ComboFix 09-06-13.09 - MUM 14/06/2009 19:09.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1022.689 [GMT 1:00]
Running from: c:\documents and settings\MUM\Desktop\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: PCguard Anti-Virus *On-access scanning disabled* (Outdated) {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
FW: PCguard Firewall *enabled* {80593BF4-D969-4EC5-ADAE-A22F2DFC7A22}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\MUM\Application Data\.#
c:\windows\103725ro9558z.ocx
c:\windows\1043backd5oz9813.cpl
c:\windows\1059backdoor11z7.cpl
c:\windows\10azaddwar97685.bin
c:\windows\1157thie922z05.cpl
c:\windows\1183795y7fz.exe
c:\windows\13651not-azv5rus2b99.ocx
c:\windows\1455zpambot1369.cpl
c:\windows\1490ztroj258.dll
c:\windows\150cdo9nloade55z4.ocx
c:\windows\15252s9y3ez.bin
c:\windows\1557v5zus94f.cpl
c:\windows\15590w5r934z.dll
c:\windows\1559195rz147.exe
c:\windows\15688wormz5d9.bin
c:\windows\15758hacktoo9404z.cpl
c:\windows\1586spa9botz02.bin
c:\windows\15cdzir9588.cpl
c:\windows\163315or9zd8.exe
c:\windows\16z859pambote6.bin
c:\windows\17350not-a-vir9s23z.dll
c:\windows\1759zt9a51912.bin
c:\windows\17690not-a-v5rusz36.bin
c:\windows\18655viz59553.dll
c:\windows\18705sza9bot155.dll
c:\windows\1889spz9se1259.cpl
c:\windows\1891hacktozl35c.bin
c:\windows\189dt5iefz039.exe
c:\windows\189spzrse17965.bin
c:\windows\18f9thr5atz44.bin
c:\windows\19522w5r91zf.ocx
c:\windows\19572no5-a-vzrus392.bin
c:\windows\19895szy193.dll
c:\windows\19dzwnloader1325.bin
c:\windows\19e5sparse63z.cpl
c:\windows\1d45a9zware1717.cpl
c:\windows\1da9spzware2115.ocx
c:\windows\1z238not5a-virus439.exe
c:\windows\1z358wo59370.bin
c:\windows\1z493spambo52e2.exe
c:\windows\1z520virus4209.dll
c:\windows\1z549n9t-a-virus1115.ocx
c:\windows\20010haczt5ol839.exe
c:\windows\20059worm5z7.bin
c:\windows\202549acktool65z.ocx
c:\windows\2043zwo9m7b05.cpl
c:\windows\20782szy7509.dll
c:\windows\20895v9rus5z2.ocx
c:\windows\20958not-a-zir5s908.bin
c:\windows\2099zownloader151.exe
c:\windows\210195ackto9l183z.ocx
c:\windows\21156w9rmz95.cpl
c:\windows\21551virus6z9.dll
c:\windows\21555viru930z.bin
c:\windows\21996vir5s4ze.exe
c:\windows\21z199irus3c35.exe
c:\windows\22217not-5zvirus4e9.ocx
c:\windows\224adzwar532249.ocx
c:\windows\224z8wor96b95.cpl
c:\windows\226625o9mz39.ocx
c:\windows\2269zwor55fd.bin
c:\windows\22948spa9bzt755.ocx
c:\windows\229755izusca.exe
c:\windows\22995hacktooz370.exe
c:\windows\22c0backdooz54169.dll
c:\windows\2314zha5ktool7e9.bin
c:\windows\23595troj4f9z.exe
c:\windows\23992hacktooz3515.dll
c:\windows\239fsteaz20085.exe
c:\windows\23e89aczdoor1795.dll
c:\windows\2419zw5rm199.ocx
c:\windows\24349ackzool5a.exe
c:\windows\24fas59zl1055.ocx
c:\windows\24z6th5ef1997.dll
c:\windows\24zcspy5are3987.cpl
c:\windows\25022zp52759.exe
c:\windows\2508595oj56z.ocx
c:\windows\25352spamzote9.cpl
c:\windows\2544t5ojz4d9.cpl
c:\windows\2549zhackto596ae.bin
c:\windows\255ethiz529849.ocx
c:\windows\256ebackdoo9155z.cpl
c:\windows\2578695zus5b7.cpl
c:\windows\25815tzoj693.dll
c:\windows\25875ot9a-virus7e1z.cpl
c:\windows\25916t5ojz4d.bin
c:\windows\25926ziru5767.exe
c:\windows\25933zacktool9465.dll
c:\windows\26754t9oj415z.exe
c:\windows\27093spambz553d.dll
c:\windows\27169zirus65a.dll
c:\windows\2790sp5ware8z8.dll
c:\windows\27z25spy4b09.cpl
c:\windows\284zvi59556.exe
c:\windows\285dsparse29z7.dll
c:\windows\28922hackt5ol9z0.dll
c:\windows\2901zhacktoo57e0.bin
c:\windows\29605ha5ktozl114.dll
c:\windows\2974259cktooz79f.dll
c:\windows\2975threzt5994.ocx
c:\windows\297z2sp5mbot43e.ocx
c:\windows\2czet9ief5648.bin
c:\windows\2eb6th5e9tz0674.cpl
c:\windows\2eb9sza5se3007.exe
c:\windows\2z487worm59.dll
c:\windows\2z975ha9ktoo5471.dll
c:\windows\2zb9backdoo52039.bin
c:\windows\30551vzru95e75.bin
c:\windows\306cdoznloade92756.cpl
c:\windows\3071z9acktool551.cpl
c:\windows\30739vi5zs98d.dll
c:\windows\3079ba5kdzor17999.ocx
c:\windows\30814no9-a5viruz44d.cpl
c:\windows\309995acktzol15b.ocx
c:\windows\30z9795rus555.cpl
c:\windows\31792worz495.bin
c:\windows\31e3thrzat40095.dll
c:\windows\31z29tr5j406.exe
c:\windows\31z55w5r9297.ocx
c:\windows\3524dow5loader2759z.cpl
c:\windows\35505pzware409.bin
c:\windows\35590sp9mbot47z.ocx
c:\windows\3562zddwa59248.ocx
c:\windows\35699tzoj246.dll
