Looks like Combofix was successful. Thank you.
DDS (Ver_09-12-01.01) - FAT32x86
Run by ANDREA at 11:55:58.78 on Mon 12/07/2009
Internet Explorer: 6.0.2900.5512
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.573 [GMT -5:00]
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
SVCHOST.EXE
C:\WINDOWS\System32\svchost.exe -k netsvcs
SVCHOST.EXE
SVCHOST.EXE
C:\WINDOWS\system32\spoolsv.exe
SVCHOST.EXE
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Documents and Settings\ANDREA\Desktop\dds.scr
============== Pseudo HJT Report ===============
uStart Page =
hxxp://lenovo.live.com/mStart Page =
hxxp://lenovo.live.com/uInternet Connection Wizard,ShellNext =
hxxp://lenovo.live.com/uURLSearchHooks: N/A: {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\ctbr.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: : {1cb20bf0-bbae-40a7-93f4-6435ff3d0411} - c:\progra~1\crawler\ctbr.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: &Crawler Toolbar: {4b3803ea-5230-4dc3-a7fc-33638f3d3542} - c:\progra~1\crawler\ctbr.dll
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [SpywareTerminatorUpdate] "c:\program files\spyware terminator\SpywareTerminatorUpdate.exe"
uRun: [AdobeUpdater] "c:\program files\common files\adobe\updater5\AdobeUpdater.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AzMixerSel] c:\program files\realtek\audio\installshield\AzMixerSel.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [EnergyUtility] c:\program files\lenovo\energy management\utility.exe
mRun: [Energy Management] c:\program files\lenovo\energy management\Energy Management.exe
mRun: [SpywareTerminator] "c:\program files\spyware terminator\SpywareTerminatorShield.exe"
IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} -
hxxp://cdn.scan.onecare.live.com/resour ... se8942.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
hxxp://download.macromedia.com/pub/shoc ... wflash.cabTCP: {3A01386C-8803-4012-B04E-107D09318A2B} = 83.149.115.182
TCP: {DBCD5A7C-3F71-4DF5-AC8E-2408C141E799} = 83.149.115.182
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\crawler\ctbr.dll
Notify: igfxcui - igfxdev.dll
================= FIREFOX ===================
FF - ProfilePath - c:\docume~1\andrea\applic~1\mozilla\firefox\profiles\lahhk887.default\
FF - prefs.js: keyword.enabled - false
FF - component: c:\program files\crawler\firefox\components\xcomm.dll
FF - component: c:\program files\crawler\firefox\components\xshared.dll
FF - component: c:\program files\crawler\firefox\components\xsupport.dll
FF - component: c:\program files\crawler\firefox\components\xwsg.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [2009-11-29 142592]
R2 System_Repair_UpdateMonitor;System Repair Windows Update Monitor;c:\program files\lenovo\onekey app\system repair\UpdateMonitor.exe [2008-11-3 430080]
R2 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [2008-11-3 47680]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [2008-11-3 9472]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [2008-11-2 157696]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\drivers\rts516xir.sys --> c:\windows\system32\drivers\Rts516xIR.sys [?]
S3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [2008-11-3 81192]
UnknownUnknown vkquwexg;vkquwexg; [x]
=============== Created Last 30 ================
2009-12-07 16:55:50 0 d-sh--w- C:\Recycled
2009-12-07 16:27:29 0 d-sha-r- C:\cmdcons
2009-12-07 16:26:13 98816 ----a-w- c:\windows\sed.exe
2009-12-07 16:26:13 77312 ----a-w- c:\windows\MBR.exe
2009-12-07 16:26:13 260608 ----a-w- c:\windows\PEV.exe
