G25r8cer

It seems I am still having issues with my pc. The cpu usage is often climbing to 100% and stays there for a bit and my system slows to a hault and then cpu usage dies down to normal. My only guess is that im still infected. Heres a combofix log for you guys. Much help is needed and appreciated. Srry guys I thought I was done here but i guess not. I am willing to do whatever it takes to get rid of it besides reformatting.

ComboFix 08-05-21.3 - Spicka 2008-05-25 22:00:17.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.631 [GMT -4:00]
Running from: C:\Users\Spicka\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2008-04-26 to 2008-05-26 )))))))))))))))))))))))))))))))
.

2008-05-25 00:16 . 2008-05-25 00:16 <DIR> d-------- C:\Users\Spicka\Roaming
2008-05-25 00:16 . 2008-05-25 00:16 <DIR> d-------- C:\Users\Spicka\AppData\Roaming\MySpace
2008-05-25 00:15 . 2008-05-25 00:15 <DIR> d-------- C:\Program Files\MySpace
2008-05-23 22:25 . 2008-05-23 22:27 <DIR> d-------- C:\Program Files\rFactorLexus
2008-05-22 18:59 . 2008-05-22 19:12 <DIR> d-------- C:\Program Files\rFactor
2008-05-21 19:37 . 2008-05-21 19:37 <DIR> d--h----- C:\Windows\PIF
2008-05-19 16:30 . 2008-05-19 16:30 <DIR> dr------- C:\Users\Public\Videos
2008-05-19 16:30 . 2008-05-22 20:15 <DIR> dr------- C:\Users\Public\Pictures
2008-05-18 12:14 . 2008-05-18 12:14 <DIR> dr------- C:\Users\Public\Documents
2008-05-17 21:38 . 2008-05-17 21:38 <DIR> dr------- C:\Users\Public\Music
2008-05-10 21:33 . 2008-05-10 21:33 <DIR> d-------- C:\Users\Spicka\AppData\Roaming\dvdcss
2008-05-10 18:49 . 2008-05-25 04:03 <DIR> d-------- C:\Program Files\DVDFab 5
2008-05-09 23:59 . 2008-05-09 23:59 <DIR> d-------- C:\Users\All Users\Codemasters
2008-05-09 23:59 . 2008-05-09 23:59 <DIR> d-------- C:\ProgramData\Codemasters
2008-05-09 23:57 . 2008-03-05 15:56 3,786,760 --a------ C:\Windows\System32\D3DX9_37.dll
2008-05-09 23:57 . 2008-03-05 15:56 1,420,824 --a------ C:\Windows\System32\D3DCompiler_37.dll
2008-05-09 23:57 . 2008-03-05 16:03 479,752 --a------ C:\Windows\System32\XAudio2_0.dll
2008-05-09 23:57 . 2008-02-05 23:07 462,864 --a------ C:\Windows\System32\d3dx10_37.dll
2008-05-09 23:57 . 2008-03-05 16:03 238,088 --a------ C:\Windows\System32\xactengine3_0.dll
2008-05-09 23:57 . 2008-03-05 16:00 25,608 --a------ C:\Windows\System32\X3DAudio1_3.dll
2008-05-09 19:19 . 2008-05-09 19:19 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_ 00_00.Wdf
2008-05-08 16:24 . 2008-05-08 16:25 <DIR> d-------- C:\Program Files\Clock Tray Skins
2008-05-07 21:28 . 2008-03-12 19:38 445,504 -ra------ C:\Windows\System32\vp6vfw.dll
2008-05-04 17:12 . 2008-05-04 17:13 <DIR> d-------- C:\Users\Spicka\AppData\Roaming\Off Road
2008-05-04 17:03 . 2008-05-04 17:03 <DIR> d-------- C:\Program Files\Xplosiv
2008-05-04 00:06 . 2008-05-04 00:06 <DIR> d-------- C:\Users\Spicka\AppData\Roaming\Ubisoft
2008-05-03 22:17 . 2008-05-03 22:17 <DIR> d-------- C:\Users\Spicka\AppData\Roaming\THQ
2008-05-03 22:13 . 2008-05-03 22:13 <DIR> d-------- C:\Users\All Users\InstallShield
2008-05-03 22:13 . 2008-05-03 22:13 <DIR> d-------- C:\ProgramData\InstallShield
2008-05-03 22:02 . 2006-05-16 10:58 73,728 --a------ C:\Windows\System32\ISUSPM.cpl
2008-05-03 11:57 . 2008-05-07 21:28 <DIR> d-------- C:\Program Files\EA GAMES
2008-05-01 20:04 . 2008-05-01 20:04 <DIR> d-------- C:\Program Files\Rockstar Games
2008-04-30 19:12 . 2008-04-30 19:12 319 --a------ C:\Windows\game.ini
2008-04-30 18:46 . 2008-04-30 18:46 <DIR> d-------- C:\Program Files\Activision
2008-04-30 17:32 . 2008-05-03 22:02 <DIR> d-------- C:\Program Files\THQ
2008-04-29 16:46 . 2008-04-29 16:46 <DIR> dr-h----- C:\Users\Spicka\AppData\Roaming\SecuROM
2008-04-29 16:46 . 2008-04-29 16:46 107,888 --a------ C:\Windows\System32\CmdLineExt.dll
2008-04-28 19:52 . 2008-05-03 00:46 <DIR> d-------- C:\Users\Spicka\AppData\Roaming\X-NetStat
2008-04-28 19:52 . 2008-04-28 19:52 <DIR> d-------- C:\Program Files\X-NetStat Professional
2008-04-28 17:00 . 2008-04-28 17:00 <DIR> d-------- C:\Program Files\AceLogix
2008-04-27 17:13 . 2008-05-19 15:14 <DIR> d-------- C:\Users\Spicka\AppData\Roaming\VMware
2008-04-27 17:08 . 2008-04-27 17:08 <DIR> d-------- C:\Program Files\VMware
2008-04-27 17:08 . 2008-04-27 17:08 <DIR> d-------- C:\Program Files\Common Files\VMware
2008-04-26 00:15 . 2008-04-26 00:15 <DIR> d-------- C:\Windows\System32\URTTEMP
2008-04-26 00:12 . 2008-04-26 00:12 <DIR> d-------- C:\Users\All Users\Media Center Programs
2008-04-26 00:12 . 2008-04-26 00:12 <DIR> d-------- C:\ProgramData\Media Center Programs