c:\windows\37e2ste5l1940z.bin
c:\windows\385t9reat19z45.bin
c:\windows\3864virz5695.cpl
c:\windows\389zvir2525.dll
c:\windows\39270trzj375.ocx
c:\windows\3933zhief2457.ocx
c:\windows\3949z9r7245.ocx
c:\windows\395dvzr2555.cpl
c:\windows\39a3spyza5e1022.exe
c:\windows\39cbbac9do5r35z.dll
c:\windows\39dthz9f2515.exe
c:\windows\3abfdowzloa5er5099.bin
c:\windows\3b5est9al14z3.dll
c:\windows\3b83vir956z5.dll
c:\windows\3b9cviz5659.dll
c:\windows\3e9e9own5oader24z0.exe
c:\windows\3fc9v5r412z.exe
c:\windows\3z900worm9f5.exe
c:\windows\3z9ethief157.dll
c:\windows\4008baz9door1531.cpl
c:\windows\408e5i925z1.cpl
c:\windows\4095szambo5193.ocx
c:\windows\410b5ackdoo99z6.dll
c:\windows\4112not-a-virus956z.ocx
c:\windows\41299ot-a-vi5zs358.cpl
c:\windows\4159ad5waze2615.dll
c:\windows\4399spy9are2055z.dll
c:\windows\43z9addware57.bin
c:\windows\4522downloz9er1932.cpl
c:\windows\4529spambo5317z.dll
c:\windows\45389parse1311z.bin
c:\windows\4552vir1z97.dll
c:\windows\457dbackd9or69z.bin
c:\windows\45czback59or640.dll
c:\windows\45z8not-a-v9rus154.cpl
c:\windows\4770spaz59548.bin
c:\windows\48209hz5at11464.bin
c:\windows\4889spy955z.ocx
c:\windows\493b5zdware2605.bin
c:\windows\495csp9zse1945.cpl
c:\windows\4a92sp9warz2155.ocx
c:\windows\4b2fdownlozd9r865.cpl
c:\windows\4b7esp9rze1345.exe
c:\windows\4b85spa9se1674z.ocx
c:\windows\4badzwa5e17949.exe
c:\windows\4c3zspyware9252.dll
c:\windows\4c9bspzr5e2568.exe
c:\windows\4fzc5ownloader2199.bin
c:\windows\4z5thief5729.dll
c:\windows\50349orz5b7.exe
c:\windows\5065spywaze1937.cpl
c:\windows\5098not-a-z5rus28.ocx
c:\windows\509cdownlozd5r1461.exe
c:\windows\50zha9ktool26f.bin
c:\windows\516spywar9z140.exe
c:\windows\52519zyware2220.dll
c:\windows\52777tr9j1ez.exe
c:\windows\5292thief751z.cpl
c:\windows\5299vir2z295.cpl
c:\windows\52z2addw9re2145.ocx
c:\windows\53330spa9bot1zc.dll
c:\windows\5378sp9mbot12cz.ocx
c:\windows\5378spywarez966.dll
c:\windows\5452backdoor291z.ocx
c:\windows\5481addwarz28995.cpl
c:\windows\549thizf306.exe
c:\windows\5513zownloader619.dll
c:\windows\55319ir2z46.ocx
c:\windows\5553threat171z9.cpl
c:\windows\5576tzrea912481.dll
c:\windows\557d9hreat4z005.cpl
c:\windows\5609dzwnloader28175.bin
c:\windows\5639hac9zool641.exe
c:\windows\5692zirus490.bin
c:\windows\569ftzief53.cpl
c:\windows\56b6zownloader590.exe
c:\windows\56b9vir1z61.dll
c:\windows\57259pyzare2603.ocx
c:\windows\5731zwor955f.exe
c:\windows\5750worm449z.ocx
c:\windows\5822dow9l5zder1037.ocx
c:\windows\5853thrzat29758.ocx
c:\windows\58573zpy49c.exe
c:\windows\58729zy535.ocx
c:\windows\58d69ackdozr26225.exe
c:\windows\5900dow5loadzr2088.ocx
c:\windows\5948v5rus516z.ocx
c:\windows\5949sparse11z85.ocx
c:\windows\5953sp9rsz2787.dll
c:\windows\595419pambot7ze.cpl
c:\windows\5954vir2z11.dll
c:\windows\5971vz5949.dll
c:\windows\59a7t5reat19z83.cpl
c:\windows\59cc5parsz994.bin
c:\windows\59e0addw5re31z4.cpl
c:\windows\59zfthi5f1713.cpl
c:\windows\59zhacktool59b9.cpl
c:\windows\5a56thzef5479.cpl
c:\windows\5ab7thi9fz46.ocx
c:\windows\5az95ir1944.exe
c:\windows\5b29addware9z.exe
c:\windows\5bb9vzr296.exe
c:\windows\5bc5spazs51994.ocx
c:\windows\5bz3steal1109.bin
c:\windows\5c58b5czdoor3960.ocx
c:\windows\5c9steal52z3.exe
c:\windows\5d9dstzal2189.dll
c:\windows\5dfzir2918.exe
c:\windows\5f5zthr95t20166.cpl
c:\windows\5f91viz699.ocx
c:\windows\5fc6addwaze479.exe
c:\windows\5z89roj2425.bin
c:\windows\5z9dbackdo95530.cpl
c:\windows\60895zr2188.bin
c:\windows\60c9zars572.ocx
c:\windows\60not5a-zir9s40d.ocx
c:\windows\618z9roj125.dll
c:\windows\6225ir9s486z.bin
c:\windows\6268thie95143z.ocx
c:\windows\6377not-a-ziru9350.bin
c:\windows\63c6spz95e2755.bin
c:\windows\63e99d5warz1892.bin
c:\windows\6547s95rse1055z.exe
c:\windows\65a8tzreat8951.cpl
c:\windows\65e5thrzat80139.ocx
c:\windows\65edback9ooz2309.ocx
c:\windows\65f4v9r21z4.exe
c:\windows\667edow9loazer3255.bin
c:\windows\66az59ckdoor851.dll
c:\windows\674c5te9l1z5.bin
c:\windows\678as5arse61z9.bin
c:\windows\6895downloazer22825.bin
c:\windows\69539pzware1440.cpl
c:\windows\69a6th95az23773.ocx
c:\windows\69c0a5dware27z3.exe
c:\windows\69e1spywzre2555.ocx
c:\windows\6cb5s9yware225z5.cpl
c:\windows\6d4f59dwaze999.bin
c:\windows\6e4cbzckd9o52931.dll
c:\windows\7013th9ef15z4.cpl
c:\windows\701hacktzol5579.dll
c:\windows\71389teal8z5.exe
