Here is my combofix log:
ComboFix 09-01-10.03 - Stephanie Hobohm 2009-01-11 8:54:41.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.766 [GMT -6:00]
Running from: c:\documents and settings\Stephanie Hobohm\Desktop\1005.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\LocalService\Application Data\twain_32
c:\documents and settings\LocalService\Application Data\twain_32\user.ds
C:\test.txt
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\drivers\TDSSmqct.sys
c:\windows\system32\mfcans32.DLL
c:\windows\system32\mfcuia32.dll
c:\windows\system32\msrdo20.dll
c:\windows\system32\rdocurs.dll
c:\windows\system32\TDSShrxx.dll
c:\windows\system32\TDSSkkai.log
c:\windows\system32\TDSSlxwp.dll
c:\windows\system32\TDSSmtvd.dat
c:\windows\system32\TDSSnmxh.log
c:\windows\system32\TDSSoiqt.dll
c:\windows\system32\TDSSrhyp.log
c:\windows\system32\TDSSsahc.dll
c:\windows\system32\TDSSvkql.dll
c:\windows\system32\TDSSxfum.dll
c:\windows\system32\twain_32
c:\windows\system32\twain_32\local.ds
c:\windows\system32\twain_32\user.ds
c:\windows\system32\twext.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_TDSSserv.sys
-------\Legacy_TDSSserv.sys
((((((((((((((((((((((((( Files Created from 2008-12-11 to 2009-01-11 )))))))))))))))))))))))))))))))
.
2009-01-11 01:15 . 2009-01-11 01:20 <DIR> d-------- c:\program files\Malwarebytes' Anti-Malware
2009-01-11 00:38 . 2008-11-06 02:03 <DIR> d-------- C:\SDFix
2009-01-10 23:49 . 2009-01-10 23:49 <DIR> d-------- c:\program files\Trend Micro
2009-01-10 23:16 . 2009-01-10 23:24 <DIR> d-------- c:\program files\RegistryFix7
2009-01-10 21:50 . 2004-10-21 10:20 <DIR> d-------- c:\documents and settings\Administrator.HOBOHM.000\Application Data\Sonic
2009-01-10 21:50 . 2006-06-15 02:11 <DIR> d-------- c:\documents and settings\Administrator.HOBOHM.000\Application Data\Juniper Networks
2009-01-10 21:50 . 2004-10-21 10:06 <DIR> d-------- c:\documents and settings\Administrator.HOBOHM.000\Application Data\Jasc Software Inc
2009-01-10 21:50 . 2009-01-10 21:50 <DIR> d-------- c:\documents and settings\Administrator.HOBOHM.000
2009-01-06 05:32 . 2000-05-09 12:57 92,208 --a------ c:\windows\SYSTEM\WING.DLL
2009-01-06 05:32 . 2000-05-09 12:57 12,800 --a------ c:\windows\SYSTEM\WING32.DLL
2009-01-06 05:15 . 2009-01-06 05:15 410,984 --a------ c:\windows\SYSTEM32\deploytk.dll
2008-12-21 23:07 . 2008-12-21 23:07 <DIR> d-------- C:\Juniper Networks
2008-12-11 22:05 . 2008-12-22 09:03 54,156 --ah----- c:\windows\QTFont.qfn
2008-12-11 22:05 . 2008-12-11 22:05 1,409 --a------ c:\windows\QTFont.for
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-11 04:58 --------- d-----w c:\documents and settings\All Users\Application Data\SecTaskMan
2009-01-06 17:38 --------- d-----w c:\documents and settings\All Users\Application Data\Zylom
2009-01-06 11:15 --------- d-----w c:\program files\Java
2008-11-16 02:00 46,224 -c--a-w c:\documents and settings\Stephanie Hobohm\Application Data\GDIPFONTCACHEV1.DAT
2008-08-07 02:00 41,560 ----a-w c:\documents and settings\Guest\Application Data\GDIPFONTCACHEV1.DAT
2008-09-22 08:07 32,768 --sha-w c:\windows\SYSTEM32\CONFIG\systemprofile\Local Settings\History\History.IE5\MSHist012008092220080923\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-13 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WildTangent CDA"="c:\program files\WildTangent\Apps\CDA\cdaEngine0400.dll" [2004-05-21 64512]
"UpdateManager"="c:\program files\Common Files\Sonic\Update Manager\sgtray.exe" [2004-01-07 110592]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-01-06 136600]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-10-25 282624]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-10-19 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-10-19 126976]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-13 122939]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 57344]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2006-10-16 1197648]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
c:\documents and settings\Stephanie Hobohm\Start Menu\Programs\Startup\
PictureProject In Touch.lnk - c:\program files\Nikon\PictureProject In Touch\PictureProjectInTouch.exe [2005-03-21 8384512]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ \
0
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Neoteris\\Secure Application Manager\\dsSamProxy.exe"=
"c:\\Program Files\\Octave\\bin\\octave-2.9.13.exe"=
R1 Neofltr;Neoteris TDI Filter - Layered Version;c:\windows\SYSTEM32\DRIVERS\NEOFLTR.sys [2005-03-28 50893]
R4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-01-10 24652]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ecec222a-279d-11d9-8793-000f666bc537}]
\Shell\AutoRun\command - F:\setupSNK.exe
.
- - - - ORPHANS REMOVED - - - -
Toolbar-{5BED3930-2E9E-76D8-BACC-80DF2188D455} - c:\windows\CouponBarIE.dll
WebBrowser-{5BED3930-2E9E-76D8-BACC-80DF2188D455} - c:\windows\CouponBarIE.dll
HKCU-Run-DellSupportCenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mStart Page = hxxp://www.yahoo.com
uInternet Connection Wizard,ShellNext = hxxp://yahoo.sbc.com/dsl
O16 -: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
c:\windows\Downloaded Program Files\Microsoft XML Parser for Java.osd
FF - ProfilePath - c:\documents and settings\Stephanie Hobohm\Application Data\Mozilla\Firefox\Profiles\rry08wbt.stephanie\
FF - prefs.js: browser.search.selectedEngine - Google
FF - plugin: c:\documents and settings\Stephanie Hobohm\Application Data\Mozilla\plugins\NPShipRush_FedEx.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-01-11 09:02:09
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(612)
c:\windows\system32\mobilev.acm
.
------------------------ Other Running Processes ------------------------
.
c:\windows\SYSTEM32\LEXBCES.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\SYSTEM32\wdfmgr.exe
c:\windows\SYSTEM32\rundll32.exe
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\windows\SYSTEM32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-01-11 9:08:47 - machine was rebooted
ComboFix-quarantined-files.txt 2009-01-11 15:07:28
Pre-Run: 17,211,052,032 bytes free
Post-Run: 18,332,950,528 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
165 --- E O F --- 2008-12-19 09:05:47