Please Help! Virtumonde, MalwareAlarm (SecCenter), etc.

[psywzrd]

ComboFix 07-12-21.4 - **** 2007-12-28 13:29:57.8 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.207 [GMT -5:00]
Running from: C:\Documents and Settings\****\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\****\Desktop\CFScript.txt
* Created a new restore point

FILE
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\Retrospect\Retrospect Express HD 1.1\RetroExpress .exe
C:\WINDOWS\system32\ctfmon .exe
C:\WINDOWS\system32\pprqr.ini
C:\WINDOWS\system32\pprqr.ini2
C:\WINDOWS\system32\rqrpp.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Analog Devices\SoundMAX\Smax4 .exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\Microsoft ActiveSync\wcescomm .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\QuickTime\qttask .exe
C:\Program Files\Retrospect\Retrospect Express HD 1.1\RetroExpress .exe
C:\WINDOWS\system32\ctfmon .exe
C:\WINDOWS\system32\pprqr.ini
C:\WINDOWS\system32\pprqr.ini2
C:\WINDOWS\system32\rqrpp.dll
C:\WINDOWS\system32\rqrpp.exe

.
((((((((((((((((((((((((( Files Created from 2007-11-28 to 2007-12-28 )))))))))))))))))))))))))))))))
.

2007-12-28 13:43 . 2007-12-28 13:43 331,776 --------- C:\WINDOWS\system32\rqrpp.dll
2007-12-28 13:43 . 2007-12-28 13:45 391 --ahs---- C:\WINDOWS\system32\pprqr.ini
2007-12-27 22:44 . 2007-12-27 23:03 91,492 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-12-27 22:44 . 2007-12-27 23:03 85,860 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-12-27 22:42 . 2007-12-27 22:42 <DIR> d-------- C:\Program Files\Kaspersky Lab
2007-12-27 22:42 . 2007-12-28 13:45 516,128 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-12-27 22:42 . 2007-12-28 13:45 17,696 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-12-27 22:42 . 2007-12-28 13:40 7,916 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-27 22:42 . 2007-12-28 13:40 2,660 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2007-12-27 22:39 . 2007-12-27 22:39 <DIR> d-------- C:\KAV
2007-12-27 16:06 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2007-12-27 16:04 . 2007-12-27 16:04 <DIR> d-------- C:\Program Files\Common Files\Java
2007-12-27 14:27 . 2007-12-27 14:27 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-27 14:27 . 2007-12-27 14:27 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-26 11:35 . 2007-12-26 13:37 <DIR> d-------- C:\VundoFix Backups
2007-12-22 23:11 . 2007-12-22 23:11 <DIR> d-------- C:\Program Files\Enigma Software Group
2007-12-21 23:45 . 2007-12-28 13:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-12-21 23:44 . 2007-12-21 23:44 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-12-20 21:53 . 2007-12-20 21:54 <DIR> d-------- C:\WINDOWS\ERUNT
2007-12-20 18:40 . 2007-12-20 21:46 <DIR> d-------- C:\Documents and Settings\Administrator\.housecall6.6
2007-12-20 18:24 . 2007-12-20 18:24 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Lavasoft
2007-12-20 18:19 . 2007-12-20 19:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-20 18:16 . 2007-12-20 18:16 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Share-to-Web Upload Folder
2007-12-20 18:14 . 2007-12-27 14:19 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Intel
2007-12-20 18:13 . 2004-11-15 22:57 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2007-12-20 18:13 . 2004-11-16 00:30 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\You've Got Pictures Screensaver
2007-12-20 18:13 . 2001-04-04 04:31 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\toshiba
2007-12-20 18:13 . 2004-11-16 00:07 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2007-12-20 18:13 . 2004-11-15 23:32 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Intuit
2007-12-20 18:13 . 2004-11-16 01:07 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InterVideo
2007-12-20 18:13 . 2004-11-16 00:22 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InterTrust
2007-12-20 18:13 . 2005-04-23 19:59 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\AOL
2007-12-12 21:23 . 2007-12-12 21:23 <DIR> d-------- C:\Program Files\Retrospect
2007-12-06 17:28 . 2007-12-27 14:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\RetroExp
2007-12-06 17:24 . 2007-12-06 17:24 <DIR> d-------- C:\Program Files\Maxtor
2007-12-05 22:06 . 2007-12-05 22:06 <DIR> d-------- C:\Program Files\2BrightSparks
2007-12-02 16:53 . 2007-12-09 13:42 <DIR> d-------- C:\Program Files\F2atv_Forums