I was asked to clean a freinds computer of this Trojan and found that they had clicked on a Rogue Anti-virus Program and infected themself. It installed Personal Antivirus. the first thing that I did was to try to uninstall the Program but it would not uninstall. I was able to delete the Program for C:\Programs files and deleted the folder, I then tried to run malwarebytes and it would not run so I started looking at forums. I also tried several different malware removers but none would run. so I came across several of your posts. So I download the Combofix software and renamed it and it ran on the computer and here is the log. can you help me to finish cleaning this machine or is this machine clean.

ComboFix 09-11-05.05 - Dale Moses 11/06/2009 12:28.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.482 [GMT -6:00]
Running from: c:\documents and settings\Administrator\Desktop\ABCD.exe
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Starware408
c:\documents and settings\All Users\Application Data\Starware408\buttons\1223_button_1b_def.bmp
c:\documents and settings\All Users\Application Data\Starware408\buttons\1223_button_1b_over.bmp
c:\documents and settings\All Users\Application Data\Starware408\buttons\1229_button_1b_def.bmp
c:\documents and settings\All Users\Application Data\Starware408\buttons\1229_button_1b_over.bmp
c:\documents and settings\All Users\Application Data\Starware408\buttons\Button_50.bmp
c:\documents and settings\All Users\Application Data\Starware408\buttons\Button_60.bmp
c:\documents and settings\All Users\Application Data\Starware408\buttons\Button_70.bmp
c:\documents and settings\All Users\Application Data\Starware408\buttons\FindIt.bmp
c:\documents and settings\All Users\Application Data\Starware408\buttons\FindItHot.bmp
c:\documents and settings\All Users\Application Data\Starware408\buttons\findithotxp.png
c:\documents and settings\All Users\Application Data\Starware408\buttons\finditxp.png
c:\documents and settings\All Users\Application Data\Starware408\buttons\logo.bmp
c:\documents and settings\All Users\Application Data\Starware408\buttons\logoxp.bmp
c:\documents and settings\All Users\Application Data\Starware408\buttons\Weather.bmp
c:\documents and settings\All Users\Application Data\Starware408\buttons\WeatherHot.bmp
c:\documents and settings\All Users\Application Data\Starware408\buttons\weatherhotxp.png
c:\documents and settings\All Users\Application Data\Starware408\buttons\weatherxp.png
c:\documents and settings\All Users\Application Data\Starware408\contexts\error.xml
c:\documents and settings\All Users\Application Data\Starware408\contexts\Related.xml
c:\documents and settings\All Users\Application Data\Starware408\contexts\Travel.xml
c:\documents and settings\All Users\Application Data\Starware408\images\clear.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\cloudy.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\foggy.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\frain.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\haze.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\mcloud.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\na.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\nclear.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\ncloudy.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\nfoggy.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\nmcloud.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\nna.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\noicon.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\npcloud.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\nrain.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\pcloud.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\rain.bmp
c:\documents and settings\All Users\Application Data\Starware408\images\walertXP.bmp
c:\documents and settings\All Users\Application Data\Starware408\SimpleUpdate\ProductMessagingConfig.xml
c:\documents and settings\All Users\Application Data\Starware408\SimpleUpdate\ProductMessagingConfig.xml.backup
c:\documents and settings\All Users\Application Data\Starware408\SimpleUpdate\SimpleUpdateConfig.xml
c:\documents and settings\All Users\Application Data\Starware408\SimpleUpdate\SimpleUpdateConfig.xml.backup
c:\documents and settings\All Users\Application Data\Starware408\SimpleUpdate\TimerManagerConfig.xml
c:\documents and settings\All Users\Application Data\Starware408\SimpleUpdate\TimerManagerConfig.xml.backup
c:\documents and settings\All Users\Application Data\Starware408\Tem10.tmp
c:\documents and settings\Dale Moses\Application Data\Starware408
c:\documents and settings\Dale Moses\Application Data\Starware408\Button_5\Button_5Options.xml
c:\documents and settings\Dale Moses\Application Data\Starware408\Button_5\Button_5Options.xml.backup
c:\documents and settings\Dale Moses\Application Data\Starware408\Button_6\Button_6Options.xml
c:\documents and settings\Dale Moses\Application Data\Starware408\Button_6\Button_6Options.xml.backup
c:\documents and settings\Dale Moses\Application Data\Starware408\Button_7\Button_7Options.xml
c:\documents and settings\Dale Moses\Application Data\Starware408\Button_7\Button_7Options.xml.backup
c:\documents and settings\Dale Moses\Application Data\Starware408\Video_Vault\Video_VaultOptions.xml
c:\documents and settings\Dale Moses\Application Data\Starware408\Video_Vault\Video_VaultOptions.xml.backup
c:\documents and settings\Dale Moses\Application Data\Starware408\Watch_Videos\Watch_VideosOptions.xml
c:\documents and settings\Dale Moses\Application Data\Starware408\Watch_Videos\Watch_VideosOptions.xml.backup
c:\program files\Starware408
c:\program files\Starware408\bin\Starware408.dll
c:\program files\Starware408\icons\star_16.ico
c:\recycler\S-1-5-21-1079113596-3371296759-2528311962-500
c:\recycler\S-1-5-21-1275210071-261478967-839522115-500
c:\recycler\S-1-5-21-179531828-2853224448-3628542644-500
c:\recycler\S-1-5-21-2192409820-2289054400-1157314694-500
c:\recycler\S-1-5-21-2724382250-2464719362-122087494-500
c:\recycler\S-1-5-21-3101147382-3012010417-1302004682-500
c:\windows\10116tzo539f.ocx
c:\windows\1059steal19z5.ocx
c:\windows\117ct9iez2155.cpl
c:\windows\12030v59uz24c.dll
c:\windows\12439tr5j71z.bin
c:\windows\1252zpambo935f.exe
c:\windows\12560worm1z95.dll
c:\windows\12689hackto5lza1.cpl
