Still having issued (combofix incl)

[G25r8cer]

It seems I am still having issues with my pc. The cpu usage is often climbing to 100% and stays there for a bit and my system slows to a hault and then cpu usage dies down to normal. My only guess is that im still infected. Heres a combofix log for you guys. Much help is needed and appreciated. Srry guys I thought I was done here but i guess not. I am willing to do whatever it takes to get rid of it besides reformatting.

ComboFix 08-05-21.3 - Spicka 2008-05-25 22:00:17.3 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.631 [GMT -4:00]
Running from: C:\Users\Spicka\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2008-04-26 to 2008-05-26 )))))))))))))))))))))))))))))))
.

2008-05-25 00:16 . 2008-05-25 00:16 <DIR> d-------- C:\Users\Spicka\Roaming
2008-05-25 00:16 . 2008-05-25 00:16 <DIR> d-------- C:\Users\Spicka\AppData\Roaming\MySpace
2008-05-25 00:15 . 2008-05-25 00:15 <DIR> d-------- C:\Program Files\MySpace
2008-05-23 22:25 . 2008-05-23 22:27 <DIR> d-------- C:\Program Files\rFactorLexus
2008-05-22 18:59 . 2008-05-22 19:12 <DIR> d-------- C:\Program Files\rFactor
2008-05-21 19:37 . 2008-05-21 19:37 <DIR> d--h----- C:\Windows\PIF
2008-05-19 16:30 . 2008-05-19 16:30 <DIR> dr------- C:\Users\Public\Videos
2008-05-19 16:30 . 2008-05-22 20:15 <DIR> dr------- C:\Users\Public\Pictures
2008-05-18 12:14 . 2008-05-18 12:14 <DIR> dr------- C:\Users\Public\Documents
2008-05-17 21:38 . 2008-05-17 21:38 <DIR> dr------- C:\Users\Public\Music
2008-05-10 21:33 . 2008-05-10 21:33 <DIR> d-------- C:\Users\Spicka\AppData\Roaming\dvdcss
2008-05-10 18:49 . 2008-05-25 04:03 <DIR> d-------- C:\Program Files\DVDFab 5
2008-05-09 23:59 . 2008-05-09 23:59 <DIR> d-------- C:\Users\All Users\Codemasters
2008-05-09 23:59 . 2008-05-09 23:59 <DIR> d-------- C:\ProgramData\Codemasters
2008-05-09 23:57 . 2008-03-05 15:56 3,786,760 --a------ C:\Windows\System32\D3DX9_37.dll
2008-05-09 23:57 . 2008-03-05 15:56 1,420,824 --a------ C:\Windows\System32\D3DCompiler_37.dll
2008-05-09 23:57 . 2008-03-05 16:03 479,752 --a------ C:\Windows\System32\XAudio2_0.dll
2008-05-09 23:57 . 2008-02-05 23:07 462,864 --a------ C:\Windows\System32\d3dx10_37.dll
2008-05-09 23:57 . 2008-03-05 16:03 238,088 --a------ C:\Windows\System32\xactengine3_0.dll
2008-05-09 23:57 . 2008-03-05 16:00 25,608 --a------ C:\Windows\System32\X3DAudio1_3.dll
2008-05-09 19:19 . 2008-05-09 19:19 0 --ah----- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2008-05-08 16:24 . 2008-05-08 16:25 <DIR> d-------- C:\Program Files\Clock Tray Skins
2008-05-07 21:28 . 2008-03-12 19:38 445,504 -ra------ C:\Windows\System32\vp6vfw.dll
2008-05-04 17:12 . 2008-05-04 17:13 <DIR> d-------- C:\Users\Spicka\AppData\Roaming\Off Road
2008-05-04 17:03 . 2008-05-04 17:03 <DIR> d-------- C:\Program Files\Xplosiv
2008-05-04 00:06 . 2008-05-04 00:06 <DIR> d-------- C:\Users\Spicka\AppData\Roaming\Ubisoft
2008-05-03 22:17 . 2008-05-03 22:17 <DIR> d-------- C:\Users\Spicka\AppData\Roaming\THQ
2008-05-03 22:13 . 2008-05-03 22:13 <DIR> d-------- C:\Users\All Users\InstallShield
2008-05-03 22:13 . 2008-05-03 22:13 <DIR> d-------- C:\ProgramData\InstallShield
2008-05-03 22:02 . 2006-05-16 10:58 73,728 --a------ C:\Windows\System32\ISUSPM.cpl
2008-05-03 11:57 . 2008-05-07 21:28 <DIR> d-------- C:\Program Files\EA GAMES
2008-05-01 20:04 . 2008-05-01 20:04 <DIR> d-------- C:\Program Files\Rockstar Games
2008-04-30 19:12 . 2008-04-30 19:12 319 --a------ C:\Windows\game.ini
2008-04-30 18:46 . 2008-04-30 18:46 <DIR> d-------- C:\Program Files\Activision
2008-04-30 17:32 . 2008-05-03 22:02 <DIR> d-------- C:\Program Files\THQ
2008-04-29 16:46 . 2008-04-29 16:46 <DIR> dr-h----- C:\Users\Spicka\AppData\Roaming\SecuROM
2008-04-29 16:46 . 2008-04-29 16:46 107,888 --a------ C:\Windows\System32\CmdLineExt.dll
2008-04-28 19:52 . 2008-05-03 00:46 <DIR> d-------- C:\Users\Spicka\AppData\Roaming\X-NetStat
2008-04-28 19:52 . 2008-04-28 19:52 <DIR> d-------- C:\Program Files\X-NetStat Professional
2008-04-28 17:00 . 2008-04-28 17:00 <DIR> d-------- C:\Program Files\AceLogix
2008-04-27 17:13 . 2008-05-19 15:14 <DIR> d-------- C:\Users\Spicka\AppData\Roaming\VMware
2008-04-27 17:08 . 2008-04-27 17:08 <DIR> d-------- C:\Program Files\VMware
2008-04-27 17:08 . 2008-04-27 17:08 <DIR> d-------- C:\Program Files\Common Files\VMware
2008-04-26 00:15 . 2008-04-26 00:15 <DIR> d-------- C:\Windows\System32\URTTEMP
2008-04-26 00:12 . 2008-04-26 00:12 <DIR> d-------- C:\Users\All Users\Media Center Programs
2008-04-26 00:12 . 2008-04-26 00:12 <DIR> d-------- C:\ProgramData\Media Center Programs

