Possible Virus Infection Help!!!

ComboFix 10-02-11.04 - Nitin 12/02/2010 16:01:49.1.2 - x86
Microsoft Windows Vista Home Premium 6.0.6000.0.1252.44.1033.18.2046.1195 [GMT 0:00]
Running from: c:\users\Nitin\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\$recycle.bin\S-1-5-21-3078787865-1357370554-4235994199-500
c:\users\Nitin\AppData\Local\{B9A1A60E-7C2F-4992-A76E-E2EB97C27657}
c:\users\Nitin\AppData\Local\{B9A1A60E-7C2F-4992-A76E-E2EB97C27657}\chrome.manifest
c:\users\Nitin\AppData\Local\{B9A1A60E-7C2F-4992-A76E-E2EB97C27657}\chrome\content\_cfg.js
c:\users\Nitin\AppData\Local\{B9A1A60E-7C2F-4992-A76E-E2EB97C27657}\chrome\content\overlay.xul
c:\users\Nitin\AppData\Local\{B9A1A60E-7C2F-4992-A76E-E2EB97C27657}\install.rdf
c:\windows\system32\twain_32.dll

.
((((((((((((((((((((((((( Files Created from 2010-01-12 to 2010-02-12 )))))))))))))))))))))))))))))))
.

2010-02-12 16:15 . 2010-02-12 16:15 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2010-02-12 15:56 . 2010-02-12 16:00 -------- d-----w- C:\32788R22FWJFW
2010-02-11 09:34 . 2010-02-11 09:34 -------- d-----w- C:\_OTL
2010-02-11 09:29 . 2010-02-11 09:29 -------- d-----w- c:\program files\iPod
2010-02-11 09:29 . 2010-02-11 09:30 -------- d-----w- c:\program files\iTunes
2010-02-11 09:26 . 2010-02-11 09:26 -------- d-----w- c:\program files\QuickTime
2010-02-11 09:24 . 2010-02-11 09:24 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-02-11 09:22 . 2010-02-11 09:22 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
2010-02-10 17:54 . 2010-02-10 17:54 50354 ----a-w- c:\users\Nitin\AppData\Roaming\Facebook\uninstall.exe
2010-02-10 17:54 . 2010-02-10 17:54 -------- d-----w- c:\users\Nitin\AppData\Roaming\Facebook
2010-02-10 06:47 . 2010-02-10 06:47 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-10 02:43 . 2009-12-04 16:27 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-10 02:43 . 2009-12-04 16:27 101888 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-01 22:04 . 2010-02-01 22:04 847040 ----a-w- c:\users\Nitin\AppData\Roaming\Facebook\axfbootloader.dll
2010-02-01 22:04 . 2010-02-01 22:04 5578752 ----a-w- c:\users\Nitin\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
2010-01-27 11:07 . 2010-01-20 18:10 1260800 ----a-w- c:\programdata\avg9\update\backup\avgfrw.exe
2010-01-27 11:07 . 2010-01-20 18:10 3777280 ----a-w- c:\programdata\avg9\update\backup\setup.exe
2010-01-20 18:11 . 2010-01-20 19:34 -------- d-----w- C:\$AVG
2010-01-20 18:11 . 2010-01-20 18:11 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-01-20 18:11 . 2010-01-20 18:11 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-01-20 18:11 . 2010-01-20 18:11 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-01-20 18:11 . 2010-01-20 18:11 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-01-20 18:10 . 2010-02-12 13:54 -------- d-----w- c:\windows\system32\drivers\Avg
2010-01-20 18:10 . 2010-01-20 18:10 -------- d-----w- c:\programdata\avg9
2010-01-20 18:05 . 2010-01-20 18:05 -------- d-----w- c:\program files\AVG

