Unable to remove or add new Adobe Reader

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [5/27/2009 9:22 PM 64160]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2/24/2009 5:27 PM 325896]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2/24/2009 5:27 PM 108552]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [5/26/2009 1:56 PM 704384]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [4/28/2009 11:33 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [4/28/2009 11:33 AM 72944]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [5/26/2009 1:55 PM 1195008]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2/24/2009 5:27 PM 908568]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2/24/2009 5:27 PM 298776]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3/9/2009 3:06 PM 1005904]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [5/26/2009 1:55 PM 31128]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [5/26/2009 1:56 PM 257432]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [4/28/2009 11:33 AM 7408]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [5/26/2009 3:30 PM 33176]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-05-28 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 01:22]

2009-05-29 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2006-09-27 21:39]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: &Search
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
DPF: {94E5218F-9737-4FC2-8457-567B1FF23DC0} - hxxp://utilities.pcpitstop.com/DiskMD3/DiskMD3Ctrl.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-28 22:39
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
@DACL=(02 0000)
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
@DACL=(02 0000)
"NoChange"="1"
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
@DACL=(02 0000)
"Installed"="1"
@=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1156)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\documents and settings\user\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

- - - - - - - > 'explorer.exe'(3244)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-05-29 22:41
ComboFix-quarantined-files.txt 2009-05-29 02:41
ComboFix2.txt 2009-05-28 15:00

Pre-Run: 28,964,401,152 bytes free
Post-Run: 29,139,730,432 bytes free

257 --- E O F --- 2009-05-23 07:01

Still not able to uninstal or install Adobe. Thanks

have done everything suggested and still nothing

Hello.
I want to try another CFScript.

Now open a new notepad file.
Input this into the notepad file:

RegLock::
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.

ComboFix 09-06-06.04 - user 06/07/2009 14:39.6 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.452 [GMT -4:00]
Running from: C:\Combo-Fix.exe
Command switches used :: c:\documents and settings\user\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: Outpost Firewall *enabled* {8A20CA2A-9E02-4A64-923B-0A38208EB7FD}
.

((((((((((((((((((((((((( Files Created from 2009-05-07 to 2009-06-07 )))))))))))))))))))))))))))))))
.

