Here is the combofix log and the symantec results from after combofix since we can't download hijackthis:
ComboFix 08-01-04.1 - Matthew 2008-01-06 18:28:38.2 - NTFSx86 NETWORK
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.792 [GMT -5:00]
Running from: F:\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\All Users\Application Data.\winantispyware 2007
C:\Documents and Settings\All Users\Application Data.\winantispyware 2007\Data\Abbr
C:\Documents and Settings\All Users\Application Data.\winantispyware 2007\Data\ProductCode
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\Abbr
C:\Documents and Settings\All Users\Application Data\WinAntiSpyware 2007\Data\ProductCode
C:\Documents and Settings\Matthew\Application Data\WinAntiSpyware 2007
C:\Documents and Settings\Matthew\Application Data\WinAntiSpyware 2007\Logs\update.log
C:\Documents and Settings\Matthew\err.log
C:\Program Files\Common Files\winantispyware 2007
C:\Program Files\Common Files\WinAntiSpyware 2007\err.log
C:\temp\
0b9
C:\temp\
0b9\tmpTF.log
C:\temp\iee
C:\temp\iee\tmpZTF.log
C:\temp\tn3
C:\WINDOWS\cookies.ini
C:\WINDOWS\Downloaded Program Files\UGA6P_0001_N122M2210NetInstaller.exe
C:\WINDOWS\Fonts\acrsecB.fon
C:\WINDOWS\Fonts\acrsecI.fon
C:\WINDOWS\SYSTEM32\aaqdvolk.ini
C:\WINDOWS\system32\acbsmprl.dll
C:\WINDOWS\system32\ajtiwbsn.dll
C:\WINDOWS\SYSTEM32\ajvjssch.ini
C:\WINDOWS\system32\akwfrows.dll
C:\WINDOWS\SYSTEM32\amcsokxd.ini
C:\WINDOWS\SYSTEM32\annxvtql.ini
C:\WINDOWS\system32\ardjfeyu.dll
C:\WINDOWS\SYSTEM32\awdirybr.ini
C:\WINDOWS\SYSTEM32\bayjvfur.ini
C:\WINDOWS\system32\bdiiordw.dll
C:\WINDOWS\system32\bdrfbcdu.dll
C:\WINDOWS\SYSTEM32\beertybo.ini
C:\WINDOWS\SYSTEM32\bhtjiopo.ini
C:\WINDOWS\SYSTEM32\biwnxxxp.ini
C:\WINDOWS\SYSTEM32\bnqjisne.ini
C:\WINDOWS\system32\bruvciio.dll
C:\WINDOWS\system32\bwvblijl.dll
C:\WINDOWS\SYSTEM32\cahritkt.ini
C:\WINDOWS\system32\cbvlwsxv.dll
C:\WINDOWS\system32\cmybudfd.dll
C:\WINDOWS\system32\cpeyeajl.dll
C:\WINDOWS\SYSTEM32\cpssethd.ini
C:\WINDOWS\SYSTEM32\cvfebufq.ini
C:\WINDOWS\SYSTEM32\cwnskrcg.ini
C:\WINDOWS\SYSTEM32\cxegktoo.ini
C:\WINDOWS\SYSTEM32\dbcouxgx.ini
C:\WINDOWS\SYSTEM32\degqmftw.ini
C:\WINDOWS\system32\dhtesspc.dll
C:\WINDOWS\SYSTEM32\drqvvrbo.ini
C:\WINDOWS\system32\dthtsukq.dll
C:\WINDOWS\system32\dxkoscma.dll
C:\WINDOWS\SYSTEM32\dxkplfcj.ini
C:\WINDOWS\SYSTEM32\edyuqsio.ini
C:\WINDOWS\SYSTEM32\eicijgyv.ini
C:\WINDOWS\SYSTEM32\ejenrpje.ini
C:\WINDOWS\system32\ejprneje.dll
C:\WINDOWS\SYSTEM32\ejqyuexw.ini
C:\WINDOWS\SYSTEM32\emaosver.ini
