ComboFix 09-06-12.02 - kd 06/12/2009 17:06.1 - NTFSx86
Microsoft® Windows Vista™ Home Basic 6.0.6001.1.1252.1.1033.18.1021.445 [GMT -5:00]
Running from: c:\users\kd\Desktop\combifias.exe
AV: COMODO Antivirus *On-access scanning disabled* (Updated) {043803A5-4F86-4ef7-AFC5-F6E02A79969B}
FW: COMODO Firewall *disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
SP: COMODO Defense+ *disabled* (Updated) {043803A4-4F86-4ef7-AFC5-F6E02A79969B}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\10114z9cktool2bd5.bin
c:\windows\106125pz9fb.exe
c:\windows\11195z5r9s5eb.ocx
c:\windows\1180059z-a-virus612.ocx
c:\windows\118915otza-virus3cc.cpl
c:\windows\11935zpy503.dll
c:\windows\12147not-9-vzrus435.exe
c:\windows\14z45ha9ktool54e.bin
c:\windows\15173noz5a-vir9s354.dll
c:\windows\15199ha5zto9lbd.exe
c:\windows\15292vi9uz56b.exe
c:\windows\1529adzware1374.cpl
c:\windows\1554thzeat315039.cpl
c:\windows\15839tr9z270.cpl
c:\windows\1594doznloa59r1456.exe
c:\windows\159bs9ealz932.ocx
c:\windows\15z9hief1473.exe
c:\windows\16155hacktzol6b69.dll
c:\windows\16270h9cktooz235.cpl
c:\windows\16650spy7z9.bin
c:\windows\16941nzt-59virus646.bin
c:\windows\16z915irus6a7.cpl
c:\windows\1723zd9war53221.dll
c:\windows\1787not59-virzs7f9.dll
c:\windows\18149vir5s59z.exe
c:\windows\18590wo9z2b9.cpl
c:\windows\18932v9zus3f5.bin
c:\windows\189z75py3ea9.ocx
c:\windows\19049spambzt795.dll
c:\windows\1932zno5-a-vi9us63e.exe
c:\windows\1938woz548e.cpl
c:\windows\19501spyz98.exe
c:\windows\19712s9azbot73f5.bin
c:\windows\198605rzj7a1.dll
c:\windows\19895zpambot53.ocx
c:\windows\19935wzrm2f5.exe
c:\windows\19958troz5c.ocx
c:\windows\19b4szeal558.ocx
c:\windows\1a2a9parsz580.dll
c:\windows\1b59zir1771.bin
c:\windows\1f25t9reat138z1.dll
c:\windows\1f529hreaz22564.ocx
c:\windows\1f75azd9are691.cpl
c:\windows\1z349viru5679.ocx
c:\windows\1z498wor9569.bin
c:\windows\1z521no5-a-vir9s45d.dll
c:\windows\210z7not-a-v9rus3c35.cpl
c:\windows\21450notza-vir9s33a.dll
c:\windows\2179s9z5l2571.cpl
c:\windows\21897n5t-a-zirus95.bin
c:\windows\21957tr9j43bz.dll
c:\windows\21f5download9r8z8.dll
c:\windows\22542troj25z9.cpl
c:\windows\2255viz194.exe
c:\windows\2255znot-a9vir5s766.exe
c:\windows\23277s9ambzt5f5.bin
c:\windows\2338nzt-a-vir9s3c95.cpl
c:\windows\23515sz9mbot285.ocx
c:\windows\2354s9azse2846.cpl
c:\windows\2370nzt-a9vir5s396.exe
c:\windows\2384z5cktool1e19.cpl
c:\windows\23d95pyware756z.exe
c:\windows\23z94not-a-v9r5s123.ocx
c:\windows\24216hackt9zl3d5.dll
c:\windows\24449virz55cc.dll
c:\windows\24459s9yz2d5.cpl
c:\windows\2459troj45z.ocx
c:\windows\245z3spy496.exe
c:\windows\24z79s5ambot63b.ocx
c:\windows\2503downlza5er1319.ocx
c:\windows\25058worm49z.bin
c:\windows\25172troj69z5.exe
c:\windows\2528zn5t-a-vi9us136.ocx
c:\windows\2570zspa59ot318.exe
c:\windows\25795spy60z.cpl
c:\windows\25867not-a-viru93az.ocx
c:\windows\25estzal14489.bin
c:\windows\25z06spy9da5.bin
c:\windows\26179hacktz9l15a.exe
c:\windows\2642195rm76z.bin
c:\windows\265espar9ez157.ocx
c:\windows\268085ot-z-virus15a9.dll
c:\windows\27540spzm5o9cd.cpl
c:\windows\2759spywarz3045.ocx
c:\windows\27974zackto5l765.exe
c:\windows\28060vir5s159z.ocx
c:\windows\28145hacktz9l52.dll
c:\windows\28b3zparse569.dll
c:\windows\28f49hiez3015.cpl
c:\windows\29494spz5095.cpl
c:\windows\29497spzmbot5385.ocx
c:\windows\29509pyware557z.ocx
c:\windows\2951sp5z9re104.bin
c:\windows\2959tr951z0.bin
c:\windows\29659ownloadez695.cpl
c:\windows\29fbaddwa5e95z.exe
c:\windows\29z2159ambot6d4.cpl
c:\windows\29z67not-a95irus728.ocx
c:\windows\2a09th5zf1950.exe
c:\windows\2c9bthrza590964.dll
c:\windows\2de1zpyware15179.cpl
c:\windows\2e5fsp5rsz18229.ocx
c:\windows\2efdspzwa9e655.dll
c:\windows\2f7a9hief1576z.ocx
c:\windows\2fd59parse25z2.cpl
c:\windows\2fe7d5wnlozd9r2562.cpl
c:\windows\2z09sparse2957.bin
c:\windows\2z110tro53c49.cpl
c:\windows\2z11bac5door24409.cpl
c:\windows\2z20spars59152.bin
c:\windows\2z71959rm568.dll
c:\windows\2zcf9tea51429.dll
c:\windows\301z2n5t-a-v9rus7c5.ocx
c:\windows\30259spz49c9.bin
c:\windows\30539wzrm472.ocx
c:\windows\31006trzj259.cpl
c:\windows\3115395amzotba.dll
c:\windows\316fd5w9loader2340z.dll
c:\windows\3227z9orm5205.bin
c:\windows\3235zviru59fb.exe
c:\windows\32597hacktzo5599.dll
c:\windows\3277s9ambo5z52.bin
c:\windows\32995spamboz1ee.bin
c:\windows\33e0vir3z59.cpl
c:\windows\341ea5dware32z9.bin
