And the last bit, page 3:
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-14 00:21
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes …
scanning hidden autostart entries …
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Elprime Clock = c:\program files\Elprime Clock\uclock.exe? ???k???@???@???8O@???h???@???@?4???[?@?d??s?$?sd??s???#?s4???s???4???s???4???D2?s???4???4???
scanning hidden files …
scan completed successfully
hidden files: 0
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1659004503-1682526488-839522115-1001\Software\SecuROM!CAUTION! NEVER A OR CHANGE ANY KEY*]
“??”=hex:05,3f,6c,ad,77,ed,41,0d,ae,4c,f2,e0,61,bd,9c,af,40,c6,d8,9b,2e,a2,22,
df,1d,b5,42,32,44,75,9a,ea,6b,c4,f6,f5,ad,41,03,77,e3,ce,53,bb,cc,ce,fa,da,
“??”=hex:d8,9f,7d,11,6e,5e,e6,30,6b,4d,5e,81,eb,d8,8b,f3
.
--------------------- DLLs Loaded Under Running Processes ---------------------
-
-
-
-
-
-
-
‘explorer.exe’(2232)
c:\winnt\system32\WININET.dll
c:\winnt\system32\ieframe.dll
c:\winnt\system32\mshtml.dll
c:\winnt\system32\msls31.dll
c:\winnt\system32\webcheck.dll
c:\winnt\system32\WPDShServiceObj.dll
c:\winnt\system32\PortableDeviceTypes.dll
c:\winnt\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\winnt\system32\CTsvcCDA.exe
c:\program files\Ahead\InCD\InCDsrv.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\winnt\system32\nvsvc32.exe
c:\winnt\system32\MsPMSPSv.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\winnt\system32\wbem\unsecapp.exe
c:\winnt\system32\wscntfy.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
c:\winnt\system32\RUNDLL32.EXE
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\Java\Java Update\jucheck.exe
.
.
Completion time: 2010-06-14 00:30:45 - machine was rebooted
ComboFix-quarantined-files.txt 2010-06-14 05:30
Pre-Run: 10,859,788,800 bytes free
Post-Run: 12,418,061,312 bytes free
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINNT
[operating systems]
c:\cmdcons\BOOTSECT.DAT=“Microsoft Windows Recovery Console” /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINNT=“Microsoft Windows XP Professional” /noexecute=optin /fastdetect
C:=“Previous Operating System on C:”
Current=2 Default=2 Failed=0 LastKnownGood=4 Sets=1,2,3,4
-
- End Of File - - 3A05871BDAB971E04B7B80376D6D9491
Once again thank You