Here is the TDSSKiller report:
2011/04/26 15:26:19.0593 1012 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/04/26 15:26:20.0328 1012 ================================================================================
2011/04/26 15:26:20.0328 1012 SystemInfo:
2011/04/26 15:26:20.0328 1012
2011/04/26 15:26:20.0328 1012 OS Version: 5.1.2600 ServicePack: 3.0
2011/04/26 15:26:20.0328 1012 Product type: Workstation
2011/04/26 15:26:20.0328 1012 ComputerName: STUDENT-68C5624
2011/04/26 15:26:20.0328 1012 UserName: Administrator
2011/04/26 15:26:20.0328 1012 Windows directory: C:\WINDOWS
2011/04/26 15:26:20.0328 1012 System windows directory: C:\WINDOWS
2011/04/26 15:26:20.0328 1012 Processor architecture: Intel x86
2011/04/26 15:26:20.0328 1012 Number of processors: 1
2011/04/26 15:26:20.0328 1012 Page size: 0x1000
2011/04/26 15:26:20.0328 1012 Boot type: Normal boot
2011/04/26 15:26:20.0328 1012 ================================================================================
2011/04/26 15:26:21.0000 1012 Initialize success
2011/04/26 15:26:23.0093 0396 ================================================================================
2011/04/26 15:26:23.0093 0396 Scan started
2011/04/26 15:26:23.0093 0396 Mode: Manual;
2011/04/26 15:26:23.0093 0396 ================================================================================
2011/04/26 15:26:24.0296 0396 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/04/26 15:26:24.0375 0396 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2011/04/26 15:26:24.0437 0396 ADM8511 (b05f2367f62552a2de7e3c352b7b9885) C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
2011/04/26 15:26:24.0531 0396 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/04/26 15:26:24.0656 0396 AFD (7618d5218f2a614672ec61a80d854a37) C:\WINDOWS\System32\drivers\afd.sys
2011/04/26 15:26:24.0953 0396 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/04/26 15:26:24.0984 0396 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/04/26 15:26:25.0062 0396 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/04/26 15:26:25.0140 0396 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/04/26 15:26:25.0234 0396 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/04/26 15:26:25.0484 0396 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/04/26 15:26:25.0578 0396 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/04/26 15:26:25.0609 0396 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/04/26 15:26:25.0640 0396 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/04/26 15:26:25.0718 0396 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
2011/04/26 15:26:26.0562 0396 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/04/26 15:26:26.0718 0396 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2011/04/26 15:26:27.0140 0396 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2011/04/26 15:26:27.0531 0396 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/04/26 15:26:27.0796 0396 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/04/26 15:26:27.0906 0396 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/04/26 15:26:28.0031 0396 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2011/04/26 15:26:28.0140 0396 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/04/26 15:26:28.0187 0396 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/04/26 15:26:28.0234 0396 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2011/04/26 15:26:28.0265 0396 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/04/26 15:26:28.0375 0396 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/04/26 15:26:28.0437 0396 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/04/26 15:26:28.0468 0396 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/04/26 15:26:28.0578 0396 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2011/04/26 15:26:28.0625 0396 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/04/26 15:26:28.0781 0396 HPZid412 (863cc3a82c63c9f60acf2e85d5310620) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2011/04/26 15:26:28.0859 0396 HPZipr12 (08cb72e95dd75b61f2966b311d0e4366) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2011/04/26 15:26:28.0921 0396 HPZius12 (ca990306ed4ef732af9695bff24fc96f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2011/04/26 15:26:29.0031 0396 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/04/26 15:26:29.0140 0396 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/04/26 15:26:29.0281 0396 ialm (0294a30b302ca71a2c26e582dda93486) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
2011/04/26 15:26:29.0359 0396 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/04/26 15:26:29.0437 0396 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2011/04/26 15:26:29.0546 0396 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/04/26 15:26:29.0609 0396 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/04/26 15:26:29.0671 0396 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/04/26 15:26:29.0718 0396 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/04/26 15:26:29.0781 0396 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/04/26 15:26:29.0843 0396 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/04/26 15:26:29.0906 0396 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/04/26 15:26:29.0937 0396 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/04/26 15:26:30.0015 0396 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/04/26 15:26:30.0046 0396 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/04/26 15:26:30.0156 0396 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/04/26 15:26:30.0265 0396 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/04/26 15:26:30.0328 0396 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2011/04/26 15:26:30.0359 0396 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/04/26 15:26:30.0390 0396 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/04/26 15:26:30.0453 0396 MpFilter (7e34bfa1a7b60bba1da03d677f16cd63) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
2011/04/26 15:26:30.0734 0396 MpKsl63ee39c6 (5f53edfead46fa7adb78eee9ecce8fdf) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{70F1C903-9158-47D5-831A-3C0F289CCF01}\MpKsl63ee39c6.sys
