Results 1 to 12 of 12
  1. #1
    snotpig's Avatar
    Join Date
    Mar 2009
    Gender
    male
    Location
    Under ur bed.
    Posts
    95
    Reputation
    10
    Thanks
    28
    My Mood
    Bored

    Can some1 help me with a virus?

    I have a virus from the Ghost hack....

    This is a log from Combo Fix, im a noob so i cant read it can some 1 help?

    Code:
    ComboFix 09-09-03.02 - XPS 09/04/2009 13:51.2.4 - NTFSx86
    Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.1.1033.18.2813.1215 [GMT -4:00]
    Running from: c:\users\XPS\Downloads\ComboFix.exe
    SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
    SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
    SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
     * Resident AV is active
    
    .
    
    (((((((((((((((((((((((((   Files Created from 2009-08-04 to 2009-09-04  )))))))))))))))))))))))))))))))
    .
    
    2009-09-04 18:01 . 2009-09-04 18:02	--------	d-----w-	c:\users\XPS\AppData\Local\temp
    2009-09-04 18:01 . 2009-09-04 18:01	--------	d-----w-	c:\users\Public\AppData\Local\temp
    2009-09-04 18:01 . 2009-09-04 18:01	--------	d-----w-	c:\users\Default\AppData\Local\temp
    2009-09-03 22:26 . 2009-09-03 22:26	--------	d-----w-	c:\program files\WhoLockMe
    2009-09-03 18:11 . 2009-09-03 20:09	--------	d-----w-	c:\program files\Uplink Demo
    2009-09-02 20:33 . 2009-08-28 12:39	28672	----a-w-	c:\windows\system32\Apphlpdm.dll
    2009-09-02 20:33 . 2009-08-28 10:15	4240384	----a-w-	c:\windows\system32\GameUXLegacyGDFs.dll
    2009-09-01 13:49 . 2009-03-19 20:32	23400	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
    2009-09-01 13:49 . 2008-04-17 16:12	107368	----a-w-	c:\windows\system32\GEARAspi.dll
    2009-09-01 13:49 . 2009-09-01 13:49	--------	d-----w-	c:\program files\iPod
    2009-09-01 13:49 . 2009-09-01 13:49	--------	d-----w-	c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
    2009-09-01 13:49 . 2009-09-01 13:49	--------	d-----w-	c:\program files\iTunes
    2009-09-01 13:47 . 2009-09-01 13:48	--------	d-----w-	c:\program files\QuickTime
    2009-09-01 07:01 . 2009-06-22 10:22	2048	----a-w-	c:\windows\system32\tzres.dll
    2009-08-31 14:00 . 2009-08-31 14:00	--------	d-----w-	c:\users\XPS\AppData\Roaming\Mael
    2009-08-31 13:58 . 2009-08-31 13:58	--------	d-----w-	c:\program files\HxD
    2009-08-16 23:50 . 2009-08-16 23:50	--------	d-----w-	c:\windows\configs
    2009-08-16 02:00 . 2009-08-16 02:00	--------	d-----w-	c:\windows\configuration
    2009-08-15 03:37 . 2009-08-15 03:37	--------	d-----w-	c:\programdata\SUPERAntiSpyware.com
    2009-08-15 03:35 . 2009-08-15 03:36	--------	d-----w-	c:\program files\SUPERAntiSpyware
    2009-08-15 03:35 . 2009-08-15 03:35	--------	d-----w-	c:\users\XPS\AppData\Roaming\SUPERAntiSpyware.com
    2009-08-15 03:22 . 2009-06-15 15:22	213504	----a-w-	c:\windows\system32\msv1_0.dll
    2009-08-15 03:22 . 2009-06-15 15:21	499712	----a-w-	c:\windows\system32\kerberos.dll
    2009-08-15 03:22 . 2009-06-15 18:20	439896	----a-w-	c:\windows\system32\drivers\ksecdd.sys
    2009-08-15 03:22 . 2009-06-15 15:24	175104	----a-w-	c:\windows\system32\wdigest.dll
    2009-08-15 03:22 . 2009-06-15 15:24	270848	----a-w-	c:\windows\system32\schannel.dll
    2009-08-15 03:22 . 2009-06-15 15:23	1256448	----a-w-	c:\windows\system32\lsasrv.dll
    2009-08-15 03:22 . 2009-06-15 12:57	9728	----a-w-	c:\windows\system32\lsass.exe
    2009-08-15 03:22 . 2009-06-15 15:24	72704	----a-w-	c:\windows\system32\secur32.dll
    2009-08-15 03:18 . 2009-08-15 03:18	--------	d-----w-	c:\users\XPS\AppData\Roaming\Malwarebytes
    2009-08-15 03:18 . 2009-08-03 17:36	38160	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
    2009-08-15 03:18 . 2009-08-15 03:18	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
    2009-08-15 03:18 . 2009-08-15 03:18	--------	d-----w-	c:\programdata\Malwarebytes
    2009-08-15 03:18 . 2009-08-03 17:36	19096	----a-w-	c:\windows\system32\drivers\mbam.sys
    2009-08-15 02:16 . 2009-07-21 21:52	915456	----a-w-	c:\windows\system32\wininet.dll
    2009-08-15 02:16 . 2009-07-21 21:47	71680	----a-w-	c:\windows\system32\iesetup.dll
    2009-08-15 02:16 . 2009-07-21 21:47	109056	----a-w-	c:\windows\system32\iesysprep.dll
    2009-08-15 02:16 . 2009-07-21 20:13	133632	----a-w-	c:\windows\system32\ieUnatt.exe
    2009-08-15 01:33 . 2009-08-15 01:33	--------	d-----w-	c:\users\XPS\AppData\Roaming\McAfee
    2009-08-15 01:31 . 2009-08-15 01:33	--------	d-----w-	c:\users\XPS\FCC07EEAFA184A2191059666603C6885.TMP
    2009-08-15 01:06 . 2009-08-15 01:06	--------	d-----w-	c:\users\XPS\AppData\Local\McAfee
    2009-08-15 00:13 . 2009-08-15 00:22	--------	d-----w-	c:\users\XPS\AppData\Roaming\mIRC
    2009-08-15 00:13 . 2009-08-15 00:21	--------	d-----w-	c:\program files\mIRC
    2009-08-12 19:33 . 2009-08-12 19:33	--------	d-----w-	c:\users\XPS\AppData\Local\MetaGeek,_LLC
    2009-08-12 18:53 . 2009-07-17 14:35	71680	----a-w-	c:\windows\system32\atl.dll
    2009-08-12 18:52 . 2009-06-10 12:12	160256	----a-w-	c:\windows\system32\wkssvc.dll
    2009-08-12 18:52 . 2009-06-04 12:34	2066432	----a-w-	c:\windows\system32\mstscax.dll
    2009-08-12 18:52 . 2009-06-10 12:07	91136	----a-w-	c:\windows\system32\avifil32.dll
    2009-08-12 18:52 . 2009-07-14 13:00	313344	----a-w-	c:\windows\system32\wmpdxm.dll
    2009-08-12 18:52 . 2009-07-14 12:58	7680	----a-w-	c:\windows\system32\spwmp.dll
    2009-08-12 18:52 . 2009-07-14 12:59	4096	----a-w-	c:\windows\system32\dxmasf.dll
    2009-08-12 18:52 . 2009-07-14 10:59	8147456	----a-w-	c:\windows\system32\wmploc.DLL
    2009-08-11 12:00 . 2009-08-11 12:00	--------	d-----w-	c:\programdata\WindowsSearch
    2009-08-11 11:57 . 2009-08-11 11:57	--------	d-----w-	c:\users\XPS\AppData\Local\bluesoleil
    2009-08-09 16:46 . 2009-08-09 16:46	--------	d-----w-	c:\users\XPS\Program Files
    2009-08-08 21:22 . 2009-08-08 22:24	--------	d-----w-	c:\users\XPS\AppData\Local\GamersFirst LIVE!
    2009-08-08 21:22 . 2009-08-08 21:22	--------	d-----w-	c:\users\XPS\AppData\Local\DNA
    2009-08-08 21:22 . 2009-09-04 04:02	--------	d-----w-	c:\users\XPS\AppData\Roaming\DNA
    2009-08-08 21:22 . 2009-08-08 21:22	--------	d-----w-	c:\program files\DNA
    2009-08-08 21:22 . 2009-08-09 00:47	--------	d-----w-	c:\program files\GamersFirst
    2009-08-07 23:51 . 2009-08-07 23:51	15308424	----a-w-	c:\windows\system32\xlive.dll
    2009-08-07 23:51 . 2009-08-07 23:51	13642888	----a-w-	c:\windows\system32\xlivefnt.dll
    2009-08-07 02:09 . 2009-08-07 02:09	--------	d-----w-	c:\users\XPS\.netbeans-derby
    2009-08-07 02:05 . 2009-08-07 02:16	--------	d-----w-	c:\users\XPS\.netbeans
    2009-08-07 02:05 . 2009-08-07 02:05	--------	d-----w-	c:\users\XPS\.netbeans-registration
    2009-08-07 02:02 . 2009-08-07 02:16	--------	d-----w-	C:\Sun
    2009-08-07 01:55 . 2009-08-07 02:19	--------	d-----w-	c:\users\XPS\.nbi
    