c:\windows\3529sp9wzre2128.cpl
c:\windows\35642notz9-virus6ef.cpl
c:\windows\35665nzt-a9virus42c.bin
c:\windows\3575zackdo9r2686.dll
c:\windows\3580bazkd9or5594.dll
c:\windows\3584zddware2389.ocx
c:\windows\3586zp9mb5t327.bin
c:\windows\35951hacktooz486.ocx
c:\windows\35c4s9arse528z.ocx
c:\windows\35z709roj56b.bin
c:\windows\365daddwz9e857.dll
c:\windows\372dbac5d9orz819.bin
c:\windows\3793downzoade52389.ocx
c:\windows\37e6spars95832z.ocx
c:\windows\389cspars557z.cpl
c:\windows\3907not-5zvirus185.dll
c:\windows\3915stea99z95.exe
c:\windows\392aspywa5e44z.bin
c:\windows\3955thrzat11758.bin
c:\windows\39cfviz11985.bin
c:\windows\39czd5wnloader2359.ocx
c:\windows\3b79backdozr14519.ocx
c:\windows\3dd5addza9e2684.exe
c:\windows\3e51addzare9324.cpl
c:\windows\3fb7steaz5569.dll
c:\windows\3z165ackdoor1029.dll
c:\windows\3z488not-a-5irus34b9.dll
c:\windows\3z59downloader22339.cpl
c:\windows\3zf05hie921.cpl
c:\windows\403dad5z9re25.dll
c:\windows\4248no5-z-vi9usaf.bin
c:\windows\4264tzrea593632.bin
c:\windows\432zaddwa5e952.dll
c:\windows\43zbaddw5re7489.exe
c:\windows\4454wor92d3z.ocx
c:\windows\4519zot-a-viru5159.cpl
c:\windows\4525sze9l3243.bin
c:\windows\4555hacktozl1d9.ocx
c:\windows\459th9eat2065z.exe
c:\windows\45bzown9oader564.cpl
c:\windows\4615t59zf1503.cpl
c:\windows\46a5spyzare3149.exe
c:\windows\47adownlozder8759.dll
c:\windows\48b9s5a9se529z.ocx
c:\windows\4921threatz5922.cpl
c:\windows\4991do5nloadez9168.dll
c:\windows\49dddownloaderz625.bin
c:\windows\4be5s5eal150z9.bin
c:\windows\4c545dd9are56z.dll
c:\windows\4c99ad5wzre1366.dll
c:\windows\4d89addwar95298z.dll
c:\windows\4df5z5eal9066.exe
c:\windows\4e91th5e9z28267.ocx
c:\windows\4zc5thief9654.dll
c:\windows\501zthief15149.exe
c:\windows\505thiez9250.bin
c:\windows\50644hzckto9l537.ocx
c:\windows\5096downzoader3026.cpl
c:\windows\50z4do9nlo5der152.ocx
c:\windows\51511spy6az9.ocx
c:\windows\5181thi9fz104.ocx
c:\windows\51827hacktzol739.ocx
c:\windows\51983hackzool1c49.dll
c:\windows\51cszarse197.bin
c:\windows\52401troj3zf9.dll
c:\windows\526599rzj35d.dll
c:\windows\5299wz5m679.bin
c:\windows\529spamboz50.ocx
c:\windows\538z5ir30199.bin
c:\windows\5391dowzloa9er1007.dll
c:\windows\54a6addzare2993.exe
c:\windows\54d9addza5e1163.dll
c:\windows\54z3w9rm53b.dll
c:\windows\5571spy60z9.ocx
c:\windows\559ed5wnloader2494z.cpl
c:\windows\55z4steal3079.bin
c:\windows\5662downloaze92032.dll
c:\windows\56e4spzr5e1961.cpl
c:\windows\5706not-a-9ir5z338.dll
c:\windows\5799spars51978z.exe
c:\windows\579cs5ywarez022.cpl
c:\windows\579steal9z9.exe
c:\windows\5812thiez1796.ocx
c:\windows\582zsteal2971.bin
c:\windows\5839virus65dz.exe
c:\windows\58e9stezl1363.exe
c:\windows\590e9parze2460.ocx
c:\windows\590thzeat31201.dll
c:\windows\591dszy9are3114.ocx
c:\windows\591fzteal1277.bin
c:\windows\5939szarse1704.exe
c:\windows\5955s9yware2524z.cpl
c:\windows\59634spambzt543.bin
c:\windows\59a9thzeat14985.ocx
c:\windows\59bzback5oor9185.ocx
c:\windows\5a07zir20579.dll
c:\windows\5a09spz59e110.dll
c:\windows\5a34sparze7909.exe
c:\windows\5ad2tzief35219.bin
c:\windows\5b28zddwa5912.cpl
c:\windows\5b95threat1327z5.dll
c:\windows\5c15d9warez36.cpl
c:\windows\5c17th9eat118z75.ocx
c:\windows\5c4aadd5aze1193.cpl
c:\windows\5cd4thi5f2z459.cpl
c:\windows\5d23addwaze952.exe
c:\windows\5d34t9i5f3047z.cpl
c:\windows\5d7dthrea5829z.dll
c:\windows\5dez9par5e253.cpl
c:\windows\5dz1ste9l866.cpl
c:\windows\5e8dzir929.ocx
c:\windows\5e94vz52601.bin
c:\windows\5ed159ckdoor1320z.cpl
c:\windows\5fzavir2956.ocx
c:\windows\5z17virus4c9.bin
c:\windows\5z197hacktool48a.cpl
c:\windows\5z49thief2785.cpl
c:\windows\5z96sp9rse2822.bin
c:\windows\6259spywzre23575.bin
c:\windows\6299z9rm153.exe
c:\windows\62e1t9reat59066z.bin
c:\windows\6342a5dw9re1z07.dll
c:\windows\649zst9a52670.ocx
c:\windows\64a99teal31z5.bin
c:\windows\64b99azkdoor2574.cpl
c:\windows\6520threaz519.cpl
c:\windows\6566v9rus35z.exe
c:\windows\669zspamb5940c.bin
c:\windows\66d5addware190z.cpl
c:\windows\66z89hreat7975.dll
c:\windows\673bzparse9153.exe
c:\windows\6799spyz57.exe
c:\windows\679zroj159.ocx
c:\windows\68059parse5z42.bin
c:\windows\68a45ddware973z.exe
c:\windows\693ab59kdozr2955.ocx
c:\windows\695esparse899z.ocx
c:\windows\69bv9r1558z.cpl
c:\windows\69c29o5nloadzr2171.bin
c:\windows\6ae4dow9loadez25625.dll
c:\windows\6b2dspzwa9e18015.exe
c:\windows\6b5thzef1993.dll
