System #@!!%@%! security 2009 got me

I got infected with system security 2009 awhile back. I ran safe mode and used antimalware and a registry cleaner to get it out or i thought. Now I cant get my internet to work and cant connect to my network without limited connectivity which is why no internet I think. any idea what happened? Or if I just left a part of system security in there how I can get it out manually . Everything else is fine no locked start up no YOUR SYSTEM IS INFECTED changed back round and no fake system scan with fake errors and viruses. Please help me

Please download the current version of HijackThis from HERE

• Double click and run the installer.
  
• It will install to C:\Program Files\Trend Micro\HijackThis\hijackthis.exe
  
• After installing, you should get the user agreement, press accept and Hijack This will run.
  
• Select Do a system scan and save a log file. This will open a notepad file of everything Hijack This found, copy and paste it back here.
  

Ok I clicked the link and got hijack this. I ran a system scan and here is the log.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:36:27 AM, on 9/5/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\WLTRAY.EXE
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] "C:\Windows\system32\WLTRAY.exe"
O4 - HKLM\..\Run: [Persistence] "C:\Windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Dell PC Fax\fm3032.exe" /s
O4 - HKLM\..\Run: [dlcxmon.exe] "C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell Photo AIO Printer 926\memcard.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] "C:\PROGRA~1\AVG\AVG8\avgtray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 6678 bytes


Oh also scanned multiple times with malware bytes earlier today and kept getting same trojan. I rebooted like it told me but still kept getting same one at

windows\system32\SKYNETlog.dat

• Download combofix from here
  Link 1
  Link 2
  

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to svchost as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

• See HERE for how to disable your AV.
  
• Double click on svchost.exe.
  
• Follow the prompts. NOTE:
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouse click combofix's window whilst it's running. That may cause it to stall.
  

ComboFix 09-09-05.01 - Trillest 09/05/2009 17:59.1.1 - NTFSx86
Microsoft Windows Vista Home Basic 6.0.6001.1.1252.1.1033.18.1013.470 [GMT -5:00]
Running from: f:\wtf don delete\ComboFix.exe
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Webroot Spy Sweeper *disabled* (Outdated) {68A41C74-A1E9-48F8-B2E5-D8232211AB6D}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point