c:\windows\1290spa9boz51.exe
c:\windows\13179zp5mbot53e.cpl
c:\windows\13599pambotaaz.exe
c:\windows\13854hzckto9l7d8.ocx
c:\windows\13961hackt5ol9fez.exe
c:\windows\13z05spa5b9t774.bin
c:\windows\13z29spambot7f59.dll
c:\windows\146z95py1ec.ocx
c:\windows\148zviru59f4.cpl
c:\windows\14zbspars95765.ocx
c:\windows\150ead9ware1158z.bin
c:\windows\1514thzef7099.ocx
c:\windows\15296hacktzol661.dll
c:\windows\1539virz972.cpl
c:\windows\1561back9oor20z.bin
c:\windows\15846noz9a-viru57b8.bin
c:\windows\1590zpyw9re1095.cpl
c:\windows\15951worm35z9.cpl
c:\windows\1596395cktoolze9.exe
c:\windows\15z8ad9ware567.cpl
c:\windows\15z9sp9rse606.dll
c:\windows\162999ot-z-virus652.bin
c:\windows\16550not-a-virusz229.bin
c:\windows\16664spa9botza5.bin
c:\windows\1715nzt-a-v9rus49c.bin
c:\windows\17945spz675.dll
c:\windows\1795szeal525.ocx
c:\windows\1796zir8759.cpl
c:\windows\17z37spy965.exe
c:\windows\184529zrm259.bin
c:\windows\186349azk5ool225.bin
c:\windows\1869v5z1029.exe
c:\windows\188035pa9bot75z.exe
c:\windows\18866tz592b1.cpl
c:\windows\191319roj2a5z.exe
c:\windows\19206not-a-virzs543.bin
c:\windows\193759rojz5.cpl
c:\windows\1945not-a-virus4z4.bin
c:\windows\19599zorm295.bin
c:\windows\19699virus585z.cpl
c:\windows\19952troz7c2.exe
c:\windows\19955worm7a1z.cpl
c:\windows\19b1ad5ware2z4.ocx
c:\windows\19bcspz5se2670.cpl
c:\windows\19cf5ir30z5.ocx
c:\windows\19d9dowzl5ader2059.exe
c:\windows\1a07add5are9542z.dll
c:\windows\1a2zdo9nl5ader530.exe
c:\windows\1b28spywzr52592.bin
c:\windows\1b97b9ckdzor850.exe
c:\windows\1cecz9dware1534.bin
c:\windows\1cz8vi59339.cpl
c:\windows\1d9thi5f2109z.bin
c:\windows\1f5dsteal99z8.bin
c:\windows\1f8esza5s92628.dll
c:\windows\1z596troj5d15.dll
c:\windows\1z625spambot998.ocx
c:\windows\1z708s9y6875.dll
c:\windows\20daad5waze2931.dll
c:\windows\210489z5us477.bin
c:\windows\21049z5rm3a5.ocx
c:\windows\2158bzck9oor2118.cpl
c:\windows\2168059cktooz5ed.exe
c:\windows\217039ormaz5.ocx
c:\windows\21892zirus2e5.ocx
c:\windows\226995roz679.cpl
c:\windows\23457not-a-viruz295.cpl
c:\windows\24198hackt5olz98.bin
c:\windows\24292zpy1005.exe
c:\windows\24318not5a-vir9s1e3z.exe
c:\windows\250z7hac9tool205.exe
c:\windows\2551z9irusde.bin
c:\windows\2554zwo9m59f.exe
c:\windows\256015pazbot599.ocx
c:\windows\25768spy7zf9.ocx
c:\windows\25964wzr5344.ocx
c:\windows\2619ackdoo510z8.bin
c:\windows\265tzo945a.dll
c:\windows\26983nz59a-virus48f.exe
c:\windows\26bcst9alz52.bin
c:\windows\26z76h9ckt5ol18.dll
c:\windows\27122zot-a-9irus151.cpl
c:\windows\271485ot-a-vizus53b9.exe
c:\windows\271d5pywaze28129.ocx
c:\windows\272z6spy79c5.bin
c:\windows\2793zo5nloader3246.dll
c:\windows\28095h9cktzol3ed5.dll
c:\windows\282abackdoo51z709.bin
c:\windows\282ddownlo59zr2923.exe
c:\windows\28363hackto5z691.exe
c:\windows\28623s9azb5t5af.ocx
c:\windows\290255or926dz.exe
c:\windows\29250szy18e9.exe
c:\windows\292b9ownloade5z62.ocx
c:\windows\29590ha5kzool44.cpl
c:\windows\299509roz227.bin
c:\windows\29961hackt5ol391z.ocx
c:\windows\29982spy45z.bin
c:\windows\29bt5iez2280.dll
c:\windows\29z285ot-a-vir9s39f.dll
c:\windows\29z9spy557.dll
c:\windows\2ae1azdwar530779.bin
c:\windows\2az5s9arse1963.ocx
c:\windows\2d5a9hi5f297z.dll
c:\windows\2d6cstzal5469.exe
c:\windows\2e895iz3013.ocx
c:\windows\2e97t95eaz15376.exe
c:\windows\2fezad5ware909.ocx
c:\windows\2z02thief91825.ocx
c:\windows\2z7sp9r5e309.exe
c:\windows\2z93st5al1369.bin
c:\windows\2zf7addware9505.ocx
c:\windows\308935acztoo97b3.cpl
c:\windows\3108s5zmbot397.bin
c:\windows\31109troz585.bin
c:\windows\315859ief2242z.dll
c:\windows\31925virus2bz.exe
c:\windows\319z75acktool700.dll
c:\windows\321809acztoo5481.cpl
c:\windows\32222n9z-a-5irus6e4.bin
c:\windows\3224baczdoor9250.cpl
c:\windows\32399spz585.cpl
c:\windows\32554not-a9virus1z9.cpl
c:\windows\32683hacktzo925a.ocx
c:\windows\3285threat97979z.dll
c:\windows\336zd5wnloader95.exe
c:\windows\3372sp9wzr52508.ocx
c:\windows\3388t5ief90z9.cpl
c:\windows\33b5spa9sz2624.exe
c:\windows\3494zhie5359.exe
c:\windows\34a1tzre5t24095.bin
c:\windows\34z7stea52902.bin
c:\windows\3529zpy2e.cpl
c:\windows\356az9r1507.ocx
c:\windows\35709zacktool29a.bin
c:\windows\3589sparsz1905.cpl
c:\windows\35fethrzat5985.dll
c:\windows\3759backdoor91z3.ocx
c:\windows\37b5thizf1954.ocx
c:\windows\382d5d9waze2830.ocx
c:\windows\3916addwarz1251.bin
c:\windows\3953back9oo5z006.exe
c:\windows\3954zpyware5562.ocx
c:\windows\3959bazkd5or3230.cpl
c:\windows\395zspy4349.exe
c:\windows\39a1thief4z5.exe
c:\windows\39az5hief2260.exe
c:\windows\3becvzr9651.exe
c:\windows\3d2daddwa5ez2029.exe
c:\windows\3e9dszyw5re2490.cpl
c:\windows\3f54a9dwaze64.exe
c:\windows\3z49a5dware180.cpl
c:\windows\3z505hief27599.bin
c:\windows\3z59steal2997.bin
c:\windows\414fdoz9loa5er2397.dll
c:\windows\4156w9rm45ez.bin
c:\windows\419cs95wzre1595.bin
c:\windows\420not5a-vi9uz50f.cpl
c:\windows\43e2v9r558z.dll
c:\windows\4459threzt117.bin
c:\windows\446zv5r26529.dll
c:\windows\450hacktooz297.bin
c:\windows\451zthief15949.exe
c:\windows\4536downloader9047z.ocx
c:\windows\4568vir40z9.dll
c:\windows\459virz9685.ocx
c:\windows\4655spywaze1009.bin
c:\windows\471zaddwa5e790.bin
c:\windows\48acspa5sez159.cpl
c:\windows\48fdz592251.ocx
c:\windows\48z45acktool3d9.exe
c:\windows\491spyware5563z.dll
c:\windows\4935ha5kzool1ca.bin
c:\windows\4935zir1355.exe
c:\windows\4955h95ktool581z.exe
c:\windows\495zvir2654.ocx
c:\windows\4978spamzot1995.exe
c:\windows\498fbaczd95r1534.exe
c:\windows\49b8downloa9e5z095.bin
c:\windows\4e379aczdoor5855.bin
c:\windows\4e87threa52z8309.ocx
c:\windows\4ebzth59f1119.ocx
c:\windows\4ez55ackdoor1779.exe
c:\windows\4f99v5r39z.ocx
c:\windows\5095thzeat11632.ocx
c:\windows\50965hreat7950z.cpl
c:\windows\509a9zr3236.bin
c:\windows\50cbdowzl9ader275.bin
c:\windows\510caddwzr59087.bin
c:\windows\5142spz189.ocx
c:\windows\51559orm7z3.dll
c:\windows\516z9troj1ad.cpl
c:\windows\51925hreat26504z.cpl
c:\windows\52379virus1z9.exe
c:\windows\52591hacztool680.exe
c:\windows\52b5spazse1948.dll
c:\windows\52zdsp5rs9348.cpl
c:\windows\52zfa9dwa5e3089.ocx
c:\windows\5355spz39a.dll
c:\windows\538fbackdoor95z.bin
c:\windows\53941szambot31b.exe
c:\windows\53a6adzwar919425.cpl
c:\windows\54594not-a-virusz.exe
c:\windows\5499thzeat8793.dll
c:\windows\55110ha9ktooz2ba.cpl
c:\windows\5547worz9a9.dll
c:\windows\5551spy7zc9.exe
c:\windows\5590wor94zc.bin
c:\windows\55bzthi9f15145.ocx
c:\windows\55c5szyware2209.cpl
