Ok. Combofix took almost exactly 20 minutes from the time I started it to the time it rebooted and finally showed the report (because it took about 19 minutes total, I didn't stop any of the processes you mentioned even though several of them randomly popped up in the task manager).
ComboFix 07-12-21.4 - **** 2007-12-27 15:28:57.5 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.222 [GMT -5:00]
Running from: C:\Documents and Settings\****\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\****\Desktop\CFScript.txt
* Created a new restore point
FILE
C:\WINDOWS\MXOALDR .EXE
C:\WINDOWS\SM1BG .EXE
C:\WINDOWS\system32\cmd .exe
C:\WINDOWS\system32\ctfmon .exe
C:\WINDOWS\system32\hkcmd .exe
C:\WINDOWS\system32\hphmon04 .exe
C:\WINDOWS\system32\igfxtray .exe
C:\WINDOWS\system32\rqrpp.dll
C:\WINDOWS\system32\rqrpp.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\MXOALDR .EXE
C:\WINDOWS\SM1BG .EXE
C:\WINDOWS\system32\cmd .exe
C:\WINDOWS\system32\ctfmon .exe
C:\WINDOWS\system32\hkcmd .exe
C:\WINDOWS\system32\hphmon04 .exe
C:\WINDOWS\system32\igfxtray .exe
C:\WINDOWS\system32\njprckha
C:\WINDOWS\system32\njprckha\bg1.gif
C:\WINDOWS\system32\njprckha\bgtop.gif
C:\WINDOWS\system32\njprckha\bottom1.gif
C:\WINDOWS\system32\njprckha\essentials.gif
C:\WINDOWS\system32\njprckha\icon1.ico
C:\WINDOWS\system32\njprckha\install1.gif
C:\WINDOWS\system32\njprckha\left1.gif
C:\WINDOWS\system32\njprckha\li.gif
C:\WINDOWS\system32\njprckha\logo.gif
C:\WINDOWS\system32\njprckha\main.htm
C:\WINDOWS\system32\njprckha\mainframe.htm
C:\WINDOWS\system32\njprckha\reinstall1.gif
C:\WINDOWS\system32\njprckha\right1.gif
C:\WINDOWS\system32\njprckha\s1.htm
C:\WINDOWS\system32\njprckha\s2.htm
C:\WINDOWS\system32\njprckha\s3.htm
C:\WINDOWS\system32\njprckha\SMTop1.gif
C:\WINDOWS\system32\njprckha\SMTop2.gif
C:\WINDOWS\system32\njprckha\SMTop3.gif
C:\WINDOWS\system32\njprckha\SMTop4.gif
C:\WINDOWS\system32\njprckha\soft1_off.gif
C:\WINDOWS\system32\njprckha\soft1_off_ext.gif
C:\WINDOWS\system32\njprckha\soft1_on.gif
C:\WINDOWS\system32\njprckha\soft1_on_ext.gif
C:\WINDOWS\system32\njprckha\soft2_off.gif
C:\WINDOWS\system32\njprckha\soft2_off_ext.gif
C:\WINDOWS\system32\njprckha\soft2_on.gif
C:\WINDOWS\system32\njprckha\soft2_on_ext.gif
C:\WINDOWS\system32\njprckha\soft3_off.gif
C:\WINDOWS\system32\njprckha\soft3_off_ext.gif
C:\WINDOWS\system32\njprckha\soft3_on.gif
C:\WINDOWS\system32\njprckha\soft3_on_ext.gif
C:\WINDOWS\system32\njprckha\softbottom_off.gif
C:\WINDOWS\system32\njprckha\softbottom_on.gif
C:\WINDOWS\system32\njprckha\softleft_off.gif
C:\WINDOWS\system32\njprckha\softleft_on.gif
C:\WINDOWS\system32\njprckha\top1.gif
C:\WINDOWS\system32\njprckha\top2.gif
C:\WINDOWS\system32\njprckha\turnoff1.gif
C:\WINDOWS\system32\njprckha\turnon1.gif
C:\WINDOWS\system32\pprqr.ini
C:\WINDOWS\system32\pprqr.ini2
C:\WINDOWS\system32\rqrpp.dll
C:\WINDOWS\system32\rqrpp.exe
.
((((((((((((((((((((((((( Files Created from 2007-11-27 to 2007-12-27 )))))))))))))))))))))))))))))))
.
