Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Virus prevents access to Anti-Virus sites/anti-virus programs (combofix, etc.)

This is a discussion on Virus prevents access to Anti-Virus sites/anti-virus programs (combofix, etc.) within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. Hello everyone. I have tried my best to remove this virus on my laptop, but no success yet. Here are


Closed Thread
 
Thread Tools Search this Thread
Old 07-31-2009, 01:19 AM   #1
 
Join Date: Jul 2009
Posts: 3
OS:



Hello everyone.

I have tried my best to remove this virus on my laptop, but no success yet.

Here are all of the things the virus does:

-Prevents access to websites like spybot, instead of letting me see the site, it simply says "Internet Explorer cannot display the webpage", and there is a button to click that says "Diagnose Connection Problem" (no connection problem of course)

-When I click links from a google search, they most of the time take me to the wrong webpage and I am forced to copy/paste the original link into the web bar.

-Programs like Combofix, Spybot, and HJT do not work and a box comes up after starting them saying "Combofix has stopped working".

-I tried running the programs in Safe Mode, but no luck there.

If anyone knows a fix please reply.

Thanks,

Sean
SeanBF is offline  
Sponsored Links
Advertisement
 
Old 07-31-2009, 02:00 AM   #2
 
Join Date: Jul 2009
Posts: 3
OS:



I renamed my Combofix to something else and I followed the instructions from a different post and here is the log I ended up with:

