Thanks a lot for the help.
Here is the new HJT log and Combofix. I hope the conbofix is the right one.
ComboFix 07-11-19.3 - Nick Janssen 2007-11-24 18:45:24.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1587 [GMT -6:00]
Running from: C:\Documents and Settings\Nick Janssen\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Nick Janssen\Desktop\CFScript.txt
* Created a new restore point
FILE
C:\WINDOWS\Fonts\Crack.exe
C:\WINDOWS\Fonts\Setup.exe
C:\WINDOWS\Fonts\svchost.exe
C:\WINDOWS\system32\cbeeg.ini
C:\WINDOWS\system32\cbeeg.ini2
C:\WINDOWS\system32\tuvvwww.dll
.
Unable to gain System Privileges
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\Fonts\Crack.exe
C:\WINDOWS\Fonts\Setup.exe
C:\WINDOWS\Fonts\svchost.exe
C:\WINDOWS\system32\cbeeg.ini
C:\WINDOWS\system32\cbeeg.ini2
C:\WINDOWS\system32\tuvvwww.dll
.
((((((((((((((((((((((((( Files Created from 2007-10-25 to 2007-11-25 )))))))))))))))))))))))))))))))
.
2007-11-24 03:21 <DIR> d-------- C:\Program Files\Trend Micro
2007-11-23 23:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-11-23 01:32 <DIR> d-------- C:\VundoFix Backups
2007-11-23 00:45 <DIR> d-------- C:\Program Files\SpywareBlaster
2007-11-22 23:13 <DIR> d-------- C:\Program Files\Windows Live Safety Center
2007-11-19 20:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-19 17:39 <DIR> d-------- C:\Program Files\Alwil Software
2007-11-18 15:51 <DIR> d-------- C:\QUARANTINE
2007-11-18 15:19 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-16 23:48 <DIR> d-------- C:\Documents and Settings\Nick Janssen\Application Data\Viewpoint
2007-11-05 21:09 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-25 00:34 --------- d-----w C:\Documents and Settings\Nick Janssen\Application Data\LimeWire
2007-11-24 05:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-11-24 05:23 --------- d-----w C:\Documents and Settings\Nick Janssen\Application Data\dvdcss
2007-11-19 08:27 --------- d-----w C:\Documents and Settings\Nick Janssen\Application Data\Ruckus Network
2007-11-17 05:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-11-14 02:18 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
2007-11-12 22:20 --------- d-----w C:\Documents and Settings\Nick Janssen\Application Data\U3
2007-10-28 23:15 --------- d-----w C:\Documents and Settings\Nick Janssen\Application Data\Canon
2007-10-23 02:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-10-12 21:32 --------- d-----w C:\Program Files\DivX
2007-09-28 16:07 43,528 ------w C:\WINDOWS\system32\drivers\pxhelp20.sys
.
((((((((((((((((((((((((((((( snapshot@2007-11-23_ 2.49.14.81 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-05-24 18:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 21:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 21:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
- 2007-11-23 08:38:56 40,394 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2007-11-25 00:32:37 40,394 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-11-23 08:38:56 312,172 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2007-11-25 00:32:37 312,172 ----a-w C:\WINDOWS\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-03 17:21]
"Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 17:23]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:54]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:00]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2005-12-19 08:08]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 04:00 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2006-01-19 08:14 C:\WINDOWS\system32\nwiz.exe]
"NVHotkey"="nvHotkey.dll" [2006-01-19 08:14 C:\WINDOWS\system32\nvhotkey.dll]
"Dell QuickSet"="C:\Program Files\Dell\QuickSet\quickset.exe" [2006-06-29 11:13]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 16:30 C:\WINDOWS\stsystra.exe]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2005-10-07 13:13]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe" [2005-11-10 12:03]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 04:20]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 15:50]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 15:15]
"ShStatEXE"="C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe" [2006-11-30 07:50]
"McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\UdaterUI.exe" [2006-11-17 12:39]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-05-11 16:25]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2007-05-11 16:26]
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe" [2006-10-16 19:40]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 12:16]
"OpwareSE4"="C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 11:45]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24]
C:\Documents and Settings\Nick Janssen\Start Menu\Programs\Startup\
Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-09-11 16:03:12]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-03 17:21:33]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-08-03 17:23:26]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tuvvwww]
tuvvwww.dll
R1 mfetdik;McAfee Inc.;C:\WINDOWS\system32\drivers\mfetdik.sys
R3 mfeapfk;McAfee Inc.;C:\WINDOWS\system32\drivers\mfeapfk.sys
R3 NWADI;NWADI Bus Enumerator;C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
R3 USBCCID;USB Smart Card reader;C:\WINDOWS\system32\DRIVERS\usbccid.sys
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{791947fb-9a11-11dc-a285-00197d5bfe80}]
\Shell\AutoRun\command - Installer.exe
.
**************************************************************************
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-24 18:51:35
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-24 18:52:51 - machine was rebooted
C:\ComboFix2.txt ... 2007-11-24 16:38
C:\ComboFix3.txt ... 2007-11-24 16:33
.
--- E O F ---