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-05-26 02:00 --------- d-----w C:\Users\Spicka\AppData\Roaming\uTorrent
2008-05-26 01:43 --------- d-----w C:\Users\Spicka\AppData\Roaming\Vso
2008-05-25 03:50 --------- d-----w C:\Program Files\Trillian
2008-05-24 15:57 --------- d---a-w C:\ProgramData\TEMP
2008-05-21 22:23 --------- d-----w C:\Users\Spicka\AppData\Roaming\Audacity
2008-05-19 18:00 --------- d-----w C:\Program Files\Common Files\Autodesk Shared
2008-05-19 17:56 --------- d-----w C:\ProgramData\Autodesk
2008-05-17 23:25 --------- d-----w C:\ProgramData\VMware
2008-05-17 02:49 --------- d-----w C:\Program Files\GPU-Z
2008-05-14 22:24 --------- d-----w C:\Program Files\Windows Mail
2008-05-10 03:57 444,952 ----a-w C:\Windows\System32\wrap_oal.dll
2008-05-10 03:57 109,080 ----a-w C:\Windows\System32\OpenAL32.dll
2008-05-10 03:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-10 03:49 --------- d-----w C:\Program Files\Codemasters
2008-05-08 15:00 --------- d-----w C:\Program Files\GTR2
2008-05-07 14:53 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-05-07 14:12 --------- d-----w C:\Program Files\NVIDIA Corporation
2008-05-04 04:04 --------- d-----w C:\ProgramData\Ubisoft
2008-05-04 03:50 --------- d-----w C:\Program Files\Ubisoft
2008-05-02 00:17 --------- d-----w C:\Program Files\Microsoft Games
2008-04-29 00:29 --------- d-----w C:\ProgramData\Test Drive Unlimited
2008-04-27 03:53 --------- d-----w C:\Program Files\Grand Theft Auto San Andreas
2008-04-26 03:57 --------- d-----w C:\ProgramData\WindowsSearch
2008-04-26 03:46 --------- d-----w C:\Program Files\Electronic Arts
2008-04-23 00:41 --------- d-----w C:\Program Files\PowerISO
2008-04-22 19:37 --------- d-----w C:\Program Files\uTorrent
2008-04-21 20:02 --------- d-----w C:\Program Files\Atari
2008-04-21 00:21 --------- d-----w C:\Program Files\Easy Video Downloader
2008-04-15 22:48 --------- d-----w C:\Program Files\Fraps
2008-04-12 20:07 --------- d-----w C:\Program Files\VirtualDJ
2008-04-12 01:13 --------- d-----w C:\Program Files\DFX
2008-04-12 00:24 --------- d-----w C:\Users\Spicka\AppData\Roaming\Thinking Minds Budiling Bytes
2008-04-12 00:24 --------- d-----w C:\Program Files\CubeDesktop
2008-04-11 22:53 --------- d-----w C:\ProgramData\NVIDIA Corporation
2008-04-11 22:46 --------- d-----w C:\Program Files\Fast Explorer
2008-04-11 22:18 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-11 21:55 319,456 ----a-w C:\Windows\DIFxAPI.dll
2008-04-11 21:55 --------- d-----w C:\Program Files\Realtek
2008-04-11 02:04 --------- d-----w C:\ProgramData\Stardock
2008-04-11 01:38 --------- d-----w C:\Program Files\Foxit Software
2008-04-11 01:01 2,516 --sha-w C:\Windows\System32\KGyGaAvL.sys
2008-04-10 19:55 --------- d-----w C:\ProgramData\DFX
2008-04-10 19:54 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-10 18:19 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-04-10 06:22 --------- d-----w C:\Program Files\RocketDock
2008-04-10 03:18 --------- d-----w C:\Program Files\HyCam2
2008-04-10 01:03 --------- d-----w C:\Program Files\UltraISO
2008-04-10 01:02 --------- d-----w C:\Program Files\Common Files\EZB Systems
2008-04-07 03:07 --------- d-----w C:\ProgramData\vsosdk
2008-04-05 19:12 --------- d-----w C:\Program Files\Audacity 1.3 Beta (Unicode)
2008-04-05 00:45 47,360 ----a-w C:\Users\Spicka\AppData\Roaming\pcouffin.sys
2008-04-05 00:45 --------- d-----w C:\Program Files\VSO
2008-04-04 04:52 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-04-04 04:51 --------- d-----w C:\ProgramData\Messenger Plus!
2008-04-04 02:58 --------- d-----w C:\Program Files\RivaTuner v2.06
2008-03-31 23:15 --------- d-----w C:\Program Files\Rainbow Six Vegas
2008-03-30 23:00 --------- d-----w C:\Program Files\MagicISO
2008-03-29 21:03 --------- d-----w C:\ProgramData\Nero
2008-03-29 18:32 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
2008-03-29 16:19 716,272 ----a-w C:\Windows\system32\drivers\sptd.sys
2008-03-29 15:42 --------- d-----w C:\Program Files\Java
2008-03-29 15:41 --------- d-----w C:\Program Files\Common Files\Java
2008-03-29 15:29 --------- d-----w C:\ProgramData\SlySoft
2008-03-28 23:28 --------- d-----w C:\Program Files\Trojan Remover
2008-03-28 23:27 --------- d-----w C:\Users\Spicka\AppData\Roaming\Simply Super Software
2008-03-28 23:27 --------- d-----w C:\ProgramData\Simply Super Software
2008-03-28 20:59 --------- d-----w C:\Users\Spicka\AppData\Roaming\InstallShield
2008-03-27 23:03 --------- d-----w C:\ProgramData\FLEXnet
2008-03-27 22:14 --------- d-----w C:\Program Files\Image-Line
2008-03-27 22:12 --------- d-----w C:\Program Files\Steinberg
2008-03-26 23:41 --------- d-----w C:\ProgramData\Corel
2008-03-20 00:34 174 --sha-w C:\Program Files\desktop.ini