c:\windows\7185stea91z65.ocx
c:\windows\727tzoj75a9.exe
c:\windows\72b5z9dware57.dll
c:\windows\72c9t5r9at25z95.exe
c:\windows\72faddw9rz5848.exe
c:\windows\7325hackzoo932d.dll
c:\windows\7425sp9rse24z4.dll
c:\windows\759esparse9z.exe
c:\windows\75stzal15439.exe
c:\windows\764ft9ief3z51.ocx
c:\windows\7653sp9wa5e2z85.dll
c:\windows\7759zormae5.cpl
c:\windows\77a9s9eal241z5.exe
c:\windows\77b5zparse699.exe
c:\windows\77z8addwa9e1095.bin
c:\windows\77zth9ef951.bin
c:\windows\7979bazkdoor14855.exe
c:\windows\797zthi5f3251.bin
c:\windows\799aaddwa5z109.exe
c:\windows\7a05dzwnloader659.ocx
c:\windows\7a50addwz9e3232.ocx
c:\windows\7b1ctzrea915156.cpl
c:\windows\7c93addw5rz491.bin
c:\windows\7cebackzoor9805.cpl
c:\windows\7d1dba5kzoo91802.cpl
c:\windows\7dbzthr9at297255.exe
c:\windows\7e37ad5waz91424.bin
c:\windows\7ezdsp9rse23515.bin
c:\windows\7f9asparse29z5.ocx
c:\windows\8087ha5kt9ol28dz.dll
c:\windows\826zvirus29b5.ocx
c:\windows\8376spaz9ot795.ocx
c:\windows\8z28spa5bo9109.exe
c:\windows\90d2b5zkdoor1486.exe
c:\windows\910085irusz58.dll
c:\windows\91501w5rm5fz.cpl
c:\windows\9160v5rus79z.cpl
c:\windows\91615vi5uz2e6.exe
c:\windows\91715pyze8.cpl
c:\windows\917zdownloader2576.exe
c:\windows\935zvi5308.dll
c:\windows\93739sp56z6.bin
c:\windows\9391spars52z56.ocx
c:\windows\93z2wor5748.ocx
c:\windows\9414hac5tool7zb.cpl
c:\windows\94zthie51979.cpl
c:\windows\95175orm9f9z.cpl
c:\windows\951cbackdoor2z11.exe
c:\windows\9589hizf2513.dll
c:\windows\95eabazkdoor791.cpl
c:\windows\961565pambotz2c.exe
c:\windows\9635hazktool4635.bin
c:\windows\96584spambot3cz.exe
c:\windows\9739spam5oz79d.exe
c:\windows\97993spy105z.ocx
c:\windows\9914n9t-a-virzs325.bin
c:\windows\9925zpambot3265.exe
c:\windows\99338worz55d.ocx
c:\windows\9998trz57e2.dll
c:\windows\999cadd5are2099z.exe
c:\windows\9ac3t5reatz9065.cpl
c:\windows\9azespywar5735.dll
c:\windows\9dsp9zs53199.exe
c:\windows\9e09threatz5202.exe
c:\windows\9f2cs5eal7z3.cpl
c:\windows\9f2czir29295.bin
c:\windows\9z69troj25c.bin
c:\windows\9z879spa5botd1.dll
c:\windows\c95zownloader3775.cpl
c:\windows\e98thrzat5935.bin
c:\windows\ef7a95ware126z.exe
c:\windows\f72downl5aze92319.exe
c:\windows\fdz5parse3197.dll
c:\windows\regedit.com
c:\windows\system32\10253hackto5z694.bin
c:\windows\system32\10327vi9zs751.dll
c:\windows\system32\106daddwarez955.dll
c:\windows\system32\10713worz9b5.ocx
c:\windows\system32\10974haz5toole1.ocx
c:\windows\system32\113z5spambo5199.exe
c:\windows\system32\1195steal39z.ocx
c:\windows\system32\11dczhreat59899.ocx
c:\windows\system32\125c5ow9loader458z.exe
c:\windows\system32\126419ro51a0z.exe
c:\windows\system32\12925troz1d4.ocx
c:\windows\system32\12956zrojf0.ocx
c:\windows\system32\129zwo5ma4.exe
c:\windows\system32\1309zir5285.cpl
c:\windows\system32\1364595t-a-vizus335.ocx
c:\windows\system32\13z95irus95b.exe
c:\windows\system32\1429worm53z.ocx
c:\windows\system32\143819acktzo518.cpl
c:\windows\system32\14511spz9bot578.exe
c:\windows\system32\14552sp9mbot2a2z.exe
c:\windows\system32\1459thzeat31508.exe
c:\windows\system32\1489zspa95ot585.cpl
c:\windows\system32\14925orm299z.exe
c:\windows\system32\14e3zownload9r28785.exe
c:\windows\system32\14z5v9r2067.ocx
c:\windows\system32\15691zr5j229.exe
c:\windows\system32\158395irus69z.dll
c:\windows\system32\158bdownlo5d9r5z9.dll
c:\windows\system32\15904virzs559.bin
c:\windows\system32\15beb5zkdo9r2106.ocx
c:\windows\system32\160109otz5-virus28e.exe
c:\windows\system32\1626t5ief3z149.dll
c:\windows\system32\16574hac9tzol451.dll
c:\windows\system32\166659wnloader2z49.cpl
c:\windows\system32\16853spaz59t200.dll
c:\windows\system32\16z76worm2395.dll
c:\windows\system32\1731t5iez1595.cpl
c:\windows\system32\17534spazbot3959.bin
c:\windows\system32\1794zpambo5718.ocx
c:\windows\system32\179849pambzt75d.dll
c:\windows\system32\17c7vi53z59.dll
c:\windows\system32\17d1adzw9re785.bin
c:\windows\system32\17z5thief2298.bin
c:\windows\system32\19003spy954z.bin
c:\windows\system32\1917z5roj19e.ocx
c:\windows\system32\19259vzrus6695.cpl
c:\windows\system32\192z4vir5950d.ocx
c:\windows\system32\19315not-5-virus5cz.cpl
c:\windows\system32\195zv5r1217.bin
c:\windows\system32\19705parze24.cpl
c:\windows\system32\19755nzt-a-virus14e.ocx
c:\windows\system32\19904t5o97zb.bin
c:\windows\system32\19910sz5mbot5b4.exe