    .
    ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2009-09-04 03:55 . 2009-03-11 21:48	--------	d-----w-	c:\users\XPS\AppData\Roaming\Skype
    2009-09-04 03:43 . 2009-01-15 03:47	--------	d-----w-	c:\programdata\PMB Files
    2009-09-04 03:21 . 2008-12-27 23:26	--------	d-----w-	c:\users\XPS\AppData\Roaming\WTablet
    2009-09-04 01:30 . 2008-11-18 22:41	1356	----a-w-	c:\users\XPS\AppData\Local\d3d9caps.dat
    2009-09-03 20:09 . 2009-05-01 19:26	--------	d-----w-	c:\program files\Cheat Engine
    2009-09-02 21:19 . 2009-05-25 22:47	--------	d-----w-	c:\program files\Steam
    2009-09-02 20:43 . 2009-05-25 22:47	--------	d-----w-	c:\program files\Common Files\Steam
    2009-09-01 13:49 . 2008-09-27 15:41	--------	d-----w-	c:\program files\Common Files\Apple
    2009-09-01 06:17 . 2009-01-28 23:34	--------	d-----w-	c:\programdata\DriverCure
    2009-08-15 03:45 . 2009-01-02 01:54	--------	d-----w-	c:\users\XPS\AppData\Roaming\U3
    2009-08-15 03:34 . 2009-05-05 01:26	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
    2009-08-15 01:33 . 2008-10-04 20:50	--------	d-----w-	c:\program files\McAfee
    2009-08-15 01:33 . 2008-09-20 18:47	--------	d-----w-	c:\programdata\McAfee
    2009-08-13 03:32 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
    2009-08-09 00:25 . 2008-08-21 21:45	--------	d--h--w-	c:\program files\InstallShield Installation Information
    2009-08-08 22:25 . 2008-09-19 23:32	--------	d-----w-	c:\users\XPS\AppData\Roaming\Xfire
    2009-08-08 03:59 . 2008-09-22 01:19	--------	d-----w-	c:\users\XPS\AppData\Roaming\uTorrent
    2009-08-06 00:08 . 2008-11-03 18:37	--------	d-----w-	c:\programdata\Xfire
    2009-08-04 01:44 . 2009-08-04 01:43	--------	d-----w-	c:\program files\Smart CD Ripper
    2009-08-04 01:42 . 2009-08-04 01:20	--------	d-----w-	c:\program files\FreeCDRipper
    2009-08-03 22:44 . 2009-08-03 22:44	--------	d-----w-	c:\program files\Sun
    2009-08-03 22:41 . 2009-01-11 01:59	410984	----a-w-	c:\windows\system32\deploytk.dll
    2009-08-03 22:36 . 2008-08-21 21:45	--------	d-----w-	c:\program files\Java
    2009-08-03 22:20 . 2009-08-03 22:20	--------	d-----w-	c:\program files\jGRASP
    2009-08-02 17:13 . 2009-08-02 17:13	--------	d-----w-	c:\program files\Subagames
    2009-08-01 17:50 . 2009-08-01 16:50	367	----a-w-	c:\windows\EReg072.dat
    2009-08-01 16:49 . 2009-07-28 19:15	--------	d-----w-	c:\program files\Electronic Arts
    2009-08-01 15:46 . 2009-08-01 15:46	--------	d-----w-	c:\program files\IVT Corporation
    2009-08-01 15:42 . 2009-08-01 15:42	--------	d-----w-	c:\program files\Nokia
    2009-08-01 15:41 . 2009-08-01 15:41	--------	d-----w-	c:\program files\DIFX
    2009-08-01 15:40 . 2009-08-01 15:40	--------	d-----w-	c:\program files\PC Connectivity Solution
    2009-08-01 15:40 . 2009-08-01 15:40	--------	d-----w-	c:\programdata\Installations
    2009-07-31 18:38 . 2008-09-28 01:52	--------	d-----w-	c:\program files\Microsoft Silverlight
    2009-07-30 22:52 . 2008-09-19 23:32	--------	d-s---w-	c:\program files\Xfire
    2009-07-29 02:03 . 2009-07-29 02:03	--------	d-----w-	c:\program files\Audacity
    2009-07-29 01:24 . 2009-07-29 01:24	629760	----a-w-	c:\windows\isRS-000.tmp
    2009-07-29 01:24 . 2009-07-29 01:24	--------	d-----w-	c:\program files\BeeThink MP3 WMA To Wav 2.0
    2009-07-29 01:22 . 2009-07-29 01:18	--------	d-----w-	c:\program files\HooTech
    2009-07-28 19:29 . 2009-07-21 14:53	--------	d-----w-	c:\program files\Graboid
    2009-07-28 19:27 . 2009-03-31 23:51	--------	d-----w-	c:\program files\***********
    2009-07-28 19:26 . 2009-07-02 11:43	--------	d-----w-	c:\program files\Workspace Macro 4.6
    2009-07-28 19:25 . 2009-07-07 01:33	--------	d-----w-	c:\users\XPS\AppData\Roaming\Dev-Cpp
    2009-07-28 19:25 . 2009-06-27 13:08	--------	d-----w-	c:\program files\Crayon Physics Deluxe
    2009-07-28 19:21 . 2009-05-25 23:04	--------	d-----w-	c:\programdata\Media Center Programs
    2009-07-25 05:17 . 2009-07-25 05:17	--------	d-----w-	c:\program files\Web Publish
    2009-07-25 04:16 . 2009-07-14 19:03	--------	d-----w-	c:\program files\Microsoft Visual Studio 9.0
    2009-07-25 04:16 . 2009-07-25 04:16	--------	d-----w-	c:\program files\Microsoft Synchronization Services
    2009-07-25 04:16 . 2008-12-18 02:22	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
    2009-07-25 04:16 . 2009-07-14 19:03	--------	d-----w-	c:\programdata\Microsoft Help
    2009-07-24 01:57 . 2009-07-24 01:57	41872	----a-w-	c:\windows\system32\xfcodec.dll
    2009-07-21 17:33 . 2009-07-21 17:33	--------	d-----w-	c:\users\XPS\AppData\Roaming\vlc
    2009-07-21 15:02 . 2009-07-21 15:02	--------	d-----w-	c:\users\XPS\AppData\Roaming\MozillaControl
    2009-07-21 14:53 . 2009-07-21 14:53	--------	d-----w-	c:\program files\VideoLAN
    2009-07-20 00:36 . 2009-07-19 23:57	--------	d-----w-	c:\programdata\NOS
    2009-07-20 00:36 . 2009-07-19 23:57	--------	d-----w-	c:\program files\NOS
    2009-07-20 00:02 . 2008-08-21 21:50	--------	d-----w-	c:\program files\Common Files\Adobe
    2009-07-19 23:58 . 2009-07-19 23:58	--------	d-----w-	c:\program files\Common Files\Adobe AIR
    2009-07-18 15:10 . 2009-07-18 15:10	134072	----a-w-	c:\windows\ColorPic Uninstaller.exe
    2009-07-18 15:10 . 2009-07-18 15:10	--------	d-----w-	c:\program files\ColorPic 4.1
    2009-07-16 23:20 . 2009-07-16 23:20	--------	d-----w-	c:\program files\Time Stopper
    2009-07-16 02:17 . 2009-07-16 02:17	229224	----a-w-	c:\windows\system32\drivers\VMM.sys
    2009-07-14 20:17 . 2009-07-14 19:06	--------	d-----w-	c:\program files\Microsoft SQL Server
    2009-07-14 20:16 . 2008-09-20 19:03	--------	d-----w-	c:\program files\Microsoft.NET
    2009-07-14 19:04 . 2009-07-14 19:03	--------	d-----w-	c:\program files\Common Files\Merge Modules
    2009-07-14 17:34 . 2009-07-14 17:34	--------	d-----w-	c:\program files\Microsoft SDKs
    2009-07-09 22:20 . 2009-07-04 13:50	--------	d-----w-	c:\program files\VoipCheapCom
    2009-07-09 01:55 . 2009-07-09 01:55	--------	d-----w-	c:\program files\American Systems
    2009-07-08 21:21 . 2009-01-18 16:32	61224	----a-w-	c:\users\XPS\GoToAssistDownloadHelper.exe
    2009-06-29 19:41 . 2008-10-30 22:08	34	----a-w-	c:\users\XPS\jagex_runescape_preferences.dat
    2009-06-29 13:52 . 2009-06-29 13:52	9728	----a-w-	c:\windows\system32\BsMonUI.dll
    2009-06-29 13:52 . 2009-06-29 13:52	18432	----a-w-	c:\windows\system32\BsMonSvr.dll
    2009-06-29 13:52 . 2009-06-29 13:52	405589	----a-w-	c:\windows\system32\BsUI.dll
    2009-06-29 13:52 . 2009-06-29 13:52	57430	----a-w-	c:\windows\system32\btfunc.dll
    2009-06-29 13:52 . 2009-06-29 13:52	278647	----a-w-	c:\windows\system32\outlookAddin.dll
    2009-06-29 13:51 . 2009-06-29 13:51	53248	----a-w-	c:\windows\system32\HtmPrintHelper.dll
    2009-06-29 13:51 . 2009-06-29 13:51	114774	----a-w-	c:\windows\system32\versit.dll
    2009-06-29 13:51 . 2009-06-29 13:51	622693	----a-w-	c:\windows\system32\BSShell.dll
    2009-06-29 13:51 . 2009-06-29 13:51	569430	----a-w-	c:\windows\system32\Bscdlg.dll
    2009-06-29 13:51 . 2009-06-29 13:51	118884	----a-w-	c:\windows\system32\BsProfileFunc.dll
    2009-06-29 13:50 . 2009-06-29 13:50	151642	----a-w-	c:\windows\system32\BsCommon.dll
    2009-06-29 13:50 . 2009-06-29 13:50	94314	----a-w-	c:\windows\system32\BsHelpCSps.dll
    2009-06-29 13:50 . 2009-06-29 13:50	589939	----a-w-	c:\windows\system32\BlueSoleilCSps.dll
    2009-06-29 13:49 . 2009-06-29 13:49	28766	----a-w-	c:\windows\system32\PlayerCtrl.dll
    2009-06-29 13:49 . 2009-06-29 13:49	98403	----a-w-	c:\windows\system32\Bs2Res.dll
    2009-06-29 13:49 . 2009-06-29 13:49	135264	----a-w-	c:\windows\system32\BsMobileSDK.dll
    2009-06-29 13:49 . 2009-06-29 13:49	254036	----a-w-	c:\windows\system32\BsSDK.dll
    2009-06-29 13:48 . 2009-06-29 13:48	28672	----a-w-	c:\windows\system32\BsMobileCSps.dll
    2009-06-29 13:48 . 2009-06-29 13:48	28760	----a-w-	c:\windows\system32\BsTrace.dll
    2009-06-15 15:24 . 2009-07-15 11:45	156672	----a-w-	c:\windows\system32\t2embed.dll
    2009-06-15 15:20 . 2009-07-15 11:45	72704	----a-w-	c:\windows\system32\fontsub.dll
    2009-06-15 15:20 . 2009-07-15 11:45	10240	----a-w-	c:\windows\system32\dciman32.dll
    2009-06-15 12:52 . 2009-07-15 11:45	289792	----a-w-	c:\windows\system32\atmfd.dll
    2009-05-17 03:11 . 2009-05-17 02:25	1239751184	----a-w-	c:\program files\MSSetupv70.exe
    2008-09-10 18:49 . 2008-09-10 18:49	5817064	----a-w-	c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll
    2008-08-22 05:21 . 2008-08-22 05:10	8192	--sha-w-	c:\windows\Users\Default\NTUSER.DAT
    .
    
