Ok done that.
OZ.dat wouldn't upload to Jotti as its has no size, apparently. On closer inspection it does indeed say it is 0 Bytes.

Both HsInfo and BIOS.sys were found to be clean on Jotti.

I have no surveillance programs of any kind installed [that I know of].
None installed intentionally anyway.

Here is my ComboFix log after doing as stated in your post:
--------------------------------------------------------

ComboFix 09-06-24.05 - **** 25/06/2009 19:31.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1567 [GMT 1:00]
Running from: c:\documents and settings\****\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\****\Desktop\CFScript.txt
AV: avast! antivirus 4.8.1335 [VPS 090624-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\popcinfot.dat"
"c:\windows\system32\XDva248.sys"
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\popcinfot.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_XDVA248
-------\Service_XDva248


((((((((((((((((((((((((( Files Created from 2009-05-25 to 2009-06-25 )))))))))))))))))))))))))))))))
.

2009-06-25 16:26 . 2009-06-25 16:26 -------- dc----w- c:\windows\system32\dllcache\cache
2009-06-25 09:30 . 2009-06-17 10:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-25 09:30 . 2009-06-17 10:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-25 09:10 . 2001-08-17 13:05 141056 -c--a-w- c:\windows\system32\dllcache\icam3.sys
2009-06-25 09:10 . 2001-08-17 13:06 38528 -c--a-w- c:\windows\system32\dllcache\ibmvcap.sys
2009-06-25 09:10 . 2001-08-17 11:12 109085 -c--a-w- c:\windows\system32\dllcache\ibmtrp.sys
2009-06-25 09:10 . 2001-08-17 11:12 100936 -c--a-w- c:\windows\system32\dllcache\ibmtok.sys
2009-06-25 09:10 . 2001-08-17 21:34 9216 -c--a-w- c:\windows\system32\dllcache\ibmsgnet.dll
2009-06-25 09:10 . 2001-08-17 11:11 28700 -c--a-w- c:\windows\system32\dllcache\ibmexmp.sys
2009-06-25 09:08 . 2001-08-17 21:36 93696 -c--a-w- c:\windows\system32\dllcache\hpgt42.dll
2009-06-25 09:07 . 2001-08-17 11:10 22090 -c--a-w- c:\windows\system32\dllcache\fem556n5.sys
2009-06-25 09:06 . 2001-08-17 12:28 241206 -c--a-w- c:\windows\system32\dllcache\el656se5.sys
2009-06-25 09:05 . 2001-08-17 21:36 25600 -c--a-w- c:\windows\system32\dllcache\dc210_32.dll
2009-06-25 09:04 . 2001-08-17 12:51 13824 -c--a-w- c:\windows\system32\dllcache\bulltlp3.sys
2009-06-25 09:03 . 2001-08-17 13:56 66048 -c--a-w- c:\windows\system32\dllcache\s3legacy.dll
2009-06-24 21:58 . 2009-06-24 21:58 -------- d-----w- c:\program files\PC Wizard 2008
2009-06-20 17:11 . 2009-06-20 17:11 -------- d-----w- c:\windows\system32\wbem\Repository
2009-06-20 17:11 . 2009-06-20 17:11 -------- d-----w- c:\program files\Common Files\PCSuite
2009-06-20 17:11 . 2009-06-20 17:11 -------- d-----w- c:\program files\Common Files\Nokia
2009-06-20 16:52 . 2009-06-20 17:11 -------- d-----w- c:\program files\Common Files\PCSuite(2)
2009-06-13 17:02 . 2009-06-13 17:04 -------- d-----w- c:\documents and settings\All Users\Application Data\YoGen