c:\windows\55d2z9reat4599.cpl
c:\windows\55ea9tzal2319.ocx
c:\windows\55z9threa921871.ocx
c:\windows\563139acztool4f6.cpl
c:\windows\56594nzt-a-virus49d.exe
c:\windows\568zhief729.exe
c:\windows\56970hacztool78b.dll
c:\windows\5752ba5kdo9rz630.ocx
c:\windows\578caddwarz759.dll
c:\windows\5791spz3f8.ocx
c:\windows\57d4zir1977.exe
c:\windows\5808z9cktool11c.ocx
c:\windows\58196not-z-virus5ab.bin
c:\windows\58z57worm95.exe
c:\windows\58z68virus908.ocx
c:\windows\58zvir999.bin
c:\windows\5945vir3189z.cpl
c:\windows\59cbspy9are57z0.exe
c:\windows\59zb59reat9964.cpl
c:\windows\5b16stea9z025.exe
c:\windows\5cdbspy95rez068.exe
c:\windows\5ceba9kdooz2007.ocx
c:\windows\5d44dow5l9ader2124z.cpl
c:\windows\5e0cdowzloader25999.ocx
c:\windows\5e6zthrea924121.exe
c:\windows\5ez7thief3195.exe
c:\windows\5fa85parse6z9.ocx
c:\windows\5z398hackto9l91.bin
c:\windows\5z799s9y494.ocx
c:\windows\5z84t5ief26529.cpl
c:\windows\5z88sparse1759.cpl
c:\windows\5z95vir2022.cpl
c:\windows\5zbbthre5t24179.bin
c:\windows\5zc59pyware2959.cpl
c:\windows\5zcspywa9e1969.ocx
c:\windows\5zf9vir1848.ocx
c:\windows\6073ad5ware3294z.exe
c:\windows\60e5spywa5e201z9.ocx
c:\windows\61195aczto9l3c3.dll
c:\windows\6134zp9mbot5e5.dll
c:\windows\6355szarse598.ocx
c:\windows\63a19ownloadz52494.cpl
c:\windows\641cdownloa9e53092z.bin
c:\windows\6519s9eaz447.ocx
c:\windows\6569thie52577z.bin
c:\windows\658caddzare14939.dll
c:\windows\6590zownloade5927.exe
c:\windows\6689adzware2585.bin
c:\windows\66e1bzc9door3095.cpl
c:\windows\68eca9dware55z.ocx
c:\windows\6935tzreat50520.ocx
c:\windows\6a549pywzre2671.ocx
c:\windows\6d2ct9ie5z790.exe
c:\windows\6e34do9nloa5er12z6.cpl
c:\windows\6e679zyware5724.cpl
c:\windows\6ea49ddwa5e1z92.ocx
c:\windows\6z9a5pyware1257.dll
c:\windows\6zdf59dware1116.bin
c:\windows\70985orm54z.cpl
c:\windows\7130vzr59498.dll
c:\windows\72zed9w5loader66.ocx
c:\windows\7361dowzloader9585.bin
c:\windows\73899acktoolz95.ocx
c:\windows\73c79te5z664.ocx
c:\windows\7459bac9zoor2138.ocx
c:\windows\749edownzo5der196.ocx
c:\windows\7516do9nlzader2605.ocx
c:\windows\7587hacktozl19a.exe
c:\windows\769ezte9l435.ocx
c:\windows\776t9reat1z574.ocx
c:\windows\77z5v9r3041.dll
c:\windows\77zspywa5e9079.bin
c:\windows\788aad5zare6339.bin
c:\windows\78aaspyw5ze3907.ocx
c:\windows\799thr9at28z56.cpl
c:\windows\79bb9pyware1z375.ocx
c:\windows\79z4hacktoo579c.bin
c:\windows\7ccbback9o5r1z95.exe
c:\windows\7cd5bac9dooz197.cpl
c:\windows\7d78stealz0915.exe
c:\windows\7e56thief114z9.bin
c:\windows\7f5c5ackzoor1795.bin
c:\windows\7z28vi91525.exe
c:\windows\7z74downl5ader1791.exe
c:\windows\81z9sp9457.exe
c:\windows\82795dwzre2051.ocx
c:\windows\8595not-a-zi9us4fa.ocx
c:\windows\896a5zware642.cpl
c:\windows\8d8ad5warz1973.ocx
c:\windows\8z20t5oj28f9.exe
c:\windows\9019pywaze2955.dll
c:\windows\91e2spaz5e825.bin
c:\windows\91z01worm3a5.ocx
c:\windows\9248hacktozl495.exe
c:\windows\92520not-5-zirus1cf.bin
c:\windows\9359spam9oz1d7.bin
c:\windows\93c5sparse1z69.cpl
c:\windows\93ffadd5are3z45.ocx
c:\windows\9457szy7d9.cpl
c:\windows\94818hackz5ol7de.exe
c:\windows\95379virus449z.exe
c:\windows\9545virz05.dll
c:\windows\95978zroj192.dll
c:\windows\95z5troj20b.dll
c:\windows\964caddwarz151.cpl
c:\windows\96d55hreat3z54.bin
c:\windows\96z69tro563c.bin
c:\windows\9764trzj15a.dll
c:\windows\97f9iz5032.exe
c:\windows\9844zow5loader2042.exe
c:\windows\98681viruz315.bin
c:\windows\9981w9r5675z.cpl
c:\windows\99969sp53z4.exe
c:\windows\9b52threat20z45.exe
c:\windows\9c25az5ware718.cpl
c:\windows\9d7sp5ware2913z.cpl
c:\windows\9z2a5ownloader1051.exe
c:\windows\9z60not-a-v5ru974e.ocx
c:\windows\a2fazdw9re2562.exe
c:\windows\bc1backdzor3925.dll
c:\windows\ccczow5loade9367.exe
c:\windows\cz5vir1957.bin
c:\windows\d85t9i5f32z1.bin
c:\windows\e87spars51z929.ocx
c:\windows\kb913800.exe
c:\windows\setup.exe
c:\windows\system32\10z55ha9ktool1ce.bin
c:\windows\system32\113415zoj79.dll
c:\windows\system32\11399szy5f2.cpl
c:\windows\system32\114419zoj52a.ocx
c:\windows\system32\11467s9am5oz693.bin
c:\windows\system32\11493sz5mbo9220.cpl
c:\windows\system32\1157noz-a9virus322.exe
c:\windows\system32\11945spamzot3cb.cpl
c:\windows\system32\120f59zware2613.exe
c:\windows\system32\12179spaz5ot4b89.exe
c:\windows\system32\12284spz75e9.dll
c:\windows\system32\124479pyzf5.exe
c:\windows\system32\1288downlz5der591.dll
c:\windows\system32\13330spam9ot5z.dll
c:\windows\system32\13559hacktooz57e.dll
c:\windows\system32\13951vzr5s582.exe
c:\windows\system32\1398backd5zr3068.exe
c:\windows\system32\13d85hiefz902.cpl
c:\windows\system32\14129spambo51zb9.cpl
c:\windows\system32\14595zr19559.dll
c:\windows\system32\14668wzrm5b39.bin
c:\windows\system32\14911trz955a.cpl
c:\windows\system32\14f0a5dw9re23z4.ocx
c:\windows\system32\14z56t9o5793.exe
c:\windows\system32\15029sp5105z.dll
c:\windows\system32\1542zac9tool46b.bin
c:\windows\system32\15607hack9zol336.cpl
c:\windows\system32\15894not-azvi9us35d.bin
c:\windows\system32\1599zddw5re922.bin
c:\windows\system32\15b8bz59door1158.exe
c:\windows\system32\15beaddza9e30905.ocx
c:\windows\system32\15zvi59921.exe
c:\windows\system32\161689rzj550.bin
c:\windows\system32\16169sp9mbot5b9z.bin
c:\windows\system32\16431zroj9b5.dll
c:\windows\system32\165975ot-a9zirus18f.bin
c:\windows\system32\165f9p5rsz749.exe
c:\windows\system32\167845zy989.ocx
c:\windows\system32\1697ztea9259.dll
c:\windows\system32\171425zo92d.bin
c:\windows\system32\17386not-a-9i5usz7f.exe
c:\windows\system32\17555virzs759.cpl
c:\windows\system32\1762zte9l28375.bin
c:\windows\system32\1850nzt-a-vi5us559.cpl
c:\windows\system32\1859viruz540.dll
c:\windows\system32\18695trzj3f59.ocx
c:\windows\system32\18783n9t5azvirus47.cpl
c:\windows\system32\18852spambzt5199.dll
c:\windows\system32\190z5hac5tool7a0.bin
c:\windows\system32\193905acktoolz1a.exe
c:\windows\system32\195019acktzo5611.exe
c:\windows\system32\197d5ownlozder987.ocx
c:\windows\system32\19811nz5-a-virus774.dll
c:\windows\system32\19859zroj683.cpl
c:\windows\system32\19884hac5tozl975.ocx
c:\windows\system32\19910hacztool75c.ocx
c:\windows\system32\19ae9pyware1765z.dll
c:\windows\system32\19z92not-5-virus184.dll
c:\windows\system32\1c84baczdo5r1970.cpl
c:\windows\system32\1d18baczd5or17479.dll
c:\windows\system32\1d5959eal2z52.ocx
c:\windows\system32\1d95szeal605.ocx
c:\windows\system32\1e32do9nlozder857.ocx
c:\windows\system32\1e65zpyware2907.dll