2011/04/26 15:26:30.0812 0396 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/04/26 15:26:30.0953 0396 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/04/26 15:26:31.0000 0396 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/04/26 15:26:31.0078 0396 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/04/26 15:26:31.0125 0396 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/04/26 15:26:31.0156 0396 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/04/26 15:26:31.0234 0396 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/04/26 15:26:31.0265 0396 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2011/04/26 15:26:31.0328 0396 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/04/26 15:26:31.0359 0396 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2011/04/26 15:26:31.0406 0396 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2011/04/26 15:26:31.0437 0396 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2011/04/26 15:26:31.0500 0396 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/04/26 15:26:31.0531 0396 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2011/04/26 15:26:31.0625 0396 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2011/04/26 15:26:31.0687 0396 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/04/26 15:26:31.0750 0396 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/04/26 15:26:31.0828 0396 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/04/26 15:26:31.0890 0396 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2011/04/26 15:26:31.0921 0396 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2011/04/26 15:26:31.0984 0396 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2011/04/26 15:26:32.0015 0396 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/04/26 15:26:32.0046 0396 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/04/26 15:26:32.0078 0396 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/04/26 15:26:32.0187 0396 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/04/26 15:26:32.0234 0396 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/04/26 15:26:32.0515 0396 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2011/04/26 15:26:32.0562 0396 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/04/26 15:26:32.0593 0396 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/04/26 15:26:32.0750 0396 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2011/04/26 15:26:32.0828 0396 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2011/04/26 15:26:32.0859 0396 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2011/04/26 15:26:32.0890 0396 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2011/04/26 15:26:32.0937 0396 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2011/04/26 15:26:32.0968 0396 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/04/26 15:26:33.0000 0396 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2011/04/26 15:26:33.0109 0396 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/04/26 15:26:33.0187 0396 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2011/04/26 15:26:33.0265 0396 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2011/04/26 15:26:33.0343 0396 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/04/26 15:26:33.0453 0396 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
2011/04/26 15:26:33.0562 0396 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2011/04/26 15:26:33.0609 0396 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2011/04/26 15:26:33.0671 0396 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/04/26 15:26:33.0765 0396 smwdm (0066ff77aeb4ae70066f7e94d5a6d866) C:\WINDOWS\system32\drivers\smwdm.sys
2011/04/26 15:26:33.0828 0396 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/04/26 15:26:33.0890 0396 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/04/26 15:26:34.0000 0396 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/04/26 15:26:34.0062 0396 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/04/26 15:26:34.0093 0396 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/04/26 15:26:34.0234 0396 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/04/26 15:26:34.0359 0396 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2011/04/26 15:26:34.0437 0396 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/04/26 15:26:34.0484 0396 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/04/26 15:26:34.0515 0396 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2011/04/26 15:26:34.0625 0396 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/04/26 15:26:34.0687 0396 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/04/26 15:26:34.0796 0396 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
2011/04/26 15:26:34.0875 0396 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/04/26 15:26:34.0937 0396 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/04/26 15:26:34.0968 0396 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/04/26 15:26:35.0000 0396 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2011/04/26 15:26:35.0031 0396 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/04/26 15:26:35.0062 0396 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/04/26 15:26:35.0093 0396 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/04/26 15:26:35.0109 0396 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/04/26 15:26:35.0218 0396 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/04/26 15:26:35.0312 0396 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/04/26 15:26:35.0390 0396 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/04/26 15:26:35.0546 0396 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2011/04/26 15:26:35.0609 0396 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2011/04/26 15:26:36.0312 0396 ================================================================================
2011/04/26 15:26:36.0312 0396 Scan finished
2011/04/26 15:26:36.0312 0396 ================================================================================
And here is the Combofix.txt:
ComboFix 11-04-25.01 - Administrator 04/26/2011 15:30:35.4.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.667 [GMT -7:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((( Files Created from 2011-03-26 to 2011-04-26 )))))))))))))))))))))))))))))))
.