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-26 02:00 --------- d-----w C:\Users\Spicka\AppData\Roaming\uTorrent
2008-05-26 01:43 --------- d-----w C:\Users\Spicka\AppData\Roaming\Vso
2008-05-25 03:50 --------- d-----w C:\Program Files\Trillian
2008-05-24 15:57 --------- d---a-w C:\ProgramData\TEMP
2008-05-21 22:23 --------- d-----w C:\Users\Spicka\AppData\Roaming\Audacity
2008-05-19 18:00 --------- d-----w C:\Program Files\Common Files\Autodesk Shared
2008-05-19 17:56 --------- d-----w C:\ProgramData\Autodesk
2008-05-17 23:25 --------- d-----w C:\ProgramData\VMware
2008-05-17 02:49 --------- d-----w C:\Program Files\GPU-Z
2008-05-14 22:24 --------- d-----w C:\Program Files\Windows Mail
2008-05-10 03:57 444,952 ----a-w C:\Windows\System32\wrap_oal.dll
2008-05-10 03:57 109,080 ----a-w C:\Windows\System32\OpenAL32.dll
2008-05-10 03:49 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-10 03:49 --------- d-----w C:\Program Files\Codemasters
2008-05-08 15:00 --------- d-----w C:\Program Files\GTR2
2008-05-07 14:53 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-05-07 14:12 --------- d-----w C:\Program Files\NVIDIA Corporation
2008-05-04 04:04 --------- d-----w C:\ProgramData\Ubisoft
2008-05-04 03:50 --------- d-----w C:\Program Files\Ubisoft
2008-05-02 00:17 --------- d-----w C:\Program Files\Microsoft Games
2008-04-29 00:29 --------- d-----w C:\ProgramData\Test Drive Unlimited
2008-04-27 03:53 --------- d-----w C:\Program Files\Grand Theft Auto San Andreas
2008-04-26 03:57 --------- d-----w C:\ProgramData\WindowsSearch
2008-04-26 03:46 --------- d-----w C:\Program Files\Electronic Arts
2008-04-23 00:41 --------- d-----w C:\Program Files\PowerISO
2008-04-22 19:37 --------- d-----w C:\Program Files\uTorrent
2008-04-21 20:02 --------- d-----w C:\Program Files\Atari
2008-04-21 00:21 --------- d-----w C:\Program Files\Easy Video Downloader
2008-04-15 22:48 --------- d-----w C:\Program Files\Fraps
2008-04-12 20:07 --------- d-----w C:\Program Files\VirtualDJ
2008-04-12 01:13 --------- d-----w C:\Program Files\DFX
2008-04-12 00:24 --------- d-----w C:\Users\Spicka\AppData\Roaming\Thinking Minds Budiling Bytes
2008-04-12 00:24 --------- d-----w C:\Program Files\CubeDesktop
2008-04-11 22:53 --------- d-----w C:\ProgramData\NVIDIA Corporation
2008-04-11 22:46 --------- d-----w C:\Program Files\Fast Explorer
2008-04-11 22:18 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-11 21:55 319,456 ----a-w C:\Windows\DIFxAPI.dll
2008-04-11 21:55 --------- d-----w C:\Program Files\Realtek
2008-04-11 02:04 --------- d-----w C:\ProgramData\Stardock
2008-04-11 01:38 --------- d-----w C:\Program Files\Foxit Software
2008-04-11 01:01 2,516 --sha-w C:\Windows\System32\KGyGaAvL.sys
2008-04-10 19:55 --------- d-----w C:\ProgramData\DFX
2008-04-10 19:54 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-04-10 18:19 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-04-10 06:22 --------- d-----w C:\Program Files\RocketDock
2008-04-10 03:18 --------- d-----w C:\Program Files\HyCam2
2008-04-10 01:03 --------- d-----w C:\Program Files\UltraISO
2008-04-10 01:02 --------- d-----w C:\Program Files\Common Files\EZB Systems
2008-04-07 03:07 --------- d-----w C:\ProgramData\vsosdk
2008-04-05 19:12 --------- d-----w C:\Program Files\Audacity 1.3 Beta (Unicode)
2008-04-05 00:45 47,360 ----a-w C:\Users\Spicka\AppData\Roaming\pcouffin.sys
2008-04-05 00:45 --------- d-----w C:\Program Files\VSO
2008-04-04 04:52 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-04-04 04:51 --------- d-----w C:\ProgramData\Messenger Plus!
2008-04-04 02:58 --------- d-----w C:\Program Files\RivaTuner v2.06
2008-03-31 23:15 --------- d-----w C:\Program Files\Rainbow Six Vegas
2008-03-30 23:00 --------- d-----w C:\Program Files\MagicISO
2008-03-29 21:03 --------- d-----w C:\ProgramData\Nero
2008-03-29 18:32 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
2008-03-29 16:19 716,272 ----a-w C:\Windows\system32\drivers\sptd.sys
2008-03-29 15:42 --------- d-----w C:\Program Files\Java
2008-03-29 15:41 --------- d-----w C:\Program Files\Common Files\Java
2008-03-29 15:29 --------- d-----w C:\ProgramData\SlySoft
2008-03-28 23:28 --------- d-----w C:\Program Files\Trojan Remover
2008-03-28 23:27 --------- d-----w C:\Users\Spicka\AppData\Roaming\Simply Super Software
2008-03-28 23:27 --------- d-----w C:\ProgramData\Simply Super Software
2008-03-28 20:59 --------- d-----w C:\Users\Spicka\AppData\Roaming\InstallShield
2008-03-27 23:03 --------- d-----w C:\ProgramData\FLEXnet
2008-03-27 22:14 --------- d-----w C:\Program Files\Image-Line
2008-03-27 22:12 --------- d-----w C:\Program Files\Steinberg
2008-03-26 23:41 --------- d-----w C:\ProgramData\Corel
2008-03-20 00:34 174 --sha-w C:\Program Files\desktop.ini
2008-03-20 00:11 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-03-20 00:11 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-03-04 22:30 98,304 ----a-w C:\Windows\system32CmdLineExt.dll
2008-02-29 07:14 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-02-29 07:11 988,216 ----a-w C:\Windows\System32\winload.exe
2008-02-29 07:11 927,288 ----a-w C:\Windows\System32\winresume.exe
2008-02-29 06:53 46,592 ----a-w C:\Windows\System32\setbcdlocale.dll
2008-02-29 06:53 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-02-29 06:53 378,368 ----a-w C:\Windows\System32\srcore.dll
2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-29 04:21 2,032,128 ----a-w C:\Windows\System32\win32k.sys
2008-02-29 04:12 318,464 ----a-w C:\Windows\System32\rstrui.exe
2008-02-29 04:12 14,848 ----a-w C:\Windows\System32\srdelayed.exe
2008-02-11 01:22 0 ----a-w C:\Users\Spicka\AppData\Roaming\wklnhst.dat
2008-02-14 21:50 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-02-14 21:50 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-02-14 21:50 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 03:33 1233920]
"avast! service GUI component"="C:\Program Files\Alwil Software\Avast4\ashDisp.exe" [2008-03-29 14:37 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 17:16 65536]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 07:59 118784]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2008-01-09 15:23 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2008-01-09 15:23 8530464]
"RivaTunerStartupDaemon"="C:\Program Files\RivaTuner v2.06\RivaTuner.exe" [2007-10-30 14:05 2650112]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2008-04-17 19:27 9117696]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech Gaming Software.lnk - C:\Windows\Installer\{C5961323-A2E5-4FAB-B92D-DBF6C282F0F5}\NewShortcut1_C5961323A2E54FABB92DDBF6C282F0F5.exe [2007-12-27 20:25:16 40960]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.ffds"= C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RivaTuner.exe]
backup=C:\Windows\pss\RivaTuner.exe.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Spicka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]
backup=C:\Windows\pss\MagicDisc.lnk.Startup
backupExtension=.Startup

[HKLM\~\startupfolder\C:^Users^Spicka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office Groove.lnk]
path=C:\Users\Spicka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Groove.lnk
backup=C:\Windows\pss\Microsoft Office Groove.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMD_Display]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\b44b5fc7]
C:\Users\Spicka\AppData\Local\Temp\iebemyiq.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cmds]
C:\Users\Spicka\AppData\Local\Temp\mllkh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dog about manager team]
--a------ 2008-01-06 15:13 114704 C:\ProgramData\META THIRD 4.l9q7bk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
--a------ 2008-01-19 03:33 125952 C:\Windows\ehome\ehTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
--a------ 2006-10-27 01:47 31016 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
--a------ 2007-04-18 11:01 65536 c:\hp\support\hpsysdrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\jumpsafe]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
--a------ 2006-12-08 17:16 65536 C:\HP\KBD\KbdStub.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MS Juan]
C:\Users\Spicka\AppData\Local\Temp\mlhuacox.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSServer]
C:\Users\Spicka\AppData\Local\Temp\gebay.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MySpaceIM]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2008-01-09 15:23 8530464 C:\Windows\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2008-01-09 15:23 81920 C:\Windows\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
--a------ 2008-01-09 15:23 86016 C:\Windows\system32\nvsvc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerGuardian]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
--a------ 2008-03-14 19:50 233472 C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-01-10 16:27 385024 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RivaTunerStartupDaemon]
--a------ 2007-10-30 14:05 2650112 C:\Program Files\RivaTuner v2.06\RivaTuner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
--a------ 2007-10-25 05:52 4702208 C:\Windows\RtHDVCpl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateReg]
--a------ 2007-09-25 02:11 54672 C:\Windows\system32\jureg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
--a------ 2007-10-08 09:26 55856 C:\Program Files\VMware\VMware Workstation\hqtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vmware-tray]
--a------ 2007-10-08 09:27 72240 C:\Program Files\VMware\VMware Workstation\vmware-tray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
--a------ 2008-01-19 03:38 1008184 C:\Program Files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
--a------ 2008-01-19 03:33 202240 C:\Program Files\Windows Media Player\WMPNSCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

 

[G25r8cer]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{975D25E8-9AEF-4CA4-88C9-964F4F41CB75}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{2C49A7B7-AF9B-4BCC-B73D-6EC125D607EB}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{A1EAF321-72CD-4CF8-8D7A-EC66C5B073C2}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{25DF000C-8352-4C95-86BD-D90FA79DEA37}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{94EB73F5-6EEF-4872-ACBA-1BD7AC4B0C61}"= UDP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{9443997F-61F8-4B50-9E81-7E62EFE07763}"= TCP:C:\Program Files\earthlink totalaccess\TaskPanl.exe:taskpanl
"{2A69A77A-B3FC-4DF6-BA92-990E4CE0DDFC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{5616EC59-8AE2-4214-8AEE-043ACCE18F94}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{08987FB8-ADAE-485A-A6BC-59F05F6519B3}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{4B6C0C1F-85B6-4593-91EF-894A05AC700F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{1EF3E671-0133-4C88-B8FC-BEC9504015E1}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{3DD27DF5-225B-4766-804B-C5493CA8BE80}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{AD4FEAF9-CEA4-460B-8E05-FF750C601DEF}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{CC12FA71-7BF3-44FA-9AD1-03B72EBA5F26}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{F6816305-2593-4DC5-86E5-F081DD403B3C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{13C6F9E0-7B7D-4B4A-AA53-DF03769FC00D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{87DED640-D588-4D97-9597-1C8AD56FD137}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{4BDC332E-8CE9-4DA7-891A-33EEBCCE447A}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{F946592E-1A48-4CF1-82C4-EE516CB66CB0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{21B9F52C-F778-48E0-84E5-50F6A018AA96}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{CFD818F1-7408-4B9D-BB98-47CD29501FA1}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{4A1D8D36-F329-443F-AACD-3734661BD4E9}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{896CA9AD-F0F6-456E-9FD3-B9304D421016}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{30C4A9D0-25D6-4DAD-A740-159A95CEA79D}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{D52E4F47-F7E6-41D3-AA6A-409AA865CB80}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{39EB9547-9C61-41C8-852A-3E5BC1EE3FF0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{93E46397-6B63-41A8-B92C-33BBDDFD85B2}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{2A0CBEFB-938E-4A0A-B7F3-E84FF0579351}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{E58B181F-0F76-4CEE-AB79-DCB7E98A7F28}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{2AFB5296-CD03-4144-8F69-BEBDF0329601}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{E3638B0F-AE3E-4EC1-B0CD-5D4FDCD2A1DC}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{3D6EF208-490C-471F-B67A-142F05F7BFA5}C:\\program files\\rhapsody\\rhapsody.exe"= UDP:C:\program files\rhapsody\rhapsody.exe:RealNetworks Rhapsody
"UDP Query User{8433419C-73CB-4F87-9A67-FDBA8D746699}C:\\program files\\rhapsody\\rhapsody.exe"= TCP:C:\program files\rhapsody\rhapsody.exe:RealNetworks Rhapsody
"{FC768C72-E0B8-4292-9C3D-A78B44B5A71F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{16FB3309-E03A-4321-8BCB-013B221C21BF}C:\\program files\\frostwire\\frostwire.exe"= UDP:C:\program files\frostwire\frostwire.exe:FrostWire
"UDP Query User{8B58407E-4A8F-460D-9C33-9ECF1EE86A53}C:\\program files\\frostwire\\frostwire.exe"= TCP:C:\program files\frostwire\frostwire.exe:FrostWire
"UDP Query User{6C9BE14C-D0EE-43BB-87A4-14619DF705A2}C:\\program files\\myspace\\im\\myspaceim.exe"= TCP:C:\program files\myspace\im\myspaceim.exe:MySpace Instant Messenger
"{8507D1FE-BD9D-48B7-950E-D27DA9FE42BC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{B7F9196B-FD04-4E0A-B0B4-00212104D69B}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{8FE91FEF-0B98-40E3-AF22-9A209005B3EA}"= UDP:C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager
"{51D7C1C6-9068-48F9-9D13-08533B4C9DBA}"= TCP:C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe:Render Manager
"{80E2D77C-EB01-4B52-AB9F-D45DEE42E141}"= UDP:C:\Program Files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exeMSRegisterFile
"{C24DACAE-D1A0-4CDD-9D57-9AD63F59F23D}"= TCP:C:\Program Files\Pinnacle\VideoSpin\Programs\PMSRegisterFile.exeMSRegisterFile
"{BCD9027A-44A7-43AF-B8DD-BBD7E64BB9EA}"= UDP:C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:umi
"{596F12A5-9675-4F7A-9B09-740A8A1DD10A}"= TCP:C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe:umi
"{D069F8B2-FF95-4549-AF34-8657E95CDF62}"= UDP:C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exeinnacle VideoSpin
"{5F40ECED-9FFD-4013-83DE-E87D4E9EED48}"= TCP:C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exeinnacle VideoSpin
"{A663D39E-8211-414D-896F-96894C84BED6}"= UDP:C:\Program Files\FrostWire\FrostWire.exe:FrostWire 4.13.4
"{EBD2CE39-BAEF-4448-ACC5-2843EB444229}"= TCP:C:\Program Files\FrostWire\FrostWire.exe:FrostWire 4.13.4
"{6AF8787F-3E24-42DE-BE07-FCDD15DC6391}"= UDP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{FA98F451-8517-4050-B611-6075AA07D0C3}"= TCP:C:\Program Files\Winamp Remote\bin\Orb.exe:Orb
"{36134A4F-6FB9-44E3-902A-1F626EEC1C09}"= UDP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{CE4C4C21-1242-47BB-A5A3-364E6DED1819}"= TCP:C:\Program Files\Winamp Remote\bin\OrbTray.exe:OrbTray
"{E5BF9F35-884E-4F53-9CB7-D75533E2E251}"= UDP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{D0BB6CD0-090A-4417-946A-C6EE9DC08976}"= TCP:C:\Program Files\Winamp Remote\bin\OrbIR.exe:OrbIR
"{A4593CFB-94E4-44F1-82F8-F9F9BA29C61C}"= UDP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{DA94BDC8-9072-41E2-A924-06A82845B830}"= TCP:C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:Orb Stream Client
"{9F3DF8BD-9279-46C5-A977-5D896343CDC1}"= UDP:61000:azur tcp
"{12580A29-83C7-467A-B34E-1B1EF4FC5A07}"= TCP:61000:azur udp
"TCP Query User{936E625E-0789-49D2-97D4-AFEDF2DB72FE}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{3A159CAB-1BFD-41F9-969C-6097D0B2B36A}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"{3EC2ED0F-F6BC-48D7-BEB2-10E4048ED0AF}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{748B11B9-994F-41E3-9843-64F920932927}"= UDP:C:\Program Files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"{71C29047-97DF-4D5C-B337-7A8EC70A32B5}"= TCP:C:\Program Files\Mozilla Firefox\firefox.exe:Mozilla Firefox
"TCP Query User{EBBF3F17-FD7D-4557-AF4E-DAD83DF1AA7A}C:\\program files\\internet explorer\\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{B6841BBB-BE5F-40D0-AA62-87B09215CE3E}C:\\program files\\internet explorer\\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer
"{E9E6347B-B128-4B95-9D3E-5DCD885110F7}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{23A25B22-9D4D-4A37-AD66-931C063A9258}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{6E92C6AD-CD09-4DCC-9761-D5CAEF1235B1}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{82AF9824-1AD9-46B3-8A1F-A4F7A0B5E07A}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"TCP Query User{B672BC09-4A65-48C6-BD25-7EDD1F015AFD}C:\\program files\\gtr2\\gtr2.exe"= UDP:C:\program files\gtr2\gtr2.exe:GTR2 - FIA GT Racing Game
"UDP Query User{76736A58-806D-4CCC-9387-FAABE72AAE02}C:\\program files\\gtr2\\gtr2.exe"= TCP:C:\program files\gtr2\gtr2.exe:GTR2 - FIA GT Racing Game
"TCP Query User{115221F7-CD22-4CEF-8DA9-7EAB981DEF14}C:\\program files\\mozilla firefox\\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{04877AFC-A814-4048-A0A3-8B1E619B2B90}C:\\program files\\mozilla firefox\\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{BC169CA5-AB94-4121-9F1D-D81F25BAA314}C:\\program files\\codemasters\\dirt demo\\dirtdemo.exe"= UDP:C:\program files\codemasters\dirt demo\dirtdemo.exeiRT Demo Executable
"UDP Query User{F3C7EB02-0009-40A0-BBC7-6B4581B73344}C:\\program files\\codemasters\\dirt demo\\dirtdemo.exe"= TCP:C:\program files\codemasters\dirt demo\dirtdemo.exeiRT Demo Executable
"TCP Query User{A9BE1CFF-F1B7-4F76-B682-2A445C9E9258}C:\\users\\spicka\\desktop\\tdu\\testdriveunlimited.exe"= Disabled:UDP:C:\users\spicka\desktop\tdu\testdriveunlimited.exe:testdriveunlimited.exe
"UDP Query User{0A6995E1-0212-45EA-907A-17ADEEC6B13F}C:\\users\\spicka\\desktop\\tdu\\testdriveunlimited.exe"= Disabled:TCP:C:\users\spicka\desktop\tdu\testdriveunlimited.exe:testdriveunlimited.exe
"TCP Query User{B33E8ACD-5CD5-4F42-B451-FDDFFDD8FDF9}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus
"UDP Query User{EBF08DA9-D1D6-4138-A69A-72C2157CAA20}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus
"TCP Query User{9203A471-ABBE-4104-9F8C-D9BE0A1B01C5}C:\\users\\spicka\\desktop\\lfs y\\lfs.exe"= Disabled:UDP:C:\users\spicka\desktop\lfs y\lfs.exe:lfs.exe
"UDP Query User{DE396891-084B-472C-A397-B4E56EE2F2E3}C:\\users\\spicka\\desktop\\lfs y\\lfs.exe"= Disabled:TCP:C:\users\spicka\desktop\lfs y\lfs.exe:lfs.exe
"TCP Query User{F2469FED-3642-4458-8178-D94F49C877BA}C:\\program files\\tdu\\testdriveunlimited.exe"= UDP:C:\program files\tdu\testdriveunlimited.exe:Test Drive Unlimited
"UDP Query User{6625616D-3B40-4E99-B698-E0751E223EE4}C:\\program files\\tdu\\testdriveunlimited.exe"= TCP:C:\program files\tdu\testdriveunlimited.exe:Test Drive Unlimited
"{048FD200-9CBE-4A36-BE5E-7426340A1D2F}"= UDP:C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe:Autodesk 3ds Max 9 32-bit
"{E1F69BD7-1482-41DE-AD91-1179FC6990B5}"= TCP:C:\Program Files\Autodesk\3ds Max 9\3dsmax.exe:Autodesk 3ds Max 9 32-bit
"{494565C2-5F52-45A6-90A8-095FD4A63599}"= UDP:C:\Program Files\Autodesk\Backburner\monitor.exe:backburner 2.3 monitor
"{994A1238-93F2-431A-83C9-5ED84A698E61}"= TCP:C:\Program Files\Autodesk\Backburner\monitor.exe:backburner 2.3 monitor
"{70A4146C-EA04-424D-BC9F-F244340A84C4}"= UDP:C:\Program Files\Autodesk\Backburner\manager.exe:backburner 2.3 manager
"{CBB29435-5EFF-4DB5-B5E7-741EFDEA9B03}"= TCP:C:\Program Files\Autodesk\Backburner\manager.exe:backburner 2.3 manager
"{D339B933-E9B5-47C0-824E-0C1E6BAD4443}"= UDP:C:\Program Files\Autodesk\Backburner\server.exe:backburner 2.3 server
"{D14E369D-75AB-4C74-8E38-A7B9FB640834}"= TCP:C:\Program Files\Autodesk\Backburner\server.exe:backburner 2.3 server
"{8E9928A1-8ED4-4709-BCBC-81829AF40E00}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{062CFA3E-0BC1-4BC9-AE0C-7F116723500D}C:\\program files\\rainbow six vegas\\binaries\\r6vegas_game.exe"= Disabled:UDP:C:\program files\rainbow six vegas\binaries\r6vegas_game.exe:R6Vegas_Game
"UDP Query User{EDBF6F3C-E5D9-476E-87C2-4F598CB26BC3}C:\\program files\\rainbow six vegas\\binaries\\r6vegas_game.exe"= Disabled:TCP:C:\program files\rainbow six vegas\binaries\r6vegas_game.exe:R6Vegas_Game
"{60C9E504-7624-42F1-8CFB-6BBAC056C0B7}"= Disabled:UDP:C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidConverterPDF.exe:SolidConverterPDF
"{0A447AD9-39F1-42A6-80F2-A98B0DAA6F2A}"= Disabled:TCP:C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidConverterPDF.exe:SolidConverterPDF
"{FC05D4C0-5E54-4077-A757-D84B0A301D6D}"= UDP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:Tom Clancy's Rainbow Six Vegas 2
"{079874E4-CB42-457D-BB28-4D774D5CA7F4}"= TCP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe:Tom Clancy's Rainbow Six Vegas 2
"{E7BD56B4-DC6A-407D-A90E-CDA13090D107}"= UDP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:Tom Clancy's Rainbow Six Vegas 2 Update
"{E00A0851-E50A-48F0-BC5E-ABEE035E2E38}"= TCP:C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe:Tom Clancy's Rainbow Six Vegas 2 Update
"{B8CC3115-4307-432F-A84D-7198E6BAE199}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{9B6C3B21-E205-4742-9B77-572CE354341C}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{A2F975E4-1C3D-4887-9F36-F617411B6C8E}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{28151418-97DB-4540-9964-AB31CA061462}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent
"{2A7312A1-3BCB-442A-A7CA-D7EFB0B3D5C2}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{5278428F-60D2-4400-8509-735DFBBCBE36}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe:Crysis_32
"{1DD08392-C94D-419B-9173-77F7449C8D93}"= UDP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{8563DF07-539D-42BF-B480-08BCA7A5D829}"= TCP:C:\Program Files\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:CrysisDedicatedServer_32
"{D79977BD-7BE7-4093-A9F0-F486AEA48141}"= UDP:C:\Windows\System32\PnkBstrA.exenkBstrA
"{0C584D01-2830-46D9-B29F-A996E9E4107E}"= TCP:C:\Windows\System32\PnkBstrA.exenkBstrA
"{424D2CC8-9F63-4D82-9AA6-221C1BF379E1}"= UDP:C:\Windows\System32\PnkBstrB.exenkBstrB
"{F7C6254C-C6AF-49A8-949D-89E6D2946F67}"= TCP:C:\Windows\System32\PnkBstrB.exenkBstrB
"TCP Query User{20A5AFCE-4B4C-4A7B-8A87-E27D1FAEC377}C:\\program files\\gamespy\\comrade\\comrade.exe"= UDP:C:\program files\gamespy\comrade\comrade.exe:Comrade
"UDP Query User{7671FA25-2635-4EDB-B5EB-EE0E5011936D}C:\\program files\\gamespy\\comrade\\comrade.exe"= TCP:C:\program files\gamespy\comrade\comrade.exe:Comrade
"{1C134B82-266B-4413-8DC7-961E0E2BCB23}"= UDP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"{57564181-8348-421D-8DFA-E1A433097D45}"= TCP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe:Assassin's Creed Update
"TCP Query User{706CE38E-4671-40A3-B39C-569D20C4FCEC}C:\\users\\spicka\\desktop\\ratiomaster-1.7.5\\ratiomaster.exe"= UDP:C:\users\spicka\desktop\ratiomaster-1.7.5\ratiomaster.exe:ratiomaster.exe
"UDP Query User{FA096EAC-C19D-4F0C-AF0F-71CD27D01BC6}C:\\users\\spicka\\desktop\\ratiomaster-1.7.5\\ratiomaster.exe"= TCP:C:\users\spicka\desktop\ratiomaster-1.7.5\ratiomaster.exe:ratiomaster.exe
"TCP Query User{CD8F028D-0444-42D3-A09A-8F587951D2C8}C:\\program files\\bitcomet\\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"UDP Query User{49C5CF3E-D6B1-4D1C-9D32-A1735EDD5FC9}C:\\program files\\bitcomet\\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client
"{2D407F78-CDA7-4D7E-96E1-7A39A1B15A56}"= Disabled:UDP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{2CF1E04F-0A84-4E30-A3C8-DFCAB9910E15}"= Disabled:TCP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe:Assassin's Creed Dx10
"{51F88D5E-2A04-4BDC-A9B0-91794341DD8F}"= Disabled:UDP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{714EFAEB-AA6C-4F42-8315-6FCCB2EC9FEF}"= Disabled:TCP:C:\Program Files\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe:Assassin's Creed Dx9
"{3523CE4E-F9AE-4DBB-8EED-5C7B6173592C}"= Disabled:UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{82F5929C-19D1-4AE7-95F5-44ECBFE88C29}"= Disabled:TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{5A48498A-8C49-426E-A619-1A9B10313F50}"= Disabled:UDP:C:\Program Files\THQ\Juiced2_HIN\Juiced2_HIN.exe:Juiced2_HIN
"{E0984E15-EFF3-496B-B728-260C7200BEED}"= Disabled:TCP:C:\Program Files\THQ\Juiced2_HIN\Juiced2_HIN.exe:Juiced2_HIN
"{3E312BCE-4479-41C6-AC46-6D36281FFD48}"= UDP:C:\Program Files\Codemasters\GRID Demo\GRID.exe:GRID Demo
"{4446BA8E-3F48-4392-8E7F-934C13541B21}"= TCP:C:\Program Files\Codemasters\GRID Demo\GRID.exe:GRID Demo
"{E9D94860-E999-42BA-A1A8-E8FAF83407D9}"= C:\Program Files\MySpace\IM\MySpaceIM.exe:MySpaceIM