2009-06-13 17:02 . 2009-06-13 17:02 -------- d-----w- c:\program files\YoGen Vocal Remover 3.3.6
2009-06-11 15:11 . 2002-12-11 23:14 34304 -c--a-w- c:\windows\system32\dllcache\mciqtz32.dll
2009-06-11 15:11 . 2002-12-11 23:14 46592 ----a-w- c:\windows\system32\dxdllreg.exe
2009-06-11 15:11 . 2002-08-29 02:41 31744 -c--a-w- c:\windows\system32\dllcache\pid.dll
2009-06-11 15:04 . 2009-06-11 15:04 -------- d-----w- c:\program files\Microsoft Games
2009-06-11 14:33 . 2009-06-13 14:25 -------- d-----w- c:\documents and settings\****\Application Data\My Games
2009-06-11 14:25 . 2009-06-11 14:25 -------- d-----w- c:\program files\Firaxis Games
2009-06-02 22:17 . 2009-06-02 22:17 -------- d-----w- c:\documents and settings\****\Application Data\SAMSUNG
2009-06-02 22:16 . 2006-05-03 21:53 174592 ----a-w- c:\windows\system32\framedyn.dll
2009-06-02 22:16 . 2009-06-02 22:16 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2009-06-02 22:16 . 2005-08-30 16:59 94000 ----a-w- c:\windows\system32\drivers\ss_mdm.sys
2009-06-02 22:16 . 2005-08-30 16:58 8304 ----a-w- c:\windows\system32\drivers\ss_mdfl.sys
2009-06-02 22:16 . 2005-08-30 16:58 6144 ----a-w- c:\windows\system32\drivers\ss_cmnt.sys
2009-06-02 22:16 . 2005-08-30 16:58 6144 ----a-w- c:\windows\system32\drivers\ss_cm.sys
2009-06-02 22:16 . 2005-08-30 16:57 58320 ----a-w- c:\windows\system32\drivers\ss_bus.sys
2009-06-02 22:16 . 2005-08-30 16:57 5808 ----a-w- c:\windows\system32\drivers\ss_whnt.sys
2009-06-02 22:16 . 2005-08-30 16:57 5808 ----a-w- c:\windows\system32\drivers\ss_wh.sys
2009-06-02 22:15 . 2006-07-24 15:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2009-06-02 22:15 . 2009-06-02 22:15 -------- d-----w- c:\program files\Samsung
2009-06-01 11:46 . 2009-06-01 11:58 -------- d-----w- c:\documents and settings\****\Local Settings\Application Data\Wheelman
2009-06-01 11:46 . 2009-06-01 11:46 -------- d-----w- c:\documents and settings\****\Local Settings\Application Data\PC
2009-06-01 11:21 . 2009-06-01 11:21 -------- d-----w- c:\program files\Ubisoft Entertainment
2009-05-29 17:47 . 2009-05-28 19:36 480688 ----a-w- c:\documents and settings\****\Application Data\ijjigame\ijjistarter2.exe
2009-05-28 13:45 . 2009-05-28 13:46 -------- d-----w- c:\documents and settings\****\Application Data\Raptr
2009-05-28 13:41 . 2009-05-28 13:41 -------- d-----w- c:\program files\NHN USA
2009-05-28 13:41 . 2009-05-26 16:31 58800 ----a-w- c:\windows\system32\ijjiProcessRestarter.exe
2009-05-28 13:41 . 2009-05-12 19:48 710064 ----a-w- c:\windows\system32\ijjiSetup.exe
2009-05-28 13:41 . 2008-06-11 22:01 58800 ----a-w- c:\windows\system32\ijjiPlugin2.dll
2009-05-28 13:41 . 2008-04-23 13:02 157152 ----a-w- c:\windows\system32\PubPlugin.dll
2009-05-28 13:02 . 2009-05-28 13:02 -------- d-----w- c:\program files\Windows Live Safety Center
2009-05-28 09:53 . 2009-05-28 12:25 -------- d-----w- C:\Ys Online