c:\windows\6c5d9ir2565z.cpl
c:\windows\6c959parsez84.dll
c:\windows\6dz4t9reat4957.cpl
c:\windows\6f4s5ywarz963.bin
c:\windows\6f5zback9oor30.ocx
c:\windows\6z75spywar930.ocx
c:\windows\7019downlozder1985.dll
c:\windows\705dthrea5z19659.ocx
c:\windows\721bspyw59e18z5.ocx
c:\windows\7276noz-a-vi5us498.cpl
c:\windows\7295bac9door245z.exe
c:\windows\7521addwa5z9806.bin
c:\windows\7525th9ef1205z.dll
c:\windows\7551spa9s521z6.ocx
c:\windows\757dv5r14z59.cpl
c:\windows\75b9baczdoor116.cpl
c:\windows\75cfz9dware2155.ocx
c:\windows\75eabackdozr2596.exe
c:\windows\76dzteal695.cpl
c:\windows\77135tezl2709.bin
c:\windows\77b6threat9550z.dll
c:\windows\7819zhr5at1692.cpl
c:\windows\794z5ot-a-virus2e3.dll
c:\windows\7955add5arz2256.bin
c:\windows\7980addw5rz1465.dll
c:\windows\7abb95zeat25565.dll
c:\windows\7b5evir9z39.bin
c:\windows\7f5dzh9eat26368.dll
c:\windows\8201zackto9l6715.exe
c:\windows\84995ozm159.cpl
c:\windows\853vir9s4ze.bin
c:\windows\8555w9rmz.exe
c:\windows\85z9n5t-a-virus23e.exe
c:\windows\8771hacktzo962d5.exe
c:\windows\8819vizu5491.ocx
c:\windows\8d6thr9at27515z.ocx
c:\windows\8z21s5ambot59b.ocx
c:\windows\91304notza5virus747.exe
c:\windows\9179spa5bot5d9z.exe
c:\windows\91961vizuse15.ocx
c:\windows\919adownloadzr18695.exe
c:\windows\939z7tro590.dll
c:\windows\93cbacz5oor1952.dll
c:\windows\9445troj999z.dll
c:\windows\94685worm4z2.exe
c:\windows\94d4s5zware653.ocx
c:\windows\9509w9rz3e4.cpl
c:\windows\9565tro960z.exe
c:\windows\95z6steal570.exe
c:\windows\969z5not-a-virus736.bin
c:\windows\9782ha5k9ooz213.dll
c:\windows\98675n5t-a-vizus421.bin
c:\windows\9872s5z9e5.cpl
c:\windows\9a4ft5ief3135z.cpl
c:\windows\9afbackdoo529z9.exe
c:\windows\9b60downl5aderz146.bin
c:\windows\9ba95zeal666.ocx
c:\windows\9c53tzreat7737.exe
c:\windows\9z35spy3a9.cpl
c:\windows\9z545roj54f.bin
c:\windows\9zaathi5f280.dll
c:\windows\a8bvir99z5.dll
c:\windows\b4bzpar9e5452.ocx
c:\windows\bdcthrea9z5556.dll
c:\windows\cecste9l1500z.cpl
c:\windows\czadownloade917615.bin
c:\windows\d00viz14095.bin
c:\windows\d49szeal5365.dll
c:\windows\dd9do9nl5ader303z.exe
c:\windows\e95v9r7z0.bin
c:\windows\system32\1042zvir5s3d9.bin
c:\windows\system32\10439spambot4z95.exe
c:\windows\system32\10f3stzal18195.dll
c:\windows\system32\11550t9oj625z.cpl
c:\windows\system32\1213d9znloader725.cpl
c:\windows\system32\122zparse6579.dll
c:\windows\system32\13575noz-a-virus729.exe
c:\windows\system32\137z5s9a5bot464.ocx
c:\windows\system32\138825pa9botz20.dll
c:\windows\system32\14198ha5ktoolz01.exe
c:\windows\system32\14294za5ktool6f9.cpl
c:\windows\system32\144z9s9y15d.bin
c:\windows\system32\145195py70z.exe
c:\windows\system32\1459ztroj750.exe
c:\windows\system32\15224s9ambo517dz.bin
c:\windows\system32\152859zy532.dll
c:\windows\system32\1531zpa9bot511.ocx
c:\windows\system32\1539stezl1529.cpl
c:\windows\system32\1556s9yzare907.exe
c:\windows\system32\15579teal2z15.cpl
c:\windows\system32\158zad9ware1655.dll
c:\windows\system32\1594worm54z.cpl
c:\windows\system32\16091ha9ktoz5441.exe
c:\windows\system32\16637vizu54a9.ocx
c:\windows\system32\16655trojz9a.cpl
c:\windows\system32\16751hacz9oo5524.cpl
c:\windows\system32\169795z-a-virus463.dll
c:\windows\system32\1734th95atz5858.exe
c:\windows\system32\175z2w9rm513.dll
c:\windows\system32\175zsparse9125.dll
c:\windows\system32\17799n9t-a-viru52zb.bin
c:\windows\system32\17950hac9toolz9.exe
c:\windows\system32\17z5sp5rse2974.dll
c:\windows\system32\17zdadd5are22739.ocx
c:\windows\system32\1808zot59-virus5b0.ocx
c:\windows\system32\182s9a5bzt761.bin
c:\windows\system32\187dspyz5re97.dll
c:\windows\system32\18z2v5r198.dll
c:\windows\system32\19355v9rus3z9.dll
c:\windows\system32\1937zdd5are729.exe
c:\windows\system32\19d9az5ware2194.cpl
c:\windows\system32\1a41stea95905z.ocx
c:\windows\system32\1c55spa9se143z.cpl
c:\windows\system32\1e04dow9loader510z.dll
c:\windows\system32\1e9aviz15985.cpl
c:\windows\system32\1f5adowzl9ader5212.ocx
c:\windows\system32\1f95zteal9169.bin
c:\windows\system32\1z39downloader92625.cpl
c:\windows\system32\1z4625p9mbot303.cpl
c:\windows\system32\1z53spar5e29559.dll
c:\windows\system32\1z995hief2991.ocx
c:\windows\system32\20021nzt-5-viru9304.ocx
c:\windows\system32\20054w5zm359.dll
c:\windows\system32\20360sz95bd5.cpl
c:\windows\system32\20456not-a-viru55z9.exe
c:\windows\system32\20990troj9z5.exe
c:\windows\system32\21227s5yzd9.ocx
