what is vtzxkb.exe

It is not listed on any anti virus sites (or google)
But there are some virus that hide themselves by renaming the exe file they drop onto the machine as they infect it.  Then if you see the process running you can not google it to find out what it is.

Update your anti virus and scan.
Download Spybot and scan with that.
http://www.safer-networking.org/en/download/

I have spybot and malwarebytes already installed, i will try the combofix today, after hours, as well.
Here is my log from hijack this.... any insight you may have will be extreamly apreciated.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:45:03 AM, on 10/10/2009
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Documents and Settings\shane\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
p:\ppart\pmsi.networking.services.applicationservice.exe
p:\ppart\pmsi.networking.services.dataservice.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Thomas Medical Associates
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-558781451-1725058602-1154686881-1209\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'jt')
O4 - HKUS\S-1-5-21-558781451-1725058602-1154686881-1209\..\Run: []  (User 'jt')
O4 - HKUS\S-1-5-21-558781451-1725058602-1154686881-1209\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe (User 'jt')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Broken Internet access because of LSP provider 'c:\documents and settings\shane\windows\system32\mswsock.dll' missing
O15 - ESC Trusted Zone: http://view.atdmt.com
O15 - ESC Trusted Zone: http://updates.installshield.com
O15 - ESC Trusted Zone: http://www.mozilla.com
O15 - ESC Trusted Zone: http://runonce.msn.com
O15 - ESC Trusted Zone: http://ftp-mozilla.netscape.com
O15 - ESC Trusted Zone: http://*.windowsupdate.com
O15 - ESC Trusted Zone: http://view.atdmt.com (HKLM)
O15 - ESC Trusted Zone: http://updates.installshield.com (HKLM)
O15 - ESC Trusted Zone: http://www.mozilla.com (HKLM)
O15 - ESC Trusted Zone: http://runonce.msn.com (HKLM)
O15 - ESC Trusted Zone: http://ftp-mozilla.netscape.com (HKLM)
O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)
O15 - ESC Trusted IP range: http://192.168.1.3
O15 - ESC Trusted IP range: http://65.183.220.26
O15 - ESC Trusted IP range: http://192.168.1.3 (HKLM)
O16 - DPF: Web-Based Email Tools - http://email.secureserver.net/Download.CAB
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813
O16 - DPF: {254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console) - https://secure.logmeinrescue.com/TechConsole/x86/RescueControl.cab
O16 - DPF: {4D0A481A-7155-498C-84D8-9CB84DEA237E} (DVROcxEx Control) - http://65.183.220.26:2000/DVROcxEx.cab
O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) - https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab
O16 - DPF: {8BBDC81D-81B3-49EE-87E8-47B7A707FAE8} (GoToMeeting/GoToWebinar Web Starter) - https://www2.gotomeeting.com/default/applets/g2mdlax.cab
O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} (BewitchedGameClass Control) - http://l.yimg.com/jh/games/web_games/sony/bewitched/main.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://ciscosupport.webex.com/client/T26L/support/ieatgpc.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Thomasmed.tma
O17 - HKLM\Software\..\Telephony: DomainName = Thomasmed.tma
O17 - HKLM\System\CCS\Services\Tcpip\..\{6ACC7AA9-E06F-420F-8E79-F9DFF4E4C5ED}: NameServer = 192.168.1.254,192.168.1.215,192.168.1.1,206.222.97.82,206.222.97.50,209.163.130.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Thomasmed.tma
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = Thomasmed.tma
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: CenLPD - Unknown owner - C:\Program Files\Century\TinyTERM\NetUtils\Cenlpd.exe (file missing)
O23 - Service: GFI LANguard 9.0 Attendant Service (gfi_lanss9_attservice) - GFI Software Ltd. - C:\Program Files\GFI\LANguard 9.0\lnssatt.exe
O23 - Service: GFI ReportCenter 3.5 (GFI_ReportCenter35) - GFI Software Ltd. - C:\Program Files\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe
O23 - Service: IFE - Sysinternals - www.sysinternals.com - C:\DOCUME~1\shane\LOCALS~1\Temp\IFE.exe
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: OHAPVLSLFEGMQY - Sysinternals - www.sysinternals.com - C:\DOCUME~1\shane\LOCALS~1\Temp\OHAPVLSLFEGMQY.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
O23 - Service: PMSI Application Server -   - p:\ppart\pmsi.networking.services.applicationservice.exe
O23 - Service: PMSI Data Server -   - p:\ppart\pmsi.networking.services.dataservice.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: XAudioService - Unknown owner - C:\WINDOWS\system32\DRIVERS\xaudio.exe (file missing)

--
End of file - 8483 bytes

hijackthis.log

Unfortunately that file you mentioned is not showing in the log. A lot of nasties can also hide from the Hijackthis scan.

O4 - HKUS\S-1-5-21-558781451-1725058602-1154686881-1209\..\Policies\Explorer\Run: [servises] C:\WINDOWS\system32\servises.exe (User 'jt')

C:\WINDOWS\system32\servises.exe <- the above entry is Troj/Agent-JUJ and this file would need to deleted as hijackthis doesn't delete files.

Just use Combofix and attach the logfile here for us to check.

It's also a good idea to install the Recovery Console while installing Combofix.

i will do both.  I did a search for that initial file and found it in the temp folder.  I moved it into the recycle bin before running hijack this.

Good job you found that file, well done!

To uninstall Combofix:
Go to Start > Run and 'copy and paste' next command in the field:

ComboFix /u

Thanks!