ComboFix 11-05-04.04 - Dad 06/05/2011  16:10:59.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.511.167 [GMT 1:00]
Running from: c:\documents and settings\Dad\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Dad\Application Data\.#
c:\documents and settings\Dad\WINDOWS
c:\windows\system32\_000005_.tmp.dll
c:\windows\system32\ccrpTmr6.dll
c:\windows\XSxS
d:\recycler\S-1-5-18\Dd1\amd64\filterpipelineprintproc.dll
d:\recycler\S-1-5-18\Dd1\amd64\mxdwdrv.dll
d:\recycler\S-1-5-18\Dd1\amd64\xpssvcs.dll
d:\recycler\S-1-5-18\Dd1\i386\filterpipelineprintproc.dll
d:\recycler\S-1-5-18\Dd1\i386\mxdwdrv.dll
d:\recycler\S-1-5-18\Dd1\i386\xpssvcs.dll
.
.
(((((((((((((((((((((((((   Files Created from 2011-04-06 to 2011-05-06  )))))))))))))))))))))))))))))))
.
.
2011-05-06 16:58 . 2011-05-06 16:58	--------	d-----w-	c:\documents and settings\Default User\Application Data\Trusteer
2011-05-06 12:48 . 2011-05-06 12:48	28752	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D6D7F42E-DA7F-4DF8-AC16-182AF1479004}\MpKslbc69141f.sys
2011-05-06 04:42 . 2011-04-10 23:04	7071056	----a-w-	c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D6D7F42E-DA7F-4DF8-AC16-182AF1479004}\mpengine.dll
2011-05-06 04:09 . 2011-05-06 04:09	--------	d-----w-	c:\windows\system32\wbem\Repository
2011-05-06 04:07 . 2011-05-06 04:08	--------	d-----w-	c:\program files\Calibre2
2011-05-06 04:06 . 2011-05-06 04:06	--------	d-----w-	c:\documents and settings\All Users\Application Data\24157
2011-04-25 06:03 . 2011-04-25 06:03	--------	d-----w-	c:\documents and settings\All Users\Application Data\2035B
2011-04-21 17:44 . 2011-04-21 17:47	--------	d-----w-	c:\documents and settings\All Users\Application Data\Bluetooth
2011-04-21 16:41 . 2011-04-21 16:41	--------	d-----w-	c:\documents and settings\Dad\Local Settings\Application Data\Ilivid Player
2011-04-21 16:28 . 2011-04-21 16:50	--------	d-----w-	c:\program files\iLivid
2011-04-21 16:19 . 2011-04-21 16:19	--------	d-----w-	c:\documents and settings\Dad\Application Data\searchquband
2011-04-21 16:17 . 2011-04-21 16:21	--------	d-----w-	c:\documents and settings\Dad\Application Data\searchqutoolbar
2011-04-21 16:12 . 2011-04-21 16:28	--------	d-----w-	c:\program files\Windows iLivid Toolbar
2011-04-19 09:45 . 2011-02-23 16:04	13496	----a-w-	c:\windows\system32\drivers\SmartDefragDriver.sys
2011-04-19 09:45 . 2011-02-23 15:54	29520	----a-w-	c:\windows\system32\SmartDefragBootTime.exe
2011-04-17 16:30 . 2011-04-17 16:30	--------	d-----w-	c:\documents and settings\Dad\Local Settings\Application Data\Trusteer
2011-04-16 18:44 . 2011-04-16 18:44	--------	d-----w-	c:\documents and settings\Dad\Application Data\SUPERAntiSpyware.com
2011-04-16 18:44 . 2011-04-16 18:44	--------	d-----w-	c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-04-16 18:44 . 2011-04-16 18:45	--------	d-----w-	c:\program files\SUPERAntiSpyware
2011-04-14 07:05 . 2011-04-14 07:05	--------	d-----w-	c:\program files\Common Files\Adobe AIR
2011-04-13 11:04 . 2011-04-13 11:04	--------	d-----w-	c:\documents and settings\Dad\Application Data\Audacity
2011-04-13 05:48 . 2011-04-13 05:55	--------	d-----w-	c:\documents and settings\Dad\Local Settings\Application Data\NCH_EN
2011-04-13 05:45 . 2011-04-13 05:48	--------	d-----w-	c:\documents and settings\Dad\Local Settings\Application Data\Conduit
2011-04-11 17:06 . 2011-04-11 17:06	--------	d-----w-	c:\windows\system32\winrm