c:\windows\system32\217295ot-azvirus270.ocx
c:\windows\system32\21dat9reat4z55.cpl
c:\windows\system32\22985zywa9e862.dll
c:\windows\system32\236z5wo9m2c0.cpl
c:\windows\system32\24493v5ruz293.ocx
c:\windows\system32\244z1sp937b5.bin
c:\windows\system32\24667vizus159.ocx
c:\windows\system32\247z09irus5cf5.bin
c:\windows\system32\24z71tro93d5.cpl
c:\windows\system32\25169irusbz.cpl
c:\windows\system32\25432notza-vir5s296.bin
c:\windows\system32\2545downzoa59r1903.dll
c:\windows\system32\2553addware5z79.exe
c:\windows\system32\2559zpar9e959.ocx
c:\windows\system32\25600hackzool3b79.dll
c:\windows\system32\2563zwo9m3ba5.dll
c:\windows\system32\25723s9azbot1275.exe
c:\windows\system32\257755py9z5.cpl
c:\windows\system32\25924vizus626.exe
c:\windows\system32\25978troj1z2.ocx
c:\windows\system32\25cdzw95oader911.ocx
c:\windows\system32\25ceaddwzre95215.dll
c:\windows\system32\25e8ad9w5re1810z.dll
c:\windows\system32\25z65hac59ool441.dll
c:\windows\system32\25z77virus4459.cpl
c:\windows\system32\2646795rz591.bin
c:\windows\system32\26599trojz3e.exe
c:\windows\system32\2663795oj4z2.cpl
c:\windows\system32\271edownl95dzr1955.ocx
c:\windows\system32\27355ownlo9der91z.cpl
c:\windows\system32\27615hzc9t5ol338.dll
c:\windows\system32\276z5h9ck5ool6d3.cpl
c:\windows\system32\27930wo5mz6a.dll
c:\windows\system32\27z16spy950.exe
c:\windows\system32\28059z9cktool227.bin
c:\windows\system32\2837spamzo57b9.dll
c:\windows\system32\28538sp5z19.bin
c:\windows\system32\2898ztroj475.cpl
c:\windows\system32\28997spa5bzt97.bin
c:\windows\system32\29181not-a5zirus1ca9.bin
c:\windows\system32\2940az9ware5875.ocx
c:\windows\system32\29467t9zj7ee5.exe
c:\windows\system32\29858spamboz59c.exe
c:\windows\system32\29859spyz59.bin
c:\windows\system32\2989virz2485.dll
c:\windows\system32\29cbdownl5az9r681.bin
c:\windows\system32\29efzpy9are2056.ocx
c:\windows\system32\29z38s9ambot78a5.bin
c:\windows\system32\29z53virus3a69.bin
c:\windows\system32\2a5fdownloade91918z.exe
c:\windows\system32\2a7azdd95re2781.ocx
c:\windows\system32\2ac9tzief16465.cpl
c:\windows\system32\2c51download9z134.exe
c:\windows\system32\2c55th9ef2133z.dll
c:\windows\system32\2cz9threat19511.bin
c:\windows\system32\2e5zthie9466.bin
c:\windows\system32\2eccspar952z43.exe
c:\windows\system32\2z19st5al1203.exe
c:\windows\system32\2z993spy425.exe
c:\windows\system32\2zb1addwa592435.cpl
c:\windows\system32\30359wzrm52.dll
c:\windows\system32\3039zownloader22475.exe
c:\windows\system32\30859tro53z7.cpl
c:\windows\system32\30f259dwaze1756.dll
c:\windows\system32\31515hie9z952.dll
c:\windows\system32\31579hzeat2466.dll
c:\windows\system32\31597troj97z.dll
c:\windows\system32\31912w5rmz45.dll
c:\windows\system32\3209thr5atz627.ocx
c:\windows\system32\3229hacktz5l28b.exe
c:\windows\system32\32cc9tza53255.ocx
c:\windows\system32\32z59i5us67c.cpl
c:\windows\system32\3321sp9mz5t153.cpl
c:\windows\system32\33e9zteal185.bin
c:\windows\system32\3507thiez8959.ocx
c:\windows\system32\3527spywarz9576.bin
c:\windows\system32\359csparsz1968.ocx
c:\windows\system32\359dthreaz50620.cpl
c:\windows\system32\36zc5ir9202.ocx
c:\windows\system32\370spy9are51z.bin
c:\windows\system32\371ev5r16z39.exe
c:\windows\system32\37d95hief1z259.cpl
c:\windows\system32\3857tzreat17697.dll
c:\windows\system32\389zd9w5loader2094.dll
c:\windows\system32\392zha9ktool7f05.cpl
c:\windows\system32\3954n9t-a-vzru5401.dll
c:\windows\system32\395dback5oorz64.cpl
c:\windows\system32\395szarse1518.bin
c:\windows\system32\39759iruz255.dll
c:\windows\system32\39b1addware5z97.bin
c:\windows\system32\3babth9e5t5361z.exe
c:\windows\system32\3bfback59or11z1.exe
c:\windows\system32\3c73thi5f25z29.bin
c:\windows\system32\3ce9spywarz9533.exe
c:\windows\system32\3d48back9zor3153.cpl
c:\windows\system32\3d63downl9ade52387z.cpl
c:\windows\system32\3f49azdwar9954.cpl
c:\windows\system32\3z03add5a9e2923.bin
c:\windows\system32\3z595py7a9.cpl
c:\windows\system32\3z99add5are720.exe
c:\windows\system32\4209ad5wzre2508.cpl
c:\windows\system32\4245tro9zbb.bin
c:\windows\system32\4355bac9d5or3019z.ocx
c:\windows\system32\44a2zpa9se531.cpl
c:\windows\system32\4553spzm9ot104.dll
c:\windows\system32\45575ac9tool29z.dll
c:\windows\system32\457bste9z2959.exe
c:\windows\system32\45959hreaz32723.dll
c:\windows\system32\4597spar5z2750.ocx
c:\windows\system32\45aathief9z60.ocx