c:\windows\system32\19992t5oj44z.cpl
c:\windows\system32\19z13hacktool545.exe
c:\windows\system32\19ze95r359.exe
c:\windows\system32\1a9asz95se1950.cpl
c:\windows\system32\1b9ftz5ef68.exe
c:\windows\system32\1c2e9ackdzor3157.ocx
c:\windows\system32\1c9e5parse834z.exe
c:\windows\system32\1c9zst5al2497.bin
c:\windows\system32\1d59downlo59er259z.bin
c:\windows\system32\1d69spyware1516z.cpl
c:\windows\system32\1e2et5iez2995.cpl
c:\windows\system32\1z040no5-a-virus2b9.exe
c:\windows\system32\1z15ir31039.exe
c:\windows\system32\1z33759ycb.cpl
c:\windows\system32\1z398troj959.dll
c:\windows\system32\1z919s5ambot6d5.bin
c:\windows\system32\200v59zs229.bin
c:\windows\system32\20865hazktool96c.bin
c:\windows\system32\20z109ot-a-virus675.ocx
c:\windows\system32\2131thzea95805.ocx
c:\windows\system32\21405ir1z49.cpl
c:\windows\system32\214vi9z6525.dll
c:\windows\system32\215da9zware1635.exe
c:\windows\system32\21785hazkt9ol404.dll
c:\windows\system32\22190zorm235.exe
c:\windows\system32\22555z9oj452.exe
c:\windows\system32\226395py11z.ocx
c:\windows\system32\229azddwa9e550.exe
c:\windows\system32\23014sp9zbot1b95.cpl
c:\windows\system32\234zdownloader5659.dll
c:\windows\system32\23535spam9zt1c.exe
c:\windows\system32\23535zckdoor21689.bin
c:\windows\system32\239895pzmbot65.cpl
c:\windows\system32\23998n5t-z-virus337.dll
c:\windows\system32\24345ro9z0c.bin
c:\windows\system32\2437back5oorz4139.dll
c:\windows\system32\24464trz5798.cpl
c:\windows\system32\24537vir9szff.bin
c:\windows\system32\24550spambzt53a9.cpl
c:\windows\system32\2468s9azs579.dll
c:\windows\system32\247829r5j5dz.dll
c:\windows\system32\24c29z53195.bin
c:\windows\system32\25091spam95z7dc.ocx
c:\windows\system32\25175wor95z4.ocx
c:\windows\system32\251z8s9y142.dll
c:\windows\system32\254379ot-a-vizus7f7.dll
c:\windows\system32\2558zspam9ot5ec.bin
c:\windows\system32\25590zirusa9.bin
c:\windows\system32\25849sz951d5.bin
c:\windows\system32\25895wor54ez9.exe
c:\windows\system32\25953spambot3z1.ocx
c:\windows\system32\25d5addware51z9.ocx
c:\windows\system32\25ez9eal83.ocx
c:\windows\system32\25f6downlo5de92851z.ocx
c:\windows\system32\26369trzj505.exe
c:\windows\system32\26756tz9519f.exe
c:\windows\system32\270789izus7645.bin
c:\windows\system32\273z1n5t-a9virus343.bin
c:\windows\system32\2754thi591587z.cpl
c:\windows\system32\27584szy56b9.ocx
c:\windows\system32\2797a5dwarz836.cpl
c:\windows\system32\27990spa5zot242.ocx
c:\windows\system32\27z55virus902.dll
c:\windows\system32\28159no9-a-virusz93.ocx
c:\windows\system32\283749zcktool455.exe
c:\windows\system32\2839th5ef9685z.dll
c:\windows\system32\28476szambot195.cpl
c:\windows\system32\28516troz795.dll
c:\windows\system32\287z35acktool32f9.dll
c:\windows\system32\2883hacktoo574z9.bin
c:\windows\system32\2901not-a-vizu52eb.exe
c:\windows\system32\2916downzoade53159.dll
c:\windows\system32\2921zddwa5e3199.cpl
c:\windows\system32\29236hackt9zl15.cpl
c:\windows\system32\293525zy75.dll
c:\windows\system32\2944t5zeat198199.cpl
c:\windows\system32\29539tr9jz5.cpl
c:\windows\system32\29705not-a-5ir9z41a.dll
c:\windows\system32\29756hacztool9e1.cpl
c:\windows\system32\29786virusz57.ocx
c:\windows\system32\29958virzsfb9.exe
c:\windows\system32\29974wo5m41z.cpl
c:\windows\system32\29c7addware25z9.dll
c:\windows\system32\29zes9arse1655.dll
c:\windows\system32\2a25te9l2758z.dll
c:\windows\system32\2a71z9ief2858.ocx
c:\windows\system32\2a79threzt2052.bin
c:\windows\system32\2azdvi9511.exe
c:\windows\system32\2cefzownlo5der3139.exe
c:\windows\system32\2dz7vi599.ocx
c:\windows\system32\2fz4bac5door3297.exe
c:\windows\system32\2z015ot-9-virus354.cpl
c:\windows\system32\2z7449pambot5a7.ocx
c:\windows\system32\2ze99hief14575.exe
c:\windows\system32\30001spa59ot33z.ocx
c:\windows\system32\305adownl9ader51z8.ocx
c:\windows\system32\3076d9wnloade593z.cpl
c:\windows\system32\30d95dzware829.exe
c:\windows\system32\310z9tro5a09.dll
c:\windows\system32\3129s5yzd9.ocx
c:\windows\system32\3133bac9door5699z.cpl
c:\windows\system32\31579v5ru94cz.dll
c:\windows\system32\31938sp9mb5tz01.bin
c:\windows\system32\31d3vir5977z.bin
c:\windows\system32\34z4spar9e1575.dll
c:\windows\system32\3526thief2z19.dll
c:\windows\system32\355zworm39.bin
c:\windows\system32\365dv9z5171.dll
c:\windows\system32\3705zrm7d9.cpl