2008-03-20 00:11 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-03-20 00:11 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-03-04 22:30 98,304 ----a-w C:\Windows\system32CmdLineExt.dll
2008-02-29 07:14 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-02-29 07:11 988,216 ----a-w C:\Windows\System32\winload.exe
2008-02-29 07:11 927,288 ----a-w C:\Windows\System32\winresume.exe
2008-02-29 06:53 46,592 ----a-w C:\Windows\System32\setbcdlocale.dll
2008-02-29 06:53 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-02-29 06:53 378,368 ----a-w C:\Windows\System32\srcore.dll
2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-29 04:21 2,032,128 ----a-w C:\Windows\System32\win32k.sys
2008-02-29 04:12 318,464 ----a-w C:\Windows\System32\rstrui.exe
2008-02-29 04:12 14,848 ----a-w C:\Windows\System32\srdelayed.exe
2008-02-11 01:22 0 ----a-w C:\Users\Spicka\AppData\Roaming\wklnhst.dat
2008-02-14 21:50 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
2008-02-14 21:50 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-02-14 21:50 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 03:33 1233920]
"avast! service GUI component"="C:\Program Files\Alwil Software\Avast4\ashDisp.exe" [2008-03-29 14:37 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 17:16 65536]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 07:59 118784]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2008-01-09 15:23 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-01-09 15:23 8530464]
"RivaTunerStartupDaemon"="C:\Program Files\RivaTuner v2.06\RivaTuner.exe" [2007-10-30 14:05 2650112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2008-04-17 19:27 9117696]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Gaming Software.lnk - C:\Windows\Installer\{C5961323-A2E5-4FAB-B92D-DBF6C282F0F5}\NewShortcut1_C5961323A2E54FABB92DDBF 6C282F0F5.exe [2007-12-27 20:25:16 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^RivaTuner.exe]
backup=C:\Windows\pss\RivaTuner.exe.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Spicka^AppData^Roami ng^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
backup=C:\Windows\pss\MagicDisc.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Spicka^AppData^Roami ng^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office Groove.lnk]
path=C:\Users\Spicka\AppData\Roaming\Microsoft\Win dows\Start Menu\Programs\Startup\Microsoft Office Groove.lnk
backup=C:\Windows\pss\Microsoft Office Groove.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD_Display]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\b44b5fc7]
C:\Users\Spicka\AppData\Local\Temp\iebemyiq.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cmds]
C:\Users\Spicka\AppData\Local\Temp\mllkh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dog about manager team]
--a------ 2008-01-06 15:13 114704 C:\ProgramData\META THIRD 4.l9q7bk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
--a------ 2008-01-19 03:33 125952 C:\Windows\ehome\ehTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2006-10-27 01:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
--a------ 2007-04-18 11:01 65536 c:\hp\support\hpsysdrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jumpsafe]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
--a------ 2006-12-08 17:16 65536 C:\HP\KBD\KbdStub.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS Juan]
C:\Users\Spicka\AppData\Local\Temp\mlhuacox.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSServer]
C:\Users\Spicka\AppData\Local\Temp\gebay.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2008-01-09 15:23 8530464 C:\Windows\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2008-01-09 15:23 81920 C:\Windows\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
--a------ 2008-01-09 15:23 86016 C:\Windows\system32\nvsvc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerGuardian]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2008-03-14 19:50 233472 C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-01-10 16:27 385024 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
--a------ 2007-10-30 14:05 2650112 C:\Program Files\RivaTuner v2.06\RivaTuner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
--a------ 2007-10-25 05:52 4702208 C:\Windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateReg]
--a------ 2007-09-25 02:11 54672 C:\Windows\system32\jureg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
--a------ 2007-10-08 09:26 55856 C:\Program Files\VMware\VMware Workstation\hqtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
--a------ 2007-10-08 09:27 72240 C:\Program Files\VMware\VMware Workstation\vmware-tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2008-01-19 03:38 1008184 C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--a------ 2008-01-19 03:33 202240 C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

