I can not find the security check log. Should I run it again?
Here are the other logs...
OTL log...
All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-776561741-1897051121-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\intuit.com\ttlc\ deleted successfully.
Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Starting removal of ActiveX control Garmin Communicator Plug-In Reg Error: Value error.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Garmin Communicator Plug-In Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In Reg Error: Value error.\ not found.
C:\Documents and Settings\All Users\Application Data\30xbu6q33b6g07e moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Application Data\30xbu6q33b6g07e moved successfully.
C:\WINDOWS\Vreladuxo.dat moved successfully.
C:\Documents and Settings\All Users\Application Data\~18800420r moved successfully.
C:\Documents and Settings\All Users\Application Data\~18800420 moved successfully.
C:\Documents and Settings\All Users\Application Data\18800420 moved successfully.
C:\Documents and Settings\Authorized User\2gweorjqjutp92vjy9gake moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Application Data\3x41wrg1bdk74r644p5lin01f7k5jp7s5l3846d5642xs moved successfully.
C:\Documents and Settings\All Users\Application Data\3x41wrg1bdk74r644p5lin01f7k5jp7s5l3846d5642xs moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Authorized User
->Temp folder emptied: 32945968 bytes
->Temporary Internet Files folder emptied: 47757314 bytes
->Java cache emptied: 14119 bytes
->FireFox cache emptied: 83216029 bytes
->Flash cache emptied: 5764 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2900102 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 47569 bytes
User: NetworkService
->Temp folder emptied: 7524 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 1715 bytes
->Flash cache emptied: 24220 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 41299058 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 199.00 mb
[EMPTYFLASH]
User: All Users
User: Authorized User
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
->Flash cache emptied: 0 bytes
User: NetworkService
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.22.3 log created on 05152011_091041
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Authorized User\Local Settings\Temp\Perflib_Perfdata_d0c.dat not found!
File\Folder C:\Documents and Settings\Authorized User\Local Settings\Temp\~DF90C.tmp not found!
File\Folder C:\Documents and Settings\Authorized User\Local Settings\Temp\~DF91A.tmp not found!
File\Folder C:\Documents and Settings\Authorized User\Local Settings\Temp\~DF969.tmp not found!
File\Folder C:\Documents and Settings\Authorized User\Local Settings\Temp\~DF977.tmp not found!
File\Folder C:\Documents and Settings\Authorized User\Local Settings\Temp\~DF9B5.tmp not found!
File\Folder C:\Documents and Settings\Authorized User\Local Settings\Temp\~DF9C3.tmp not found!
C:\Documents and Settings\Authorized User\Local Settings\Temporary Internet Files\Content.IE5\U8Q8EY4C\c=419_rand=885215909_pv=y_async=undefined_rt=ifr[1].htm moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Temporary Internet Files\Content.IE5\U8Q8EY4C\google[1].htm moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Temporary Internet Files\Content.IE5\U8Q8EY4C\PugTracker[1].htm moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Temporary Internet Files\Content.IE5\U8Q8EY4C\px[1].htm moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Temporary Internet Files\Content.IE5\U8Q8EY4C\sh42[1].html moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Temporary Internet Files\Content.IE5\C7XDKP0W\topic164833-2[1].html moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Temporary Internet Files\SuggestedSites.dat moved successfully.
Registry entries deleted on Reboot...