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-12 09:58 . 2007-10-27 10:58 12 ----a-w- c:\windows\bthservsdp.dat
2010-02-11 09:29 . 2007-06-30 09:23 -------- d-----w- c:\program files\Common Files\Apple
2010-02-11 09:23 . 2009-08-20 11:42 -------- d-----w- c:\program files\Safari
2010-02-10 06:55 . 2008-06-24 09:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-10 03:32 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-02-10 03:17 . 2007-05-07 10:03 -------- d-----w- c:\programdata\Microsoft Help
2010-02-09 08:06 . 2007-02-13 04:04 -------- d-----w- c:\program files\Symantec
2010-02-09 08:06 . 2007-02-13 04:04 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-02-09 08:02 . 2007-02-13 04:04 -------- d-----w- c:\programdata\Symantec
2010-02-09 06:42 . 2007-05-16 19:08 -------- d-----w- c:\program files\Java
2010-02-08 14:53 . 2009-05-08 08:44 1356 ----a-w- c:\users\Nitin\AppData\Local\d3d9caps.dat
2010-02-07 11:36 . 2007-04-10 09:02 -------- d-----w- c:\users\Nitin\AppData\Roaming\DMCache
2010-02-05 10:50 . 2007-07-20 22:01 -------- d-----w- c:\users\Nitin\AppData\Roaming\BitTorrent
2010-01-22 13:56 . 2008-03-19 18:14 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-21 08:17 . 2007-02-13 03:55 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-21 08:13 . 2007-02-13 03:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-21 08:12 . 2007-07-09 10:03 -------- d-----w- c:\users\Nitin\AppData\Roaming\GlobalSCAPE
2010-01-20 17:54 . 2009-12-28 00:04 -------- d-sh--w- c:\users\Nitin\AppData\Roaming\lowsec
2010-01-14 11:12 . 2009-10-03 01:02 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-12 09:18 . 2010-01-12 09:18 -------- d-----w- c:\users\Nitin\AppData\Roaming\MathWorks
2010-01-12 08:54 . 2010-01-12 08:54 -------- d-----w- c:\program files\MATLAB
2010-01-07 23:36 . 2009-01-26 15:41 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-07 23:36 . 2009-10-28 13:08 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-07 23:36 . 2009-01-26 15:41 38784 ----a-w- c:\users\Nitin\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-07 21:46 . 2007-09-05 19:41 -------- d-----w- c:\users\Nitin\AppData\Roaming\dvdcss
2010-01-07 16:07 . 2009-10-27 19:41 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 16:07 . 2008-06-24 09:42 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-03 13:07 . 2009-09-27 15:00 150811 ----a-w- c:\windows\hpoins30.dat
2010-01-02 09:26 . 2010-01-02 09:26 29184 ----a-r- c:\users\Nitin\AppData\Roaming\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe
2010-01-02 09:25 . 2010-01-02 09:25 -------- d-----w- c:\program files\mkv2vob
2010-01-02 09:25 . 2009-10-27 21:38 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-02 06:38 . 2010-01-22 04:59 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 04:59 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-22 04:59 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-22 04:59 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-28 12:36 . 2010-02-10 02:44 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-28 12:35 . 2010-02-10 02:44 1327616 ----a-w- c:\windows\system32\quartz.dll
2009-12-28 12:34 . 2010-02-10 02:44 22528 ----a-w- c:\windows\system32\msyuv.dll
2009-12-28 12:34 . 2010-02-10 02:44 31232 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-28 12:34 . 2010-02-10 02:44 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-12-28 12:34 . 2010-02-10 02:44 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-28 12:33 . 2010-02-10 02:44 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-28 12:32 . 2010-02-10 02:44 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-28 12:30 . 2010-02-10 02:44 88576 ----a-w- c:\windows\system32\avifil32.dll
2009-12-28 12:30 . 2010-02-10 02:44 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-12-18 20:49 . 2007-04-28 13:05 -------- d-----w- c:\program files\DivX
2009-12-16 01:59 . 2009-12-16 01:59 -------- d-----w- c:\programdata\Norton
2009-12-11 12:15 . 2010-02-10 02:44 306688 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-11 12:15 . 2010-02-10 02:44 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-12-08 20:54 . 2010-02-10 02:44 3467848 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 20:54 . 2010-02-10 02:44 3502168 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 20:19 . 2010-02-10 02:44 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2009-12-08 19:23 . 2008-12-10 09:41 8224 ----a-w- c:\users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-08 17:58 . 2010-02-10 02:44 813568 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-08 17:57 . 2010-02-10 02:44 22016 ----a-w- c:\windows\system32\netiougc.exe
2009-12-04 10:03 . 2009-12-04 10:03 251376 ----a-w- c:\users\Nitin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
