Regarding Hitman Pro: you made an assumption that was based on incorrect data> you 'assumed' that because Hitman Pro brought these processes up that they were 'bad' and causing your problems:

FYI:
1. bsdiff and bspatch are tools for building and applying patches to binary files

2. libexpatw.dll is part of HP Photosmart C6180 All-In-One printer/scanner/fax/copier

3. ssleay32.dll is a module associated with The OpenSSL Toolkit from The OpenSSL Project, http://www.openssl.org/

4. msmsgs.exe is Related to Microsoft's Windows Messenger. Here is what it deleted:
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)

5. tkjvrup.exe is the only process I cannot identify with only the file information. I would have 'looked' at the file first. It could have or may not have been malware.

The only questionable entry is #5. The others weren't malware.
===========================================
Regarding the AVG Virus Vault or any quarantine folder in an antivirus program:
Once an entry is found and quarantined, it is no longer active in the system

Connect the drive> do a right click> Delete on the $AVG folder
Try using the same directions I gave you for removing the files in the Recycler. Remember, you are only looking for the SID number I gave you and the Recycle Bin must be empty before deleting the file.
====================================
Please reopen HijackThis to 'do system scan only.' Check each of the following, if present:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com...r/fix_homepage
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} - http://www.pandasoftware.com/activescan/as5/asinst.cab

Close all Windows except HijackThis and click on "Fix Checked."

Rich, if you have problems in the future, it's always best to give as much information as you can. Telling us the malware came from an infected flash drive. There are some types of malware with a frequent transmission by flash drives. Although you did so in good faith, connecting to a computer with no security with a flash drive is not something you want to do.

I cannot tell you what the significance of the file removals by Hitman were because I don't have enough information.

When you try the Recycler again, after showing the hidden files, double click on Recycler and see if more than 1 SID is showing. If so, you need to look for the SID I gave you.

Removing all of the tools we used and the files and folders they created

• Uninstall ComboFix and all Backups of the files it deleted
• Click START> then RUN
• Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
  

• Download OTCleanIt by OldTimer and save it to your Desktop.
• Double click OTCleanIt.exe.
• Click the CleanUp! button.
• If you are prompted to Reboot during the cleanup, select Yes.
• The tool will delete itself once it finishes.

Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.

• You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.
• Go to Start > All Programs > Accessories > System Tools
• Click "System Restore".
• Choose "Create a Restore Point" on the first screen then click "Next".
• Give the Restore Point a name> click "Create".
  
• Go back and follow the path to > System Tools.
  [*]Choose Disc Cleanup
  [*]Click "OK" to select the partition or drive you want.
  [*]Click the "More Options" Tab.
  [*]Click "Clean Up" in the System Restore section to remove all previous Restore Points except the newly created one.

Empty the Recycle Bin
Lt me know if you have any more questions.

jusched.exe is the auto-updater for Java. I have no use for auto-updates so I prevent mine as follows:
Open the Control Panel> Java> Advanced tab> click on + sign to left of 'JRE Auto-update'> Check 'Never auto-download'> Click on Apply> OK
Have a look at the Startup menu and make sure jusched.exe isn't checked.
Almost everyone has the auto-updater checked. Problem is, they get the new update, but Java doesn't overwrite and users forget to uninstall old version. This way, user can keep in mind to uninstall old version when getting new version.
============================================
About the flash drive: Just know that the more I know, the more I can help you. For instance, if I had known about the flash drive sharing, I would have had you disinfect it earlier and cautioned you about not using it until it was clean.
=============================================
About the Recycler: you can try doing a double click on the SID to see if it will 'open'. If it does, go to Edit> Select All> Delete. This has to be your account to remove those files. If they won't go, they aren't active in the system and eventually they will be overwritten.
=============================================
About MsiExec.exe: MsiExec.exe is the executable for the windows installer. This should only be running while you are running an installer. If this is still running after the installer has completed it should be safe to end this process. Did you abort any setups you had downloaded after the double click to install but before the install was complete?
=============================================
If you still have Combofix, I can try to remove the old Java from Firefox:

Please run this Custom CFScript:

• 
  [1]. Close any open browsers.
  [2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  [3]. Open notepad> click on Format> Uncheck 'Word Wrap> and copy/paste the text in the code below into it:

Code:

Extra::
File::
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
Firefox::
Firefox-:- Profile- c:\documents and settings\Richard\Application Data\Mozilla\Firefox\Profiles\qjolvo62.default\

Save this as CFScript.txt, in the same location as ComboFix.exe


Referring to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt . You do not need to leave the log.
====================
The system is clean. Let me know if there are any more problems.