c:\windows\system32\45c3backdoorz90.ocx
c:\windows\system32\4662wz9m52d.dll
c:\windows\system32\490zaddw5re9937.ocx
c:\windows\system32\4937s95alz39.exe
c:\windows\system32\4952thzeat29097.ocx
c:\windows\system32\4967h5ckt9zl4b5.bin
c:\windows\system32\498adownloadz5639.cpl
c:\windows\system32\4a8dbz9kdoor14955.dll
c:\windows\system32\4b5btz9ef2350.ocx
c:\windows\system32\4bc295ckdoorz593.bin
c:\windows\system32\4c29ste5lz57.bin
c:\windows\system32\4ce9t9iez586.ocx
c:\windows\system32\4da1a9dw5ze2635.exe
c:\windows\system32\4f90spywa5e9175z.ocx
c:\windows\system32\503zspambot25e9.ocx
c:\windows\system32\50a89ddware2z505.bin
c:\windows\system32\50z2spar9e2411.bin
c:\windows\system32\510zbackdoo9976.ocx
c:\windows\system32\5139ste5z419.dll
c:\windows\system32\5145th5ez926.exe
c:\windows\system32\5156ha5kzoo9b1.bin
c:\windows\system32\5158ziru941a.dll
c:\windows\system32\51z35not-a9virus57f.exe
c:\windows\system32\52509rojzd1.dll
c:\windows\system32\52539virus2z5.dll
c:\windows\system32\52f5zp9r5e3239.ocx
c:\windows\system32\52z53vi9us700.exe
c:\windows\system32\5335downloazer2159.bin
c:\windows\system32\5365zackdoor18809.ocx
c:\windows\system32\53799pz1e4.exe
c:\windows\system32\542zn9t-a-virus7555.dll
c:\windows\system32\5451threat932z6.bin
c:\windows\system32\54zcspywar915915.dll
c:\windows\system32\5542downloaze93025.bin
c:\windows\system32\556cszyware5990.bin
c:\windows\system32\5580downloade961z.exe
c:\windows\system32\5597hzck9ool2065.cpl
c:\windows\system32\55b2virz691.dll
c:\windows\system32\55cbszeal2491.exe
c:\windows\system32\55d5d5wnlzader497.exe
c:\windows\system32\55z40hac9tool5d1.cpl
c:\windows\system32\55zfv9r2139.bin
c:\windows\system32\5629tzief2299.dll
c:\windows\system32\567cthz5f1093.ocx
c:\windows\system32\568avirz915.bin
c:\windows\system32\5699thiez785.cpl
c:\windows\system32\5709hzcktool1b5.cpl
c:\windows\system32\57159iz1808.exe
c:\windows\system32\57211h9cztool5af.dll
c:\windows\system32\5798nz5-a-virus157.exe
c:\windows\system32\57z4spar5e1129.exe
c:\windows\system32\583bba5kdozr4179.ocx
c:\windows\system32\587adow9loadz52367.ocx
c:\windows\system32\589dadd5are5z3.exe
c:\windows\system32\5916stezl1808.ocx
c:\windows\system32\59335z9oj7af.cpl
c:\windows\system32\59435spy16z.cpl
c:\windows\system32\5949not-a-virus4z6.exe
c:\windows\system32\5953viz2527.cpl
c:\windows\system32\595fspywarz9550.exe
c:\windows\system32\5965threat93z64.cpl
c:\windows\system32\5970vir9sze.bin
c:\windows\system32\59es9ealz32.ocx
c:\windows\system32\59f59ddware1365z.cpl
c:\windows\system32\5azfvi5195.dll
c:\windows\system32\5b45spzw59e2237.exe
c:\windows\system32\5cb45iz2499.cpl
c:\windows\system32\5d23t5rea99z43.ocx
c:\windows\system32\5d5cspywarez6509.bin
c:\windows\system32\5d8spzware15869.dll
c:\windows\system32\5df3thre9z29131.cpl
c:\windows\system32\5e39th5eatz43249.bin
c:\windows\system32\5f30zir495.dll
c:\windows\system32\5f45spyw9re29z9.ocx
c:\windows\system32\5f59spyw5rez934.ocx
c:\windows\system32\5fe6s5ywarz2997.ocx
c:\windows\system32\5z0tro5191.bin
c:\windows\system32\5z2thre5t29289.dll
c:\windows\system32\5z449pyware4985.cpl
c:\windows\system32\5z89wo9m6c.exe
c:\windows\system32\5z9avir1696.dll
c:\windows\system32\6033hac5tool983z.cpl
c:\windows\system32\60dcvi93258z.bin
c:\windows\system32\6151downloadzr949.ocx
c:\windows\system32\6196thr9az4544.bin
c:\windows\system32\625bthre9t864z.ocx
c:\windows\system32\626hack5ool9fez.cpl
c:\windows\system32\62fzthi5f569.bin
c:\windows\system32\641downlz95er999.ocx
c:\windows\system32\6425thrz5t6898.exe
c:\windows\system32\6449ha9ktoo5709z.bin
c:\windows\system32\6555bzckdoor9259.cpl
c:\windows\system32\6589tzief112.exe
c:\windows\system32\65c5steal297z9.bin
c:\windows\system32\6645add9z5e42.cpl
c:\windows\system32\669e9pywa5ez224.bin
c:\windows\system32\6718spa59ez458.ocx
c:\windows\system32\6853tz9eat18803.cpl
c:\windows\system32\687795zdf.dll
c:\windows\system32\6902stezl3915.exe
c:\windows\system32\6953vir355z.ocx
c:\windows\system32\695downloaderz9805.cpl
c:\windows\system32\69ac5ackdzor3173.ocx
c:\windows\system32\6bbz9tea5975.bin
c:\windows\system32\6bf19pywaze2590.cpl
c:\windows\system32\6cb4z9wnloader30615.ocx
c:\windows\system32\6cb9downloadz52324.bin
c:\windows\system32\6cdd5wnloz9er966.exe
c:\windows\system32\6d0bbackdozr9153.ocx
c:\windows\system32\6z69do5nlo9der2180.bin