c:\windows\system32\37z8ste9l5548.bin
c:\windows\system32\39233h5cztool67f.exe
c:\windows\system32\3955threat20467z.ocx
c:\windows\system32\3994worz159.dll
c:\windows\system32\39a9sparz59495.exe
c:\windows\system32\39z0vir1650.exe
c:\windows\system32\3bd9downloader9521z.bin
c:\windows\system32\3c3a5ddware2990z.ocx
c:\windows\system32\3dc4addw5re1899z.ocx
c:\windows\system32\3e5zspywa592278.bin
c:\windows\system32\3f9zv9r2531.bin
c:\windows\system32\3z561worm2d9.bin
c:\windows\system32\3z973worm590.exe
c:\windows\system32\4021hacktoz519c9.ocx
c:\windows\system32\4199st5zl164.ocx
c:\windows\system32\44005zr16639.exe
c:\windows\system32\4405zpyware2999.cpl
c:\windows\system32\442ed9wnlozder1579.ocx
c:\windows\system32\4467s5arse3z49.cpl
c:\windows\system32\4481threat955z.bin
c:\windows\system32\4504ba95zoor1415.ocx
c:\windows\system32\450e5teal297z.cpl
c:\windows\system32\45759irus5a4z.ocx
c:\windows\system32\45z29hief136.bin
c:\windows\system32\46395h9ef150z.dll
c:\windows\system32\46e45zdware1279.dll
c:\windows\system32\4705szarse1915.cpl
c:\windows\system32\47fv5r2295z.ocx
c:\windows\system32\495bbaczdoor276.ocx
c:\windows\system32\496espar5e2z379.bin
c:\windows\system32\4989s5yz0a.exe
c:\windows\system32\4994zorm45c.ocx
c:\windows\system32\4a7csz5war92312.exe
c:\windows\system32\4b02th5ef319z.exe
c:\windows\system32\4b59th5ef29z2.dll
c:\windows\system32\4b7fad9w5re3z7.bin
c:\windows\system32\4e79threaz15319.cpl
c:\windows\system32\4ec1thrzat92695.exe
c:\windows\system32\4ed1spy59re2042z.dll
c:\windows\system32\502cspywarz1249.ocx
c:\windows\system32\50899hreatz3065.bin
c:\windows\system32\508bthiez9054.exe
c:\windows\system32\5097spy5arez095.dll
c:\windows\system32\509es9arsz775.dll
c:\windows\system32\50c4bac9door251z5.bin
c:\windows\system32\50e2thr9atz4905.exe
c:\windows\system32\50zasp9rse5082.bin
c:\windows\system32\51495ackzool6329.cpl
c:\windows\system32\5151v9r20z2.bin
c:\windows\system32\529sz5599.ocx
c:\windows\system32\537639orz242.exe
c:\windows\system32\537z9orm458.bin
c:\windows\system32\53898spy17ez.exe
c:\windows\system32\53zbspywar91357.dll
c:\windows\system32\548spazse1962.dll
c:\windows\system32\5492ztroj148.cpl
c:\windows\system32\5500spzrse1789.dll
c:\windows\system32\5521zhre9t7503.exe
c:\windows\system32\554429ot-a-viruz76c.dll
c:\windows\system32\5556wozm598.bin
c:\windows\system32\55c9stzal151.dll
c:\windows\system32\55cbsp5rze9625.dll
c:\windows\system32\5658zi9us274.cpl
c:\windows\system32\56ed9teal102z.cpl
c:\windows\system32\5743v59uz44d.bin
c:\windows\system32\57529orm7za.bin
c:\windows\system32\5794spambo552z.exe
c:\windows\system32\57c6s9ywarez748.dll
c:\windows\system32\57z5threat171195.ocx
c:\windows\system32\57z9backdoor2735.ocx
c:\windows\system32\584zsp5mbo91fb.dll
c:\windows\system32\585azi92561.exe
c:\windows\system32\5939addware1053z.cpl
c:\windows\system32\5954v9z9565.dll
c:\windows\system32\5979thiez1695.ocx
c:\windows\system32\5997spywa5e15z.cpl
c:\windows\system32\59f9d5wzre337.exe
c:\windows\system32\59z3s5arse283.ocx
c:\windows\system32\59zcthief5874.ocx
c:\windows\system32\5a1cdowzloader24209.exe
c:\windows\system32\5a54sp5rsez349.ocx
c:\windows\system32\5ad59hreatz1153.exe
c:\windows\system32\5b549ddwaze340.bin
c:\windows\system32\5bc99hrzat20453.exe
c:\windows\system32\5c795pywaze162.exe
c:\windows\system32\5cf2thrz5t95598.exe
c:\windows\system32\5d2thr9atz03415.exe
c:\windows\system32\5da2thre5t94800z.exe
c:\windows\system32\5dbzparse9350.bin
c:\windows\system32\5e65z9ief1052.cpl
c:\windows\system32\5e7zthief992.dll
c:\windows\system32\5ea8tzief559.dll
c:\windows\system32\5ee95pyware2z38.dll
c:\windows\system32\5fezthief6859.ocx
c:\windows\system32\5fz6t9ief2821.cpl
c:\windows\system32\5z317worm297.bin
c:\windows\system32\5z4thie51979.exe
c:\windows\system32\5zdt9reat1895.cpl
c:\windows\system32\5zf9t5reat1260.ocx
c:\windows\system32\60zethr5at7098.ocx
c:\windows\system32\624zdo5nl9ader67.ocx
c:\windows\system32\62b1downlo9zer5590.exe
c:\windows\system32\62zav9r5587.ocx
c:\windows\system32\632dd5znload9r517.exe
c:\windows\system32\63915zrm4b5.dll
c:\windows\system32\6494spzrse5554.exe
c:\windows\system32\649cadd5aze2272.exe
c:\windows\system32\649dviz895.exe
c:\windows\system32\64c1bzckdoor50179.ocx
c:\windows\system32\6503threaz17697.ocx
