sending as an attachment as well as posting in segments,
part 1
ComboFix 09-11-05.01 - Auberey 11/06/2009 10:20.2.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2037.1133 [GMT -5:00]
Running from: c:\users\Auberey\Desktop\ComboFix.exe
Command switches used :: c:\users\Auberey\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_TDSSSERV.SYS
-------\Legacy_TDSSSERV.SYS
((((((((((((((((((((((((( Files Created from 2009-10-06 to 2009-11-06 )))))))))))))))))))))))))))))))
.
2009-11-06 15:27 . 2009-11-06 15:31 -------- d-----w- c:\users\Auberey\AppData\Local\temp
2009-11-06 15:27 . 2009-11-06 15:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-05 22:36 . 2009-11-05 22:36 -------- d-----w- c:\program files\Trend Micro
2009-11-05 21:19 . 2009-11-05 21:19 -------- d-----w- c:\users\Auberey\AppData\Roaming\Malwarebytes
2009-11-05 21:19 . 2009-09-10 19:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-05 21:19 . 2009-11-05 21:19 4096 d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-05 21:19 . 2009-11-05 21:19 -------- d-----w- c:\programdata\Malwarebytes
2009-11-05 21:19 . 2009-09-10 19:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-05 02:52 . 2009-11-05 02:52 -------- d-----w- c:\program files\ESET
2009-11-05 00:07 . 2009-09-10 14:58 310784 ----a-w- c:\windows\system32\unregmp2.exe
2009-11-05 00:07 . 2009-09-10 14:59 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2009-11-04 18:40 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-11-04 18:40 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-11-04 18:40 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-11-04 18:40 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-11-04 18:40 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll
2009-11-04 18:40 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-11-04 18:40 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll
2009-11-04 18:40 . 2009-08-07 00:23 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-11-04 18:40 . 2009-08-06 23:44 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-11-01 01:54 . 2009-11-01 01:54 -------- d-----w- C:\$AVG
2009-11-01 01:53 . 2009-11-01 01:53 -------- d-----w- c:\programdata\avg9
2009-10-21 12:38 . 2009-10-06 12:15 2064152 ----a-w- c:\programdata\avg8\update\backup\avgcorex.dll
2009-10-21 11:37 . 2009-10-21 11:40 -------- d-----w- c:\windows\system32\ca-ES
2009-10-21 11:37 . 2009-10-21 11:39 -------- d-----w- c:\windows\system32\eu-ES
2009-10-21 11:37 . 2009-10-21 11:39 -------- d-----w- c:\windows\system32\vi-VN
2009-10-21 11:15 . 2009-10-21 11:15 -------- d-----w- c:\windows\system32\EventProviders
2009-10-20 17:12 . 2009-04-11 06:28 406528 ----a-w- c:\windows\system32\msvcp60.dll
2009-10-20 17:11 . 2009-04-11 06:28 177664 ----a-w- c:\windows\system32\WSDMon.dll
2009-10-20 17:10 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll
2009-10-20 16:39 . 2009-09-10 16:48 218624 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-20 16:39 . 2009-08-04 12:34 3600456 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-20 16:39 . 2009-08-04 12:34 3548216 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-20 16:33 . 2009-09-04 11:41 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-20 16:32 . 2009-09-14 09:29 144896 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-20 16:30 . 2009-05-08 12:53 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-10-20 16:23 . 2009-10-01 14:29 195440 ----a-w- c:\windows\system32\MpSigStub.exe
2009-10-20 15:47 . 2009-10-20 15:47 3584 ----a-r- c:\users\Auberey\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
2009-10-20 15:47 . 2009-10-20 15:47 -------- d-----w- c:\program files\Windows Installer Clean Up
2009-10-20 15:47 . 2009-10-20 15:47 -------- d-----w- c:\program files\MSECACHE
2009-10-20 15:28 . 2009-10-20 15:28 86016 ----a-w- c:\programdata\NOS\Adobe_Downloads\arh.exe
2009-10-17 12:50 . 2009-10-06 12:15 2023704 ----a-w- c:\programdata\avg8\update\backup\avgtray.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-11-06 14:29 . 2008-12-31 22:47 -------- d-----w- c:\users\Auberey\AppData\Roaming\WTablet
2009-11-04 23:57 . 2009-03-23 03:34 117760 ----a-w- c:\users\Auberey\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-11-04 13:17 . 2008-09-17 13:09 -------- d-----w- c:\programdata\avg8(1304)
2009-11-04 12:41 . 2009-04-20 14:00 1356 ----a-w- c:\users\Auberey\AppData\Local\d3d9caps.dat
2009-11-04 03:27 . 2008-09-18 16:04 4096 d-----w- c:\program files\Common Files\Adobe
2009-11-01 21:22 . 2008-09-17 13:09 -------- d-----w- c:\programdata\avg8(1318)
2009-11-01 19:55 . 2008-09-17 13:09 -------- d-----w- c:\programdata\avg8(1048)
2009-11-01 19:17 . 2008-09-17 13:09 -------- d-----w- c:\programdata\avg8(1132)
2009-11-01 01:53 . 2008-09-17 13:09 -------- d-----w- c:\program files\AVG
2009-10-21 11:40 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-10-21 11:40 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-10-21 11:40 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Sidebar
2009-10-21 11:40 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Journal
2009-10-21 11:40 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Collaboration
2009-10-21 11:40 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Photo Gallery
2009-10-21 11:40 . 2006-11-02 12:37 4096 d-----w- c:\program files\Windows Defender
2009-10-21 11:37 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-10-21 11:35 . 2009-10-21 11:35 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-10-20 15:52 . 2008-09-18 16:00 4096 d-----w- c:\programdata\NOS
2009-10-17 14:56 . 2008-09-17 13:11 4096 d-----w- c:\program files\SUPERAntiSpyware
2009-10-06 12:15 . 2009-10-07 13:59 1142552 ----a-w- c:\programdata\avg8\update\backup\avgupd.exe
2009-10-05 23:32 . 2008-11-01 21:34 3766 --sha-w- c:\programdata\KGyGaAvL.sys
2009-10-05 23:32 . 2008-11-01 21:34 3766 --sha-w- c:\programdata\KGyGaAvL.sys
2009-10-05 23:32 . 2008-11-01 21:34 168 --sha-r- c:\programdata\46F4CA0B28.sys
2009-10-05 23:32 . 2008-11-01 21:34 168 --sha-r- c:\programdata\46F4CA0B28.sys
2009-09-26 18:45 . 2009-09-25 01:49 126970 ----a-w- c:\users\Auberey\AppData\Roaming\Move Networks\uninstall.exe
2009-09-26 18:45 . 2009-08-03 21:48 4187512 ----a-w- c:\users\Auberey\AppData\Roaming\Move Networks\plugins\npqmp071505000010.dll
2009-09-25 01:49 . 2009-06-16 06:35 4183416 ----a-w- c:\users\Auberey\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll
2009-09-18 03:47 . 2009-09-18 03:47 45 ----a-w- c:\users\Auberey\jagex_runescape_preferences2.dat
2009-09-18 03:47 . 2009-09-18 03:46 37 ----a-w- c:\users\Auberey\jagex_runescape_preferences.dat
2009-09-09 23:19 . 2008-09-17 10:18 4096 d-----w- c:\program files\Microsoft Silverlight
2009-09-07 22:33 . 2009-09-07 22:33 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2009-09-07 19:53 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-09-07 19:53 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-09-07 19:36 . 2008-11-22 05:57 4096 d-----w- c:\program files\Java
2009-09-07 18:45 . 2009-09-07 18:45 -------- d-----w- c:\users\Auberey\AppData\Roaming\PeerNetworking
2009-08-29 00:27 . 2009-09-02 23:20 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-29 00:14 . 2009-09-02 23:20 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-27 05:22 . 2009-10-20 16:38 916480 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 05:17 . 2009-10-20 16:38 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-08-27 05:17 . 2009-10-20 16:38 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-08-27 03:42 . 2009-10-20 16:38 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-08-26 16:43 . 2008-09-16 21:34 140960 ----a-w- c:\users\Auberey\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-18 03:33 . 2009-08-18 03:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-15 12:36 . 2009-02-02 14:48 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-08-15 12:36 . 2008-09-17 13:10 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-08-15 12:36 . 2008-09-17 13:10 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-08-14 16:27 . 2009-09-09 17:40 904776 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 15:53 . 2009-09-09 17:40 17920 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 13:49 . 2009-09-09 17:40 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 13:49 . 2009-09-09 17:40 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 13:49 . 2009-09-09 17:40 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 13:49 . 2009-09-09 17:40 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 13:49 . 2009-09-09 17:40 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 13:49 . 2009-09-09 17:40 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 13:49 . 2009-09-09 17:40 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 13:48 . 2009-09-09 17:40 30720 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2009-08-14 13:48 . 2009-09-09 17:40 105984 ----a-w- c:\windows\system32\netiohlp.dll
2009-01-13 20:56 . 2009-01-06 22:43 88 --sh--r- c:\windows\System32\46F4CA0B28.sys
2009-01-13 20:59 . 2009-01-06 22:43 952 --sha-w- c:\windows\System32\KGyGaAvL.sys
2009-06-19 19:15 . 2009-06-19 19:15 8975 --sh--w- c:\windows\System32\vudigoyi.exe