2009-06-03 00:12 . 2009-06-03 00:12 -------- d-----w- c:\windows\LastGood
2009-06-03 00:04 . 2009-06-03 00:04 3371383 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-05-28 14:47 . 2009-06-07 18:34 3018938 ----a-r- C:\Combo-Fix.exe
2009-05-28 02:06 . 2009-05-28 01:22 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-05-28 01:21 . 2009-05-28 01:21 1005904 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-05-28 01:17 . 2009-05-28 01:17 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-28 01:17 . 2009-03-12 08:17 2902048 -c--a-w- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
2009-05-28 01:16 . 2009-05-28 01:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-05-28 01:16 . 2009-05-28 01:16 -------- d-----w- c:\program files\Lavasoft
2009-05-27 21:41 . 2009-05-27 22:06 -------- d-----w- c:\program files\TweakNow RegCleaner
2009-05-27 21:41 . 2009-05-27 22:04 -------- d-----w- c:\documents and settings\user\Application Data\TweakNow RegCleaner
2009-05-27 20:53 . 2009-05-27 20:57 -------- d-----w- c:\documents and settings\user\Application Data\RegistryPC
2009-05-27 20:41 . 2009-05-27 20:41 -------- d-----w- c:\program files\VS Revo Group
2009-05-26 19:30 . 2009-05-26 19:39 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-05-26 19:30 . 2009-05-26 19:30 -------- d-----w- c:\program files\NOS
2009-05-26 17:56 . 2009-04-06 15:37 704384 ----a-w- c:\windows\system32\drivers\SandBox.sys
2009-05-26 17:56 . 2009-02-10 20:15 257432 ----a-w- c:\windows\system32\drivers\afwcore.sys
2009-05-26 17:55 . 2009-02-18 21:30 31128 ----a-w- c:\windows\system32\drivers\afw.sys
2009-05-26 17:55 . 2009-05-26 17:55 -------- d-----w- c:\program files\Agnitum
2009-05-26 17:54 . 2009-05-26 17:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Agnitum
2009-05-26 16:58 . 2009-05-26 16:58 -------- d-----w- c:\program files\filehippo.com
2009-05-25 16:19 . 2009-06-07 16:40 -------- d-----w- c:\program files\SpywareGuard
2009-05-25 03:41 . 2009-05-25 03:41 -------- d-----w- c:\documents and settings\user\iProfit eBook Package
2009-05-25 02:08 . 2009-05-25 02:08 0 ----a-w- c:\windows\nsreg.dat
2009-05-25 02:08 . 2009-05-25 02:08 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Mozilla
2009-05-25 00:07 . 2009-05-25 00:13 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-05-25 00:07 . 2009-05-25 00:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-24 23:59 . 2009-06-07 16:41 -------- d-----w- c:\program files\SpywareBlaster
2009-05-24 23:59 . 2005-08-25 23:18 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2009-05-24 23:58 . 2009-05-24 23:58 3012768 ----a-w- C:\spywareblastersetup42.exe
2009-05-23 22:05 . 2009-05-23 22:05 -------- d-----w- c:\documents and settings\user\Application Data\Malwarebytes
2009-05-23 22:05 . 2009-05-26 17:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-23 22:05 . 2009-05-26 17:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-23 22:05 . 2009-06-03 00:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-23 22:05 . 2009-05-23 22:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-22 20:45 . 2009-05-22 20:45 -------- d-----w- c:\program files\Trend Micro
2009-05-22 04:23 . 2009-05-22 04:23 -------- d-----w- c:\windows\system32\XPSViewer
2009-05-22 04:23 . 2009-05-22 04:23 -------- d-----w- c:\program files\MSBuild
2009-05-22 04:23 . 2009-05-22 04:23 -------- d-----w- c:\program files\Reference Assemblies
2009-05-22 02:56 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-05-22 02:56 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-05-22 02:56 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-05-22 02:56 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-05-22 02:56 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-05-22 02:56 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-05-22 02:56 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll

.