((((((((((((((((((((((((((((((((((((((( Other Deletions

c:\$recycle.bin\S-1-5-21-66771231-259741160-2761330436-1001
c:\$recycle.bin\S-1-5-21-66771231-259741160-2761330436-1002
C:\drivers
c:\drivers\audio\R170217\AESTAC64.dll
c:\drivers\audio\R170217\AESTACap.dll
c:\drivers\audio\R170217\AESTAR64.dll
c:\drivers\audio\R170217\AESTARen.dll
c:\drivers\audio\R170217\AESTEC64.dll
c:\drivers\audio\R170217\AESTECap.dll
c:\drivers\audio\R170217\AESTSr64.exe
c:\drivers\audio\R170217\AESTSrv.exe
c:\drivers\audio\R170217\CTAPO32.dll
c:\drivers\audio\R170217\CTAPO64.dll
c:\drivers\audio\R170217\ctppld.dll
c:\drivers\audio\R170217\stacgui.cpl
c:\drivers\audio\R170217\staco.dll
c:\drivers\audio\R170217\staco64.dll
c:\drivers\audio\R170217\stacsv.exe
c:\drivers\audio\R170217\stacsv64.exe
c:\drivers\audio\R170217\stacui64.cpl
c:\drivers\audio\R170217\stapi32.dll
c:\drivers\audio\R170217\stapi64.dll
c:\drivers\audio\R170217\stapo.dll
c:\drivers\audio\R170217\stapo64.dll
c:\drivers\audio\R170217\stcplx.dll
c:\drivers\audio\R170217\stcplx64.dll
c:\drivers\audio\R170217\stlang.dll
c:\drivers\audio\R170217\stlang64.dll
c:\drivers\audio\R170217\sttray.exe
c:\drivers\audio\R170217\sttray64.exe
c:\drivers\audio\R170217\STWRT.cat
c:\drivers\audio\R170217\STWRT.INF
c:\drivers\audio\R170217\Stwrt.ini
c:\drivers\audio\R170217\stwrt.sys
c:\drivers\audio\R170217\STWRT64.cat
c:\drivers\audio\R170217\STWRT64.INF
c:\drivers\audio\R170217\stwrt64.ini
c:\drivers\audio\R170217\stwrt64.sys
c:\drivers\audio\R170217\suhlp.exe
c:\drivers\audio\R170217\suhlp64.exe
c:\drivers\audio\R170217\WRT_M2-1.INI
c:\drivers\audio\R170217\WRT_M2-2.INI
c:\drivers\audio\R170217\WRT_M2-3.INI
c:\drivers\audio\R170217\WRT_M2-4.INI
c:\drivers\audio\R170217\WRT_M2-5.INI
c:\drivers\audio\R170217\WRT_M2-6.INI
c:\drivers\audio\R170217\WRT_M2-7.INI
c:\drivers\audio\R170217\WRT_M2-8.INI
c:\drivers\audio\R170217\WRT_M2-9.INI
c:\drivers\audio\R170217\WRT_M4-2.INI
c:\drivers\audio\R170217\WRT_M4-3.INI
c:\drivers\audio\R170217\WRT_M4-4.INI
c:\drivers\audio\R170217\WRT_M4-7.INI
c:\drivers\audio\R170217\WRT_M4-8.INI
c:\drivers\audio\R170217\WRT_M8-1.INI
c:\drivers\audio\R170217\WRT_M8-2.INI
c:\drivers\audio\R170217\WRT_M8-3.INI
c:\drivers\audio\R170217\WRT_M8-4.INI
c:\drivers\audio\R170217\WRT_M8-5.INI
c:\drivers\audio\R170217\WRT_M8-6.INI
c:\drivers\audio\R170217\WRT_M8-7.INI
c:\drivers\audio\R170217\WRT_M8-8.INI
c:\drivers\audio\R170217\WRTNO2-8.INI
c:\drivers\audio\R170217\WRTNO4-2.INI
c:\drivers\audio\R170217\WRTNO4-3.INI
c:\drivers\audio\R170217\WRTNO4-7.INI
c:\drivers\input\R166314\apfiltr.cat
c:\drivers\input\R166314\Apfiltr.inf
c:\drivers\input\R166314\Apfiltr.sys
c:\drivers\input\R166314\ApInst.dll
c:\drivers\input\R166314\ApMouCpl.dll
c:\drivers\input\R166314\ApMsgFwd.exe
c:\drivers\input\R166314\ApntEx.exe
c:\drivers\input\R166314\Apoint.dll
c:\drivers\input\R166314\Apoint.exe
c:\drivers\input\R166314\DellTPad.exe
c:\drivers\input\R166314\DPInst.exe
c:\drivers\input\R166314\dpinst.xml
c:\drivers\input\R166314\ELProp.dll
c:\drivers\input\R166314\Eula\Eula_BP.txt
c:\drivers\input\R166314\Eula\Eula_CS.txt
c:\drivers\input\R166314\Eula\Eula_CT.txt
c:\drivers\input\R166314\Eula\Eula_FR.txt
c:\drivers\input\R166314\Eula\Eula_GR.txt
c:\drivers\input\R166314\Eula\Eula_IT.txt
c:\drivers\input\R166314\Eula\Eula_JP.txt
c:\drivers\input\R166314\Eula\Eula_KR.txt
c:\drivers\input\R166314\Eula\Eula_SP.txt
c:\drivers\input\R166314\Eula\Eula_TH.txt
c:\drivers\input\R166314\Eula\Eula_US.txt
c:\drivers\input\R166314\EzAuto.dll
c:\drivers\input\R166314\hidfind.exe
c:\drivers\input\R166314\Readme_E.htm
c:\drivers\input\R166314\Readme_E.txt
c:\drivers\input\R166314\Readme_J.htm
c:\drivers\input\R166314\Readme_J.txt
c:\drivers\input\R166314\Setup.exe
c:\drivers\input\R166314\Uninstap.exe
c:\drivers\input\R166314\Vxdif.dll
c:\drivers\input\R166314\WdfCoInstaller01005.dll
c:\drivers\modem\R150152\del000fz.cat
c:\drivers\modem\R150152\del000fz.inf
c:\drivers\modem\R150152\del1028.cty
c:\drivers\modem\R150152\difxapi.dll
c:\drivers\modem\R150152\disk1
c:\drivers\modem\R150152\HSX_CNXT.sys
c:\drivers\modem\R150152\HSX_DPV.sys
c:\drivers\modem\R150152\HSXHWAZL.sys
c:\drivers\modem\R150152\HXFSetup.exe
c:\drivers\modem\R150152\MdmXSdk.dll
c:\drivers\modem\R150152\MDMXSDK.sys
c:\drivers\modem\R150152\Setup.exe
c:\drivers\modem\R150152\UCI32114.dll
c:\drivers\modem\R150152\UIUDLL.dll
c:\drivers\modem\R150152\UIUSYS.sys
c:\drivers\modem\R150152\Version.txt
