Oh, I should have mentioned that I also tried ComboFix before as well, and it could not remove this infection either.
Anyway, here is the ComboFix log:
ComboFix 09-01-13.04 - Compaq_Owner 2009-01-17 13:09:34.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.208 [GMT -7:00]
Running from: c:\documents and settings\Compaq_Owner\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
.
((((((((((((((((((((((((( Files Created from 2008-12-17 to 2009-01-17 )))))))))))))))))))))))))))))))
.
2009-01-17 12:39 . 2009-01-17 12:39 <DIR> d-------- c:\program files\ERUNT
2009-01-17 12:12 . 2009-01-17 12:13 <DIR> d-------- C:\rsit
2009-01-14 21:31 . 2009-01-14 21:33 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-14 21:31 . 2009-01-14 21:31 <DIR> d-------- c:\documents and settings\Compaq_Owner\Application Data\Malwarebytes
2009-01-14 21:31 . 2009-01-14 21:31 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-01-14 21:31 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 21:31 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-01-11 21:24 . 2009-01-17 03:59 <DIR> d--h----- C:\$AVG8.VAULT$
2009-01-11 21:02 . 2009-01-11 21:02 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-01-11 21:01 . 2009-01-17 12:15 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-01-11 21:01 . 2009-01-11 21:01 <DIR> d-------- c:\program files\AVG
2009-01-11 21:01 . 2009-01-11 21:26 <DIR> d-------- c:\documents and settings\Compaq_Owner\Application Data\AVGTOOLBAR
2009-01-11 21:01 . 2009-01-11 21:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-01-11 21:01 . 2009-01-11 21:01 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-01-11 21:01 . 2009-01-11 21:01 76,040 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-01-11 20:03 . 2009-01-11 20:03 578,560 --a--c--- c:\windows\system32\dllcache\user32.dll
2009-01-11 19:59 . 2009-01-11 19:59 <DIR> d-------- c:\windows\ERUNT
2009-01-11 19:57 . 2009-01-12 20:51 <DIR> d-------- C:\SDFix
2009-01-11 17:09 . 2008-04-13 11:39 14,592 --a------ c:\windows\system32\drivers\kbdhid.sys
2009-01-11 17:09 . 2008-04-13 11:39 14,592 --a--c--- c:\windows\system32\dllcache\kbdhid.sys
2008-12-31 09:33 . 2008-12-31 13:34 5,632 --a------ c:\windows\system32\msvdx86.tmp
2008-12-22 15:52 . 2009-01-17 12:06 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-22 15:52 . 2008-12-22 15:52 1,409 --a------ c:\windows\QTFont.for
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-12 04:02 --------- d-----w c:\documents and settings\All Users\Application Data\Grisoft
2009-01-11 22:03 --------- d-----w c:\program files\Yahoo!
2008-12-31 04:01 --------- d-----w c:\program files\Mozilla Thunderbird
2008-12-31 03:41 --------- d-----w c:\program files\Audible
2008-12-26 16:03 --------- d-----w c:\program files\PokerStars
2008-12-24 17:40 --------- d-----w c:\documents and settings\Compaq_Owner\Application Data\uTorrent
2008-12-24 03:11 3,500 ----a-w c:\documents and settings\Compaq_Owner\Application Data\wklnhst.dat
2008-12-20 19:20 --------- d-----w c:\documents and settings\Compaq_Owner\Application Data\OpenOffice.org2
2008-12-20 19:08 --------- d-----w c:\program files\Creative
2008-12-16 21:30 --------- d-----w c:\documents and settings\Nick\Application Data\uTorrent
2008-12-16 03:08 5,248 ----a-w c:\windows\system32\drivers\msvdx86.aqmgu
2008-12-04 03:37 91,104 ----a-w c:\documents and settings\Compaq_Owner\Application Data\GDIPFONTCACHEV1.DAT
2008-12-04 01:24 --------- d-----w c:\program files\Hasbro Interactive
2008-12-02 17:56 2,078 ----a-w c:\documents and settings\Nick\Application Data\wklnhst.dat
2008-11-30 15:44 77,824 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\HPQ\XPXWWPP5\plugin\bin\FDIWrapper.dll
2008-11-30 15:44 69,632 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\HPQ\XPXWWPP5\plugin\bin\jsharpde\msxmlwrapper.dll
2008-11-30 15:44 49,152 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\HPQ\XPXWWPP5\plugin\bin\PCHI18N.dll
2008-11-30 15:44 44,032 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\HPQ\XPXWWPP5\LocalContent\Attachments\devcon.exe
2008-11-30 15:44 40,960 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\HPQ\XPXWWPP5\plugin\bin\ScDmi.dll
2008-11-30 15:44 307,200 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\HPQ\XPXWWPP5\plugin\bin\pchnotify.exe
2008-11-30 15:44 3,072 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\HPQ\XPXWWPP5\plugin\bin\jsharpde\pchealthde.exe
2008-11-30 15:44 26,572 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\HPQ\XPXWWPP5\plugin\bin\jsharpde\INV16.dll
2008-11-30 15:44 159,744 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe
2008-11-30 15:44 139,264 ----a-w c:\windows\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\HPQ\XPXWWPP5\plugin\bin\ContentUpdater.exe
2008-11-27 04:15 --------- d-----w c:\program files\Picasa
2008-11-17 20:04 2,306,113 ----a-w c:\windows\system32\GPhotos.scr
2008-10-23 12:36 286,720 ----a-w c:\windows\system32\gdi32.dll
2008-07-08 05:21 85,960 ----a-w c:\documents and settings\Kailyn\Application Data\GDIPFONTCACHEV1.DAT
2008-05-19 17:10 62,910 ----a-w c:\program files\Uninstall.exe
2008-05-19 17:10 0 ----a-w c:\program files\uninstall.dat
2006-09-28 00:42 250 ----a-w c:\documents and settings\Kailyn\Application Data\wklnhst.dat
2008-04-14 00:12 4,096 --sha-w c:\windows\system32\1112.dat
.