c:\windows\system32\6ze5hreat93983.exe
c:\windows\system32\719fbaczdoor5115.dll
c:\windows\system32\71e25zr17309.cpl
c:\windows\system32\71zethie9155.ocx
c:\windows\system32\745zt5oj459.dll
c:\windows\system32\74d9viz2395.ocx
c:\windows\system32\74dazir25989.exe
c:\windows\system32\756bzir29645.bin
c:\windows\system32\758not-a-vi5usz5e9.cpl
c:\windows\system32\766bs5az9e1887.dll
c:\windows\system32\76705zrus739.bin
c:\windows\system32\7710sp5mbotz90.dll
c:\windows\system32\771895ambot154z.exe
c:\windows\system32\7720z9rm588.dll
c:\windows\system32\7906vi538z.cpl
c:\windows\system32\7984a5dwaze1409.cpl
c:\windows\system32\799dspywar519z2.dll
c:\windows\system32\79c9zhre9t5920.bin
c:\windows\system32\7b5zspyw5re9157.exe
c:\windows\system32\7c0bbackdz951775.exe
c:\windows\system32\7d59sparse158z.cpl
c:\windows\system32\7ee1ba5zdo9r3064.dll
c:\windows\system32\7ef1spywarz15935.ocx
c:\windows\system32\7f24th9ez24285.dll
c:\windows\system32\7f945zi9f1603.cpl
c:\windows\system32\7z95sp5ware641.cpl
c:\windows\system32\7z95spyware895.ocx
c:\windows\system32\8194spa59ot6z.cpl
c:\windows\system32\8255sp559dz.exe
c:\windows\system32\86559r5j35z.exe
c:\windows\system32\8689trz51a8.cpl
c:\windows\system32\86z3troj5319.bin
c:\windows\system32\8953hack5ozl2f7.ocx
c:\windows\system32\90551worm75z.exe
c:\windows\system32\90606s5y537z.cpl
c:\windows\system32\90fz5teal3080.ocx
c:\windows\system32\912ez5arse2398.bin
c:\windows\system32\91ezspywar52755.exe
c:\windows\system32\9276troj59z.dll
c:\windows\system32\928z0worm6585.ocx
c:\windows\system32\92a5baczdoor481.exe
c:\windows\system32\93213szambo51dd.bin
c:\windows\system32\93eestza55.dll
c:\windows\system32\9400spamboz1c5.bin
c:\windows\system32\94763spambot25z5.bin
c:\windows\system32\94810s5z67d.dll
c:\windows\system32\94b9s5arse2z9.dll
c:\windows\system32\9509spambot585z.ocx
c:\windows\system32\959zdownloader3026.dll
c:\windows\system32\95z5backdoor539.bin
c:\windows\system32\9729spy8z5.bin
c:\windows\system32\9781zpambot3579.bin
c:\windows\system32\978bzckdo9r2745.dll
c:\windows\system32\97z93spam5ot3a9.dll
c:\windows\system32\9859spazbot95.ocx
c:\windows\system32\98810zr5j737.dll
c:\windows\system32\9b55vzr585.bin
c:\windows\system32\9e5czir300.bin
c:\windows\system32\9ed5wnloazer1659.dll
c:\windows\system32\9f51s5ealz524.dll
c:\windows\system32\9z05th5eat24620.bin
c:\windows\system32\9z51vir2055.dll
c:\windows\system32\9z886not-a-virus57a5.exe
c:\windows\system32\9z90w5rm386.bin
c:\windows\system32\a69threa925666z.exe
c:\windows\system32\c1c5hzef1299.exe
c:\windows\system32\c4threa930503z.bin
c:\windows\system32\cdfdoznloader97185.bin
c:\windows\system32\drivers\gxvxcecbjdmfvpbiehuxmwqpeqvtxnoycddfi.sys
c:\windows\system32\e59spywarz491.dll
c:\windows\system32\e5zthr9at2291.ocx
c:\windows\system32\eedzteal9185.dll
c:\windows\system32\f655hi9f2083z.dll
c:\windows\system32\gxvxccount
c:\windows\system32\gxvxcjocihqtnonolbyrgrqxlyyeirqmwnjkt.dll
c:\windows\system32\gxvxcnttfsxdfuiecibnhvrppaviostlttrmx.dll
c:\windows\system32\z11129orm650.bin
c:\windows\system32\z1205pambot96.bin
c:\windows\system32\z163ha9kto5ld9.ocx
c:\windows\system32\z214t5i9f665.dll
c:\windows\system32\z2583spy609.dll
c:\windows\system32\z2655hac9tool119.bin
c:\windows\system32\z3267virus559.exe
c:\windows\system32\z3974virus5e85.dll
c:\windows\system32\z502backdoor9048.bin
c:\windows\system32\z549threat19006.exe
c:\windows\system32\z5cthief1955.dll
c:\windows\system32\z679spam9ot451.cpl
c:\windows\system32\z759worm93.bin
c:\windows\system32\z79s5e9l2657.exe
c:\windows\system32\z7a5sparse2759.cpl
c:\windows\system32\z7thief90485.exe
c:\windows\system32\z8555troj23b9.dll
c:\windows\system32\z8965acktool37f.ocx
c:\windows\system32\z9a59tea51396.dll
c:\windows\system32\zbd8s5arse459.dll
c:\windows\z00559acktool601.bin
c:\windows\z054spyware3296.dll
c:\windows\z0589h5ef59.exe
c:\windows\z0727s9y5a1.bin
c:\windows\z0c9threat15142.dll
c:\windows\z1291sp5291.cpl
c:\windows\z1808v9rus3395.ocx
c:\windows\z1815hacktool95.exe
c:\windows\z326ha5ktoo97ff.dll
c:\windows\z350not-a-vi95s5c6.bin
c:\windows\z423s5arse596.dll
c:\windows\z4463hackt5o9a.exe
c:\windows\z480895cktool2a6.cpl
c:\windows\z4bbth5ea916018.dll
c:\windows\z4d35ir13459.cpl
c:\windows\z55275roj193.exe
c:\windows\z56spyw9re591.dll
c:\windows\z5850viru970b.ocx
c:\windows\z593backdo5r2415.ocx
