ComboFix 08-04-22.5 - Owner 2008-04-25 13:42:46.2 - NTFSx86
Running from: C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\dllcache\figaro.sys
.
---- Previous Run -------
.
C:\Documents and Settings\LocalService\Application Data\WinIFixer.com
C:\Program Files\MyWay
C:\Program Files\MyWay\myBar\Settings\prevcfg.htm
C:\WINDOWS\base64.tmp
C:\WINDOWS\braviax.exe
C:\WINDOWS\Help\oqtxde.chm
C:\WINDOWS\nivavir.config
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\dllcache\figaro.sys
C:\WINDOWS\system32\n.ini
C:\WINDOWS\system32\uFhiQqss.ini
C:\WINDOWS\system32\uFhiQqss.ini2
C:\WINDOWS\system32\univrs32.dat
C:\WINDOWS\system32\vx.tll
C:\WINDOWS\system32\wind32.exe
C:\WINDOWS\system32\winivstr.exe
C:\WINDOWS\Web\def.htm
C:\WINDOWS\zip1.tmp
C:\WINDOWS\zip2.tmp
C:\WINDOWS\zip3.tmp
C:\WINDOWS\zipped.tmp

.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_asc3550p
-------\Service_oqtxde
-------\Service_asc3550p


(((((((((((((((((((((((((   Files Created from 2008-03-25 to 2008-04-25  )))))))))))))))))))))))))))))))
.

2008-04-25 13:41 . 2002-08-29 05:00	4,224	--a------	C:\WINDOWS\system32\drivers\beep.sys
2008-04-25 13:41 . 2002-08-29 05:00	4,224	--a--c---	C:\WINDOWS\system32\dllcache\beep.sys
2008-04-25 12:55 . 2008-04-25 12:55	<DIR>	d--------	C:\Program Files\Malwarebytes' Anti-Malware
2008-04-25 11:58 . 2008-04-25 11:58	<DIR>	d--------	C:\Deckard
2008-04-24 20:54 . 2008-04-25 13:37	<DIR>	d--------	C:\!KillBox
2008-04-24 20:30 . 2008-04-24 20:30	<DIR>	d--------	C:\VundoFix Backups
2008-04-24 20:10 . 2008-04-24 20:12	<DIR>	d--------	C:\MGtools
2008-04-24 20:10 . 2008-04-24 20:12	40,568	--a------	C:\MGlogs.zip
2008-04-24 20:10 . 2005-01-13 20:41	11,254	--a------	C:\WINDOWS\system32\locate.com
2008-04-24 19:59 . 2008-04-24 19:59	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-04-24 19:42 . 2008-04-24 19:42	<DIR>	d--------	C:\Documents and Settings\Administrator.YOUR-AT5QGAAC3Z\Application Data\Malwarebytes
2008-04-24 19:20 . 2008-04-24 19:20	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Malwarebytes
2008-04-24 19:20 . 2008-04-24 19:20	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-24 19:19 . 2008-04-24 19:19	<DIR>	d--------	C:\Program Files\Common Files\Download Manager
2008-04-24 19:12 . 2008-04-24 19:12	<DIR>	d--------	C:\WinPFind3u
2008-04-24 19:12 . 2008-04-24 19:12	<DIR>	d--------	C:\Rustbfix
2008-04-24 19:11 . 2007-09-06 00:22	289,144	--a------	C:\WINDOWS\system32\VCCLSID.exe
2008-04-24 19:11 . 2006-04-27 17:49	288,417	--a------	C:\WINDOWS\system32\SrchSTS.exe
2008-04-24 19:11 . 2008-03-09 02:15	86,528	--a------	C:\WINDOWS\system32\VACFix.exe
2008-04-24 19:11 . 2008-03-05 23:29	82,432	--a------	C:\WINDOWS\system32\IEDFix.exe
2008-04-24 19:11 . 2003-06-05 21:13	53,248	--a------	C:\WINDOWS\system32\Process.exe
2008-04-24 19:11 . 2004-07-31 18:50	51,200	--a------	C:\WINDOWS\system32\dumphive.exe
2008-04-24 19:11 . 2007-10-04 00:36	25,600	--a------	C:\WINDOWS\system32\WS2Fix.exe
2008-04-24 18:51 . 2008-04-24 18:51	<DIR>	d--------	C:\Program Files\Alwil Software
2008-04-24 18:44 . 2007-10-29 15:46	401,720	--a------	C:\Hjeeet.exe
2008-04-24 18:37 . 2008-04-24 18:37	483,328	--a------	C:\WINDOWS\system32\hphmon05.exe
2008-04-24 18:37 . 2002-10-16 16:57	81,920	--a------	C:\WINDOWS\system32\ps2.exe
2008-04-24 18:37 . 2008-04-24 18:37	52,736	--a------	C:\WINDOWS\system\hpsysdrv.exe
2008-04-24 18:14 . 2008-04-24 18:14	<DIR>	d--------	C:\Program Files\CCleaner
2008-04-24 17:32 . 2008-04-24 17:32	10,752	--a------	C:\exefix_xp.com
2008-04-24 17:31 . 2008-04-24 17:30	69,696	--a------	C:\FixSirc.com
2008-04-24 17:15 . 2008-04-25 13:41	<DIR>	d--------	C:\Program Files\SUPERAntiSpyware
2008-04-24 17:15 . 2008-04-24 17:15	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\SUPERAntiSpyware.com
2008-04-24 17:15 . 2008-04-24 17:15	<DIR>	d--------	C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-24 17:15 . 2008-04-24 17:21	1,509,211	---hs----	C:\WINDOWS\system32\krdkkjha.ini
2008-04-24 17:14 . 2008-04-24 17:14	<DIR>	d--------	C:\Program Files\Common Files\Wise Installation Wizard
2008-04-24 17:13 . 2008-04-24 17:13	109,738	--a------	C:\WINDOWS\BM4794470a.xml
2008-04-23 05:15 . 2008-04-23 05:18	8,014	--a------	C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2008-04-23 05:15 . 2008-04-23 05:18	806	--a------	C:\WINDOWS\system32\drivers\SYMEVENT.INF
2008-04-23 05:13 . 2008-04-24 18:48	<DIR>	d--------	C:\Program Files\Common Files\Symantec Shared
2008-04-22 18:56 . 2008-04-22 18:56	<DIR>	d--------	C:\Program Files\Norton Security Scan
2008-04-22 18:38 . 2008-04-22 19:06	<DIR>	d-a------	C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-22 18:38 . 2008-04-22 18:38	827,392	--a------	C:\WINDOWS\system32\FLASH.OCX
2008-04-22 11:15 . 2002-08-29 02:01	56,832	--a------	C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-22 11:15 . 2001-08-17 14:00	54,272	--a------	C:\WINDOWS\system32\drivers\swmidi.sys