2011-04-11 17:06 . 2011-04-11 17:06	--------	dc-h--w-	c:\windows\$968930Uinstall_KB968930$
2011-04-11 11:51 . 2011-04-11 11:51	--------	d-----w-	c:\program files\Audacity 1.3 Beta (Unicode)
2011-04-10 21:19 . 2011-04-10 21:19	--------	d-----r-	c:\program files\Skype
2011-04-10 18:51 . 2011-04-10 18:51	--------	d-----w-	c:\program files\FreeApps
2011-04-10 18:50 . 2011-04-10 18:50	--------	d-----w-	c:\documents and settings\All Users\Application Data\FreeApp
2011-04-10 18:30 . 2011-04-10 18:30	--------	d-----w-	c:\documents and settings\All Users\Application Data\IObit
2011-04-10 17:00 . 2011-04-10 17:43	--------	d-----w-	c:\documents and settings\All Users\Application Data\PC Tools
2011-04-10 16:25 . 2011-04-12 18:10	--------	d-----w-	c:\documents and settings\All Users\Application Data\aOn01804nPaNk01804
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-22 16:59 . 2011-03-22 16:59	53816	----a-w-	c:\windows\system32\drivers\RapportKELL.sys
2011-03-21 19:15 . 2010-12-05 07:01	103	-c--a-w-	c:\windows\~ACROBAT.TMP
2011-03-07 05:33 . 2010-01-29 15:01	692736	----a-w-	c:\windows\system32\inetcomm.dll
2011-03-04 06:37 . 2010-04-14 10:11	420864	----a-w-	c:\windows\system32\vbscript.dll
2011-03-03 13:21 . 2009-02-19 17:09	1857920	----a-w-	c:\windows\system32\win32k.sys
2011-02-22 23:06 . 2010-06-10 19:32	1469440	------w-	c:\windows\system32\inetcpl.cpl
2011-02-22 23:06 . 2001-08-23 12:00	916480	----a-w-	c:\windows\system32\wininet.dll
2011-02-22 23:06 . 2001-08-23 12:00	43520	----a-w-	c:\windows\system32\licmgr10.dll
2011-02-22 11:41 . 2009-02-15 07:35	385024	------w-	c:\windows\system32\html.iec
2011-02-18 16:36 . 2010-10-30 13:35	41984	----a-w-	c:\windows\system32\drivers\usbaapl.sys
2011-02-18 16:36 . 2010-10-30 13:35	4184352	----a-w-	c:\windows\system32\usbaaplrc.dll
2011-02-17 13:18 . 2009-02-19 17:09	455936	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-02-17 13:18 . 2009-02-19 17:09	357888	----a-w-	c:\windows\system32\drivers\srv.sys
2011-02-17 12:32 . 2009-04-15 05:40	5120	----a-w-	c:\windows\system32\xpsp4res.dll
2011-02-15 12:56 . 2001-08-23 12:00	290432	----a-w-	c:\windows\system32\atmfd.dll
2011-02-09 13:53 . 2003-03-31 12:00	270848	----a-w-	c:\windows\system32\sbe.dll
2011-02-09 13:53 . 2003-03-31 12:00	186880	----a-w-	c:\windows\system32\encdec.dll
2011-02-08 13:33 . 2001-08-23 12:00	978944	----a-w-	c:\windows\system32\mfc42.dll
2011-02-08 13:33 . 2001-08-23 12:00	974848	----a-w-	c:\windows\system32\mfc42u.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-04-11 39408]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-03-16 2423752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-01-20 2548552]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2010-11-30 997408]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"NvMediaCenter"="c:\windows\System32\NVMCTRAY.DLL" [2008-05-16 86016]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2011-4-21 1183744]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 22:21	548352	----a-w-	c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^Dad^Start Menu^Programs^Startup^Logitech . Product Registration.lnk]
backup=c:\windows\pss\Logitech . Product Registration.lnkStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ad-Watch
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus Photo R200 Series
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark 1200 Series
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSSE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wisdom-soft ScreenHunter 5.1 Free]
