Can some1 help me with a virus?

[snotpig]

I have a virus from the Ghost hack....

This is a log from Combo Fix, im a noob so i cant read it can some 1 help?

Code:

ComboFix 09-09-03.02 - XPS 09/04/2009 13:51.2.4 - NTFSx86
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.1.1033.18.2813.1215 [GMT -4:00]
Running from: c:\users\XPS\Downloads\ComboFix.exe
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
 * Resident AV is active

.

(((((((((((((((((((((((((   Files Created from 2009-08-04 to 2009-09-04  )))))))))))))))))))))))))))))))
.

2009-09-04 18:01 . 2009-09-04 18:02	--------	d-----w-	c:\users\XPS\AppData\Local\temp
2009-09-04 18:01 . 2009-09-04 18:01	--------	d-----w-	c:\users\Public\AppData\Local\temp
2009-09-04 18:01 . 2009-09-04 18:01	--------	d-----w-	c:\users\Default\AppData\Local\temp
2009-09-03 22:26 . 2009-09-03 22:26	--------	d-----w-	c:\program files\WhoLockMe
2009-09-03 18:11 . 2009-09-03 20:09	--------	d-----w-	c:\program files\Uplink Demo
2009-09-02 20:33 . 2009-08-28 12:39	28672	----a-w-	c:\windows\system32\Apphlpdm.dll
2009-09-02 20:33 . 2009-08-28 10:15	4240384	----a-w-	c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-01 13:49 . 2009-03-19 20:32	23400	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2009-09-01 13:49 . 2008-04-17 16:12	107368	----a-w-	c:\windows\system32\GEARAspi.dll
2009-09-01 13:49 . 2009-09-01 13:49	--------	d-----w-	c:\program files\iPod
2009-09-01 13:49 . 2009-09-01 13:49	--------	d-----w-	c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-09-01 13:49 . 2009-09-01 13:49	--------	d-----w-	c:\program files\iTunes
2009-09-01 13:47 . 2009-09-01 13:48	--------	d-----w-	c:\program files\QuickTime
2009-09-01 07:01 . 2009-06-22 10:22	2048	----a-w-	c:\windows\system32\tzres.dll
2009-08-31 14:00 . 2009-08-31 14:00	--------	d-----w-	c:\users\XPS\AppData\Roaming\Mael
2009-08-31 13:58 . 2009-08-31 13:58	--------	d-----w-	c:\program files\HxD
2009-08-16 23:50 . 2009-08-16 23:50	--------	d-----w-	c:\windows\configs
2009-08-16 02:00 . 2009-08-16 02:00	--------	d-----w-	c:\windows\configuration
2009-08-15 03:37 . 2009-08-15 03:37	--------	d-----w-	c:\programdata\SUPERAntiSpyware.com
2009-08-15 03:35 . 2009-08-15 03:36	--------	d-----w-	c:\program files\SUPERAntiSpyware
2009-08-15 03:35 . 2009-08-15 03:35	--------	d-----w-	c:\users\XPS\AppData\Roaming\SUPERAntiSpyware.com
2009-08-15 03:22 . 2009-06-15 15:22	213504	----a-w-	c:\windows\system32\msv1_0.dll
2009-08-15 03:22 . 2009-06-15 15:21	499712	----a-w-	c:\windows\system32\kerberos.dll
2009-08-15 03:22 . 2009-06-15 18:20	439896	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2009-08-15 03:22 . 2009-06-15 15:24	175104	----a-w-	c:\windows\system32\wdigest.dll
2009-08-15 03:22 . 2009-06-15 15:24	270848	----a-w-	c:\windows\system32\schannel.dll
2009-08-15 03:22 . 2009-06-15 15:23	1256448	----a-w-	c:\windows\system32\lsasrv.dll
2009-08-15 03:22 . 2009-06-15 12:57	9728	----a-w-	c:\windows\system32\lsass.exe
2009-08-15 03:22 . 2009-06-15 15:24	72704	----a-w-	c:\windows\system32\secur32.dll
2009-08-15 03:18 . 2009-08-15 03:18	--------	d-----w-	c:\users\XPS\AppData\Roaming\Malwarebytes
2009-08-15 03:18 . 2009-08-03 17:36	38160	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-15 03:18 . 2009-08-15 03:18	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2009-08-15 03:18 . 2009-08-15 03:18	--------	d-----w-	c:\programdata\Malwarebytes
2009-08-15 03:18 . 2009-08-03 17:36	19096	----a-w-	c:\windows\system32\drivers\mbam.sys
2009-08-15 02:16 . 2009-07-21 21:52	915456	----a-w-	c:\windows\system32\wininet.dll
2009-08-15 02:16 . 2009-07-21 21:47	71680	----a-w-	c:\windows\system32\iesetup.dll
2009-08-15 02:16 . 2009-07-21 21:47	109056	----a-w-	c:\windows\system32\iesysprep.dll
2009-08-15 02:16 . 2009-07-21 20:13	133632	----a-w-	c:\windows\system32\ieUnatt.exe
2009-08-15 01:33 . 2009-08-15 01:33	--------	d-----w-	c:\users\XPS\AppData\Roaming\McAfee
2009-08-15 01:31 . 2009-08-15 01:33	--------	d-----w-	c:\users\XPS\FCC07EEAFA184A2191059666603C6885.TMP
2009-08-15 01:06 . 2009-08-15 01:06	--------	d-----w-	c:\users\XPS\AppData\Local\McAfee
2009-08-15 00:13 . 2009-08-15 00:22	--------	d-----w-	c:\users\XPS\AppData\Roaming\mIRC
2009-08-15 00:13 . 2009-08-15 00:21	--------	d-----w-	c:\program files\mIRC
2009-08-12 19:33 . 2009-08-12 19:33	--------	d-----w-	c:\users\XPS\AppData\Local\MetaGeek,_LLC
2009-08-12 18:53 . 2009-07-17 14:35	71680	----a-w-	c:\windows\system32\atl.dll
2009-08-12 18:52 . 2009-06-10 12:12	160256	----a-w-	c:\windows\system32\wkssvc.dll
2009-08-12 18:52 . 2009-06-04 12:34	2066432	----a-w-	c:\windows\system32\mstscax.dll
2009-08-12 18:52 . 2009-06-10 12:07	91136	----a-w-	c:\windows\system32\avifil32.dll
2009-08-12 18:52 . 2009-07-14 13:00	313344	----a-w-	c:\windows\system32\wmpdxm.dll
2009-08-12 18:52 . 2009-07-14 12:58	7680	----a-w-	c:\windows\system32\spwmp.dll
2009-08-12 18:52 . 2009-07-14 12:59	4096	----a-w-	c:\windows\system32\dxmasf.dll
2009-08-12 18:52 . 2009-07-14 10:59	8147456	----a-w-	c:\windows\system32\wmploc.DLL
2009-08-11 12:00 . 2009-08-11 12:00	--------	d-----w-	c:\programdata\WindowsSearch
2009-08-11 11:57 . 2009-08-11 11:57	--------	d-----w-	c:\users\XPS\AppData\Local\bluesoleil
2009-08-09 16:46 . 2009-08-09 16:46	--------	d-----w-	c:\users\XPS\Program Files
2009-08-08 21:22 . 2009-08-08 22:24	--------	d-----w-	c:\users\XPS\AppData\Local\GamersFirst LIVE!
2009-08-08 21:22 . 2009-08-08 21:22	--------	d-----w-	c:\users\XPS\AppData\Local\DNA
2009-08-08 21:22 . 2009-09-04 04:02	--------	d-----w-	c:\users\XPS\AppData\Roaming\DNA
2009-08-08 21:22 . 2009-08-08 21:22	--------	d-----w-	c:\program files\DNA
2009-08-08 21:22 . 2009-08-09 00:47	--------	d-----w-	c:\program files\GamersFirst
2009-08-07 23:51 . 2009-08-07 23:51	15308424	----a-w-	c:\windows\system32\xlive.dll
2009-08-07 23:51 . 2009-08-07 23:51	13642888	----a-w-	c:\windows\system32\xlivefnt.dll
2009-08-07 02:09 . 2009-08-07 02:09	--------	d-----w-	c:\users\XPS\.netbeans-derby
2009-08-07 02:05 . 2009-08-07 02:16	--------	d-----w-	c:\users\XPS\.netbeans
2009-08-07 02:05 . 2009-08-07 02:05	--------	d-----w-	c:\users\XPS\.netbeans-registration
2009-08-07 02:02 . 2009-08-07 02:16	--------	d-----w-	C:\Sun
2009-08-07 01:55 . 2009-08-07 02:19	--------	d-----w-	c:\users\XPS\.nbi