__________________

G25r8cer

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{975D25E8-9AEF-4CA4-88C9-964F4F41CB75}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{2C49A7B7-AF9B-4BCC-B73D-6EC125D607EB}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{A1EAF321-72CD-4CF8-8D7A-EC66C5B073C2}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{25DF000C-8352-4C95-86BD-D90FA79DEA37}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{94EB73F5-6EEF-4872-ACBA-1BD7AC4B0C61}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{9443997F-61F8-4B50-9E81-7E62EFE07763}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{2A69A77A-B3FC-4DF6-BA92-990E4CE0DDFC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{5616EC59-8AE2-4214-8AEE-043ACCE18F94}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{08987FB8-ADAE-485A-A6BC-59F05F6519B3}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{4B6C0C1F-85B6-4593-91EF-894A05AC700F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{1EF3E671-0133-4C88-B8FC-BEC9504015E1}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3DD27DF5-225B-4766-804B-C5493CA8BE80}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{AD4FEAF9-CEA4-460B-8E05-FF750C601DEF}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{CC12FA71-7BF3-44FA-9AD1-03B72EBA5F26}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{F6816305-2593-4DC5-86E5-F081DD403B3C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{13C6F9E0-7B7D-4B4A-AA53-DF03769FC00D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{87DED640-D588-4D97-9597-1C8AD56FD137}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{4BDC332E-8CE9-4DA7-891A-33EEBCCE447A}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{F946592E-1A48-4CF1-82C4-EE516CB66CB0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{21B9F52C-F778-48E0-84E5-50F6A018AA96}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{CFD818F1-7408-4B9D-BB98-47CD29501FA1}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{4A1D8D36-F329-443F-AACD-3734661BD4E9}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{896CA9AD-F0F6-456E-9FD3-B9304D421016}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{30C4A9D0-25D6-4DAD-A740-159A95CEA79D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{D52E4F47-F7E6-41D3-AA6A-409AA865CB80}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{39EB9547-9C61-41C8-852A-3E5BC1EE3FF0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{93E46397-6B63-41A8-B92C-33BBDDFD85B2}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{2A0CBEFB-938E-4A0A-B7F3-E84FF0579351}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{E58B181F-0F76-4CEE-AB79-DCB7E98A7F28}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{2AFB5296-CD03-4144-8F69-BEBDF0329601}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{E3638B0F-AE3E-4EC1-B0CD-5D4FDCD2A1DC}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{3D6EF208-490C-471F-B67A-142F05F7BFA5}C:\\program files\\rhapsody\\rhapsody.exe"= UDP:C:\program files\rhapsody\rhapsody.exe:RealNetworks Rhapsody
"UDP Query User{8433419C-73CB-4F87-9A67-FDBA8D746699}C:\\program files\\rhapsody\\rhapsody.exe"= TCP:C:\program files\rhapsody\rhapsody.exe:RealNetworks Rhapsody
"{FC768C72-E0B8-4292-9C3D-A78B44B5A71F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{16FB3309-E03A-4321-8BCB-013B221C21BF}C:\\program files\\frostwire\\frostwire.exe"= UDP:C:\program files\frostwire\frostwire.exe:FrostWire
"UDP Query User{8B58407E-4A8F-460D-9C33-9ECF1EE86A53}C:\\program files\\frostwire\\frostwire.exe"= TCP:C:\program files\frostwire\frostwire.exe:FrostWire
"UDP Query User{6C9BE14C-D0EE-43BB-87A4-14619DF705A2}C:\\program files\\myspace\\im\\myspaceim.exe"= TCP:C:\program files\myspace\im\myspaceim.exe:MySpace Instant Messenger