.
2011-04-26 22:18 . 2011-04-26 22:18 28752 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{70F1C903-9158-47D5-831A-3C0F289CCF01}\MpKsl63ee39c6.sys
2011-04-26 15:15 . 2011-04-26 15:16 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Adobe
2011-04-26 14:39 . 2011-04-18 16:15 7071056 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{70F1C903-9158-47D5-831A-3C0F289CCF01}\mpengine.dll
2011-04-25 14:36 . 2011-04-25 14:36 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple Computer
2011-04-22 20:04 . 2011-04-22 20:04 -------- d-----w- c:\documents and settings\Administrator\Application Data\TeamViewer
2011-04-22 20:04 . 2011-04-22 20:04 -------- d-----w- c:\program files\TeamViewer
2011-04-22 01:03 . 2010-12-21 01:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-22 01:02 . 2010-12-21 01:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-22 01:02 . 2011-04-22 01:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-22 00:56 . 2011-04-22 00:56 -------- d-----w- c:\program files\Microsoft Easy Assist
2011-04-22 00:55 . 2011-04-22 00:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Applications
2011-04-21 22:46 . 2011-04-21 22:46 -------- d-----w- c:\windows\system32\wbem\Repository
2011-04-19 08:01 . 2011-04-19 08:01 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache
2011-04-19 06:00 . 2011-04-19 06:00 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2011-04-19 06:00 . 2011-04-19 06:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-04 06:37 . 2004-08-04 10:00 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-02-22 11:41 . 2004-08-04 10:00 385024 ----a-w- c:\windows\system32\html.iec
2011-02-19 00:36 . 2010-12-29 03:08 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2011-02-19 00:36 . 2010-12-29 03:08 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll
2011-02-09 13:53 . 2004-08-04 10:00 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2004-08-04 10:00 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-03 01:11 . 2010-02-07 18:25 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-02-02 07:58 . 2010-02-07 16:23 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57 . 2010-02-07 16:23 677888 ----a-w- c:\windows\system32\mstsc.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-04-22_20.32.35 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-04-26 22:18 . 2011-04-26 22:18 16384 c:\windows\Temp\Perflib_Perfdata_6f0.dat
+ 2004-08-04 10:00 . 2009-04-20 17:17 45568 c:\windows\system32\dnsrslvr.dll
- 2004-08-04 10:00 . 2008-04-14 13:41 45568 c:\windows\system32\dnsrslvr.dll
+ 2009-04-20 17:17 . 2009-04-20 17:17 45568 c:\windows\system32\dllcache\dnsrslvr.dll
- 2011-04-12 17:08 . 2010-07-05 13:15 26488 c:\windows\SoftwareDistribution\Download\ffb0305b84be976e368f4bfa04459a05\update\spcustom.dll
- 2011-04-12 17:08 . 2010-07-05 13:15 17272 c:\windows\SoftwareDistribution\Download\ffb0305b84be976e368f4bfa04459a05\spmsg.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 26488 c:\windows\SoftwareDistribution\Download\fd871d0f75f00e3b5f81b99f1bc42aeb\update\spcustom.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 17272 c:\windows\SoftwareDistribution\Download\fd871d0f75f00e3b5f81b99f1bc42aeb\spmsg.dll
- 2011-04-12 17:08 . 2009-05-26 11:40 26488 c:\windows\SoftwareDistribution\Download\e6d6fc63553b9d9105fc846261a4264c\update\spcustom.dll
- 2011-04-12 17:08 . 2009-05-26 11:40 17272 c:\windows\SoftwareDistribution\Download\e6d6fc63553b9d9105fc846261a4264c\spmsg.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 26488 c:\windows\SoftwareDistribution\Download\b5f880834ad67f3d383ffff5f2fa46bd\update\spcustom.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 17272 c:\windows\SoftwareDistribution\Download\b5f880834ad67f3d383ffff5f2fa46bd\spmsg.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 26488 c:\windows\SoftwareDistribution\Download\6870f168611996e69348307ffc62e858\update\spcustom.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 17272 c:\windows\SoftwareDistribution\Download\6870f168611996e69348307ffc62e858\spmsg.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 26488 c:\windows\SoftwareDistribution\Download\621a08ac003b616bcaa86aa4d4292d50\update\spcustom.