2008-04-22 11:15 . 2001-08-17 13:59	50,048	--a------	C:\WINDOWS\system32\drivers\DMusic.sys
2008-04-22 11:15 . 2002-08-29 01:50	24,960	--a------	C:\WINDOWS\system32\drivers\usbprint.sys
2008-04-22 11:15 . 2002-08-29 03:40	20,480	--a------	C:\WINDOWS\system32\hidserv.dll
2008-04-22 11:15 . 2001-08-17 13:48	13,952	--a------	C:\WINDOWS\system32\drivers\kbdhid.sys
2008-04-22 11:15 . 2001-08-17 13:48	12,160	--a------	C:\WINDOWS\system32\drivers\mouhid.sys
2008-04-22 11:15 . 2001-08-17 14:02	9,600	--a------	C:\WINDOWS\system32\drivers\hidusb.sys
2008-04-22 11:15 . 2002-08-29 01:32	2,816	--a------	C:\WINDOWS\system32\drivers\drmkaud.sys
2008-04-22 11:14 . 2002-08-29 01:33	55,680	--a------	C:\WINDOWS\system32\drivers\ohci1394.sys
2008-04-22 11:14 . 2001-08-17 13:46	6,400	--a------	C:\WINDOWS\system32\drivers\enum1394.sys
2008-04-22 09:59 . 2008-04-22 09:59	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\ErrorSmart
2008-04-22 09:52 . 2008-04-25 13:43	<DIR>	dr-hsc---	C:\WINDOWS\system32\dllcache
2008-04-22 08:29 . 2002-12-12 01:34	208,896	--a------	C:\WINDOWS\system32\wmpns.dll
2008-04-22 08:28 . 2003-08-25 18:06	182,880	--a------	C:\WINDOWS\system32\iuenginenew.dll
2008-04-22 08:28 . 2008-04-22 08:28	4,094	-rahs----	C:\WINDOWS\system32\drivers\HP_PC032A-ABA A527X_YC_Pavi_QMXK423_E42NAheBLU4_4_IKelut_SASUSTek Computer INC._V2.02_B3.03_T040209_WXH1_L409_M448_J120_7AMD_8Athlon XP 3000+_92.1_111063044_N11063065_P_Z11C1048C_K_A11063059_U11063038_G11067205.MRK
2008-04-22 08:27 . 2005-06-01 12:54	175,712	--a------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\GDIPFONTCACHEV1.DAT
2008-04-22 08:26 . 2008-04-17 15:01	7,160	--a------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\NMM-MetaData.db
2008-04-22 08:14 . 2008-03-25 08:46	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Incomplete
2008-04-22 08:14 . 2005-03-18 16:27	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Yahoo! Messenger
2008-04-22 08:14 . 2006-05-01 14:24	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Yahoo!
2008-04-22 08:14 . 2006-12-22 09:38	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\WildTangent
2008-04-22 08:14 . 2007-08-26 12:40	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Webshots
2008-04-22 08:14 . 2007-11-25 13:25	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Viewpoint
2008-04-22 08:14 . 2008-04-22 06:13	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\TmpRecentIcons
2008-04-22 08:14 . 2006-11-02 08:01	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Template
2008-04-22 08:14 . 2004-01-21 02:48	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Symantec
2008-04-22 08:14 . 2004-01-20 20:21	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Sonic
2008-04-22 08:14 . 2004-06-28 10:32	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Share-to-Web Upload Folder
2008-04-22 08:14 . 2007-05-11 10:30	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\ScamBlocker
2008-04-22 08:14 . 2004-01-20 21:29	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\SampleView
2008-04-22 08:14 . 2008-04-17 14:48	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\PC Suite
2008-04-22 08:14 . 2008-04-18 14:16	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Nokia Multimedia Player
2008-04-22 08:14 . 2008-04-17 11:19	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Nokia
2008-04-22 08:14 . 2005-10-31 13:10	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Musicmatch
2008-04-22 08:14 . 2007-09-26 12:17	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\MSN6
2008-04-22 08:14 . 2004-07-14 09:29	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Motive
2008-04-22 08:14 . 2008-03-31 13:05	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\LimeWire
2008-04-22 08:14 . 2004-06-28 08:20	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Leadertech
2008-04-22 08:14 . 2004-12-23 14:46	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\j2 Global
