ok. here's it again.

GMER log: http://pastebay.com/21232

ROOTREPEAL log:

ROOTREPEAL (c) AD, 2007-2008
==================================================
Scan Time:   2009/06/10 20:19
Program Version:  Version 1.2.3.0
Windows Version:  Windows Vista SP1
==================================================

Drivers
-------------------
Name: aujasnkj.sys
Image Path: C:\Users\ahah\AppData\Local\Temp\aujasnkj.sys
Address: 0x8A5EB000 Size: 81664 File Visible: No
Status: -

Name: dump_dumpata.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys
Address: 0x91FF5000 Size: 45056 File Visible: No
Status: -

Name: dump_msahci.sys
Image Path: C:\Windows\System32\Drivers\dump_msahci.sys
Address: 0x91E00000 Size: 40960 File Visible: No
Status: -

Name: qmvhld.sys
Image Path: C:\Windows\system32\drivers\qmvhld.sys
Address: 0x8ADC2000 Size: 61440 File Visible: No
Status: -

Name: rootrepeal[1].sys
Image Path: C:\Windows\system32\drivers\rootrepeal[1].sys
Address: 0xAE800000 Size: 45056 File Visible: No
Status: -

Name: SKYNETokvviotn.sys
Image Path: C:\Windows\system32\drivers\SKYNETokvviotn.sys
Address: 0x8F77D000 Size: 172032 File Visible: -
Status: Hidden from Windows API!

Stealth Objects
-------------------
Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: wininit.exe (PID: 520) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: winlogon.exe (PID: 560) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: services.exe (PID: 600) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: lsass.exe (PID: 612) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: lsm.exe (PID: 620) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETtqsxqrwn.dll]
Process: svchost.exe (PID: 772) Address: 0x00940000 Size: 57344

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 772) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 856) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 912) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 1040) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: WinMgmtR.dll]
Process: svchost.exe (PID: 1040) Address: 0x00d60000 Size: 8192

Object: Hidden Module [Name: luafv.sys]
Process: svchost.exe (PID: 1040) Address: 0x01450000 Size: 106496

Object: Hidden Module [Name: winlogon.exe]
Process: svchost.exe (PID: 1040) Address: 0x015c0000 Size: 323584

Object: Hidden Module [Name: winlogon.exe]
Process: svchost.exe (PID: 1040) Address: 0x01d90000 Size: 323584

Object: Hidden Module [Name: adtschema.dll]
Process: svchost.exe (PID: 1040) Address: 0x68130000 Size: 606208

Object: Hidden Module [Name: ci.dll]
Process: svchost.exe (PID: 1040) Address: 0x32f10000 Size: 913408

Object: Hidden Module [Name: WinMgmtR.dll]
Process: svchost.exe (PID: 1040) Address: 0x70290000 Size: 8192

Object: Hidden Module [Name: tquery.dll]
Process: svchost.exe (PID: 1040) Address: 0x708e0000 Size: 1589248

Object: Hidden Module [Name: profsvc.dll]
Process: svchost.exe (PID: 1040) Address: 0x73cb0000 Size: 163840

Object: Hidden Module [Name: MpEvMsg.dll]
Process: svchost.exe (PID: 1040) Address: 0x74280000 Size: 57344

Object: Hidden Module [Name: wevtapi.dll]
Process: svchost.exe (PID: 1040) Address: 0x75000000 Size: 258048

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 1080) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 1112) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 1196) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: SLsvc.exe (PID: 1232) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 1312) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 1504) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: Dwm.exe (PID: 1704) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: Explorer.EXE (PID: 1744) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: imageres.dll]
Process: Explorer.EXE (PID: 1744) Address: 0x606f0000 Size: 15822848

