ComboFix 10-02-12.01 - jurriejaan 15-02-2010  13:29:49.1.1 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.191.108 [GMT 1:00]
Running from: c:\documents and settings\jurriejaan\My Documents\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100214-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((   Files Created from 2010-01-15 to 2010-02-15  )))))))))))))))))))))))))))))))
.

2010-02-15 12:16 . 2009-08-06 18:23	274288	----a-w-	c:\windows\system32\mucltui.dll
2010-02-15 12:16 . 2009-08-06 18:23	215920	----a-w-	c:\windows\system32\muweb.dll
2010-02-15 12:16 . 2010-02-15 12:16	--------	d-----w-	c:\windows\LastGood
2010-02-14 21:07 . 2010-02-14 21:07	--------	d-----w-	c:\documents and settings\All Users\Application Data\Messenger Plus!
2010-02-14 19:05 . 2010-02-14 19:06	--------	d-----w-	c:\documents and settings\jurriejaan\Local Settings\Application Data\Temp
2010-02-14 19:05 . 2010-02-14 19:06	--------	d-----w-	c:\documents and settings\jurriejaan\Local Settings\Application Data\Google
2010-02-14 17:57 . 2010-02-14 17:57	--------	d-----w-	c:\program files\Trend Micro
2010-02-14 17:43 . 2010-02-14 17:43	5115824	----a-w-	c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-02-14 17:42 . 2010-02-14 17:42	--------	d-----w-	c:\documents and settings\jurriejaan\Application Data\Malwarebytes
2010-02-14 17:42 . 2010-01-07 15:07	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-14 17:42 . 2010-02-14 17:43	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-02-14 17:42 . 2010-02-14 17:42	--------	d-----w-	c:\documents and settings\All Users\Application Data\Malwarebytes
2010-02-14 17:42 . 2010-01-07 15:07	19160	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-02-14 17:33 . 2010-02-14 17:33	--------	d-----w-	c:\program files\MSECache
2010-02-14 17:25 . 2010-02-14 17:26	--------	d-----w-	c:\program files\OpenOffice.org 3
2010-02-14 17:10 . 2010-02-14 17:10	--------	d-----w-	c:\program files\CCleaner
2010-02-14 17:07 . 2010-02-14 21:19	--------	d-----w-	c:\documents and settings\jurriejaan\Application Data\vlc
2010-02-14 17:06 . 2010-02-14 17:06	--------	d-----w-	c:\program files\VideoLAN
2010-02-14 17:02 . 2010-02-14 17:02	--------	d-----w-	c:\program files\Messenger Plus! Live
2010-02-14 16:53 . 2010-02-15 12:12	--------	d-----w-	c:\documents and settings\jurriejaan\Tracing
2010-02-14 16:53 . 2010-02-14 16:53	--------	d-----w-	c:\program files\Microsoft Silverlight
2010-02-14 16:52 . 2010-02-14 16:52	--------	d-----w-	c:\program files\Microsoft
2010-02-14 16:52 . 2010-02-14 16:52	--------	d-----w-	c:\program files\Windows Live SkyDrive
2010-02-14 16:51 . 2010-02-14 16:52	--------	d-----w-	c:\program files\Windows Live
2010-02-14 16:49 . 2010-02-14 16:49	--------	d-----w-	c:\program files\Common Files\Windows Live
2010-02-14 16:46 . 2010-02-14 16:46	61440	----a-w-	c:\documents and settings\jurriejaan\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1e5b7878-n\decora-sse.dll
2010-02-14 16:46 . 2010-02-14 16:46	503808	----a-w-	c:\documents and settings\jurriejaan\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1c406ad3-n\msvcp71.dll
2010-02-14 16:46 . 2010-02-14 16:46	348160	----a-w-	c:\documents and settings\jurriejaan\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1c406ad3-n\msvcr71.dll
2010-02-14 16:46 . 2010-02-14 16:46	12800	----a-w-	c:\documents and settings\jurriejaan\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1e5b7878-n\decora-d3d.dll
2010-02-14 16:46 . 2010-02-14 16:46	499712	----a-w-	c:\documents and settings\jurriejaan\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-1c406ad3-n\jmc.dll
2010-02-14 16:46 . 2010-02-14 16:46	--------	d-----w-	c:\program files\Common Files\Java
2010-02-14 16:46 . 2010-02-15 12:17	664	----a-w-	c:\windows\system32\d3d9caps.dat
2010-02-14 16:46 . 2010-02-14 16:45	411368	----a-w-	c:\windows\system32\deploytk.dll
2010-02-14 16:45 . 2010-02-14 16:45	--------	d-----w-	c:\program files\Java
2010-02-14 15:52 . 2010-02-14 15:52	--------	d-----w-	c:\windows\system32\scripting
2010-02-14 15:52 . 2010-02-14 15:52	--------	d-----w-	c:\windows\l2schemas
2010-02-14 15:52 . 2010-02-14 15:52	--------	d-----w-	c:\windows\system32\en
2010-02-14 15:52 . 2010-02-14 15:52	--------	d-----w-	c:\windows\system32\bits
2010-02-14 15:35 . 2010-02-14 15:35	--------	d-sh--w-	c:\documents and settings\jurriejaan\IECompatCache
2010-02-14 15:33 . 2010-02-14 15:33	--------	d-sh--w-	c:\documents and settings\jurriejaan\PrivacIE
2010-02-14 15:29 . 2010-02-14 15:29	--------	d-sh--w-	c:\documents and settings\jurriejaan\IETldCache
2010-02-14 15:22 . 2009-12-11 08:38	69120	-c----w-	c:\windows\system32\dllcache\iecompat.dll
2010-02-14 15:22 . 2010-02-14 15:23	--------	d-----w-	c:\windows\ie8updates
2010-02-14 15:21 . 2009-12-21 19:14	12800	-c----w-	c:\windows\system32\dllcache\xpshims.dll
2010-02-14 15:21 . 2009-12-21 19:14	594432	-c----w-	c:\windows\system32\dllcache\msfeeds.dll
2010-02-14 15:21 . 2009-12-21 19:14	55296	-c----w-	c:\windows\system32\dllcache\msfeedsbs.dll
2010-02-14 15:21 . 2009-12-21 19:14	246272	-c----w-	c:\windows\system32\dllcache\ieproxy.dll
2010-02-14 15:21 . 2009-12-21 19:14	1985536	-c----w-	c:\windows\system32\dllcache\iertutil.dll
2010-02-14 15:21 . 2009-12-21 19:14	11070464	-c----w-	c:\windows\system32\dllcache\ieframe.dll
2010-02-14 15:20 . 2010-02-14 15:21	--------	dc-h--w-	c:\windows\ie8