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-06-25 18:32 . 2009-03-07 19:29 -------- d-----w- c:\documents and settings\All Users\Application Data\PC Suite
2009-06-25 15:31 . 2008-12-21 23:25 -------- d-----w- c:\documents and settings\****\Application Data\Free Download Manager
2009-06-25 14:28 . 2008-12-21 23:55 45736 ----a-w- c:\documents and settings\****\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-06-25 09:30 . 2009-01-09 12:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-25 09:27 . 2009-01-09 15:15 -------- d-----w- c:\program files\EXPERTool
2009-06-24 22:46 . 2009-02-26 15:45 1389576 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2009-06-24 22:33 . 2008-12-21 23:47 -------- d-----w- c:\program files\Steam
2009-06-24 21:18 . 2009-03-13 16:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-06-24 20:45 . 2008-12-24 19:30 0 ----a-w- c:\windows\OZ.dat
2009-06-21 20:32 . 2008-12-26 21:36 -------- d-----w- c:\documents and settings\****\Application Data\Bioshock
2009-06-21 20:15 . 2008-12-28 19:21 -------- d-----w- c:\documents and settings\****\Application Data\FrostWire
2009-06-20 16:52 . 2009-03-07 19:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Installations
2009-06-20 16:49 . 2009-03-07 19:27 -------- d-----w- c:\program files\Nokia
2009-06-14 07:11 . 2009-01-03 18:20 -------- d-----w- c:\documents and settings\****\Application Data\FileZilla
2009-06-13 21:32 . 2009-04-13 18:22 -------- d-----w- c:\documents and settings\****\Application Data\HLSW
2009-06-13 10:01 . 2008-12-21 22:11 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-04 22:38 . 2009-03-13 16:25 -------- d-----w- c:\program files\Google
2009-06-03 18:04 . 2009-03-06 15:21 -------- d-----w- c:\documents and settings\All Users\Application Data\River Past G5
2009-06-03 18:04 . 2009-03-31 19:24 -------- d-----w- c:\program files\Project64 1.6
2009-06-03 18:03 . 2009-03-08 20:26 -------- d-----w- c:\program files\Neffy
2009-06-03 18:02 . 2009-01-28 17:40 -------- d-----w- c:\program files\BT Broadband Talk Softphone
2009-06-03 17:57 . 2008-12-29 23:52 -------- d-----w- c:\program files\DriftCity
2009-06-02 22:14 . 2008-12-22 19:20 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-31 10:01 . 2008-12-24 02:40 -------- d-----w- c:\program files\PeerGuardian2
2009-05-29 17:47 . 2008-12-29 23:32 -------- d--h--w- c:\documents and settings\****\Application Data\ijjigame
2009-05-28 12:58 . 2009-05-22 19:27 -------- d-----w- c:\program files\CD Recovery Toolbox Free
2009-05-25 22:29 . 2009-01-08 21:08 -------- d-----w- c:\program files\Yahoo!
2009-05-25 22:29 . 2009-04-09 12:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-05-22 21:00 . 2009-01-07 10:02 -------- d-----w- c:\documents and settings\****\Application Data\Smart Recorder
2009-05-21 20:31 . 2009-05-25 22:29 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe
2009-05-20 12:19 . 2009-04-11 09:20 -------- d-----w- c:\program files\TweakNow RegCleaner Professional
2009-05-20 12:19 . 2009-03-06 15:26 -------- d-----w- c:\program files\Combined Community Codec Pack
2009-05-20 12:19 . 2009-04-28 07:54 -------- d-----w- c:\program files\Fruit Machine Emulation