c:\windows\system32\1e9z59ckdoor75.ocx
c:\windows\system32\1f68s5zrse9675.bin
c:\windows\system32\1f95backdoo9503z.ocx
c:\windows\system32\1z00thie95430.cpl
c:\windows\system32\1z305not-a-virus699.cpl
c:\windows\system32\1z43s5arse9905.exe
c:\windows\system32\1z681virus5c69.cpl
c:\windows\system32\1z702spam95t236.ocx
c:\windows\system32\1z948virus15a.dll
c:\windows\system32\1z99virus105.ocx
c:\windows\system32\205d9ddware480z.bin
c:\windows\system32\20893not-a-virusz53.cpl
c:\windows\system32\20934hac5tool2ze.dll
c:\windows\system32\2119zi95s490.cpl
c:\windows\system32\21393not-a5vizus768.ocx
c:\windows\system32\21409t95z79f.cpl
c:\windows\system32\21445ha9ktool76z.cpl
c:\windows\system32\21536spamboz495.exe
c:\windows\system32\215zt95eat13915.cpl
c:\windows\system32\218b9ddw5re43z.bin
c:\windows\system32\219etzre5t3194.cpl
c:\windows\system32\22355trzj292.exe
c:\windows\system32\22959ot-a-vir5sa5z.dll
c:\windows\system32\229z5spy3ee.cpl
c:\windows\system32\23255zorm689.ocx
c:\windows\system32\2326tr9j1e5z.dll
c:\windows\system32\23316z5ambot90a.bin
c:\windows\system32\23353woz955e.dll
c:\windows\system32\23424s5y9zc.bin
c:\windows\system32\23890zr59279.cpl
c:\windows\system32\239165irusz8a.bin
c:\windows\system32\244z8troj495.exe
c:\windows\system32\24558v9ruz457.cpl
c:\windows\system32\24852vz9us566.dll
c:\windows\system32\24931zpy65d.exe
c:\windows\system32\24952virus5z0.bin
c:\windows\system32\25141wor92z9.bin
c:\windows\system32\2515addwa9e258z.dll
c:\windows\system32\252a9teal99z.ocx
c:\windows\system32\254asparse1z369.exe
c:\windows\system32\254z5v9rus188.ocx
c:\windows\system32\2555zspy695.dll
c:\windows\system32\25f3vzr1695.ocx
c:\windows\system32\26025zot-a-virus699.ocx
c:\windows\system32\26157no5-z-v9rus35b.exe
c:\windows\system32\26189not-a-vir5szf4.bin
c:\windows\system32\263c5azkdoor799.ocx
c:\windows\system32\267z0t5oj729.exe
c:\windows\system32\26968no9-a-vzr5s56a.dll
c:\windows\system32\27335wor938ez.ocx
c:\windows\system32\273z5spy9ce.exe
c:\windows\system32\27853z5cktool39.dll
c:\windows\system32\278905roz49e.exe
c:\windows\system32\27z415p91be.bin
c:\windows\system32\281z99py525.cpl
c:\windows\system32\2825sp9rsez5.bin
c:\windows\system32\2907backdooz2589.ocx
c:\windows\system32\29080tro95bz.cpl
c:\windows\system32\29206hzckt5ol6449.bin
c:\windows\system32\2925spambot65z.exe
c:\windows\system32\294195acktool135z.dll
c:\windows\system32\29475zp976b.bin
c:\windows\system32\29535spam9oz512.exe
c:\windows\system32\29595zor9659.bin
c:\windows\system32\295z39roj59d.dll
c:\windows\system32\29609spambotzbe5.ocx
c:\windows\system32\29770noz-a-5irus6e4.ocx
c:\windows\system32\29864w5r9zdf.cpl
c:\windows\system32\29866hacktoo55az.exe
c:\windows\system32\2988ztro9665.ocx
c:\windows\system32\298s9yzf55.dll
c:\windows\system32\29z2vir30475.dll
c:\windows\system32\29z9thief1599.ocx
c:\windows\system32\2be9d5wnloaz9r2059.bin
c:\windows\system32\2c1addwa5z1729.cpl
c:\windows\system32\2d89v9r172z5.ocx
c:\windows\system32\2z1995py7c6.dll
c:\windows\system32\2z548wor59c0.cpl
c:\windows\system32\2z865worm596.ocx
c:\windows\system32\2zcb5ddware3931.cpl
c:\windows\system32\30529spz2a9.cpl
c:\windows\system32\30th9ef1z195.exe
c:\windows\system32\3149zs5y7ba.bin
c:\windows\system32\317z9not5a-virus59.ocx
c:\windows\system32\32508h9cktzo5208.ocx
c:\windows\system32\32avi5279z.dll
c:\windows\system32\3358sz9al856.exe
c:\windows\system32\341ab9ck5oor1898z.ocx
c:\windows\system32\34619pyware2358z.cpl
c:\windows\system32\346z5py41f9.ocx
c:\windows\system32\348fdownloz9er9055.ocx
c:\windows\system32\3529z5eal360.exe
c:\windows\system32\3535vir15z79.dll
c:\windows\system32\3596vi9258z.exe
c:\windows\system32\3599tzo976f.exe
c:\windows\system32\359zspa5se899.dll
c:\windows\system32\35davir2z95.exe
c:\windows\system32\36e1t9zef158.bin
c:\windows\system32\3850down9ozder924.ocx
c:\windows\system32\38a8addwa5e89z.ocx
c:\windows\system32\392adow59oadez2576.ocx
c:\windows\system32\39399sp5d9z.ocx
c:\windows\system32\3957zhief1565.exe
c:\windows\system32\39825hreat220z69.cpl
c:\windows\system32\39f7ba9kdozr3550.bin
c:\windows\system32\3a13bacz5o9r1007.cpl
c:\windows\system32\3ad2z5ckdoor2290.exe
c:\windows\system32\3az6spywar5917.dll
c:\windows\system32\3c2ed5wnl9azer2393.cpl
c:\windows\system32\3c97stezl9562.dll
c:\windows\system32\3d49szywa9e2715.ocx
c:\windows\system32\3d93dzwnload9r7635.cpl
c:\windows\system32\3de5downzo9der1453.exe
c:\windows\system32\3eb3back95zr2595.cpl
c:\windows\system32\3ez95ir729.ocx
c:\windows\system32\3z705hief2839.dll
c:\windows\system32\43f5zackdo5r2938.cpl
c:\windows\system32\4405bac5dzor1199.ocx
c:\windows\system32\44c6spy5zre23579.dll
c:\windows\system32\44feaddwzre59.dll
c:\windows\system32\4569zow5loader9073.cpl
c:\windows\system32\45765o9z38e.exe
c:\windows\system32\4577do9nloader18z1.exe
c:\windows\system32\45b4b9ckdoor198z.exe
c:\windows\system32\45b9virz751.dll
c:\windows\system32\493csze5l1188.exe
c:\windows\system32\496s5ambot37z.ocx
c:\windows\system32\49e7bazkdo5r1026.bin
c:\windows\system32\4a4zthreat19175.cpl
c:\windows\system32\4d2f5ir29z9.dll
c:\windows\system32\4e1bs9zware5180.dll
c:\windows\system32\4e53threat1z7975.dll
c:\windows\system32\4ffdzddw5re1699.ocx
c:\windows\system32\4z659tea5399.cpl
c:\windows\system32\4z92threa97835.bin
c:\windows\system32\4zea9ir1254.bin
c:\windows\system32\5037zorm490.cpl
c:\windows\system32\50434z9y6b1.exe
c:\windows\system32\504z3spam9otd0.dll
c:\windows\system32\5099spy6ez9.cpl
c:\windows\system32\5155addware19z8.bin
c:\windows\system32\5159spy5z9.bin
c:\windows\system32\517f9hief680z.exe
c:\windows\system32\51949worm6z4.cpl
c:\windows\system32\51d9threat1854z.exe
c:\windows\system32\5209dowzlo5der1867.bin
c:\windows\system32\52czd9ware371.bin
c:\windows\system32\53307not-a-virus689z.cpl
c:\windows\system32\5364z954e3.ocx
c:\windows\system32\5386ba59dozr1816.exe
c:\windows\system32\53f9zteal1570.exe
c:\windows\system32\541spywarez7359.cpl
c:\windows\system32\5425spa9zot84.exe
c:\windows\system32\54496trojzd8.cpl
c:\windows\system32\548es9eal1z84.cpl
c:\windows\system32\54c2dow59oaderz169.ocx
c:\windows\system32\54z6down9oader2646.dll
c:\windows\system32\5500w5zm791.ocx
c:\windows\system32\55b59ddware2951z.bin
c:\windows\system32\5605sparse79z.ocx
c:\windows\system32\5612ztroj6c9.ocx
c:\windows\system32\567a9owzloader3033.exe
c:\windows\system32\56z7threat259175.dll
c:\windows\system32\57259ir86z.ocx
c:\windows\system32\577zbac5door9243.ocx
c:\windows\system32\5783hzckt9ol4e5.exe
c:\windows\system32\5798worm20z5.ocx
c:\windows\system32\579sp9mzot7a9.dll
c:\windows\system32\5833not-a-zirus398.cpl
c:\windows\system32\5877worm659z.bin
c:\windows\system32\589dsteal5100z.dll
c:\windows\system32\58b5dzwnloader5699.cpl
c:\windows\system32\5903vzr637.exe
c:\windows\system32\5906z5ckdo9r1196.cpl
c:\windows\system32\5940noz-a-vi9u5585.ocx
c:\windows\system32\596cs9zal795.bin
c:\windows\system32\596dvi529z9.ocx
c:\windows\system32\59956troj4zb.ocx
c:\windows\system32\5995threa523z08.cpl
c:\windows\system32\599not-a9viruz5e7.ocx
c:\windows\system32\59b15teal152z.dll
c:\windows\system32\59e6thzef532.ocx
c:\windows\system32\59faspyw5ze1794.ocx
c:\windows\system32\5adaviz9506.exe
c:\windows\system32\5b409zwnloader394.exe
c:\windows\system32\5b9caddw9ze450.dll
c:\windows\system32\5c0zvir219.dll
c:\windows\system32\5c65spzrse3039.bin
c:\windows\system32\5f75spyware1793z.dll
c:\windows\system32\5fdfspa9se358z.bin
c:\windows\system32\5z49virus5209.ocx
c:\windows\system32\5z931virus375.ocx
c:\windows\system32\6038zownl5ader1289.cpl
c:\windows\system32\61b0thzeat8359.ocx
c:\windows\system32\61bcaddwaze459.bin
c:\windows\system32\61z9h95ktoola6.exe
c:\windows\system32\626cste5lz94.dll
c:\windows\system32\6339not-a-zi59s7fe.cpl
c:\windows\system32\63c1szywa951988.ocx
c:\windows\system32\6539stezl3905.dll
c:\windows\system32\654cvi928z6.ocx
c:\windows\system32\655zbackdo9r223.ocx
c:\windows\system32\656zbac9door72.cpl
c:\windows\system32\65b75hrea914000z.ocx
c:\windows\system32\65e995zal1239.dll
c:\windows\system32\65f3back9ozr2715.ocx
c:\windows\system32\665viruz9b.bin
c:\windows\system32\6669thizf594.ocx
c:\windows\system32\66a2zownl95der636.dll
c:\windows\system32\6723bzck5oor94.ocx
c:\windows\system32\674bz5ea9219.dll
c:\windows\system32\6795threat19890z.exe
c:\windows\system32\6799addwaze7435.dll
c:\windows\system32\690thief1z95.exe
c:\windows\system32\6937spzr5e2506.bin
c:\windows\system32\6944zir563.exe
c:\windows\system32\6987zro9546.cpl
c:\windows\system32\69ddo9nloadzr16365.bin
c:\windows\system32\6e13zh5ea919006.bin
c:\windows\system32\6f4zpars51719.exe
c:\windows\system32\6ff8doznloade9251.ocx
c:\windows\system32\6z04thief2195.ocx
c:\windows\system32\6z1fd9wn5oader2765.bin
c:\windows\system32\7171zackdoor2945.exe
c:\windows\system32\7195spy340z.cpl
c:\windows\system32\71dcdo9nlza5er77.ocx
c:\windows\system32\720fdoz9loa5er2750.ocx
c:\windows\system32\720zbackd5or1595.cpl
c:\windows\system32\740259oj68z.cpl
c:\windows\system32\74459zckdoor151.cpl
c:\windows\system32\744eadd5arz793.ocx
c:\windows\system32\74z9spy9are2785.cpl
c:\windows\system32\7533hack9o5l19z.exe
c:\windows\system32\753ha9ktool2z7.cpl
c:\windows\system32\754aback9ozr3239.dll
c:\windows\system32\75929owzloader467.ocx
c:\windows\system32\7597stzal1604.ocx
c:\windows\system32\76b5th9ef2z23.dll
c:\windows\system32\790ddownlo5der1904z.bin
c:\windows\system32\7947not-a-z5rus32.bin
c:\windows\system32\7954sp5rse901z.bin
c:\windows\system32\7958z95ef1355.dll
c:\windows\system32\7a97vzr1551.ocx
c:\windows\system32\7adazdw5r9254.ocx
c:\windows\system32\7c1e59izf2551.dll
c:\windows\system32\7cebdownloadzr54599.exe
c:\windows\system32\7d19th9ea5z604.exe
c:\windows\system32\7ee3zd9war51671.cpl
c:\windows\system32\7f59zddwa5e3101.exe
c:\windows\system32\7fa8zteal7955.cpl
c:\windows\system32\7fz9spywar925685.ocx
c:\windows\system32\7fzback5oor1914.dll
c:\windows\system32\7z2a5dware9644.cpl
c:\windows\system32\815ba9zdoor559.dll
c:\windows\system32\87319or5z81.bin
c:\windows\system32\8884not-5zvirus39a.cpl
c:\windows\system32\8952vi5us69z.cpl
c:\windows\system32\9221dow5loadzr3263.dll
c:\windows\system32\92260sp54fz.dll
c:\windows\system32\92353woz547f.ocx
c:\windows\system32\92379noz-a5virus7e3.cpl
c:\windows\system32\9288downloader4z35.bin
c:\windows\system32\92bfsp5warez592.cpl
c:\windows\system32\935fadzware1815.dll
c:\windows\system32\936steal9z75.ocx
c:\windows\system32\939bacz5oor490.dll
c:\windows\system32\952z4spy4c5.bin
c:\windows\system32\9547zh5cktool4ac.dll
c:\windows\system32\95543spy4z5.dll
c:\windows\system32\9557szy524.dll
c:\windows\system32\955vir12z0.ocx
c:\windows\system32\95618szy55.exe
c:\windows\system32\9598viru93dz.ocx
c:\windows\system32\95998worm7ez.cpl
c:\windows\system32\95athiez3135.ocx
c:\windows\system32\9601notz5-virus979.dll
c:\windows\system32\9644vi95s3z5.cpl
c:\windows\system32\968vizus3425.dll
c:\windows\system32\96downloader2251z.dll
c:\windows\system32\995zthreat523.cpl
c:\windows\system32\995ztroj48b.ocx
c:\windows\system32\9a0a5dware3209z.ocx
c:\windows\system32\9b6back5ozr2693.bin
c:\windows\system32\9b99backd5or25z5.ocx
c:\windows\system32\9c1dvir285z.bin
c:\windows\system32\9d45szyware5670.cpl
c:\windows\system32\9e7s5arse292z.dll
c:\windows\system32\9eaethreaz4505.dll
c:\windows\system32\9z25p9ware1253.cpl
c:\windows\system32\9z49spy7785.cpl
c:\windows\system32\9z62spyware1955.dll
c:\windows\system32\aoz17.tmp.exe
c:\windows\system32\czft5r9at4997.cpl
c:\windows\system32\d3d0499.dll
c:\windows\system32\drivers\ndisrd.sys
c:\windows\system32\drivers\UACiqparrtjxb.sys
c:\windows\system32\ed9downloa5er2z96.bin
c:\windows\system32\fe99hrzat4525.dll
c:\windows\system32\msxmlm.dll
c:\windows\system32\ndisapi.dll
c:\windows\system32\NetFilter.exe
c:\windows\system32\UAChnpcphbrnk.dll
c:\windows\system32\uacinit.dll
c:\windows\system32\UACmpvogoeuwp.dat
c:\windows\system32\UACmuyqvdyutx.dll
c:\windows\system32\UACqtomudppex.dll
c:\windows\system32\z0307hackto9l7485.bin
c:\windows\system32\z9dba9dw5re1707.dll
c:\windows\z05545pamb9t598.exe
c:\windows\z1718hackto5ld9.dll
c:\windows\z1789troj355.cpl
c:\windows\z208troj5395.ocx
c:\windows\z3521v5rus922.exe
c:\windows\z4299spy29d5.exe
c:\windows\z459thief5773.exe
c:\windows\z4981worm455.ocx
c:\windows\z5263tr9573a.bin
c:\windows\z535th9eat53769.cpl
c:\windows\z579parse1502.exe
c:\windows\z6247spy3945.bin
c:\windows\z6412vir9s2f5.cpl
c:\windows\z6954tro97015.ocx
c:\windows\z710backdoor26595.dll
c:\windows\z784hacktoo96955.exe
c:\windows\z80925roj69e.exe
c:\windows\z85virus95.exe
c:\windows\z8aedownloa59r2203.exe
c:\windows\z93es9ars5255.bin
c:\windows\z949tr5j55.dll
c:\windows\z984stea51915.bin
c:\windows\z9970w9rm5d0.exe
c:\windows\z9bbackd5or575.dll
c:\windows\ze71backdoor1569.cpl