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-02-14 21:07 . 2010-02-14 09:14	17864	----a-w-	c:\documents and settings\jurriejaan\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-14 15:57 . 2010-02-14 09:05	86327	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat
2010-02-14 09:19 . 2010-02-14 09:19	--------	d-----w-	c:\program files\Alwil Software
2010-02-14 09:07 . 2010-02-14 09:07	--------	d-----w-	c:\program files\microsoft frontpage
2010-02-14 09:03 . 2010-02-14 09:03	21640	----a-w-	c:\windows\system32\emptyregdb.dat
2009-12-31 16:50 . 2004-08-04 12:00	353792	----a-w-	c:\windows\system32\drivers\srv.sys
2009-12-22 05:35 . 2009-12-22 05:35	81920	------w-	c:\windows\system32\ieencode.dll
2009-12-21 19:14 . 2004-08-04 12:00	916480	----a-w-	c:\windows\system32\wininet.dll
2009-12-16 18:43 . 2010-02-14 09:02	343040	----a-w-	c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2004-08-04 12:00	33280	----a-w-	c:\windows\system32\csrsrv.dll
2009-12-04 18:22 . 2004-08-04 12:00	455424	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2009-11-27 17:11 . 2004-08-04 12:00	1291776	----a-w-	c:\windows\system32\quartz.dll
2009-11-27 17:11 . 2004-08-04 00:56	17920	----a-w-	c:\windows\system32\msyuv.dll
2009-11-27 16:07 . 2004-08-04 12:00	28672	----a-w-	c:\windows\system32\msvidc32.dll
2009-11-27 16:07 . 2001-08-17 22:36	8704	----a-w-	c:\windows\system32\tsbyuv.dll
2009-11-27 16:07 . 2004-08-04 12:00	84992	----a-w-	c:\windows\system32\avifil32.dll
2009-11-27 16:07 . 2004-08-04 12:00	11264	----a-w-	c:\windows\system32\msrle32.dll
2009-11-27 16:07 . 2004-08-04 00:56	48128	----a-w-	c:\windows\system32\iyuv_32.dll
2009-11-24 23:54 . 2010-02-14 09:19	1280480	----a-w-	c:\windows\system32\aswBoot.exe
2009-11-24 23:51 . 2010-02-14 09:19	93424	----a-w-	c:\windows\system32\drivers\aswmon.sys
2009-11-24 23:50 . 2010-02-14 09:19	94160	----a-w-	c:\windows\system32\drivers\aswmon2.sys
2009-11-24 23:50 . 2010-02-14 09:19	114768	----a-w-	c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2010-02-14 09:19	20560	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2010-02-14 09:19	48560	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2010-02-14 09:19	23120	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2010-02-14 09:19	27408	----a-w-	c:\windows\system32\drivers\aavmker4.sys
2009-11-24 23:47 . 2010-02-14 09:19	97480	----a-w-	c:\windows\system32\AvastSS.scr
2009-11-21 15:51 . 2004-08-04 12:00	471552	----a-w-	c:\windows\AppPatch\aclayers.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\jurriejaan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2010-02-14 135664]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2/14/2010 10:19 AM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2/14/2010 10:19 AM 20560]
.
Contents of the 'Scheduled Tasks' folder

2010-02-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-329068152-725345543-1003Core.job
- c:\documents and settings\jurriejaan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-02-14 19:05]

2010-02-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-57989841-329068152-725345543-1003UA.job
- c:\documents and settings\jurriejaan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-02-14 19:05]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.nl/
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-02-15 13:33
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3552)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2010-02-15  13:36:30
ComboFix-quarantined-files.txt  2010-02-15 12:36

Pre-Run: 68.899.741.696 bytes free
Post-Run: 68.879.990.784 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

- - End Of File - - 2DBA1E8C8137A6BBAB64CCDE6CEE4EAF