ComboFix 09-07-29.04 - Sean 07/31/2009 0:30.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3070.2059 [GMT -7:00]
Running from: c:\users\Sean\Desktop\Music.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\videosoft
c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\videosoft\Uninstall.lnk
c:\program files\videosoft
c:\program files\videosoft\Uninstall.exe
C:\resycled
c:\resycled\boot.com
c:\windows\10057vir9sza2.cpl
c:\windows\1059zpamb5t5bd.exe
c:\windows\1069thi5fz912.bin
c:\windows\1075859zj467.exe
c:\windows\11297vzr5s51c.cpl
c:\windows\1132z5ru977d.cpl
c:\windows\11388troz4559.cpl
c:\windows\1179zs5y695.dll
c:\windows\11991szambo95d9.cpl
c:\windows\120355zoj6819.bin
c:\windows\12324tr9j7b5z.bin
c:\windows\1279zroj295.ocx
c:\windows\12a7d5wnloader999z.bin
c:\windows\132985pz2a0.cpl
c:\windows\133505i9us7z8.exe
c:\windows\13552hackt9ol37z.ocx
c:\windows\1355zw59m5d8.exe
c:\windows\13562vizus1059.cpl
c:\windows\135759orm5c5z.ocx
c:\windows\13599virus6cz5.dll
c:\windows\13614spamzo5990.cpl
c:\windows\13956trojz59.cpl
c:\windows\1502zspy169.ocx
c:\windows\15107zpa9bot54.cpl
c:\windows\153255acz9ool441.ocx
c:\windows\154atz9ef1143.dll
c:\windows\15529viruszb2.exe
c:\windows\156thzef5495.dll
c:\windows\15ze9ir1395.dll
c:\windows\1639thizf1511.bin
c:\windows\165395pambot6z9.ocx
c:\windows\16640zack59ol120.cpl
c:\windows\1683h9zktool65.dll
c:\windows\16f4threz99552.ocx
c:\windows\173zspa5b9t258.exe
c:\windows\17511wor53e9z.exe
c:\windows\17552notza-viru9239.bin
c:\windows\179z5spy6e7.cpl
c:\windows\17z91s5y9a.dll
c:\windows\18084z9rus1325.cpl
c:\windows\184479iruze5.dll
c:\windows\190065py7z4.dll
c:\windows\19276spz5bot319.exe
c:\windows\19549z5cktool21b.bin
c:\windows\1955zworm6d2.exe
c:\windows\19699vir5s86z.cpl
c:\windows\19759vizus354.bin
c:\windows\197919pzm5ot65b.bin
c:\windows\19955azk9ool6f.cpl
c:\windows\19z45pyware19049.exe
c:\windows\19z45v5rusad.bin
c:\windows\19z719ot-a-virus2f5.dll
c:\windows\1a45thi9fz682.dll
c:\windows\1a5bbackdozr9355.dll
c:\windows\1a89zir31995.exe
c:\windows\1af1b5ckdzor795.bin
c:\windows\1c879ackdzor12675.dll
c:\windows\1ca7s5zrse2199.ocx
c:\windows\1d37ad9wzre952.cpl
c:\windows\1f87backzoor98025.ocx
c:\windows\1z259spy19f9.dll
c:\windows\1z665viru5692.dll
c:\windows\1z939not-a9virus4545.ocx
c:\windows\20390szy557.ocx
c:\windows\20926notza-vir5s69f.cpl
c:\windows\20e2zhreat31459.bin
c:\windows\20e3sz9ware26365.ocx
c:\windows\2101859zm4f1.exe
c:\windows\2159spz492.exe
c:\windows\215fthie9276z.ocx
c:\windows\21ac9pa5se141z.ocx
c:\windows\2203zspy69d5.dll
c:\windows\2210ztr595a2.bin
c:\windows\227asp5war9283z.cpl
c:\windows\2282zha9ktool155.ocx
c:\windows\24259spambot40z.dll
c:\windows\242z5p9rse852.cpl
c:\windows\24524zo9m512.cpl
c:\windows\24555spambotz949.cpl
c:\windows\24654vi9u5z45.exe
c:\windows\2490zsp575f9.cpl
c:\windows\24991n5tza-virus6b3.dll
c:\windows\249bvzr2565.cpl
c:\windows\24bbdownloa9e5z959.bin
c:\windows\25087worm19z5.bin
c:\windows\25295tro5zcd.ocx
c:\windows\253worm3z9.bin
c:\windows\2549not-a-9irus5zc.cpl
c:\windows\25544not-a-vir9s4z.bin
c:\windows\25824v5ru9zef.ocx
c:\windows\25e3downloaderz918.exe
c:\windows\25z44s9y14d.ocx
c:\windows\25z9spywa5e957.dll
c:\windows\26553nzt-a-vir9s455.cpl
c:\windows\26579troz549.dll
c:\windows\265z7sp92c7.dll
c:\windows\26779notz5-virus558.bin
c:\windows\268z09irus659.exe
c:\windows\26a3t5re9tz6630.dll
c:\windows\26zethrea922235.dll
c:\windows\27272hac9toolz5c5.ocx
c:\windows\272z4spy95d.bin
c:\windows\27432ha95toolz5b.dll
c:\windows\27z615a9ktool781.dll
c:\windows\28215tzoj9d5.ocx
c:\windows\28260hzckt5ol971.ocx
c:\windows\28499viru55d4z.ocx
c:\windows\285dszarse2693.ocx
c:\windows\28z99tro9523.cpl
c:\windows\29051hack9ozl730.cpl
c:\windows\29276virus35z.dll
c:\windows\29293zorm375.exe
c:\windows\292hackzool1775.cpl
c:\windows\29320spa5bot4d8z.exe
c:\windows\29526vzru9778.bin
c:\windows\2985395ambot5z3.exe
c:\windows\29938wozm5cc.dll
c:\windows\299zno9-a-virus35a.bin
c:\windows\29z50worm584.exe
c:\windows\29z95spy12b.bin
c:\windows\2a79bac95oorz821.dll
c:\windows\2b55bac9doo5z244.dll
c:\windows\2bb3s5ywarz958.ocx
c:\windows\2c19spar5z934.dll
c:\windows\2c62st59lz42.dll
c:\windows\2d995dzware2079.bin
c:\windows\2db0zhr9at310145.cpl
c:\windows\2dc4s9yw5rez668.dll
c:\windows\2z565w9rm16.exe
c:\windows\2ze9th5ef2541.bin
c:\windows\2zebv951689.cpl
c:\windows\30185vi9u5z74.exe
c:\windows\30355v9rus6z.exe
c:\windows\30472ziru596.ocx
c:\windows\30689w5zm124.cpl
c:\windows\31009t95j53z.dll
c:\windows\3148z9roj550.exe
c:\windows\3171zhack9ool1d05.bin
c:\windows\31879s597z.ocx
c:\windows\329dthz952569.dll
c:\windows\3490nzt59-virus6ab.dll
c:\windows\35161not-z-vi9us211.exe
c:\windows\35468spambztb9.exe
c:\windows\357not-a5viz9s643.dll
c:\windows\3581zhi9f214.cpl
c:\windows\35881virusz69.cpl
c:\windows\3590worm554z.ocx
c:\windows\35999vzrus3e4.bin
c:\windows\359csza9se2532.ocx
c:\windows\35z2bac9door1295.bin
c:\windows\38779d5ware3015z.dll
c:\windows\394sp5zare3135.bin
c:\windows\39565trz553d.dll
c:\windows\39934spy2z5.dll
c:\windows\39dethiez32055.ocx
c:\windows\3abczh5eat12539.dll
c:\windows\3b9v9z3569.cpl
c:\windows\3bb95teal27z3.cpl
c:\windows\3z77downloa5er923.bin
c:\windows\3zc3s5eal1749.cpl
c:\windows\41e9addwaze1345.dll
c:\windows\41z19py325.cpl
c:\windows\4333z59ma1.bin
c:\windows\4406s5azbot39c.dll
c:\windows\44d3zhre9t54481.ocx
c:\windows\4521not-a-viru97b7z.cpl
c:\windows\455zaddware1997.dll
c:\windows\4591stzal1502.exe
c:\windows\45e9vir278z.ocx
c:\windows\4736thze5t9479.dll
c:\windows\475cthzef26609.dll
c:\windows\4770zp5mbot9f0.cpl
c:\windows\4859s5ywarz645.ocx
c:\windows\48e9vi53031z.dll
