 22:36 . 2008-02-03 00:27 -------- d-----w c:\program files\Yahoo!
2009-04-24 22:16 . 2009-01-28 18:20 -------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2009-04-24 17:05 . 2008-01-18 02:23 499712 ----a-w c:\windows\system32\msvcp71.dll
2009-04-24 17:05 . 2008-01-18 02:23 348160 ----a-w c:\windows\system32\msvcr71.dll
2009-04-24 17:05 . 2008-01-18 02:23 1060864 ----a-w c:\windows\system32\MFC71.dll
2009-04-20 20:05 . 2008-02-20 18:13 -------- d-----w c:\program files\PowerISO
2009-04-18 16:02 . 2008-01-16 03:18 87263 ----a-w c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat
2009-04-18 02:06 . 2008-02-03 00:29 -------- d-----w c:\documents and settings\All Users\Application Data\Yahoo!
2009-04-18 00:36 . 2008-01-16 03:16 22720 ----a-w c:\windows\system32\emptyregdb.dat
2009-04-16 17:18 . 2008-01-18 02:33 -------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-04-06 17:29 . 2008-02-03 00:25 -------- d-----w c:\program files\DivX
2009-03-31 02:32 . 2008-03-27 23:27 376 --sh--w C:\desktop.ini
2009-03-29 19:32 . 2008-01-18 02:44 -------- d-----w c:\program files\Common Files\Adobe
2009-03-20 23:02 . 2009-03-20 23:02 -------- d-----w c:\program files\SilentMusicBand
2009-03-15 04:34 . 2008-12-23 01:14 -------- d-----w c:\program files\Microsoft Silverlight
2009-03-14 22:01 . 2008-02-28 01:20 -------- d-----w c:\program files\Windows Live
2009-03-14 22:00 . 2009-03-14 22:00 -------- d-----w c:\program files\Microsoft SQL Server Compact Edition
2009-03-14 21:57 . 2009-03-14 21:57 -------- d-----w c:\program files\Microsoft
2009-03-14 21:56 . 2009-03-14 21:56 -------- d-----w c:\program files\Windows Live SkyDrive
2009-03-14 21:50 . 2009-03-14 21:50 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-09 21:18 . 2009-03-09 21:18 2832 --sh--w C:\AlbumArt_{490346A1-3318-4B4C-94C4-C6A74FB24AD0}_Small.jpg
2009-03-09 21:18 . 2009-03-09 21:18 12169 --sh--w C:\AlbumArt_{490346A1-3318-4B4C-94C4-C6A74FB24AD0}_Large.jpg
2009-03-09 09:19 . 2008-12-14 15:05 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-08 08:34 . 2006-03-04 03:33 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 08:34 . 2004-08-10 11:00 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 08:33 . 2004-08-10 11:00 18944 ----a-w c:\windows\system32\corpol.dll

2009-03-08 08:33 . 2004-08-10 11:00 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 08:32 . 2004-08-10 11:00 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 08:32 . 2004-08-10 11:00 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 08:31 . 2004-08-10 11:00 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 08:31 . 2004-08-10 11:00 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 08:31 . 2004-08-10 11:00 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 08:22 . 2004-08-10 11:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-02-24 19:34 . 2009-02-24 19:34 90112 ----a-w c:\windows\system32\dpl100.dll
2009-02-24 19:34 . 2009-02-24 19:34 823296 ----a-w c:\windows\system32\divx_xx0c.dll
2009-02-24 19:34 . 2009-02-24 19:34 823296 ----a-w c:\windows\system32\divx_xx07.dll
2009-02-24 19:34 . 2009-02-24 19:34 815104 ----a-w c:\windows\system32\divx_xx0a.dll
2009-02-24 19:34 . 2009-02-24 19:34 802816 ----a-w c:\windows\system32\divx_xx11.dll
2009-02-24 19:34 . 2009-02-24 19:34 684032 ----a-w c:\windows\system32\DivX.dll
2009-02-19 02:04 . 2009-02-19 02:04 7566 --sh--w C:\AlbumArt_{706731EF-F89C-4F52-BDED-CCE2CC854CC7}_Large.jpg
2009-02-19 02:04 . 2009-02-19 02:04 2226 --sh--w C:\AlbumArt_{706731EF-F89C-4F52-BDED-CCE2CC854CC7}_Small.jpg
2009-02-06 23:03 . 2009-02-06 23:03 307576 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 22:52 . 2009-02-06 22:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2009-01-28 18:48 . 2009-01-28 18:48 244 ---ha-w C:\sqmnoopt00.sqm
2009-01-28 18:48 . 2009-01-28 18:48 232 ---ha-w C:\sqmdata00.sqm
2008-12-27 21:39 . 2008-12-27 21:39 16384 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat
2008-08-22 22:18 . 2008-08-22 22:18 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008082220080823\index.dat
2008-12-23 02:10 . 2008-12-23 02:10 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008122220081223\index.dat
2008-12-27 21:39 . 2008-12-27 21:39 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008122720081228\index.dat
2009-01-14 04:07 . 2009-01-14 04:07 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009011320090114\index.dat
2009-01-27 03:10 . 2009-01-27 03:10 32768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012009012620090127\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-10 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2005-12-19 1347584]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-07-23 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"COMODO SafeSurf"="c:\program files\COMODO\SafeSurf\cssurf.exe" [2009-04-24 278264]
"COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [2009-04-24 1655552]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 16:05 356352 ----a-w c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"vsmon"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-03-23 7408]
R3 XDva219;XDva219; [x]
R4 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2009-03-03 33176]
S1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2009-04-24 87056]
S1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2009-04-24 24208]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-03-23 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-03-23 72944]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-03-05 108289]
S2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [2006-11-04 13592]
S2 YahooAUService;Yahoo! Updater;c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
S3 OZSCR;O2Micro SmartCardBus Smartcard Reader;c:\windows\system32\DRIVERS\ozscr.sys [2005-04-22 92550]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,LaunchINFSectionEx c:\program files\Internet Explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
Contents of the 'Scheduled Tasks' folder

2009-04-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-08-19 21:57]

2009-04-27 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-04 00:20]

2009-04-27 c:\windows\Tasks\User_Feed_Synchronization-{1E818F85-EE84-4DFC-AB9B-445E7F13C0AA}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 08:31]

2009-04-27 c:\windows\Tasks\User_Feed_Synchronization-{CD5ECD4B-51F4-4CD8-95B9-6F9B0BBF57B3}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\windows\system32\CavEmLSP.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-27 11:10
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(944)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'lsass.exe'(1000)
c:\windows\system32\CavEmLSP.dll

- - - - - - - > 'explorer.exe'(2808)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-04-27 11:12
ComboFix-quarantined-files.txt 2009-04-27 15:12

Pre-Run: 34,424,688,640 bytes free
Post-Run: 35,016,413,184 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /noexecute=optin

Current=5 Default=5 Failed=2 LastKnownGood=6 Sets=2,3,4,5,6
301 --- E O F --- 2009-04-16 17:25

Hello.
May I suggest formatting at this stage.

Before when you weren't running an AV, you've allowed the malware to open backdoors and damage the machine, whatever we do, the malware will regenerate.

To help you understand more, please take some time to read the following articles:

What are Remote Access Trojans and why are they dangerous
How do I respond to a possible identity theft and how do I prevent it
When should I do a reformat and reinstallation of my OS
Where to backup your files
How to backup your files in Windows XP
Restoring your backups

alright thx for helping