c:\drivers\modem\R150152\xaudio.exe
c:\drivers\modem\R150152\xaudio.sys
c:\drivers\network\R167854\README.htm
c:\drivers\network\R167854\Readmes\yk60x86_0404.htm
c:\drivers\network\R167854\Readmes\yk60x86_0406.htm
c:\drivers\network\R167854\Readmes\yk60x86_0407.htm
c:\drivers\network\R167854\Readmes\yk60x86_0408.htm
c:\drivers\network\R167854\Readmes\yk60x86_0409.htm
c:\drivers\network\R167854\Readmes\yk60x86_040A.htm
c:\drivers\network\R167854\Readmes\yk60x86_040B.htm
c:\drivers\network\R167854\Readmes\yk60x86_040C.htm
c:\drivers\network\R167854\Readmes\yk60x86_040D.htm
c:\drivers\network\R167854\Readmes\yk60x86_0410.htm
c:\drivers\network\R167854\Readmes\yk60x86_0411.htm
c:\drivers\network\R167854\Readmes\yk60x86_0412.htm
c:\drivers\network\R167854\Readmes\yk60x86_0413.htm
c:\drivers\network\R167854\Readmes\yk60x86_0414.htm
c:\drivers\network\R167854\Readmes\yk60x86_0415.htm
c:\drivers\network\R167854\Readmes\yk60x86_0416.htm
c:\drivers\network\R167854\Readmes\yk60x86_0419.htm
c:\drivers\network\R167854\Readmes\yk60x86_041D.htm
c:\drivers\network\R167854\Readmes\yk60x86_041F.htm
c:\drivers\network\R167854\Readmes\yk60x86_0424.htm
c:\drivers\network\R167854\Readmes\yk60x86_0804.htm
c:\drivers\network\R167854\Readmes\yk60x86_3801.htm
c:\drivers\network\R167854\yk60x86.cat
c:\drivers\network\R167854\yk60x86.inf
c:\drivers\network\R167854\yk60x86.sys
c:\drivers\network\R174292\bcm43xx.cat
c:\drivers\network\R174292\bcm43xx64.cat
c:\drivers\network\R174292\bcmihvsrv.dll
c:\drivers\network\R174292\bcmihvsrv64.dll
c:\drivers\network\R174292\bcmihvui.dll
c:\drivers\network\R174292\bcmihvui64.dll
c:\drivers\network\R174292\bcmwl6.inf
c:\drivers\network\R174292\bcmwl6.sys
c:\drivers\network\R174292\bcmwl664.sys
c:\drivers\network\R174292\bcmwlcoi.dll
c:\drivers\network\R174292\bcmwlcoi64.dll
c:\drivers\storage\R166187\5000xzvp.cat
c:\drivers\storage\R166187\5000XZVP.inf
c:\drivers\storage\R166187\945.cat
c:\drivers\storage\R166187\945.inf
c:\drivers\storage\R166187\945gm.cat
c:\drivers\storage\R166187\945GM.inf
c:\drivers\storage\R166187\965g.cat
c:\drivers\storage\R166187\965g.inf
c:\drivers\storage\R166187\965m.cat
c:\drivers\storage\R166187\965m.inf
c:\drivers\storage\R166187\dmi_pci.cat
c:\drivers\storage\R166187\dmi_pci.inf
c:\drivers\storage\R166187\esb2id2.cat
c:\drivers\storage\R166187\ESB2id2.inf
c:\drivers\storage\R166187\esb2ide.cat
c:\drivers\storage\R166187\ESB2ide.inf
c:\drivers\storage\R166187\esb2usb.cat
c:\drivers\storage\R166187\ESB2usb.inf
c:\drivers\storage\R166187\ich7core.cat
c:\drivers\storage\R166187\ich7core.inf
c:\drivers\storage\R166187\ich7id2.cat
c:\drivers\storage\R166187\ich7id2.inf
c:\drivers\storage\R166187\ich7ide.cat
c:\drivers\storage\R166187\ich7ide.inf
c:\drivers\storage\R166187\ich7usb.cat
c:\drivers\storage\R166187\ich7usb.inf
c:\drivers\storage\R166187\ich8ahci.cat
c:\drivers\storage\R166187\ich8ahci.inf
c:\drivers\storage\R166187\ich8core.cat
c:\drivers\storage\R166187\ich8core.inf
c:\drivers\storage\R166187\ich8id2.cat
c:\drivers\storage\R166187\ich8id2.inf
c:\drivers\storage\R166187\ich8ide.cat
c:\drivers\storage\R166187\ich8ide.inf
c:\drivers\storage\R166187\ich8smb.cat
c:\drivers\storage\R166187\ich8smb.inf
c:\drivers\storage\R166187\ich8usb.cat
c:\drivers\storage\R166187\ich8usb.inf
c:\drivers\storage\R166187\ichxdev.cat
c:\drivers\storage\R166187\ichXdev.inf
c:\drivers\storage\R166187\INFAnswr.txt
c:\drivers\storage\R166187\readme.txt
c:\drivers\storage\R166187\Version.txt
c:\drivers\storage\R166188\rimmptsk.cat
c:\drivers\storage\R166188\Rimmptsk.inf
c:\drivers\storage\R166188\rimmptsk.sys
c:\drivers\storage\R166188\rimsptsk.cat
c:\drivers\storage\R166188\rimsptsk.inf
c:\drivers\storage\R166188\rimsptsk.sys
c:\drivers\storage\R166188\RixDICON.dll
c:\drivers\storage\R166188\rixdptsk.cat
c:\drivers\storage\R166188\rixdptsk.inf
c:\drivers\storage\R166188\rixdptsk.sys
c:\drivers\storage\R166188\snymsico.dll
c:\drivers\storage\R166200\iaahci.cat
c:\drivers\storage\R166200\iaahci.inf
c:\drivers\storage\R166200\iastor.cat
c:\drivers\storage\R166200\iastor.inf
c:\drivers\storage\R166200\iastor.sys
c:\drivers\storage\R166200\license.txt
c:\drivers\storage\R166200\readme.txt
c:\drivers\storage\R166200\txtsetup.oem
c:\drivers\storage\R166200\Version.txt
c:\drivers\video\R180254\autorun.inf
c:\drivers\video\R180254\difxapi.dll
c:\drivers\video\R180254\Graphics\difx32.dll
c:\drivers\video\R180254\Graphics\hccutils.dll