2007-12-27 14:27 . 2007-12-27 14:27 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-27 14:27 . 2007-12-27 14:27 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-27 12:29 . 2007-12-27 12:34 143 --a------ C:\WINDOWS\system32\mcrh.tmp
2007-12-26 11:35 . 2007-12-26 13:37 <DIR> d-------- C:\VundoFix Backups
2007-12-22 23:11 . 2007-12-22 23:11 <DIR> d-------- C:\Program Files\Enigma Software Group
2007-12-21 23:45 . 2007-12-21 23:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-12-21 23:44 . 2007-12-21 23:44 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-12-20 21:53 . 2007-12-20 21:54 <DIR> d-------- C:\WINDOWS\ERUNT
2007-12-20 18:40 . 2007-12-20 21:46 <DIR> d-------- C:\Documents and Settings\Administrator\.housecall6.6
2007-12-20 18:24 . 2007-12-20 18:24 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Lavasoft
2007-12-20 18:19 . 2007-12-20 19:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-20 18:16 . 2007-12-20 18:16 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Share-to-Web Upload Folder
2007-12-20 18:14 . 2007-12-27 14:19 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Intel
2007-12-20 18:13 . 2004-11-15 22:57 <DIR> d-------- C:\Documents and Settings\Administrator\WINDOWS
2007-12-20 18:13 . 2004-11-16 00:30 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\You've Got Pictures Screensaver
2007-12-20 18:13 . 2001-04-04 04:31 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\toshiba
2007-12-20 18:13 . 2004-11-16 00:07 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2007-12-20 18:13 . 2004-11-15 23:32 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Intuit
2007-12-20 18:13 . 2004-11-16 01:07 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InterVideo
2007-12-20 18:13 . 2004-11-16 00:22 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\InterTrust
2007-12-20 18:13 . 2005-04-23 19:59 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\AOL
2007-12-12 21:23 . 2007-12-12 21:23 <DIR> d-------- C:\Program Files\Retrospect
2007-12-06 17:28 . 2007-12-27 14:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\RetroExp
2007-12-06 17:24 . 2007-12-06 17:24 <DIR> d-------- C:\Program Files\Maxtor
2007-12-05 22:06 . 2007-12-05 22:06 <DIR> d-------- C:\Program Files\2BrightSparks
2007-12-02 16:53 . 2007-12-09 13:42 <DIR> d-------- C:\Program Files\F2atv_Forums
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-27 20:30 --------- d-----w C:\Program Files\QuickTime
2007-12-27 20:29 430,592 ----a-w C:\WINDOWS\SM1BG.EXE
2007-12-27 20:29 430,592 ----a-w C:\WINDOWS\MXOALDR.EXE
2007-12-27 20:29 --------- d-----w C:\Program Files\ltmoh
2007-12-27 20:15 --------- d-----w C:\Documents and Settings\****\Application Data\ScanSoft
2007-12-27 20:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\ScanSoft
2007-12-27 20:11 --------- d-----w C:\Program Files\Common Files\ScanSoft Shared
2007-12-27 20:01 --------- d-----w C:\Program Files\ScanSoft
2007-12-27 19:23 --------- d-----w C:\Program Files\Microsoft ActiveSync
2007-12-27 19:20 --------- d-----w C:\Program Files\Intel
2007-12-27 19:19 --------- d-----w C:\Documents and Settings\Owner\Application Data\Intel
2007-12-27 19:19 --------- d-----w C:\Documents and Settings\****\Application Data\Intel
2007-12-27 19:14 --------- d-----w C:\Program Files\Notebook Maximizer
2007-12-27 19:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-12-27 17:34 --------- d-----w C:\Program Files\BitTorrent_DNA
2007-12-23 04:50 --------- d-----w C:\Documents and Settings\****\Application Data\BitTorrent DNA
2007-12-22 19:15 --------- d-----w C:\Program Files\Trend Micro
2007-12-19 13:53 --------- d-----w C:\Program Files\eMule
2007-12-19 03:47 --------- d-----w C:\Documents and Settings\****\Application Data\BitTorrent
2007-12-06 22:25 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-23 04:32 --------- d-----w C:\Program Files\VideoLAN
2007-11-18 20:14 --------- d-----w C:\Program Files\iNav
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-12 19:21 --------- d-----w C:\Program Files\PdaNet for Windows Mobile
2007-11-07 22:15 --------- d-----w C:\Program Files\DAEMON Tools
2007-11-07 22:07 --------- d-----w C:\Program Files\PeerGuardian2
2007-11-07 22:05 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-11-07 14:02 --------- d-----w C:\Program Files\BitTorrent
2007-11-07 13:47 --------- d-----w C:\Program Files\eDonkey2000
2007-07-02 20:41 630,784 ----a-w C:\Documents and Settings\****\GoToAssist_chat2way__317_en.exe
2006-07-26 23:53 557,056 ----a-w C:\Documents and Settings\****\chatlnk.exe
2003-08-27 19:19 36,963 ----a-r C:\Program Files\Common Files\SM1updtr.dll
.