c:\windows\z593sp56209.ocx
c:\windows\z6047t5oj919.ocx
c:\windows\z6429vi5us71f.ocx
c:\windows\z71hackt9ol4575.cpl
c:\windows\z74ab5ckdo9r1587.bin
c:\windows\z852thr9a518113.bin
c:\windows\z927ba5kdoor27.ocx
c:\windows\z9467sp56a1.dll
c:\windows\z95bsparse870.dll
c:\windows\zb2bspy5ar91535.exe
c:\windows\zb62back59or787.dll
c:\windows\zc99parse575.cpl
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_gxvxcserv.sys
((((((((((((((((((((((((( Files Created from 2009-05-12 to 2009-06-12 )))))))))))))))))))))))))))))))
.
2009-06-12 22:16 . 2009-06-12 22:16 -------- d-----w- c:\users\kd\AppData\Local\temp
2009-06-11 22:03 . 2009-06-12 05:56 -------- d-----w- C:\rsit
2009-06-11 21:30 . 2009-06-11 21:30 -------- d-----w- c:\users\kd\AppData\Roaming\Malwarebytes
2009-06-11 21:27 . 2009-05-26 18:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-11 21:27 . 2009-06-11 21:27 -------- d-----w- c:\programdata\Malwarebytes
2009-06-11 21:27 . 2009-05-26 18:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-11 21:27 . 2009-06-11 21:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-09 04:04 . 2009-06-09 05:00 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-09 00:04 . 2009-06-09 00:04 -------- d-----w- c:\program files\Trend Micro
2009-06-08 23:56 . 2009-06-09 05:15 -------- d-----w- C:\32788R22FWJFW.2.tmp
2009-06-08 23:50 . 2009-06-09 05:15 -------- d-----w- C:\32788R22FWJFW.1.tmp
2009-06-08 23:49 . 2009-06-09 05:15 -------- d-----w- C:\32788R22FWJFW.0.tmp
2009-06-08 22:42 . 2009-06-08 23:34 -------- d-----w- C:\vcs5BGEffects
2009-06-08 21:06 . 2009-06-08 21:06 272 ----a-w- c:\windows\system32\drivers\sfi.dat
2009-06-08 08:12 . 2009-06-08 08:12 15326 ----a-w- c:\windows\system32\3z447not-a-5i9us5.exe
2009-06-07 20:38 . 2009-06-08 22:42 -------- d-----w- c:\program files\AV Vcs 6.0 DIAMOND
2009-06-05 04:31 . 2009-06-05 04:32 -------- d-----w- C:\AV_LOGS
2009-06-05 04:29 . 2009-06-05 04:29 -------- d-----w- c:\users\kd\{ac2e2b8c-c423-4baa-a0a1-d154ebcab39c}
2009-06-05 04:29 . 2008-12-10 21:56 17792 ----a-w- c:\windows\system32\drivers\vcsvad.sys
2009-06-04 15:07 . 2009-06-04 15:07 -------- d-----w- c:\users\kd\AppData\Local\NCSoft
2009-06-04 14:47 . 2009-06-04 14:47 -------- d-----w- c:\users\kd\AppData\Local\assembly
2009-06-04 14:47 . 2009-06-04 14:48 -------- d-----w- c:\program files\NCSoft
2009-06-04 14:45 . 2009-06-04 14:45 -------- d-----w- c:\users\kd\AppData\Roaming\GetRightToGo
2009-06-03 21:06 . 2009-06-03 21:06 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-05-21 21:39 . 2009-05-21 21:39 -------- d-----w- c:\users\kd\AppData\Local\CCP
2009-05-21 21:37 . 2007-07-19 23:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2009-05-21 20:37 . 2009-05-21 20:37 -------- d-----w- c:\program files\CCP
2009-05-20 13:12 . 2009-05-20 13:12 -------- d-----w- c:\programdata\CCP
2009-05-15 22:44 . 2009-05-15 22:44 -------- d-sh--w- C:\found.000
2009-05-15 03:55 . 2009-05-15 03:55 -------- d-----w- C:\GamersFirst
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-04 14:47 . 2008-08-06 23:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-03 21:07 . 2008-08-13 15:24 -------- d-----w- c:\program files\DivX
2009-05-27 13:05 . 2008-08-13 13:07 68640 ----a-w- c:\windows\system32\drivers\inspect.sys
2009-05-27 13:04 . 2008-08-13 13:07 168208 ----a-w- c:\windows\system32\guard32.dll
2009-05-27 13:04 . 2008-08-13 13:07 28704 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2009-05-27 13:04 . 2008-08-13 13:07 130080 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2009-05-13 08:01 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-01 21:02 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\DivX.dll
2009-04-30 04:53 . 2009-01-16 23:52 -------- d-----w- c:\users\kd\AppData\Roaming\DivX
2009-04-24 16:05 . 2009-06-11 23:57 827904 ----a-w- c:\windows\system32\wininet.dll
2009-04-24 16:02 . 2009-06-11 23:57 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-24 13:44 . 2009-06-11 23:57 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-04-23 12:43 . 2009-06-11 23:57 784896 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-23 12:42 . 2009-06-11 23:57 636928 ----a-w- c:\windows\system32\localspl.dll
2009-04-21 11:55 . 2009-06-11 23:57 2033152 ----a-w- c:\windows\system32\win32k.sys
2009-03-17 03:38 . 2009-04-16 22:27 13824 ----a-w- c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-16 22:27 24064 ----a-w- c:\windows\system32\amxread.dll
2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2008-08-13 13:10 66912 ----a-w- c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Fraps"="c:\fraps\FRAPS.EXE" [2006-12-21 2842624]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"COMODO SafeSurf"="c:\program files\COMODO\SafeSurf\cssurf.exe" [2008-08-13 278264]
"COMODO Firewall Pro"="c:\program files\COMODO\Firewall\cfp.exe" [2009-05-27 1794320]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-09-12 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-12 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-12 81920]
"COMODO Internet Security"="c:\program files\COMODO\Firewall\cfp.exe" [2009-05-27 1794320]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\cssdll32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{1778FE0B-BF96-4953-B935-179B7437D69D}c:\\users\\kd\\desktop\\server files1\\server files\\login server\\mystver.exe"= UDP:c:\users\kd\desktop\server files1\server files\login server\mystver.exe:mystver.exe
"UDP Query User{88F53694-E69A-454D-8FC6-4FB53CE28DD4}c:\\users\\kd\\desktop\\server files1\\server files\\login server\\mystver.exe"= TCP:c:\users\kd\desktop\server files1\server files\login server\mystver.exe:mystver.exe
"{8A302BCB-7AFB-4200-97E6-8C9660DE6A03}"= UDP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
"{A0ECFA77-2627-4D41-B6B0-9F180AA475DF}"= TCP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
"{E6564EE3-F839-412B-AF07-3FD748E260DC}"= UDP:c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
"{67D66EFD-1F57-45AF-AAFE-5DA449FB4FF3}"= TCP:c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
"{CBB11CC8-C1DD-481E-B77B-CF858B12FD68}"= UDP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{285EE04E-04BF-4A16-AF72-80B442943410}"= TCP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{E51A6262-A416-477C-B778-BE7BEA1385D8}"= UDP:c:\program files\Microsoft Games\SpiderSolitaire\Combat Arms\NMService.exe:Nexon Messenger Core
"{04173EB3-F8AB-4A3C-BD23-645DFCA487CE}"= TCP:c:\program files\Microsoft Games\SpiderSolitaire\Combat Arms\NMService.exe:Nexon Messenger Core
"{7F3C589C-C0A7-4BCE-B8D8-2ABD50B61FDD}"= UDP:e:\combat arms\NMService.exe:Nexon Messenger Core
"{66C4B3AD-9EEE-48E1-B0D5-DFF0D14D98FC}"= TCP:e:\combat arms\NMService.exe:Nexon Messenger Core
"{9AED4EB8-F38C-4D7C-AA66-896FC8DF1BA2}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{6D70F1C7-135B-49F7-ACD9-AAC12CC8AF27}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{25FCADDB-0AE5-44B9-87B7-4DE3501245FD}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{B5E58C79-C9EF-41F8-923F-335221E2E5B6}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\System32\drivers\cmdguard.sys [8/13/2008 8:07 AM 130080]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\System32\drivers\cmdhlp.sys [8/13/2008 8:07 AM 28704]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\apache.exe [6/14/2008 12:02 PM 17408]
R2 TeamViewer4;TeamViewer 4;c:\program files\TeamViewer\Version4\TeamViewer_Service.exe [1/22/2009 4:31 AM 185640]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\System32\drivers\vcsvad.sys [6/4/2009 11:29 PM 17792]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-PlayNC Launcher - (no file)
.
------- Supplementary Scan -------
.
uStart Page =
hxxp://www.yahoo.commStart Page =
hxxp://www.yahoo.commSearch Bar =
hxxp://us.rd.yahoo.com/customize/ie/def ... earch.htmluSearchURL,(Default) =
hxxp://us.rd.yahoo.com/customize/ie/def ... .yahoo.comFF - ProfilePath - c:\users\kd\AppData\Roaming\Mozilla\Firefox\Profiles\5yd86hid.default\
FF - prefs.js: browser.startup.homepage -
www.yahoo.comFF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll
FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-06-12 17:16
Windows 6.0.6001 Service Pack 1 NTFS
detected NTDLL code modification:
ZwClose, ZwOpenFile
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(972)
c:\windows\System32\cssdll32.dll
- - - - - - - > 'lsass.exe'(644)
c:\windows\System32\cssdll32.dll
c:\windows\system32\guard32.dll
.
Completion time: 2009-06-12 17:18
ComboFix-quarantined-files.txt 2009-06-12 22:18
Pre-Run: 119,579,045,888 bytes free
Post-Run: 123,305,930,752 bytes free
910 --- E O F --- 2009-06-12 06:10