c:\drivers\video\R180254\Graphics\hkcmd.exe
c:\drivers\video\R180254\Graphics\ig4dev32.dll
c:\drivers\video\R180254\Graphics\ig4icd32.dll
c:\drivers\video\R180254\Graphics\igdkmd32.sys
c:\drivers\video\R180254\Graphics\igdumd32.dll
c:\drivers\video\R180254\Graphics\igfxcfg.exe
c:\drivers\video\R180254\Graphics\igfxcpl.cpl
c:\drivers\video\R180254\Graphics\igfxdev.dll
c:\drivers\video\R180254\Graphics\igfxdo.dll
c:\drivers\video\R180254\Graphics\igfxexps.dll
c:\drivers\video\R180254\Graphics\igfxext.exe
c:\drivers\video\R180254\Graphics\igfxpers.exe
c:\drivers\video\R180254\Graphics\igfxpph.dll
c:\drivers\video\R180254\Graphics\igfxrara.lrc
c:\drivers\video\R180254\Graphics\igfxrchs.lrc
c:\drivers\video\R180254\Graphics\igfxrcht.lrc
c:\drivers\video\R180254\Graphics\igfxrcsy.lrc
c:\drivers\video\R180254\Graphics\igfxrdan.lrc
c:\drivers\video\R180254\Graphics\igfxrdeu.lrc
c:\drivers\video\R180254\Graphics\igfxrell.lrc
c:\drivers\video\R180254\Graphics\igfxrenu.lrc
c:\drivers\video\R180254\Graphics\igfxresp.lrc
c:\drivers\video\R180254\Graphics\igfxress.dll
c:\drivers\video\R180254\Graphics\igfxrfin.lrc
c:\drivers\video\R180254\Graphics\igfxrfra.lrc
c:\drivers\video\R180254\Graphics\igfxrheb.lrc
c:\drivers\video\R180254\Graphics\igfxrhun.lrc
c:\drivers\video\R180254\Graphics\igfxrita.lrc
c:\drivers\video\R180254\Graphics\igfxrjpn.lrc
c:\drivers\video\R180254\Graphics\igfxrkor.lrc
c:\drivers\video\R180254\Graphics\igfxrnld.lrc
c:\drivers\video\R180254\Graphics\igfxrnor.lrc
c:\drivers\video\R180254\Graphics\igfxrplk.lrc
c:\drivers\video\R180254\Graphics\igfxrptb.lrc
c:\drivers\video\R180254\Graphics\igfxrptg.lrc
c:\drivers\video\R180254\Graphics\igfxrrus.lrc
c:\drivers\video\R180254\Graphics\igfxrsky.lrc
c:\drivers\video\R180254\Graphics\igfxrslv.lrc
c:\drivers\video\R180254\Graphics\igfxrsve.lrc
c:\drivers\video\R180254\Graphics\igfxrtha.lrc
c:\drivers\video\R180254\Graphics\igfxrtrk.lrc
c:\drivers\video\R180254\Graphics\igfxsrvc.dll
c:\drivers\video\R180254\Graphics\igfxsrvc.exe
c:\drivers\video\R180254\Graphics\igfxTMM.dll
c:\drivers\video\R180254\Graphics\igfxtray.exe
c:\drivers\video\R180254\Graphics\igfxzoom.exe
c:\drivers\video\R180254\Graphics\igklg400.dll
c:\drivers\video\R180254\Graphics\igklg450.dll
c:\drivers\video\R180254\Graphics\iglhxc32.vp
c:\drivers\video\R180254\Graphics\iglhxo32.vp
c:\drivers\video\R180254\Graphics\iglhxs32.vp
c:\drivers\video\R180254\Graphics\igmedcompkrn.dll
c:\drivers\video\R180254\Graphics\igxpco32.dll
c:\drivers\video\R180254\Graphics\igxpun.exe
c:\drivers\video\R180254\Graphics\kit12877.cat
c:\drivers\video\R180254\Graphics\Kit12877.inf
c:\drivers\video\R180254\Graphics\LANG\HDMI\ara\HDMIara.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\ara\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\chs\HDMIchs.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\chs\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\cht\HDMIcht.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\cht\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\csy\HDMIcsy.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\csy\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\dan\HDMIdan.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\dan\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\deu\HDMIdeu.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\deu\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\ell\HDMIell.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\ell\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\ENU\HDMIenu.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\ENU\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\esp\HDMIesp.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\esp\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\fin\HDMIfin.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\fin\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\fra\HDMIfra.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\fra\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\heb\HDMIheb.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\heb\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\hun\HDMIhun.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\hun\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\ita\HDMIita.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\ita\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\jpn\HDMIjpn.dll