((((((((((((((((((((((((((((( snapshot@2009-01-14_21.04.31.09 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-20 19:02:28 163,328 ----a-w c:\windows\ERDNT\17-01-2009\ERDNT.EXE
+ 2009-01-17 19:40:54 5,210,112 ----a-w c:\windows\ERDNT\17-01-2009\Users\
00000001\NTUSER.DAT
+ 2009-01-17 19:40:54 110,592 ----a-w c:\windows\ERDNT\17-01-2009\Users\
00000002\UsrClass.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{99833904-039B-4CA2-8CF2-A4A8D904A593}]
2006-03-21 20:18 94720 --a------ c:\windows\system32\atikvma.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2008-09-09 623880]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-12-11 267048]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-01-11 1261336]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2008-09-11 984352]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Compaq Connections.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Compaq Connections.lnk
backup=c:\windows\pss\Compaq Connections.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak software updater.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Kodak software updater.lnk
backup=c:\windows\pss\Kodak software updater.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^Kailyn^Start Menu^Programs^Startup^Compaq Organize.lnk]
path=c:\documents and settings\Kailyn\Start Menu\Programs\Startup\Compaq Organize.lnk
backup=c:\windows\pss\Compaq Organize.lnkStartup
[HKLM\~\startupfolder\C:^Documents and Settings^Kailyn^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\documents and settings\Kailyn\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
--a------ 2004-07-30 10:04 245760 c:\program files\Creative\Shared Files\CamTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-12-11 12:10 267048 c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher]
--a------ 2004-10-14 21:54 253952 c:\hp\drivers\hplsbwatcher\LSBurnWatcher.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2008-04-13 17:12 1695232 c:\program files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-12-11 10:56 286720 c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
--a------ 2004-04-14 20:43 233472 c:\windows\SMINST\Recguard.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-07-13 19:51 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WINCINEMAMGR]
--a------ 2004-10-01 00:18 192512 c:\program files\InterVideo\Common\Bin\WinRemote.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--------- 2006-10-18 19:05 204288 c:\program files\Windows Media Player\wmpnscfg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WT GameChannel]
--a------ 2003-10-09 14:31 184784 c:\program files\WildTangent\Apps\GameChannel.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Compaq Connections\\6750491\\Program\\Compaq Connections.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare Software\\bin\\EasyShare.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Intuit\\QuickBooks 2009\\QBDBMgrN.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
R0 iyounjch;iyounjch;c:\windows\system32\drivers\iyounjch.sys [2004-10-28 23424]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-01-11 97928]
R3 PhTVTune;ASUS WDM TV Tuner;c:\windows\system32\drivers\PhTVTune.sys [2004-10-21 24544]
R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-01-11 875288]
R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-01-11 231704]
R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-01-11 76040]
S4 CGFSB;CGFSB;c:\docume~1\COMPAQ~1\LOCALS~1\Temp\CGFSB.exe --> c:\docume~1\COMPAQ~1\LOCALS~1\Temp\CGFSB.exe [?]
S4 FPZAAVDD;FPZAAVDD;c:\docume~1\COMPAQ~1\LOCALS~1\Temp\FPZAAVDD.exe --> c:\docume~1\COMPAQ~1\LOCALS~1\Temp\FPZAAVDD.exe [?]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
.
Contents of the 'Scheduled Tasks' folder
2008-06-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 14:57]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - c:\program files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll
FF - ProfilePath - c:\documents and settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\cfls5m4z.default\
FF - prefs.js: browser.startup.homepage - about:blank
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG8\ToolbarFF\components\vmAVGConnector.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJPI150_03.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPOJI610.dll
FF - plugin: c:\program files\Picasa\npPicasa3.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-01-17 13:12:33
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(576)
c:\windows\system32\avgrsstx.dll
c:\windows\system32\Ati2evxx.dll
- - - - - - - > 'lsass.exe'(688)
c:\windows\system32\avgrsstx.dll
.
Completion time: 2009-01-17 13:14:27
ComboFix-quarantined-files.txt 2009-01-17 20:14:24
ComboFix2.txt 2009-01-15 04:05:35
Pre-Run: 126,097,629,184 bytes free
Post-Run: 126,080,266,240 bytes free
197 --- E O F --- 2008-12-19 10:01:22
Thanks for looking at this.