*********************
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\18800420.exe.vir Win32/Adware.HDDRescue.AA application
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\KMsAsKYhhcwX.exe.vir Win32/TrojanDownloader.Prodatect.BK trojan
C:\Qoobox\Quarantine\C\Documents and Settings\Authorized User\Application Data\7DEB2F60F4ED7FC4F140AEB6D3CF9BF7\enemies-names.txt.vir Win32/Adware.AntimalwareDoctor.AE.Gen application
C:\Qoobox\Quarantine\C\Documents and Settings\Authorized User\Application Data\7DEB2F60F4ED7FC4F140AEB6D3CF9BF7\local.ini.vir Win32/Adware.AntimalwareDoctor.AE.Gen application
C:\Qoobox\Quarantine\C\Documents and Settings\Authorized User\Application Data\Adobe\plugs\mmc17611546.txt.vir Win32/TrojanDownloader.Prodatect.BK trojan
C:\Qoobox\Quarantine\C\Documents and Settings\Authorized User\Local Settings\Application Data\kah.exe.vir a variant of Win32/Kryptik.NOT trojan
C:\Qoobox\Quarantine\C\Documents and Settings\NetworkService\Local Settings\Application Data\oimdvhemc.exe.vir a variant of Win32/Injector.GFC trojan
C:\Qoobox\Quarantine\C\WINDOWS\erimayob.dll.vir a variant of Win32/Kryptik.NOS trojan
C:\Qoobox\Quarantine\C\WINDOWS\usap32.dll.vir a variant of Win32/Kryptik.NQE trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\spool\prtprocs\w32x86\191EC.tmp.vir a variant of Win32/Kryptik.NPQ trojan
C:\System Volume Information\_restore{C3EED522-AF28-4D96-9F9A-10715CE42056}\RP114\A0012928.ini Win32/Adware.AntimalwareDoctor.AE.Gen application
C:\System Volume Information\_restore{C3EED522-AF28-4D96-9F9A-10715CE42056}\RP114\A0012933.exe a variant of Win32/Kryptik.NOT trojan
C:\System Volume Information\_restore{C3EED522-AF28-4D96-9F9A-10715CE42056}\RP114\A0012936.exe a variant of Win32/Injector.GFC trojan
C:\System Volume Information\_restore{C3EED522-AF28-4D96-9F9A-10715CE42056}\RP114\A0012937.dll a variant of Win32/Kryptik.NOS trojan
C:\System Volume Information\_restore{C3EED522-AF28-4D96-9F9A-10715CE42056}\RP114\A0012941.dll a variant of Win32/Kryptik.NQE trojan
C:\WINDOWS\system32\345.js JS/TrojanDownloader.Agent.NWG trojan
Here are the other logs...
OTL log...
All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-776561741-1897051121-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\intuit.com\ttlc\ deleted successfully.
Starting removal of ActiveX control {31435657-9980-0010-8000-00AA00389B71}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{31435657-9980-0010-8000-00AA00389B71}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31435657-9980-0010-8000-00AA00389B71}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\WINDOWS\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Starting removal of ActiveX control Garmin Communicator Plug-In Reg Error: Value error.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\Garmin Communicator Plug-In Reg Error: Value error.\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\Garmin Communicator Plug-In Reg Error: Value error.\ not found.
C:\Documents and Settings\All Users\Application Data\30xbu6q33b6g07e moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Application Data\30xbu6q33b6g07e moved successfully.
C:\WINDOWS\Vreladuxo.dat moved successfully.
C:\Documents and Settings\All Users\Application Data\~18800420r moved successfully.
C:\Documents and Settings\All Users\Application Data\~18800420 moved successfully.
C:\Documents and Settings\All Users\Application Data\18800420 moved successfully.
C:\Documents and Settings\Authorized User\2gweorjqjutp92vjy9gake moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Application Data\3x41wrg1bdk74r644p5lin01f7k5jp7s5l3846d5642xs moved successfully.
C:\Documents and Settings\All Users\Application Data\3x41wrg1bdk74r644p5lin01f7k5jp7s5l3846d5642xs moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Authorized User
->Temp folder emptied: 32945968 bytes
->Temporary Internet Files folder emptied: 47757314 bytes
->Java cache emptied: 14119 bytes
->FireFox cache emptied: 83216029 bytes
->Flash cache emptied: 5764 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 2900102 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 47569 bytes
User: NetworkService
->Temp folder emptied: 7524 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 1715 bytes
->Flash cache emptied: 24220 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 41299058 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 199.00 mb
[EMPTYFLASH]
User: All Users
User: Authorized User
->Flash cache emptied: 0 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: LocalService
->Flash cache emptied: 0 bytes
User: NetworkService
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.22.3 log created on 05152011_091041
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Authorized User\Local Settings\Temp\Perflib_Perfdata_d0c.dat not found!
File\Folder C:\Documents and Settings\Authorized User\Local Settings\Temp\~DF90C.tmp not found!