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 17272 c:\windows\SoftwareDistribution\Download\621a08ac003b616bcaa86aa4d4292d50\spmsg.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 26488 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\update\spcustom.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 17272 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\spmsg.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 12800 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\xpshims.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 66560 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\mshtmled.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 55296 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\msfeedsbs.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 43520 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\licmgr10.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 25600 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\jsproxy.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 12800 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\xpshims.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 66560 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\mshtmled.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 55296 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\msfeedsbs.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 43520 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\licmgr10.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 25600 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\jsproxy.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 26488 c:\windows\SoftwareDistribution\Download\299840a657dd26ca3bbf3cee3ec999ba\update\spcustom.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 17272 c:\windows\SoftwareDistribution\Download\299840a657dd26ca3bbf3cee3ec999ba\spmsg.dll
- 2011-04-12 17:08 . 2010-07-05 13:15 26488 c:\windows\SoftwareDistribution\Download\1224f72bda465fea8f2830c4d5b1d65c\update\spcustom.dll
- 2011-04-12 17:08 . 2010-07-05 13:15 17272 c:\windows\SoftwareDistribution\Download\1224f72bda465fea8f2830c4d5b1d65c\spmsg.dll
- 2011-04-12 17:09 . 2011-03-03 13:54 30208 c:\windows\SoftwareDistribution\Download\0c6e0ca46352c47f77e820c13f5be83d\update\w32ksign.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 26488 c:\windows\SoftwareDistribution\Download\0c6e0ca46352c47f77e820c13f5be83d\update\spcustom.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 17272 c:\windows\SoftwareDistribution\Download\0c6e0ca46352c47f77e820c13f5be83d\spmsg.dll
+ 2010-02-10 19:31 . 2011-04-22 21:05 45056 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
- 2010-02-10 19:31 . 2010-12-16 01:02 45056 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\wordicon.exe
+ 2010-02-10 19:31 . 2011-04-22 21:05 22528 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
- 2010-02-10 19:31 . 2010-12-16 01:02 22528 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\unbndico.exe
+ 2010-02-10 19:31 . 2011-04-22 21:05 16384 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2010-02-10 19:31 . 2010-12-16 01:02 16384 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\PEicons.exe
- 2010-02-10 19:31 . 2010-12-16 01:02 34304 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\misc.exe
+ 2010-02-10 19:31 . 2011-04-22 21:05 34304 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\misc.exe
- 2010-02-10 19:31 . 2010-12-16 01:02 3584 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2010-02-10 19:31 . 2011-04-22 21:05 3584 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\opwicon.exe
+ 2010-02-10 19:31 . 2011-04-22 21:05 8192 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2010-02-10 19:31 . 2010-12-16 01:02 8192 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\mspicons.exe
- 2010-02-10 19:31 . 2010-12-16 01:02 2560 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2010-02-10 19:31 . 2011-04-22 21:05 2560 c:\windows\Installer\{911B0409-6000-11D3-8CFE-0050048383C9}\cagicon.exe
- 2004-08-04 10:00 . 2008-06-20 17:46 245248 c:\windows\system32\mswsock.dll
+ 2004-08-04 10:00 . 2008-06-20 16:02 245248 c:\windows\system32\mswsock.dll