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-09-04 03:55 . 2009-03-11 21:48	--------	d-----w-	c:\users\XPS\AppData\Roaming\Skype
2009-09-04 03:43 . 2009-01-15 03:47	--------	d-----w-	c:\programdata\PMB Files
2009-09-04 03:21 . 2008-12-27 23:26	--------	d-----w-	c:\users\XPS\AppData\Roaming\WTablet
2009-09-04 01:30 . 2008-11-18 22:41	1356	----a-w-	c:\users\XPS\AppData\Local\d3d9caps.dat
2009-09-03 20:09 . 2009-05-01 19:26	--------	d-----w-	c:\program files\Cheat Engine
2009-09-02 21:19 . 2009-05-25 22:47	--------	d-----w-	c:\program files\Steam
2009-09-02 20:43 . 2009-05-25 22:47	--------	d-----w-	c:\program files\Common Files\Steam
2009-09-01 13:49 . 2008-09-27 15:41	--------	d-----w-	c:\program files\Common Files\Apple
2009-09-01 06:17 . 2009-01-28 23:34	--------	d-----w-	c:\programdata\DriverCure
2009-08-15 03:45 . 2009-01-02 01:54	--------	d-----w-	c:\users\XPS\AppData\Roaming\U3
2009-08-15 03:34 . 2009-05-05 01:26	--------	d-----w-	c:\program files\Common Files\Wise Installation Wizard
2009-08-15 01:33 . 2008-10-04 20:50	--------	d-----w-	c:\program files\McAfee
2009-08-15 01:33 . 2008-09-20 18:47	--------	d-----w-	c:\programdata\McAfee
2009-08-13 03:32 . 2006-11-02 11:18	--------	d-----w-	c:\program files\Windows Mail
2009-08-09 00:25 . 2008-08-21 21:45	--------	d--h--w-	c:\program files\InstallShield Installation Information
2009-08-08 22:25 . 2008-09-19 23:32	--------	d-----w-	c:\users\XPS\AppData\Roaming\Xfire
2009-08-08 03:59 . 2008-09-22 01:19	--------	d-----w-	c:\users\XPS\AppData\Roaming\uTorrent
2009-08-06 00:08 . 2008-11-03 18:37	--------	d-----w-	c:\programdata\Xfire
2009-08-04 01:44 . 2009-08-04 01:43	--------	d-----w-	c:\program files\Smart CD Ripper
2009-08-04 01:42 . 2009-08-04 01:20	--------	d-----w-	c:\program files\FreeCDRipper
2009-08-03 22:44 . 2009-08-03 22:44	--------	d-----w-	c:\program files\Sun
2009-08-03 22:41 . 2009-01-11 01:59	410984	----a-w-	c:\windows\system32\deploytk.dll
2009-08-03 22:36 . 2008-08-21 21:45	--------	d-----w-	c:\program files\Java
2009-08-03 22:20 . 2009-08-03 22:20	--------	d-----w-	c:\program files\jGRASP
2009-08-02 17:13 . 2009-08-02 17:13	--------	d-----w-	c:\program files\Subagames
2009-08-01 17:50 . 2009-08-01 16:50	367	----a-w-	c:\windows\EReg072.dat
2009-08-01 16:49 . 2009-07-28 19:15	--------	d-----w-	c:\program files\Electronic Arts
2009-08-01 15:46 . 2009-08-01 15:46	--------	d-----w-	c:\program files\IVT Corporation
2009-08-01 15:42 . 2009-08-01 15:42	--------	d-----w-	c:\program files\Nokia
2009-08-01 15:41 . 2009-08-01 15:41	--------	d-----w-	c:\program files\DIFX
2009-08-01 15:40 . 2009-08-01 15:40	--------	d-----w-	c:\program files\PC Connectivity Solution
2009-08-01 15:40 . 2009-08-01 15:40	--------	d-----w-	c:\programdata\Installations
2009-07-31 18:38 . 2008-09-28 01:52	--------	d-----w-	c:\program files\Microsoft Silverlight
2009-07-30 22:52 . 2008-09-19 23:32	--------	d-s---w-	c:\program files\Xfire
2009-07-29 02:03 . 2009-07-29 02:03	--------	d-----w-	c:\program files\Audacity
2009-07-29 01:24 . 2009-07-29 01:24	629760	----a-w-	c:\windows\isRS-000.tmp
2009-07-29 01:24 . 2009-07-29 01:24	--------	d-----w-	c:\program files\BeeThink MP3 WMA To Wav 2.0
2009-07-29 01:22 . 2009-07-29 01:18	--------	d-----w-	c:\program files\HooTech
2009-07-28 19:29 . 2009-07-21 14:53	--------	d-----w-	c:\program files\Graboid
2009-07-28 19:27 . 2009-03-31 23:51	--------	d-----w-	c:\program files\***********
2009-07-28 19:26 . 2009-07-02 11:43	--------	d-----w-	c:\program files\Workspace Macro 4.6
2009-07-28 19:25 . 2009-07-07 01:33	--------	d-----w-	c:\users\XPS\AppData\Roaming\Dev-Cpp
2009-07-28 19:25 . 2009-06-27 13:08	--------	d-----w-	c:\program files\Crayon Physics Deluxe
2009-07-28 19:21 . 2009-05-25 23:04	--------	d-----w-	c:\programdata\Media Center Programs
2009-07-25 05:17 . 2009-07-25 05:17	--------	d-----w-	c:\program files\Web Publish
2009-07-25 04:16 . 2009-07-14 19:03	--------	d-----w-	c:\program files\Microsoft Visual Studio 9.0
2009-07-25 04:16 . 2009-07-25 04:16	--------	d-----w-	c:\program files\Microsoft Synchronization Services