c:\windows\system32\6543thie9z577.cpl
c:\windows\system32\65a0szarse10199.exe
c:\windows\system32\669spzmbot35.ocx
c:\windows\system32\6737stea5z1799.ocx
c:\windows\system32\6759spywzr59536.bin
c:\windows\system32\677esp9r5ez444.bin
c:\windows\system32\6790thzea5320459.cpl
c:\windows\system32\67ad9zar5e2195.exe
c:\windows\system32\688virzs59f5.bin
c:\windows\system32\6890nzt-a-vi5us254.ocx
c:\windows\system32\6907not9a5virzsb0.exe
c:\windows\system32\6909down5ozder1492.dll
c:\windows\system32\6a5zthreat973.dll
c:\windows\system32\6d46s9arse2z58.bin
c:\windows\system32\6dz95teal1112.cpl
c:\windows\system32\6f53sparse925z.cpl
c:\windows\system32\6fb9bzckdoor285.bin
c:\windows\system32\70559parsez546.ocx
c:\windows\system32\7055ste9lz11.bin
c:\windows\system32\7097downlo5dez9367.bin
c:\windows\system32\7132not-a-vi9us50z.cpl
c:\windows\system32\7172zot-9-virus5c0.dll
c:\windows\system32\7359stzal425.ocx
c:\windows\system32\73675zwnloader799.exe
c:\windows\system32\7430backd9or2z45.dll
c:\windows\system32\752ethr9az22454.exe
c:\windows\system32\75f5zddware289.exe
c:\windows\system32\75z6s9ea52207.ocx
c:\windows\system32\7851hzc9too54f3.exe
c:\windows\system32\791zthie52525.ocx
c:\windows\system32\7948spy9zre5959.dll
c:\windows\system32\7948w5rmz0.bin
c:\windows\system32\79cethief5z8.cpl
c:\windows\system32\79dste5l2656z.dll
c:\windows\system32\79e5bzckdoo51677.bin
c:\windows\system32\79fbstea51z65.cpl
c:\windows\system32\7ade5i99z9.dll
c:\windows\system32\7aezaddw9re1565.bin
c:\windows\system32\7bafdozn95ader3126.exe
c:\windows\system32\7ca9spywar5z354.exe
c:\windows\system32\7d4bszar591433.ocx
c:\windows\system32\7dzthreat3569.ocx
c:\windows\system32\7eb4doznloade91605.bin
c:\windows\system32\7z97not-5-virus249.bin
c:\windows\system32\82bst5a9140z.dll
c:\windows\system32\8479woz526.exe
c:\windows\system32\89ftzi5f107.exe
c:\windows\system32\8z24wo5m965.exe
c:\windows\system32\9034t9o53az.cpl
c:\windows\system32\9109szambot955.dll
c:\windows\system32\91377hz5ktool313.ocx
c:\windows\system32\91528spambotzb3.dll
c:\windows\system32\91eda5dwaze1310.exe
c:\windows\system32\92598wzrm6da.bin
c:\windows\system32\9385zvirus525.dll
c:\windows\system32\94565hacztool56.cpl
c:\windows\system32\952szeal1154.cpl
c:\windows\system32\955zteal2084.ocx
c:\windows\system32\956back9zor2952.dll
c:\windows\system32\95z4hackt9o568f.bin
c:\windows\system32\96585zr3031.ocx
c:\windows\system32\965ad5wa9e1z49.ocx
c:\windows\system32\974spaz5e1325.bin
c:\windows\system32\97956spambot55z.cpl
c:\windows\system32\9797spyzb5.dll
c:\windows\system32\987zo5-a9virus637.exe
c:\windows\system32\990tro54zc.dll
c:\windows\system32\993fbackdozr1825.exe
c:\windows\system32\9995trzj47d.exe
c:\windows\system32\99970zpambot576.exe
c:\windows\system32\99a2sp5rse20z6.cpl
c:\windows\system32\99cbthreaz15272.exe
c:\windows\system32\9a31st5al1826z.cpl
c:\windows\system32\9b5thrzat267325.exe
c:\windows\system32\9c3dba5kdoor1658z.dll
c:\windows\system32\9d5spyware105z.dll
c:\windows\system32\9z8backd5or505.dll
c:\windows\system32\9zd5spyware1151.dll
c:\windows\system32\a3dt5zef1579.cpl
c:\windows\system32\b41do5n9oadez1156.bin
c:\windows\system32\c45dowzlo5der1964.exe
c:\windows\system32\d55d9wnlozder141.bin
c:\windows\system32\d9fthie9z859.dll
c:\windows\system32\drivers\gxvxcliqlaswthboruyxuwqgrfthrsnsgpruj.sys
c:\windows\system32\drivers\gxvxcxdompjwmrfldkmrgwuyfultfaqjbabew.sys
c:\windows\system32\drivers\gxvxcxeoobiufrfhlwxwuxmwwykridqoewcsy.sys
c:\windows\system32\f0fvi5981z.cpl
c:\windows\system32\f14s9ywar5z023.exe
c:\windows\system32\f39sparsz2715.ocx
c:\windows\system32\f74s5arse3z99.dll
c:\windows\system32\fcd9zywa5e1327.dll
c:\windows\system32\gxvxccount
c:\windows\system32\gxvxcobyurcylxrquyysridfcyvwhsvqyhkmu.dll
c:\windows\system32\gxvxcqnlrvdcjnsswtxtlwgoewxuiyqoeynut.dll
c:\windows\system32\z0f1vi525579.bin
c:\windows\system32\z454t9reat7483.exe
c:\windows\system32\z5019ir253.bin
c:\windows\system32\z540spar9e3195.ocx
c:\windows\system32\z584spy595.exe
c:\windows\system32\z70935pambot1df.dll
c:\windows\system32\z9545not-a-virus7a0.bin
c:\windows\system32\z97ath5ef1080.ocx
c:\windows\system32\z9f3vi51712.cpl
c:\windows\system32\za89thr5at29809.cpl
c:\windows\system32\zccfspar9e2586.bin
c:\windows\system32\zddcdo5nloader639.bin