C:\WINDOWS\system32\ensijqnb.dll
C:\WINDOWS\SYSTEM32\epbktlcx.ini
C:\WINDOWS\SYSTEM32\epdrplqy.ini
C:\WINDOWS\SYSTEM32\eqfykjhq.ini
C:\WINDOWS\system32\esanaxvs.dll
C:\WINDOWS\SYSTEM32\essfgxai.ini
C:\WINDOWS\SYSTEM32\etxbnrpf.ini
C:\WINDOWS\SYSTEM32\ffiuxshx.ini
C:\WINDOWS\system32\fprnbxte.dll
C:\WINDOWS\system32\fwpdfanc.dll
C:\WINDOWS\system32\gbgdwpau.dll
C:\WINDOWS\system32\gcrksnwc.dll
C:\WINDOWS\SYSTEM32\gqbiylcm.ini
C:\WINDOWS\system32\gxcyyyrj.dll
C:\WINDOWS\system32\hcssjvja.dll
C:\WINDOWS\SYSTEM32\hhhkj.bak1
C:\WINDOWS\SYSTEM32\hhhkj.bak2
C:\WINDOWS\SYSTEM32\hhhkj.ini
C:\WINDOWS\SYSTEM32\hhhkj.ini2
C:\WINDOWS\SYSTEM32\hhhkj.tmp
C:\WINDOWS\system32\hhvadehk.dll
C:\WINDOWS\SYSTEM32\hlutcwap.ini
C:\WINDOWS\SYSTEM32\hqpmvyev.ini
C:\WINDOWS\system32\iaxgfsse.dll
C:\WINDOWS\SYSTEM32\ijstncwi.ini
C:\WINDOWS\SYSTEM32\ikwpyefj.ini
C:\WINDOWS\SYSTEM32\inelbiys.ini
C:\WINDOWS\SYSTEM32\irofneiw.ini
C:\WINDOWS\system32\isimbisw.dll
C:\WINDOWS\SYSTEM32\isskjydu.ini
C:\WINDOWS\system32\itkdekkp.dll
C:\WINDOWS\system32\iucscqfx.dll
C:\WINDOWS\system32\iusqnghq.dll
C:\WINDOWS\system32\iwcntsji.dll
C:\WINDOWS\SYSTEM32\ixcomiyv.ini
C:\WINDOWS\system32\jcflpkxd.dll
C:\WINDOWS\system32\jfeypwki.dll
C:\WINDOWS\system32\jkxjycln.dll
C:\WINDOWS\system32\jkypgtgk.dll
C:\WINDOWS\system32\jofdkfsy.dll
C:\WINDOWS\SYSTEM32\jryyycxg.ini
C:\WINDOWS\system32\jyvppkgt.dll
C:\WINDOWS\SYSTEM32\kgtgpykj.ini
C:\WINDOWS\SYSTEM32\khedavhh.ini
C:\WINDOWS\system32\kjmytrdv.dll
C:\WINDOWS\system32\klovdqaa.dll
C:\WINDOWS\system32\ktofpqlw.dll
C:\WINDOWS\SYSTEM32\ktvvwqdy.ini
C:\WINDOWS\system32\kundbjcs.dll
C:\WINDOWS\system32\kvhoqsqq.dll
C:\WINDOWS\system32\kwhyewpq.dll
C:\WINDOWS\system32\kxaeytkx.dll
C:\WINDOWS\SYSTEM32\lakyyyqs.ini
C:\WINDOWS\SYSTEM32\ljaeyepc.ini
C:\WINDOWS\SYSTEM32\ljilbvwb.ini
C:\WINDOWS\system32\lnlblkjp.dll
C:\WINDOWS\SYSTEM32\loiuybsr.ini
C:\WINDOWS\system32\lqtvxnna.dll
C:\WINDOWS\SYSTEM32\lrpmsbca.ini
C:\WINDOWS\system32\lxjwknap.dll
C:\WINDOWS\system32\mclyibqg.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\SYSTEM32\medoevbt.ini
C:\WINDOWS\system32\moauokmt.dll
C:\WINDOWS\SYSTEM32\muqhbwew.ini
C:\WINDOWS\system32\nikblfqo.dll
C:\WINDOWS\system32\nkrmnkio.dll
C:\WINDOWS\SYSTEM32\nlcyjxkj.ini
C:\WINDOWS\SYSTEM32\nsbwitja.ini
C:\WINDOWS\system32\o02PrEz
C:\WINDOWS\system32\obrvvqrd.dll
C:\WINDOWS\system32\obytreeb.dll
C:\WINDOWS\SYSTEM32\oiknmrkn.ini
C:\WINDOWS\system32\oisquyde.dll
C:\WINDOWS\system32\ootkgexc.dll
C:\WINDOWS\system32\opoijthb.dll
C:\WINDOWS\SYSTEM32\oqflbkin.ini
C:\WINDOWS\system32\orqygtfw.dll
C:\WINDOWS\SYSTEM32\pankwjxl.ini
C:\WINDOWS\system32\pawctulh.dll
C:\WINDOWS\system32\pffiivox.dll
C:\WINDOWS\SYSTEM32\pjklblnl.ini
C:\WINDOWS\SYSTEM32\pkkedkti.ini
C:\WINDOWS\system32\plxbqbxy.dll
C:\WINDOWS\system32\pqenkqeu.dll
C:\WINDOWS\system32\pxxxnwib.dll
C:\WINDOWS\system32\qfubefvc.dll
C:\WINDOWS\SYSTEM32\qhgnqsui.ini
C:\WINDOWS\system32\qhjkyfqe.dll
C:\WINDOWS\SYSTEM32\qkusthtd.ini
C:\WINDOWS\SYSTEM32\qpweyhwk.ini
C:\WINDOWS\SYSTEM32\qqsqohvk.ini
C:\WINDOWS\system32\rbyridwa.dll
C:\WINDOWS\system32\revsoame.dll
C:\WINDOWS\system32\rsbyuiol.dll
C:\WINDOWS\system32\rufvjyab.dll
C:\WINDOWS\SYSTEM32\scjbdnuk.ini
C:\WINDOWS\SYSTEM32\sclufcww.ini
C:\WINDOWS\system32\snpqthvx.dll
C:\WINDOWS\SYSTEM32\sqltsskv.ini
C:\WINDOWS\system32\sqyyykal.dll
C:\WINDOWS\SYSTEM32\svxanase.ini
C:\WINDOWS\SYSTEM32\sworfwka.ini
C:\WINDOWS\system32\syibleni.dll
C:\WINDOWS\system32\tbveodem.dll
C:\WINDOWS\SYSTEM32\tficjqiv.ini
C:\WINDOWS\SYSTEM32\tgkppvyj.ini
C:\WINDOWS\system32\tktirhac.dll
C:\WINDOWS\SYSTEM32\tmkouaom.ini
C:\WINDOWS\SYSTEM32\uapwdgbg.ini
C:\WINDOWS\SYSTEM32\uasxfkew.ini
C:\WINDOWS\SYSTEM32\udcbfrdb.ini
C:\WINDOWS\system32\udyjkssi.dll
C:\WINDOWS\SYSTEM32\ueqkneqp.ini
C:\WINDOWS\SYSTEM32\uyefjdra.ini
C:\WINDOWS\system32\vablmsix.dll
C:\WINDOWS\SYSTEM32\vdrtymjk.ini
C:\WINDOWS\system32\veyvmpqh.dll
C:\WINDOWS\system32\viqjcift.dll
C:\WINDOWS\system32\vksstlqs.dll
C:\WINDOWS\SYSTEM32\vxswlvbc.ini
C:\WINDOWS\system32\vygjicie.dll
C:\WINDOWS\system32\vyimocxi.dll
C:\WINDOWS\SYSTEM32\wdroiidb.ini
C:\WINDOWS\system32\wekfxsau.dll
C:\WINDOWS\system32\wewbhqum.dll
C:\WINDOWS\SYSTEM32\wftgyqro.ini
C:\WINDOWS\system32\wienfori.dll
C:\WINDOWS\system32\win
C:\WINDOWS\SYSTEM32\wlqpfotk.ini
C:\WINDOWS\system32\wpyhybxx.dll
C:\WINDOWS\system32\wrhqdbeh.dll
C:\WINDOWS\SYSTEM32\wsibmisi.ini
C:\WINDOWS\system32\wtfmqged.dll
C:\WINDOWS\system32\wwcfulcs.dll
C:\WINDOWS\system32\wxeuyqje.dll
C:\WINDOWS\system32\xcltkbpe.dll
C:\WINDOWS\SYSTEM32\xfqcscui.ini
C:\WINDOWS\system32\xgxuocbd.dll
C:\WINDOWS\system32\xhsxuiff.dll
C:\WINDOWS\SYSTEM32\xismlbav.ini
C:\WINDOWS\SYSTEM32\xktyeaxk.ini
C:\WINDOWS\SYSTEM32\xoviiffp.ini
C:\WINDOWS\SYSTEM32\xvhtqpns.ini
C:\WINDOWS\SYSTEM32\xxbyhypw.ini
C:\WINDOWS\system32\ydqwvvtk.dll
C:\WINDOWS\system32\yqlprdpe.dll
C:\WINDOWS\SYSTEM32\ysfkdfoj.ini
C:\WINDOWS\SYSTEM32\yxbqbxlp.ini
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_DOMAINSERVICE
-------\DomainService
((((((((((((((((((((((((( Files Created from 2007-12-06 to 2008-01-06 )))))))))))))))))))))))))))))))
.
2008-01-06 18:07 . 2008-01-06 18:07 <DIR> d-------- C:\WINDOWS\LastGood
2008-01-06 17:50 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-12-19 11:33 . 2007-12-19 11:33 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Nova Development
2007-12-19 11:33 . 2007-12-19 11:33 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-19 11:10 . 2007-12-19 11:10 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Ulead Systems
2007-12-18 23:33 . 2007-12-18 23:33 <DIR> d--hs---- C:\WINDOWS\ftpcache
2007-12-18 23:29 . 2007-12-18 23:29 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\AdobeUM
2007-12-18 23:28 . 2007-12-19 11:33 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-17 01:07 . 2007-12-17 01:07 129 --a------ C:\Shortcut to CD Drive.lnk
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-31 02:00 --------- d-----w C:\Program Files\Quicken
2007-12-03 04:21 --------- d-----w C:\Program Files\McAfee
2007-12-03 04:21 --------- d-----w C:\Program Files\Common Files\McAfee
2007-12-03 04:21 --------- d-----w C:\Documents and Settings\All Users\Application Data\McAfee
2007-11-30 01:18 28,672 ----a-w C:\WINDOWS\system32\drivers\CO_Mon.sys
2007-11-29 21:49 --------- d-----w C:\Program Files\EsetOnlineScanner
2007-11-29 19:31 --------- d-----w C:\Documents and Settings\Matthew\Application Data\McAfee
2007-11-29 19:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2007-11-29 14:00 --------- d--h--r C:\Documents and Settings\All Users\Application Data\yahoo!
2007-11-29 14:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\PopCap
2007-11-28 12:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-11-21 00:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\eBay
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-10-30 09:55 3,065,856 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2007-10-29 22:43 1,287,680 ----a-w C:\WINDOWS\SYSTEM32\quartz.dll
2007-10-29 22:43 1,287,680 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\quartz.dll
2007-10-26 03:34 8,460,288 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\shell32.dll
2007-10-11 05:57 96,256 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\inseng.dll
2007-10-11 05:57 666,112 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wininet.dll
2007-10-11 05:57 617,984 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\urlmon.dll
2007-10-11 05:57 55,808 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\extmgr.dll
2007-10-11 05:57 532,480 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mstime.dll
2007-10-11 05:57 474,112 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\shlwapi.dll
2007-10-11 05:57 449,024 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtmled.dll
2007-10-11 05:57 39,424 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\pngfilt.dll
2007-10-11 05:57 357,888 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtmsft.dll
2007-10-11 05:57 251,904 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iepeers.dll
2007-10-11 05:57 205,824 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtrans.dll
2007-10-11 05:57 16,384 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\jsproxy.dll
2007-10-11 05:57 151,040 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\cdfview.dll
2007-10-11 05:57 146,432 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrating.dll
2007-10-11 05:57 1,498,112 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\shdocvw.dll
2007-10-11 05:57 1,054,208 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\danim.dll
2007-10-11 05:57 1,024,000 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\browseui.dll
2007-10-10 10:48 18,432 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iedw.exe
2006-12-21 20:54 14,201 ----a-w C:\Program Files\INSTALL.LOG
2005-09-14 13:24 33,280 ----a-w C:\Program Files\EndProcess.exe
2004-04-21 03:55 1,760,378 ----a-w C:\Program Files\aaw6.exe
2004-03-14 22:48 2,800,777 ----a-w C:\Program Files\aucmak2.exe
2004-03-14 21:18 19,296,636 ----a-w C:\Program Files\PEERInstall.exe
2004-02-08 18:30 10 ----a-w C:\Program Files\Notes.txt
2004-02-08 18:07 336 ----a-w C:\Program Files\announce.txt
2004-02-07 03:26 5,864 ----a-w C:\Program Files\client.ini
2004-01-29 05:15 984 ----a-w C:\Program Files\popup.html
2004-01-28 15:47 1,800 ----a-w C:\Program Files\TabConfig.txt
2004-01-20 18:25 2,060,288 ----a-w C:\Program Files\PartyPoker.exe
2004-01-08 20:24 41 ----a-w C:\Program Files\RemoveGlobalMsg.txt
2004-01-08 20:23 205 ----a-w C:\Program Files\ResendGlobalMsg.txt
2004-01-05 01:46 3,371,040 ---h--r C:\Documents and Settings\Matthew\SYSTEM.DAT
2004-01-05 01:45 831,520 ---h--r C:\Documents and Settings\Matthew\USER.DAT
2004-01-05 01:45 3,833,888 ---h--r C:\Documents and Settings\Matthew\CLASSES.DAT
2003-12-12 15:26 28,352 ----a-w C:\Program Files\poker.bin
2003-07-03 23:13 498 ----a-w C:\Documents and Settings\Matthew\eReg.dat
2003-05-26 23:17 30 ----a-w C:\Documents and Settings\Matthew\INTURS.DAT
2003-05-13 18:20 8,224 ----a-w C:\Documents and Settings\Matthew\Application Data\GDIPFONTCACHEV1.DAT
2003-05-09 04:45 19,281 ----a-w C:\Documents and Settings\Matthew\War3Unin.dat
2003-05-04 04:41 11,310 ----a-w C:\Documents and Settings\Matthew\scunin.dat
2003-05-03 17:03 1,536 ----a-w C:\Documents and Settings\Matthew\TrueSoft.dat
2003-05-01 22:32 163,872 ---h--r C:\Documents and Settings\Matthew\HWINFO.DAT
2003-02-28 21:35 6,550 ----a-w C:\Documents and Settings\Matthew\JAUTOEXP.DAT
2002-06-14 17:33 96,256 ----a-w C:\Program Files\UnGins.exe
2002-05-24 06:49 869 ----a-w C:\Program Files\cards_sliding.wav
2002-05-24 06:49 679,936 ----a-w C:\Program Files\libeay32.dll
2002-05-24 06:49 5,004 ----a-w C:\Program Files\tap.wav
2002-05-24 06:49 147,456 ----a-w C:\Program Files\ssleay32.dll
2002-05-23 11:25 147,728 ----a-w C:\Program Files\ASYCFILT.DLL
2002-05-18 03:45 9,946 ----a-w C:\Program Files\mouse_move.wav
2002-05-18 03:45 80,856 ----a-w C:\Program Files\ding.wav
2002-05-18 03:45 7,362 ----a-w C:\Program Files\addchips.wav
2002-05-18 03:45 59,716 ----a-w C:\Program Files\firework3.wav
2002-05-18 03:45 2,561 ----a-w C:\Program Files\cards_dealing.wav
2002-05-18 03:45 16,544 ----a-w C:\Program Files\reminder.wav
2002-05-18 03:45 15,724 ----a-w C:\Program Files\ring.wav
2002-05-18 03:45 11,062 ----a-w C:\Program Files\chimes.wav
2002-05-18 03:45 1,687 ----a-w C:\Program Files\chips_sliding.wav
2001-11-29 19:58 456 ----a-w C:\Documents and Settings\Matthew\PTHSP.DAT
1999-06-22 05:45 57,344 ----a-w C:\Program Files\Zlib.dll
2006-05-29 01:40 80 --sh--r C:\WINDOWS\SYSTEM32\
04DF4FF763.dll
2007-06-30 04:21 1,843,914 --sh--w C:\WINDOWS\SYSTEM32\fgjlm.bak1
2007-06-30 12:30 1,873,569 --sh--w C:\WINDOWS\SYSTEM32\fgjlm.ini2
2007-09-18 21:34 644 --sh--w C:\WINDOWS\SYSTEM32\mrxofpgb.ini2
2007-09-30 20:19 693,421 --sh--w C:\WINDOWS\SYSTEM32\obdekini.ini2
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8B79BC28-8906-4E91-8A2F-1171A146DA33}]
2005-07-22 19:59 98816 --a------ C:\WINDOWS\system32\d3dx9_2.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24 1694208]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56 15360]
"DW4"="C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe" [2005-09-29 09:44 597104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-10-06 14:16 5058560]
"PRONoMgr.exe"="C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe" [2003-03-11 17:24 86016]
"IAAnotif"="C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe" [2003-09-15 01:00 126976]
"CTSysVol"="C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe" [2002-10-29 10:18 49152]
"CTDVDDet"="C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE" [2002-09-30 02:00 45056]
"CTHelper"="CTHELPER.EXE" [2003-02-20 17:45 28672 C:\WINDOWS\SYSTEM32\CTHELPER.EXE]
"AsioReg"="REGSVR32.exe" [2004-08-04 02:56 11776 C:\WINDOWS\SYSTEM32\regsvr32.exe]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 02:00 90112]
"DVDSentry"="C:\WINDOWS\System32\DSentry.exe" [2003-08-13 11:27 28672]
"PCMService"="C:\Program Files\Dell\Media Experience\PCMService.exe" [2003-08-26 20:47 204800]
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [2003-10-06 11:05 53248]
"TgAddServer"="c:\@Home\tioga\bin\tgfix /fds
http://www/download/tioga" [ ]
"Tgcmd"="c:\@Home\tioga\bin\tgcmd.exe" [2000-03-10 18:59 598016]
"Dell AIO Printer A920"="C:\Program Files\Dell AIO Printer A920\dlbkbmgr.exe" [2003-05-02 19:46 270336]
"nwiz"="nwiz.exe" [2003-10-06 14:16 741376 C:\WINDOWS\SYSTEM32\nwiz.exe]
"kdx"="C:\WINDOWS\kdx\KHost.exe" [2004-01-20 11:45 1757184]
"PDUiP6000DMon"="C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DMon.exe" [2004-05-31 13:26 57344]
"PDUiP6000DTskbr"="C:\Program Files\Canon\Memory Card Utility\PIXMA iP6000D\PDUiP6000DTskbr.exe" [2004-05-28 09:29 69632]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-12-11 17:52 98304]
"Launch LGDCore"="C:\Program Files\Logitech\G-series Software\LGDCore.exe" [2005-08-23 08:36 1110079]
"Launch LCDMon"="C:\Program Files\Logitech\G-series Software\LCDMon.exe" [2005-08-23 08:22 188416]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 22:46 57344]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-11-14 20:47 180269]
"Motive SmartBridge"="C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe" [2007-07-06 07:00 438359]
"SSP Notifier"="C:\Program Files\Fisher-Price\FP3 Player\sspnotifier.exe" [2006-07-12 11:44 20480]
"MWLExe"="C:\Program Files\Mcafee\MWL\MWLGui.exe" [2007-07-28 09:32 1279336]
"UserFaultCheck"="C:\WINDOWS\system32\dumprep 0 -u" [ ]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 22:33 582992]
C:\Documents and Settings\Matthew\Start Menu\Programs\Startup\
Picaboo.lnk - C:\Program Files\Picaboo\Picaboo\PicabooMain.exe [2007-04-04 12:10:52]
PictureProject In Touch.lnk - C:\Program Files\Nikon\PictureProject In Touch\PictureProjectInTouch.exe [2005-03-21 17:30:34]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-01-08 17:36:15]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26]
Forget Me Not.lnk - C:\Program Files\Mindscape\CreataParty\PMREMIND.EXE [2005-10-10 20:24:47]
Gomez PEER.lnk - C:\Program Files\Gomez\GomezPEER\bin\GomezPEER.exe [2004-03-14 16:19:25]
Kodak EasyShare software.lnk - C:\Program Files\KODAK\Kodak EasyShare software\bin\EasyShare.exe [2003-09-18 10:47:10]
KODAK Software Updater.lnk - C:\Program Files\KODAK\KODAK Software Updater\7288971\Program\backWeb-7288971.exe [2003-06-08 17:48:18]
NkbMonitor.exe.lnk - C:\Program Files\Nikon\PictureProject\NkbMonitor.exe [2005-12-11 18:03:15]
Virtual Assistant.lnk - C:\Program Files\Virtual Assistant\bin\matcli.exe [2006-12-21 16:11:39]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
R0 lbzemkha;lbzemkha;C:\WINDOWS\system32\drivers\iowacykc.dat []
S2 ptssvc;ptssvc;C:\Program Files\KODAK\KODAK Picture Transfer Software\PTSsvc.exe [2001-08-15 06:43]
S3 Wdm1;USB Bridge Cable Driver;C:\WINDOWS\system32\Drivers\usbbc.sys [2003-07-01 12:51]
*Newly Created Service* - DCFS2K
.
Contents of the 'Scheduled Tasks' folder
"2007-11-15 06:48:56 C:\WINDOWS\Tasks\McDefragTask.job"
- C:\WINDOWS\system32\defrag.exe
"2007-12-01 06:03:01 C:\WINDOWS\Tasks\McQcTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe.4158 0
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-01-06 18:35:38
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-01-06 18:36:32
ComboFix-quarantined-files.txt 2008-01-06 23:36:23
.
2007-12-06 01:14:19 --- E O F ---
----------------------------------------------------------------------------------------
Symantec results:
247751 files scanned, 219 file(s) infected on your disk drives.
No viruses were detected in memory.
Your computer is free of known threats. Virus Detection does not check compressed files.
Your computer appears safe for now. For real-time protection from viruses, hackers and privacy threats, upgrade to Norton Internet Security™.
No viruses were detected in memory.
The scan was cancelled before finishing. To restart the scan, click here.
Your computer is free of known threats. Virus Detection does not check compressed files.
Your computer appears safe for now. For real-time protection from viruses, hackers and privacy threats, upgrade to Norton Internet Security™.
Search for the name of the threat(s) listed below on the Symantec Security Response site for removal information.
Warning! The scan detected a virus that is active in your computer's memory.
The scan ended to prevent further infection.
You should shut down your computer immediately and restart it with an antivirus rescue disk or similar tool.
No viruses were detected in memory.
Your computer is infected with at least one known virus or Trojan horse.
Search for the name of the threat(s) listed below on the Symantec Security Response site for removal information.
No viruses were detected in memory.
Your computer is infected with at least one known virus or Trojan horse.
Note: The scan was cancelled before finishing. There may be more infected files on this computer.
Search for the name of the threat(s) listed below on the Symantec Security Response site for removal information.
A scan has not been run. To start Virus Detection, click here.
C:\WINDOWS\SYSTEM32\A3.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\ACYPKEDR.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\ADSLD.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\ADSN.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\ADSND.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\AFOMBYLE.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\AJBYUCSE.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\AJIUWTMN.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\AJTIWBS.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\ATMLI.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\AVICA.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\AVXBRJNI.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\BDIIORD.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\BHOFTBUH.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\BIBHCVNO.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\BJKHTVUC.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\BKLULAXK.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\BKWJAPFF.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\BPDEIPGF.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\bpggtluh.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\BQTFEVKR.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\BRNOVEUJ.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\BROMXHIC.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\BROWSE.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\BTHC.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\BTYYBVYB.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\CGCQUJRC.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\CKMADMLD.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\CKSRSCET.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\CMCFG3.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\CNJYRCNY.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\CNMLM6.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\CONSOL.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\CPEYEAJ.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\cqowstgh.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\CTDPROX.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\CTMEDEN.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\CTOSUSE.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\cvufvasj.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\D3D8TH.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\D3DR.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\d3dx9_2.11 is infected with SecurityRisk.Downldr
C:\WINDOWS\SYSTEM32\d3dx9_2.dll is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\DAKJTQGF.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\DBGHEL.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\DCEIDMCW.0LL is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\DDIIPAPX.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\DEDICWIG.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\DFFJXHCE.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\DGTMPRNV.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\DHBAJFIB.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\DHULRBCM.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\DLPWEXAO.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\DMFPNTMX.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\DMTUIKYL.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\DNBOUAXO.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\DNLHGALH.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\DNPFDPBJ.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\DPCUETXY.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\DQHPUYDB.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\DUTFJJKX.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\DYOFSJST.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\EACKWXQR.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\EFAUGRXJ.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\EJOHYADK.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\EMGWTKVC.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\enpvread.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\EQXYAKSX.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\EWDNECWI.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\FBUPQUET.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\FIMILHLD.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\FKCTXGEK.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\FMVPHYFU.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\FNPXBDPA.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\FOXDOGLE.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\fybopbkg.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\GBXQVOJQ.0LL is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\GLFXVOSQ.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\GTFQLXOR.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\GWSOSXSW.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\GXINAMPX.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\hamjmuqg.dll is infected with Trojan.Zlob
C:\WINDOWS\SYSTEM32\HBGEAOMD.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\HCVESQER.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\HEHGIKHC.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\HNIQOLHK.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\HNNVQCKV.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\HRQLEYUK.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\ILGDQHQY.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\IMSXTBHK.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\INYVEDJP.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\JAHNYAYL.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\JAYACIGU.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\JCPBXLMI.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\JGMRJHUU.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\JKDYERWL.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\JNWXRCWX.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\JQWEEVYN.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\KBCRYHBW.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\KCJWGBXU.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\KCYDIGLT.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\KOSNSXMN.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\KPNFOSUI.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\kskfhhqg.dll is infected with Trojan.Zlob
C:\WINDOWS\SYSTEM32\KSMRHCTD.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\KVGCXOJD.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\LESMTRQS.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\LFOOGUNF.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\LGUOEOUN.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\LJOWSFHG.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\lxjygbrm.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\MHKYHRPU.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\MMWDNKFQ.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\MSXJVBTE.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\muxgcjtq.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\NEVRRUHG.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\NIUOGRKJ.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\NMJDNTXN.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\NOYKBQWP.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\NPSPFJDU.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\NQDMVTVS.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\NREETITT.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\NSUEIQAS.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\OIPBOVQK.0LL is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\ORRABPCF.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\ORVMPEHP.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\OVWGTQAT.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\PEITOHKX.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\PFORILOC.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\PGCNCGOK.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\PGINAADV.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\PHCIMYRD.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\PKFMJUOG.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\PMBBAREW.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\PQBMXQQL.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\PUEWBBOL.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\PURYUKWD.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\PXEVUDRO.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\PXUWFAKR.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\QBQMVUWQ.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\QJGDBASM.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\QLRCLLGW.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\QNPECMLR.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\QNPGUBIA.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\QOWTAOGV.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\QPTREWHG.0LL is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\qrwksbpe.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\QURYURYQ.0LL is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\QVNWEJXV.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\QXCBPWWX.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\RBRNIOOW.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\rcvwvtrr.dll is infected with Trojan.Zlob
C:\WINDOWS\SYSTEM32\RFSGHWCW.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\RJJYMAXI.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\RMODASBH.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\rowthwjg.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\RQENJDLK.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\rtmcvrgk.dll is infected with Trojan.Zlob
C:\WINDOWS\SYSTEM32\RXDIITCD.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\RYJGFCTV.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\SCUWVDLY.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\SEGPWGIO.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\SHAQSUWK.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\STUMYUQT.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\SXSUDHUF.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\TAAWFBRD.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\TBQTEDDL.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\TCHWUPXA.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\TDLGOLSN.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\TIGNLUVJ.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\TKKILDIS.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\TNXQEYHP.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\TQCELJBC.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\TTFJHROT.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\TWGNGGTC.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\TWTPLUDA.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\UAJUWBSA.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\UASXVWWT.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\ubhpwagt.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\UCKXROGC.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\UDDWHLXY.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\UFSJARYY.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\UQSHQMPJ.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\USCCFQNV.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\UTVQRRSG.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\vbrjhsob.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\VCJUKORQ.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\VCNAUGDW.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\VCOGHMJC.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\voospell.dll is infected with Trojan.Zlob
C:\WINDOWS\SYSTEM32\vymjcoil.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\WCVRLIQJ.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\WDIFRVFG.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\WHLDMHBT.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\WHLXWSEL.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\WLQFHNAP.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\WPFLHIDE.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\WQJJPCYG.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\WRWLXCYP.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\WVJHFNAX.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\WYLJVQIW.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\XASMIEXP.0LL is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\XDUQCJKG.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\xlfmkhfl.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\XOLJOLQA.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\xtbndrad.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\XXJMVATI.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\YASLXQLF.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\YCWXIGIX.0LL is infected with Downloader
C:\WINDOWS\SYSTEM32\YFACCNNA.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\YFWSFVFL.0XE is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\ygdwdlqe.dll is infected with Trojan.Vundo
C:\WINDOWS\SYSTEM32\YPOGGOTH.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\YRAWEMXB.0XE is infected with Downloader
C:\WINDOWS\SYSTEM32\DRIVERS\HMEEWWYK.0YS is infected with Trojan Horse
C:\WINDOWS\SYSTEM32\DRIVERS\vidid35x9.sys is infected with Spyware.Apropos.C
C:\WINDOWS\Downloaded Program Files\MiniInstaller.exe is infected with Backdoor.Formador
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UGA6P_0001_N122M2210NetInstaller.exe is infected with Downloader.MisleadApp
C:\Program Files\Imastant\npf.sys is infected with Spyware.Apropos.C