0 [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2007-10-30 20:07	140568	----a-w-	c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2007-10-30 20:11	909208	----a-w-	c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 3]
2011-03-25 09:38	2402512	----a-w-	c:\program files\IObit\Advanced SystemCare 3\AWC.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
2011-04-01 16:25	2228536	----a-w-	c:\program files\CCleaner\CCleaner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO Internet Security]
2011-01-20 22:45	2548552	----a-w-	c:\program files\COMODO\COMODO Internet Security\cfp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DigitalHomeSupport.exe]
2010-03-12 15:52	4314352	----a-w-	c:\program files\Virgin Media\Digital Home Support\DigitalHomeSupport.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DT HPW]
2007-06-29 16:56	278528	------w-	c:\program files\Portrait Displays\HP My Display\dthtml.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus SX200 Series]
2007-12-13 06:00	188928	----a-w-	c:\windows\system32\spool\drivers\w32x86\3\E_FATIEFE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeApp]
2011-04-10 18:51	814496	----a-w-	c:\program files\FreeApps\FreeApps.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HsdClient.exe]
2010-03-02 08:28	2045168	----a-w-	c:\program files\Virgin Media\Chat Extension\HsdClient.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Security 360]
2010-06-11 17:14	1280344	----a-w-	c:\program files\IObit\IObit Security 360\is360tray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Vid]
2010-05-11 15:43	6061400	----a-w-	c:\program files\Logitech\Logitech Vid\Vid.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
2010-05-07 17:35	165208	----a-w-	c:\program files\Logitech\LWS\Webcam Software\LWS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12	1695232	------w-	c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
2001-07-09 09:50	155648	------r-	c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-16 14:01	13529088	----a-w-	c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-16 14:01	86016	----a-w-	c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2008-05-16 14:01	1630208	----a-w-	c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-04-01 17:17	17093512	----a-r-	c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-10-11 04:17	149280	------w-	c:\program files\Java\jre6\bin\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2011-04-11 11:54	39408	----a-w-	c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
2007-10-30 20:06	2595616	----a-w-	c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"BlueSoleil Hid Service"=2 (0x2)
"TryAndDecideService"=2 (0x2)
"NVSvc"=2 (0x2)
"DTSRVC"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"ose"=3 (0x3)
"gusvc"=3 (0x3)
"gupdate1c9a9f28a7769d2"=2 (0x2)
"getPlus(R) Helper"=3 (0x3)
"ALG"=3 (0x3)
"MsMpSvc"=2 (0x2)
"LVPrcSrv"=2 (0x2)
"idsvc"=3 (0x3)
"cmdAgent"=2 (0x2)
"Bonjour Service"=2 (0x2)
"HsdService"=2 (0x2)
"ServicepointService"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Virgin Media\\Digital Home Support\\ServicepointService.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Logitech\\Logitech Vid\\Vid.exe"=
"c:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Windows iLivid Toolbar\\ToolBar\\dtUser.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management 
.