"{8507D1FE-BD9D-48B7-950E-D27DA9FE42BC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{B7F9196B-FD04-4E0A-B0B4-00212104D69B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{8FE91FEF-0B98-40E3-AF22-9A209005B3EA}"= UDP:C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager
"{51D7C1C6-9068-48F9-9D13-08533B4C9DBA}"= TCP:C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager
"{80E2D77C-EB01-4B52-AB9F-D45DEE42E141}"= UDP:C:\Program Files\Pinnacle\VideoSpin\Programs\PMSRegisterFile. exeMSRegisterFile
"{C24DACAE-D1A0-4CDD-9D57-9AD63F59F23D}"= TCP:C:\Program Files\Pinnacle\VideoSpin\Programs\PMSRegisterFile. exeMSRegisterFile
"{BCD9027A-44A7-43AF-B8DD-BBD7E64BB9EA}"= UDP:C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:umi
"{596F12A5-9675-4F7A-9B09-740A8A1DD10A}"= TCP:C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:umi
"{D069F8B2-FF95-4549-AF34-8657E95CDF62}"= UDP:C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exei nnacle VideoSpin
"{5F40ECED-9FFD-4013-83DE-E87D4E9EED48}"= TCP:C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exei nnacle VideoSpin
"{A663D39E-8211-414D-896F-96894C84BED6}"= UDP:C:\Program Files\FrostWire\FrostWire.exe:FrostWire 4.13.4
"{EBD2CE39-BAEF-4448-ACC5-2843EB444229}"= TCP:C:\Program Files\FrostWire\FrostWire.exe:FrostWire 4.13.4
"{6AF8787F-3E24-42DE-BE07-FCDD15DC6391}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{FA98F451-8517-4050-B611-6075AA07D0C3}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{36134A4F-6FB9-44E3-902A-1F626EEC1C09}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{CE4C4C21-1242-47BB-A5A3-364E6DED1819}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{E5BF9F35-884E-4F53-9CB7-D75533E2E251}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{D0BB6CD0-090A-4417-946A-C6EE9DC08976}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{A4593CFB-94E4-44F1-82F8-F9F9BA29C61C}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{DA94BDC8-9072-41E2-A924-06A82845B830}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{9F3DF8BD-9279-46C5-A977-5D896343CDC1}"= UDP:61000:azur tcp
"{12580A29-83C7-467A-B34E-1B1EF4FC5A07}"= TCP:61000:azur udp
"TCP Query User{936E625E-0789-49D2-97D4-AFEDF2DB72FE}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{3A159CAB-1BFD-41F9-969C-6097D0B2B36A}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"{3EC2ED0F-F6BC-48D7-BEB2-10E4048ED0AF}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{748B11B9-994F-41E3-9843-64F920932927}"= UDP:C:\Program Files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"{71C29047-97DF-4D5C-B337-7A8EC70A32B5}"= TCP:C:\Program Files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"TCP Query User{EBBF3F17-FD7D-4557-AF4E-DAD83DF1AA7A}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{B6841BBB-BE5F-40D0-AA62-87B09215CE3E}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"{E9E6347B-B128-4B95-9D3E-5DCD885110F7}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{23A25B22-9D4D-4A37-AD66-931C063A9258}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{6E92C6AD-CD09-4DCC-9761-D5CAEF1235B1}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{82AF9824-1AD9-46B3-8A1F-A4F7A0B5E07A}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{B672BC09-4A65-48C6-BD25-7EDD1F015AFD}C:\\program files\\gtr2\\gtr2.exe"= UDP:C:\program files\gtr2\gtr2.exe:GTR2 - FIA GT Racing Game
"UDP Query User{76736A58-806D-4CCC-9387-FAABE72AAE02}C:\\program files\\gtr2\\gtr2.exe"= TCP:C:\program files\gtr2\gtr2.exe:GTR2 - FIA GT Racing Game
"TCP Query User{115221F7-CD22-4CEF-8DA9-7EAB981DEF14}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{04877AFC-A814-4048-A0A3-8B1E619B2B90}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{BC169CA5-AB94-4121-9F1D-D81F25BAA314}C:\\program files\\codemasters\\dirt demo\\dirtdemo.exe"= UDP:C:\program files\codemasters\dirt demo\dirtdemo.exeiRT Demo Executable
"UDP Query User{F3C7EB02-0009-40A0-BBC7-6B4581B73344}C:\\program files\\codemasters\\dirt demo\\dirtdemo.exe"= TCP:C:\program files\codemasters\dirt demo\dirtdemo.exeiRT Demo Executable
"TCP Query User{A9BE1CFF-F1B7-4F76-B682-2A445C9E9258}C:\\users\\spicka\\desktop\\tdu\\test driveunlimited.exe"= Disabled:UDP:C:\users\spicka\desktop\tdu\testdrive unlimited.exe:testdriveunlimited.exe
"UDP Query User{0A6995E1-0212-45EA-907A-17ADEEC6B13F}C:\\users\\spicka\\desktop\\tdu\\test driveunlimited.exe"= Disabled:TCP:C:\users\spicka\desktop\tdu\testdrive unlimited.exe:testdriveunlimited.exe
"TCP Query User{B33E8ACD-5CD5-4F42-B451-FDDFFDD8FDF9}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{EBF08DA9-D1D6-4138-A69A-72C2157CAA20}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{9203A471-ABBE-4104-9F8C-D9BE0A1B01C5}C:\\users\\spicka\\desktop\\lfs y\\lfs.exe"= Disabled:UDP:C:\users\spicka\desktop\lfs y\lfs.exe:lfs.exe
"UDP Query User{DE396891-084B-472C-A397-B4E56EE2F2E3}C:\\users\\spicka\\desktop\\lfs y\\lfs.exe"= Disabled:TCP:C:\users\spicka\desktop\lfs y\lfs.exe:lfs.exe
"TCP Query User{F2469FED-3642-4458-8178-D94F49C877BA}C:\\program files\\tdu\\testdriveunlimited.exe"= UDP:C:\program files\tdu\testdriveunlimited.exe:Test Drive Unlimited
"UDP Query User{6625616D-3B40-4E99-B698-E0751E223EE4}C:\\program files\\tdu\\testdriveunlimited.exe"= TCP:C:\program files\tdu\testdriveunlimited.exe:Test Drive Unlimited
"{048FD200-9CBE-4A36-BE5E-7426340A1D2F}"= UDP:C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe:Autodesk 3ds Max 9 32-bit
"{E1F69BD7-1482-41DE-AD91-1179FC6990B5}"= TCP:C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe:Autodesk 3ds Max 9 32-bit
"{494565C2-5F52-45A6-90A8-095FD4A63599}"= UDP:C:\Program Files\Autodesk\Backburner\monitor.exe:backburner 2.3 monitor
"{994A1238-93F2-431A-83C9-5ED84A698E61}"= TCP:C:\Program Files\Autodesk\Backburner\monitor.exe:backburner 2.3 monitor
"{70A4146C-EA04-424D-BC9F-F244340A84C4}"= UDP:C:\Program Files\Autodesk\Backburner\manager.exe:backburner 2.3 manager
"{CBB29435-5EFF-4DB5-B5E7-741EFDEA9B03}"= TCP:C:\Program Files\Autodesk\Backburner\manager.exe:backburner 2.3 manager
"{D339B933-E9B5-47C0-824E-0C1E6BAD4443}"= UDP:C:\Program Files\Autodesk\Backburner\server.exe:backburner 2.3 server
"{D14E369D-75AB-4C74-8E38-A7B9FB640834}"= TCP:C:\Program Files\Autodesk\Backburner\server.exe:backburner 2.3 server
"{8E9928A1-8ED4-4709-BCBC-81829AF40E00}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{062CFA3E-0BC1-4BC9-AE0C-7F116723500D}C:\\program files\\rainbow six vegas\\binaries\\r6vegas_game.exe"= Disabled:UDP:C:\program files\rainbow six vegas\binaries\r6vegas_game.exe:R6Vegas_Game
"UDP Query User{EDBF6F3C-E5D9-476E-87C2-4F598CB26BC3}C:\\program files\\rainbow six vegas\\binaries\\r6vegas_game.exe"= Disabled:TCP:C:\program files\rainbow six vegas\binaries\r6vegas_game.exe:R6Vegas_Game
"{60C9E504-7624-42F1-8CFB-6BBAC056C0B7}"= Disabled:UDP:C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\Solid ConverterPDF.exe:SolidConverterPDF
"{0A447AD9-39F1-42A6-80F2-A98B0DAA6F2A}"= Disabled:TCP:C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\Solid ConverterPDF.exe:SolidConverterPDF
"{FC05D4C0-5E54-4077-A757-D84B0A301D6D}"= UDP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:Tom Clancy's Rainbow Six Vegas 2
"{079874E4-CB42-457D-BB28-4D774D5CA7F4}"= TCP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:Tom Clancy's Rainbow Six Vegas 2