((((((((((((((((((((((((((((( snapshot@2007-12-24_20.40.45.99 )))))))))))))))))))))))))))))))))))))))))
.
- 2004-08-04 12:00:00 15,360 ----a-w C:\WINDOWS\system32\ctfmon.exe
+ 2007-12-27 20:42:41 352,256 ----a-w C:\WINDOWS\system32\ctfmon.exe
- 2007-04-10 00:33:01 200,936 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2007-12-27 20:22:14 200,144 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{045F79C1-1726-4671-92AC-68CABF8963F3}]
2007-12-27 15:42 331776 --a------ C:\WINDOWS\system32\rqrpp.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00]
"OfotoNow USB Detection"="C:\WINDOWS\system32\RunDLL32.exe" [2004-08-04 07:00]
"SpriteService"="" []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" []
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" []
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2007-12-27 15:29]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-27 15:29]
"NDSTray.exe"="NDSTray.exe" []
"AGRSMMSG"="AGRSMMSG.exe" [2004-10-28 17:37 C:\WINDOWS\agrsmmsg.exe]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" []
"TFncKy"="TFncKy.exe" []
"TPSMain"="TPSMain.exe" [2004-08-27 12:34 C:\WINDOWS\system32\TPSMain.exe]
"PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" []
"Pinger"="C:\TOSHIBA\IVP\ISM\pinger.exe" [2007-12-27 15:42]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe" []
"HPHmon04"="C:\WINDOWS\system32\hphmon04.exe" []
"SM1BG"="C:\WINDOWS\SM1BG.EXE" [2007-12-27 15:29]
C:\Documents and Settings\******\Start Menu\Programs\Startup\
Anapod Manager.lnk - C:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe [2006-12-05 01:15:34]
PdaNet Desktop.lnk - C:\Program Files\PdaNet for Windows Mobile\PdaNetPC.exe [2007-11-12 14:21:09]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2004-12-07 22:02:24]
[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\windows]
"load"=C:\WINDOWS\system32\rqrpp.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\rqrpp
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPHUPD04]
2002-05-24 07:47 49152 --a------ C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2005-10-18 11:58 278528 --a------ C:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
2005-03-09 19:10 11776 --a------ C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Opware14]
C:\Program Files\ScanSoft\OmniPagePro14.0\Opware14.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2005-03-08 21:13 1695744 --a------ C:\Program Files\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
2002-04-17 10:42 69632 --a------ C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpriteService]
2007-08-23 07:24 8793064 --a------ C:\Program Files\Sprite Software\Sprite Backup\SpriteService.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WorkFlowTray]
C:\Program Files\ScanSoft\OmniPagePro14.0\WorkFlowTray.exe
R1 Cinemsup;Cinemsup;C:\WINDOWS\system32\drivers\Cinemsup.sys [2003-12-19 02:00]
R1 DVDVRRdr_xp;DVDVRRdr_xp;C:\WINDOWS\system32\drivers\DVDVRRdr_xp.sys [2005-03-08 21:05]
R1 UDFReadr;UDFReadr;C:\WINDOWS\system32\drivers\UDFReadr.sys [2005-03-08 20:54]
R2 OneTouch 4.0 Monitor;OneTouch 4.0 Monitor;"C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe" [2006-08-28 00:58]
R3 pnetmdm;PdaNet Modem;C:\WINDOWS\system32\DRIVERS\pnetmdm.sys [2006-09-28 15:32]
S3 pgfilter;pgfilter;C:\Program Files\PeerGuardian2\pgfilter.sys [2005-09-18 18:02]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de021171-b460-11d9-bb13-000e35f2ff28}]
\Shell\AutoRun\command - E:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e7a2970d-d3f7-11da-bba5-000e35f2ff28}]
\Shell\AutoRun\command - setupSNK.exe
.
**************************************************************************
catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-27 15:42:02
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
C:\WINDOWS\TEMP
C:\WINDOWS\system32\rqrpp.exe 335360 bytes executable
C:\WINDOWS\system32\ctfmon .exe 15360 bytes executable
C:\WINDOWS\system32\pprqr.ini 391 bytes
C:\WINDOWS\system32\pprqr.ini2 319 bytes
scan completed successfully
hidden files: 5
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2900.3156]
-> C:\WINDOWS\system32\rqrpp.dll
.
Completion time: 2007-12-27 15:46:15 - machine was rebooted
C:\ComboFix2.txt ... 2007-12-27 13:08
C:\ComboFix3.txt ... 2007-12-26 11:33
.
2007-12-21 14:19:06 --- E O F ---