2009-06-03 00:12 . 2009-06-03 00:12 -------- d-----w- c:\windows\LastGood
2009-06-03 00:04 . 2009-06-03 00:04 3371383 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2009-05-28 14:47 . 2009-06-07 18:34 3018938 ----a-r- C:\Combo-Fix.exe
2009-05-28 02:06 . 2009-05-28 01:22 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-05-28 01:21 . 2009-05-28 01:21 1005904 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
2009-05-28 01:17 . 2009-05-28 01:17 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-28 01:17 . 2009-03-12 08:17 2902048 -c--a-w- c:\documents and settings\All Users\Application Data\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}\Ad-AwareAE.exe
2009-05-28 01:16 . 2009-05-28 01:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft
2009-05-28 01:16 . 2009-05-28 01:16 -------- d-----w- c:\program files\Lavasoft
2009-05-27 21:41 . 2009-05-27 22:06 -------- d-----w- c:\program files\TweakNow RegCleaner
2009-05-27 21:41 . 2009-05-27 22:04 -------- d-----w- c:\documents and settings\user\Application Data\TweakNow RegCleaner
2009-05-27 20:53 . 2009-05-27 20:57 -------- d-----w- c:\documents and settings\user\Application Data\RegistryPC
2009-05-27 20:41 . 2009-05-27 20:41 -------- d-----w- c:\program files\VS Revo Group
2009-05-26 19:30 . 2009-05-26 19:39 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-05-26 19:30 . 2009-05-26 19:30 -------- d-----w- c:\program files\NOS
2009-05-26 17:56 . 2009-04-06 15:37 704384 ----a-w- c:\windows\system32\drivers\SandBox.sys
2009-05-26 17:56 . 2009-02-10 20:15 257432 ----a-w- c:\windows\system32\drivers\afwcore.sys
2009-05-26 17:55 . 2009-02-18 21:30 31128 ----a-w- c:\windows\system32\drivers\afw.sys
2009-05-26 17:55 . 2009-05-26 17:55 -------- d-----w- c:\program files\Agnitum
2009-05-26 17:54 . 2009-05-26 17:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Agnitum
2009-05-26 16:58 . 2009-05-26 16:58 -------- d-----w- c:\program files\filehippo.com
2009-05-25 16:19 . 2009-06-07 16:40 -------- d-----w- c:\program files\SpywareGuard
2009-05-25 03:41 . 2009-05-25 03:41 -------- d-----w- c:\documents and settings\user\iProfit eBook Package
2009-05-25 02:08 . 2009-05-25 02:08 0 ----a-w- c:\windows\nsreg.dat
2009-05-25 02:08 . 2009-05-25 02:08 -------- d-----w- c:\documents and settings\user\Local Settings\Application Data\Mozilla
2009-05-25 00:07 . 2009-05-25 00:13 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-05-25 00:07 . 2009-05-25 00:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-05-24 23:59 . 2009-06-07 16:41 -------- d-----w- c:\program files\SpywareBlaster
2009-05-24 23:59 . 2005-08-25 23:18 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2009-05-24 23:58 . 2009-05-24 23:58 3012768 ----a-w- C:\spywareblastersetup42.exe
2009-05-23 22:05 . 2009-05-23 22:05 -------- d-----w- c:\documents and settings\user\Application Data\Malwarebytes
2009-05-23 22:05 . 2009-05-26 17:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-23 22:05 . 2009-05-26 17:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-23 22:05 . 2009-06-03 00:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-23 22:05 . 2009-05-23 22:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-22 20:45 . 2009-05-22 20:45 -------- d-----w- c:\program files\Trend Micro
2009-05-22 04:23 . 2009-05-22 04:23 -------- d-----w- c:\windows\system32\XPSViewer
2009-05-22 04:23 . 2009-05-22 04:23 -------- d-----w- c:\program files\MSBuild
2009-05-22 04:23 . 2009-05-22 04:23 -------- d-----w- c:\program files\Reference Assemblies
2009-05-22 02:56 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-05-22 02:56 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2009-05-22 02:56 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-05-22 02:56 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-05-22 02:56 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-05-22 02:56 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-05-22 02:56 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 5674352]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-03-18 4363504]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2006-05-25 155648]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2006-05-25 126976]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-04 1947928]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"OutpostMonitor"="c:\progra~1\Agnitum\OUTPOS~1\op_mon.exe" [2009-04-28 2374464]
"OutpostFeedBack"="c:\program files\Agnitum\Outpost Firewall\feedback.exe" [2009-04-28 428032]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-05-28 518488]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 16:05 356352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-05-04 18:49 11952 ----a-w- c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgtray.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [5/27/2009 9:22 PM 64160]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2/24/2009 5:27 PM 325896]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2/24/2009 5:27 PM 108552]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [5/26/2009 1:56 PM 704384]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [4/28/2009 11:33 AM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [4/28/2009 11:33 AM 72944]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\Agnitum\OUTPOS~1\acs.exe [5/26/2009 1:55 PM 1195008]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2/24/2009 5:27 PM 908568]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2/24/2009 5:27 PM 298776]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [5/26/2009 1:55 PM 31128]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [5/26/2009 1:56 PM 257432]
R3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3/9/2009 3:06 PM 1005904]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [5/23/2009 6:05 PM 40160]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [4/28/2009 11:33 AM 7408]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [5/26/2009 3:30 PM 33176]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - MBAMSWISSARMY

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-06-04 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 01:22]

2009-06-06 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2006-09-27 21:39]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: &Search
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
DPF: {94E5218F-9737-4FC2-8457-567B1FF23DC0} - hxxp://utilities.pcpitstop.com/DiskMD3/DiskMD3Ctrl.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-07 14:43
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
@DACL=(02 0000)
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
@DACL=(02 0000)
"NoChange"="1"
"Installed"="1"
@=""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
@DACL=(02 0000)
"Installed"="1"
@=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1188)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\documents and settings\user\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

- - - - - - - > 'explorer.exe'(2572)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2009-06-07 14:46
ComboFix-quarantined-files.txt 2009-06-07 18:46
ComboFix2.txt 2009-05-29 02:41
ComboFix3.txt 2009-05-28 15:00

Pre-Run: 29,273,178,112 bytes free
Post-Run: 29,315,641,344 bytes free

218 --- E O F --- 2009-05-23 07:01