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_UACd.sys
-------\Legacy_NDISRD
-------\Service_NDISRD


((((((((((((((((((((((((( Files Created from 2009-10-06 to 2009-11-06 )))))))))))))))))))))))))))))))
.

2009-11-05 16:33 . 2009-09-10 20:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-11-05 16:33 . 2009-11-05 16:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-11-05 16:33 . 2009-11-05 16:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-11-05 16:33 . 2009-09-10 20:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-04 22:32 . 2009-11-04 22:32 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Threat Expert
2009-11-04 22:24 . 2009-11-04 23:01 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-11-04 21:44 . 2009-11-04 21:44 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Apple Computer
2009-11-04 21:44 . 2009-11-04 21:44 -------- d-----w- c:\documents and settings\Administrator\Application Data\Skinux
2009-11-04 21:44 . 2009-11-04 21:44 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google
2009-10-12 18:25 . 2009-10-12 18:25 6021 ----a-w- c:\windows\system32\z5717hacktool195.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-25 17:48 . 2006-07-25 23:01 67528 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-07-17 23:20 279944 ----a-w- c:\program files\AskBarDis\bar\bin\askBar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{3041D03E-FD4B-44E0-B742-2D9B88305F98}"= "c:\program files\AskBarDis\bar\bin\askBar.dll" [2008-07-17 279944]

[HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2004-10-13 1694208]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2006-03-15 15360]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-19 204288]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KernelFaultCheck"="c:\windows\system32\dumprep 0 -k" [X]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2004-11-18 118784]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-04-05 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-04-05 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-04-05 118784]
"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2006-06-28 217088]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]
"VAIO Update 2"="c:\program files\Sony\VAIO Update 2\VAIOUpdt.exe" [2005-10-12 151552]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-05-08 7561216]
"Switcher.exe"="c:\program files\Sony\Wireless Switch Setting Utility\Switcher.exe" [2006-02-14 176128]
"VAIOCameraUtility"="c:\program files\Sony\VAIO Camera Utility\VCUServe.exe" [2005-12-27 69632]
"DISCover"="c:\program files\DISC\DISCover.exe" [2006-06-02 1077248]
"VAIO Recovery"="c:\windows\Sonysys\VAIO Recovery\PartSeal.exe" [2003-04-20 28672]
"ShStatEXE"="c:\program files\Network Associates\VirusScan\SHSTAT.EXE" [2004-08-18 94208]
"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UpdaterUI.exe" [2004-08-06 139320]
"Network Associates Error Reporting Service"="c:\program files\Common Files\Network Associates\TalkBack\TBMon.exe" [2003-10-07 147514]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-08-29 29744]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-11-15 286720]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2007-11-15 267048]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"combofix"="c:\abcd\CF9491.exe" [2009-11-06 388608]
"Mouse Suite 98 Daemon"="ICO.EXE" - c:\windows\system32\ico.exe [2002-03-14 45056]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-24 29696]
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-7-7 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2006-03-09 21:51 73728 ----a-w- c:\windows\system32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\DISC\\DISCover.exe"=
"c:\\Program Files\\DISC\\DiscStreamHub.exe"=
"c:\\Program Files\\DISC\\myFTP.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=