c:\windows\49dzt9i5f2880.ocx
c:\windows\49z9addware24315.cpl
c:\windows\4b05ir93z.exe
c:\windows\4b07threatz0859.exe
c:\windows\4bfftzi9f2955.ocx
c:\windows\4cz65ddw9re2253.dll
c:\windows\4ee9spyware1z65.bin
c:\windows\4z4et9r5at12879.ocx
c:\windows\4z54s9eal490.bin
c:\windows\4z90t5oj9d1.bin
c:\windows\50755hackto9l5z0.cpl
c:\windows\5151a5d9arez633.dll
c:\windows\51679zroj439.cpl
c:\windows\51b7dow9load5r23z7.exe
c:\windows\51cz9ir29285.dll
c:\windows\51z8vi9802.bin
c:\windows\5203tzre5t99549.cpl
c:\windows\5230zwor973c.cpl
c:\windows\5269zhreat7852.dll
c:\windows\528zsp5ware983.ocx
c:\windows\52d5stea5109z.cpl
c:\windows\52de59eal52z.ocx
c:\windows\5336zteal1399.dll
c:\windows\536z5py919.bin
c:\windows\539esparse1z8.cpl
c:\windows\539z7spy7979.cpl
c:\windows\53e9spyware1445z.cpl
c:\windows\544viz9618.bin
c:\windows\5479szars93181.cpl
c:\windows\54963vizus14a.ocx
c:\windows\550notza-9irus61b.dll
c:\windows\550znot-a9virus61b.bin
c:\windows\55151spz559.bin
c:\windows\55299zo5315.cpl
c:\windows\55418not-9-vizus41.bin
c:\windows\555ft5zef696.exe
c:\windows\5560spy9z5e1607.dll
c:\windows\5564zhreat14719.bin
c:\windows\55b7bac9zoor358.exe
c:\windows\55e5a9dwzre1922.dll
c:\windows\55ste9l61z.bin
c:\windows\56924trojz63.dll
c:\windows\5731zac9door9865.cpl
c:\windows\57679pamboz8.dll
c:\windows\5832not-a-9zrus595.cpl
c:\windows\5892spy9arz2703.bin
c:\windows\5900vzr2724.exe
c:\windows\5933ba5k9ozr2327.exe
c:\windows\59484trzj109.ocx
c:\windows\595ebackdzor2052.ocx
c:\windows\596vzr959.cpl
c:\windows\59cdvir1z83.ocx
c:\windows\59f0zhief2271.bin
c:\windows\5a1z5par9e49.ocx
c:\windows\5a49bac5dooz1072.bin
c:\windows\5a70s5ealz2239.cpl
c:\windows\5ae0zi9798.bin
c:\windows\5azas9eal2844.exe
c:\windows\5c015ddwarez3349.ocx
c:\windows\5c79sparse161z.cpl
c:\windows\5c959zeal507.bin
c:\windows\5d5zthie9411.ocx
c:\windows\5e01d9znloader2803.bin
c:\windows\5e55vzr971.dll
c:\windows\5f1z9hreat19171.bin
c:\windows\5z0csteal995.ocx
c:\windows\5z235troj942.ocx
c:\windows\5z241hackt9ol35.ocx
c:\windows\5z61spywar91342.exe
c:\windows\5za9backdoor503.dll
c:\windows\5ze0addware985.dll
c:\windows\6098zp9555.ocx
c:\windows\635s5y59z.cpl
c:\windows\6540not-z-9irus46f5.bin
c:\windows\6562vir29z0.bin
c:\windows\6565not-a-vizus73c9.dll
c:\windows\65cezh9eat28855.ocx
c:\windows\662fv5r159z.exe
c:\windows\679dszars928865.dll
c:\windows\68529iru5173z.cpl
c:\windows\6854s9az5ot98.cpl
c:\windows\694zt5oj253.cpl
c:\windows\6956azdware391.cpl
c:\windows\6b90zownloader2599.cpl
c:\windows\6d1spyzare9245.cpl
c:\windows\6f5ebackdzo91607.cpl
c:\windows\6fz99p5rse3087.cpl
c:\windows\6z7e9hi5f53.ocx
c:\windows\6zd0spywar98885.cpl
c:\windows\7155not-a-viru93d3z.exe
c:\windows\715zaddwa5e2991.ocx
c:\windows\725eb9ckdoor7z9.exe
c:\windows\73f5pyz9re85.dll
c:\windows\740avir9z53.cpl
c:\windows\75z95py475.cpl
c:\windows\769zdownl5ader154.ocx
c:\windows\7891thz9f19645.ocx
c:\windows\7898addwzre1957.dll
c:\windows\790fba9kdooz30775.cpl
c:\windows\791fspywaze9965.ocx
c:\windows\79a8spzrse1695.exe
c:\windows\79azt9ief3035.exe
c:\windows\7d6th5ea92068z.cpl
c:\windows\7e57bac5do9z1502.ocx
c:\windows\7zc65ir9236.cpl
c:\windows\8823spz965.cpl
c:\windows\8d99p5ware87z.dll
c:\windows\90258tro5z86.dll
c:\windows\909espy5are191z.dll
c:\windows\909z5ckdoor971.cpl
c:\windows\94495spzmbot151.cpl
c:\windows\945thiez5993.bin
c:\windows\94737sp5mzot607.bin
c:\windows\9478szam5ot1f0.ocx
c:\windows\9549irus62z.ocx
c:\windows\9563tzief1995.exe
c:\windows\9571s5ambzt95d.dll
c:\windows\9595not-a-9irus5z8.dll
c:\windows\95z50virus669.dll
c:\windows\96503tzoj6a6.bin
c:\windows\97958spyz0.ocx
c:\windows\98421hac5tool4z2.bin
c:\windows\9852wozm2f5.cpl
c:\windows\9888vi527z8.cpl
c:\windows\98czthie52794.bin
c:\windows\99513spz55e.ocx
c:\windows\9955troj702z.exe
c:\windows\99azddwar51683.ocx
c:\windows\9c30ba5kdoor2750z.bin
c:\windows\9c39s5arze1193.dll
c:\windows\9d55zr940.cpl
c:\windows\9f1thizf19675.cpl
c:\windows\9faddw5ze2221.bin
c:\windows\9z949h5cktool473.ocx
c:\windows\b15spyware7z9.cpl
c:\windows\c9es9eaz1544.exe
c:\windows\ccd5ackd9or269z.cpl
c:\windows\cfzhie531299.bin
c:\windows\e59szyware2099.ocx
c:\windows\e6cb5ckd9or147z.cpl
c:\windows\e99spar5e32z2.bin
c:\windows\f2c9ownl5zder1688.dll
c:\windows\setup.exe
c:\windows\system32\1084zv59us52e.bin
c:\windows\system32\112z1s59mbot398.bin
c:\windows\system32\11469ziru954f.bin
c:\windows\system32\1159zackdoor2461.cpl
c:\windows\system32\116089ot-azv5rus593.ocx
c:\windows\system32\11857noz-a-virusa9.bin
c:\windows\system32\12438v5rzs29.exe
c:\windows\system32\1256895cktozl555.ocx
c:\windows\system32\129z8vir5s2cd.ocx
c:\windows\system32\13409viru5zba.dll
c:\windows\system32\139sp9zare543.ocx
c:\windows\system32\13zado5nloa9er92.exe
c:\windows\system32\14325s9z55.exe
c:\windows\system32\146205oz957.exe
c:\windows\system32\14654zro57569.cpl
c:\windows\system32\14772n5t-a-vzrus9d.dll
c:\windows\system32\14970hackt5olz9.bin
c:\windows\system32\14d2thie5z2339.bin
c:\windows\system32\15267notza-virus9d7.ocx
c:\windows\system32\1535do9nloader2z98.exe
c:\windows\system32\1545viz999.bin
c:\windows\system32\15499t5oj7z9.exe
c:\windows\system32\1565downlo9dzr53.bin
c:\windows\system32\1583z9irus503.dll
c:\windows\system32\159z5s5y782.bin
c:\windows\system32\15zdsparse931.exe
c:\windows\system32\16600virus259z.ocx
c:\windows\system32\16917not-a-virzs58a.cpl
c:\windows\system32\1694vi5usz66.cpl
c:\windows\system32\16963no5za-virus31.ocx
c:\windows\system32\17219tr95260z.exe
c:\windows\system32\17549tro965z5.dll
c:\windows\system32\17572t9oj5z4.ocx
c:\windows\system32\17789zoj65e.bin
c:\windows\system32\1799spy55z.cpl