c:\windows\system32\zf69a9dwar53008.cpl
c:\windows\z0949tro519b.bin
c:\windows\z206spa5bot985.exe
c:\windows\z2580sp9m5ot685.bin
c:\windows\z453wo9m55b.cpl
c:\windows\z46d59yware3161.bin
c:\windows\z492add5are960.bin
c:\windows\z5030hacktool55d9.cpl
c:\windows\z51sp9ware6.bin
c:\windows\z562spyware596.bin
c:\windows\z56spam9ot294.bin
c:\windows\z6565irus29b.exe
c:\windows\z6949v5rus1c3.dll
c:\windows\z73059irus385.dll
c:\windows\z7834wor93be5.ocx
c:\windows\z9c5vir4385.bin
c:\windows\zc47addware1895.exe
c:\windows\zcddthief5893.bin
c:\windows\zdebbackdo5r1791.ocx
c:\windows\zf199ir1565.ocx
c:\windows\zf57steal619.cpl
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_GXVXCSERV.SYS
((((((((((((((((((((((((( Files Created from 2009-05-14 to 2009-06-14 )))))))))))))))))))))))))))))))
.
2009-06-12 18:48 . 2009-06-12 18:49 -------- d-----w- C:\rsit
2009-06-12 13:18 . 2009-06-12 13:21 -------- d-----w- c:\documents and settings\MUM\DoctorWeb
2009-06-10 17:20 . 2009-06-10 17:21 -------- d-----w- c:\program files\QuickTime
2009-06-09 08:54 . 2009-06-09 08:54 -------- d-----w- c:\documents and settings\MUM\Application Data\Malwarebytes
2009-06-09 06:16 . 2009-05-26 12:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-09 06:16 . 2009-06-09 09:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-09 06:16 . 2009-06-09 06:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-06-09 06:16 . 2009-05-26 12:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-08 20:13 . 2009-06-08 20:13 11952 ----a-w- c:\windows\system32\avgrsstx.dll
2009-06-08 20:13 . 2009-06-08 20:13 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2009-06-08 20:13 . 2009-06-08 20:13 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2009-06-08 20:13 . 2009-06-08 20:13 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2009-06-08 20:13 . 2009-06-14 07:55 -------- d-----w- c:\windows\system32\drivers\Avg
2009-06-08 20:13 . 2009-06-08 20:14 -------- d-----w- c:\documents and settings\All Users\Application Data\avg8
2009-06-08 20:13 . 2009-06-08 20:13 -------- d-----w- c:\program files\AVG
2009-06-08 19:45 . 2009-06-09 19:14 -------- d--h--w- C:\$AVG8.VAULT$
2009-06-04 18:22 . 2009-06-04 18:22 -------- d-----w- c:\program files\Windows Live Safety Center
2009-06-03 22:46 . 2009-06-06 16:46 -------- d-----w- c:\windows\Application Data
2009-06-03 22:06 . 2009-06-03 22:06 1506712 ----a-w- c:\documents and settings\MUM\Application Data\Virgin Broadband\advisor\downloads\advisor.41.exe.dir\advisor.exe
2009-05-18 20:28 . 2009-05-18 20:28 -------- d-----w- c:\documents and settings\All Users\Application Data\NCH Software
2009-05-18 19:45 . 2009-05-18 19:45 -------- d-----w- c:\program files\NCH Software
2009-05-18 06:06 . 2009-05-18 06:06 7591 ----a-w- c:\windows\system32\9cczthief55.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-10 09:48 . 2005-05-16 15:38 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-06-09 16:14 . 2004-02-01 19:42 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-06-09 09:58 . 2009-04-03 14:12 -------- d-----w- c:\program files\Norton Security Scan
2009-06-09 09:57 . 2002-01-01 22:20 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-06-09 09:55 . 2009-01-10 13:30 -------- d-----w- c:\program files\iTunes
2009-06-09 09:55 . 2006-02-25 09:41 -------- d-----w- c:\program files\Google
2009-06-09 09:54 . 2009-01-13 12:21 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
2009-06-09 09:54 . 2009-01-13 12:21 -------- d-----w- c:\program files\NOS
2009-06-08 20:20 . 2007-03-23 00:53 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-08 20:06 . 2007-03-22 23:32 -------- d-----w- c:\program files\Virgin Broadband
2009-06-08 20:05 . 2004-07-12 12:51 -------- d-----w- c:\program files\VideoLAN
2009-06-08 19:55 . 2007-03-22 23:39 -------- d-----w- c:\program files\Common Files\PestPatrol
2009-06-04 13:04 . 2009-02-23 13:34 -------- d-----w- c:\documents and settings\MUM\Application Data\HPAppData
2009-05-27 10:49 . 2009-04-22 10:30 -------- d-----w- c:\documents and settings\MUM\Application Data\U3
2009-05-07 15:32 . 2002-01-02 04:53 345600 ----a-w- c:\windows\system32\localspl.dll
2009-05-05 17:16 . 2009-05-05 17:16 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-05-05 17:16 . 2006-04-24 14:48 -------- d-----w- c:\program files\iPod