Thank you for the offer, but it was my pleasure to help you. I don't accept donations and neither does TechSpot. Go learn a lot and come back and help out!!

You can do a right click Properties on any of these folders to try and get more info. AMD will be for the processor. i386 is for Intel. We would have picked it up if it had been malware. My rule is that if you don't know, don't delete it. Be sure the hidden files and folders are just that:
Control Panel> Folder Options> View tab> be sure to check 'don't show hidden files and folders' and check 'hide System files for OS (Recommended)> Apply OK.

It's possible that the hidden files and folders have been set to show and you just haven't seen them previously. They aren't 'hidden' because they're bad- it's to keep you from removing them and trashing the system! Leave EULA.rtf' and 'HotFixInstallerUI.dll' Files
========================================
Tips for added security and safer browsing:

1. Browser Security Settings: Custom is fine if the user did the settings. Mine are Custom. Default is okay too, but sometimes too restrictive.
   This Tutorial will help guide you through Configuring Security Settings, Managing Active X Controls and other safety features: Make Internet Explorer safer.
   
2. Have layered Security:
   • Antivirus Software(only one):Both of the following programs are free and known to be good:
     [o]Avira-AntiVir-Personal-Free-Antivirus
     [o]Avast Free Version
     
     [o]Avira Free
     [o]Avast Home
   • Firewall (only one): Use bi-directional firewall. Both of the following programs are free and known to be good:
     [o]Comodo
     [o]Zone Alarm
   • Antispyware: I recommend all of the following:
     [o]Spywareblaster: SpywareBlaster protects against bad ActiveX. It places kill bits to stop bad Active X controls from being installed. Remember to update it regularly.
   [o]Download ZonedOut and save to your desktop. this replaces IE/Spyad and manages the Zones in Internet explorer. This places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
   For IE7 and IE8, Windows 2000 thru Vista. No Windows 7 yet.
   IE/Spyad is not longer being supported. If you have this on your system, you should replace it with the following program. Make sure your IE8 is Up-to-date before adding sites to your restricted zone.
   Known issue: If you have "immunized" your computer with Spybot Search and Destroy, and use ZonedOut to "Remove All" restricted sites - ZonedOut will remove your trusted sites as well. Note that if you remove Spybot Search and Destroys Immunization the problem goes away...
   [o]Replace the Host Files
   MVPS Hosts files This replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer.
   [o]Google Toolbar Get the free google toolbar to help stop pop up windows.
   
3. Stay current on updates:
   [o] Visit the Microsoft Download Sitefrequently. You should get All updates marked Critical and the current SP updates.
   [o]Visit this Adobe Reader site often and make sure you have the most current update. Uninstall any earlier updates as they are vulnerabilities.
   [o]Check this site .Java Updates Stay current as most updates are for security. Uninstall any earlier versions in Add/Remove Programs.
   
4. Reset Cookies to prevent Tracking Cookies:
   [o]For Internet Explorer: Internet Options (through Tools or Control Panel) Privacy tab> Advanced button> check 'override automatic Cookie handling'> check 'accept first party Cookies'> check 'Block third party Cookies'> check 'allow per session Cookies'> Apply> OK.
   [o]For Firefox: Tools> Options> Privacy> Cookies> check ‘accept Cookies from Sites’> Uncheck 'accept third party Cookies'> Set Keep until 'they expire'. This will allow you to keep Cookies for registered sites and prevent or remove others. (Note: for Firefox v3.5, after Privacy click on 'use custom settings for History.')
   I suggest using the following two add-on for Firefox. They will prevent the Tracking Cookies that come from ads and banners and other sources:
   AdBlock Plus
   Easy List
   
5. Do regular Maintenance
   Remove Temporary Internet Files regularly:
   [o]ATF Cleaner by Atribune
   OR
   [o]TFC
   Disable and Enable System Restore:
   [o]See System Restore Guide This will help you understand what this is, why you need to clean and set restore points and what information is in them.
   
6. Practice Safe Email Handling
   [o] Don't open email from anyone you don't know.
   [o] Don't open Attachments in the email. Safe to your desktop and scan for viruses using a right click
   [o] Don't leave your personal email address on the internet. Have a separate email account at one of the free web-based emails like Yahoo.