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [22/03/2011 17:59 53816]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [19/04/2011 10:45 13496]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [11/09/2010 00:40 239368]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [11/09/2010 00:40 27576]
R1 MpKslbc69141f;MpKslbc69141f;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D6D7F42E-DA7F-4DF8-AC16-182AF1479004}\MpKslbc69141f.sys [06/05/2011 13:48 28752]
R1 RapportCerberus_26169;RapportCerberus_26169;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\26169\RapportCerberus_26169.sys [20/04/2011 15:51 57144]
R1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [22/03/2011 17:59 66360]
R1 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [22/03/2011 17:59 158904]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 19:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/05/2010 19:41 67656]
R2 nvTUNEP;nVidia WDM TVTuner;c:\windows\system32\drivers\NVTUNEP.SYS [15/02/2009 07:00 18128]
R2 nvtvSND;nVidia WDM TVAudio Crossbar;c:\windows\system32\drivers\NVTVSND.SYS [15/02/2009 07:00 45072]
R2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [22/03/2011 17:59 870200]
S1 MpKsl0629e30e;MpKsl0629e30e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C017D326-B569-4493-8D9E-E51E44160CB1}\MpKsl0629e30e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C017D326-B569-4493-8D9E-E51E44160CB1}\MpKsl0629e30e.sys [?]
S1 MpKsl10f52bb0;MpKsl10f52bb0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5BC23D12-E0F4-4EC8-8D53-B16D8A95FCE8}\MpKsl10f52bb0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5BC23D12-E0F4-4EC8-8D53-B16D8A95FCE8}\MpKsl10f52bb0.sys [?]
S1 MpKsl153186a4;MpKsl153186a4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C2CCB90-69E5-4504-8678-E58F52C5CE1E}\MpKsl153186a4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C2CCB90-69E5-4504-8678-E58F52C5CE1E}\MpKsl153186a4.sys [?]
S1 MpKsl238408e6;MpKsl238408e6;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FBB6EA6D-1EC6-499E-BCED-5CD55A70AE42}\MpKsl238408e6.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FBB6EA6D-1EC6-499E-BCED-5CD55A70AE42}\MpKsl238408e6.sys [?]
S1 MpKsl25151370;MpKsl25151370;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DB36E674-0003-4263-87F2-A17674115615}\MpKsl25151370.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DB36E674-0003-4263-87F2-A17674115615}\MpKsl25151370.sys [?]
S1 MpKsl2ed6d10e;MpKsl2ed6d10e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{599B9C28-9474-481B-9D00-CA8689B23620}\MpKsl2ed6d10e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{599B9C28-9474-481B-9D00-CA8689B23620}\MpKsl2ed6d10e.sys [?]
S1 MpKsl3be1100f;MpKsl3be1100f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C017D326-B569-4493-8D9E-E51E44160CB1}\MpKsl3be1100f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C017D326-B569-4493-8D9E-E51E44160CB1}\MpKsl3be1100f.sys [?]
S1 MpKsl3dec289b;MpKsl3dec289b;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{31F69953-9C66-4AE2-9B4C-CE48A400EA2B}\MpKsl3dec289b.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{31F69953-9C66-4AE2-9B4C-CE48A400EA2B}\MpKsl3dec289b.sys [?]
S1 MpKsl435e0794;MpKsl435e0794;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D6D7F42E-DA7F-4DF8-AC16-182AF1479004}\MpKsl435e0794.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D6D7F42E-DA7F-4DF8-AC16-182AF1479004}\MpKsl435e0794.sys [?]
S1 MpKsl43c544b2;MpKsl43c544b2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DB36E674-0003-4263-87F2-A17674115615}\MpKsl43c544b2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DB36E674-0003-4263-87F2-A17674115615}\MpKsl43c544b2.sys [?]
S1 MpKsl459eec9f;MpKsl459eec9f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A7013DCD-2257-4E77-9033-8EC102C16230}\MpKsl459eec9f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A7013DCD-2257-4E77-9033-8EC102C16230}\MpKsl459eec9f.sys [?]
S1 MpKsl52b1621d;MpKsl52b1621d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C2CCB90-69E5-4504-8678-E58F52C5CE1E}\MpKsl52b1621d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C2CCB90-69E5-4504-8678-E58F52C5CE1E}\MpKsl52b1621d.sys [?]
S1 MpKsl644c91f3;MpKsl644c91f3;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6AA5FBCB-8821-48AA-AB7B-15015BB7E4AF}\MpKsl644c91f3.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6AA5FBCB-8821-48AA-AB7B-15015BB7E4AF}\MpKsl644c91f3.sys [?]
S1 MpKsl7d219dc0;MpKsl7d219dc0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A7EEC672-CD60-4812-BF24-56DBFADA2960}\MpKsl7d219dc0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A7EEC672-CD60-4812-BF24-56DBFADA2960}\MpKsl7d219dc0.sys [?]
S1 MpKsl83985dd5;MpKsl83985dd5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{93C404AF-D900-4AFC-B05C-D5A43F98D4C7}\MpKsl83985dd5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{93C404AF-D900-4AFC-B05C-D5A43F98D4C7}\MpKsl83985dd5.sys [?]
S1 MpKsl8dc56667;MpKsl8dc56667;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0CAE99DB-1C80-4715-8154-BB745F75D4B1}\MpKsl8dc56667.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0CAE99DB-1C80-4715-8154-BB745F75D4B1}\MpKsl8dc56667.sys [?]
S1 MpKsl8fa511a0;MpKsl8fa511a0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{33425605-2F63-4AB4-B8E1-0B5818D5665E}\MpKsl8fa511a0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{33425605-2F63-4AB4-B8E1-0B5818D5665E}\MpKsl8fa511a0.sys [?]
S1 MpKsl9b362a73;MpKsl9b362a73;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7B373E39-9B19-4415-B1B3-15E4421BEB0E}\MpKsl9b362a73.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7B373E39-9B19-4415-B1B3-15E4421BEB0E}\MpKsl9b362a73.sys [?]
S1 MpKsla4fa046d;MpKsla4fa046d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FBB6EA6D-1EC6-499E-BCED-5CD55A70AE42}\MpKsla4fa046d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FBB6EA6D-1EC6-499E-BCED-5CD55A70AE42}\MpKsla4fa046d.sys [?]
S1 MpKsla9a5970e;MpKsla9a5970e;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{39FC5CA1-2676-43CB-98A0-BAF43CFF9CFE}\MpKsla9a5970e.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{39FC5CA1-2676-43CB-98A0-BAF43CFF9CFE}\MpKsla9a5970e.sys [?]
S1 MpKslad7fd206;MpKslad7fd206;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E142841D-9CDD-4EA7-89BE-AC8FA83B5282}\MpKslad7fd206.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E142841D-9CDD-4EA7-89BE-AC8FA83B5282}\MpKslad7fd206.sys [?]
S1 MpKslb0a33cc3;MpKslb0a33cc3;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{210DE77E-EFD8-4443-917B-4AF91AE239CE}\MpKslb0a33cc3.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{210DE77E-EFD8-4443-917B-4AF91AE239CE}\MpKslb0a33cc3.sys [?]
S1 MpKslb57750a2;MpKslb57750a2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A8D214B9-4B0E-4C7A-88C4-E4B48D9BC652}\MpKslb57750a2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{A8D214B9-4B0E-4C7A-88C4-E4B48D9BC652}\MpKslb57750a2.sys [?]
S1 MpKslbbfb2a61;MpKslbbfb2a61;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1F70299D-8D63-4FE9-A016-7A64BD4AA215}\MpKslbbfb2a61.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1F70299D-8D63-4FE9-A016-7A64BD4AA215}\MpKslbbfb2a61.sys [?]
S1 MpKsld3663946;MpKsld3663946;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7B373E39-9B19-4415-B1B3-15E4421BEB0E}\MpKsld3663946.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7B373E39-9B19-4415-B1B3-15E4421BEB0E}\MpKsld3663946.sys [?]
S1 MpKsld3e5f517;MpKsld3e5f517;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{31F69953-9C66-4AE2-9B4C-CE48A400EA2B}\MpKsld3e5f517.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{31F69953-9C66-4AE2-9B4C-CE48A400EA2B}\MpKsld3e5f517.sys [?]