2009-05-19 23:13 . 2008-12-27 16:28 -------- d-----w- c:\program files\Maxis
2009-05-16 12:14 . 2008-12-22 00:02 -------- d-----w- c:\program files\Electronic Arts
2009-05-15 08:05 . 2009-05-15 08:05 -------- d-----w- c:\documents and settings\All Users\Application Data\SimCity Societies
2009-05-14 12:16 . 2009-05-14 12:13 -------- d-----w- c:\program files\Super Mario Blue Twilight DX
2009-05-13 22:08 . 2009-05-13 22:08 -------- d-----w- c:\documents and settings\****\Application Data\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73D DBBD723A6DA9D.1
2009-05-13 22:08 . 2009-05-13 22:08 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-05-13 22:08 . 2009-03-05 20:53 38208 ----a-w- c:\documents and settings\****\Application Data\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe
2009-05-07 14:01 . 2009-05-07 14:01 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2009-05-07 14:01 . 2009-05-07 14:01 22328 ----a-w- c:\documents and settings\****\Application Data\PnkBstrK.sys
2009-05-07 14:01 . 2009-05-07 14:01 22328 ----a-w- c:\documents and settings\****\Application Data\PnkBstrK.sys
2009-05-07 14:01 . 2009-05-07 14:01 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2009-05-07 14:01 . 2009-05-07 14:01 669184 ----a-w- c:\windows\system32\pbsvc.exe
2009-05-07 14:01 . 2009-05-07 14:01 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2009-05-04 14:12 . 2008-12-23 20:39 115432 ----a-w- c:\windows\system32\OpenAL32.dll
2009-05-02 17:09 . 2009-01-10 19:31 -------- d-----w- c:\documents and settings\****\Application Data\Ahead
2009-05-02 09:00 . 2009-05-01 21:44 34396584 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Nokia_PC_Suite_7_1_26_0_eng.exe
2009-05-01 21:45 . 2009-05-01 21:45 -------- d-----w- c:\program files\PC Connectivity Solution
2009-05-01 21:43 . 2009-05-01 21:43 8192 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\Uninst CCD.exe
2009-05-01 21:43 . 2009-05-01 21:43 61440 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\Uninst PCSFEMsi.exe
2009-05-01 21:43 . 2009-05-01 21:43 10240 ----a-w- c:\documents and settings\All Users\Application Data\Installations\{7694EC32-CB0E-4B35-9088-7B320CB1F4FE}\Installer\CommonCustomActions\Uninst PCS.exe
2009-04-28 07:54 . 2009-04-28 07:54 737280 ----a-w- c:\windows\iun6002.exe
2009-04-28 06:21 . 2008-12-22 00:33 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-04-28 06:21 . 2008-12-27 17:34 -------- d-----w- c:\program files\OpenAL
2009-04-22 14:58 . 2008-12-24 20:04 96 ---ha-w- c:\windows\system32\HsInfo.dat
2009-04-21 23:20 . 2009-04-21 23:20 14311680 ----a-w- c:\windows\system32\xlive.dll
2009-04-21 23:20 . 2009-04-21 23:20 13642496 ----a-w- c:\windows\system32\xlivefnt.dll
2009-04-12 16:40 . 2009-04-16 20:53 81 ----a-w- c:\windows\Fonts\Non-Commercial Use.txt
2009-04-08 12:04 . 2009-04-08 12:04 12862 ----a-r- c:\documents and settings\****\Application Data\Microsoft\Installer\{0E2B767B-EA6A-489B-BF83-8083FE1DB661}\_1EEFFF72773535163E4216.exe
2009-04-02 12:14 . 2008-12-27 16:28 531 -c--a-w- c:\windows\eReg.dat
2009-04-01 08:26 . 2009-04-01 08:26 152576 ----a-w- c:\documents and settings\****\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
.