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"= C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
"C:\\Program Files\\BitTorrent\\bittorrent.exe"= C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 14:31]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 14:35]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-03-29 14:32]
R2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2008-01-19 03:33]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2007-08-07 07:26]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-02-15 18:49]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

*Newly Created Service* - MI-RAYSAT_3DSMAX9_32
*Newly Created Service* - PROTEXISLICENSING
*Newly Created Service* - WMPNETWORKSVC
.
Contents of the 'Scheduled Tasks' folder
"2008-05-26 00:57:20 C:\Windows\Tasks\User_Feed_Synchronization-{BBF9C965-CADA-4F96-ADB5-83AC81BE0009}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-25 22:04:46
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-05-25 22:05:52
ComboFix-quarantined-files.txt 2008-05-26 02:05:49

Pre-Run: 160,031,547,392 bytes free
Post-Run: 160,002,166,784 bytes free

416 --- E O F --- 2008-05-21 19:43:31

 

[G25r8cer]

It seems that somehow avast got infected! So I uninstalled avast and then re-installed and my pc now seems to work fine. If someone sees anything suspicous still in my combofix please let me know.

 

[GameMaster]

You/some1 has been editing in registry. I see some things disabled, but it seems that you're running on an administrator account?
I couldn't find anything in the log, We can wait for ceewi1 to see if he has any good idea but before that...
Have you defragmented your disk lately? How many processes do you have running?

 

[G25r8cer]

Yeah I have been editing registry a little but nothing major. I did block some programs and games from getting access to the internet as I dont really update them anyway and dont play online. I defragged both of my drives when I got my 750gb and transfered everything to it. That was about 3-4weeks ago. Right now I have 43 processes running. After a re-install of avast it seemed that avast was still using way too much cpu and memory so I un-installed again and got nod32 instead. Nod32 runs in the background way better than avast and I barely even know its running. I am on an admin account as this is my own pc and there is only one other account which is the guest account. I'll let some other people look through the log also but, my thought was that the newer avast was just too much for my pc to handle and bogged it down way too much.

 

[GameMaster]

So you're saying that the computer is running better after removing Avast! ? I had problems with Avast! too, that's why I got AVG, but it sucked and that's the reason why I bought Kaspersky antivirus. Which was buggy and expensive to update and that's exactly why I now have Nod32. Oh I had many AV-s before lol. Oh damn here I go again, offtopic.

Please tell me if you find anything suspicious about your computer's performance, I would not tolerate failure in helping

 

[G25r8cer]

I am fairly sure it was just avast being a hog. I dont see anything suspicous now but im running a S&D Scan for Problems. I did a Reg fix with Tuneup Utilities 2008 too last night. I also run CCleaner atleast once a day. I will post back if I see anything suspicous later. Is there any other app that is good to run to check for errors/infections?

 

[GameMaster]

Ad-aware. It deletes even tracking cookies paranoid, yet so useful program.
http://lavasoft.com/single/trialpay.php

 

[G25r8cer]

I try to leave cookies there in Firefox b/c I have Firefox remember my passwords. I know it seems risky but it saves alot of time. Anyways, thanks Ill check it out anyway. I think I have used it before but never really to the fullest.

Edit: Spybot S&D didnt find any errors which is good news. I am going to leave it installed now. Does it pick up bad running processes well? What else does it pick up if I just leave it running in the background?

 

[GameMaster]

Don't worry; in the end you choose what to delete of what Ad-aware finds. You check the boxes and it does the job. Anyway...good luck.

 

[G25r8cer]

Srry I edited my post and you prob missed it

 

[GameMaster]

Well yeah it scans your running processes, but I'm not sure if it will puck up like every keylogger... but spywares and adwares all go away That's enough.

If you're unsure about any process in your Task Manager, google it or ask here.

 

[G25r8cer]

I was just wondering about in general. I believe my processes are all legit. Just wondering, what is the normal memory usage for SearchIndexer.exe on Vista?

 

[GameMaster]

Up to 7000 KB, but when you end it, in that short amount of time it can reach 50 or even 60 MB. That sucks, I'd kill the process and if it's in your starup, remove it from there.

 

[G25r8cer]

Its not in my startup so im good there. Its running at about 9,000-10,000kb so thats not enough to worry about, is it?

 

[G25r8cer]

I just cancelled it and it came back and went up to 80,000kb for a little bit and then dropped back down.

 

[GameMaster]

Yes lol it's taking even more. Just let it running, it won't be much of a problem.

 

[G25r8cer]

Ok I didnt think so but, just wanted to make sure.