c:\windows\system32\191885acktzol791.exe
c:\windows\system32\19214s5ambzt56a.dll
c:\windows\system32\192z7virus580.ocx
c:\windows\system32\19309hack5oolz9f.ocx
c:\windows\system32\19522virus4zb9.ocx
c:\windows\system32\19554spy1zd.bin
c:\windows\system32\195dvz92022.ocx
c:\windows\system32\195fthrzat29047.cpl
c:\windows\system32\195z6hac5tool97.exe
c:\windows\system32\19890spamboz759.ocx
c:\windows\system32\199665otza-virus78d.dll
c:\windows\system32\1be6addware395z.dll
c:\windows\system32\1z073hackto9l3f5.dll
c:\windows\system32\1z075not-a-viru911e.dll
c:\windows\system32\1z39not-a-virus645.dll
c:\windows\system32\1z5349pambot491.bin
c:\windows\system32\1z6av9r65.dll
c:\windows\system32\2052zsp9mbot655.ocx
c:\windows\system32\2060s9e5l119z.ocx
c:\windows\system32\20776not-a-vi9zs536.bin
c:\windows\system32\2085thr9zt29953.cpl
c:\windows\system32\209739zy55c.ocx
c:\windows\system32\20z6vi9us2e15.bin
c:\windows\system32\2103ztroj55a9.dll
c:\windows\system32\2146z9ack5ool766.exe
c:\windows\system32\21fz9i5985.cpl
c:\windows\system32\22395zambot79a.dll
c:\windows\system32\22397t5zj5b2.cpl
c:\windows\system32\2295zhackto5la0.dll
c:\windows\system32\2338zwo5m5979.bin
c:\windows\system32\235075or94cez.cpl
c:\windows\system32\23904not-a5virus99z.exe
c:\windows\system32\2404w5rmz19.ocx
c:\windows\system32\243645zck9ool249.cpl
c:\windows\system32\24961worz5f5.bin
c:\windows\system32\24997spz2535.exe
c:\windows\system32\24eespar9e5880z.dll
c:\windows\system32\24fevirz7795.cpl
c:\windows\system32\250zbackdoo93195.cpl
c:\windows\system32\251spambot65z9.bin
c:\windows\system32\25430zpy149.cpl
c:\windows\system32\254bspy9aze750.exe
c:\windows\system32\255189zrm7ab5.bin
c:\windows\system32\2564zr9j551.cpl
c:\windows\system32\256bbaczdoor9784.exe
c:\windows\system32\256z5w5rm39d.ocx
c:\windows\system32\25859sza9bot3dd.ocx
c:\windows\system32\259b5tealz9.bin
c:\windows\system32\26288s9amzot4f25.bin
c:\windows\system32\26495viru57za.dll
c:\windows\system32\26805hzcktool593.ocx
c:\windows\system32\2706zorm19e5.bin
c:\windows\system32\27309no9-azvirus165.exe
c:\windows\system32\27793vizu5141.dll
c:\windows\system32\2859ste5l5z8.cpl
c:\windows\system32\2891ha5ktz9la5.bin
c:\windows\system32\289th9ef555z.cpl
c:\windows\system32\29289n9t-5-virzs455.ocx
c:\windows\system32\29487n9t-azvi5us555.ocx
c:\windows\system32\295835ormzda.dll
c:\windows\system32\2961spywarz365.cpl
c:\windows\system32\2969095rmzfd.ocx
c:\windows\system32\29757troj95z.ocx
c:\windows\system32\29762zpambot54f.ocx
c:\windows\system32\29z33not9a-vir5s1cf.ocx
c:\windows\system32\2a9ebackdoz51519.dll
c:\windows\system32\2azfth5eat39386.dll
c:\windows\system32\2c4zv95692.ocx
c:\windows\system32\2e2ct9reat9593z.cpl
c:\windows\system32\2f5fbackd95rz401.dll
c:\windows\system32\2z01thie95374.ocx
c:\windows\system32\2z1b9te5l2399.exe
c:\windows\system32\2z3009irus1705.dll
c:\windows\system32\2z55thie92154.ocx
c:\windows\system32\3038not-z-viru5990.dll
c:\windows\system32\3159vi5zs8f9.bin
c:\windows\system32\32962not-a-virz57ec.exe
c:\windows\system32\3358s5923z.cpl
c:\windows\system32\33bas95rze841.dll
c:\windows\system32\3469sparsz2548.cpl
c:\windows\system32\35989spy50z9.dll
c:\windows\system32\35z4spy9b3.dll
c:\windows\system32\36zfsp9ware5028.bin
c:\windows\system32\3776not-z5virus709.cpl
c:\windows\system32\385fz9r1492.dll
c:\windows\system32\399aviz595.dll
c:\windows\system32\39c0thie5z12.dll
c:\windows\system32\39z5spars5928.cpl
c:\windows\system32\3d94backzoor1352.cpl
c:\windows\system32\3e95azdwar5930.cpl
c:\windows\system32\3z670not-a59irus513.ocx
c:\windows\system32\4215vir19z65.bin
c:\windows\system32\42e6zir96645.cpl
c:\windows\system32\42f99hrezt6597.bin
c:\windows\system32\4334spambz59b.bin
c:\windows\system32\44f5steal29z0.bin
c:\windows\system32\4571spzr9e2525.exe
c:\windows\system32\45edzteal20159.ocx
c:\windows\system32\45efth59at2z739.cpl
c:\windows\system32\4629zownl9ader5420.dll
c:\windows\system32\468ab9ckdoor5732z.ocx
c:\windows\system32\498z9irus15f.exe
c:\windows\system32\4a7ezdd5are1449.ocx
c:\windows\system32\4b2695arse1731z.bin
c:\windows\system32\4b69steal92z5.exe
c:\windows\system32\4bz4thre9t292275.cpl
c:\windows\system32\4d54zown9oader521.cpl
c:\windows\system32\4de59zrse464.dll
c:\windows\system32\4e5dthi9f28z05.exe
c:\windows\system32\4ff95d9zare544.exe
c:\windows\system32\4z749hief2405.bin
c:\windows\system32\502z9worm340.bin
c:\windows\system32\5071hacktoz915e.bin
c:\windows\system32\5073d9wnloa5erz823.exe
c:\windows\system32\5101zhief9311.dll
c:\windows\system32\51604spambot97z.ocx
c:\windows\system32\517z69irus47d.cpl
c:\windows\system32\528bthiez190.ocx
c:\windows\system32\5374h9cktozl3e9.cpl
c:\windows\system32\53855spz1b29.exe
c:\windows\system32\53949not-a-vi9uzbf.dll
c:\windows\system32\5431sp5mboz50c9.exe
c:\windows\system32\54f6ste5z9671.exe
c:\windows\system32\555virz69.exe
c:\windows\system32\5567spam9ot5f6z.ocx
c:\windows\system32\55819py1z4.ocx
c:\windows\system32\5590steaz553.exe
c:\windows\system32\559bz9ar5e3265.ocx
c:\windows\system32\55b7thie9212z.cpl
c:\windows\system32\55f0downzoader798.cpl
c:\windows\system32\56149hief271z.bin
c:\windows\system32\5695spy79z.bin
c:\windows\system32\56a5stea9110z.bin
c:\windows\system32\56zbt5ief595.cpl
c:\windows\system32\571d9h5eat2z570.ocx
c:\windows\system32\573d9wnloader187z.bin
c:\windows\system32\5794zhacktool69f.dll
c:\windows\system32\57e9szars53006.dll
c:\windows\system32\583z4sp9428.ocx
c:\windows\system32\5859spambz5695.exe
c:\windows\system32\58839tzoj682.cpl
c:\windows\system32\5897trzj95e.ocx
c:\windows\system32\5907w5rz96b.dll
c:\windows\system32\5969tzief219.dll