c:\drivers\video\R180254\Graphics\LANG\HDMI\jpn\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\kor\HDMIkor.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\kor\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\nld\HDMInld.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\nld\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\nor\HDMInor.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\nor\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\plk\HDMIplk.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\plk\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\ptb\HDMIptb.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\ptb\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\ptg\HDMIptg.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\ptg\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\rus\HDMIrus.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\rus\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\SKY\HDMISKY.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\SKY\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\SLV\HDMISLV.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\SLV\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\sve\HDMIsve.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\sve\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\tha\HDMItha.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\tha\license.txt
c:\drivers\video\R180254\Graphics\LANG\HDMI\trk\HDMItrk.dll
c:\drivers\video\R180254\Graphics\LANG\HDMI\trk\license.txt
c:\drivers\video\R180254\Graphics\oemdspif.dll
c:\drivers\video\R180254\Graphics\TVWSetup.exe
c:\drivers\video\R180254\HDMI\HdmiCoin.dll
c:\drivers\video\R180254\HDMI\IntcHDMI.cat
c:\drivers\video\R180254\HDMI\IntcHdmi.inf
c:\drivers\video\R180254\HDMI\IntcHdmi.sys
c:\drivers\video\R180254\IIF2.ini
c:\drivers\video\R180254\Lang\HDMI\ara\HDMIara.dll
c:\drivers\video\R180254\Lang\HDMI\ara\license.txt
c:\drivers\video\R180254\Lang\HDMI\chs\HDMIchs.dll
c:\drivers\video\R180254\Lang\HDMI\chs\license.txt
c:\drivers\video\R180254\Lang\HDMI\cht\HDMIcht.dll
c:\drivers\video\R180254\Lang\HDMI\cht\license.txt
c:\drivers\video\R180254\Lang\HDMI\csy\HDMIcsy.dll
c:\drivers\video\R180254\Lang\HDMI\csy\license.txt
c:\drivers\video\R180254\Lang\HDMI\dan\HDMIdan.dll
c:\drivers\video\R180254\Lang\HDMI\dan\license.txt
c:\drivers\video\R180254\Lang\HDMI\deu\HDMIdeu.dll
c:\drivers\video\R180254\Lang\HDMI\deu\license.txt
c:\drivers\video\R180254\Lang\HDMI\ell\HDMIell.dll
c:\drivers\video\R180254\Lang\HDMI\ell\license.txt
c:\drivers\video\R180254\Lang\HDMI\ENU\HDMIenu.dll
c:\drivers\video\R180254\Lang\HDMI\ENU\license.txt
c:\drivers\video\R180254\Lang\HDMI\esp\HDMIesp.dll
c:\drivers\video\R180254\Lang\HDMI\esp\license.txt
c:\drivers\video\R180254\Lang\HDMI\fin\HDMIfin.dll
c:\drivers\video\R180254\Lang\HDMI\fin\license.txt
c:\drivers\video\R180254\Lang\HDMI\fra\HDMIfra.dll
c:\drivers\video\R180254\Lang\HDMI\fra\license.txt
c:\drivers\video\R180254\Lang\HDMI\heb\HDMIheb.dll
c:\drivers\video\R180254\Lang\HDMI\heb\license.txt
c:\drivers\video\R180254\Lang\HDMI\hun\HDMIhun.dll
c:\drivers\video\R180254\Lang\HDMI\hun\license.txt
c:\drivers\video\R180254\Lang\HDMI\ita\HDMIita.dll
c:\drivers\video\R180254\Lang\HDMI\ita\license.txt
c:\drivers\video\R180254\Lang\HDMI\jpn\HDMIjpn.dll
c:\drivers\video\R180254\Lang\HDMI\jpn\license.txt
c:\drivers\video\R180254\Lang\HDMI\kor\HDMIkor.dll
c:\drivers\video\R180254\Lang\HDMI\kor\license.txt
c:\drivers\video\R180254\Lang\HDMI\nld\HDMInld.dll
c:\drivers\video\R180254\Lang\HDMI\nld\license.txt
c:\drivers\video\R180254\Lang\HDMI\nor\HDMInor.dll
c:\drivers\video\R180254\Lang\HDMI\nor\license.txt
c:\drivers\video\R180254\Lang\HDMI\plk\HDMIplk.dll
c:\drivers\video\R180254\Lang\HDMI\plk\license.txt
c:\drivers\video\R180254\Lang\HDMI\ptb\HDMIptb.dll
c:\drivers\video\R180254\Lang\HDMI\ptb\license.txt
c:\drivers\video\R180254\Lang\HDMI\ptg\HDMIptg.dll
c:\drivers\video\R180254\Lang\HDMI\ptg\license.txt
c:\drivers\video\R180254\Lang\HDMI\rus\HDMIrus.dll
c:\drivers\video\R180254\Lang\HDMI\rus\license.txt
c:\drivers\video\R180254\Lang\HDMI\SKY\HDMISKY.dll
c:\drivers\video\R180254\Lang\HDMI\SKY\license.txt
c:\drivers\video\R180254\Lang\HDMI\SLV\HDMISLV.dll
c:\drivers\video\R180254\Lang\HDMI\SLV\license.txt
c:\drivers\video\R180254\Lang\HDMI\sve\HDMIsve.dll
c:\drivers\video\R180254\Lang\HDMI\sve\license.txt
c:\drivers\video\R180254\Lang\HDMI\tha\HDMItha.dll
c:\drivers\video\R180254\Lang\HDMI\tha\license.txt
c:\drivers\video\R180254\Lang\HDMI\trk\HDMItrk.dll
c:\drivers\video\R180254\Lang\HDMI\trk\license.txt
c:\drivers\video\R180254\readme.txt
c:\drivers\video\R180254\Setup.exe
c:\windows\system32\drivers\SKYNEToxbihueb.sys
c:\windows\system32\oem2.inf
c:\windows\system32\SKYNETidbvntiy.dll
c:\windows\system32\SKYNETlog.dat
c:\windows\system32\SKYNETmwoxyssk.dat
c:\windows\system32\SKYNETvfxmrcjq.dll
c:\windows\system32\SKYNETytexpvna.dat
((((((((((((((((((((((((((((((((((((((( Drivers/Services
-------\Service_SKYNETcpxnnvpt
-------\Legacy_SKYNETcpxnnvpt
((((((((((((((((((((((((( Files Created from 2009-08-06 to 2009-09-06