"{E7BD56B4-DC6A-407D-A90E-CDA13090D107}"= UDP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:Tom Clancy's Rainbow Six Vegas 2 Update
"{E00A0851-E50A-48F0-BC5E-ABEE035E2E38}"= TCP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:Tom Clancy's Rainbow Six Vegas 2 Update
"{B8CC3115-4307-432F-A84D-7198E6BAE199}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{9B6C3B21-E205-4742-9B77-572CE354341C}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{A2F975E4-1C3D-4887-9F36-F617411B6C8E}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{28151418-97DB-4540-9964-AB31CA061462}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{2A7312A1-3BCB-442A-A7CA-D7EFB0B3D5C2}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{5278428F-60D2-4400-8509-735DFBBCBE36}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{1DD08392-C94D-419B-9173-77F7449C8D93}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe :CrysisDedicatedServer_32
"{8563DF07-539D-42BF-B480-08BCA7A5D829}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe :CrysisDedicatedServer_32
"{D79977BD-7BE7-4093-A9F0-F486AEA48141}"= UDP:C:\Windows\System32\PnkBstrA.exenkBstrA
"{0C584D01-2830-46D9-B29F-A996E9E4107E}"= TCP:C:\Windows\System32\PnkBstrA.exenkBstrA
"{424D2CC8-9F63-4D82-9AA6-221C1BF379E1}"= UDP:C:\Windows\System32\PnkBstrB.exenkBstrB
"{F7C6254C-C6AF-49A8-949D-89E6D2946F67}"= TCP:C:\Windows\System32\PnkBstrB.exenkBstrB
"TCP Query User{20A5AFCE-4B4C-4A7B-8A87-E27D1FAEC377}C:\\program files\\gamespy\\comrade\\comrade.exe"= UDP:C:\program files\gamespy\comrade\comrade.exe:Comrade
"UDP Query User{7671FA25-2635-4EDB-B5EB-EE0E5011936D}C:\\program files\\gamespy\\comrade\\comrade.exe"= TCP:C:\program files\gamespy\comrade\comrade.exe:Comrade
"{1C134B82-266B-4413-8DC7-961E0E2BCB23}"= UDP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"{57564181-8348-421D-8DFA-E1A433097D45}"= TCP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"TCP Query User{706CE38E-4671-40A3-B39C-569D20C4FCEC}C:\\users\\spicka\\desktop\\ratiomast er-1.7.5\\ratiomaster.exe"= UDP:C:\users\spicka\desktop\ratiomaster-1.7.5\ratiomaster.exe:ratiomaster.exe
"UDP Query User{FA096EAC-C19D-4F0C-AF0F-71CD27D01BC6}C:\\users\\spicka\\desktop\\ratiomast er-1.7.5\\ratiomaster.exe"= TCP:C:\users\spicka\desktop\ratiomaster-1.7.5\ratiomaster.exe:ratiomaster.exe
"TCP Query User{CD8F028D-0444-42D3-A09A-8F587951D2C8}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{49C5CF3E-D6B1-4D1C-9D32-A1735EDD5FC9}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"{2D407F78-CDA7-4D7E-96E1-7A39A1B15A56}"= Disabled:UDP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{2CF1E04F-0A84-4E30-A3C8-DFCAB9910E15}"= Disabled:TCP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{51F88D5E-2A04-4BDC-A9B0-91794341DD8F}"= Disabled:UDP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{714EFAEB-AA6C-4F42-8315-6FCCB2EC9FEF}"= Disabled:TCP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{3523CE4E-F9AE-4DBB-8EED-5C7B6173592C}"= Disabled:UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{82F5929C-19D1-4AE7-95F5-44ECBFE88C29}"= Disabled:TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{5A48498A-8C49-426E-A619-1A9B10313F50}"= Disabled:UDP:C:\Program Files\THQ\Juiced2_HIN\Juiced2_HIN.exe:Juiced2_HIN
"{E0984E15-EFF3-496B-B728-260C7200BEED}"= Disabled:TCP:C:\Program Files\THQ\Juiced2_HIN\Juiced2_HIN.exe:Juiced2_HIN
"{3E312BCE-4479-41C6-AC46-6D36281FFD48}"= UDP:C:\Program Files\Codemasters\GRID Demo\GRID.exe:GRID Demo
"{4446BA8E-3F48-4392-8E7F-934C13541B21}"= TCP:C:\Program Files\Codemasters\GRID Demo\GRID.exe:GRID Demo
"{E9D94860-E999-42BA-A1A8-E8FAF83407D9}"= C:\Program Files\MySpace\IM\MySpaceIM.exe:MySpaceIM

