Need hep please :( Here is my HJT report.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:36:13 PM, on 3/2/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\QuickTime\bak\bak\qttask.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\Rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\??curity\d?dplay.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\sony\usbsircs\usbsircs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:\Documents and Settings\JESS\Application Data\Mozilla\Profiles\default\za9qguwi.slt\prefs.js)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\bak\bak\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\System32\ezSP_Px.exe
O4 - HKLM\..\Run: [ZTgServerSwitch] "c:\program files\support.com\client\bin\tgcmd.exe" /server
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [VAIO Recovery] C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ToolBoxFX] "C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /systrayIcon:on /fl:on /fr:on /appData:on
O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [44abe178] rundll32.exe "C:\WINDOWS\system32\llrqfwre.dll",b
O4 - HKLM\..\Run: [BM4798d2e4] Rundll32.exe "C:\WINDOWS\system32\lwfnirxq.dll",s
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Iinl] "C:\DOCUME~1\jess\APPLIC~1\CROSOF~1\csrss.exe" -vt yazb
O4 - HKCU\..\Run: [Cbvlvwpz] "C:\Program Files\??curity\d?dplay.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O4 - Global Startup: Remocon Driver.lnk = ?
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.gomyhit.com
O15 - Trusted Zone: *.imageservr.com
O15 - Trusted Zone: *.imagesrvr.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.storageguardsoft.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.gomyhit.com (HKLM)
O15 - Trusted Zone: *.imageservr.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.storageguardsoft.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} (CMV5 Class) - http://coolsavings.coupons.smartsource.com/download/cscmv5X.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1188072055937
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://zone.msn.com/bingame/chnz/default/mjolauncher.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {C86FF4B0-AA1D-46D4-8612-025FB86583C7} (AstoundLauncher Control) - http://zone.msn.com/bingame/jobo/default/AstoundLauncher.cab#version=1,0,0,10
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/popcaploader_v10.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exe
O23 - Service: VAIO Media Music Server (VAIOMediaPlatform-MusicServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Music\SSSvr.exe
O23 - Service: VAIO Media Music Server (HTTP) (VAIOMediaPlatform-MusicServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Music Server (UPnP) (VAIOMediaPlatform-MusicServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Photo Server (VAIOMediaPlatform-PhotoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Photo\appsrv\PhotoAppSrv.exe
O23 - Service: VAIO Media Photo Server (HTTP) (VAIOMediaPlatform-PhotoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Photo Server (UPnP) (VAIOMediaPlatform-PhotoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

--
End of file - 12283 bytes

and heres the combofix

ComboFix 08-03-03.6 - jess 2008-03-02 18:51:49.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.118 [GMT -6:00]
Running from: C:\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\jess\Application Data\CROSOF~1
C:\Documents and Settings\jess\Application Data\CROSOF~1\??crosoft\
C:\Program Files\curity~1
C:\Program Files\curity~1\d?dplay.exe
C:\Program Files\outerinfo
C:\Program Files\WinBudget
C:\Program Files\WinBudget\bin\matrix.dat
C:\Program Files\WinBudget\bin\matrix.dll
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\bkR11
C:\Temp\bkR11\ftCa.log
C:\temp\tn3
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\cccdd.ini
C:\WINDOWS\system32\cccdd.ini2
C:\WINDOWS\system32\ddccc.dll
C:\WINDOWS\system32\drivers\core.cache(2).dsk
C:\WINDOWS\system32\ebcdsumx.ini
C:\WINDOWS\system32\erwfqrll.ini
C:\WINDOWS\system32\jlkkj.ini
C:\WINDOWS\system32\jlkkj.ini2
C:\WINDOWS\system32\ldinfo.ldr
C:\WINDOWS\system32\lwfnirxq.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nuinopsd
C:\WINDOWS\system32\nuinopsd\bg1.gif
C:\WINDOWS\system32\nuinopsd\bgtop.gif
C:\WINDOWS\system32\nuinopsd\bottom1.gif
C:\WINDOWS\system32\nuinopsd\essentials.gif
C:\WINDOWS\system32\nuinopsd\install1.gif
C:\WINDOWS\system32\nuinopsd\left1.gif
C:\WINDOWS\system32\nuinopsd\li.gif
C:\WINDOWS\system32\nuinopsd\logo.gif
C:\WINDOWS\system32\nuinopsd\main.htm
C:\WINDOWS\system32\nuinopsd\mainframe.htm
C:\WINDOWS\system32\nuinopsd\reinstall1.gif
C:\WINDOWS\system32\nuinopsd\right1.gif
C:\WINDOWS\system32\nuinopsd\s1.htm
C:\WINDOWS\system32\nuinopsd\s2.htm
C:\WINDOWS\system32\nuinopsd\s3.htm
C:\WINDOWS\system32\nuinopsd\SMTop1.gif
C:\WINDOWS\system32\nuinopsd\SMTop2.gif
C:\WINDOWS\system32\nuinopsd\SMTop3.gif
C:\WINDOWS\system32\nuinopsd\SMTop4.gif
C:\WINDOWS\system32\nuinopsd\soft1_off.gif
C:\WINDOWS\system32\nuinopsd\soft1_off_ext.gif
C:\WINDOWS\system32\nuinopsd\soft1_on.gif
C:\WINDOWS\system32\nuinopsd\soft1_on_ext.gif
C:\WINDOWS\system32\nuinopsd\soft2_off.gif
C:\WINDOWS\system32\nuinopsd\soft2_off_ext.gif
C:\WINDOWS\system32\nuinopsd\soft2_on.gif
C:\WINDOWS\system32\nuinopsd\soft2_on_ext.gif
C:\WINDOWS\system32\nuinopsd\soft3_off.gif
C:\WINDOWS\system32\nuinopsd\soft3_off_ext.gif
C:\WINDOWS\system32\nuinopsd\soft3_on.gif
C:\WINDOWS\system32\nuinopsd\soft3_on_ext.gif
C:\WINDOWS\system32\nuinopsd\softbottom_off.gif
C:\WINDOWS\system32\nuinopsd\softbottom_on.gif
C:\WINDOWS\system32\nuinopsd\softleft_off.gif
C:\WINDOWS\system32\nuinopsd\softleft_on.gif
C:\WINDOWS\system32\nuinopsd\top1.gif
C:\WINDOWS\system32\nuinopsd\top2.gif
C:\WINDOWS\system32\nuinopsd\turnoff1.gif
C:\WINDOWS\system32\nuinopsd\turnon1.gif
C:\WINDOWS\system32\obqqxslq.dll
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\qomnmkj.dll
C:\WINDOWS\system32\vutsevag.dll
C:\WINDOWS\system32\xhxgnkty.dll
C:\WINDOWS\system32\xmusdcbe.dll