2008-04-22 08:14 . 2004-12-06 07:40	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\InterVideo
2008-04-22 08:14 . 2008-04-24 18:18	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\interMute
2008-04-22 08:14 . 2005-07-22 11:20	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\HP
2008-04-22 08:14 . 2006-07-09 13:54	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\funkitron
2008-04-22 08:14 . 2004-09-20 18:01	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\FUJIFILM
2008-04-22 08:14 . 2005-05-29 16:27	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\EarthLink Toolbar
2008-04-22 08:14 . 2007-05-11 10:24	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Earthlink
2008-04-22 08:14 . 2008-04-17 17:15	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Datalayer
2008-04-22 08:14 . 2008-02-02 09:07	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\Aim
2008-04-22 08:14 . 2007-10-20 10:41	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Application Data\AdobeUM
2008-04-22 08:13 . 2004-01-20 20:48	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\WINDOWS
2008-04-22 08:13 . 2004-06-27 16:13	<DIR>	d---s----	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\UserData
2008-04-22 08:13 . 2008-03-25 08:45	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Shared
2008-04-22 08:13 . 2008-04-17 17:15	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\Phone Browser
2008-04-22 08:13 . 2008-04-25 13:38	<DIR>	d--------	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z
2008-04-22 08:13 . 2008-04-25 13:48	77,824	--ah-----	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\ntuser.dat.LOG
2008-04-22 07:57 . 2004-01-20 20:48	<DIR>	d--------	C:\WINDOWS\system32\config\systemprofile\WINDOWS
2008-04-22 07:57 . 2004-06-27 16:13	<DIR>	d--hs----	C:\WINDOWS\system32\config\systemprofile\UserData
2008-04-22 07:57 . 2008-03-25 08:45	<DIR>	d--------	C:\WINDOWS\system32\config\systemprofile\Shared
2008-04-22 07:57 . 2008-04-17 17:15	<DIR>	d--------	C:\WINDOWS\system32\config\systemprofile\Phone Browser
2008-04-22 07:57 . 2008-03-25 08:46	<DIR>	d--------	C:\WINDOWS\system32\config\systemprofile\Incomplete
2008-04-22 07:55 . 2003-09-19 01:47	10,368	---------	C:\WINDOWS\system32\drivers\pfc.sys
2008-04-22 07:54 . 2001-12-10 17:42	204,800	--a------	C:\WINDOWS\system32\IVIresizeW7.dll
2008-04-22 07:54 . 2001-12-10 17:42	200,704	--a------	C:\WINDOWS\system32\IVIresizeA6.dll
2008-04-22 07:54 . 2001-12-10 17:42	192,512	--a------	C:\WINDOWS\system32\IVIresizeP6.dll
2008-04-22 07:54 . 2001-12-10 17:42	192,512	--a------	C:\WINDOWS\system32\IVIresizeM6.dll
2008-04-22 07:54 . 2001-12-10 17:42	188,416	--a------	C:\WINDOWS\system32\IVIresizePX.dll
2008-04-22 07:54 . 2001-12-10 17:42	20,480	--a------	C:\WINDOWS\system32\IVIresize.dll
2008-04-22 07:53 . 2001-08-17 22:37	22,016	--a------	C:\WINDOWS\system32\wdmaud.drv
2008-04-22 07:52 . 2002-08-29 02:01	134,272	--a------	C:\WINDOWS\system32\drivers\portcls.sys
2008-04-22 07:52 . 2002-08-29 01:32	57,856	--a------	C:\WINDOWS\system32\drivers\drmk.sys
2008-04-22 07:20 . 2004-06-27 16:13	<DIR>	d--hs----	C:\Documents and Settings\Default User\UserData
2008-04-22 07:20 . 2008-03-25 08:45	<DIR>	d--------	C:\Documents and Settings\Default User\Shared
2008-04-22 07:20 . 2008-04-17 17:15	<DIR>	d--------	C:\Documents and Settings\Default User\Phone Browser
2008-04-22 07:20 . 2008-03-25 08:46	<DIR>	d--------	C:\Documents and Settings\Default User\Incomplete
2008-04-21 22:12 . 2008-04-21 22:12	<DIR>	d--------	C:\Program Files\Windows Sidebar
2008-04-21 19:40 . 2008-04-21 19:40	<DIR>	d--------	C:\Documents and Settings\Guest\Application Data\PC Suite
2008-04-17 11:14 . 2008-04-17 11:14	<DIR>	d--------	C:\Program Files\Common Files\PCSuite
2008-04-17 11:14 . 2008-04-17 11:14	<DIR>	d--------	C:\Program Files\Common Files\Nokia
2008-04-01 13:54 . 2008-04-01 13:54	<DIR>	d--------	C:\Program Files\Cablenut

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-25 02:28	---------	d-----w	C:\Program Files\Wxvwgbtk
2008-04-25 01:48	---------	d-----w	C:\Program Files\Multimedia Card Reader
2008-04-25 01:18	---------	d--h--w	C:\Program Files\InstallShield Installation Information
2008-04-25 00:07	---------	d-----w	C:\Documents and Settings\All Users\Application Data\dmpqzarm
2008-04-23 11:27	---------	d-----w	C:\Program Files\Norton AntiVirus
2008-04-23 11:23	---------	d-----w	C:\Program Files\Google
2008-04-22 16:01	3,884	-c--a-w	C:\WINDOWS\viassary-hp.reg
2008-04-22 16:01	---------	d-----w	C:\Program Files\Easy Internet signup
2008-04-22 13:13	---------	d-----w	C:\Program Files\The Cleaner
2008-04-22 13:13	---------	d-----w	C:\Documents and Settings\Administrator.YOUR-AT5QGAAC3Z\Application Data\TmpRecentIcons
2008-04-22 02:40	---------	d-----w	C:\Documents and Settings\Guest\Application Data\Symantec
2008-04-18 21:16	---------	d-----w	C:\Documents and Settings\Administrator.YOUR-AT5QGAAC3Z\Application Data\Nokia Multimedia Player
2008-04-18 00:15	---------	d-----w	C:\Documents and Settings\Administrator.YOUR-AT5QGAAC3Z\Application Data\Datalayer
2008-04-17 21:48	---------	d-----w	C:\Documents and Settings\Administrator.YOUR-AT5QGAAC3Z\Application Data\PC Suite
2008-04-17 18:19	---------	d-----w	C:\Documents and Settings\Administrator.YOUR-AT5QGAAC3Z\Application Data\Nokia
2008-04-17 18:14	---------	d-----w	C:\Program Files\Nokia
2008-04-17 18:14	---------	d-----w	C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-03-31 20:05	---------	d-----w	C:\Documents and Settings\Administrator.YOUR-AT5QGAAC3Z\Application Data\LimeWire
2008-03-24 21:09	---------	d-----w	C:\Program Files\Common Files\Adobe
2006-11-04 23:08	135,168	----a-w	C:\Documents and Settings\All Users\Application Data\jevavqno.dll
2006-11-04 22:35	118	----a-w	C:\Documents and Settings\Owner.YOUR-AT5QGAAC3Z\c39.bat
2006-11-05 23:29	6,668	--sha-w	C:\WINDOWS\system32\tEdedJjl.ini2
.
[color=red]Files Infected -  Win32.Agent.zb[/color]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"="" []
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [ ]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-04-24 18:37 151597]
"AGRSMMSG"="AGRSMMSG.exe" [2003-12-12 22:54 88363 C:\WINDOWS\AGRSMMSG.exe]
"AlcxMonitor"="ALCXMNTR.EXE" [2003-04-03 21:35 50176 C:\WINDOWS\ALCXMNTR.EXE]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 05:00 79224]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2002-10-16 16:57 81920]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"jdgf894jrghoiiskd"="C:\WINDOWS\TEMP\winlogan.exe" [ ]
"Service Pack 1"="C:\WINDOWS\System32\vedxg6ame4.exe" [ ]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 11:55 77824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"lDbygiFghaRNwYW"= {44A7743A-EE0D-DE90-4441-CB946BE9BCEF} - C:\WINDOWS\system32\kpdfw.dll [2002-08-29 05:00 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!saswinlogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 11:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\jmq57.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\xce13.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

S1 ydhqzop;ydhqzop;C:\WINDOWS\ydhqzop.sys []
S3 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-04-22 18:56]

.
Contents of the 'Scheduled Tasks' folder
"2008-04-22 16:01:33 C:\WINDOWS\Tasks\Easy Internet Sign-up.job"
- C:\Program Files\Easy Internet signup\HPSdpApp.exe
"2006-11-04 22:34:18 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\ErrorSmart\ErrorSmart.ex
- C:\Program Files\ErrorSmart
"2008-04-23 01:56:41 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-25 13:48:24
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\controlset004\Services\asc3550p]

.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
.
**************************************************************************
.
Completion time: 2008-04-25 13:55:15 - machine was rebooted [Owner]
ComboFix-quarantined-files.txt  2008-04-25 20:55:04

Pre-Run: 92,523,921,408 bytes free
Post-Run: 92,526,321,664 bytes free

260