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: WLANExt.exe (PID: 1772) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: spoolsv.exe (PID: 1860) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: taskeng.exe (PID: 1916) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: ccSvcHst.exe (PID: 1936) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: taskeng.exe (PID: 2032) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 832) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: AppleMobileDeviceService.exe (PID: 1564) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: mDNSResponder.exe (PID: 1368) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: LSSrvc.exe (PID: 2056) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: mdm.exe (PID: 2252) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 2280) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: BLService.exe (PID: 2368) Address: 0x001d0000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: RichVideo.exe (PID: 2384) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 2412) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: svchost.exe (PID: 2480) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: SearchIndexer.exe (PID: 2568) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: xaudio.exe (PID: 2696) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: SynTPEnh.exe (PID: 3244) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: igfxtray.exe (PID: 3276) Address: 0x001d0000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: hkcmd.exe (PID: 3292) Address: 0x00390000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: igfxpers.exe (PID: 3304) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: QPService.exe (PID: 3320) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: MSASCui.exe (PID: 3420) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: QLBCTRL.exe (PID: 3432) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: jusched.exe (PID: 3468) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: hpwuSchd2.exe (PID: 3484) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: HPWAMain.exe (PID: 3492) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: ICO.EXE (PID: 3524) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: iTunesHelper.exe (PID: 3552) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: GrooveMonitor.exe (PID: 3560) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: LightScribeControlPanel.exe (PID: 3604) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: msnmsgr.exe (PID: 3620) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: msgslang.14.0.8064.0206.dll]
Process: msnmsgr.exe (PID: 3620) Address: 0x6ab00000 Size: 315392

Object: Hidden Module [Name: msgsres.dll]
Process: msnmsgr.exe (PID: 3620) Address: 0x66b60000 Size: 11403264

Object: Hidden Module [Name: msgrvsta.thm]
Process: msnmsgr.exe (PID: 3620) Address: 0x6c510000 Size: 20480

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: ehtray.exe (PID: 3632) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: igfxsrvc.exe (PID: 3656) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: ccSvcHst.exe (PID: 3716) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: wmpnscfg.exe (PID: 3836) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: hpqwmiex.exe (PID: 3848) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: wmpnetwk.exe (PID: 3984) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: ehmsas.exe (PID: 3996) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: wmiprvse.exe (PID: 4064) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: unsecapp.exe (PID: 2360) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: WiFiMsg.EXE (PID: 1528) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: Com4QLBEx.exe (PID: 984) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: HpqToaster.exe (PID: 3380) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: iPodService.exe (PID: 4412) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: wlcomm.exe (PID: 5188) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: SynTPHelper.exe (PID: 5548) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: navw32.exe (PID: 5572) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: iexplore.exe (PID: 4700) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: iexplore.exe (PID: 4836) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: AluSchedulerSvc.exe (PID: 4920) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: HP.ActiveSupportLibrary.dll]
Process: hphc_service.exe (PID: 5616) Address: 0x00f90000 Size: 110592

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: hphc_service.exe (PID: 5616) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: navw32.exe (PID: 5528) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: iexplore.exe (PID: 5108) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: NOTEPAD.EXE (PID: 292) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: iexplore.exe (PID: 3960) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: iexplore.exe (PID: 1348) Address: 0x10000000 Size: 32768

Object: Hidden Module [Name: SKYNETmhxdfufx.dll]
Process: RootRepeal[1].exe (PID: 324) Address: 0x10000000 Size: 32768

Object: Hidden Code [ETHREAD: 0x848f2d78]
Process: System Address: 0x8b4562a8 Size: -

Object: Hidden Code [ETHREAD: 0x84918d78]
Process: System Address: 0xadb91910 Size: -

Object: Hidden Code [ETHREAD: 0x84918828]
Process: System Address: 0xadb49768 Size: -

Object: Hidden Code [ETHREAD: 0x849182d8]
Process: System Address: 0x849184cc Size: -

Object: Hidden Code [ETHREAD: 0x84919020]
Process: System Address: 0x84919214 Size: -

Object: Hidden Code [ETHREAD: 0x84919d78]
Process: System Address: 0x9183bfe0 Size: -

Object: Hidden Code [ETHREAD: 0x875c7d78]
Process: System Address: 0xb9f95d40 Size: -

Hidden Services
-------------------
Service Name: SKYNETrdvvtnic
Image Path: C:\Windows\system32\drivers\SKYNETokvviotn.sys