c:\windows\system32\5a2cdowzloader2209.exe
c:\windows\system32\5a9759reat18z83.cpl
c:\windows\system32\5a9fbac5door2z95.cpl
c:\windows\system32\5b9czddware722.bin
c:\windows\system32\5be8t5i9z2943.cpl
c:\windows\system32\5c9sparsz588.cpl
c:\windows\system32\5ca09pars52818z.ocx
c:\windows\system32\5ca2ad5warez960.dll
c:\windows\system32\5d69a9dwaze1015.cpl
c:\windows\system32\5dcbzownlo9der5190.ocx
c:\windows\system32\5dz2sparse9655.ocx
c:\windows\system32\5f425teal9770z.dll
c:\windows\system32\5z2cvir92295.bin
c:\windows\system32\5z51spy5539.cpl
c:\windows\system32\5z743spambo9498.dll
c:\windows\system32\5z8csparse2953.bin
c:\windows\system32\5z92vir1551.exe
c:\windows\system32\5zb1s9arse155.exe
c:\windows\system32\5ze9vir13.dll
c:\windows\system32\5zespyware239.cpl
c:\windows\system32\5zfbs59ware96.cpl
c:\windows\system32\6119sp5wa9e1462z.exe
c:\windows\system32\61539ownloader1z96.bin
c:\windows\system32\61c5zddware3963.exe
c:\windows\system32\627as9zrse595.ocx
c:\windows\system32\6295tr9zb8.bin
c:\windows\system32\65aaz9ar5e2905.exe
c:\windows\system32\66a29t5az1743.ocx
c:\windows\system32\66zcthreat521789.dll
c:\windows\system32\6759troj28z9.exe
c:\windows\system32\680zh9ckt5ol784.ocx
c:\windows\system32\691vir1z655.cpl
c:\windows\system32\6995spzmbot759.ocx
c:\windows\system32\69fe5te9l59z.cpl
c:\windows\system32\6a7e5i9208z.bin
c:\windows\system32\6b5dth9zat25055.cpl
c:\windows\system32\6b72zpyware2295.ocx
c:\windows\system32\6da9steaz2725.ocx
c:\windows\system32\6e2zs9ea52845.cpl
c:\windows\system32\6z41dow5loader948.bin
c:\windows\system32\7139ad9wa5z2191.cpl
c:\windows\system32\71z2not-a-vi9us765.dll
c:\windows\system32\71z8spa9se1455.cpl
c:\windows\system32\7201vir952z7.ocx
c:\windows\system32\72f1zddware9605.exe
c:\windows\system32\7327not9a-v5rus21dz.cpl
c:\windows\system32\7425thief9706z.exe
c:\windows\system32\7493zot-a-5irus934.dll
c:\windows\system32\7497downzoad5r625.bin
c:\windows\system32\756zworm2639.ocx
c:\windows\system32\7574virus27z9.ocx
c:\windows\system32\7578downloader269z.bin
c:\windows\system32\75825owzloader1499.ocx
c:\windows\system32\75f5steal2z689.cpl
c:\windows\system32\7649threat59935z.ocx
c:\windows\system32\788ft5iez492.exe
c:\windows\system32\7954hzcktool294.ocx
c:\windows\system32\79659pambzt79e.cpl
c:\windows\system32\7c09t5izf9081.exe
c:\windows\system32\7c91vzr950.dll
c:\windows\system32\7czb9ackdo5r2166.ocx
c:\windows\system32\7e5zbackd9or2512.bin
c:\windows\system32\7ed0t9iez2952.exe
c:\windows\system32\7z75s5y798.bin
c:\windows\system32\7z95threat21533.bin
c:\windows\system32\7z97a5dwar91405.cpl
c:\windows\system32\7zcaadd95re91.dll
c:\windows\system32\8z56spy2d49.bin
c:\windows\system32\8z59py2bc.exe
c:\windows\system32\9045hacztool16e.bin
c:\windows\system32\90475pyzf5.ocx
c:\windows\system32\907z9irus5e95.ocx
c:\windows\system32\907zspy5c1.exe
c:\windows\system32\9088z5py5f0.ocx
c:\windows\system32\913cthief4z5.bin
c:\windows\system32\91zbdownloader3065.exe
c:\windows\system32\92z755acktool473.exe
c:\windows\system32\94325zp5mbote9.dll
c:\windows\system32\94662spamzo570b.exe
c:\windows\system32\9539dowzloader2993.dll
c:\windows\system32\9543hazkt95lc7.cpl
c:\windows\system32\959475irusz29.cpl
c:\windows\system32\95z06hacktool749.cpl
c:\windows\system32\96faddwar9196z5.exe
c:\windows\system32\9791zpambot6e45.dll
c:\windows\system32\9914worm6zf5.ocx
c:\windows\system32\9947woz9559.bin
c:\windows\system32\a65thz5at261029.ocx
c:\windows\system32\acovcnt.exe
c:\windows\system32\ad29te5l239z.ocx
c:\windows\system32\afthz95t592.dll
c:\windows\system32\b35sparze1519.cpl
c:\windows\system32\d6sp9rsez3385.cpl
c:\windows\system32\d8b5ddzare309.bin
c:\windows\system32\drivers\ESQULnqlyxtitidpuwjbeikiicvhtytrxrrrc.sys
c:\windows\system32\e51addwa9e557z.cpl
c:\windows\System32\ESQULhpmydsgsxbersrfstumsxfvcprxpvbet.dll
c:\windows\system32\ESQULivqlnqbqvceuhpkiyxlrwimwckanwoxv.dll
c:\windows\system32\ESQULzcounter
c:\windows\system32\f9eadd9a5e16z.dll
c:\windows\system32\ffbdzwnloa5er9689.dll
c:\windows\system32\Memman.vxd
c:\windows\system32\skinboxer43.dll
c:\windows\system32\z0773worm5a9.exe
c:\windows\system32\z0despy5are6599.dll
c:\windows\system32\z1455t95j4c2.cpl
c:\windows\system32\z191v5rus497.exe
c:\windows\system32\z1975troj325.cpl
c:\windows\system32\z199threat52007.cpl
c:\windows\system32\z29cvir2495.cpl
c:\windows\system32\z472spa95e548.cpl
c:\windows\system32\z472thi591349.bin
c:\windows\system32\z5639tro514c.cpl
c:\windows\system32\z5873s9y4b6.dll
c:\windows\system32\z5ceth9e5t9249.dll
c:\windows\system32\z6b15pywa9e1021.exe
c:\windows\system32\z9096virus6ca5.exe
c:\windows\system32\z915troj51f.exe
c:\windows\system32\z9245spy99f.dll
c:\windows\system32\za39addware3053.dll
c:\windows\system32\zbb8threat12295.bin
c:\windows\system32\zc389pa5se1539.bin
c:\windows\system32\zdbdsp5ware392.bin
c:\windows\z0780worm395.cpl
c:\windows\z1184worm79d5.exe
c:\windows\z120sp9mbot605.bin
c:\windows\z3593spy5475.bin
c:\windows\z44819ot-a-v5rus720.dll
c:\windows\z479thief1579.exe
c:\windows\z539i51771.bin
c:\windows\z59bspyware8079.exe
c:\windows\z5e9vir2414.dll
c:\windows\z65199orm459.ocx
c:\windows\z6fethre5t7964.cpl
c:\windows\z7294w5rm119.exe
c:\windows\z7aathief5391.dll
c:\windows\z90329pambot55e.bin
c:\windows\z906spars52215.bin
c:\windows\z90bvi525.ocx
c:\windows\z993vir2557.dll
c:\windows\z99b9pyw5re34.dll
c:\windows\za669ir5751.dll
c:\windows\zaacspywa9e1755.dll
c:\windows\zb95spy5are17.ocx
c:\windows\zbcda9dware32035.cpl
c:\windows\zce9thief1539.exe
c:\windows\zd25th95at7001.exe
c:\windows\zd8asp9rse2503.dll
D:\resycled
d:\resycled\boot.com