S1 MpKsld44c914f;MpKsld44c914f;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C52274CA-6383-49BB-9E90-A0B8DF420D83}\MpKsld44c914f.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C52274CA-6383-49BB-9E90-A0B8DF420D83}\MpKsld44c914f.sys [?]
S1 MpKsld5ae9f83;MpKsld5ae9f83;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C2CCB90-69E5-4504-8678-E58F52C5CE1E}\MpKsld5ae9f83.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8C2CCB90-69E5-4504-8678-E58F52C5CE1E}\MpKsld5ae9f83.sys [?]
S1 MpKsld8bc0579;MpKsld8bc0579;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6AA5FBCB-8821-48AA-AB7B-15015BB7E4AF}\MpKsld8bc0579.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6AA5FBCB-8821-48AA-AB7B-15015BB7E4AF}\MpKsld8bc0579.sys [?]
S1 MpKslddd3aea5;MpKslddd3aea5;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{092B3696-3707-484E-9E51-819E008EE18B}\MpKslddd3aea5.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{092B3696-3707-484E-9E51-819E008EE18B}\MpKslddd3aea5.sys [?]
S1 MpKsldfe7e755;MpKsldfe7e755;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C017D326-B569-4493-8D9E-E51E44160CB1}\MpKsldfe7e755.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C017D326-B569-4493-8D9E-E51E44160CB1}\MpKsldfe7e755.sys [?]
S1 MpKsle10525ea;MpKsle10525ea;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0C47AAA1-0EA9-40A9-ACBB-53C36D93EE7D}\MpKsle10525ea.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0C47AAA1-0EA9-40A9-ACBB-53C36D93EE7D}\MpKsle10525ea.sys [?]
S1 MpKsle2490773;MpKsle2490773;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{65487779-B423-4D3A-8E38-13AEDFBF2ED7}\MpKsle2490773.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{65487779-B423-4D3A-8E38-13AEDFBF2ED7}\MpKsle2490773.sys [?]
S1 MpKsle5ad7553;MpKsle5ad7553;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{06A7D30A-381D-482D-B698-B764F6B93403}\MpKsle5ad7553.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{06A7D30A-381D-482D-B698-B764F6B93403}\MpKsle5ad7553.sys [?]
S1 MpKsle7ba65c2;MpKsle7ba65c2;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5D23F14D-8CBC-4C68-9292-6985CAA68E1A}\MpKsle7ba65c2.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5D23F14D-8CBC-4C68-9292-6985CAA68E1A}\MpKsle7ba65c2.sys [?]
S1 MpKsle7dbf0c4;MpKsle7dbf0c4;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{62BE09B1-FEFC-4EF7-8E18-AA6806DD8FC8}\MpKsle7dbf0c4.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{62BE09B1-FEFC-4EF7-8E18-AA6806DD8FC8}\MpKsle7dbf0c4.sys [?]
S1 MpKslec0ec739;MpKslec0ec739;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FBB6EA6D-1EC6-499E-BCED-5CD55A70AE42}\MpKslec0ec739.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{FBB6EA6D-1EC6-499E-BCED-5CD55A70AE42}\MpKslec0ec739.sys [?]
S1 MpKsled2dca41;MpKsled2dca41;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8FE23CCA-C878-49F3-A44D-09367A1384EF}\MpKsled2dca41.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8FE23CCA-C878-49F3-A44D-09367A1384EF}\MpKsled2dca41.sys [?]
S1 MpKslefe274c0;MpKslefe274c0;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{092B3696-3707-484E-9E51-819E008EE18B}\MpKslefe274c0.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{092B3696-3707-484E-9E51-819E008EE18B}\MpKslefe274c0.sys [?]
S1 MpKslf2214ef8;MpKslf2214ef8;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD848965-B72E-44C2-86B7-80AABBB8AB15}\MpKslf2214ef8.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{DD848965-B72E-44C2-86B7-80AABBB8AB15}\MpKslf2214ef8.sys [?]