.
((((((((((((((((((((((((( Files Created from 2008-02-03 to 2008-03-03 )))))))))))))))))))))))))))))))
.

2008-03-02 18:41 . 2008-03-02 18:41 1,580,580 --a------ C:\ComboFix.exe
2008-03-02 18:38 . 2004-08-04 01:56 388,608 --a------ C:\CF416.exe
2008-03-02 18:35 . 2008-03-02 18:35 812,344 --a------ C:\HJTInstall.exe
2008-03-02 17:13 . 2007-12-04 07:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-03-02 17:13 . 2004-01-09 03:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-03-02 17:13 . 2007-12-04 06:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-03-02 17:13 . 2007-12-04 08:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-02 17:13 . 2007-12-04 08:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-03-02 17:13 . 2007-12-04 08:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-02 17:13 . 2007-12-04 08:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-02 17:13 . 2007-12-04 08:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-02 17:12 . 2008-03-02 17:12 <DIR> d-------- C:\Program Files\Alwil Software
2008-03-02 15:52 . 2008-03-02 17:07 721 --a------ C:\WINDOWS\wininit.ini
2008-03-02 15:37 . 2008-03-02 15:37 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-02 15:37 . 2008-03-02 16:34 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2008-03-02 15:34 . 2008-03-02 15:35 9,722,720 --a------ C:\spybotsd152.exe
2008-03-02 13:25 . 2008-03-02 13:25 72,566 --a------ C:\WINDOWS\system32\GameFly_2.ico
2008-03-02 13:15 . 2008-03-02 18:52 21 --a------ C:\WINDOWS\pskt.ini
2008-03-02 12:59 . 2008-03-02 12:59 <DIR> d-------- C:\WINDOWS\system32\iDlo01
2008-03-02 12:59 . 2008-03-02 12:59 <DIR> d-------- C:\Temp\sanR24
2008-03-01 21:25 . 2008-03-01 21:25 <DIR> d-------- C:\Documents and Settings\jess\Application Data\Viewpoint
2008-03-01 21:25 . 2008-03-01 21:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
2008-02-28 23:41 . 2008-02-28 23:41 <DIR> d-------- C:\Documents and Settings\jess\Application Data\Leadertech
2008-02-25 23:39 . 2008-02-25 23:39 <DIR> d-------- C:\WINDOWS\Pug Screen Cleaner Uninstaller
2008-02-25 23:39 . 2008-01-24 18:38 1,683,896 --a------ C:\WINDOWS\Pug Screen Cleaner.swf
2008-02-25 23:39 . 2007-07-21 14:52 903,168 --a------ C:\WINDOWS\Pug Screen Cleaner.scr
2008-02-25 23:39 . 2007-07-21 14:53 495,104 --a------ C:\WINDOWS\Pug Screen Cleaner.exe
2008-02-25 23:39 . 2006-11-04 22:42 161,078 --a------ C:\WINDOWS\Pug Screen Cleaner.bmp
2008-02-25 23:39 . 2006-11-12 18:55 23,558 --a------ C:\WINDOWS\Pug Screen Cleaner.ico
2008-02-25 23:39 . 2008-01-24 18:39 682 --a------ C:\WINDOWS\Pug Screen Cleaner.c3
2008-02-25 23:39 . 2008-01-24 18:39 682 --a------ C:\WINDOWS\Pug Screen Cleaner.c1
2008-02-25 23:39 . 2006-10-24 18:06 639 --a------ C:\WINDOWS\Pug Screen Cleaner.c4
2008-02-25 23:39 . 2006-10-08 20:33 0 --a------ C:\WINDOWS\Pug Screen Cleaner.ini
2008-02-04 20:22 . 2008-02-04 20:22 <DIR> d-------- C:\WINDOWS\system32\bak

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-03 00:35 --------- d-----w C:\Program Files\Trend Micro
2008-03-01 15:07 --------- d---a-w C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2008-02-28 00:59 --------- d-----w C:\Documents and Settings\jess\Application Data\Yahoo!
2008-02-15 01:45 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-12 02:00 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
2008-02-05 02:29 --------- d-----w C:\Program Files\QuickTime
2008-01-19 00:48 --------- d--h--w C:\Program Files\Zero G Registry
2008-01-19 00:40 --------- d-----w C:\Program Files\THQ
2008-01-16 01:27 --------- d-----w C:\Program Files\Imsi
2008-01-16 01:17 --------- d-----w C:\Program Files\microsoft frontpage
2008-01-14 02:53 --------- d-----w C:\Program Files\Yahoo! Games
2008-01-14 01:04 --------- d-----w C:\Documents and Settings\jess\Application Data\MySpace
2008-01-14 01:03 --------- d-----w C:\Program Files\MySpace
2008-01-12 23:06 --------- d-----w C:\Program Files\MSN Games
2008-01-12 16:41 --------- d-----w C:\Documents and Settings\jess\Application Data\PlayFirst
2008-01-12 16:41 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
2008-01-11 02:17 --------- d-----w C:\DOCUME~1\ALLUSE~1\APPLIC~1\HipSoft
2008-01-06 22:34 --------- d-----w C:\Program Files\sz8049_6
2008-01-05 19:55 --------- d-----w C:\Program Files\sz8049_6jyjgyn
2007-07-28 09:06 135 -c--a-w C:\Program Files\page.html
2006-12-03 01:05 2,522 -c--a-w C:\Program Files\func.js
2006-11-25 07:57 482 -c--a-w C:\Program Files\Del.js
.

((((((((((((((((((((((((((((((((((((((((((((( AWF ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
----a-w 63,712 2007-03-09 16:09:58 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\bak\apdproxy.exe
----a-w 14,348 2008-02-29 05:46:17 C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

----a-w 39,792 2007-10-11 01:51:55 C:\Program Files\Adobe\Reader 8.0\Reader\bak\Reader_sl.exe
----a-w 14,348 2008-02-29 05:46:17 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

----a-w 335,872 2003-11-16 05:00:00 C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe
----a-w 14,348 2008-02-29 05:46:17 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

----a-w 49,152 2005-02-17 04:11:42 C:\Program Files\HP\HP Software Update\bak\HPWuSchd2.exe
----a-w 14,348 2008-02-29 05:46:17 C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

----a-w 45,056 2006-02-02 13:12:30 C:\Program Files\HP\ToolBoxFX\bin\bak\HPTLBXFX.exe
----a-w 14,348 2008-02-29 05:46:17 C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe

----a-w 1,694,208 2004-10-13 16:24:37 C:\Program Files\Messenger\bak\msmsgs.exe
----a-w 14,348 2008-02-29 05:46:17 C:\Program Files\Messenger\msmsgs.exe

----a-w 14,348 2008-02-29 05:46:17 C:\Program Files\QuickTime\bak\qttask.exe
----a-w 14,860 2008-02-05 02:27:58 C:\Program Files\QuickTime\qttask.exe

----a-w 77,824 2003-12-02 20:38:13 C:\Program Files\QuickTime\bak\bak\qttask.exe
----a-w 14,860 2008-02-05 02:27:58 C:\Program Files\QuickTime\qttask.exe

----a-w 77,824 2003-12-02 20:38:13 C:\Program Files\QuickTime\bak\bak\qttask.exe
----a-w 14,348 2008-02-29 05:46:17 C:\Program Files\QuickTime\bak\qttask.exe

----a-w 1,409,024 2003-06-24 00:32:54 C:\Program Files\support.com\client\bin\bak\tgcmd.exe
----a-w 14,348 2008-02-29 05:46:17 C:\Program Files\support.com\client\bin\tgcmd.exe

----a-w 4,670,704 2007-08-30 23:43:18 C:\Program Files\Yahoo!\Messenger\bak\YahooMessenger.exe
----a-w 14,348 2008-02-29 05:46:17 C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

----a-w 4,670,704 2007-08-30 22:43:18 C:\Program Files\Yahoo!\Messenger\bak\YAHOOM~1.EXE

----a-w 224,248 2007-06-08 14:59:38 C:\Program Files\Yahoo!\Search Protection\bak\SearchProtection.exe
----a-w 14,348 2008-02-29 05:46:17 C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

----a-w 28,672 2003-04-20 05:08:44 C:\WINDOWS\SONYSYS\VAIO Recovery\bak\PartSeal.exe
----a-w 14,348 2008-02-29 05:46:17 C:\WINDOWS\SONYSYS\VAIO Recovery\PartSeal.exe

----a-w 15,360 2004-08-04 07:56:48 C:\WINDOWS\system32\bak\ctfmon.exe
----a-w 15,360 2004-08-04 07:56:48 C:\WINDOWS\system32\ctfmon.exe

----a-w 40,960 2002-08-20 18:29:26 C:\WINDOWS\system32\bak\ezSP_Px.exe
----a-w 40,960 2002-08-20 18:29:26 C:\WINDOWS\system32\ezSP_Px.exe

----a-w 114,688 2003-04-07 07:07:38 C:\WINDOWS\system32\bak\hkcmd.exe
----a-w 14,348 2008-02-29 05:46:17 C:\WINDOWS\system32\hkcmd.exe

----a-w 155,648 2003-04-07 07:19:52 C:\WINDOWS\system32\bak\igfxtray.exe
----a-w 14,348 2008-02-29 05:46:17 C:\WINDOWS\system32\igfxtray.exe

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4246C2C6-5676-0AA8-0617-5800CBCDDAB1}]
C:\WINDOWS\system32\yjffss.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D0D90A5B-B9C8-4B8F-A95A-523674181B11}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D1BEDB7C-B9D9-4A4F-8028-E16061C181C6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ED120D76-BF31-412C-A99B-783C6676E128}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0EFEFDA-2A89-4E99-8FEA-01167EDE82F3}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-02-28 23:46 14348]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56 15360]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2008-02-28 23:46 14348]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2008-02-28 23:46 14348]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [ ]
"Iinl"="C:\DOCUME~1\jess\APPLIC~1\CROSOF~1\csrss.exe" [ ]
"Cbvlvwpz"="C:\Program Files\??curity\d?dplay.exe" [ ]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2008-02-28 23:46 14348]
"QuickTime Task"="C:\Program Files\QuickTime\bak\bak\qttask.exe" [2003-12-02 14:38 77824]
"ezShieldProtector for Px"="C:\WINDOWS\System32\ezSP_Px.exe" [2002-08-20 12:29 40960]
"ZTgServerSwitch"="c:\program files\support.com\client\bin\tgcmd.exe" [2008-02-28 23:46 14348]
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2008-02-28 23:46 14348]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2008-02-28 23:46 14348]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-08-18 19:56 4841472]
"AGRSMMSG"="AGRSMMSG.exe" [2003-05-23 12:43 88363 C:\WINDOWS\AGRSMMSG.exe]
"VAIO Recovery"="C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe" [2008-02-28 23:46 14348]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2008-02-28 23:46 14348]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2008-02-28 23:46 14348]
"ToolBoxFX"="C:\Program Files\HP\ToolBoxFX\bin\HPTLBXFX.exe" [2008-02-28 23:46 14348]
"YSearchProtection"="C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" [2008-02-28 23:46 14348]
"RegistryMechanic"="" []
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-02-28 23:46 14348]
"44abe178"="C:\WINDOWS\system32\llrqfwre.dll" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-12-18 19:47 8720384]

C:\DOCUME~1\ALLUSE~1\STARTM~1\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 06:05:56 65588]
Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe [2003-10-02 16:08:08 57344]
Remocon Driver.lnk - C:\Program Files\sony\usbsircs\usbsircs.exe [2007-08-25 13:25:11 229376]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ktlcbnde]
ktlcbnde.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\support.com\\client\\bin\\tgcmd.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"C:\\Program Files\\support.com\\client\\bin\\bak\\tgcmd.exe"=

S3 HPFXBULK;HPFXBULK;C:\WINDOWS\system32\drivers\hpfxbulk.sys [2005-09-20 10:22]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-02 19:00:43
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\bak\atiptaxx.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
.
**************************************************************************
.
Completion time: 2008-03-02 19:02:49 - machine was rebooted [jess]
ComboFix-quarantined-files.txt 2008-03-03 01:02:46
.
2008-02-13 01:55:11 --- E O F ---