2009-09-06 02:31 . 2009-09-06 02:31 -------- dc----w- c:\users\new user\AppData\Local\temp
2009-09-06 02:31 . 2009-09-06 03:42 -------- dc----w- c:\users\Trillest\AppData\Local\temp
2009-09-06 02:31 . 2009-09-06 02:31 -------- dc----w- c:\users\Default\AppData\Local\temp
2009-09-05 22:57 . 2009-09-05 22:57 -------- dc----w- c:\users\Trillest\AppData\Local\VirtualStore
2009-09-05 05:29 . 2009-09-05 05:29 -------- dc----w- c:\program files\Trend Micro
2009-08-15 04:11 . 2009-08-15 04:11 -------- dc----w- c:\program files\Marcos Velasco Security
2009-08-08 05:58 . 2009-08-08 05:58 -------- dc----w- c:\users\Trillest\AppData\Roaming\Malwarebytes
2009-08-08 05:57 . 2009-08-03 18:36 38160 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-08 05:57 . 2009-08-08 05:57 -------- dc----w- c:\programdata\Malwarebytes
2009-08-08 05:57 . 2009-08-08 05:58 -------- dc----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-08 05:57 . 2009-08-03 18:36 19096 -c--a-w- c:\windows\system32\drivers\mbam.sys
2009-08-08 01:20 . 2009-08-08 01:20 -------- dc----w- c:\programdata\SUPERAntiSpyware.com
2009-08-08 01:19 . 2009-08-08 01:19 -------- dc----w- c:\program files\SUPERAntiSpyware
2009-08-08 01:19 . 2009-08-08 01:19 -------- dc----w- c:\users\Trillest\AppData\Roaming\SUPERAntiSpyware.com
2009-08-08 01:18 . 2009-08-08 01:18 -------- dc----w- c:\program files\Common Files\Wise Installation Wizard
2009-08-08 01:18 . 2009-08-08 01:18 -------- dc----w- c:\program files\WizardRecovery
2009-08-07 23:28 . 2009-08-15 04:46 -------- dc----w- c:\program files\Free Window Registry Repair
2009-08-07 18:39 . 2000-03-23 17:50 446464 -c--a-r- c:\windows\system32\hhactivex.dll
2009-08-07 18:39 . 1999-03-06 02:15 74000 -c--a-w- c:\windows\system32\msrclr40.dll
2009-08-07 18:39 . 1999-03-06 02:15 28944 -c--a-w- c:\windows\system32\msrecr40.dll
2009-08-07 18:39 . 1998-06-18 04:00 89360 -c--a-w- c:\windows\system32\VB5DB.DLL
2009-08-07 18:38 . 2001-08-22 13:42 13632 -c----w- c:\windows\system32\drivers\omci.sys