S1 MpKslf2f61c62;MpKslf2f61c62;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D12EFD51-F5B3-4085-B1EE-8B0F88024FFC}\MpKslf2f61c62.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D12EFD51-F5B3-4085-B1EE-8B0F88024FFC}\MpKslf2f61c62.sys [?]
S1 MpKslf58b6c7d;MpKslf58b6c7d;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E142841D-9CDD-4EA7-89BE-AC8FA83B5282}\MpKslf58b6c7d.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E142841D-9CDD-4EA7-89BE-AC8FA83B5282}\MpKslf58b6c7d.sys [?]
S1 MpKslf5e75b78;MpKslf5e75b78;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EA3C0027-B467-4BD9-9B81-BEB8437CA2B4}\MpKslf5e75b78.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EA3C0027-B467-4BD9-9B81-BEB8437CA2B4}\MpKslf5e75b78.sys [?]
S1 MpKslf85a5ba7;MpKslf85a5ba7;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0CAE99DB-1C80-4715-8154-BB745F75D4B1}\MpKslf85a5ba7.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{0CAE99DB-1C80-4715-8154-BB745F75D4B1}\MpKslf85a5ba7.sys [?]
S2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [10/04/2011 19:30 312152]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [23/08/2001 13:00 14336]
S4 gupdate1c9a9f28a7769d2;Google Update Service (gupdate1c9a9f28a7769d2);c:\program files\Google\Update\GoogleUpdate.exe [21/03/2009 07:59 133104]
S4 HsdService;HsdService;c:\program files\Virgin Media\Chat Extension\HsdService.exe [08/08/2010 19:10 1410288]
S4 ServicepointService;ServicepointService;c:\program files\Virgin Media\Digital Home Support\ServicepointService.exe [08/08/2010 19:08 689392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM	REG_MULTI_SZ   	WINRM
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-20 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 10:50]
.
2011-05-06 c:\windows\Tasks\AWC AutoSweep.job
- c:\program files\IObit\Advanced SystemCare 3\AutoSweep.exe [2011-01-05 13:11]
.
2011-04-23 c:\windows\Tasks\AWC Update.job
- c:\program files\IObit\Advanced SystemCare 3\IObitUpdate.exe [2010-07-15 14:24]
.
2011-05-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-21 06:58]
.
2011-05-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-21 06:58]
.
2011-05-06 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2010-11-11 12:26]
.
2011-05-06 c:\windows\Tasks\SmartDefrag_Startup.job
- c:\program files\IObit\Smart Defrag 2\SmartDefrag.exe [2011-04-10 16:29]
.
.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://www.google.com/ie
uStart Page = hxxp://www.google.co.uk/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
BHO-{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
Toolbar-{a386d4b0-fddb-4e1c-ae61-4f014013cd9b} - (no file)
Toolbar-{37483b40-c254-4a72-bda4-22ee90182c1e} - (no file)
Toolbar-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
Toolbar-10 - (no file)
WebBrowser-{A386D4B0-FDDB-4E1C-AE61-4F014013CD9B} - (no file)
WebBrowser-{37483B40-C254-4A72-BDA4-22EE90182C1E} - (no file)
MSConfigStartUp-Cmaudio - cmicnfg.cpl
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-05-06 16:27
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose, ZwOpenFile
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@DACL=(02 0010)
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
@DACL=(02 0010)
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@DACL=(02 0010)
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10o_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@DACL=(02 0010)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@DACL=(02 0010)
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@DACL=(02 0010)
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@DACL=(02 0010)
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1128)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'lsass.exe'(1184)
c:\windows\system32\guard32.dll
.
- - - - - - - > 'explorer.exe'(4028)
c:\windows\system32\WININET.dll
c:\windows\system32\guard32.dll
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\Antimalware\MsMpEng.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2011-05-06  16:41:27 - machine was rebooted
ComboFix-quarantined-files.txt  2011-05-06 15:41
.
Pre-Run: 10,500,362,240 bytes free
Post-Run: 10,464,927,744 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - CCCB398D477F34DA9E431A0D3F39F77B