2009-12-07 16:26:13 161792 ----a-w- c:\windows\SWREG.exe
2009-12-02 18:01:16 0 d-----w- c:\windows\SHELLNEW
2009-12-02 16:08:44 0 d-----w- c:\docume~1\andrea\applic~1\GetRightToGo
2009-12-01 02:32:36 0 d-----w- c:\docume~1\alluse~1\applic~1\Applications
2009-11-30 22:31:02 0 d-----w- c:\program files\Crawler
2009-11-30 22:23:43 0 d-----w- c:\program files\WinClamAVShield
2009-11-29 20:03:09 0 d-----w- c:\program files\Trend Micro
2009-11-29 15:26:15 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-11-29 15:26:14 0 d-----w- c:\docume~1\andrea\applic~1\Spyware Terminator
2009-11-29 15:26:12 0 d-----w- c:\docume~1\alluse~1\applic~1\Spyware Terminator
2009-11-29 15:26:11 0 d-----w- c:\program files\Spyware Terminator
2009-11-24 20:06:46 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-11-24 20:06:46 21504 ----a-w- c:\windows\system32\dllcache\hidserv.dll
2009-11-24 20:06:43 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-11-24 20:06:43 14592 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
==================== Find3M ====================
2009-09-25 05:37:12 667136 ------w- c:\windows\system32\wininet.dll
2009-09-25 05:37:12 667136 ------w- c:\windows\system32\dllcache\wininet.dll
2009-09-25 05:37:12 627712 ------w- c:\windows\system32\dllcache\urlmon.dll
2009-09-25 05:37:10 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-25 05:37:10 81920 ------w- c:\windows\system32\dllcache\ieencode.dll
2009-09-25 05:37:10 3070976 ------w- c:\windows\system32\dllcache\mshtml.dll
2009-09-25 05:37:10 1509888 ------w- c:\windows\system32\dllcache\shdocvw.dll
2009-09-11 14:18:40 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-11 14:18:40 136192 ------w- c:\windows\system32\dllcache\msv1_0.dll
2009-09-07 13:07:04 61440 --sha-w- c:\windows\system32\rihepata.dll
2008-11-03 05:12:26 32768 --sha-w- c:\windows\system32\config\systemprofile\local settings\application data\microsoft\feeds cache\index.dat
============= FINISH: 11:56:15.84 ===============
ComboFix 09-12-06.A3 - ANDREA 12/07/2009 11:28.1.2 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.570 [GMT -5:00]
Running from: c:\documents and settings\ANDREA\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\program files\Mozilla Thunderbird\plc4.dll
c:\windows\system32\dibebino.dll
c:\windows\system32\dijuzihi.dll
c:\windows\system32\fihiwiku.dll
c:\windows\system32\herifolu.dll
c:\windows\system32\hisekeke.dll
c:\windows\system32\hulifofa.dll
c:\windows\system32\jahemine.dll
c:\windows\system32\jepadili.dll
c:\windows\system32\jofagime.dll
c:\windows\system32\juborafe.dll
c:\windows\system32\kegojofa.dll
c:\windows\system32\kirasahi.dll
c:\windows\system32\lifeheje.dll
c:\windows\system32\mafomeba.dll
c:\windows\system32\metigime.dll
c:\windows\system32\mujemele.dll
c:\windows\system32\patafudi.dll
c:\windows\system32\pidokobo.dll
c:\windows\system32\rumikegu.dll
c:\windows\system32\samotaso.dll
c:\windows\system32\tidubulu.dll
c:\windows\system32\tizoyate.dll
c:\windows\system32\towozoha.dll
c:\windows\system32\vayojema.dll
c:\windows\system32\vewalimu.dll
c:\windows\system32\vimoveta.dll
c:\windows\system32\wegahuwe.dll
c:\windows\system32\yokanate.dll
c:\windows\system32\yorerufo.dll
c:\windows\system32\zelayira.dll
c:\windows\system32\zigulavo.dll
c:\windows\system32\zotalobe.dll
c:\windows\Tasks\nktyqptn.job
c:\windows\Temp\tmp3.tmp
----- BITS: Possible infected sites -----
hxxp://82.98.235.34.
((((((((((((((((((((((((( Files Created from 2009-11-07 to 2009-12-07 )))))))))))))))))))))))))))))))
.
2009-12-02 18:04 . 2009-12-02 18:04 -------- d-----w- c:\program files\Microsoft Works
2009-12-02 18:03 . 2009-12-02 18:03 -------- d-----w- c:\program files\Microsoft.NET
2009-12-02 18:01 . 2009-12-02 18:01 -------- d-----w- c:\windows\SHELLNEW
2009-12-02 18:01 . 2009-12-02 18:01 -------- d-----w- c:\documents and settings\ANDREA\Local Settings\Application Data\Microsoft Help
2009-12-02 18:00 . 2009-12-02 18:00 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-12-02 17:59 . 2009-12-02 17:59 -------- d-----r- C:\MSOCache
2009-12-02 16:08 . 2009-12-02 16:08 -------- d-----w- c:\documents and settings\ANDREA\Application Data\GetRightToGo
2009-12-01 02:38 . 2009-12-01 02:38 -------- d-----w- c:\program files\Windows Live Safety Center
2009-12-01 02:32 . 2009-12-01 02:32 -------- d-----w- c:\documents and settings\All Users\Application Data\Applications
2009-11-30 22:31 . 2009-11-30 22:31 -------- d-----w- c:\program files\Crawler
2009-11-30 22:23 . 2009-11-30 22:23 -------- d-----w- c:\program files\WinClamAVShield
2009-11-29 20:03 . 2009-11-29 20:03 -------- d-----w- c:\program files\Trend Micro
2009-11-29 15:26 . 2009-11-29 15:26 6144 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
2009-11-29 15:26 . 2009-11-29 15:26 5632 ----a-w- c:\documents and settings\All Users\Application Data\Spyware Terminator\fileobjinfo.sys
2009-11-29 15:26 . 2009-11-29 15:26 142592 ----a-w- c:\windows\system32\drivers\sp_rsdrv2.sys
2009-11-29 15:26 . 2009-11-29 15:26 -------- d-----w- c:\documents and settings\ANDREA\Application Data\Spyware Terminator
2009-11-29 15:26 . 2009-11-29 15:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Spyware Terminator
2009-11-29 15:26 . 2009-11-29 15:26 -------- d-----w- c:\program files\Spyware Terminator
2009-11-25 16:28 . 2009-11-25 17:36 127325 ----a-w- c:\documents and settings\ANDREA\Application Data\Move Networks\uninstall.exe
2009-11-25 16:28 . 2009-11-25 16:28 -------- d-----w- c:\documents and settings\ANDREA\Application Data\Move Networks
2009-11-24 20:06 . 2008-04-14 10:41 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-11-24 20:06 . 2008-04-14 10:41 21504 ----a-w- c:\windows\system32\dllcache\hidserv.dll
2009-11-24 20:06 . 2008-04-14 05:09 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2009-11-24 20:06 . 2008-04-14 05:09 14592 ----a-w- c:\windows\system32\dllcache\kbdhid.sys
2009-11-24 00:54 . 2009-12-03 12:32 79488 ----a-w- c:\documents and settings\ANDREA\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-02 18:09 . 2008-12-26 02:35 72040 ----a-w- c:\documents and settings\ANDREA\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-11-25 17:36 . 2009-08-13 19:21 4187512 ----a-w- c:\documents and settings\ANDREA\Application Data\Move Networks\plugins\npqmp071505000011.dll
2009-09-25 05:37 . 2004-08-04 17:00 667136 ----a-w- c:\windows\system32\wininet.dll
2009-09-25 05:37 . 2004-08-04 17:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2009-09-11 14:18 . 2004-08-04 17:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-07 13:07 . 2009-09-07 13:07 61440 --sha-w- c:\windows\system32\rihepata.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]
"SpywareTerminatorUpdate"="c:\program files\Spyware Terminator\SpywareTerminatorUpdate.exe" [2009-11-29 3055616]
"AdobeUpdater"="c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe" [2008-12-26 2356088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-28 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-28 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-28 137752]
"RTHDCPL"="RTHDCPL.EXE" [2008-07-29 16805888]
"AzMixerSel"="c:\program files\Realtek\Audio\InstallShield\AzMixerSel.exe" [2006-07-18 53248]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-05-23 1146880]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"EnergyUtility"="c:\program files\Lenovo\Energy Management\utility.exe" [2008-07-24 4462464]
"Energy Management"="c:\program files\Lenovo\Energy Management\Energy Management.exe" [2008-07-24 1283984]
"SpywareTerminator"="c:\program files\Spyware Terminator\SpywareTerminatorShield.exe" [2009-11-29 2166784]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\RTHDCPL.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
R1 sp_rsdrv2;Spyware Terminator Driver 2;c:\windows\system32\drivers\sp_rsdrv2.sys [11/29/2009 10:26 AM 142592]
R2 System_Repair_UpdateMonitor;System Repair Windows Update Monitor;c:\program files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [11/3/2008 12:14 AM 430080]
R2 tvtumon;tvtumon;c:\windows\system32\drivers\tvtumon.sys [11/3/2008 12:14 AM 47680]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [11/3/2008 12:42 AM 9472]
R3 RSUSBSTOR;RTS5121.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RTS5121.sys [11/2/2008 11:48 PM 157696]
S3 Rts516xIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys --> c:\windows\system32\DRIVERS\Rts516xIR.sys [?]
S3 WSVD;WSVD;c:\windows\system32\drivers\WSVD.sys [11/3/2008 12:14 AM 81192]
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://lenovo.live.com/mStart Page =
hxxp://lenovo.live.com/uInternet Connection Wizard,ShellNext =
hxxp://lenovo.live.com/IE: Crawler Search - tbr:iemenu
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: {3A01386C-8803-4012-B04E-107D09318A2B} = 83.149.115.182
TCP: {DBCD5A7C-3F71-4DF5-AC8E-2408C141E799} = 83.149.115.182
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\documents and settings\ANDREA\Application Data\Mozilla\Firefox\Profiles\lahhk887.default\
FF - prefs.js: keyword.enabled - false
FF - component: c:\program files\Crawler\firefox\components\xcomm.dll
FF - component: c:\program files\Crawler\firefox\components\xshared.dll
FF - component: c:\program files\Crawler\firefox\components\xsupport.dll
FF - component: c:\program files\Crawler\firefox\components\xwsg.dll
FF - plugin: c:\documents and settings\ANDREA\Application Data\Move Networks\plugins\npqmp071505000011.dll
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHANS REMOVED - - - -
BHO-{a15b9f9d-f1dd-45d4-97b0-953f8bea5600} - mujemele.dll
HKLM-Run-mibarukuv - c:\windows\system32\wegahuwe.dll
HKLM-Run-gayenitiwo - rumikegu.dll
SharedTaskScheduler-{3e3980e6-af09-444a-a92e-93acdda92cf1} - c:\windows\system32\viveveno.dll
SharedTaskScheduler-{998f1872-89d7-491b-b86c-32d8cfd01365} - c:\windows\system32\gokisoso.dll
SharedTaskScheduler-{b30fc82f-ef77-4dc6-82a2-a35e2e533c31} - c:\windows\system32\nowuvaku.dll
SharedTaskScheduler-{4a742859-e009-410b-8bcc-c42d01d6d776} - c:\windows\system32\kiwasuge.dll
SharedTaskScheduler-{e593b2ab-ee71-4196-a53a-fbc360b3fd47} - c:\windows\system32\ritibiji.dll
SharedTaskScheduler-{e1f726a6-3f0f-4c16-85d0-acf9b8deafcb} - c:\windows\system32\pofuzema.dll
SharedTaskScheduler-{98dbdb5f-24ee-4850-bba9-e8b5de1db745} - c:\windows\system32\tiwamora.dll
SharedTaskScheduler-{d8e3e9f0-6ac6-4f5e-a127-9a3af2feb337} - c:\windows\system32\sedutodo.dll
SharedTaskScheduler-{40101169-a63a-4052-b614-6270f1e49c1f} - c:\windows\system32\wegahuwe.dll
SSODL-miziyimug-{3e3980e6-af09-444a-a92e-93acdda92cf1} - c:\windows\system32\viveveno.dll
SSODL-leyoletev-{998f1872-89d7-491b-b86c-32d8cfd01365} - c:\windows\system32\gokisoso.dll
SSODL-zulijanir-{b30fc82f-ef77-4dc6-82a2-a35e2e533c31} - c:\windows\system32\nowuvaku.dll
SSODL-pajafomim-{4a742859-e009-410b-8bcc-c42d01d6d776} - c:\windows\system32\kiwasuge.dll
SSODL-melawinog-{e593b2ab-ee71-4196-a53a-fbc360b3fd47} - c:\windows\system32\ritibiji.dll
SSODL-yovunetay-{e1f726a6-3f0f-4c16-85d0-acf9b8deafcb} - c:\windows\system32\pofuzema.dll
SSODL-feyumopuh-{98dbdb5f-24ee-4850-bba9-e8b5de1db745} - c:\windows\system32\tiwamora.dll
SSODL-dizumehed-{d8e3e9f0-6ac6-4f5e-a127-9a3af2feb337} - c:\windows\system32\sedutodo.dll
SSODL-ramokihuw-{40101169-a63a-4052-b614-6270f1e49c1f} - c:\windows\system32\wegahuwe.dll
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-12-07 11:36
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Completion time: 2009-12-07 11:38 - machine was rebooted
ComboFix-quarantined-files.txt 2009-12-07 16:38
Pre-Run: 99,482,796,032 bytes free
Post-Run: 99,509,108,736 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
- - End Of File - - 58E7AFCED98CC650919FB4FD40AD883C
You do not have the required permissions to view the files attached to this post.