microsoft security essentials

[reigoskeiter]

combofix log... ( NOTE: everytime i want to run it it asks that do i want to risk it whit the virust protection on, then i continue, then it says warning and says that there are audio drivers or devices running and it needs to disable it, also, i remember installing polderbits and never knowing how to remove that shit program...anyway, now whit the log).

((((((((((((((((((((((((( Files Created from 2010-03-28 to 2010-04-28 )))))))))))))))))))))))))))))))
.

2010-04-27 12:20 . 2010-04-27 12:20 52224 ----a-w- c:\documents and settings\Kasutaja\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
2010-04-27 12:20 . 2010-04-27 12:20 117760 ----a-w- c:\documents and settings\Kasutaja\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2010-04-27 12:19 . 2010-04-27 12:19 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-04-27 12:19 . 2010-04-27 12:19 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-04-27 12:19 . 2010-04-27 12:19 -------- d-----w- c:\documents and settings\Kasutaja\Application Data\SUPERAntiSpyware.com
2010-04-27 12:18 . 2010-04-27 12:18 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2010-04-26 04:03 . 2010-04-26 04:03 388096 ----a-r- c:\documents and settings\Kasutaja\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2010-04-26 04:03 . 2010-04-26 04:03 -------- d-----w- c:\program files\Trend Micro
2010-04-16 15:12 . 2010-04-16 15:13 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-04-16 12:10 . 2010-04-16 12:10 503808 ----a-w- c:\documents and settings\Kasutaja\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-64ac4a5e-n\msvcp71.dll
2010-04-16 12:10 . 2010-04-16 12:10 499712 ----a-w- c:\documents and settings\Kasutaja\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-64ac4a5e-n\jmc.dll
2010-04-16 12:10 . 2010-04-16 12:10 348160 ----a-w- c:\documents and settings\Kasutaja\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-64ac4a5e-n\msvcr71.dll
2010-04-16 12:10 . 2010-04-16 12:10 61440 ----a-w- c:\documents and settings\Kasutaja\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-309a437f-n\decora-sse.dll
2010-04-16 12:10 . 2010-04-16 12:10 12800 ----a-w- c:\documents and settings\Kasutaja\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-309a437f-n\decora-d3d.dll
2010-04-16 12:10 . 2010-04-12 14:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-15 13:39 . 2010-04-15 13:39 -------- d-----w- C:\found.000