((((((((((((((((((((((((((((( SnapShot@2009-06-25_16.21.44 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-06-25 18:41 . 2009-06-25 18:41 16384 c:\windows\Temp\Perflib_Perfdata_6fc.dat
+ 2009-06-25 18:41 . 2009-06-25 18:41 16384 c:\windows\Temp\Perflib_Perfdata_4a4.dat
+ 2004-08-04 12:00 . 2009-06-25 17:56 71584 c:\windows\system32\perfc009.dat
- 2004-08-04 12:00 . 2009-06-25 09:32 71584 c:\windows\system32\perfc009.dat
+ 2009-06-25 16:26 . 2008-10-16 14:09 51224 c:\windows\system32\dllcache\cache\wuauclt.exe
+ 2009-06-25 16:26 . 2008-04-14 00:12 82432 c:\windows\system32\dllcache\cache\ws2_32.dll
+ 2009-06-25 16:26 . 2008-04-14 00:12 26112 c:\windows\system32\dllcache\cache\userinit.exe
+ 2009-06-25 16:26 . 2008-04-14 00:12 14336 c:\windows\system32\dllcache\cache\svchost.exe
+ 2009-06-25 16:26 . 2008-04-14 00:12 57856 c:\windows\system32\dllcache\cache\spoolsv.exe
+ 2009-06-25 16:26 . 2008-04-14 00:12 17408 c:\windows\system32\dllcache\cache\powrprof.dll
+ 2009-06-25 16:26 . 2008-04-14 00:12 13312 c:\windows\system32\dllcache\cache\lsass.exe
+ 2009-06-25 16:26 . 2008-04-13 18:39 24576 c:\windows\system32\dllcache\cache\kbdclass.sys
+ 2009-06-25 16:26 . 2008-04-13 18:53 36608 c:\windows\system32\dllcache\cache\ip6fw.sys
+ 2009-06-25 16:26 . 2008-04-14 00:12 15360 c:\windows\system32\dllcache\cache\ctfmon.exe
+ 2004-08-04 12:00 . 2009-06-25 17:56 442092 c:\windows\system32\perfh009.dat
- 2004-08-04 12:00 . 2009-06-25 09:32 442092 c:\windows\system32\perfh009.dat
+ 2009-06-25 16:26 . 2008-04-14 00:12 507904 c:\windows\system32\dllcache\cache\winlogon.exe
+ 2009-06-25 16:26 . 2009-03-08 03:34 914944 c:\windows\system32\dllcache\cache\wininet.dll
+ 2009-06-25 16:26 . 2008-04-14 00:12 578560 c:\windows\system32\dllcache\cache\user32.dll
+ 2009-06-25 16:26 . 2008-04-14 00:12 295424 c:\windows\system32\dllcache\cache\termsrv.dll
+ 2009-06-25 16:26 . 2008-06-20 11:51 361600 c:\windows\system32\dllcache\cache\tcpip.sys
+ 2009-06-25 16:26 . 2008-04-14 00:12 108544 c:\windows\system32\dllcache\cache\services.exe
+ 2009-06-25 16:26 . 2008-04-13 19:20 182656 c:\windows\system32\dllcache\cache\ndis.sys
+ 2009-06-25 16:26 . 2008-04-14 00:11 989696 c:\windows\system32\dllcache\cache\kernel32.dll
+ 2009-06-25 16:26 . 2008-04-14 00:11 110080 c:\windows\system32\dllcache\cache\imm32.dll
+ 2009-06-25 16:26 . 2008-04-14 00:11 167936 c:\windows\system32\dllcache\cache\appmgmts.dll
+ 2009-06-25 16:26 . 2008-04-14 00:12 1614848 c:\windows\system32\dllcache\cache\sfcfiles.dll
+ 2009-06-25 16:26 . 2008-08-14 10:09 2145280 c:\windows\system32\dllcache\cache\ntoskrnl.exe
+ 2009-06-25 16:26 . 2008-08-14 09:33 2023936 c:\windows\system32\dllcache\cache\ntkrnlpa.exe
+ 2009-06-25 16:26 . 2008-04-14 00:12 1033728 c:\windows\system32\dllcache\cache\explorer.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-04-29 3338240]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2006-09-10 218032]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-03-20 1312256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp. exe" [2008-11-26 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640]
"CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-02-15 57344]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.E XE" [2004-08-04 208952]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2009-02-09 86016]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e" [2008-08-14 611712]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-02-09 1657376]
"P17Helper"="P17.dll" - c:\windows\system32\P17.dll [2005-05-03 64512]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\grand theft auto iv\\GTAIV\\GTAIV.exe"=
"c:\\Program Files\\Electronic Arts\\Need for Speed Carbon\\NFSC_LINK.exe"=
"c:\\Program Files\\EA Games\\Mercenaries 2 World in Flames\\Mercenaries2.exe"=
"c:\\Program Files\\Steam\\steamapps\\****\\synergy\\hl2.exe"=
"c:\\Program Files\\OZ Intermedia\\OZWorld_G\\OZ.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\fallout 3\\Fallout3.exe"=
"c:\\ijji\\ENGLISH\\u_skid.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\FileZilla FTP Client\\filezilla.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\EA Games\\Mirror's Edge\\Binaries\\MirrorsEdge.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\peggle deluxe\\Peggle.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\peggle extreme\\PeggleExtreme.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutLauncher.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutConfigTool.exe"=
"c:\\Program Files\\Electronic Arts\\Burnout(TM) Paradise The Ultimate Box\\BurnoutParadise.exe"=
"c:\\Program Files\\Steam\\steamapps\\****\\garrysmod\\hl2.exe" =
"c:\\Program Files\\Steam\\steamapps\\****\\team fortress 2\\hl2.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager .exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Steam\\steamapps\\****\\source sdk base 2007\\hl2.exe"=
"c:\\Nexon\\NEXON_EU_Downloader\\NEXON_EU_Download er_Engine.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\bioshock\\Builds\ \Release\\Bioshock.exe"=
"c:\\Program Files\\Adobe\\Adobe Dreamweaver CS3\\Dreamweaver.exe"=
"c:\\Program Files\\HLSW\\hlsw.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\grand theft auto iv\\RGSC\\RGSCLauncher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead\\srcds.exe"=
"c:\\Program Files\\Steam\\steamapps\\****\\half-life\\hl.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\jade empire\\JadeEmpireLauncher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\jade empire\\JadeEmpireConfig.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\sid meier's civilization iii complete\\Conquests\\Civ3Conquests.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\fallout 3\\FalloutLauncher.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\killingfloor\\Sys tem\\KillingFloor.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe"=
"c:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe"=
"c:\\Program Files\\Electronic Arts\\Need for Speed Carbon\\NFSC.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"27015:TCP"= 27015:TCP:SteamServ1
"32140:TCP"= 32140:TCP:*isabled:SolidNetworkManager
"32140:UDP"= 32140:UDP:*isabled:SolidNetworkManager
"5353:TCP"= 5353:TCP:Adobe CSI CS4
"27015:UDP"= 27015:UDP:steammm
"27016:TCP"= 27016:TCP:27016

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [22/12/2008 00:31 114768]
R1 BIOS;BIOS;c:\windows\system32\drivers\BIOS.sys [26/02/2009 22:02 13696]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswF sBlk.sys [22/12/2008 00:31 20560]
R3 scrcap;scrcap;c:\windows\system32\drivers\scrcap.s ys [27/12/2006 15:47 9006]
S2 gupdate1c9a3f862c0adc2;Google Update Service (gupdate1c9a3f862c0adc2);c:\program files\Google\Update\GoogleUpdate.exe [13/03/2009 17:25 133104]
S3 ABIT-IO;ABIT-IO;\??\c:\program files\U-ABIT\abitEQ\ABIT-IO.sys --> c:\program files\U-ABIT\abitEQ\ABIT-IO.sys [?]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [01/05/2009 22:44 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [01/05/2009 22:44 8320]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"
.
Contents of the 'Scheduled Tasks' folder

2009-06-25 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-13 03:36]

2009-06-25 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-13 16:25]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/ig?hl=en&source=iglk
uInternet Settings,ProxyOverride = *.local
IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
TCP: {3CD34341-57F7-406C-91BA-32CB374B0E62} = 149.254.192.126 149.254.201.126
DPF: {8C292180-8BB2-495F-B94B-89FE9F2B530A} - hxxp://rfonline-full.gscdn.com/gscdn/ccr_downloader.cab
DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} - hxxp://dist.globalgamecdn.com/dist/neffy/NeffyLauncher.cab
DPF: {C9A2CBF3-B7F9-463E-A690-82CC077DCFC6} - hxxp://www.4story.com/Active_X/ZemiDetectHardware.cab
FF - ProfilePath -
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-06-25 19:41
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************

[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\n pggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2000478354-1592454029-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:15,ac,0c,23,17,41,4b,2e,56,2e,e9,53,dd,e3 ,01,e6,51,b2,2a,ea,d3,6c,c2,
aa,9b,5b,35,32,6c,17,34,a9,f3,65,4a,1d,32,06,39,54 ,94,ab,46,ae,a4,c3,f4,3d,\
"??"=hex:aa,d3,ad,10,3e,21,e1,5a,ee,a5,d7,2f,8a,be ,03,83

[HKEY_USERS\S-1-5-21-2000478354-1592454029-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:fd,35,26,4e,d0,e5,c0,4f,48,16,7d,58 ,c6,9e,31,52,00,5b,49,17,43,
f1,7c,01,48,12,e8,62,23,4c,86,5d,55,ed,7e,3d,23,4b ,61,e0,ff,ad,95,11,b9,49,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6 ,71,e2,54,98
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(412)
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_eng.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\program files\Logitech\Video\FxSvr2.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
c:\windows\system32\WudfHost.exe
.
************************************************** ************************
.
Completion time: 2009-06-25 19:47 - machine was rebooted
ComboFix-quarantined-files.txt 2009-06-25 18:47
ComboFix2.txt 2009-06-25 16:27

Pre-Run: 80,742,297,600 bytes free
Post-Run: 80,705,826,816 bytes free

Current=4 Default=4 Failed=0 LastKnownGood=7 Sets=1,2,3,4,5,6,7
366 --- E O F --- 2009-05-15 07:45