here is the log
ComboFix 10-09-09.03 - Williamson 09/09/2010 18:06:39.2.1 - x86
Running from: E:\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Defender Pro Antivirus *On-access scanning disabled* (Outdated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: Defender Pro Firewall *enabled* {4055920F-2E99-48A8-A270-4243D2B8F242}
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2010-08-09 to 2010-09-09 )))))))))))))))))))))))))))))))
.
2010-09-09 21:33 . 2010-09-09 21:33 -------- d-----w- c:\windows\LastGood
2010-09-07 00:16 . 2010-09-07 00:16 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys
2010-09-07 00:15 . 2007-07-18 20:22 306688 ----a-w- c:\windows\system32\drivers\rtl8185.sys
2010-09-07 00:15 . 2006-11-15 21:23 38144 ----a-w- c:\windows\system32\drivers\EAPPkt.sys
2010-09-07 00:15 . 2010-09-07 00:15 -------- d-----w- c:\windows\system32\TP-LINK Wireless Adapter Driver and Utility
2010-09-07 00:15 . 2010-09-07 00:15 -------- d-----w- c:\program files\TP-LINK
2010-09-04 18:12 . 2010-09-04 18:13 -------- d-----w- c:\documents and settings\Williamson\Application Data\OnlineArmor
2010-09-04 18:12 . 2010-09-04 18:12 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\OnlineArmor
2010-08-26 02:12 . 2010-09-08 22:36 63488 ----a-w- c:\documents and settings\Williamson\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
2010-08-26 02:12 . 2010-08-26 02:12 52224 ----a-w- c:\documents and settings\Williamson\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-08-26 02:11 . 2010-09-08 22:35 117760 ----a-w- c:\documents and settings\Williamson\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-08-26 02:09 . 2010-08-26 02:10 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-08-26 02:06 . 2010-07-07 17:25 22600 ----a-w- c:\windows\system32\drivers\OAmon.sys
2010-08-26 02:06 . 2010-07-07 17:25 28232 ----a-w- c:\windows\system32\drivers\OAnet.sys
2010-08-26 02:06 . 2010-07-07 17:25 236104 ----a-w- c:\windows\system32\drivers\OADriver.sys
2010-08-26 02:06 . 2010-08-26 02:06 -------- d-----w- c:\program files\Emsisoft
2010-08-26 00:39 . 2010-06-28 20:32 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-08-26 00:39 . 2010-06-28 20:37 165456 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-08-26 00:39 . 2010-06-28 20:33 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-08-26 00:39 . 2010-06-28 20:37 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-08-26 00:39 . 2010-06-28 20:32 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-08-26 00:39 . 2010-06-28 20:32 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-08-26 00:39 . 2010-06-28 20:32 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-08-26 00:38 . 2010-06-28 20:57 38848 ----a-w- c:\windows\avastSS.scr
2010-08-26 00:38 . 2010-06-28 20:57 165032 ----a-w- c:\windows\system32\aswBoot.exe
2010-08-26 00:38 . 2010-08-26 00:38 -------- d-----w- c:\program files\Alwil Software
2010-08-26 00:38 . 2010-08-26 00:38 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Alwil Software
2010-08-20 18:01 . 2001-08-18 03:36 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-08-20 18:01 . 2004-08-04 04:58 15104 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2010-08-20 18:01 . 2004-08-04 04:58 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys
2010-08-20 18:01 . 2004-08-04 06:56 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-08-20 00:59 . 2010-08-20 00:59 -------- d-----w- c:\documents and settings\Williamson\Application Data\InstallShield
2010-08-20 00:18 . 2010-08-20 00:18 -------- d-----w- c:\documents and settings\Williamson\Application Data\Malwarebytes
2010-08-20 00:18 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-08-20 00:18 . 2010-08-20 00:18 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2010-08-20 00:18 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-08-20 00:18 . 2010-08-20 00:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-08-19 17:50 . 2009-11-27 17:33 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll
2010-08-19 17:50 . 2009-11-27 17:33 1291264 -c----w- c:\windows\system32\dllcache\quartz.dll
2010-08-19 17:50 . 2009-12-14 07:35 33280 -c----w- c:\windows\system32\dllcache\csrsrv.dll
2010-08-19 17:50 . 2010-02-26 06:12 474112 -c----w- c:\windows\system32\dllcache\shlwapi.dll
2010-08-19 17:50 . 2008-10-23 13:01 283648 -c----w- c:\windows\system32\dllcache\gdi32.dll
2010-08-19 17:49 . 2009-08-05 09:11 204800 -c----w- c:\windows\system32\dllcache\mswebdvd.dll
2010-08-18 16:23 . 2010-08-18 16:23 -------- d-----w- c:\documents and settings\Williamson\Local Settings\Application Data\Identities
2010-08-18 16:09 . 2010-08-18 16:09 -------- d-----w- c:\documents and settings\Williamson\Local Settings\Application Data\Adobe
2010-08-18 00:44 . 2010-08-18 00:44 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2010-08-18 00:44 . 2010-08-18 00:44 -------- d-----w- c:\documents and settings\Williamson\Application Data\SUPERAntiSpyware.com
2010-08-17 23:53 . 2010-08-17 23:53 -------- d-----w- c:\program files\Trend Micro
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-07 00:15 . 2002-03-21 00:12 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-08-24 02:42 . 2010-01-01 22:26 -------- d-----w- c:\program files\Common Files\BitDefender
2010-08-24 02:41 . 2010-01-11 02:47 81984 ----a-w- c:\windows\system32\bdod.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-30 68856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-06-28 2837864]
"@OnlineArmor GUI"="c:\program files\Emsisoft\Online Armor\OAui.exe" [2010-07-07 6854984]
c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
TP-LINK Wireless Utility.lnk - c:\program files\TP-LINK\TL-WN313G_353G_353GD\RtWLan.exe [2010-9-6 790528]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= "c:\progra~1\Emsisoft\ONLINE~1\oaevent.dll" [2010-07-07 924488]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8/25/2010 7:39 PM 165456]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [8/25/2010 9:06 PM 236104]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [8/25/2010 9:06 PM 22600]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [8/25/2010 9:06 PM 28232]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 1:25 PM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 1:41 PM 67656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8/25/2010 7:39 PM 17744]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [9/6/2010 7:15 PM 38144]
R2 OAcat;Online Armor Helper Service;c:\program files\Emsisoft\Online Armor\oacat.exe [8/25/2010 9:06 PM 1283400]
S2 SvcOnlineArmor;Online Armor;c:\program files\Emsisoft\Online Armor\oasrv.exe [8/25/2010 9:06 PM 3364680]
.
Contents of the 'Scheduled Tasks' folder
2008-05-11 c:\windows\Tasks\Disk Cleanup.job
- c:\windows\system32\cleanmgr.exe [2001-08-30 07:56]
.
.
------- Supplementary Scan -------
.
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2010-09-09 18:19
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
@DACL=(02 0000)
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
@DACL=(02 0000)
"NoChange"="1"
"Installed"="1"
@=""
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
@DACL=(02 0000)
"Installed"="1"
@=""
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(448)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
Completion time: 2010-09-09 18:23:54
ComboFix-quarantined-files.txt 2010-09-09 23:23
ComboFix2.txt 2010-09-06 06:11
Pre-Run: 2,842,435,584 bytes free
Post-Run: 2,902,962,176 bytes free
- - End Of File - - 9367A6B62AA466156924C53B223BDD0D