2009-12-01 14:25 . 2007-04-09 17:01 145720 ----a-w- c:\users\Nitin\AppData\Local\GDIPFONTCACHEV1.DAT
2006-05-03 09:06 . 2007-08-09 08:59 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 . 2007-08-09 08:59 31232 --sh--r- c:\windows\System32\msfDX.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
"Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2007-10-23 360448]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 356352]
"kdx"="c:\program files\Kontiki\KHost.exe" [2008-10-21 1032640]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-05-19 3561720]
"Google Update"="c:\users\Nitin\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-06-18 133104]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCUTRAYICON"="FactoryMode" [X]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-04-13 1006264]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2006-11-20 155648]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-05-21 185784]
"tsnp2std"="c:\windows\tsnp2std.exe" [2005-11-14 110592]
"snp2std"="c:\windows\vsnp2std.exe" [2005-11-16 344064]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-04-19 151552]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-03-12 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-03-12 7770112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-03-12 81920]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-10-10 36352]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Malwarebytes Anti-Malware Reboot"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]
"kdx"="c:\program files\Kontiki\KHost.exe" [2008-10-21 1032640]
"hpqSRMon"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-22 141608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-25 44136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\users\Nitin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
Nokia Nseries PC Suite.lnk - c:\program files\Nokia\NNPCS\RunLauncher.exe [2008-1-14 679936]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 15:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [20/01/2010 18:11 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\drivers\avgtdix.sys [20/01/2010 18:11 360584]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12/10/2009 21:24 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12/10/2009 21:24 74480]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [20/01/2010 18:10 285392]
R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\System32\drivers\3xHybrid.sys [13/02/2007 03:41 2807936]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\System32\drivers\npf.sys [06/11/2007 20:22 34064]
S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [03/09/2006 18:32 208896]
S2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe [10/05/2006 17:13 29696]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys [20/07/2008 14:41 13352]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-02-12 c:\windows\Tasks\User_Feed_Synchronization-{AA8ADD1F-EA80-4ED0-8D7F-339848470B49}.job
- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=71&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Download All Links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Nitin\AppData\Roaming\Mozilla\Firefox\Profiles\n6od953u.default\
FF - prefs.js: browser.startup.homepage - hxxp://uk.yahoo.com/
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\users\Nitin\AppData\Roaming\IDM\idmmzcc2\components\idmmzcc.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdrmv2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdsplay.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwmsdrm.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Nitin\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\users\Nitin\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\users\Nitin\AppData\Roaming\Mozilla\Firefox\Profiles\n6od953u.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\Nitin\AppData\Roaming\Mozilla\Firefox\Profiles\n6od953u.default\extensions\letssyncpublisher@letssync.com\platform\WINNT_x86-msvc\plugins\npletssyncpublisher.dll
FF - plugin: c:\users\Nitin\AppData\Roaming\Mozilla\Firefox\Profiles\n6od953u.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07074039.dll
FF - plugin: c:\users\Nitin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-WMFinishInstall - c:\program files\Videocharge Software\Watermark Master\FinishInstallation.exe
AddRemove-Adobe_719d6f144d0c086a0dfa7ff76bb9ac1 - c:\program files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-12 16:15
Windows 6.0.6000 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-968195589-1999526864-464062695-1001\Software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):84,3a,4f,d6,cc,59,a0,92,a3,77,77,65,4b,97,7a,0f,16,00,df,50,ca,
2f,3e,33,62,ac,95,c2,24,d4,00,ad,e8,7f,6e,4b,f4,ea,40,fd,00,00,00,00,00,00,\

