Malware issues... Please Help

For the past week I have been consumed with unauthorized pop ups. I noticed a Personal Guard 2009 icon that appeared on my desktop out of no where. After I quick Google search I found this to be a rather malicious program, and one that I lack any knowledge or expertise on in the matter of resolving. Although, I have attempted to run malewarebytes but the program fails to load, and my computer will NOT boot in safe mode. Any help, or directional guidance will be much appreciated.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:22:42 PM, on 11/20/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
C:\Program Files\Common Files\AOL\1131220638\ee\AOLSoftware.exe
C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Sophos\AutoUpdate\ALMon.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\AOL\1131220638\EE\aolsoftware.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\VS Revo Group\Revo Uninstaller\revouninstaller.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\HP_Administrator\Desktop\winlogon.scr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: Shell=Explorer.exe logon.exe
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.3.4501.1418\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1131220638\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [PC Pitstop Optimize Reminder] C:\Program Files\PCPitstop\Optimize3\Reminder-Optimize3.exe
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe"
O4 - HKLM\..\Run: [personalguard] C:\Program Files\Personal Guard 2009\personalguard.exe
O4 - HKLM\..\Run: [zefetosil] Rundll32.exe "c:\windows\system32\zikiboru.dll",a
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\RunServices: [virtual-ie] oo.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - Global Startup: AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePokerMaster\EmpirePoker\RunEPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePokerMaster\EmpirePoker\RunEPoker.exe (file missing)
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O15 - Trusted Zone: *.doginhispen.com
O15 - Trusted Zone: *.whataboutadog.com
O16 - DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.com/s/v/57.07/uploader2.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - https://wimpro2.cce.hp.com/ChatEntry/downloads/sysinfo.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (qsax Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8942.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - https://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/luxr/default/mjolauncher.cab
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Zango/ie/bridge-c356.cab?6e214b1070662729071b008b35c64779a83d2eebb7c2333879d14edaa31bb60aa45a41eaabcd6422e439fba9ac96f9ce426ab7efb6f169ceb99c2a5c7e:844a4f713710b4d6fd84c831d43d35df
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O20 - AppInit_DLLs: c:\windows\system32\sosafimi.dll c:\windows\system32\sohuwuba.dll c:\windows\system32\miyilomu.dll c:\windows\system32\yojozazo.dll c:\windows\system32\vokoveya.dll c:\windows\system32\zemudugi.dll c:\windows\system32\bufupavu.dll c:\windows\system32\jehodini.dll c:\windows\system32\vesegihi.dll pokitiwi.dll c:\windows\system32\zikiboru.dll
O21 - SSODL: redutanob - {5925fcfe-1da4-444e-9ffb-930c561302ec} - c:\windows\system32\sohuwuba.dll (file missing)
O21 - SSODL: kejuyises - {f823aff1-dd4e-4f79-bdb1-d1937d2c5f8b} - c:\windows\system32\zikiboru.dll
O22 - SharedTaskScheduler: mujuzedij - {5925fcfe-1da4-444e-9ffb-930c561302ec} - c:\windows\system32\sohuwuba.dll (file missing)
O22 - SharedTaskScheduler: mujuzedij - {f823aff1-dd4e-4f79-bdb1-d1937d2c5f8b} - c:\windows\system32\zikiboru.dll
O23 - Service: BitDefender Arrakis Server (Arrakis3) - BitDefender S.R.L. http://www.bitdefender.com - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Sophos AutoUpdate Service - Sophos Plc - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
O24 - Desktop Component 0: (no name) - http://cmsimg.pensacolanewsjournal.com/apps/pbcsi.dll/bilde?NewTbl=1&Avis=DP&Dato=20070715&Kategori=SPORTS&Lopenr=707150801&Ref=PH&Item=4

--
End of file - 14167 bytes

Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com

Alternate link: Forospyware.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
  
• Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console

Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

• Click on Yes, to continue scanning for malware.
  
• When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.
  

ComboFix 09-11-20.02 - HP_Administrator 11/20/2009 23:10.1.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.289 [GMT -6:00]
Running from: c:\documents and settings\HP_Administrator\desktop\commy.exe
Command switches used :: /stepdel
AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Microsoft AData
c:\program files\msmovies
c:\program files\WinBudget
c:\windows\system32\drivers\pciide.sys
c:\windows\system32\ps2.bat
c:\documents and settings\All Users\Microsoft AData\t.sid
c:\documents and settings\HP_Administrator\My Documents\Personal Guard 2009.lnk
C:\install.exe
c:\program files\msmovies\p.zip
c:\program files\WinBudget\bin\matrix.dat
c:\windows\certsystem.exe
c:\windows\microsoftdef.dll
c:\windows\regred.exe
c:\windows\securits.com
c:\windows\spoov.exe
c:\windows\system32\banonogo.dll
c:\windows\system32\bihonede.dll.tmp
c:\windows\system32\biwapuyu.dll
c:\windows\system32\demihete.dll
c:\windows\system32\drivers\pciide.sys
c:\windows\system32\filulafo.dll
c:\windows\system32\firiveme.dll
c:\windows\system32\firowazo.dll
c:\windows\system32\gafilumu.dll.tmp
c:\windows\system32\hajutuki.dll.tmp
c:\windows\system32\jepeyumu.dll
c:\windows\system32\johuyota.dll
c:\windows\system32\katovibu.dll
c:\windows\system32\kofirawa.dll
c:\windows\system32\linukafe.dll
c:\windows\system32\luhafage.dll
c:\windows\system32\magohupa.dll
c:\windows\system32\mojujebu.dll.tmp
c:\windows\system32\movemora.dll
c:\windows\system32\nepusenu.dll
c:\windows\system32\nevigapi.dll
c:\windows\system32\nisomepe.dll
c:\windows\system32\pavoseho.dll
c:\windows\system32\pokitiwi.dll
c:\windows\system32\punineva.dll
c:\windows\system32\putunijo.dll
c:\windows\system32\puvibimo.dll
c:\windows\system32\renugipi.dll
c:\windows\system32\rihesiva.dll
c:\windows\system32\rofegivu.dll
c:\windows\system32\sedutodo.dll
c:\windows\system32\senuzosi.dll
c:\windows\system32\surowete.dll
c:\windows\system32\tibiyoni.dll
c:\windows\system32\tipafago.dll
c:\windows\system32\tukibazi.dll
c:\windows\system32\tukuhegu.dll
c:\windows\system32\vileyope.dll
c:\windows\system32\vutusare.dll
c:\windows\system32\wenihubi.dll
c:\windows\system32\wotunivo.dll
c:\windows\system32\yidehuyu.dll.tmp
c:\windows\system32\yikotoya.dll
c:\windows\system32\zibobuze.dll
c:\windows\system32\zidejuya.dll
c:\windows\system32\zifewiba.dll
c:\windows\system32\zikiboru.dll
c:\windows\Tasks\dxqllalv.job
c:\windows\usexplorer.exe
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_IPRIP


((((((((((((((((((((((((( Files Created from 2009-10-21 to 2009-11-21 )))))))))))))))))))))))))))))))
.

2009-11-21 04:20 . 2009-11-21 04:20 -------- d-----w- c:\windows\LastGood.Tmp
2009-11-21 03:56 . 2009-11-21 03:55 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-21 03:54 . 2009-11-21 04:06 152576 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-21 03:45 . 2009-11-21 03:49 -------- d-----w- c:\documents and settings\HP_Administrator\.SunDownloadManager
2009-11-18 01:13 . 2009-11-18 01:17 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\QuickScan
2009-11-17 14:51 . 2009-11-18 01:21 -------- d-----w- c:\program files\hudson.mmmm
2009-11-17 10:46 . 2009-11-17 10:46 -------- d-----w- C:\!KillBox
2009-11-14 02:20 . 2009-11-17 03:36 -------- d-----w- c:\program files\Windows Live Safety Center
2009-11-13 19:46 . 2009-11-13 19:46 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Malwarebytes
2009-11-13 19:46 . 2009-09-10 20:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-13 19:46 . 2009-11-17 14:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-13 19:46 . 2009-11-13 19:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-13 19:46 . 2009-09-10 20:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-13 19:19 . 2009-11-21 05:23 132 ----a-w- c:\windows\system32\rezumatenoi.dat
2009-11-13 19:17 . 2009-11-13 19:17 0 ----a-w- C:\pcwords2.dat
2009-11-13 19:17 . 2009-11-13 19:17 0 ----a-w- C:\pcwords.dat
2009-11-13 17:47 . 2009-11-13 19:08 -------- d-----w- c:\documents and settings\All Users\Application Data\BitDefender
2009-11-13 17:47 . 2009-11-13 17:49 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\BitDefender
2009-11-13 17:47 . 2009-11-13 17:47 -------- d-----w- c:\program files\BitDefender
2009-11-13 17:40 . 2009-11-13 17:47 -------- d-----w- c:\program files\Common Files\BitDefender
2009-11-13 17:04 . 2009-11-13 17:04 -------- d-----w- c:\documents and settings\All Users\Application Data\PCPitstop
2009-11-13 17:04 . 2009-11-13 17:04 -------- d-----w- c:\program files\PCPitstop
2009-11-13 16:39 . 2009-11-13 16:39 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\MSNInstaller
2009-11-13 16:13 . 2009-11-13 16:13 -------- d-----w- c:\program files\VS Revo Group
2009-11-13 04:46 . 2009-11-13 04:46 -------- d-----w- c:\documents and settings\LocalService\Application Data\Roxio
2009-11-13 04:46 . 2009-11-13 04:46 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Roxio
2009-11-13 03:30 . 2009-11-13 15:18 256 ----a-w- c:\windows\system32\pool.bin
2009-11-13 03:30 . 2009-11-13 03:30 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Research In Motion
2009-11-13 03:11 . 2009-11-13 03:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Roxio
2009-11-13 03:11 . 2009-11-13 03:13 -------- d-----w- c:\program files\Roxio
2009-11-13 03:11 . 2009-11-13 03:14 -------- d-----w- c:\program files\Common Files\Roxio Shared
2009-11-13 03:01 . 2007-01-18 16:24 26496 ----a-r- c:\windows\system32\drivers\RimSerial.sys
2009-11-13 02:59 . 2009-11-13 03:00 -------- d-----w- c:\program files\Common Files\Research In Motion
2009-11-13 02:58 . 2009-11-13 02:58 -------- d-----w- c:\program files\Research In Motion
2009-11-13 02:50 . 2009-11-13 02:50 -------- d-sh--w- c:\windows\ftpcache
2009-11-09 22:03 . 2009-11-09 22:03 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-11-09 22:03 . 2009-11-09 22:03 -------- d-sh--w- c:\windows\system32\config\systemprofile\PrivacIE
2009-11-09 22:03 . 2009-11-09 22:03 -------- d-sh--w- c:\windows\system32\config\systemprofile\IECompatCache
2009-11-09 22:03 . 2009-11-09 22:03 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Yahoo!
2009-11-09 05:46 . 2006-06-04 03:29 48128 ----a-w- c:\windows\system32\hpz3l4pi.dll
2009-11-09 05:40 . 2009-11-09 06:08 124587 ----a-w- c:\windows\HPHins12.dat
2009-11-09 05:40 . 2006-07-07 01:53 14916 ------w- c:\windows\hphmdl12.dat
2009-11-09 05:28 . 2006-06-22 03:03 56 ----a-w- C:\ut9x.bat
2009-11-09 05:28 . 2006-06-19 21:08 54 ----a-w- C:\ut.bat
2009-11-09 02:56 . 2009-11-09 02:56 686928 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\SinfInst.exe
2009-11-09 02:55 . 2009-11-09 02:56 607392 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\wbsetup.exe
2009-11-09 02:55 . 2009-11-09 02:55 7976 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\wappchck.dll
2009-11-09 02:55 . 2009-11-09 02:55 95792 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\AOLFwMgr.dll
2009-11-09 02:55 . 2009-11-09 02:55 1174536 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\prfrd.exe
2009-11-09 02:55 . 2009-11-09 02:55 383128 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\tbsetup.exe
2009-11-09 02:55 . 2009-11-09 02:55 1651320 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\reginst4.exe
2009-11-09 02:55 . 2009-11-09 02:55 205360 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\maillang.exe
2009-11-09 02:53 . 2009-11-09 02:55 6363152 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\ocpinst.exe
2009-11-09 02:53 . 2009-11-09 02:53 641960 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\SLinst.exe
2009-11-09 02:53 . 2009-11-09 02:53 357304 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\frntinst.exe
2009-11-09 02:53 . 2009-11-09 02:53 2439824 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\ocpinsti.exe
2009-11-09 02:51 . 2009-11-09 02:51 247136 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\gui.dll
2009-11-09 02:51 . 2009-11-09 02:51 32608 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\iacchk.dll
2009-11-09 02:51 . 2009-11-09 02:51 355592 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\afixinst.exe
2009-11-09 02:51 . 2009-11-09 02:51 172896 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\setup.exe
2009-11-09 02:51 . 2009-11-09 02:51 340120 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\SLLang.exe
2009-11-09 02:51 . 2009-11-09 02:51 62248 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\tsverchk.dll
2009-11-09 02:51 . 2009-11-09 02:51 150216 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\prcnlink.exe
2009-11-09 02:51 . 2009-11-09 02:51 171160 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\iaclang.exe
2009-11-09 02:51 . 2009-11-09 02:51 54056 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\AOLVPChk.dll
2009-11-09 02:50 . 2009-11-09 02:51 1561528 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\AIMinst.exe
2009-11-09 02:50 . 2009-11-09 02:50 183080 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\gui_ext.dll
2009-11-09 02:50 . 2009-11-09 02:50 96096 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\instph.dll
2009-11-09 02:50 . 2009-11-09 02:50 215864 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\wsfinst.exe
2009-11-09 02:50 . 2009-11-09 02:50 376568 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\unagi3.exe
2009-11-09 02:50 . 2009-11-09 02:50 1364064 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\fdosetup.exe
2009-11-09 02:50 . 2009-11-09 02:50 11048 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\ocfcheck.dll
2009-11-09 02:50 . 2009-11-09 02:50 294376 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\iacinst.exe
2009-11-09 02:50 . 2009-11-09 02:50 45864 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\ACSInstA.dll
2009-11-09 02:50 . 2009-11-09 02:50 74536 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\instSup.dll
2009-11-09 02:49 . 2009-11-09 02:50 1612544 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\acslang.exe
2009-11-09 02:49 . 2009-11-09 02:49 83808 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\ProgUpd.dll
2009-11-09 02:48 . 2009-11-09 02:49 10533216 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\noneCodesignFilesBundle.exe
2009-11-09 02:48 . 2009-11-09 02:48 7976 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\suitedet.dll
2009-11-09 02:48 . 2009-11-09 02:48 1484136 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\acscore.exe
2009-11-09 02:48 . 2009-11-09 02:48 420152 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\AIMLang.exe
2009-11-09 02:48 . 2009-11-09 02:48 122832 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\jginst.exe
2009-11-09 02:48 . 2009-11-09 02:48 7464 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\ie7chck.dll
2009-11-09 02:47 . 2009-11-09 02:48 2426184 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\frntlang.exe
2009-11-09 02:47 . 2009-11-09 02:47 11048 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\tbinst.dll
2009-11-09 02:47 . 2009-11-09 02:47 10856 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\comps\wsfixchk.dll
2009-11-09 02:47 . 2009-11-09 02:47 155432 ----a-w- c:\documents and settings\All Users\Application Data\AOL Downloads\NexusSuite\2.1.84.1\upgrade.exe
2009-11-08 06:25 . 2009-11-08 06:25 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Sophos
2009-11-08 06:21 . 2009-11-08 06:21 93360 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2009-11-08 06:15 . 2009-11-13 16:35 -------- dc-h--w- c:\documents and settings\All Users\Application Data\~0
2009-11-08 06:15 . 2009-10-03 08:15 2924848 -c----w- c:\documents and settings\All Users\Application Data\~0\Ad-AwareInstallation.exe
2009-11-08 06:14 . 2009-11-13 16:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-11-08 06:13 . 2009-11-08 06:13 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\CiscoCAA
2009-11-08 06:13 . 2009-11-08 06:13 -------- d-----w- c:\program files\Cisco Systems
2009-11-08 04:45 . 2009-11-08 04:45 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Cisco
2009-11-08 04:42 . 2009-11-08 04:42 -------- d-----w- c:\program files\Cisco
2009-11-08 04:42 . 2009-11-08 04:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Cisco
2009-11-08 03:55 . 2009-11-08 03:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Sophos
2009-11-08 03:54 . 2009-11-08 03:58 -------- d-----w- c:\program files\Sophos
2009-11-08 03:52 . 2009-11-08 03:53 -------- d-----w- C:\tmp_sophos_inst
2009-11-06 22:46 . 2009-11-16 05:43 51720 ---ha-w- c:\windows\system32\mlfcache.dat
2009-11-05 05:51 . 2009-02-05 05:15 11776 ----a-w- C:\1ClickBoot.exe
2009-11-04 07:59 . 2009-11-04 08:00 -------- d-----w- c:\program files\Safari
2009-11-02 05:30 . 2007-03-20 17:33 28672 ----a-w- c:\windows\system32\drivers\libusb0.sys
2009-11-02 05:30 . 2007-03-20 17:33 43520 ----a-w- c:\windows\system32\libusb0.dll
2009-11-02 04:57 . 2008-11-28 21:15 416687 ----a-w- C:\libusb-win32-filter-bin-0.1.12.1.exe
2009-11-02 04:56 . 2009-11-02 04:56 -------- d-----w- C:\files
2009-10-29 08:05 . 2009-10-29 08:05 -------- d-----w- c:\windows\system32\XPSViewer
2009-10-29 08:05 . 2009-10-29 08:05 -------- d-----w- c:\program files\MSBuild
2009-10-29 08:05 . 2009-10-29 08:05 -------- d-----w- c:\program files\Reference Assemblies
2009-10-29 08:04 . 2008-07-06 12:06 89088 ------w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-10-29 08:04 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-10-29 08:04 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-10-29 08:04 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-10-29 08:04 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-10-29 08:04 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-10-29 08:04 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\dllcache\xpssvcs.dll
2009-10-29 08:04 . 2009-10-29 08:05 -------- d-----w- C:\264a14719c5ef65e0b9341e9e20e97
2009-10-26 18:26 . 2009-10-26 18:26 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\KodakCredentialStore
2009-10-26 18:18 . 2009-10-26 18:18 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\KodakGallery
2009-10-26 18:09 . 2009-10-26 18:09 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\ArcSoft
2009-10-26 18:09 . 2009-10-26 18:09 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\ArcSoft
2009-10-26 18:08 . 2009-11-13 16:02 720 ----a-w- c:\documents and settings\All Users\Application Data\ArcSoft\kodak-printcreations-22-080812-oem\acforall.dll
2009-10-26 18:08 . 2009-10-26 18:08 -------- d-----w- c:\documents and settings\All Users\Application Data\ArcSoft
2009-10-26 18:08 . 2009-10-26 18:08 -------- d-----w- c:\program files\ArcSoft

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-21 04:15 . 2005-08-09 12:55 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-21 03:55 . 2005-08-09 12:18 -------- d-----w- c:\program files\Java
2009-11-18 23:49 . 2007-02-16 22:00 900 --sha-w- c:\windows\system32\KGyGaAvL.sys
2009-11-18 23:49 . 2007-02-16 22:00 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Corel
2009-11-13 19:19 . 2009-09-17 21:12 152456 ----a-w- c:\windows\system32\drivers\bdfm.sys
2009-11-13 19:19 . 2009-09-17 21:11 105736 ----a-w- c:\windows\system32\drivers\bdhv.sys
2009-11-13 17:41 . 2006-02-16 22:14 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Lavasoft
2009-11-13 16:58 . 2006-10-02 23:08 -------- d-----w- c:\program files\Common Files\aolshare
2009-11-13 16:57 . 2005-11-05 19:56 -------- d-----w- c:\program files\Common Files\AOL
2009-11-13 16:56 . 2005-11-05 19:58 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\AOL
2009-11-13 16:42 . 2006-06-06 05:08 -------- d-----w- c:\program files\Yahoo!
2009-11-13 16:23 . 2005-08-09 13:00 -------- d-----w- c:\program files\iTunes
2009-11-13 16:23 . 2008-03-20 03:30 -------- d-----w- c:\program files\Common Files\Apple
2009-11-13 03:24 . 2005-11-05 20:18 66256 ----a-w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-13 03:19 . 2005-08-09 12:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Sonic
2009-11-13 03:11 . 2005-08-09 12:40 -------- d-----w- c:\program files\Common Files\Sonic Shared
2009-11-09 20:31 . 2005-11-05 19:41 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Apple Computer
2009-11-09 05:54 . 2005-08-09 12:39 -------- d-----w- c:\program files\Common Files\HP
2009-11-09 05:45 . 2005-08-09 12:34 -------- d-----w- c:\program files\HP
2009-11-09 04:01 . 2005-11-05 19:57 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL
2009-11-09 02:47 . 2006-10-02 22:41 -------- d-----w- c:\documents and settings\All Users\Application Data\AOL Downloads
2009-11-08 03:35 . 2009-08-27 00:08 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-11-08 03:25 . 2009-06-15 18:23 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-11-06 22:46 . 2005-11-05 19:42 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Apple Computer
2009-11-02 05:36 . 2008-03-20 03:30 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2009-10-27 18:16 . 2005-08-09 12:28 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-10-25 20:50 . 2008-03-20 03:31 -------- d-----w- c:\program files\Apple Software Update
2009-10-25 20:40 . 2005-11-07 03:28 -------- d-----w- c:\program files\QuickTime
2009-10-25 18:08 . 2005-08-09 13:13 -------- d-----w- c:\program files\Easy Internet signup
2009-09-11 14:18 . 2004-08-10 19:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-06 08:16 . 2007-07-07 21:05 2823 -c--a-w- c:\windows\checkip.dat
2009-09-04 21:03 . 2004-08-10 19:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-09-03 04:20 . 2009-09-03 04:12 165521 ----a-w- c:\windows\hpoins21.dat
2009-08-29 08:08 . 2004-08-10 19:00 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-29 00:42 . 2008-03-20 03:31 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-26 08:00 . 2004-08-11 02:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2005-11-07 04:23 . 2005-11-07 04:22 3633664 -csha-w- c:\program files\ehthumbs.db
2009-10-20 00:59 . 2009-11-13 19:11 46592 ----a-w- c:\program files\mozilla firefox\components\FFComm.dll
2009-02-04 11:33 . 2007-08-09 09:24 67688 ----a-w- c:\program files\mozilla firefox\components\jar50.dll
2009-02-04 11:33 . 2007-08-09 09:24 54368 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2009-02-04 11:33 . 2007-08-09 09:24 34944 ----a-w- c:\program files\mozilla firefox\components\myspell.dll
2009-02-04 11:33 . 2007-08-09 09:24 46712 ----a-w- c:\program files\mozilla firefox\components\spellchk.dll
2009-02-04 11:33 . 2007-08-09 09:24 172136 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.

((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2005-08-09 12:53 . 2005-05-11 00:50 253952 c:\hp\drivers\hplsbwatcher\bak\lsburnwatcher.exe

2006-09-26 00:52 . 2006-09-26 00:52 50736 c:\program files\Common Files\AOL\1131220638\EE\bak\AOLSoftware.exe
2008-06-24 18:34 . 2008-06-24 18:34 41824 c:\program files\Common Files\AOL\1131220638\EE\AOLSoftware.exe

2006-10-23 12:50 . 2006-10-23 12:50 71216 c:\program files\Common Files\AOL\ACS\bak\AOLDial.exe
2006-10-23 12:50 . 2006-10-23 12:50 71216 c:\program files\Common Files\AOL\ACS\AOLDial.exe

2004-07-28 06:50 . 2004-07-28 06:50 81920 c:\program files\Common Files\InstallShield\UpdateService\bak\issch.exe
2006-09-11 10:40 . 2006-09-11 10:40 86960 c:\program files\Common Files\InstallShield\UpdateService\issch.exe

2004-07-28 06:50 . 2004-07-28 06:50 221184 c:\program files\Common Files\InstallShield\UpdateService\bak\ISUSPM.exe
2006-09-11 10:40 . 2006-09-11 10:40 218032 c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe

2005-08-09 12:46 . 2005-08-09 12:46 180269 c:\program files\Common Files\Real\Update_OB\bak\realsched.exe

2006-03-17 14:38 . 2007-09-14 13:39 421888 c:\program files\Grisoft\AVG Free\bak\avgcc.exe

2005-02-26 05:34 . 2005-02-26 05:34 245760 c:\program files\Hewlett-Packard\HP Boot Optimizer\bak\HPBootOp.exe

2005-06-02 06:35 . 2005-06-02 06:35 49152 c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\bak\hphupd08.exe

2005-05-12 13:12 . 2005-05-12 13:12 49152 c:\program files\HP\HP Software Update\bak\HPWuSchd2.exe
2007-10-15 02:17 . 2007-10-15 02:17 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe

2004-05-12 21:18 . 2004-05-12 21:18 241664 c:\program files\HP\hpcoretech\bak\hpcmpmgr.exe

2006-09-25 19:54 . 2006-09-25 19:54 229952 c:\program files\iTunes\bak\iTunesHelper.exe

2006-02-16 21:03 . 2005-11-10 19:03 36975 c:\program files\Java\jre1.5.0_06\bin\bak\jusched.exe

2006-09-24 08:24 . 2006-12-06 03:06 282624 c:\program files\QuickTime\bak\qttask.exe
2009-09-05 06:54 . 2009-09-05 06:54 417792 c:\program files\QuickTime\QTTask.exe

2004-08-11 02:04 . 2004-08-11 02:04 59392 c:\windows\ehome\bak\ehtray.exe
2004-08-11 02:04 . 2004-08-11 02:04 59392 c:\windows\ehome\ehtray.exe

2004-08-10 19:00 . 2004-08-10 19:00 15360 c:\windows\system32\bak\ctfmon.exe
2004-08-10 19:00 . 2008-04-14 00:12 15360 c:\windows\system32\ctfmon.exe

2005-11-06 23:55 . 2004-04-06 10:28 172032 c:\windows\system32\spool\drivers\w32x86\3\bak\hpztsb11.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-19 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-05 417792]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-10-10 203264]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-08-13 177440]
"HostManager"="c:\program files\Common Files\AOL\1131220638\ee\AOLSoftware.exe" [2008-06-24 41824]
"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2008-03-06 236016]
"PC Pitstop Optimize Reminder"="c:\program files\PCPitstop\Optimize3\Reminder-Optimize3.exe" [2009-06-10 205552]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-10-19 71152]
"BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2009-10-23 1118144]
"zefetosil"="c:\windows\system32\zikiboru.dll" [N/A]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-11-21 149280]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"faredomajo"="movemora.dll" [N/A]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
AutoUpdate Monitor.lnk - c:\program files\Sophos\AutoUpdate\ALMon.exe [2009-6-11 245760]
Clean Access Agent.lnk - c:\program files\Cisco Systems\Clean Access Agent\CCAAgentLauncher.exe [2007-12-7 28672]
HP Photosmart Premier Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2006-2-10 73728]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /p \??\C:\0autocheck autochk *

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk
backup=c:\windows\pss\Kodak EasyShare software.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^AOL Desktop.lnk]
path=c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\AOL Desktop.lnk
backup=c:\windows\pss\AOL Desktop.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^V CAST Music Monitor.lnk]
path=c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\V CAST Music Monitor.lnk
backup=c:\windows\pss\V CAST Music Monitor.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"MDM"=2 (0x2)
"LightScribeService"=2 (0x2)
"Bonjour Service"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"AOL TopSpeedMonitor"=2 (0x2)
"AOL ACS"=2 (0x2)
"ACDaemon"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLacsd.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltsmon.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\2.0\\aoltpspd.exe"=
"c:\\Program Files\\Common Files\\AOL\\1131220638\\EE\\AOLServiceHost.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Common Files\\AOL\\1131220638\\EE\\aolsoftware.exe"=
"c:\\Program Files\\Common Files\\AOL\\1131220638\\EE\\aim6.exe"=
"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Common Files\\AOL\\1131220638\\EE\\AOLDesktop.exe"=
"c:\\Program Files\\Common Files\\BitDefender\\BitDefender Update Service\\livesrv.exe"=
"c:\\Program Files\\BitDefender\\BitDefender 2010\\vsserv.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windows Peer-to-Peer Grouping
"3540:UDP"= 3540:UDP:Peer Name Resolution Protocol (PNRP)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2/15/2007 11:50 AM 24652]
R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [6/17/2009 2:17 PM 434864]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [9/17/2009 3:12 PM 152456]
S1 owyjtdjl;owyjtdjl;\??\c:\windows\system32\drivers\owyjtdjl.sys --> c:\windows\system32\drivers\owyjtdjl.sys [?]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [10/19/2009 4:06 PM 183880]
S3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [11/1/2009 11:30 PM 28672]
S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [11/13/2009 11:04 AM 90352]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
bdx REG_MULTI_SZ scan
.
Contents of the 'Scheduled Tasks' folder

2009-11-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 17:34]