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-28 07:13 . 2008-11-12 19:38 -------- d-----w- c:\documents and settings\Kasutaja\Application Data\OpenOffice.org2
2010-04-25 17:04 . 2008-11-01 12:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-25 15:54 . 2008-08-05 14:35 -------- d-----w- c:\documents and settings\Kasutaja\Application Data\uTorrent
2010-04-16 12:10 . 2008-08-07 20:24 -------- d-----w- c:\program files\Common Files\Java
2010-04-16 12:09 . 2008-08-07 20:25 -------- d-----w- c:\program files\Java
2010-04-16 11:44 . 2009-04-19 12:31 5918776 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-04-16 11:40 . 2008-08-11 06:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Avg8
2010-04-16 11:16 . 2008-10-14 19:58 -------- d-----w- c:\program files\Common Files\Apple
2010-03-30 16:06 . 2008-09-06 17:18 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-03-29 12:24 . 2008-11-01 12:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-29 12:24 . 2008-11-01 12:14 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-27 10:04 . 2008-08-05 14:35 -------- d-----w- c:\documents and settings\Kasutaja\Application Data\Sports Interactive
2010-03-24 20:38 . 2009-12-04 16:03 -------- d-----w- c:\program files\Death Rally
2010-03-21 22:25 . 2009-01-08 13:10 -------- d-----w- c:\program files\Safari
2010-03-21 22:21 . 2010-03-21 22:21 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe
2010-03-20 14:38 . 2010-03-20 14:38 -------- d-----w- c:\program files\Mozilla
2010-03-19 20:42 . 2008-08-18 12:00 -------- d-----w- c:\program files\uTorrent
2010-03-19 05:27 . 2008-12-01 12:32 -------- d-----w- c:\program files\GUNROX
2010-03-18 15:30 . 2008-08-07 20:12 -------- d-----w- c:\program files\Google
2010-03-18 14:54 . 2008-08-07 20:22 -------- d-----w- c:\program files\LimeWire
2010-03-18 14:53 . 2009-10-30 19:34 -------- d-----w- c:\program files\Glest_3.2.2
2010-03-18 14:52 . 2009-05-21 12:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Electronic Arts
2010-03-18 14:52 . 2008-09-16 06:09 -------- d-----w- c:\program files\Electronic Arts
2010-03-18 14:50 . 2008-08-05 11:47 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-03-18 14:42 . 2008-08-31 22:05 -------- d--h--w- c:\documents and settings\Kasutaja\Application Data\yahoo!
2010-03-18 14:42 . 2008-08-31 19:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2010-03-18 14:41 . 2008-08-31 13:02 -------- d-----w- c:\program files\AIM
2010-03-18 14:41 . 2008-08-31 13:03 -------- d-----w- c:\documents and settings\Kasutaja\Application Data\Aim
2010-03-15 04:56 . 2008-11-07 05:12 -------- d-----w- c:\program files\Eidos Interactive
2010-03-11 21:56 . 2008-11-12 19:40 1 ----a-w- c:\documents and settings\Kasutaja\Application Data\OpenOffice.org2\user\uno_packages\cache\stamp.sys
2010-03-10 13:52 . 2009-09-04 14:54 69 ----a-w- c:\documents and settings\Kasutaja\jagex_runescape_preferences2.dat
2010-03-10 13:50 . 2008-10-03 12:30 41 ----a-w- c:\documents and settings\Kasutaja\jagex_runescape_preferences.dat
2010-03-10 13:30 . 2008-11-21 22:00 -------- d-----w- c:\program files\EA SPORTS
2010-03-09 17:44 . 2009-01-20 17:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Sports Interactive
2010-03-08 18:46 . 2009-07-14 12:11 -------- d-----w- c:\program files\Sports Interactive
2010-03-08 09:25 . 2009-03-01 15:02 -------- d-----w- c:\documents and settings\Kasutaja\Application Data\U3
2010-03-07 11:05 . 2010-03-07 11:05 -------- d-----w- c:\program files\GDS
2010-02-25 17:07 . 2010-02-25 17:05 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll
2010-02-20 19:22 . 2009-09-24 04:48 24104 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT
2010-02-16 14:43 . 2010-02-16 14:43 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.21.10\SetupAdmin.exe
2010-02-05 16:28 . 2009-12-05 16:57 79488 ----a-w- c:\documents and settings\Kasutaja\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-07-14 00:16 . 2009-07-14 00:16 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-07-14 00:16 . 2009-07-14 00:16 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
.

((((((((((((((((((((((((((((( SnapShot@2010-04-26_16.00.22 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-28 15:58 . 2010-04-28 15:58 16384 c:\windows\temp\Perflib_Perfdata_718.dat
+ 2010-04-27 12:19 . 2010-04-27 12:19 65024 c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe
+ 2010-04-27 12:19 . 2010-04-27 12:19 18944 c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe
+ 2010-04-27 12:19 . 2010-04-27 12:19 5120 c:\windows\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF16.exe
+ 2010-04-27 12:19 . 2010-04-27 12:19 1583616 c:\windows\Installer\1d9042c.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-12-29 687560]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 577536]
"CTCheck"="c:\program files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe" [2007-11-06 397312]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-02-21 1093208]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 12:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EnableDCOM]
N [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\restrictanonymous]

[X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\restrictanonymoussam]

[X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-11 23:38 34672 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
2008-11-28 07:31 1261336 ----a-w- c:\progra~1\AVG\AVG8\avgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
2007-07-17 08:03 868352 ------w- c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Fast Encoder]
c:\docume~1\Kasutaja\LOCALS~1\Temp\fedhost.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\fssui]
2009-08-05 19:48 647520 ----a-w- c:\program files\Windows Live\Family Safety\fsui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hivew]
c:\docume~1\Kasutaja\LOCALS~1\Temp\281709843050don.dll [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2008-11-20 11:20 290088 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Java Runtime Enviornment]
c:\windows\TEMP\c:\windows\TEMP\Update.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MicrosoftUpdate]
c:\documents and settings\Kasutaja\Application Data\taskeng.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Monopod]
c:\docume~1\Kasutaja\LOCALS~1\Temp\b.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nvwins]
c:\program files\Windows NT\nvwins.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PopRock]
c:\docume~1\Kasutaja\LOCALS~1\Temp\j.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Bonjour Service"=2 (0x2)
"avg8wd"=2 (0x2)
"avg8emc"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\Kasutaja\\My Documents\\LimeWire\\Saved\\Command & Conquer Generals\\game.dat"=
"c:\\Program Files\\SecondLife\\SLVoice.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\EA GAMES\\Command & Conquer Generals Zero Hour\\game.dat"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\Program Files\\EA GAMES\\Command and Conquer Generals\\game.dat"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\EA GAMES\\Command and Conquer Generals\\patchget.dat"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Owner\\My Documents\\Downloads\\cnc\\Command And Conquer - Tiberian Sun + Firestorm Expansion\\game.exe"=
"c:\\Program Files\\Sports Interactive\\Football Manager 2010\\fm.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1806:TCP"= 1806:TCP:eghxgmt