    (((((((((((((((((((((((((((((   SnapShot@2009-09-04_16.13.38   )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-09-19 22:27 . 2009-09-04 16:13	32768              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-09-19 22:27 . 2009-09-04 18:01	32768              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-09-19 22:27 . 2009-09-04 18:01	81920              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-09-19 22:27 . 2009-09-04 16:13	81920              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2008-09-19 22:27 . 2009-09-04 18:01	32768              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2008-09-19 22:27 . 2009-09-04 16:13	32768              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    .
    (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown 
    REGEDIT4
    
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    "NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2008-01-15 106496]
    "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-21 68856]
    "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-14 206064]
    "googletalk"="c:\users\XPS\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
    "Google Update"="c:\users\XPS\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-01-15 133104]
    "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
    "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-03-11 24095528]
    "Eraser"="c:\program files\Eraser\Eraser.exe" [2007-12-22 916240]
    "Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2009-09-04 2919608]
    "BitTorrent DNA"="c:\users\XPS\Program Files\DNA\btdna.exe" [2009-08-09 318272]
    "VoipCheapCom"="c:\program files\VoipCheapCom\voipcheapcom.exe" [2009-07-09 9257272]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-08-05 1830128]
    
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
    "ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920]
    "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
    "NVRaidService"="c:\windows\system32\nvraidservice.exe" [2008-01-03 184864]
    "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
    "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-14 206064]
    "mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-09 645328]
    "fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2008-12-08 453984]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-18 13580832]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-18 92704]
    "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-06-29 520024]
    "Rvsystem"="c:\program files\Returnil\Returnil.exe" [2009-05-04 2304000]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
    "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-03 148888]
    "BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2009-06-29 315478]
    "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
    "CTxfiHlp"="CTXFIHLP.EXE" - c:\windows\System32\Ctxfihlp.exe [2009-02-19 24576]
    "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-07-17 55824]
    
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "FlashPlayerUpdate"="c:\windows\system32\Macromed\Flash\FlashUtil10a.exe" [2008-10-05 235936]
    
    c:\users\XPS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    PowerMenu.lnk - c:\program files\PowerMenu\PowerMenu.exe [2002-12-19 57344]
    
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-1-10 113664]
    GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2009-8-5 2389360]
    LaunchU3.exe.lnk - c:\windows\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe [2009-1-6 22486]
    NETGEAR WN111v2 Smart Wizard.lnk - c:\program files\NETGEAR\WN111v2\WN111v2.exe [2008-5-9 1712128]
    SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetpointII.exe [2007-8-30 319488]
    VPN Client.lnk - c:\windows\Installer\{4C271126-C295-4828-A901-5910AE0C258B}\Icon3E5562ED7.ico [2009-1-13 6144]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
    
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
    2008-12-22 16:05	356352	----a-w-	c:\program files\SUPERAntiSpyware\SASWINLO.dll
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
    @=""
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
    @="Service"
    
    [HKLM\~\startupfolder\C:^Users^XPS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
    path=c:\users\XPS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
    backup=c:\windows\pss\Xfire.lnk.Startup
    backupExtension=.Startup
    
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
    "DisableMonitoring"=dword:00000001
    