2009-11-21 c:\windows\Tasks\User_Feed_Synchronization-{918B3B0B-9BB0-4646-BCA4-42784F8EEF42}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.aol.com
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
Trusted Zone: doginhispen.com
Trusted Zone: whataboutadog.com
DPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cab
DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxp://picasaweb.google.com/s/v/57.07/uploader2.cab
FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\x742gksn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - hxxp://www.aol.com
FF - prefs.js: keyword.URL - hxxp://aolsearch.aol.com/aol/search?invocationType=client_searchbox&query=
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
FF - component: c:\program files\Mozilla Firefox\extensions\talkback@mozilla.org\components\qfaservices.dll
FF - hȋdden: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

BHO-{531604e8-df56-4976-8fd5-7eef37552bc2} - wotunivo.dll
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
SharedTaskScheduler-{5925fcfe-1da4-444e-9ffb-930c561302ec} - c:\windows\system32\sohuwuba.dll
SharedTaskScheduler-{f823aff1-dd4e-4f79-bdb1-d1937d2c5f8b} - c:\windows\system32\zikiboru.dll
SSODL-redutanob-{5925fcfe-1da4-444e-9ffb-930c561302ec} - c:\windows\system32\sohuwuba.dll
SSODL-kejuyises-{f823aff1-dd4e-4f79-bdb1-d1937d2c5f8b} - c:\windows\system32\zikiboru.dll
SafeBoot-SAVService
SafeBoot-WinDefend
AddRemove-HijackThis - c:\documents and settings\HP_Administrator\Desktop\HijackThis.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-20 23:29
Windows 5.1.2600 Service Pack 3 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...


c:\windows\TEMP\sophos_autoupdate1.dir\1258781205\SXS\msxml4.cat 7239 bytes
c:\windows\TEMP\sophos_autoupdate1.dir\1258781205\SXS\msxml4.dll 1233920 bytes executable
c:\windows\TEMP\sophos_autoupdate1.dir\1258781205\SXS\msxml4.Manifest 3478 bytes
c:\windows\TEMP\sophos_autoupdate1.dir\1258781205\SXS\msxml4r.cat 7243 bytes
c:\windows\TEMP\sophos_autoupdate1.dir\1258781205\SXS\msxml4r.dll 82432 bytes executable
c:\windows\TEMP\sophos_autoupdate1.dir\1258781205\SXS\msxml4r.Manifest 500 bytes

scan completed successfully
hȋdden files: 6

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(880)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3148)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\program files\Sophos\AutoUpdate\ALsvc.exe
c:\program files\HP\Digital Imaging\bin\hpqimzone.exe
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-11-20 23:44 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-21 05:44

Pre-Run: 144,785,080,320 bytes free
Post-Run: 147,341,410,304 bytes free

- - End Of File - - 8681AB66790FA4D392A6AC434F407D1B

I also wanted to say thanks for taking the time to look at my issues. Before I found this sight, it was endless nightmares..

Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• Please save the log to a location you will remember.
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy and paste the entire report in your next reply.
  

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Ok.. malewarebytes removed 5 infected files. I saved the log and malewarebytes asked to restart computer. Upon restart my computer will not boot in any mode.

Avira AntiVir Rescue System is a Linux-based application that allows accessing computers that cannot be booted anymore.

• Download The Avira AntiVir Rescue System from Antivir.de.
  
• Just double-click on the rescue system package to burn it to a CD/DVD.
  
• Then please use that CD/DVD with Avira Rescue System to boot your computer.

You'll get a boot option to either boot from hard drive or AntiVir Rescue System.


Press the number 2 on your keyboard to boot into AntiVir Rescue System.

Please wait until drivers are loaded and Main menu shows. Then please select the second option “Scan your system with AntiVir” and hit Enter.


Under Configuration, please select Scan all files, Try to repair infected files and Rename files if they cannot be removed?.


Then please start the scan.

The Avira AntiVir Rescue System wil now

• repair a damaged system,
  
• rescue data,
  
• scan the system for virus infections.

I just got your reply. I spoke with someone earlier and they recommended I go to the Windows advanced configuration and run: chkdsk/r. I did this and it just now completed. After completion, it reads: chkdsk found and fixed one or more errors on the volume. As of where I am now, should I continue with your above post ? Thanks

Yes, please.

Finished the scan, renamed: 11 files, repaired 0, deleted 0, quarantined 0, warnings 88. However, It will still not reboot.