(((((((((((((((((((((((((((((((((((((((( Find3M Report
2009-09-04 18:25 . 2009-02-21 04:29 65800 -c--a-w- c:\users\Trillest\AppData\Local\GDIPFONTCACHEV1.DAT
2009-08-15 04:47 . 2009-08-07 02:40 -------- dc----w- c:\program files\RCrawler
2009-08-08 05:10 . 2009-02-21 04:43 -------- dc----w- c:\users\Trillest\AppData\Roaming\LimeWire
2009-08-07 18:39 . 2008-08-11 16:28 -------- dc-h--w- c:\program files\InstallShield Installation Information
2009-08-07 18:38 . 2008-08-11 04:27 -------- dc----w- c:\program files\Common Files\InstallShield
2009-08-07 05:19 . 2009-02-21 04:55 -------- dc----w- c:\users\Trillest\AppData\Roaming\Yahoo!
2009-08-06 23:16 . 2008-06-17 19:19 128248992 ----a-w- c:\windows\DUMP8f34.tmp
2009-08-06 23:02 . 2009-08-06 23:02 -------- dc----w- c:\users\Trillest\AppData\Roaming\Webroot
2009-08-06 23:02 . 2009-08-06 23:02 -------- dc----w- c:\programdata\Webroot
2009-08-06 23:02 . 2009-08-06 23:02 -------- dc----w- c:\program files\Webroot
2009-08-06 23:02 . 2009-08-06 23:00 -------- dc----w- c:\program files\AskSBar
2009-08-06 18:52 . 2009-03-28 18:42 248 -c--a-w- c:\users\Trillest\AppData\Roaming\wklnhst.dat
2009-08-06 18:28 . 2009-08-06 18:28 4 -c--a-w- c:\users\Trillest\AppData\Roaming\NP.sys
2009-08-06 18:26 . 2009-08-06 18:26 76800 -c--a-w- c:\windows\tqard01025.exe
2009-08-06 18:26 . 2009-08-06 18:26 412160 -c--a-w- c:\windows\wajw2281.exe
2009-08-06 18:25 . 2009-08-06 18:25 889078 -c--a-w- c:\windows\awrim45212.exe
2009-08-05 23:42 . 2009-08-05 23:43 410984 -c--a-w- c:\windows\system32\deploytk.dll
2009-08-05 23:42 . 2008-08-11 07:53 -------- dc----w- c:\program files\Java
2009-08-05 23:39 . 2008-12-21 03:06 -------- dc----w- c:\program files\Sony
2009-07-25 02:09 . 2009-07-25 02:09 -------- dc----w- c:\programdata\WindowsSearch
2009-07-24 19:35 . 2009-07-24 19:35 -------- dc----w- c:\programdata\Blizzard
2009-07-24 17:47 . 2009-07-24 17:47 -------- dc----w- c:\program files\Common Files\Blizzard Entertainment
2009-07-24 02:10 . 2009-07-24 02:08 -------- dc----w- c:\program files\FLV Player
2009-07-21 06:02 . 2009-07-21 06:02 96 -c--a-w- c:\users\Trillest\AppData\Local\fusioncache.dat
2009-07-21 06:02 . 2009-07-21 06:02 -------- dc----w- c:\users\Trillest\AppData\Roaming\Sony
2009-07-21 06:00 . 2009-07-21 06:00 -------- dc----w- c:\program files\Microsoft SQL Server
2009-07-21 05:58 . 2009-07-21 05:58 -------- dc----w- c:\programdata\Sony
2009-07-21 05:35 . 2008-12-21 03:04 -------- dc----w- c:\program files\Sony Setup
2009-07-21 05:35 . 2009-07-21 05:34 -------- dc----w- c:\users\Trillest\AppData\Roaming\Audacity
2009-07-18 16:06 . 2009-07-29 00:34 827904 -c--a-w- c:\windows\system32\wininet.dll
2009-07-18 16:01 . 2009-07-29 00:33 78336 -c--a-w- c:\windows\system32\ieencode.dll
2009-07-18 09:46 . 2009-07-29 00:33 26624 -c--a-w- c:\windows\system32\ieUnatt.exe
2009-07-18 01:37 . 2006-11-02 11:18 -------- dc----w- c:\program files\Windows Mail
2009-07-18 00:59 . 2008-07-25 22:52 -------- dc----w- c:\program files\Microsoft Works
2009-07-16 21:47 . 2008-09-05 18:18 -------- dc----w- c:\program files\Dl_cats
2009-06-15 15:24 . 2009-07-16 21:58 156672 -c--a-w- c:\windows\system32\t2embed.dll
2009-06-15 15:20 . 2009-07-16 21:58 72704 -c--a-w- c:\windows\system32\fontsub.dll
2009-06-15 15:20 . 2009-07-16 21:58 10240 -c--a-w- c:\windows\system32\dciman32.dll
2009-06-15 12:52 . 2009-07-16 21:58 289792 -c--a-w- c:\windows\system32\atmfd.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points

*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2}"= "c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL" [2009-08-06 66912]

[HKEY_CLASSES_ROOT\clsid\{0579b4b6-0293-4d73-b02d-5ebb0ba0f0a2}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
2009-08-06 23:02 66912 -c--a-w- c:\program files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-12-04 1809648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3444736]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"FaxCenterServer"="c:\program files\Dell PC Fax\fm3032.exe" [2006-11-03 312200]
"dlcxmon.exe"="c:\program files\Dell Photo AIO Printer 926\dlcxmon.exe" [2007-01-12 292336]
"MemoryCardManager"="c:\program files\Dell Photo AIO Printer 926\memcard.exe" [2006-11-03 304008]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 528384]
"SpySweeper"="c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2008-08-09 5418864]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2002-12-17 74308]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-03 19:56 352256 -c--a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{290B6E2F-1649-4985-B045-E5BBF420CCD2}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{BE1120EF-A175-4E62-B1BB-9C625E5A7570}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{E6E2C80F-E94D-416D-8944-D00ADF604902}"= UDP:c:\windows\System32\dlcxcoms.exe:Lexmark Communications System
"{5585AFAC-68BD-4FBD-8249-E5012ECBF92F}"= TCP:c:\windows\System32\dlcxcoms.exe:Lexmark Communications System
"{932BB497-F95C-4266-98A6-65796F6FFF96}"= UDP:c:\program files\Dell Photo AIO Printer 926\dlcxmon.exe:Device Monitor
"{373D87FE-4DDB-443B-ACC4-DA586404177C}"= TCP:c:\program files\Dell Photo AIO Printer 926\dlcxmon.exe:Device Monitor
"{9BFEF211-151C-4F52-B2FC-59D2179A464C}"= UDP:c:\program files\Dell Photo AIO Printer 926\dlcxaiox.exe:All In One Center
"{DDDC2DEF-5098-45DA-AD2E-A791A3F0C5ED}"= TCP:c:\program files\Dell Photo AIO Printer 926\dlcxaiox.exe:All In One Center
"TCP Query User{DF0A034B-F551-4A16-88E4-9BB1FF35F4FB}c:\\program files\\limewire\\limewire.exe"= UDP:c:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{38620EB8-FFB7-4921-BE47-C1E38470C7CA}c:\\program files\\limewire\\limewire.exe"= TCP:c:\program files\limewire\limewire.exe:LimeWire
"{FE02C8FA-05D8-4F8B-9078-25A1804A8AE5}"= UDP:c:\windows\System32\dlbfcoms.exe:AIO Printer A960 Server
"{6A28B52E-C80A-4BDB-98D2-B15566D0971B}"= TCP:c:\windows\System32\dlbfcoms.exe:AIO Printer A960 Server
"{27D0D14D-0CA3-45F8-A21A-14E78E1E5D0A}"= UDP:3724:Blizzard Downloader: 3724

R0 ssfs0bbc;ssfs0bbc;c:\windows\System32\drivers\ssfs0bbc.sys [8/9/2008 2:42 PM 29808]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [12/4/2008 1:50 PM 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12/4/2008 1:50 PM 55024]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [12/4/2008 1:50 PM 7408]
S4 dlbf_device;dlbf_device;c:\windows\system32\dlbfcoms.exe -service --> c:\windows\system32\dlbfcoms.exe -service [?]
S4 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe -service --> c:\windows\system32\dlcxcoms.exe -service [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder

2009-09-06 c:\windows\Tasks\User_Feed_Synchronization-{62590D7D-946E-49D7-B630-D77422460DDB}.job
- c:\windows\system32\msfeedssync.exe [2008-01-21 02:34]

2009-09-04 c:\windows\Tasks\wrSpySweeperFullSweep.job
- c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe [2009-08-06 21:04]

2009-09-04 c:\windows\Tasks\wrSpySweeperFullSweep.job
- c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe [2009-08-06 21:04]
.
- - - - ORPHANS REMOVED - - - -
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
------- Supplementary Scan -------
.
mStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*http://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
FF - ProfilePath - c:\users\Trillest\AppData\Roaming\Mozilla\Firefox\Profiles\fzb63qgt.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p=
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPAskSBr.dll
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-05 22:40
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0
**************************************************************************
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\audiodg.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\wlanext.exe
c:\windows\System32\BCMWLTRY.EXE
c:\program files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
c:\program files\CDBurnerXP\NMSAccessU.exe
c:\program files\Webroot\Spy Sweeper\SpySweeper.exe
c:\windows\System32\WUDFHost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\System32\igfxsrvc.exe
c:\program files\Common Files\Teleca Shared\Generic.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
**************************************************************************
Completion time: 2009-09-06 23:27 - machine was rebooted
ComboFix-quarantined-files.txt 2009-09-06 04:26

Pre-Run: 48,843,296,768 bytes free
Post-Run: 48,585,834,496 bytes free

618 --- E O F --- 2009-08-06 00:36

Ok awesome after those posts I tried the net on my laptop and it works again!!!!! Don't know if you want me to do anything else with that log info ill check back tomorrow. Thanks again you are a light at the end of the nasty virus infected net hole. Awesome work!!!!

Hello.

• Click Start >> Control Panel.
  
• Under the Programs click Uninstall a Program
  
• Highlight the following:
  
  Ask Toolbar
  Limewire
  
  
• Click on the Uninstall/Change button at the top.
  

Please download the OTMoveIt by OldTimer.

• Save it to your desktop.
  
• Please double-click OTM.exe to run it.
  
• Copy the bolded text below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :files
  c:\windows\DUMP8f34.tmp
  c:\users\Trillest\AppData\Roaming\LimeWire
  c:\program files\AskSBar
  c:\windows\tqard01025.exe
  c:\windows\wajw2281.exe
  c:\windows\awrim45212.exe
  
  
  
• Return to OTMoveIt, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  
• Click the red Moveit! button.
  
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTMoveIt
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.