2009-07-25 04:16 . 2008-12-18 02:22	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2009-07-25 04:16 . 2009-07-14 19:03	--------	d-----w-	c:\programdata\Microsoft Help
2009-07-24 01:57 . 2009-07-24 01:57	41872	----a-w-	c:\windows\system32\xfcodec.dll
2009-07-21 17:33 . 2009-07-21 17:33	--------	d-----w-	c:\users\XPS\AppData\Roaming\vlc
2009-07-21 15:02 . 2009-07-21 15:02	--------	d-----w-	c:\users\XPS\AppData\Roaming\MozillaControl
2009-07-21 14:53 . 2009-07-21 14:53	--------	d-----w-	c:\program files\VideoLAN
2009-07-20 00:36 . 2009-07-19 23:57	--------	d-----w-	c:\programdata\NOS
2009-07-20 00:36 . 2009-07-19 23:57	--------	d-----w-	c:\program files\NOS
2009-07-20 00:02 . 2008-08-21 21:50	--------	d-----w-	c:\program files\Common Files\Adobe
2009-07-19 23:58 . 2009-07-19 23:58	--------	d-----w-	c:\program files\Common Files\Adobe AIR
2009-07-18 15:10 . 2009-07-18 15:10	134072	----a-w-	c:\windows\ColorPic Uninstaller.exe
2009-07-18 15:10 . 2009-07-18 15:10	--------	d-----w-	c:\program files\ColorPic 4.1
2009-07-16 23:20 . 2009-07-16 23:20	--------	d-----w-	c:\program files\Time Stopper
2009-07-16 02:17 . 2009-07-16 02:17	229224	----a-w-	c:\windows\system32\drivers\VMM.sys
2009-07-14 20:17 . 2009-07-14 19:06	--------	d-----w-	c:\program files\Microsoft SQL Server
2009-07-14 20:16 . 2008-09-20 19:03	--------	d-----w-	c:\program files\Microsoft.NET
2009-07-14 19:04 . 2009-07-14 19:03	--------	d-----w-	c:\program files\Common Files\Merge Modules
2009-07-14 17:34 . 2009-07-14 17:34	--------	d-----w-	c:\program files\Microsoft SDKs
2009-07-09 22:20 . 2009-07-04 13:50	--------	d-----w-	c:\program files\VoipCheapCom
2009-07-09 01:55 . 2009-07-09 01:55	--------	d-----w-	c:\program files\American Systems
2009-07-08 21:21 . 2009-01-18 16:32	61224	----a-w-	c:\users\XPS\GoToAssistDownloadHelper.exe
2009-06-29 19:41 . 2008-10-30 22:08	34	----a-w-	c:\users\XPS\jagex_runescape_preferences.dat
2009-06-29 13:52 . 2009-06-29 13:52	9728	----a-w-	c:\windows\system32\BsMonUI.dll
2009-06-29 13:52 . 2009-06-29 13:52	18432	----a-w-	c:\windows\system32\BsMonSvr.dll
2009-06-29 13:52 . 2009-06-29 13:52	405589	----a-w-	c:\windows\system32\BsUI.dll
2009-06-29 13:52 . 2009-06-29 13:52	57430	----a-w-	c:\windows\system32\btfunc.dll
2009-06-29 13:52 . 2009-06-29 13:52	278647	----a-w-	c:\windows\system32\outlookAddin.dll
2009-06-29 13:51 . 2009-06-29 13:51	53248	----a-w-	c:\windows\system32\HtmPrintHelper.dll
2009-06-29 13:51 . 2009-06-29 13:51	114774	----a-w-	c:\windows\system32\versit.dll
2009-06-29 13:51 . 2009-06-29 13:51	622693	----a-w-	c:\windows\system32\BSShell.dll
2009-06-29 13:51 . 2009-06-29 13:51	569430	----a-w-	c:\windows\system32\Bscdlg.dll
2009-06-29 13:51 . 2009-06-29 13:51	118884	----a-w-	c:\windows\system32\BsProfileFunc.dll
2009-06-29 13:50 . 2009-06-29 13:50	151642	----a-w-	c:\windows\system32\BsCommon.dll
2009-06-29 13:50 . 2009-06-29 13:50	94314	----a-w-	c:\windows\system32\BsHelpCSps.dll
2009-06-29 13:50 . 2009-06-29 13:50	589939	----a-w-	c:\windows\system32\BlueSoleilCSps.dll
2009-06-29 13:49 . 2009-06-29 13:49	28766	----a-w-	c:\windows\system32\PlayerCtrl.dll
2009-06-29 13:49 . 2009-06-29 13:49	98403	----a-w-	c:\windows\system32\Bs2Res.dll
2009-06-29 13:49 . 2009-06-29 13:49	135264	----a-w-	c:\windows\system32\BsMobileSDK.dll
2009-06-29 13:49 . 2009-06-29 13:49	254036	----a-w-	c:\windows\system32\BsSDK.dll
2009-06-29 13:48 . 2009-06-29 13:48	28672	----a-w-	c:\windows\system32\BsMobileCSps.dll
2009-06-29 13:48 . 2009-06-29 13:48	28760	----a-w-	c:\windows\system32\BsTrace.dll
2009-06-15 15:24 . 2009-07-15 11:45	156672	----a-w-	c:\windows\system32\t2embed.dll
2009-06-15 15:20 . 2009-07-15 11:45	72704	----a-w-	c:\windows\system32\fontsub.dll
2009-06-15 15:20 . 2009-07-15 11:45	10240	----a-w-	c:\windows\system32\dciman32.dll
2009-06-15 12:52 . 2009-07-15 11:45	289792	----a-w-	c:\windows\system32\atmfd.dll
2009-05-17 03:11 . 2009-05-17 02:25	1239751184	----a-w-	c:\program files\MSSetupv70.exe
2008-09-10 18:49 . 2008-09-10 18:49	5817064	----a-w-	c:\program files\mozilla firefox\plugins\ScorchPDFWrapper.dll
2008-08-22 05:21 . 2008-08-22 05:10	8192	--sha-w-	c:\windows\Users\Default\NTUSER.DAT
.

(((((((((((((((((((((((((((((   SnapShot@2009-09-04_16.13.38   )))))))))))))))))))))))))))))))))))))))))
.
- 2008-09-19 22:27 . 2009-09-04 16:13	32768              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-09-19 22:27 . 2009-09-04 18:01	32768              c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-09-19 22:27 . 2009-09-04 18:01	81920              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-09-19 22:27 . 2009-09-04 16:13	81920              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-09-19 22:27 . 2009-09-04 18:01	32768              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-09-19 22:27 . 2009-09-04 16:13	32768              c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2008-01-15 106496]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-21 68856]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-14 206064]
"googletalk"="c:\users\XPS\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Google Update"="c:\users\XPS\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-01-15 133104]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-03-11 24095528]
"Eraser"="c:\program files\Eraser\Eraser.exe" [2007-12-22 916240]
"Pando Media Booster"="c:\program files\Pando Networks\Media Booster\PMB.exe" [2009-09-04 2919608]
"BitTorrent DNA"="c:\users\XPS\Program Files\DNA\btdna.exe" [2009-08-09 318272]
"VoipCheapCom"="c:\program files\VoipCheapCom\voipcheapcom.exe" [2009-07-09 9257272]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-08-05 1830128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2008-02-29 17920]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2008-01-03 184864]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-14 206064]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-01-09 645328]
"fssui"="c:\program files\Windows Live\Family Safety\fsui.exe" [2008-12-08 453984]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-18 13580832]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-09-18 92704]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-06-29 520024]
"Rvsystem"="c:\program files\Returnil\Returnil.exe" [2009-05-04 2304000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-03 148888]
"BtTray"="c:\program files\IVT Corporation\BlueSoleil\BtTray.exe" [2009-06-29 315478]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"CTxfiHlp"="CTXFIHLP.EXE" - c:\windows\System32\Ctxfihlp.exe [2009-02-19 24576]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" - c:\windows\KHALMNPR.Exe [2007-07-17 55824]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Flash********date"="c:\windows\system32\Macromed\Flash\FlashUtil10a.exe" [2008-10-05 235936]

c:\users\XPS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
PowerMenu.lnk - c:\program files\PowerMenu\PowerMenu.exe [2002-12-19 57344]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-1-10 113664]
GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2009-8-5 2389360]
LaunchU3.exe.lnk - c:\windows\Installer\{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}\_294823.exe [2009-1-6 22486]
NETGEAR WN111v2 Smart Wizard.lnk - c:\program files\NETGEAR\WN111v2\WN111v2.exe [2008-5-9 1712128]
SetPointII.lnk - c:\program files\Logitech\SetPoint II\SetpointII.exe [2007-8-30 319488]
VPN Client.lnk - c:\windows\Installer\{4C271126-C295-4828-A901-5910AE0C258B}\Icon3E5562ED7.ico [2009-1-13 6144]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 16:05	356352	----a-w-	c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^Users^XPS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
path=c:\users\XPS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
backup=c:\windows\pss\Xfire.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{139FC167-8533-4FC1-A969-9CD83C5F25A9}"= UDP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{E5EF12FB-C3C0-4C03-89D2-25AD26AB7D18}"= TCP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{51CFDEC4-777A-4395-99AD-9B859EBD3711}"= UDP:c:\nexon\Combat Arms\NMService.exe:Nexon Messenger Core
"{D1D245C9-E81E-4F35-95F0-A404FA0AAFE4}"= TCP:c:\nexon\Combat Arms\NMService.exe:Nexon Messenger Core
"{BB3B256C-169D-4D93-8D2D-4433BE37F0DA}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{54270B9A-9749-42F7-A8E9-56AE6B92910C}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{8C3ABA4E-ECF7-4EB4-BE2D-FC0D9C90DE32}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{4FC396E4-5EE1-42C0-A5EA-6397E3143867}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{BD351DD6-1DE0-4698-9F78-BDEA92D8D5C6}"= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent
"{0F5DB79E-EDFC-4DF2-A8E4-C87547F1C39D}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{4EC7CEB4-88C0-4C88-A094-664C3D21DFD2}"= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{1B82F99B-18AF-4184-A258-F437457D727F}"= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
"{52BAD015-3A47-498F-B7E2-015481960814}"= UDP:c:\nexon\Combat Arms\NMService.exe:Nexon Messenger Core
"{9E278887-4287-4887-924A-DD39DF102F7E}"= TCP:c:\nexon\Combat Arms\NMService.exe:Nexon Messenger Core
"{86A28FEF-80D4-401B-B5AB-3008E2639E8D}"= UDP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{FE981B5A-4174-461C-BC86-3733F9D63CAA}"= TCP:c:\programdata\NexonUS\NGM\NGM.exe:Nexon Game Manager
"{283E9316-D295-4F6B-AA2B-725C5E776193}"= UDP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll:Google Talk Plugin
"{00BD0291-222E-4704-90ED-1F48CA70D096}"= TCP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll:Google Talk Plugin
"{EB7CBF0C-073A-4A7B-AA14-01F2AE9A6B3B}"= UDP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe:Google Talk Plugin
"{BA66F7BD-D47B-489F-9246-D6BA0DFEA2D9}"= TCP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe:Google Talk Plugin
"{762EAF2F-F6E1-4CAD-98F1-3AEFE862036F}"= Disabled:UDP:c:\users\XPS\AppData\Roaming\U3\45269314120259C9\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe:skype
"{1DB2B0E9-9D0F-4E1A-84F2-AEB27BA051EA}"= TCP:c:\users\XPS\AppData\Roaming\U3\45269314120259C9\0DE4F643-C398-46ec-9339-2362F2311932\Exec\Skype.exe:skype
"{C657BDDE-08ED-4318-9736-7178EAAF4829}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{97D47645-C038-43F6-B54F-ABF03507DF47}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{E7DFC7E2-4C83-44E9-896D-8A2ACF492A19}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{78AE28E8-8BDA-4FEA-B097-BB8C59E48DFF}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"TCP Query User{70D6A474-BC73-4B19-80E7-920B36F4DD0A}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype 
"UDP Query User{92A1340C-A124-4847-A016-4298B3D8EDB3}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype 
"{07FD60D1-E31B-4EF2-AA8C-EC5486D8592F}"= UDP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll:Google Talk Plugin
"{AC8CB17E-1B76-4184-81C7-1083672CF502}"= TCP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll:Google Talk Plugin
"{0CA57283-C831-40FC-84B1-88BFC6B1785B}"= UDP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe:Google Talk Plugin
"{88BD2978-0AB5-4E34-B2C4-92746B2C19DF}"= TCP:c:\users\XPS\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe:Google Talk Plugin
"TCP Query User{6ACF7D82-D778-4DEA-8EFC-A8262F8D74A9}c:\\windows\\system32\\java.exe"= UDP:c:\windows\system32\java.exe:Java(TM) Platform SE binary
"UDP Query User{3C6E5A24-947D-4EED-A3B7-2EC27A293458}c:\\windows\\system32\\java.exe"= TCP:c:\windows\system32\java.exe:Java(TM) Platform SE binary
"TCP Query User{775C3E55-ACF9-4145-B051-13D9894F6B5B}c:\\program files\\glittercomm\\gcmaster.exe"= UDP:c:\program files\glittercomm\gcmaster.exe:GlitterComm Master
"UDP Query User{462FF9A6-C81E-40D0-901C-77A006443402}c:\\program files\\glittercomm\\gcmaster.exe"= TCP:c:\program files\glittercomm\gcmaster.exe:GlitterComm Master
"TCP Query User{965C7746-7D21-4895-BA2E-8B2286C71AFA}c:\\users\\xps\\downloads\\bs2-20081014\\burningsand2.exe"= UDP:c:\users\xps\downloads\bs2-20081014\burningsand2.exe:burningsand2.exe
"UDP Query User{7257C6AD-C019-4463-A031-CD42DF52A6B9}c:\\users\\xps\\downloads\\bs2-20081014\\burningsand2.exe"= TCP:c:\users\xps\downloads\bs2-20081014\burningsand2.exe:burningsand2.exe
"TCP Query User{AE863B2F-8913-4162-869B-E9D042AB77A6}c:\\program files\\lucasarts\\star wars battlefront ii\\gamedata\\battlefrontii.exe"= UDP:c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe:BattlefrontII
"UDP Query User{5878D4C0-0E17-498D-86CB-604D642B717A}c:\\program files\\lucasarts\\star wars battlefront ii\\gamedata\\battlefrontii.exe"= TCP:c:\program files\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe:BattlefrontII
"TCP Query User{DAA1A00E-553D-4DFD-BB26-FA72AAEE8E2E}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{EF425ED2-B4C6-4335-BDFB-491B2A284EA4}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"TCP Query User{E4575CDB-E010-4D2D-ADFE-597918C9AD18}c:\\users\\xps\\desktop\\eclipse evolution 2.7\\server\\server.exe"= UDP:c:\users\xps\desktop\eclipse evolution 2.7\server\server.exe:server.exe
"UDP Query User{552A6507-2958-4B14-B90F-11F3B7E3ED4F}c:\\users\\xps\\desktop\\eclipse evolution 2.7\\server\\server.exe"= TCP:c:\users\xps\desktop\eclipse evolution 2.7\server\server.exe:server.exe
"{58510250-FB64-4DB4-8D5B-E0D944F9CCFF}"= UDP:c:\program files\Microsoft Games\Age of Empires III\age3.exe:Age of Empires 3
"{3F782983-7FB5-4408-ADFE-53F524A8C1AC}"= TCP:c:\program files\Microsoft Games\Age of Empires III\age3.exe:Age of Empires 3
"TCP Query User{B3B27743-9799-478D-B337-B22DA9FDA46D}c:\\program files\\participatory culture foundation\\miro\\miro_downloader.exe"= UDP:c:\program files\participatory culture foundation\miro\miro_downloader.exe:Miro_Downloader
"UDP Query User{80B13DBF-8A78-4982-B394-2C0DED8198C2}c:\\program files\\participatory culture foundation\\miro\\miro_downloader.exe"= TCP:c:\program files\participatory culture foundation\miro\miro_downloader.exe:Miro_Downloader
"{378E3A33-219B-4BD5-89E8-88D6626F461C}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{7309C478-870E-4605-A5CA-E04B94AE7FE6}"= UDP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
"{9D85E950-047F-4ECC-B456-1A7775A897AD}"= TCP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
"{B752668D-C3C4-4A9E-B05B-F147F87D9631}"= UDP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
"{BA4434CC-0E8F-472D-9FD0-23A431A91E13}"= TCP:c:\program files\VoipBuster.com\VoipBuster\VoipBuster.exe:VoipBuster
"TCP Query User{B6D008B7-E343-42C4-93FC-2098C440C095}c:\\program files\\steam\\steamapps\\common\\dawn of war 2\\dow2.exe"= UDP:c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe:DOW2
"UDP Query User{C712EE5F-FC38-4748-BEFF-FD1923B17019}c:\\program files\\steam\\steamapps\\common\\dawn of war 2\\dow2.exe"= TCP:c:\program files\steam\steamapps\common\dawn of war 2\dow2.exe:DOW2
"TCP Query User{6A24F51C-5F91-4EB3-B4E8-8C3FD55B6E57}c:\\users\\xps\\desktop\\eclipse evolution 2.7\\server\\server.exe"= UDP:c:\users\xps\desktop\eclipse evolution 2.7\server\server.exe:server.exe
"UDP Query User{84CB15E2-D235-4525-9B14-532740278743}c:\\users\\xps\\desktop\\eclipse evolution 2.7\\server\\server.exe"= TCP:c:\users\xps\desktop\eclipse evolution 2.7\server\server.exe:server.exe
"{0FFD637E-5035-4F2E-BFB6-B5D8A172AAF3}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{6C5A39DC-1609-4EF0-A019-E02B9EE3DE7D}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{7A3798E7-4352-4FB4-98BD-129BBE716495}c:\\program files\\xfire\\xfire.exe"= UDP:c:\program files\xfire\xfire.exe:Xfire
"UDP Query User{2DCDAF61-8C39-44C8-B488-01DA2FBB694D}c:\\program files\\xfire\\xfire.exe"= TCP:c:\program files\xfire\xfire.exe:Xfire
"{6A32FD6E-81CD-47F7-B1E4-5F69A6069DE5}"= UDP:c:\program files\Microsoft Games\Age of Empires III\age3x.exe:Age of Empires III - The WarChiefs
"{44965B4F-F5A3-4B1C-8A0E-AD24C60F1A1E}"= TCP:c:\program files\Microsoft Games\Age of Empires III\age3x.exe:Age of Empires III - The WarChiefs
"{8C09AE35-A6FB-4A1E-A947-659C5E3E9B65}"= UDP:c:\program files\VoipCheapCom\VoipCheapCom.exe:VoipCheapCom
"{21F9A7C9-6FDF-4151-9126-74DD48E990AD}"= TCP:c:\program files\VoipCheapCom\VoipCheapCom.exe:VoipCheapCom
"TCP Query User{3815D1D0-591C-4758-AFC2-200EBB252A13}c:\\program files\\voipcheapcom\\voipcheapcom.exe"= UDP:c:\program files\voipcheapcom\voipcheapcom.exe:Client to make VoIP calls.
"UDP Query User{977E072F-A2E3-41E0-A483-3248695F9A20}c:\\program files\\voipcheapcom\\voipcheapcom.exe"= TCP:c:\program files\voipcheapcom\voipcheapcom.exe:Client to make VoIP calls.
"{DEE274E0-E963-4757-8DC2-F011B4CD884F}"= UDP:c:\combat arms\NMService.exe:Nexon Messenger Core
"{F8A0F604-980A-4BC4-8567-6F49DFFAF40E}"= TCP:c:\combat arms\NMService.exe:Nexon Messenger Core
"{C0654DD7-7C72-400A-849E-3F5511C1C535}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:BlueSoleilCS
"{F69CEA09-2F81-44ED-8C55-D91AE0B7DFBC}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:BlueSoleilCS
"{445A65B5-FA3D-4065-A562-169C3DC93176}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{83B212F0-69B1-4B0E-B823-171D197AA0C6}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{D8F0CF9B-3070-4D7A-9929-B659459C7FF7}"= UDP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:BlueSoleilCS
"{A41D5F3F-2E17-4076-B614-2CB7CBF91D86}"= TCP:c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:BlueSoleilCS
"{9ECB1A41-20EA-4CFC-A7DE-34FAF6487C73}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{17DDBD35-396F-4AF5-9715-3A0E5C12DFC2}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{748BA9F5-C2F8-498D-8974-9F0FF9638FA6}"= UDP:c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
"{0750DED3-54A0-452E-91F7-A0F1BA7F29A4}"= TCP:c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
"{08AFE179-FD5A-4FC3-AE95-15D451B784ED}"= UDP:c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
"{27B94B0E-3E08-4094-9276-8F4417D3C215}"= TCP:c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster
"{79DE21EB-2591-479D-BA66-5845F098A0A1}"= c:\program files\Pando Networks\Media Booster\PMB.exe:Pando Media Booster

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\System32\drivers\BtHidBus.sys [1/7/2009 11:39 PM 20744]
R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [4/26/2009 4:00 PM 64160]
R0 RVFsSec;RVFsSec;c:\windows\System32\drivers\RVFsSec.sys [5/3/2009 9:12 PM 22272]
R0 RVSystem;RVSystem;c:\windows\System32\drivers\RVSystem.sys [5/3/2009 9:12 PM 39424]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\System32\drivers\jswpslwf.sys [5/15/2008 4:28 AM 20384]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [8/5/2009 4:06 PM 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [8/5/2009 4:06 PM 74480]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [6/29/2009 9:48 AM 143467]
R2 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [12/17/2008 10:37 PM 55264]
R2 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [12/8/2008 6:01 PM 533344]
R2 IntuitUpdateService;Intuit Update Service;c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [10/10/2008 5:45 AM 13088]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [10/4/2008 4:51 PM 210216]
R2 TabletServicePen;TabletServicePen;c:\windows\System32\Pen_Tablet.exe [12/26/2008 7:14 PM 3032360]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\System32\drivers\btnetBus.sys [12/7/2008 12:44 PM 30088]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.sys [2/19/2009 10:42 AM 198168]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.sys [2/19/2009 10:43 AM 1353240]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.sys [2/19/2009 10:43 AM 73752]
R3 DNISp50;DNISp50 NDIS Protocol Driver;c:\windows\System32\drivers\DNISP50.sys [11/16/2006 3:36 PM 20480]
R3 DrmRAudio;DrmRAudio;c:\windows\System32\drivers\DrmRAudio.sys [4/8/2009 11:55 AM 23096]
R3 DrmRVideo;DrmRVideo;c:\windows\System32\drivers\DrmRVideo.sys [4/8/2009 11:55 AM 3768]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\System32\drivers\HCW85BDA.sys [8/22/2008 1:28 AM 1034496]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\System32\drivers\IvtBtBus.sys [7/2/2008 2:58 PM 26248]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [8/5/2009 4:06 PM 7408]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\System32\drivers\vcsvad.sys [5/16/2009 5:50 PM 17792]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\System32\drivers\wacmoumonitor.sys [12/26/2008 7:14 PM 15144]
R3 WN111v2;NETGEAR WN111v2 USB2.0 Wireless Card Service;c:\windows\System32\drivers\WN111v2v.sys [5/31/2008 3:44 PM 432640]
S2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [9/11/2007 1:45 AM 124832]
S2 gupdate1c9c47f4e72d910;Google Update Service (gupdate1c9c47f4e72d910);c:\program files\Google\Update\GoogleUpdate.exe [4/23/2009 9:52 PM 133104]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [1/18/2009 5:34 PM 1029456]
S3 CT20XUT;CT20XUT;c:\windows\System32\drivers\CT20XUT.sys [2/19/2009 10:42 AM 198168]
S3 CTEXFIFX;CTEXFIFX;c:\windows\System32\drivers\CTEXFIFX.sys [2/19/2009 10:43 AM 1353240]
S3 CTHWIUT;CTHWIUT;c:\windows\System32\drivers\CTHWIUT.sys [2/19/2009 10:43 AM 73752]
S3 DNIMp50;DNIMp50 NDIS Protocol Driver;c:\windows\System32\drivers\DNIMP50.sys [11/16/2006 3:36 PM 21504]
S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\System32\drivers\ha20x22k.sys [2/19/2009 10:54 AM 1222680]
S3 jswpsapi;Jumpstart Wifi Protected Setup;c:\program files\NETGEAR\WN111v2\jswpsapi.exe [2/29/2008 3:07 AM 942080]
S3 LTXMD_VAC;Litex Media Virtual Audio Cable (WDM);c:\windows\System32\drivers\lmvac.sys [4/7/2009 11:37 PM 18912]
S3 netr28u;Belkin N+ Wireless USB Adapter Driver for Vista;c:\windows\System32\drivers\netr28u.sys [1/11/2009 10:56 AM 641024]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 SMServer;SMServer;c:\windows\System32\snmvtsvc.exe [4/8/2009 2:11 PM 237568]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [7/10/2008 8:28 PM 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\System32\drivers\RsFx0102.sys [7/10/2008 2:49 AM 242712]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [7/10/2008 8:28 PM 369688]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - MBAMSWISSARMY
*Deregistered* - MBAMSwissArmy

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
rsmsvcs	REG_MULTI_SZ   	ntmssvc

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-01-18 20:03]

2009-09-01 c:\windows\Tasks\DriverCure.job
- c:\program files\ParetoLogic\DriverCure\DriverCure.exe [2009-04-26 12:44]

2009-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-24 01:52]

2009-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-04-24 01:52]

2009-09-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3023786897-1950851811-2347359228-1000Core.job
- c:\users\XPS\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-15 21:34]

2009-09-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3023786897-1950851811-2347359228-1000UA.job
- c:\users\XPS\AppData\Local\Google\Update\GoogleUpdate.exe [2009-01-15 21:34]

2009-08-15 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-03-23 14:53]

2009-09-01 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-03-23 14:53]

2009-09-03 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2009-01-21 05:36]

2009-09-04 c:\windows\Tasks\ParetoLogic Update Version2.job
- c:\program files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-21 05:36]

2009-09-04 c:\windows\Tasks\User_Feed_Synchronization-{979603A1-A027-4142-9711-CCFF0B6706A7}.job
- c:\windows\system32\msfeedssync.exe [2009-08-15 20:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: StumbleUpon PhotoBlog It! - StumbleUponIEBar.dll/blogimage
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {93344865-74BD-4873-BE65-56539D41A65C} - hxxp://earn2life.com/plugin/Earn2Life.cab
FF - ProfilePath - c:\users\XPS\AppData\Roaming\Mozilla\Firefox\Profiles\h5073m83.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Wolfram|Alpha
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - prefs.js: keyword.URL - hxxp://search.copernic.com/query21/?c=web&l=ENG&e=CDS2&cpn=&b=300000081&sctx=ffaddrbar&q=
FF - component: c:\users\XPS\AppData\Roaming\Mozilla\Firefox\Profiles\h5073m83.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\Google\Google Earth Plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPMFireLauncher.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll
FF - plugin: c:\users\XPS\AppData\Local\Google\Update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\users\XPS\AppData\Roaming\Mozilla\Firefox\Profiles\h5073m83.default\extensions\iaplayer@instantaction.com\plugins\npiaplayer.dll
FF - plugin: c:\users\XPS\AppData\Roaming\Mozilla\Firefox\Profiles\h5073m83.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll
FF - plugin: c:\users\XPS\AppData\Roaming\Mozilla\plugins\npcoolirisplugin.dll
FF - plugin: c:\users\XPS\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\XPS\Program Files\DNA\plugins\npbtdna.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, https://www.gmer.net
Rootkit scan 2009-09-04 14:02
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  CTxfiHlp = CTXFIHLP.EXE? 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3023786897-1950851811-2347359228-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{4F8568AA-A775-4FB1-48FC-9604D1EEA623}*]
@Allowed: (Read) (RestrictedCode)
"galkgfmhfpjabc"=hex:63,61,69,67,61,67,00,00

[HKEY_USERS\S-1-5-21-3023786897-1950851811-2347359228-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{81C6DC82-993B-2D5D-CBF9-18124A542349}*]
"ablphaolanbemaelpgdegfckmlppibgpii"=hex:69,61,6f,6c,6a,6a,63,65,68,66,61,67,
   69,6e,6c,6a,67,62,00,00
"pafpfogmedohjekohhbmbghcfifellbn"=hex:69,61,6f,6c,6a,6a,63,65,68,66,61,67,69,
   6e,6c,6a,67,62,00,00

[HKEY_USERS\S-1-5-21-3023786897-1950851811-2347359228-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D29A26DB-06FA-F67C-D5BC-B3746B321D42}*]
"bblbgdghfflgdijckbdpmjkihigcohaokkco"=hex:61,61,00,00
"ablbgdghfflgdijckbkolkapfiahlnlioi"=hex:61,61,00,00
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(7808)
c:\program files\PowerMenu\PowerMenuHook.dll
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
.
Completion time: 2009-09-04 14:05
ComboFix-quarantined-files.txt  2009-09-04 18:05
ComboFix2.txt  2009-09-04 16:16

Pre-Run: 100,268,531,712 bytes free
Post-Run: 100,161,859,584 bytes free

489	--- E O F ---	2009-09-03 23:58

And this is from HiJackThis

Code:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:20:34 PM, on 9/4/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\nvraidservice.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Program Files\Returnil\Returnil.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\NETGEAR\WN111v2\WN111v2.exe
C:\Program Files\Logitech\SetPoint II\SetpointII.exe
C:\Program Files\PowerMenu\PowerMenu.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\sdclt.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\conime.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsof*****m/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsof*****m/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsof*****m/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsof*****m/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Rvsystem] "C:\Program files\Returnil\Returnil.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" resetprofile
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [googletalk] C:\Users\XPS\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [Google Update] "C:\Users\XPS\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide
O4 - HKCU\..\Run: [Pando Media Booster] "C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\XPS\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [VoipCheapCom] "C:\Program Files\VoipCheapCom\voipcheapcom.exe" -nosplash -minimized
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [Flash********date] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Flash********date] C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe (User 'Default user')
O4 - Startup: PowerMenu.lnk = C:\Program Files\PowerMenu\PowerMenu.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe
O4 - Global Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: NETGEAR WN111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WN111v2\WN111v2.exe
O4 - Global Startup: SetPointII.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\DrmRemoval\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\DrmRemoval\YouTubeRipper.dll
O9 - Extra button: StumbleUpon - {75C9223A-409A-4795-A3CA-08DE6B075B4B} - C:\Program Files\StumbleUpon\StumbleUponIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O15 - Trusted Zone: https://*.mcafee.com
O16 - DPF: {93344865-74BD-4873-BE65-56539D41A65C} - https://earn2life.com/plugin/Earn2Life.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - IVT Corporation - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c9c47f4e72d910) (gupdate1c9c47f4e72d910) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\NETGEAR\WN111v2\jswpsapi.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: SMServer - SMServer - C:\Windows\system32\snmvtsvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe

--
End of file - 13404 bytes

Thanks 4 your help I dont want to reformat my pc soooo
Thnx

[snotpig]

Srry for dbl posting but can some 1 help me>?

[snotpig]

no if my system 32 folder was gone then my PC would be dead, no the virus is not fixed.

I need some1 who can read the log.....

Or give good advice

thnx

[snotpig]

I Think you r stupid. I ran ComboFix, my system 32 folder is still there and i run my computer in safe mode then scanned with multiple scanners, didnt help.

[[MPGH]Disturbed]

GET AN ANTI VIRUS, i reccommend Avast.

[Legify]

Download avast home edition and run a boot time scan, it eliminates all branches of the virus and will probably alert you of the main infected file.

[User1]

Avast or nortorn 360

[[MPGH]Disturbed]

NEVER NORTON, IT FIALS.

[kay911kay]

Download McAffee if u r willing ot pay money or get the free trial O>O

[Ghty82]

Get an antivirus. I recommend Malwarebytes

[User1]

Use my awesome anti virus. I made it myself. Its called. Mah 1337 brain.

[Fiop22]

Try using walwarebytes. Worked for me!