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{139FC167-8533-4FC1-A969-9CD83C5F25A9}"= UDP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
    "{E5EF12FB-C3C0-4C03-89D2-25AD26AB7D18}"= TCP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
    "{51CFDEC4-777A-4395-99AD-9B859EBD3711}"= UDP:c:\nexon\Combat Arms\NMService.exe:Nexon Messenger Core
    "{D1D245C9-E81E-4F35-95F0-A404FA0AAFE4}"= TCP:c:\nexon\Combat Arms\NMService.exe:Nexon Messenger Core
    "{BB3B256C-169D-4D93-8D2D-4433BE37F0DA}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{54270B9A-9749-42F7-A8E9-56AE6B92910C}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{8C3ABA4E-ECF7-4EB4-BE2D-FC0D9C90DE32}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
    "{4FC396E4-5EE1-42C0-A5EA-6397E3143867}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
    "{BD351DD6-1DE0-4698-9F78-BDEA92D8D5C6}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
    "{0F5DB79E-EDFC-4DF2-A8E4-C87547F1C39D}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
    "{4EC7CEB4-88C0-4C88-A094-664C3D21DFD2}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
    "{1B82F99B-18AF-4184-A258-F437457D727F}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
    "{52BAD015-3A47-498F-B7E2-015481960814}"= UDP:c:\nexon\Combat Arms\NMService.exe:Nexon Messenger Core
    "{9E278887-4287-4887-924A-DD39DF102F7E}"= TCP:c:\nexon\Combat Arms\NMService.exe:Nexon Messenger Core
    "{86A28FEF-80D4-401B-B5AB-3008E2639E8D}"= UDP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
    "{FE981B5A-4174-461C-BC86-3733F9D63CAA}"= TCP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
    "{283E9316-D295-4F6B-AA2B-725C5E776193}"= UDP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll:Google Talk Plugin
    "{00BD0291-222E-4704-90ED-1F48CA70D096}"= TCP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll:Google Talk Plugin
    "{EB7CBF0C-073A-4A7B-AA14-01F2AE9A6B3B}"= UDP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe:Google Talk Plugin
    "{BA66F7BD-D47B-489F-9246-D6BA0DFEA2D9}"= TCP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe:Google Talk Plugin
    "{762EAF2F-F6E1-4CAD-98F1-3AEFE862036F}"= Disabled:UDP:c:\users\XPS\AppData\Roaming\U3\45269314120259C9\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe:skype
    "{1DB2B0E9-9D0F-4E1A-84F2-AEB27BA051EA}"= TCP:c:\users\XPS\AppData\Roaming\U3\45269314120259C9\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe:skype
    "{C657BDDE-08ED-4318-9736-7178EAAF4829}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{97D47645-C038-43F6-B54F-ABF03507DF47}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
    "{E7DFC7E2-4C83-44E9-896D-8A2ACF492A19}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
    "{78AE28E8-8BDA-4FEA-B097-BB8C59E48DFF}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
    "TCP Query User{70D6A474-BC73-4B19-80E7-920B36F4DD0A}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype 
    "UDP Query User{92A1340C-A124-4847-A016-4298B3D8EDB3}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype 
    "{07FD60D1-E31B-4EF2-AA8C-EC5486D8592F}"= UDP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll:Google Talk Plugin
    "{AC8CB17E-1B76-4184-81C7-1083672CF502}"= TCP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll:Google Talk Plugin
    "{0CA57283-C831-40FC-84B1-88BFC6B1785B}"= UDP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe:Google Talk Plugin
    "{88BD2978-0AB5-4E34-B2C4-92746B2C19DF}"= TCP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe:Google Talk Plugin
    "TCP Query User{6ACF7D82-D778-4DEA-8EFC-A8262F8D74A9}c:\\windows\\system32\\java.exe"= UDP:c:\windows\system32\java.exe:Java(TM) Platform SE binary
    "UDP Query User{3C6E5A24-947D-4EED-A3B7-2EC27A293458}c:\\windows\\system32\\java.exe"= TCP:c:\windows\system32\java.exe:Java(TM) Platform SE binary
    "TCP Query User{775C3E55-ACF9-4145-B051-13D9894F6B5B}c:\\program files\\glittercomm\\gcmaster.exe"= UDP:c:\program files\glittercomm\gcmaster.exe:GlitterComm Master
    "UDP Query User{462FF9A6-C81E-40D0-901C-77A006443402}c:\\program files\\glittercomm\\gcmaster.exe"= TCP:c:\program files\glittercomm\gcmaster.exe:GlitterComm Master
    "TCP Query User{965C7746-7D21-4895-BA2E-8B2286C71AFA}c:\\users\\xps\\downloads\\bs2-20081014\\burningsand2.exe"= UDP:c:\users\xps\downloads\bs2-20081014\burningsand2.exe:burningsand2.exe
    "UDP Query User{7257C6AD-C019-4463-A031-CD42DF52A6B9}c:\\users\\xps\\downloads\\bs2-20081014\\burningsand2.exe"= TCP:c:\users\xps\downloads\bs2-20081014\burningsand2.exe:burningsand2.exe
    "TCP Query User{AE863B2F-8913-4162-869B-E9D042AB77A6}c:\\program files\\lucasarts\\star wars battlefront ii\\gamedata\\battlefrontii.exe"= UDP:c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe:BattlefrontII
    "UDP Query User{5878D4C0-0E17-498D-86CB-604D642B717A}c:\\program files\\lucasarts\\star wars battlefront ii\\gamedata\\battlefrontii.exe"= TCP:c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe:BattlefrontII
    "TCP Query User{DAA1A00E-553D-4DFD-BB26-FA72AAEE8E2E}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
    "UDP Query User{EF425ED2-B4C6-4335-BDFB-491B2A284EA4}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
    "TCP Query User{E4575CDB-E010-4D2D-ADFE-597918C9AD18}c:\\users\\xps\\desktop\\eclipse evolution 2.7\\server\\server.exe"= UDP:c:\users\xps\desktop\eclipse evolution 2.7\server\server.exe:server.exe
    "UDP Query User{552A6507-2958-4B14-B90F-11F3B7E3ED4F}c:\\users\\xps\\desktop\\eclipse evolution 2.7\\server\\server.exe"= TCP:c:\users\xps\desktop\eclipse evolution 2.7\server\server.exe:server.exe
    "{58510250-FB64-4DB4-8D5B-E0D944F9CCFF}"= UDP:c:\program files\Microsoft Games\Age of Empires III\age3.exe:Age of Empires 3
    "{3F782983-7FB5-4408-ADFE-53F524A8C1AC}"= TCP:c:\program files\Microsoft Games\Age of Empires III\age3.exe:Age of Empires 3
    "TCP Query User{B3B27743-9799-478D-B337-B22DA9FDA46D}c:\\program files\\participatory culture foundation\\miro\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\miro_downloader.exe:Miro_Downloader
    "UDP Query User{80B13DBF-8A78-4982-B394-2C0DED8198C2}c:\\program files\\participatory culture foundation\\miro\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\miro_downloader.exe:Miro_Downloader
    "{378E3A33-219B-4BD5-89E8-88D6626F461C}"= c:\program files\Skype\Phone\Skype.exe:Skype
    "{7309C478-870E-4605-A5CA-E04B94AE7FE6}"= UDP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
    "{9D85E950-047F-4ECC-B456-1A7775A897AD}"= TCP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
    "{B752668D-C3C4-4A9E-B05B-F147F87D9631}"= UDP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
    "{BA4434CC-0E8F-472D-9FD0-23A431A91E13}"= TCP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
    "TCP Query User{B6D008B7-E343-42C4-93FC-2098C440C095}c:\\program files\\steam\\steamapps\\common\\dawn of war 2\\dow2.exe"= UDP:c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe:DOW2
    "UDP Query User{C712EE5F-FC38-4748-BEFF-FD1923B17019}c:\\program files\\steam\\steamapps\\common\\dawn of war 2\\dow2.exe"= TCP:c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe:DOW2
    "TCP Query User{6A24F51C-5F91-4EB3-B4E8-8C3FD55B6E57}c:\\users\\xps\\desktop\\eclipse evolution 2.7\\server\\server.exe"= UDP:c:\users\xps\desktop\eclipse evolution 2.7\server\server.exe:server.exe
    "UDP Query User{84CB15E2-D235-4525-9B14-532740278743}c:\\users\\xps\\desktop\\eclipse evolution 2.7\\server\\server.exe"= TCP:c:\users\xps\desktop\eclipse evolution 2.7\server\server.exe:server.exe
    "{0FFD637E-5035-4F2E-BFB6-B5D8A172AAF3}"= c:\program files\Skype\Phone\Skype.exe:Skype
    "{6C5A39DC-1609-4EF0-A019-E02B9EE3DE7D}"= c:\program files\Skype\Phone\Skype.exe:Skype
    "TCP Query User{7A3798E7-4352-4FB4-98BD-129BBE716495}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
    "UDP Query User{2DCDAF61-8C39-44C8-B488-01DA2FBB694D}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
    "{6A32FD6E-81CD-47F7-B1E4-5F69A6069DE5}"= UDP:c:\program files\Microsoft Games\Age of Empires III\age3x.exe:Age of Empires III - The WarChiefs
    "{44965B4F-F5A3-4B1C-8A0E-AD24C60F1A1E}"= TCP:c:\program files\Microsoft Games\Age of Empires III\age3x.exe:Age of Empires III - The WarChiefs
    "{8C09AE35-A6FB-4A1E-A947-659C5E3E9B65}"= UDP:c:\program files\VoipCheapCom\VoipCheapCom.exe:VoipCheapCom
    "{21F9A7C9-6FDF-4151-9126-74DD48E990AD}"= TCP:c:\program files\VoipCheapCom\VoipCheapCom.exe:VoipCheapCom
    "TCP Query User{3815D1D0-591C-4758-AFC2-200EBB252A13}c:\\program files\\voipcheapcom\\voipcheapcom.exe"= UDP:c:\program files\voipcheapcom\voipcheapcom.exe:Client to make VoIP calls.
    "UDP Query User{977E072F-A2E3-41E0-A483-3248695F9A20}c:\\program files\\voipcheapcom\\voipcheapcom.exe"= TCP:c:\program files\voipcheapcom\voipcheapcom.exe:Client to make VoIP calls.
    "{DEE274E0-E963-4757-8DC2-F011B4CD884F}"= UDP:c:\combat arms\NMService.exe:Nexon Messenger Core
    "{F8A0F604-980A-4BC4-8567-6F49DFFAF40E}"= TCP:c:\combat arms\NMService.exe:Nexon Messenger Core
    "{C0654DD7-7C72-400A-849E-3F5511C1C535}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:BlueSoleilCS
    "{F69CEA09-2F81-44ED-8C55-D91AE0B7DFBC}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:BlueSoleilCS
    "{445A65B5-FA3D-4065-A562-169C3DC93176}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
    "{83B212F0-69B1-4B0E-B823-171D197AA0C6}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
    "{D8F0CF9B-3070-4D7A-9929-B659459C7FF7}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:BlueSoleilCS
    "{A41D5F3F-2E17-4076-B614-2CB7CBF91D86}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:BlueSoleilCS
    "{9ECB1A41-20EA-4CFC-A7DE-34FAF6487C73}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
    "{17DDBD35-396F-4AF5-9715-3A0E5C12DFC2}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
    "{748BA9F5-C2F8-498D-8974-9F0FF9638FA6}"= UDP:c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
    "{0750DED3-54A0-452E-91F7-A0F1BA7F29A4}"= TCP:c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
    "{08AFE179-FD5A-4FC3-AE95-15D451B784ED}"= UDP:c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
    "{27B94B0E-3E08-4094-9276-8F4417D3C215}"= TCP:c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
    "{79DE21EB-2591-479D-BA66-5845F098A0A1}"= c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
    
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
    "EnableFirewall"= 0 (0x0)
    
    R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\drivers\BtHidBus.sys [1/7/2009 11:39 PM 20744]
    R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [4/26/2009 4:00 PM 64160]
    R0 RVFsSec;RVFsSec;c:\windows\System32\drivers\RVFsSec.sys [5/3/2009 9:12 PM 22272]
    R0 RVSystem;RVSystem;c:\windows\System32\drivers\RVSystem.sys [5/3/2009 9:12 PM 39424]
    R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\System32\drivers\jswpslwf.sys [5/15/2008 4:28 AM 20384]
    R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [8/5/2009 4:06 PM 9968]
    R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [8/5/2009 4:06 PM 74480]
    R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [6/29/2009 9:48 AM 143467]
    R2 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [12/17/2008 10:37 PM 55264]
    R2 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [12/8/2008 6:01 PM 533344]
    R2 IntuitUpdateService;Intuit Update Service;c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [10/10/2008 5:45 AM 13088]
    R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [10/4/2008 4:51 PM 210216]
    R2 TabletServicePen;TabletServicePen;c:\windows\System32\Pen_Tablet.exe [12/26/2008 7:14 PM 3032360]
    R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\System32\drivers\btnetBus.sys [12/7/2008 12:44 PM 30088]
    R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.sys [2/19/2009 10:42 AM 198168]
    R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.sys [2/19/2009 10:43 AM 1353240]
    R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.sys [2/19/2009 10:43 AM 73752]
    R3 DNISp50;DNISp50 NDIS Protocol Driver;c:\windows\System32\drivers\DNISP50.sys [11/16/2006 3:36 PM 20480]
    R3 DrmRAudio;DrmRAudio;c:\windows\System32\drivers\DrmRAudio.sys [4/8/2009 11:55 AM 23096]
    R3 DrmRVideo;DrmRVideo;c:\windows\System32\drivers\DrmRVideo.sys [4/8/2009 11:55 AM 3768]
    R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\System32\drivers\HCW85BDA.sys [8/22/2008 1:28 AM 1034496]
    R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\System32\drivers\IvtBtBus.sys [7/2/2008 2:58 PM 26248]
    R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [8/5/2009 4:06 PM 7408]
    R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\System32\drivers\vcsvad.sys [5/16/2009 5:50 PM 17792]
    R3 wacmoumonitor;Wacom Mode Helper;c:\windows\System32\drivers\wacmoumonitor.sys [12/26/2008 7:14 PM 15144]
    R3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\System32\drivers\WN111v2v.sys [5/31/2008 3:44 PM 432640]
    S2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [9/11/2007 1:45 AM 124832]
    S2 gupdate1c9c47f4e72d910;Google Update Service (gupdate1c9c47f4e72d910);c:\program files\Google\Update\GoogleUpdate.exe [4/23/2009 9:52 PM 133104]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [1/18/2009 5:34 PM 1029456]
    S3 CT20XUT;CT20XUT;c:\windows\System32\drivers\CT20XUT.sys [2/19/2009 10:42 AM 198168]
    S3 CTEXFIFX;CTEXFIFX;c:\windows\System32\drivers\CTEXFIFX.sys [2/19/2009 10:43 AM 1353240]
    S3 CTHWIUT;CTHWIUT;c:\windows\System32\drivers\CTHWIUT.sys [2/19/2009 10:43 AM 73752]
    S3 DNIMp50;DNIMp50 NDIS Protocol Driver;c:\windows\System32\drivers\DNIMP50.sys [11/16/2006 3:36 PM 21504]
    S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\System32\drivers\ha20x22k.sys [2/19/2009 10:54 AM 1222680]
    S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\NETGEAR\WN111v2\jswpsapi.exe [2/29/2008 3:07 AM 942080]
    S3 LTXMD_VAC;Litex Media Virtual Audio Cable (WDM);c:\windows\System32\drivers\lmvac.sys [4/7/2009 11:37 PM 18912]
    S3 netr28u;Belkin N+ Wireless USB Adapter Driver for Vista;c:\windows\System32\drivers\netr28u.sys [1/11/2009 10:56 AM 641024]
    S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
    S3 SMServer;SMServer;c:\windows\System32\snmvtsvc.exe [4/8/2009 2:11 PM 237568]
    S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [7/10/2008 8:28 PM 47128]
    S4 RsFx0102;RsFx0102 Driver;c:\windows\System32\drivers\RsFx0102.sys [7/10/2008 2:49 AM 242712]
    S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [7/10/2008 8:28 PM 369688]
    
    --- Other Services/Drivers In Memory ---
    
    *NewlyCreated* - MBAMSWISSARMY
    *Deregistered* - MBAMSwissArmy
    
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    rsmsvcs	REG_MULTI_SZ   	ntmssvc
    
    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    "c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
    .
    Contents of the 'Scheduled Tasks' folder
    
    2009-08-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 20:03]
    
    2009-09-01 c:\windows\Tasks\DriverCure.job
    - c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-04-26 12:44]
    
    2009-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-24 01:52]
    
    2009-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-24 01:52]
    
    2009-09-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3023786897-1950851811-2347359228-1000Core.job
    - c:\users\XPS\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-15 21:34]
    
    2009-09-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3023786897-1950851811-2347359228-1000UA.job
    - c:\users\XPS\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-15 21:34]
    
    2009-08-15 c:\windows\Tasks\McDefragTask.job
    - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-03-23 14:53]
    
    2009-09-01 c:\windows\Tasks\McQcTask.job
    - c:\progra~1\mcafee\mqc\QcConsol.exe [2009-03-23 14:53]
    
    2009-09-03 c:\windows\Tasks\ParetoLogic Registration.job
    - c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-21 05:36]
    
    2009-09-04 c:\windows\Tasks\ParetoLogic Update Version2.job
    - c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-21 05:36]
    
    2009-09-04 c:\windows\Tasks\User_Feed_Synchronization-{979603A1-A027-4142-9711-CCFF0B6706A7}.job
    - c:\windows\system32\msfeedssync.exe [2009-08-15 20:13]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com/
    uInternet Settings,ProxyOverride = *.local
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: StumbleUpon PhotoBlog It! - StumbleUponIEBar.dll/blogimage
    Trusted Zone: internet
    Trusted Zone: mcafee.com
    DPF: {93344865-74BD-4873-BE65-56539D41A65C} - hxxp://earn2life.com/plugin/Earn2Life.cab
    FF - ProfilePath - c:\users\XPS\AppData\Roaming\Mozilla\Firefox\Profiles\h5073m83.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FF - prefs.js: browser.search.selectedEngine - Wolfram|Alpha
    FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
    FF - prefs.js: keyword.URL - hxxp://search.copernic.com/query21/?c=web&l=ENG&e=CDS2&cpn=&b=300000081&sctx=ffaddrbar&q=
    FF - component: c:\users\XPS\AppData\Roaming\Mozilla\Firefox\Profiles\h5073m83.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
    FF - plugin: c:\program files\Google\Google Earth Plugin\npgeplugin.dll
    FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
    FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMFireLauncher.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
    FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll
    FF - plugin: c:\users\XPS\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll
    FF - plugin: c:\users\XPS\AppData\Roaming\Mozilla\Firefox\Profiles\h5073m83.default\extensions\iaplayer@instantaction.com\plugins\npiaplayer.dll
    FF - plugin: c:\users\XPS\AppData\Roaming\Mozilla\Firefox\Profiles\h5073m83.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
    FF - plugin: c:\users\XPS\AppData\Roaming\Mozilla\plugins\npcoolirisplugin.dll
    FF - plugin: c:\users\XPS\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
    FF - plugin: c:\users\XPS\Program Files\DNA\plugins\npbtdna.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
    
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.homepage.dontask - true.
    
    **************************************************************************
    
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-09-04 14:02
    Windows 6.0.6001 Service Pack 1 NTFS
    
    scanning hidden processes ...  
    
    scanning hidden autostart entries ... 
    
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run
      CTxfiHlp = CTXFIHLP.EXE? 
    
    scanning hidden files ...  
    
    scan completed successfully
    hidden files: 0
    
    **************************************************************************
    
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
    "ImagePath"="c:\windows\system32\GameMon.des -service"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    
    [HKEY_USERS\S-1-5-21-3023786897-1950851811-2347359228-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4F8568AA-A775-4FB1-48FC-9604D1EEA623}*]
    @Allowed: (Read) (RestrictedCode)
    "galkgfmhfpjabc"=hex:63,61,69,67,61,67,00,00
    
    [HKEY_USERS\S-1-5-21-3023786897-1950851811-2347359228-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{81C6DC82-993B-2D5D-CBF9-18124A542349}*]
    "ablphaolanbemaelpgdegfckmlppibgpii"=hex:69,61,6f,6c,6a,6a,63,65,68,66,61,67,
       69,6e,6c,6a,67,62,00,00
    "pafpfogmedohjekohhbmbghcfifellbn"=hex:69,61,6f,6c,6a,6a,63,65,68,66,61,67,69,
       6e,6c,6a,67,62,00,00
    
    [HKEY_USERS\S-1-5-21-3023786897-1950851811-2347359228-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D29A26DB-06FA-F67C-D5BC-B3746B321D42}*]
    "bblbgdghfflgdijckbdpmjkihigcohaokkco"=hex:61,61,00,00
    "ablbgdghfflgdijckbkolkapfiahlnlioi"=hex:61,61,00,00
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    
    - - - - - - - > 'Explorer.exe'(7808)
    c:\program files\PowerMenu\PowerMenuHook.dll
    c:\windows\system32\BsMobileSDK.dll
    c:\windows\system32\BsLangInDepRes.dll
    c:\windows\system32\Bs2Res.dll
    .
    Completion time: 2009-09-04 14:05
    ComboFix-quarantined-files.txt  2009-09-04 18:05
    ComboFix2.txt  2009-09-04 16:16
    
    Pre-Run: 100,268,531,712 bytes free
    Post-Run: 100,161,859,584 bytes free
    
    489	--- E O F ---	2009-09-03 23:58
    And this is from HiJackThis

    Code:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 2:20:34 PM, on 9/4/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v8.00 (8.00.6001.18813)
    Boot mode: Normal
    
    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\SYSTEM32\WISPTIS.EXE
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\WTablet\Pen_TabletUser.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\System32\nvraidservice.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\Windows Live\Family Safety\fsui.exe
    C:\Program Files\Returnil\Returnil.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\NETGEAR\WN111v2\WN111v2.exe
    C:\Program Files\Logitech\SetPoint II\SetpointII.exe
    C:\Program Files\PowerMenu\PowerMenu.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    C:\Windows\system32\sdclt.exe
    C:\Program Files\Pando Networks\Media Booster\PMB.exe
    C:\Windows\Explorer.exe
    C:\Windows\system32\notepad.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
    O1 - Hosts: ::1 localhost
    O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
    O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
    O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
    O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
    O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
    O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
    O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [Rvsystem] "C:\Program files\Returnil\Returnil.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKCU\..\Run: [googletalk] C:\Users\XPS\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
    O4 - HKCU\..\Run: [Google Update] "C:\Users\XPS\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
    O4 - HKCU\..\Run: [Pando Media Booster] "C:\Program Files\Pando Networks\Media Booster\PMB.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\XPS\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [VoipCheapCom] "C:\Program Files\VoipCheapCom\voipcheapcom.exe" -nosplash -minimized
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe (User 'Default user')
    O4 - Startup: PowerMenu.lnk = C:\Program Files\PowerMenu\PowerMenu.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe
    O4 - Global Startup: LaunchU3.exe.lnk = ?
    O4 - Global Startup: NETGEAR WN111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WN111v2\WN111v2.exe
    O4 - Global Startup: SetPointII.lnk = ?
    O4 - Global Startup: VPN Client.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\DrmRemoval\YouTubeRipper.dll
    O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\DrmRemoval\YouTubeRipper.dll
    O9 - Extra button: StumbleUpon - {75C9223A-409A-4795-A3CA-08DE6B075B4B} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O15 - Trusted Zone: http://*.mcafee.com
    O16 - DPF: {93344865-74BD-4873-BE65-56539D41A65C} - http://earn2life.com/plugin/Earn2Life.cab
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
    O23 - Service: BsMobileCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
    O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate1c9c47f4e72d910) (gupdate1c9c47f4e72d910) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
    O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
    O23 - Service: SMServer - SMServer - C:\Windows\system32\snmvtsvc.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe
    
    --
    End of file - 13404 bytes
    Thanks 4 your help I dont want to reformat my pc soooo
    Thnx
    Last edited by snotpig; 09-04-2009 at 02:29 PM.

  2. #2
    snotpig's Avatar
    Join Date
    Mar 2009
    Gender
    male
    Location
    Under ur bed.
    Posts
    95
    Reputation
    10
    Thanks
    28
    My Mood
    Bored
    Srry for dbl posting but can some 1 help me>?

  3. #3
    snotpig's Avatar
    Join Date
    Mar 2009
    Gender
    male
    Location
    Under ur bed.
    Posts
    95
    Reputation
    10
    Thanks
    28
    My Mood
    Bored
    no if my system 32 folder was gone then my PC would be dead, no the virus is not fixed.

    I need some1 who can read the log.....

    Or give good advice

    thnx

  4. #4
    snotpig's Avatar
    Join Date
    Mar 2009
    Gender
    male
    Location
    Under ur bed.
    Posts
    95
    Reputation
    10
    Thanks
    28
    My Mood
    Bored
    I Think you r stupid. I ran ComboFix, my system 32 folder is still there and i run my computer in safe mode then scanned with multiple scanners, didnt help.

  5. #5
    Disturbed's Avatar
    Join Date
    Feb 2009
    Gender
    male
    Posts
    10,405
    Reputation
    1063
    Thanks
    2,559
    GET AN ANTI VIRUS, i reccommend Avast.


  6. #6
    Legify's Avatar
    Join Date
    Apr 2009
    Gender
    male
    Location
    subway
    Posts
    964
    Reputation
    16
    Thanks
    485
    My Mood
    Sad
    Download avast home edition and run a boot time scan, it eliminates all branches of the virus and will probably alert you of the main infected file.

  7. #7
    User1's Avatar
    Join Date
    Jul 2009
    Gender
    female
    Location
    Above the influence
    Posts
    4,085
    Reputation
    61
    Thanks
    4,294,967,295
    My Mood
    Crappy
    Avast or nortorn 360
    Any donations would help


    Quote Originally Posted by Bombsaway707

    HOLY SHIT ITS USER1
    Quote Originally Posted by Blood

    HOLY SHIT ITS USER1
    Quote Originally Posted by Alby-kun


    HOLY SHIT ITS USER1
    Quote Originally Posted by Ali

    HOLY SHIT ITS USER1
    Quote Originally Posted by CodeDemon
    HOLY SHIT ITS USER1
    Quote Originally Posted by Jussofresh View Post
    HOLY SHIT ITS USER1!
    [21:13] CoderNever: HOLY SHIT ITS USER1!
    Yes it is me... Yup Yup




  8. #8
    Disturbed's Avatar
    Join Date
    Feb 2009
    Gender
    male
    Posts
    10,405
    Reputation
    1063
    Thanks
    2,559
    NEVER NORTON, IT FIALS.


  9. #9
    kay911kay's Avatar
    Join Date
    Aug 2009
    Gender
    female
    Posts
    788
    Reputation
    14
    Thanks
    57
    My Mood
    Amused
    Download McAffee if u r willing ot pay money or get the free trial O>O

  10. #10
    Ghty82's Avatar
    Join Date
    Dec 2008
    Gender
    male
    Location
    Combat Arms Section, Sydney, Australia
    Posts
    1,451
    Reputation
    11
    Thanks
    128
    My Mood
    Angelic
    Get an antivirus. I recommend Malwarebytes



    "I dream of a world where people are not judged by their post count but by their content of character." Me
    "Ask not what MPGH can do for you, But what you can do for your MPGH!"

  11. #11
    User1's Avatar
    Join Date
    Jul 2009
    Gender
    female
    Location
    Above the influence
    Posts
    4,085
    Reputation
    61
    Thanks
    4,294,967,295
    My Mood
    Crappy
    Use my awesome anti virus. I made it myself. Its called. Mah 1337 brain.
    Any donations would help


    Quote Originally Posted by Bombsaway707

    HOLY SHIT ITS USER1
    Quote Originally Posted by Blood

    HOLY SHIT ITS USER1
    Quote Originally Posted by Alby-kun


    HOLY SHIT ITS USER1
    Quote Originally Posted by Ali

    HOLY SHIT ITS USER1
    Quote Originally Posted by CodeDemon
    HOLY SHIT ITS USER1
    Quote Originally Posted by Jussofresh View Post
    HOLY SHIT ITS USER1!
    [21:13] CoderNever: HOLY SHIT ITS USER1!
    Yes it is me... Yup Yup




  12. #12
    Fiop22's Avatar
    Join Date
    Sep 2009
    Gender
    male
    Posts
    48
    Reputation
    10
    Thanks
    1
    Try using walwarebytes. Worked for me!

Similar Threads

  1. please can someone help me with 'Nexon Game Manager'
    By angrytater in forum WarRock Korea Hacks
    Replies: 2
    Last Post: 09-29-2007, 03:44 PM
  2. can some1 help me?
    By ddrhero2 in forum WarRock - International Hacks
    Replies: 0
    Last Post: 06-11-2007, 02:05 PM
  3. Can some1 help me out
    By redxeye in forum WarRock - International Hacks
    Replies: 3
    Last Post: 06-10-2007, 02:04 PM
  4. can some1 help me
    By ddrhero2 in forum WarRock - International Hacks
    Replies: 9
    Last Post: 06-09-2007, 05:17 PM
  5. [help] can somewan help me with bypass?
    By mheeniac in forum WarRock - International Hacks
    Replies: 7
    Last Post: 05-14-2007, 09:57 AM

Tags for this Thread