2009-05-05 17:16 . 2007-10-02 14:03 -------- d-----w- c:\program files\Common Files\Apple
2009-05-05 17:13 . 2009-05-05 17:13 -------- d-----w- c:\program files\Bonjour
2009-05-05 17:03 . 2009-05-05 17:03 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-04-29 04:56 . 2004-02-06 17:05 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:55 . 2004-08-04 07:56 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-17 12:26 . 2002-01-02 04:53 1847168 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 14:51 . 2004-04-14 01:09 585216 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-03 10:55 . 2007-05-20 16:18 52240 ----a-w- c:\documents and settings\OLIVER\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-19 15:32 . 2009-03-19 15:32 23400 ----a-w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-19 15:32 . 2008-01-29 11:01 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Works Update Detection"="c:\program files\Microsoft Works\WkDetect.exe" [2000-07-13 28739]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"IndexSearch"="c:\program files\Scansoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"OneTouch Monitor"="c:\program files\Xerox One Touch\OneTouchMon.exe" [2003-06-12 86016]
"SetDefPrt"="c:\program files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 49152]
"ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 933888]
"Motive SmartBridge"="c:\progra~1\BLUEYO~1\SMARTB~1\blueyonder-istnotifier.exe" [2005-09-22 438359]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-08 1947928]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-05-26 413696]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"Symantec NetDriver Warning"="c:\progra~1\SYMNET~1\SNDWarn.exe" [2004-10-29 218232]
c:\documents and settings\MUM\Start Menu\Programs\Startup\
WordWeb.lnk - c:\program files\WordWeb\wweb32.exe [2006-8-15 19968]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
BigFix.lnk - c:\program files\BigFix\BigFix.exe [2002-1-1 1742384]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-06-08 20:13 11952 ----a-w- c:\windows\system32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\WinMX\\WinMX.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\BitLord\\BitLord.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\THQ\\Dawn of War - Dark Crusade\\DarkCrusade.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\THQ\\Dawn of War - Dark Crusade\\ttru_DarkCrusade.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [08/06/2009 21:13 325896]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [08/06/2009 21:13 108552]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [08/06/2009 21:13 298776]
R2 WUSB54GSv2SVC;WUSB54GSv2SVC;c:\program files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe [25/06/2008 17:12 53307]
S3 cpuz129;cpuz129;\??\c:\docume~1\MUM\LOCALS~1\Temp\cpuz_x32.sys --> c:\docume~1\MUM\LOCALS~1\Temp\cpuz_x32.sys [?]
S3 gbalink;GBA Link Driver (gbalink.sys);c:\windows\system32\drivers\gbalink.sys [27/02/2005 18:45 19677]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
2009-05-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
.
- - - - ORPHANS REMOVED - - - -
HKCU-Run-SpySweeper - c:\program files\PC Healthcheck\SpySweeper\SpySweeper.exe
HKLM-Run-PP8 Reminder - c:\program files\Scansoft\PaperPort\WebEreg\NAVBrowser.exe
HKU-Default-Run-ALUAlert - c:\program files\Symantec\LiveUpdate\ALUNotify.exe
HKU-Default-Run-Symantec Network Driver Update Warning - c:\progra~1\Symantec\LIVEUP~1\SNDWarn.EXE
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL =
hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page =
hxxp://www.medway-magic.org/uInternet Settings,ProxyOverride = 127.0.0.1;localhost;*.local
DPF: DirectAnimation Java Classes -
file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java -
file://c:\windows\Java\classes\xmldso.cab
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2009-06-14 19:17
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2009-06-14 19:20
ComboFix-quarantined-files.txt 2009-06-14 18:20
Pre-Run: 3,307,659,264 bytes free
Post-Run: 3,616,624,640 bytes free
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
917 --- E O F --- 2009-06-12 02:01