File\Folder C:\Documents and Settings\Authorized User\Local Settings\Temp\~DF91A.tmp not found!
File\Folder C:\Documents and Settings\Authorized User\Local Settings\Temp\~DF969.tmp not found!
File\Folder C:\Documents and Settings\Authorized User\Local Settings\Temp\~DF977.tmp not found!
File\Folder C:\Documents and Settings\Authorized User\Local Settings\Temp\~DF9B5.tmp not found!
File\Folder C:\Documents and Settings\Authorized User\Local Settings\Temp\~DF9C3.tmp not found!
C:\Documents and Settings\Authorized User\Local Settings\Temporary Internet Files\Content.IE5\U8Q8EY4C\c=419_rand=885215909_pv=y_async=undefined_rt=ifr[1].htm moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Temporary Internet Files\Content.IE5\U8Q8EY4C\google[1].htm moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Temporary Internet Files\Content.IE5\U8Q8EY4C\PugTracker[1].htm moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Temporary Internet Files\Content.IE5\U8Q8EY4C\px[1].htm moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Temporary Internet Files\Content.IE5\U8Q8EY4C\sh42[1].html moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Temporary Internet Files\Content.IE5\C7XDKP0W\topic164833-2[1].html moved successfully.
C:\Documents and Settings\Authorized User\Local Settings\Temporary Internet Files\SuggestedSites.dat moved successfully.
Registry entries deleted on Reboot...
*********************
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\18800420.exe.vir Win32/Adware.HDDRescue.AA application
C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\KMsAsKYhhcwX.exe.vir Win32/TrojanDownloader.Prodatect.BK trojan
C:\Qoobox\Quarantine\C\Documents and Settings\Authorized User\Application Data\7DEB2F60F4ED7FC4F140AEB6D3CF9BF7\enemies-names.txt.vir Win32/Adware.AntimalwareDoctor.AE.Gen application
C:\Qoobox\Quarantine\C\Documents and Settings\Authorized User\Application Data\7DEB2F60F4ED7FC4F140AEB6D3CF9BF7\local.ini.vir Win32/Adware.AntimalwareDoctor.AE.Gen application
C:\Qoobox\Quarantine\C\Documents and Settings\Authorized User\Application Data\Adobe\plugs\mmc17611546.txt.vir Win32/TrojanDownloader.Prodatect.BK trojan
C:\Qoobox\Quarantine\C\Documents and Settings\Authorized User\Local Settings\Application Data\kah.exe.vir a variant of Win32/Kryptik.NOT trojan
C:\Qoobox\Quarantine\C\Documents and Settings\NetworkService\Local Settings\Application Data\oimdvhemc.exe.vir a variant of Win32/Injector.GFC trojan
C:\Qoobox\Quarantine\C\WINDOWS\erimayob.dll.vir a variant of Win32/Kryptik.NOS trojan
C:\Qoobox\Quarantine\C\WINDOWS\usap32.dll.vir a variant of Win32/Kryptik.NQE trojan
C:\Qoobox\Quarantine\C\WINDOWS\system32\spool\prtprocs\w32x86\191EC.tmp.vir a variant of Win32/Kryptik.NPQ trojan
C:\System Volume Information\_restore{C3EED522-AF28-4D96-9F9A-10715CE42056}\RP114\A0012928.ini Win32/Adware.AntimalwareDoctor.AE.Gen application
C:\System Volume Information\_restore{C3EED522-AF28-4D96-9F9A-10715CE42056}\RP114\A0012933.exe a variant of Win32/Kryptik.NOT trojan
C:\System Volume Information\_restore{C3EED522-AF28-4D96-9F9A-10715CE42056}\RP114\A0012936.exe a variant of Win32/Injector.GFC trojan
C:\System Volume Information\_restore{C3EED522-AF28-4D96-9F9A-10715CE42056}\RP114\A0012937.dll a variant of Win32/Kryptik.NOS trojan
C:\System Volume Information\_restore{C3EED522-AF28-4D96-9F9A-10715CE42056}\RP114\A0012941.dll a variant of Win32/Kryptik.NQE trojan
C:\WINDOWS\system32\345.js JS/TrojanDownloader.Agent.NWG trojan