R1 NaiAvTdi1;NaiAvTdi1;c:\windows\system32\drivers\mvstdi5x.sys [12/19/2006 11:30 AM 58016]
R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB [?]
R3 SonyImgF;Sony Image Conversion Filter Driver;c:\windows\system32\drivers\SonyImgF.sys [7/24/2006 11:28 AM 30080]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [7/24/2006 11:28 AM 226304]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [1/16/2007 11:11 PM 29744]
S3 pelmouse;Mouse Suite Driver;c:\windows\system32\drivers\PELMOUSE.SYS [7/24/2006 1:39 PM 17251]
S3 pelusblf;USB Mouse Low Filter Driver;c:\windows\system32\drivers\pelusblf.sys [7/24/2006 1:39 PM 7520]
S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - ENTDRV51
*NewlyCreated* - MBR
*Deregistered* - mbr
.
Contents of the 'Scheduled Tasks' folder

2009-09-09 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 19:57]
.
.
------- Supplementary Scan -------
.
mDefault_Page_URL = hxxp://www.sony.com/vaiopeople
uInternet Connection Wizard,ShellNext = iexplore
Trusted Zone: trymedia.com
.
- - - - ORPHANS REMOVED - - - -

BHO-{cb5a26c3-d9b3-4ab0-9efc-443595518284} - c:\program files\Starware408\bin\Starware408.dll
Toolbar-{6e4cc754-caa4-4576-9af1-68323d5760d4} - c:\program files\Starware408\bin\Starware408.dll
HKLM-Run-PersonalAV - c:\program files\PersonalAV\PAV.exe
HKLM-Run-<NO NAME> - (no file)
Notify-WgaLogon - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-06 12:49
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(880)
c:\windows\system32\VESWinlogon.dll

- - - - - - - > 'lsass.exe'(936)
c:\windows\system32\EntApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Network Associates\Common Framework\FrameworkService.exe
c:\program files\Network Associates\VirusScan\Mcshield.exe
c:\program files\Network Associates\VirusScan\VsTskMgr.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\progra~1\NETWOR~1\COMMON~1\naPrdMgr.exe
c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\Common Files\Sony Shared\WMPlugIn\SonicStageMonitoring.exe
c:\program files\Sony\VAIO Event Service\VESMgr.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\igfxext.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\program files\Canon\CAL\CALMAIN.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wscntfy.exe
c:\windows\eHome\ehmsas.exe
c:\program files\Apoint\Apntex.exe
c:\program files\DISC\DiscStreamHub.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2009-11-06 12:51 - machine was rebooted
ComboFix-quarantined-files.txt 2009-11-06 18:49

Pre-Run: 134,242,820,096 bytes free
Post-Run: 134,620,393,472 bytes free

- - End Of File - - 7B35764C3DB94A6861394277113F4B55

Hi,

Navigate to and delete the following leftover:

c:\windows\system32\z5717hacktool195.dll

Then, please uninstall the Ask Toolbar since this one is not recommended.

Then, * Go to start > run and copy and paste next command in the field:

ComboFix /Uninstall

Make sure there's a space between Combofix and /
Then hit enter.

This will uninstall Combofix, delete its related folders and files, reset your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.

Let me know in your next reply how things are now.

Since there is no feedback anymore, I assume this issue is resolved ... so, this Topic is closed.
If you need this topic reopened for continuations of existing problems, please request this by sending me a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.