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"= C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorre nt

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 14:31]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswF sBlk.sys [2008-03-29 14:35]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\as wMonFlt.sys [2008-03-29 14:32]
R2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2008-01-19 03:33]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.s ys [2007-08-07 07:26]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.ex e [2008-02-15 18:49]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - MI-RAYSAT_3DSMAX9_32
*Newly Created Service* - PROTEXISLICENSING
*Newly Created Service* - WMPNETWORKSVC
.
Contents of the 'Scheduled Tasks' folder
"2008-05-26 00:57:20 C:\Windows\Tasks\User_Feed_Synchronization-{BBF9C965-CADA-4F96-ADB5-83AC81BE0009}.job"
- C:\Windows\system32\msfeedssync.exe
.
************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-25 22:04:46
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 2008-05-25 22:05:52
ComboFix-quarantined-files.txt 2008-05-26 02:05:49

Pre-Run: 160,031,547,392 bytes free
Post-Run: 160,002,166,784 bytes free

416 --- E O F --- 2008-05-21 19:43:31

__________________

G25r8cer

It seems that somehow avast got infected! So I uninstalled avast and then re-installed and my pc now seems to work fine. If someone sees anything suspicous still in my combofix please let me know.

__________________

GameMaster

You/some1 has been editing in registry. I see some things disabled, but it seems that you're running on an administrator account?
I couldn't find anything in the log, We can wait for ceewi1 to see if he has any good idea but before that...
Have you defragmented your disk lately? How many processes do you have running?

__________________
dznutz:

G25r8cer

Yeah I have been editing registry a little but nothing major. I did block some programs and games from getting access to the internet as I dont really update them anyway and dont play online. I defragged both of my drives when I got my 750gb and transfered everything to it. That was about 3-4weeks ago. Right now I have 43 processes running. After a re-install of avast it seemed that avast was still using way too much cpu and memory so I un-installed again and got nod32 instead. Nod32 runs in the background way better than avast and I barely even know its running. I am on an admin account as this is my own pc and there is only one other account which is the guest account. I'll let some other people look through the log also but, my thought was that the newer avast was just too much for my pc to handle and bogged it down way too much.

__________________

GameMaster

So you're saying that the computer is running better after removing Avast! ? I had problems with Avast! too, that's why I got AVG, but it sucked and that's the reason why I bought Kaspersky antivirus. Which was buggy and expensive to update and that's exactly why I now have Nod32. Oh I had many AV-s before lol. Oh damn here I go again, offtopic.

Please tell me if you find anything suspicious about your computer's performance, I would not tolerate failure in helping

__________________
dznutz:

G25r8cer

I am fairly sure it was just avast being a hog. I dont see anything suspicous now but im running a S&D Scan for Problems. I did a Reg fix with Tuneup Utilities 2008 too last night. I also run CCleaner atleast once a day. I will post back if I see anything suspicous later. Is there any other app that is good to run to check for errors/infections?

__________________

GameMaster

Ad-aware. It deletes even tracking cookies paranoid, yet so useful program.
http://lavasoft.com/single/trialpay.php

__________________
dznutz:

G25r8cer

I try to leave cookies there in Firefox b/c I have Firefox remember my passwords. I know it seems risky but it saves alot of time. Anyways, thanks Ill check it out anyway. I think I have used it before but never really to the fullest.

Edit: Spybot S&D didnt find any errors which is good news. I am going to leave it installed now. Does it pick up bad running processes well? What else does it pick up if I just leave it running in the background?

__________________

GameMaster

Don't worry; in the end you choose what to delete of what Ad-aware finds. You check the boxes and it does the job. Anyway...good luck.

__________________
dznutz: