I can't see where you recieved 2 of my attachments; superantispyware and combofix so I will c&p again.
ComboFix 10-09-25.05 - Owner 09/25/2010 17:20:55.3.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.1.1252.1.1033.18.631.413 [GMT -5:00]
Running from: c:\documents and settings\Owner\My Documents\Commy.exe
* Created a new restore point
* Resident AV is active
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
Infected copy of c:\windows\system32\qmgr.dll was found and disinfected
Restored copy from - c:\windows\$NtUninstallKB842773$\qmgr.dll
.
((((((((((((((((((((((((( Files Created from 2010-08-25 to 2010-09-25 )))))))))))))))))))))))))))))))
.
2010-09-22 14:57 . 2010-09-22 18:38 -------- d-----w- c:\documents and settings\Owner\Application Data\JewelMatch2
2010-09-05 18:02 . 2010-09-05 18:03 -------- d-----w- c:\documents and settings\Owner\Application Data\Clip Art Collection
2010-09-05 17:55 . 2010-09-05 17:55 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Optimizer Pro
2010-09-05 17:55 . 2010-09-05 17:55 -------- d-----w- c:\documents and settings\All Users\Application Data\WeCareReminder
2010-09-05 17:54 . 2010-09-05 17:54 -------- d-----w- c:\documents and settings\Owner\Application Data\Oberon Media
2010-09-05 17:54 . 2010-09-23 08:11 -------- d-----w- c:\documents and settings\All Users\Application Data\GamesBar
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-23 22:27 . 2010-04-23 22:45 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-09-23 22:21 . 2010-08-15 00:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-09-23 18:26 . 2008-10-07 20:22 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-09-22 14:54 . 2008-10-19 17:18 -------- d-----w- c:\program files\Oberon Media
2010-09-17 23:37 . 2010-09-05 17:54 -------- d-----w- c:\program files\SpeedItup Free
2010-09-15 19:43 . 2010-09-15 19:43 -------- d-----w- c:\program files\Common Files\Java
2010-09-15 19:42 . 2006-11-15 02:34 -------- d-----w- c:\program files\Java
2010-09-11 11:21 . 2004-02-20 14:31 -------- d-----w- c:\program files\MSN Messenger
2010-09-05 17:56 . 2010-09-05 17:56 -------- d-----w- c:\program files\Clip Art Collection
2010-09-05 17:56 . 2006-05-02 01:33 -------- d-----w- c:\program files\Free Offers from Freeze.com
2010-09-05 17:55 . 2010-09-05 17:54 -------- d-----w- c:\program files\GamesBar
2010-09-05 17:54 . 2008-10-19 17:18 -------- d-----w- c:\program files\Common Files\Oberon Media
2010-08-21 23:53 . 2003-10-30 23:23 -------- d-----w- c:\program files\Google
2010-08-15 00:28 . 2010-08-15 00:28 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes
2010-08-15 00:27 . 2010-08-15 00:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-08-14 23:37 . 2010-06-28 22:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2010-08-14 22:19 . 2010-08-14 22:19 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ
2010-08-12 22:05 . 2010-08-12 22:05 -------- d-----w- c:\program files\Trend Micro
2010-07-17 10:00 . 2010-04-23 22:14 423656 ----a-w- c:\windows\system32\deployJava1.dll
2010-07-15 20:18 . 2010-04-12 21:52 120136 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2010-06-28 22:59 . 2010-06-28 22:59 95024 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2006-07-26 05:12 . 2006-07-26 05:13 774144 -c--a-w- c:\program files\RngInterstitial.dll
2001-07-26 22:58 . 2000-01-11 18:50 47 -c--a-w- c:\program files\ACMonitor_X73.ini
2001-07-05 18:46 . 2001-07-20 16:48 8116 -c--a-w- c:\program files\OSLO3071b2.USB
2001-05-11 16:39 . 2100-02-08 21:03 53248 -c--a-w- c:\program files\ACMonitor_X73.exe
2001-05-08 21:36 . 2000-12-05 20:56 114688 -c--a-w- c:\program files\lxarscan.dll
2001-04-23 20:22 . 2100-02-08 21:53 1437 -c--a-w- c:\program files\gtx73.ini
2001-02-22 15:54 . 2100-02-23 20:35 768 -c--a-w- c:\program files\x73_lut.dat
2007-09-16 06:35 . 2008-10-27 21:01 66408 -c--a-w- c:\program files\mozilla firefox\components\jar50.dll
2007-09-16 06:35 . 2008-10-27 21:01 54112 -c--a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2007-09-16 06:35 . 2008-10-27 21:01 34688 -c--a-w- c:\program files\mozilla firefox\components\myspell.dll
2007-09-16 06:35 . 2008-10-27 21:01 46456 -c--a-w- c:\program files\mozilla firefox\components\spellchk.dll
2007-09-16 06:35 . 2008-10-27 21:01 171880 -c--a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.
------- Sigcheck -------
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\wscntfy.exe
[-] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wscntfy.exe
[-] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\xmlprov.dll
[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\xmlprov.dll
[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\aec.sys
[-] 2006-02-15 00:30 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\Driver Cache\i386\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\drivers\aec.sys
[-] 2004-08-04 05:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtUninstallKB900485$\aec.sys
[-] 2004-08-04 05:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2004-08-04 05:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\aec.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\agp440.sys
[-] 2004-08-04 . 2C428FA0C3E3A01ED93C9B2A27D8D4BB . 42368 . . [5.1.2600.2180] . . c:\windows\system32\drivers\agp440.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ip6fw.sys
[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2008-04-14 00:12 . C7E39EA41233E9F5B86C8DA3A9F1E4A8 . 52224 . . [9.0.1.56] . . c:\windows\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\mspmsnsv.dll
[-] 2004-09-22 23:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2004-09-22 23:45 . A477391B7A8B0A0DAABADB17CF533A4B . 25088 . . [10.0.3790.3646] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2004-08-04 07:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
[-] 2004-08-04 07:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll
[-] 2004-08-04 07:56 . C086483E3DBA8C1C0A687EC8D5B3D4C1 . 52224 . . [9.0.1.56] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mspmsnsv.dll
[-] 2002-11-27 09:03 . 36678803A8030EE9A771935CFC1848BD . 52224 . . [9.0.1.56] . . c:\windows\system32\mspmsnsv.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\cf8ec753e88561d2ddb53e183dc05c3e\d3d9.dll
[-] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\d3d9.dll
[-] 2002-12-12 14:14 . 5773686BA13346408A9EBA0AC448B2D5 . 1634304 . . [5.3.0000000.900 built by: DIRECTX] . . c:\windows\system32\d3d9.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VibeFireAlerts"="" [BU]
"Weather"="c:\program files\AWS\WeatherBug\Weather.exe" [2009-12-29 1653248]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [BU]
"SearchEngineProtection"="c:\program files\Gamesbar\SearchEngineProtection.exe" [2010-05-31 568312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 52736]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-03-12 114688]
"KBD"="c:\hp\KBD\KBD.EXE" [2003-02-12 61440]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"PS2"="c:\windows\system32\ps2.exe" [BU]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2010-02-11 1218008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
c:\windows\system32\config\systemprofile\Start Menu\Programs\Startup\
PowerReg Scheduler.exe [2008-3-14 256000]
c:\documents and settings\Default User\Start Menu\Programs\Startup\
mod_sm.lnk - c:\hp\bin\cloaker.exe [1999-11-7 27136]
PowerReg Scheduler.exe [2008-3-14 256000]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Quicken Scheduled Updates.lnk - c:\program files\Quicken\bagent.exe [2002-9-20 53248]
Windows Desktop Search.lnk - c:\program files\MSN Toolbar Suite\DS\02.05.0000.1082\en-us\bin\WindowsSearch.exe [2005-6-15 238080]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [4/13/2010 5:20 PM 93320]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/21/2010 6:50 PM 136176]
S2 mrtRate;mrtRate;
.
Contents of the 'Scheduled Tasks' folder
2010-09-23 c:\windows\Tasks\At1.job
- c:\windows\System32\wdixbwx.dll [2003-06-05 12:00]
2010-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-21 23:49]
2010-09-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-08-21 23:49]
2010-09-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2010-04-12 17:22]
2010-09-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2010-04-12 17:22]
2010-09-25 c:\windows\Tasks\PCConfidential.job
- c:\program files\Winferno\PC Confidential\PCConfidential.exe [2008-10-29 20:10]
2010-09-20 c:\windows\Tasks\rpc.job
- c:\program files\Winferno\RegistryPowerCleaner\RegPowerClean.exe [2008-10-28 21:24]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://srch-qus8.hpwis.com/
uStart Page = hxxp://start.iplay.com/?o=shp
mSearch Bar = hxxp://srch-qus8.hpwis.com/
uInternet Settings,ProxyOverride = localhost
IE: {{c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm
Trusted Zone: nwfdailynews.com\www
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-09-25 17:43
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(504)
c:\windows\System32\ODBC32.dll
c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
- - - - - - - > 'lsass.exe'(560)
c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\System32\dssenh.dll
- - - - - - - > 'explorer.exe'(1432)
c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\progra~1\McAfee\MSC\mcmscsvc.exe
c:\progra~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\progra~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\progra~1\McAfee\VIRUSS~1\mcshield.exe
c:\program files\McAfee\MPF\MPFSrv.exe
c:\progra~1\McAfee\VIRUSS~1\mcsysmon.exe
.
**************************************************************************
.
Completion time: 2010-09-25 18:06:28 - machine was rebooted
ComboFix-quarantined-files.txt 2010-09-25 23:05
ComboFix2.txt 2010-09-24 00:14
Pre-Run: 15,541,374,976 bytes free
Post-Run: 15,511,580,672 bytes free
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 09/27/2010 at 05:44 PM
Application Version : 4.43.1000
Core Rules Database Version : 5506
Trace Rules Database Version: 3318
Scan type : Quick Scan
Total Scan Time : 01:04:39
Memory items scanned : 433
Memory threats detected : 0
Registry items scanned : 1303
Registry threats detected : 0
File items scanned : 11966
File threats detected : 0