[HKEY_USERS\S-1-5-21-968195589-1999526864-464062695-1001\Software\Classes\CLSID\{96d06165-b3a0-4357-a197-32c545806b6a}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000080
"Therad"=dword:0000000f

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-02-12 16:19:42
ComboFix-quarantined-files.txt 2010-02-12 16:19

Pre-Run: 94,527,221,760 bytes free
Post-Run: 100,149,747,712 bytes free

- - End Of File - - 17B0DD57C49D1218E9A51ADB98CD0A21

Hello.

1. Close any open browsers.
   
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
3. Open notepad and copy/paste the text in the quotebox below into it:
   

   
   RegLock::
   [HKEY_USERS\S-1-5-21-968195589-1999526864-464062695-1001\Software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
   [HKEY_USERS\S-1-5-21-968195589-1999526864-464062695-1001\Software\Classes\CLSID\{96d06165-b3a0-4357-a197-32c545806b6a}]
   [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
   [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
   [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
   [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
   [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
   

   
   
4. Save this as CFScript.txt, in the same location as ComboFix.exe
   
   
   
   
5. Referring to the picture above, drag CFScript into ComboFix.exe
   
6. When finished, it shall produce a log for you at C:\ComboFix.txt
   
7. Please post the contents of the log in your next reply.
   

ComboFix 10-02-11.04 - Nitin 14/02/2010 22:44:15.2.2 - x86
Microsoft Windows Vista Home Premium 6.0.6000.0.1252.44.1033.18.2046.1137 [GMT 0:00]
Running from: c:\users\Nitin\Desktop\ComboFix.exe
Command switches used :: c:\users\Nitin\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.

((((((((((((((((((((((((( Files Created from 2010-01-14 to 2010-02-14 )))))))))))))))))))))))))))))))
.

2010-02-14 22:57 . 2010-02-14 22:57 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2010-02-14 22:57 . 2010-02-14 22:57 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-02-14 22:57 . 2010-02-14 22:57 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2010-02-14 22:57 . 2010-02-14 22:57 -------- d-----w- c:\users\Guest\AppData\Local\temp
2010-02-14 22:57 . 2010-02-14 22:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-02-14 22:41 . 2010-02-14 22:42 -------- d-----w- C:\32788R22FWJFW
2010-02-11 09:34 . 2010-02-11 09:34 -------- d-----w- C:\_OTL
2010-02-11 09:29 . 2010-02-11 09:29 -------- d-----w- c:\program files\iPod
2010-02-11 09:29 . 2010-02-11 09:30 -------- d-----w- c:\program files\iTunes
2010-02-11 09:26 . 2010-02-11 09:26 -------- d-----w- c:\program files\QuickTime
2010-02-11 09:24 . 2010-02-11 09:24 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-02-11 09:22 . 2010-02-11 09:22 79144 ----a-w- c:\programdata\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
2010-02-10 17:54 . 2010-02-10 17:54 50354 ----a-w- c:\users\Nitin\AppData\Roaming\Facebook\uninstall.exe
2010-02-10 17:54 . 2010-02-10 17:54 -------- d-----w- c:\users\Nitin\AppData\Roaming\Facebook
2010-02-10 06:47 . 2010-02-10 06:47 5115824 ----a-w- c:\programdata\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-10 02:43 . 2009-12-04 16:27 211968 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-10 02:43 . 2009-12-04 16:27 101888 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-01 22:04 . 2010-02-01 22:04 847040 ----a-w- c:\users\Nitin\AppData\Roaming\Facebook\axfbootloader.dll
2010-02-01 22:04 . 2010-02-01 22:04 5578752 ----a-w- c:\users\Nitin\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
2010-01-27 11:07 . 2010-01-20 18:10 1260800 ----a-w- c:\programdata\avg9\update\backup\avgfrw.exe
2010-01-27 11:07 . 2010-01-20 18:10 3777280 ----a-w- c:\programdata\avg9\update\backup\setup.exe
2010-01-20 18:11 . 2010-01-20 19:34 -------- d-----w- C:\$AVG
2010-01-20 18:11 . 2010-01-20 18:11 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-01-20 18:11 . 2010-01-20 18:11 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-01-20 18:11 . 2010-01-20 18:11 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-01-20 18:11 . 2010-01-20 18:11 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-01-20 18:10 . 2010-02-14 22:37 -------- d-----w- c:\windows\system32\drivers\Avg
2010-01-20 18:10 . 2010-01-20 18:10 -------- d-----w- c:\programdata\avg9
2010-01-20 18:05 . 2010-01-20 18:05 -------- d-----w- c:\program files\AVG

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-14 10:47 . 2007-10-27 10:58 12 ----a-w- c:\windows\bthservsdp.dat
2010-02-12 19:00 . 2007-04-10 09:02 -------- d-----w- c:\users\Nitin\AppData\Roaming\DMCache
2010-02-11 09:29 . 2007-06-30 09:23 -------- d-----w- c:\program files\Common Files\Apple
2010-02-11 09:23 . 2009-08-20 11:42 -------- d-----w- c:\program files\Safari
2010-02-10 06:55 . 2008-06-24 09:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-10 03:32 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-02-10 03:17 . 2007-05-07 10:03 -------- d-----w- c:\programdata\Microsoft Help
2010-02-09 08:06 . 2007-02-13 04:04 -------- d-----w- c:\program files\Symantec
2010-02-09 08:06 . 2007-02-13 04:04 -------- d-----w- c:\program files\Common Files\Symantec Shared
2010-02-09 08:02 . 2007-02-13 04:04 -------- d-----w- c:\programdata\Symantec
2010-02-09 06:42 . 2007-05-16 19:08 -------- d-----w- c:\program files\Java
2010-02-08 14:53 . 2009-05-08 08:44 1356 ----a-w- c:\users\Nitin\AppData\Local\d3d9caps.dat
2010-02-05 10:50 . 2007-07-20 22:01 -------- d-----w- c:\users\Nitin\AppData\Roaming\BitTorrent
2010-01-22 13:56 . 2008-03-19 18:14 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-21 08:17 . 2007-02-13 03:55 -------- d-----w- c:\program files\Common Files\InstallShield
2010-01-21 08:13 . 2007-02-13 03:54 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-21 08:12 . 2007-07-09 10:03 -------- d-----w- c:\users\Nitin\AppData\Roaming\GlobalSCAPE
2010-01-20 17:54 . 2009-12-28 00:04 -------- d-sh--w- c:\users\Nitin\AppData\Roaming\lowsec
2010-01-14 11:12 . 2009-10-03 01:02 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-12 09:18 . 2010-01-12 09:18 -------- d-----w- c:\users\Nitin\AppData\Roaming\MathWorks
2010-01-12 08:54 . 2010-01-12 08:54 -------- d-----w- c:\program files\MATLAB
2010-01-07 23:36 . 2009-01-26 15:41 -------- d-----w- c:\program files\Common Files\Adobe AIR
2010-01-07 23:36 . 2009-10-28 13:08 38784 ----a-w- c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-07 23:36 . 2009-01-26 15:41 38784 ----a-w- c:\users\Nitin\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-01-07 21:46 . 2007-09-05 19:41 -------- d-----w- c:\users\Nitin\AppData\Roaming\dvdcss
2010-01-07 16:07 . 2009-10-27 19:41 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 16:07 . 2008-06-24 09:42 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-03 13:07 . 2009-09-27 15:00 150811 ----a-w- c:\windows\hpoins30.dat
2010-01-02 09:26 . 2010-01-02 09:26 29184 ----a-r- c:\users\Nitin\AppData\Roaming\Microsoft\Installer\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}\Icon21AE04E8.exe
2010-01-02 09:25 . 2010-01-02 09:25 -------- d-----w- c:\program files\mkv2vob
2010-01-02 09:25 . 2009-10-27 21:38 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-01-02 06:38 . 2010-01-22 04:59 916480 ----a-w- c:\windows\system32\wininet.dll
2010-01-02 06:32 . 2010-01-22 04:59 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-01-02 06:32 . 2010-01-22 04:59 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-01-02 04:57 . 2010-01-22 04:59 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-12-28 12:36 . 2010-02-10 02:44 11776 ----a-w- c:\windows\system32\tsbyuv.dll
2009-12-28 12:35 . 2010-02-10 02:44 1327616 ----a-w- c:\windows\system32\quartz.dll
2009-12-28 12:34 . 2010-02-10 02:44 22528 ----a-w- c:\windows\system32\msyuv.dll
2009-12-28 12:34 . 2010-02-10 02:44 31232 ----a-w- c:\windows\system32\msvidc32.dll
2009-12-28 12:34 . 2010-02-10 02:44 123904 ----a-w- c:\windows\system32\msvfw32.dll
2009-12-28 12:34 . 2010-02-10 02:44 13312 ----a-w- c:\windows\system32\msrle32.dll
2009-12-28 12:33 . 2010-02-10 02:44 82944 ----a-w- c:\windows\system32\mciavi32.dll
2009-12-28 12:32 . 2010-02-10 02:44 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2009-12-28 12:30 . 2010-02-10 02:44 88576 ----a-w- c:\windows\system32\avifil32.dll
2009-12-28 12:30 . 2010-02-10 02:44 65024 ----a-w- c:\windows\system32\avicap32.dll
2009-12-18 20:49 . 2007-04-28 13:05 -------- d-----w- c:\program files\DivX
2009-12-11 12:15 . 2010-02-10 02:44 306688 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-11 12:15 . 2010-02-10 02:44 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-12-08 20:54 . 2010-02-10 02:44 3467848 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 20:54 . 2010-02-10 02:44 3502168 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-08 20:19 . 2010-02-10 02:44 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2009-12-08 19:23 . 2008-12-10 09:41 8224 ----a-w- c:\users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-08 17:58 . 2010-02-10 02:44 813568 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-12-08 17:57 . 2010-02-10 02:44 22016 ----a-w- c:\windows\system32\netiougc.exe
2009-12-04 10:03 . 2009-12-04 10:03 251376 ----a-w- c:\users\Nitin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
2009-12-01 14:25 . 2007-04-09 17:01 145720 ----a-w- c:\users\Nitin\AppData\Local\GDIPFONTCACHEV1.DAT
2006-05-03 09:06 . 2007-08-09 08:59 163328 --sh--r- c:\windows\System32\flvDX.dll
2007-02-21 10:47 . 2007-08-09 08:59 31232 --sh--r- c:\windows\System32\msfDX.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-02-12_16.15.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-02-13 03:54 . 2010-02-14 22:35 74186 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2007-02-13 03:54 . 2010-02-12 13:50 74186 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2010-02-14 22:35 77778 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2007-04-09 16:57 . 2010-02-14 22:35 18882 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-968195589-1999526864-464062695-1001_UserData.bin
- 2007-04-09 16:53 . 2010-02-11 19:08 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2007-04-09 16:53 . 2010-02-14 10:16 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-04-09 16:53 . 2010-02-11 19:08 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-04-09 16:53 . 2010-02-14 10:16 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-15 10:03 . 2010-02-11 10:42 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-15 10:03 . 2010-02-12 18:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-11-15 10:03 . 2010-02-12 18:19 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-11-15 10:03 . 2010-02-11 10:42 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-11-15 10:03 . 2010-02-12 18:19 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-11-15 10:03 . 2010-02-11 10:42 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-06-22 06:58 . 2010-02-14 22:33 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-06-22 06:58 . 2010-02-12 13:48 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2007-06-22 06:58 . 2010-02-12 13:48 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-06-22 06:58 . 2010-02-14 22:33 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2007-06-22 06:58 . 2010-02-12 13:48 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2007-06-22 06:58 . 2010-02-14 22:33 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-02-14 22:33 . 2010-02-14 22:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-02-12 13:48 . 2010-02-12 13:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2010-02-12 13:48 . 2010-02-12 13:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2010-02-14 22:33 . 2010-02-14 22:33 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 10:33 . 2010-02-12 18:55 631234 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-02-12 07:59 631234 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2010-02-12 07:59 111812 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2010-02-12 18:55 111812 c:\windows\System32\perfc009.dat
- 2007-04-09 16:53 . 2010-02-11 19:08 180224 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2007-04-09 16:53 . 2010-02-14 10:16 180224 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-06-04 07:23 . 2010-02-14 10:19 14671913 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 147456]
"Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2007-10-23 360448]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-02-20 356352]
"kdx"="c:\program files\Kontiki\KHost.exe" [2008-10-21 1032640]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-05-19 3561720]
"Google Update"="c:\users\Nitin\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-06-18 133104]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCUTRAYICON"="FactoryMode" [X]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-04-13 1006264]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2006-11-20 155648]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 3784704]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2007-05-21 185784]
"tsnp2std"="c:\windows\tsnp2std.exe" [2005-11-14 110592]
"snp2std"="c:\windows\vsnp2std.exe" [2005-11-16 344064]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-04-19 151552]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-03-12 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-03-12 7770112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-03-12 81920]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2007-10-10 36352]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Malwarebytes Anti-Malware Reboot"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]
"kdx"="c:\program files\Kontiki\KHost.exe" [2008-10-21 1032640]
"hpqSRMon"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-01-07 1394000]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-22 141608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-25 44136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\users\Nitin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
Nokia Nseries PC Suite.lnk - c:\program files\Nokia\NNPCS\RunLauncher.exe [2008-1-14 679936]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 15:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-01-01 21:22 3739648 ----a-w- c:\program files\Google\Google Talk\googletalk.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [20/01/2010 18:11 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\System32\drivers\avgtdix.sys [20/01/2010 18:11 360584]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12/10/2009 21:24 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12/10/2009 21:24 74480]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [20/01/2010 18:10 285392]
R3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\System32\drivers\3xHybrid.sys [13/02/2007 03:41 2807936]
S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [03/09/2006 18:32 208896]
S2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\tools\IntelDHSvcConf.exe [10/05/2006 17:13 29696]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys [20/07/2008 14:41 13352]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\System32\drivers\npf.sys [06/11/2007 20:22 34064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-02-14 c:\windows\Tasks\User_Feed_Synchronization-{AA8ADD1F-EA80-4ED0-8D7F-339848470B49}.job
- c:\windows\system32\msfeedssync.exe [2010-01-22 04:56]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_GB&c=71&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Download All Links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\users\Nitin\AppData\Roaming\Mozilla\Firefox\Profiles\n6od953u.default\
FF - prefs.js: browser.startup.homepage - hxxp://uk.yahoo.com/
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\users\Nitin\AppData\Roaming\IDM\idmmzcc2\components\idmmzcc.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdrmv2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdsplay.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npwmsdrm.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Nitin\AppData\Local\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\users\Nitin\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
FF - plugin: c:\users\Nitin\AppData\Roaming\Mozilla\Firefox\Profiles\n6od953u.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\Nitin\AppData\Roaming\Mozilla\Firefox\Profiles\n6od953u.default\extensions\letssyncpublisher@letssync.com\platform\WINNT_x86-msvc\plugins\npletssyncpublisher.dll
FF - plugin: c:\users\Nitin\AppData\Roaming\Mozilla\Firefox\Profiles\n6od953u.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp07074039.dll
FF - plugin: c:\users\Nitin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-14 22:57
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-02-14 23:01:53
ComboFix-quarantined-files.txt 2010-02-14 23:01
ComboFix2.txt 2010-02-12 16:19

Pre-Run: 98,695,172,096 bytes free
Post-Run: 98,651,795,456 bytes free

- - End Of File - - 2511ED39B065AFA7BD1B815DC4691558

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.