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.02.2010 11:25 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [17.02.2010 11:15 66632]
R3 PbsAuDrv;PolderbitS Audio Driver;c:\windows\system32\drivers\pbsaudrv.sys [20.12.2009 13:25 110752]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [25.11.2009 22:10 27632]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [10.03.2009 0:08 717296]
S2 ghkclv;Server Manager;c:\windows\system32\svchost.exe -k netsvcs [28.02.2006 15:00 14336]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [21.12.2009 17:18 135664]
S2 RPCER;Remote Procedure Call (HNM);c:\program files\Common Files\ODBC\comp.exe --> c:\program files\Common Files\ODBC\comp.exe [?]
S3 kzixj;kzixj;\??\c:\windows\system32\03.tmp --> c:\windows\system32\03.tmp [?]
S3 liulu;liulu;\??\c:\windows\system32\013.tmp --> c:\windows\system32\013.tmp [?]
S3 ntcexkd;ntcexkd;\??\c:\windows\system32\0C.tmp --> c:\windows\system32\0C.tmp [?]
S3 qtdtknoxf;qtdtknoxf;\??\c:\windows\system32\019.tmp --> c:\windows\system32\019.tmp [?]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [25.11.2009 22:06 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [25.11.2009 22:06 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [25.11.2009 22:06 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [25.11.2009 22:06 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [25.11.2009 22:06 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [25.11.2009 22:06 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [25.11.2009 22:06 115752]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [17.02.2010 11:15 12872]
S3 txddrdm;txddrdm;\??\c:\windows\system32\04.tmp --> c:\windows\system32\04.tmp [?]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
NETSVCS_0x1
NETSVCS_0x2
NETSVCS_0x3
NETSVCS_0x4
NETSVCS_0x5
NETSVCS_0x6
NETSVCS_0x7
NETSVCS_0x8
NETSVCS_0x9
NETSVCS_0xa
NETSVCS_0xb
ghkclv
.
Contents of the 'Scheduled Tasks' folder

2010-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-21 14:18]

2010-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-21 14:18]

2010-04-28 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Microsoft Security Essentials\MpCmdRun.exe [2009-12-09 15:02]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.neti.ee/
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
DPF: {4BFD075D-C36E-4F28-BB0A-5D472795197A} - hxxp://www.powerchallenge.com/applet/PowerLoader.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.21.0.cab
FF - ProfilePath - c:\documents and settings\Kasutaja\Application Data\Mozilla\Firefox\Profiles\rzne5otf.default\
FF - plugin: c:\documents and settings\Kasutaja\Application Data\Mozilla\Firefox\Profiles\rzne5otf.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\plugins\np_gp.dll
FF - plugin: c:\documents and settings\Kasutaja\Application Data\Mozilla\Firefox\Profiles\rzne5otf.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
FF - plugin: c:\documents and settings\Kasutaja\My Documents\DivX\DivX Player\npDivxPlayerPlugin.dll
FF - plugin: c:\documents and settings\Kasutaja\My Documents\DivX\DivX Web Player\npdivx32.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\NPOP7PlugIn.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-28 19:12
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\kzixj]
"ImagePath"="\??\c:\windows\system32\03.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\liulu]
"ImagePath"="\??\c:\windows\system32\013.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\ntcexkd]
"ImagePath"="\??\c:\windows\system32\0C.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\qtdtknoxf]
"ImagePath"="\??\c:\windows\system32\019.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\txddrdm]
"ImagePath"="\??\c:\windows\system32\04.tmp"

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\ghkclv]
"ServiceDll"="c:\windows\system32\nzixtmk.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-854245398-1957994488-682003330-1004\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:b5,d2,7c,22,9b,7f,e9,ea,6b,d9,5f,f9,44,22,10,19,f4,64,ae,d1,39,7c,4d,
d4,69,c4,3c,de,03,a6,63,ba,9e,2d,44,e8,c7,32,3f,a0,8b,5c,19,18,68,0e,da,eb,\
"??"=hex:a5,34,05,48,cc,09,e0,e2,b6,5c,f3,c3,09,cb,b6,93