- 2004-08-04 10:00 . 2009-12-09 05:53 726528 c:\windows\system32\jscript.dll
+ 2004-08-04 10:00 . 2011-03-04 06:37 726528 c:\windows\system32\jscript.dll
+ 2004-08-04 10:00 . 2008-10-16 14:43 138496 c:\windows\system32\drivers\afd.sys
- 2004-08-04 10:00 . 2008-08-14 10:04 138496 c:\windows\system32\drivers\afd.sys
+ 2004-08-04 10:00 . 2011-03-03 06:55 149504 c:\windows\system32\dnsapi.dll
+ 2009-03-08 12:33 . 2011-03-04 06:37 420864 c:\windows\system32\dllcache\vbscript.dll
- 2008-06-20 17:46 . 2008-06-20 17:46 245248 c:\windows\system32\dllcache\mswsock.dll
+ 2008-06-20 17:46 . 2008-06-20 16:02 245248 c:\windows\system32\dllcache\mswsock.dll
- 2009-03-08 12:33 . 2009-12-09 05:53 726528 c:\windows\system32\dllcache\jscript.dll
+ 2009-03-08 12:33 . 2011-03-04 06:37 726528 c:\windows\system32\dllcache\jscript.dll
+ 2008-06-20 17:46 . 2011-03-03 06:55 149504 c:\windows\system32\dllcache\dnsapi.dll
- 2008-06-20 11:40 . 2008-08-14 10:04 138496 c:\windows\system32\dllcache\afd.sys
+ 2008-06-20 11:40 . 2008-10-16 14:43 138496 c:\windows\system32\dllcache\afd.sys
- 2011-04-12 17:08 . 2010-07-05 13:16 382840 c:\windows\SoftwareDistribution\Download\ffb0305b84be976e368f4bfa04459a05\update\updspapi.dll
- 2011-04-12 17:08 . 2010-07-05 13:15 755576 c:\windows\SoftwareDistribution\Download\ffb0305b84be976e368f4bfa04459a05\update\update.exe
- 2011-04-12 17:08 . 2010-07-05 13:15 231288 c:\windows\SoftwareDistribution\Download\ffb0305b84be976e368f4bfa04459a05\spuninst.exe
- 2011-04-12 17:09 . 2010-07-05 13:16 382840 c:\windows\SoftwareDistribution\Download\fd871d0f75f00e3b5f81b99f1bc42aeb\update\updspapi.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 755576 c:\windows\SoftwareDistribution\Download\fd871d0f75f00e3b5f81b99f1bc42aeb\update\update.exe
- 2011-04-12 17:09 . 2010-07-05 13:15 231288 c:\windows\SoftwareDistribution\Download\fd871d0f75f00e3b5f81b99f1bc42aeb\spuninst.exe
- 2011-04-12 17:08 . 2009-05-26 11:40 382840 c:\windows\SoftwareDistribution\Download\e6d6fc63553b9d9105fc846261a4264c\update\updspapi.dll
- 2011-04-12 17:08 . 2009-05-26 11:40 755576 c:\windows\SoftwareDistribution\Download\e6d6fc63553b9d9105fc846261a4264c\update\update.exe
- 2011-04-12 17:08 . 2009-05-26 11:40 231288 c:\windows\SoftwareDistribution\Download\e6d6fc63553b9d9105fc846261a4264c\spuninst.exe
- 2011-04-12 17:09 . 2010-07-05 13:16 382840 c:\windows\SoftwareDistribution\Download\b5f880834ad67f3d383ffff5f2fa46bd\update\updspapi.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 755576 c:\windows\SoftwareDistribution\Download\b5f880834ad67f3d383ffff5f2fa46bd\update\update.exe
- 2011-04-12 17:09 . 2010-07-05 13:15 231288 c:\windows\SoftwareDistribution\Download\b5f880834ad67f3d383ffff5f2fa46bd\spuninst.exe
- 2011-04-12 17:09 . 2010-07-05 13:16 382840 c:\windows\SoftwareDistribution\Download\6870f168611996e69348307ffc62e858\update\updspapi.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 755576 c:\windows\SoftwareDistribution\Download\6870f168611996e69348307ffc62e858\update\update.exe
- 2011-04-12 17:09 . 2010-07-05 13:15 231288 c:\windows\SoftwareDistribution\Download\6870f168611996e69348307ffc62e858\spuninst.exe
- 2011-04-12 17:09 . 2010-07-05 13:16 382840 c:\windows\SoftwareDistribution\Download\621a08ac003b616bcaa86aa4d4292d50\update\updspapi.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 755576 c:\windows\SoftwareDistribution\Download\621a08ac003b616bcaa86aa4d4292d50\update\update.exe
- 2011-04-12 17:09 . 2010-07-05 13:15 231288 c:\windows\SoftwareDistribution\Download\621a08ac003b616bcaa86aa4d4292d50\spuninst.exe
- 2011-04-12 17:09 . 2010-07-05 13:16 382840 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\update\updspapi.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 755576 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\update\update.exe
- 2011-04-12 17:09 . 2010-07-05 13:15 231288 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\spuninst.exe
- 2011-04-12 17:09 . 2011-02-22 23:27 919552 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\wininet.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 206848 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\occache.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 611840 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\mstime.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 602112 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\msfeeds.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 247808 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\ieproxy.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 184320 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\iepeers.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 743424 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\iedvtool.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 387584 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\iedkcs32.dll
- 2011-04-12 17:09 . 2011-02-22 12:08 173568 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\ie4uinit.exe
- 2011-04-12 17:09 . 2011-02-22 23:06 916480 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\wininet.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 206848 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\occache.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 611840 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\mstime.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 602112 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\msfeeds.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 247808 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\ieproxy.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 184320 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\iepeers.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 743424 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\iedvtool.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 387584 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\iedkcs32.dll
- 2011-04-12 17:09 . 2011-02-18 11:49 173568 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\ie4uinit.exe
- 2011-04-12 17:09 . 2010-07-05 13:16 382840 c:\windows\SoftwareDistribution\Download\299840a657dd26ca3bbf3cee3ec999ba\update\updspapi.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 755576 c:\windows\SoftwareDistribution\Download\299840a657dd26ca3bbf3cee3ec999ba\update\update.exe
- 2011-04-12 17:09 . 2010-07-05 13:15 231288 c:\windows\SoftwareDistribution\Download\299840a657dd26ca3bbf3cee3ec999ba\spuninst.exe
- 2011-04-12 17:08 . 2010-07-05 13:16 382840 c:\windows\SoftwareDistribution\Download\1224f72bda465fea8f2830c4d5b1d65c\update\updspapi.dll
- 2011-04-12 17:08 . 2010-07-05 13:15 755576 c:\windows\SoftwareDistribution\Download\1224f72bda465fea8f2830c4d5b1d65c\update\update.exe
- 2011-04-12 17:08 . 2010-07-05 13:15 231288 c:\windows\SoftwareDistribution\Download\1224f72bda465fea8f2830c4d5b1d65c\spuninst.exe
- 2011-04-12 17:08 . 2011-02-17 13:19 457472 c:\windows\SoftwareDistribution\Download\1224f72bda465fea8f2830c4d5b1d65c\SP3QFE\mrxsmb.sys
- 2011-04-12 17:08 . 2011-02-17 13:18 455936 c:\windows\SoftwareDistribution\Download\1224f72bda465fea8f2830c4d5b1d65c\SP3GDR\mrxsmb.sys
- 2011-04-12 17:09 . 2010-07-05 13:16 382840 c:\windows\SoftwareDistribution\Download\0c6e0ca46352c47f77e820c13f5be83d\update\updspapi.dll
- 2011-04-12 17:09 . 2010-07-05 13:15 755576 c:\windows\SoftwareDistribution\Download\0c6e0ca46352c47f77e820c13f5be83d\update\update.exe
- 2011-04-12 17:09 . 2010-07-05 13:15 231288 c:\windows\SoftwareDistribution\Download\0c6e0ca46352c47f77e820c13f5be83d\spuninst.exe
+ 2011-04-22 21:04 . 2010-03-10 06:15 420352 c:\windows\ie8updates\KB2510531-IE8\vbscript.dll
+ 2011-04-22 21:04 . 2010-07-05 13:16 382840 c:\windows\ie8updates\KB2510531-IE8\spuninst\updspapi.dll
+ 2011-04-22 21:04 . 2010-07-05 13:15 231288 c:\windows\ie8updates\KB2510531-IE8\spuninst\spuninst.exe
+ 2011-04-22 21:04 . 2009-12-09 05:53 726528 c:\windows\ie8updates\KB2510531-IE8\jscript.dll
- 2011-04-12 17:08 . 2010-10-23 00:51 1748992 c:\windows\SoftwareDistribution\Download\e6d6fc63553b9d9105fc846261a4264c\SP3QFE\asms\10\msft\windows\gdiplus\gdiplus.dll
- 2011-04-12 17:08 . 2010-10-23 00:51 1748992 c:\windows\SoftwareDistribution\Download\e6d6fc63553b9d9105fc846261a4264c\asms\10\msft\windows\gdiplus\gdiplus.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 1212928 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\urlmon.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 5964800 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\mshtml.dll
- 2011-04-12 17:09 . 2011-02-22 23:27 1992192 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3QFE\iertutil.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 1210880 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\urlmon.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 5962240 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\mshtml.dll
- 2011-04-12 17:09 . 2011-02-22 23:06 1991680 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\iertutil.dll
+ 2011-02-25 21:25 . 2011-02-25 21:25 7968256 c:\windows\Installer\e67db.msp
+ 2010-02-07 17:31 . 2011-04-22 21:06 39828936 c:\windows\system32\MRT.exe
- 2011-04-12 17:08 . 2011-02-22 23:06 11080704 c:\windows\SoftwareDistribution\Download\4a68e5ecf881bfdf9f622e39f79b4af0\SP3GDR\ieframe.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-01 39408]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-26 95632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-05 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-05 114688]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2009-11-26 54672]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-30 421888]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-02 421160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-9 28672]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\EA Games\\Battlefield Play4Free\\BFP4f.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R1 MpKsl63ee39c6;MpKsl63ee39c6;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{70F1C903-9158-47D5-831A-3C0F289CCF01}\MpKsl63ee39c6.sys [4/26/2011 3:18 PM 28752]
S1 MpKsl46604889;MpKsl46604889;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{037062A2-A3C8-4675-8F64-545B8E67D4E6}\MpKsl46604889.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{037062A2-A3C8-4675-8F64-545B8E67D4E6}\MpKsl46604889.sys [?]
S1 MpKslaa63e57d;MpKslaa63e57d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3F05E9A3-A01E-4E37-B0D1-B95F640C087C}\MpKslaa63e57d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{3F05E9A3-A01E-4E37-B0D1-B95F640C087C}\MpKslaa63e57d.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 2:16 PM 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [8/31/2010 9:51 PM 136176]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [2/7/2010 1:01 AM 20160]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 2:16 PM 753504]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL63EE39C6
*Deregistered* - klmd25
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-19 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 19:50]
.
2011-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-01 04:51]
.
2011-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-01 04:51]
.
2011-04-26 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 20:26]
.
2011-04-26 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAEXEC.exe [2009-08-03 22:07]
.
2011-04-26 c:\windows\Tasks\User_Feed_Synchronization-{5AA11E49-BEA3-480F-980F-0F4A85FF826C}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 12:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.com/
uInternet Settings,ProxyOverride = *.local
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.26.2.cab
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2011-04-26 15:37
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-117609710-583907252-839522115-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,87,43,64,31,c8,19,e8,45,af,c4,04,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,0a,19,95,34,8c,94,dc,48,a4,e1,06,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,0a,19,95,34,8c,94,dc,48,a4,e1,06,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(748)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-04-26 15:39:32
ComboFix-quarantined-files.txt 2011-04-26 22:39
ComboFix2.txt 2011-04-26 14:35
ComboFix3.txt 2011-04-25 02:50
ComboFix4.txt 2011-04-22 20:36
.
Pre-Run: 75,482,714,112 bytes free
Post-Run: 75,528,904,704 bytes free
.
- - End Of File - - BD0E348A5D4387CA22A37D1576BF1D57
Help
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.
This topic is locked
Back to top
