No Idea What I've Got

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-29 05:08 . 2006-02-03 00:29 -------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-24 01:46 . 2006-02-03 00:29 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-05-22 20:07 . 2005-11-29 09:57 -------- d-----w c:\program files\Java
2009-05-22 19:40 . 2008-11-10 22:09 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-09 20:53 . 2008-06-08 06:29 11952 ----a-w c:\windows\system32\avgrsstx.dll
2009-05-09 20:53 . 2008-06-08 06:29 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-05-09 20:53 . 2007-02-22 00:49 27784 ----a-w c:\windows\system32\drivers\avgmfx86.sys
2009-05-09 20:53 . 2008-06-08 06:29 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-05-05 03:53 . 2008-08-12 05:18 -------- d-----w c:\program files\Windows Desktop Search
2009-05-03 02:22 . 2009-04-16 00:54 -------- d-----w c:\documents and settings\All Users\Application Data\HTDigital
2009-04-28 04:11 . 2009-04-28 04:04 -------- d-----w c:\documents and settings\All Users\Application Data\DriverCure
2009-04-28 04:04 . 2009-04-28 04:04 -------- d-----w c:\documents and settings\Meghan\Application Data\DriverCure
2009-04-28 04:04 . 2009-04-28 04:04 -------- d-----w c:\documents and settings\All Users\Application Data\ParetoLogic
2009-04-27 18:43 . 2009-04-27 00:01 -------- d-----w c:\program files\Trillian
2009-04-26 04:26 . 2008-11-15 23:49 -------- d-----w c:\documents and settings\Meghan\Application Data\dvdcss
2009-04-18 05:07 . 2009-04-18 05:07 -------- d-----w c:\documents and settings\All Users\Application Data\SupportSoft
2009-04-17 07:35 . 2007-11-11 20:16 -------- d-----w c:\documents and settings\Meghan\Application Data\Move Networks
2009-04-17 07:34 . 2009-04-12 08:50 -------- d-----w c:\program files\NOS
2009-04-17 07:34 . 2009-04-12 08:50 -------- d-----w c:\documents and settings\All Users\Application Data\NOS
2009-04-16 04:35 . 2006-11-17 23:59 -------- d-----w c:\program files\InterActual
2009-04-15 09:23 . 2009-04-15 09:23 -------- d-----w c:\program files\iTunes
2009-04-15 09:23 . 2009-04-15 09:23 -------- d-----w c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-15 09:23 . 2006-01-30 01:14 -------- d-----w c:\program files\iPod
2009-04-15 09:23 . 2007-07-01 00:18 -------- d-----w c:\program files\Common Files\Apple
2009-04-15 09:17 . 2009-04-15 09:17 75048 ----a-w c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-04-13 01:07 . 2009-04-13 01:02 -------- d-----w c:\program files\Unlocker
2009-04-12 20:42 . 2009-04-12 20:42 -------- d-----w c:\documents and settings\Meghan\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2009-04-12 09:02 . 2009-04-12 09:02 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-04-12 08:59 . 2006-01-30 23:41 -------- d-----w c:\program files\Common Files\Adobe
2009-04-12 08:38 . 2009-04-12 08:38 2560 ----a-w c:\windows\_MSRSTRT.EXE
2009-04-04 03:51 . 2009-04-04 02:24 152576 ----a-w c:\documents and settings\Meghan\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-03-19 20:32 . 2009-03-19 20:32 23400 ----a-w c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-19 20:32 . 2008-01-29 16:01 23400 ----a-w c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-09 09:03 . 2007-05-23 23:23 121984 ----a-w c:\windows\system32\drivers\Rtnicxp.sys
2009-03-08 08:34 . 2004-08-04 08:00 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 08:34 . 2004-08-04 08:00 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 08:33 . 2004-08-04 08:00 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 08:33 . 2004-08-04 08:00 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 08:32 . 2004-08-04 08:00 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 08:32 . 2004-08-04 08:00 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 08:31 . 2004-08-04 08:00 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 08:31 . 2004-08-04 08:00 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 08:31 . 2004-08-04 08:00 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 08:22 . 2004-08-04 08:00 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-06 14:22 . 2004-08-04 08:00 284160 ----a-w c:\windows\system32\pdh.dll
2009-03-03 16:18 . 2008-07-21 20:14 73728 ----a-w c:\windows\system32\RtNicProp32.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="c:\program files\CCleaner\ccleaner.exe" [2009-05-07 1561840]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 1015808]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-09 1947928]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2006-09-07 15872]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-22 148888]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-02-24 198160]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-09 20:53 11952 ----a-w c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\network diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [6/8/2008 2:29 AM 325896]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [6/8/2008 2:29 AM 108552]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [7/3/2008 2:42 AM 908568]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [7/3/2008 2:42 AM 298776]
R3 HSFHWATI;HSFHWATI;c:\windows\system32\drivers\HSFHWATI.sys [8/22/2005 5:06 AM 231424]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S3 84f252b7-be58-43c5-bc3e-db824f7e2fc3;84f252b7-be58-43c5-bc3e-db824f7e2fc3;\??\d:\cds300\cds300.dll --> d:\cds300\cds300.dll [?]
S4 LXJNTEX;LXJNTEX;c:\docume~1\Meghan\LOCALS~1\Temp\LXJNTEX.exe --> c:\docume~1\Meghan\LOCALS~1\Temp\LXJNTEX.exe [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-03-18 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-procexp90.Sys

.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = hxxp://www.apple.com/itunes/download/
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
FF - ProfilePath - c:\documents and settings\Meghan\Application Data\Mozilla\Firefox\Profiles\8rubixi7.Meghan\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://en.wikipedia.org/wiki/Main_Page
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-29 01:22
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(784)
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3812)
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\windows\system32\LEXBCES.EXE
c:\windows\system32\LEXPPS.EXE
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Comcast\Desktop Doctor\bin\sprtsvc.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\progra~1\AVG\AVG8\avgnsx.exe
c:\program files\AVG\AVG8\avgcsrvx.exe
c:\windows\system32\ati2evxx.exe
c:\windows\system32\wscntfy.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wbem\wmiadap.exe
.
**************************************************************************
.
Completion time: 2009-05-29 1:26 - machine was rebooted
ComboFix-quarantined-files.txt 2009-05-29 05:26

Pre-Run: 46,479,638,528 bytes free
Post-Run: 46,389,460,992 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptOut

879 --- E O F --- 2009-05-13 06:20

What exactly *is* all this stuff? It can't all be malware and viruses, can it??

Hello.
Not all of it is malware, the log just shows us a lot of information we need, to seperate what is malware, and what's not. Then we kick the bad stuff out.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?

Thank you so much for your help, and thanks to Origin, too. I think that the viruses/malware/scourge of my computer is gone now.