[HKEY_USERS\S-1-5-21-854245398-1957994488-682003330-1004\Software\SecuROM\License information*]
"datasecu"=hex:84,b4,77,1a,43,db,cd,0e,6b,ce,38,64,80,7a,bf,39,02,3a,22,e5,9f,
0d,ac,e7,6a,93,7b,66,b6,74,62,17,47,81,d0,cd,c2,2d,3a,e1,d7,e3,dd,d4,69,9c,\
"rkeysecu"=hex:82,f9,0d,d7,15,7a,20,1f,ff,b5,c2,81,40,fd,09,8d
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(600)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
.
Completion time: 2010-04-28 19:16:52
ComboFix-quarantined-files.txt 2010-04-28 16:16
ComboFix2.txt 2010-04-26 16:04

Pre-Run: 12*546*813*952 bytes free
Post-Run: 12*525*383*680 bytes free

- - End Of File - - FFADD5BE01AD98CAFF07F0A01AE136ED

 

[reigoskeiter]

hijackthis uninstall log...

Adobe AIR
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9
Adobe Shockwave Player 11.5
Age of Mythology
Age of Mythology - The Titans Expansion
Apple Application Support
AudibleManager
Battlefield Heroes
Bonjour
Carmageddon
Carmageddon II Carpocalypse Now
Command & Conquer Generals
Command and ConquerTM Generals Zero Hour
Creative System Information
Creative ZEN
Critical Update for Windows Media Player 11 (KB959772)
Death Rally for Windows
DivX Codec
DivX Converter
DivX Player
DivX Plus DirectShow Filters
DivX Web Player
DX-Ball 1.09
EA SPORTS online 2007
FIFA 09
FIFA MANAGER 10
Football Manager 2010
Google Update Helper
Guitar Pro 5.2
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
HPSSupply
HTmov
HTviewer
Intel(R) Graphics Media Accelerator Driver
iTunes
Java(TM) 6 Update 20
Java(TM) 6 Update 7
Junk Mail filter update
Magic ISO Maker v5.4 (build 0255)
Magic ISO Maker v5.5 (build 0272)
MagicDisc 2.7.106
Malwarebytes' Anti-Malware
Manhunt
MDickie's Booking MPire
MDickie's Wrestling MPire
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Antimalware
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer 2003
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Search Enhancement Pack
Microsoft Security Essentials
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft WSE 3.0 Runtime
Mozilla Firefox (3.6.3)
MSVCRT
NaturalMotion endorphin 2.7.1
neroxml
OpenAL
OpenOffice.org 2.4
Pivot Stickfigure Animator
Popcorn
Popscene
Popscene: Track 2
Pro Evolution Soccer 6
PunkBuster Services
QuickTime
Reach
Reach Trial
Realtek AC'97 Audio
Safari
SecondLife (remove only)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Segoe UI
Skype web features
Skype™ 4.1
SUPERAntiSpyware Free Edition
ZENcast Organizer
TEW2005
The MDickie Show
The Sims 2
The Sims 2 Family Fun Stuff
The Sims 2 Glamour Life Stuff
The Sims 2 Nightlife
The Sims 2 Open For Business
The Sims 2 Pets
The Sims 2 University
The Sims Makin' Magic
The Sims™ 2 Apartment Life
The Sims™ 2 Bon Voyage
The Sims™ 2 Celebration! Stuff
The Sims™ 2 FreeTime
The Sims™ 2 H&M® Fashion Stuff
The Sims™ 2 IKEA® Home Stuff
The Sims™ 2 Kitchen & Bath Interior Design Stuff
The Sims™ 2 Mansion and Garden Stuff
The Sims™ 2 Seasons
The Sims™ 2 Teen Style Stuff
UEFA EURO 2008™
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VC80CRTRedist - 8.0.50727.762
Westwood Shared Internet Components
VideoLAN VLC media player 0.8.6i
Viewpoint Media Player
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Messenger 5.1
Windows Presentation Foundation
Windows XP Service Pack 3
WinRAR archiver
World War Alpha
Wrecked
Wrestling MPire 2008 (Career Edition)
Wrestling MPire 2008 (Management Edition)
Xilisoft Video Converter Ultimate

 

[johnb35]

I don't know where you got this machine from, but you have keygen software on there. You have utorrent, limewire and glest. So I'm assuming that most of the software that is installed on that machine is pirated.

Your best off to format and reinstall windows. I can't help you anymore.

 

[gmcrepair]

Spam^^^^^^^