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ESQULserv.sys
-------\Service_ESQULserv.sys


((((((((((((((((((((((((( Files Created from 2009-06-28 to 2009-07-31 )))))))))))))))))))))))))))))))
.

2009-07-30 04:18 . 2009-07-30 04:18 -------- d-----w- c:\users\Sean\AppData\Roaming\Lavasoft
2009-07-30 04:17 . 2009-07-30 04:17 -------- d-----w- c:\program files\Lavasoft
2009-07-30 04:05 . 2009-07-30 04:05 -------- d-----w- c:\progra~2\Spybot - Search & Destroy
2009-07-30 04:05 . 2009-07-30 04:11 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-07-28 02:26 . 2009-07-13 20:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-28 02:26 . 2009-07-28 02:26 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-28 02:26 . 2009-07-28 02:26 -------- d-----w- c:\progra~2\Malwarebytes
2009-07-28 02:26 . 2009-07-13 20:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-27 03:10 . 2009-02-12 09:35 38208 ----a-w- c:\users\Sean\AppData\Roaming\Macromedia\Flash Player\https://www.macromedia.com\bin\airapp...pinstaller.exe
2009-07-27 03:10 . 2009-07-27 03:10 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-07-27 03:09 . 2009-07-27 19:01 -------- d-----w- c:\progra~2\NOS
2009-07-27 03:09 . 2009-07-27 19:01 -------- d-----w- c:\program files\NOS
2009-07-25 07:19 . 2009-07-25 07:19 6001 ----a-w- c:\windows\system32\2z295virus2.bin
2009-07-25 07:19 . 2009-07-25 07:19 5250 ----a-w- c:\windows\system32\28359nz9-a5virus7.bin
2009-07-25 07:04 . 2009-05-09 05:50 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-25 07:04 . 2009-05-09 05:34 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-25 07:01 . 2009-07-30 23:48 -------- d-----w- c:\program files\Steam
2009-07-25 07:01 . 2009-07-25 07:32 -------- d-----w- c:\program files\Common Files\Steam
2009-07-14 23:23 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-14 23:23 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-14 23:23 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-14 23:23 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-06 22:50 . 2009-07-06 22:50 -------- d-----w- c:\program files\Ventrilo
2009-07-06 22:49 . 2009-07-06 22:49 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-31 07:41 . 2008-07-11 14:38 110552 ----a-w- c:\progra~2\nvModes.dat
2009-07-31 07:39 . 2008-04-14 03:50 12 ----a-w- c:\windows\bthservsdp.dat
2009-07-28 22:06 . 2008-07-20 22:52 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2009-07-27 19:35 . 2008-07-21 17:02 -------- d-----w- c:\users\Sean\AppData\Roaming\LimeWire
2009-07-27 03:12 . 2008-07-20 22:14 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-15 10:02 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-07-14 02:50 . 2009-01-03 00:03 -------- d-----w- c:\program files\PokerStars.NET
2009-07-07 01:36 . 2009-01-16 15:03 680 ----a-w- c:\users\Sean\AppData\Local\d3d9caps.dat
2009-07-01 07:39 . 2009-07-01 07:39 4271 ----a-w- c:\windows\system32\111965pamz9t8.exe
2009-06-09 22:23 . 2008-12-25 03:31 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-07 05:49 . 2009-06-07 05:49 272384 ----a-w- c:\users\Sean\AppData\Roaming\Acreon\WowMatrix\Modules\curl.exe
2009-06-07 05:49 . 2009-06-07 05:49 192512 ----a-w- c:\users\Sean\AppData\Roaming\Acreon\WowMatrix\Libraries\wmweb.dll
2009-06-07 05:49 . 2009-06-07 05:49 258048 ----a-w- c:\users\Sean\AppData\Roaming\Acreon\WowMatrix\Libraries\wmzip.dll
2009-06-07 05:49 . 2009-06-07 05:49 -------- d-----w- c:\users\Sean\AppData\Roaming\Acreon
2009-06-05 18:42 . 2009-06-05 18:42 39424 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-06-05 18:42 . 2009-06-05 18:42 2060288 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-06-03 03:36 . 2008-08-05 19:52 -------- d-----w- c:\users\Sean\AppData\Roaming\Ventrilo
2009-05-15 00:55 . 2009-05-15 00:55 245408 ----a-w- c:\windows\system32\unicows.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-18 2289664]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Steam"="c:\program files\Steam\Steam.exe" [2009-07-25 1217784]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Microsoft Pinyin IME Migration"="c:\progra~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE" [2006-10-26 32560]
"ATKOSD2"="c:\program files\ATKOSD2\ATKOSD2.exe" [2008-01-23 7766016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-06-08 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-06-08 92704]
"CognizanceTS"="c:\progra~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll" [2003-12-22 17920]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-16 1029416]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMEDIA.EXE" [2008-02-01 61440]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2008-07-11 3054136]
"ASUS Camera ScreenSaver"="c:\windows\AsScrProlog.exe" [2008-07-11 47672]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-09 148888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-06-13 6183456]

c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-10 752168]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-12 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\APSHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer7"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{3A689A1C-CD5B-454E-83EF-53FA4F6D9435}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{B9BF84AC-BD67-4841-9325-45D7DA5E3C79}"= UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{0B12C702-826A-4A5F-BD4A-7A3A8F2EE4F6}"= TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader
"{9385CDCF-ECB0-4FC0-A6A7-73A8DBBA0EC3}"= UDP:c:\program files\AIM6\aim6.exe:AIM
"{0DC1EAA6-9535-45C6-9195-05CCD99D7D00}"= TCP:c:\program files\AIM6\aim6.exe:AIM
"{EB0F6EF9-EA7F-4E44-B837-2BE7182EE8A1}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{03A3CBAB-8B4E-4913-A73A-09A2FF2C1E98}"= UDP:c:\program files\Curse\CurseClient.exe:Curse Client
"{CC152F34-3D51-4809-BC37-C8F05E8B1D13}"= TCP:c:\program files\Curse\CurseClient.exe:Curse Client
"{8A99228E-DF44-4E1D-B26F-A600ED1DD50A}"= c:\program files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{E7328382-BAFA-47F1-9B0B-F94280C34D6C}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{EBDED9C8-142C-4C58-BE6D-D7BE8B32151C}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{96F7644A-48E4-4644-B462-525D2B1707F9}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{0C84CF57-1BCC-422D-97F1-F7241A0A386D}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{CE6FCBD4-AAAF-4785-A87D-E4CF6F3203EF}"= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{1B0B4449-CCA1-4AFE-9581-01B760CBC75F}"= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"TCP Query User{4255FAF3-559D-49DF-8DCA-1F0CC942532F}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{2D605262-598E-4A3A-BE2A-E0950A9294E1}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{1522CF39-A655-49B4-9064-A6EE8D534DD6}c:\\program files\\tmnationsforever\\tmforever.exe"= UDP:c:\program files\tmnationsforever\tmforever.exe:TmForever.exe
"UDP Query User{90F6FC01-71F7-4135-901A-0D506DC59043}c:\\program files\\tmnationsforever\\tmforever.exe"= TCP:c:\program files\tmnationsforever\tmforever.exe:TmForever.exe
"TCP Query User{E99CBF50-8E05-42D7-A1F0-49EA06D6620B}c:\\users\\public\\games\\world of warcraft\\launcher.exe"= UDP:c:\users\public\games\world of warcraft\launcher.exe:Blizzard Launcher
"UDP Query User{6DEF6EDA-0FF8-4C38-B7EC-9048B22BBFAC}c:\\users\\public\\games\\world of warcraft\\launcher.exe"= TCP:c:\users\public\games\world of warcraft\launcher.exe:Blizzard Launcher
"TCP Query User{E948CB95-3AB4-4498-A258-76A0C4136563}c:\\users\\sean\\downloads\\wow-3.0.1.8874-ptr-us-installer-downloader.exe"= UDP:c:\users\sean\downloads\wow-3.0.1.8874-ptr-us-installer-downloader.exe:wow-3.0.1.8874-ptr-us-installer-downloader.exe
"UDP Query User{67BEAE24-4D9F-49C1-9D3A-03A15D44C6C4}c:\\users\\sean\\downloads\\wow-3.0.1.8874-ptr-us-installer-downloader.exe"= TCP:c:\users\sean\downloads\wow-3.0.1.8874-ptr-us-installer-downloader.exe:wow-3.0.1.8874-ptr-us-installer-downloader.exe
"TCP Query User{DBCDDA9C-6FAF-4324-A4FA-F138E1BF991E}c:\\users\\public\\games\\world of warcraft\\wow-3.0.1.8874-ptr-us-installer-downloader.exe"= UDP:c:\users\public\games\world of warcraft\wow-3.0.1.8874-ptr-us-installer-downloader.exe:Blizzard Downloader
"UDP Query User{DD0FA39D-F14F-4973-B813-D14B75914CF4}c:\\users\\public\\games\\world of warcraft\\wow-3.0.1.8874-ptr-us-installer-downloader.exe"= TCP:c:\users\public\games\world of warcraft\wow-3.0.1.8874-ptr-us-installer-downloader.exe:Blizzard Downloader
"TCP Query User{C8DB9DBC-BA4F-437C-A2C8-BC3E6BB85F91}c:\\users\\public\\games\\world of warcraft public test\\launcher.exe"= UDP:c:\users\public\games\world of warcraft public test\launcher.exe:Blizzard Launcher
"UDP Query User{61D5BFAC-2C53-4B4F-8FD2-4B249CCF48DC}c:\\users\\public\\games\\world of warcraft public test\\launcher.exe"= TCP:c:\users\public\games\world of warcraft public test\launcher.exe:Blizzard Launcher
"{48798D2C-7BA1-4222-A595-516771E39FDE}"= UDP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
"{D06B11B4-DDF8-48FF-86FF-F7A4C12DF8C3}"= TCP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
"{D5B52120-A779-4D83-8BF1-20CFFC36BFD7}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-0.2.0.10048-to-0.2.0.10072-enUS-downloader.exe:Blizzard Downloader
"{1B68C19B-C421-4533-99E8-9EA49E928F5B}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-0.2.0.10048-to-0.2.0.10072-enUS-downloader.exe:Blizzard Downloader
"{AB29BE0D-0AD9-4308-AFD9-AB1CCE3555AF}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-0.2.0.10072-to-0.2.0.10083-enUS-downloader.exe:Blizzard Downloader
"{9A20B48C-3B9A-4B80-968D-35749A124343}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-0.2.0.10072-to-0.2.0.10083-enUS-downloader.exe:Blizzard Downloader
"TCP Query User{ED29D16F-DD73-4939-98E2-F8C31880E5F0}c:\\users\\public\\games\\world of warcraft\\backgrounddownloader.exe"= UDP:c:\users\public\games\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{04D8FF3D-40C7-4E39-BA9A-CA91BAF7DA0F}c:\\users\\public\\games\\world of warcraft\\backgrounddownloader.exe"= TCP:c:\users\public\games\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"{A14A4212-1615-4844-B4E7-A8CA031147F6}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\wow-0.2.0.10083-to-0.2.0.10116-enUS-downloader.exe:Blizzard Downloader
"{DAA469AA-1B27-4FC0-A951-03FCB9B64AB9}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\wow-0.2.0.10083-to-0.2.0.10116-enUS-downloader.exe:Blizzard Downloader
"{5ECC2FAD-B315-4B19-94C0-BD81161F055D}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-0.2.0.10116-to-0.2.0.10128-enUS-downloader.exe:Blizzard Downloader
"{B072C0D3-F37C-450D-B856-9B7D0889A961}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-0.2.0.10116-to-0.2.0.10128-enUS-downloader.exe:Blizzard Downloader
"TCP Query User{CF41D9DF-6E29-4089-B90F-A5A97E4B714A}c:\\program files\\steam\\steamapps\\ifogdog\\counter-strike source\\hl2.exe"= UDP:c:\program files\steam\steamapps\ifogdog\counter-strike source\hl2.exe:hl2.exe
"UDP Query User{2C7A9AB1-163D-4AE8-9419-BFBF269FDE0C}c:\\program files\\steam\\steamapps\\ifogdog\\counter-strike source\\hl2.exe"= TCP:c:\program files\steam\steamapps\ifogdog\counter-strike source\hl2.exe:hl2.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

R0 lullaby;lullaby;c:\windows\System32\drivers\lullaby.sys [7/11/2008 8:08 AM 15416]
R2 ASBroker;Logon Session Broker;c:\windows\System32\svchost.exe -k Cognizance [1/20/2008 7:23 PM 21504]
R2 ASChannel;Local Communication Channel;c:\windows\System32\svchost.exe -k Cognizance [1/20/2008 7:23 PM 21504]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [3/26/2009 8:48 PM 24652]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [7/11/2008 7:56 AM 29736]
R3 itecir;ITECIR Infrared Receiver;c:\windows\System32\drivers\itecir.sys [7/11/2008 7:51 AM 54784]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\System32\drivers\nvhda32v.sys [6/8/2008 4:22 PM 43040]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
Cognizance REG_MULTI_SZ ASBroker ASChannel

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"c:\program files\Common Files\LightScribe\LSRunOnce.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{C97751B1-BF63-4867-87FB-49B72502DBCD}]
c:\program files\Microsoft Office\Office10\OfficeXPFirstRun.vbs
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Aim6 - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*https://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
IE: {{FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - c:\program files\PokerStars.NET\PokerStarsUpdate.exe
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, https://www.gmer.net
Rootkit scan 2009-07-31 00:41
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(764)
c:\program files\ASUS Security Center\ASUS Security Protect Manager\bin\ASWLNPkg.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\bin\ItMsg.dll

- - - - - - - > 'Explorer.exe'(1720)
c:\windows\system32\APSHook.dll
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItClient.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\nvvsvc.exe
c:\windows\System32\audiodg.exe
c:\program files\ATK Hotkey\AsLdrSrv.exe
c:\program files\ATKGFNEX\GFNEXSrv.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
c:\program files\ASUS\SmartLogon\sensorsrv.exe
c:\windows\System32\conime.exe
c:\program files\ATK Hotkey\HControl.exe
c:\program files\ATK Hotkey\MsgTranAgt.exe
c:\program files\Wireless Console 2\wcourier.exe
c:\program files\P4G\BatteryLife.exe
c:\program files\ASUS\Splendid\ACMON.exe
c:\program files\ASUS\ASUS CopyProtect\ASPG.exe
c:\windows\System32\ACEngSvr.exe
.
**************************************************************************
.
Completion time: 2009-07-31 0:44 - machine was rebooted
ComboFix-quarantined-files.txt 2009-07-31 07:44

Pre-Run: 63,109,152,768 bytes free
Post-Run: 63,295,549,440 bytes free

893 --- E O F --- 2009-07-25 07:05

===============

Moderators Message

The others threads have been deleted, stick with one opened thread only, as per forum rules.
https://www.techsupportforum.com/rules.php
SeanBF is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 04:31 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts