well the problem seem to went away after I used combofix,tyvm for helping this noob once again.I'll try not to get infected again
here is my combofix log
ComboFix 09-10-08.04 - User 10/09/2009 10:35.4.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3327.2717 [GMT -4:00]
Running from: c:\documents and settings\User\Desktop\Cmbofixer.exe
AV: Symantec AntiVirus Corporate Edition *On-access scanning disabled* (Updated) {FB06448E-52B8-493A-90F3-E43226D3305C}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\iniasd.txt
.
((((((((((((((((((((((((( Files Created from 2009-09-09 to 2009-10-09 )))))))))))))))))))))))))))))))
.
2009-10-08 20:37 . 2009-10-08 20:46 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-10-08 01:34 . 2009-10-08 01:34 195584 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\Deployment\cache\6.0\5\27706285-2ffd13f7-n\WMINative.dll
2009-10-07 22:04 . 2009-10-07 22:04 -------- d-----w- c:\program files\uTorrent
2009-10-04 17:32 . 2009-10-04 17:33 -------- d-----w- c:\program files\Microsoft
2009-09-29 02:41 . 2009-09-29 02:41 -------- d-----w- c:\program files\NVIDIA Corporation
2009-09-29 02:41 . 2009-09-29 02:41 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2009-09-29 02:41 . 2009-09-29 02:41 -------- d-----w- C:\NVIDIA
2009-09-29 02:25 . 2009-09-29 02:25 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles
2009-09-20 04:56 . 2009-09-20 04:56 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2009-09-19 16:04 . 2009-09-10 18:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-09-19 16:04 . 2009-09-19 16:06 -------- d-----w- c:\program files\jacklao folder
2009-09-19 16:04 . 2009-09-10 18:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-09-19 14:53 . 2009-09-19 14:53 -------- d-----w- c:\documents and settings\User\Application Data\Windows Search
2009-09-19 03:36 . 2009-09-19 03:36 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes
2009-09-19 02:39 . 2009-09-19 02:40 -------- d-----w- c:\program files\Mba
2009-09-19 01:26 . 2009-09-19 01:26 -------- d-----w- c:\windows\ERUNT
2009-09-19 01:01 . 2006-06-19 17:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
2009-09-19 01:01 . 2006-05-25 19:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
2009-09-19 01:01 . 2005-08-26 05:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll
2009-09-19 01:01 . 2003-02-03 00:06 153088 ----a-w- c:\windows\system32\unrar3.dll
2009-09-19 01:01 . 2002-03-06 05:00 75264 ----a-w- c:\windows\system32\unacev2.dll
2009-09-19 01:01 . 2009-10-08 22:02 -------- d-----w- c:\documents and settings\User\Application Data\Simply Super Software
2009-09-19 01:01 . 2009-09-19 01:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Simply Super Software
2009-09-19 00:21 . 2009-09-19 15:00 -------- d--h--w- c:\windows\PIF
2009-09-19 00:02 . 2009-09-19 00:02 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2009-09-19 00:02 . 2009-10-08 21:42 -------- d-----w- c:\program files\SUPERAntiSpyware
2009-09-16 22:03 . 2009-09-16 22:03 -------- d-----w- c:\program files\iPhone Configuration Utility
2009-09-16 22:01 . 2009-09-16 22:01 -------- d-----w- c:\program files\iPod
2009-09-16 22:01 . 2009-09-16 22:01 -------- d-----w- c:\program files\iTunes
2009-09-16 22:01 . 2009-09-16 22:01 -------- d-----w- c:\documents and settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2009-09-16 22:00 . 2009-09-16 22:00 -------- d-----w- c:\program files\QuickTime
2009-09-09 18:48 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-09 14:31 . 2007-05-14 18:51 -------- d-----w- c:\program files\Symantec AntiVirus
2009-10-08 23:25 . 2009-08-01 04:13 -------- d-----w- c:\program files\Steam
2009-10-08 21:44 . 2009-10-08 21:44 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit
2009-10-08 21:44 . 2009-10-08 21:44 -------- d-----w- c:\program files\IObit
2009-10-08 21:42 . 2009-07-30 03:56 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2009-10-07 23:57 . 2009-07-29 07:34 -------- d-----w- c:\documents and settings\User\Application Data\uTorrent
2009-10-07 21:50 . 2008-03-20 17:05 -------- d-----w- c:\program files\Google
2009-10-04 17:33 . 2009-07-29 07:19 -------- d-----w- c:\program files\Windows Live
2009-09-29 02:42 . 2009-07-30 03:56 -------- d-----w- c:\program files\AGEIA Technologies
2009-09-25 20:25 . 2009-07-29 07:59 -------- d-----w- c:\program files\World of Warcraft
2009-09-17 21:27 . 2008-10-10 18:55 -------- d-----w- c:\documents and settings\User\Application Data\Apple Computer
2009-09-16 22:01 . 2008-10-10 19:37 -------- d-----w- c:\program files\Common Files\Apple
2009-09-09 18:57 . 2008-03-20 16:44 -------- d-----w- c:\program files\Microsoft Silverlight
2009-09-09 18:51 . 2009-07-30 06:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-09-08 15:57 . 2009-09-08 15:56 -------- d-----w- c:\documents and settings\User\Application Data\vlc
2009-09-08 15:55 . 2009-09-08 15:55 -------- d-----w- c:\program files\VideoLAN
2009-09-08 15:47 . 2009-09-08 15:47 -------- d-----w- c:\documents and settings\User\Application Data\CyberLink
2009-09-07 20:16 . 2008-10-10 19:44 -------- d-----w- c:\program files\Final Codecs
2009-08-29 01:43 . 2009-08-29 01:43 -------- d-----w- c:\documents and settings\User\Application Data\Octoshape
2009-08-28 23:42 . 2008-10-10 19:37 40448 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-08-28 23:42 . 2008-10-10 19:37 2065696 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-08-24 00:34 . 2009-08-22 07:27 -------- d-----w- c:\documents and settings\User\Application Data\The Creative Assembly
2009-08-19 22:19 . 2009-08-19 22:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard Entertainment
2009-08-17 15:17 . 2009-08-17 15:17 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes
2009-08-17 15:17 . 2009-08-17 15:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-08-17 15:02 . 2009-08-17 15:02 -------- d-----w- c:\program files\Trend Micro
2009-08-17 12:23 . 2009-08-17 12:22 76192 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-17 07:04 . 2009-08-17 07:04 2173472 ----a-w- c:\windows\system32\nvcplui.exe
2009-08-17 07:04 . 2009-08-17 07:04 81920 ----a-w- c:\windows\system32\nvwddi.dll
2009-08-17 07:03 . 2009-08-17 07:03 3170304 ----a-w- c:\windows\system32\nvwss.dll
2009-08-17 07:03 . 2009-08-17 07:03 4026368 ----a-w- c:\windows\system32\nvvitvs.dll
2009-08-17 07:03 . 2009-08-17 07:03 188416 ----a-w- c:\windows\system32\nvmccss.dll
2009-08-17 07:03 . 2009-08-17 07:03 1286144 ----a-w- c:\windows\system32\nvmobls.dll
2009-08-17 07:03 . 2009-08-17 07:03 3547136 ----a-w- c:\windows\system32\nvgames.dll
2009-08-17 07:03 . 2009-08-17 07:03 4923392 ----a-w- c:\windows\system32\nvdisps.dll
2009-08-17 07:03 . 2009-08-17 07:03 86016 ----a-w- c:\windows\system32\nvmctray.dll
2009-08-17 07:03 . 2009-08-17 07:03 168004 ----a-w- c:\windows\system32\nvsvc32.exe
2009-08-17 07:03 . 2009-08-17 07:03 143360 ----a-w- c:\windows\system32\nvcolor.exe
2009-08-17 07:03 . 2009-08-17 07:03 13877248 ----a-w- c:\windows\system32\nvcpl.dll
2009-08-17 07:02 . 2009-08-17 07:02 229376 ----a-w- c:\windows\system32\nvmccs.dll
2009-08-17 06:00 . 2008-10-10 18:55 76192 ----a-w- c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-17 04:57 . 2009-08-17 04:57 2189856 ----a-w- c:\windows\system32\nvcuvid.dll
2009-08-17 04:57 . 2009-08-17 04:57 1706528 ----a-w- c:\windows\system32\nvcuvenc.dll
2009-08-17 04:57 . 2009-08-17 04:57 1597690 ----a-w- c:\windows\system32\nvdata.bin
2009-08-17 04:57 . 2009-07-30 03:56 485920 ----a-w- c:\windows\system32\nvudisp.exe
2009-08-17 04:57 . 2008-10-10 19:11 7729568 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2009-08-17 04:57 . 2008-10-10 19:11 5845760 ----a-w- c:\windows\system32\nv4_disp.dll
2009-08-17 04:57 . 2008-10-07 17:33 868352 ----a-w- c:\windows\system32\nvapi.dll
2009-08-17 04:57 . 2008-10-07 17:33 2002944 ----a-w- c:\windows\system32\nvcuda.dll
2009-08-17 04:57 . 2008-10-07 17:33 155648 ----a-w- c:\windows\system32\nvcodins.dll
2009-08-17 04:57 . 2008-10-07 17:33 155648 ----a-w- c:\windows\system32\nvcod.dll
2009-08-17 04:57 . 2008-10-07 17:33 10457088 ----a-w- c:\windows\system32\nvoglnt.dll
2009-08-17 01:56 . 2009-07-29 07:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-08-17 01:54 . 2009-07-29 07:04 -------- d-----w- c:\program files\Yahoo!
2009-08-14 17:36 . 2009-08-14 17:36 70936 ----a-w- c:\windows\system32\PhysXLoader.dll
2009-08-11 16:35 . 2009-07-30 03:56 485920 ----a-w- c:\windows\system32\NVUNINST.EXE
2009-08-07 01:43 . 2009-08-07 01:43 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-07 01:43 . 2009-08-07 01:43 152576 ----a-w- c:\documents and settings\User\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
2009-08-05 09:01 . 2004-08-03 23:56 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-08-03 04:21 . 2009-08-03 04:21 58648 ----a-w- c:\windows\system32\AgCPanelTraditionalChinese.dll
2009-08-03 04:21 . 2009-08-03 04:21 58648 ----a-w- c:\windows\system32\AgCPanelSwedish.dll
2009-08-03 04:21 . 2009-08-03 04:21 58648 ----a-w- c:\windows\system32\AgCPanelSpanish.dll
2009-08-03 04:21 . 2009-08-03 04:21 58648 ----a-w- c:\windows\system32\AgCPanelSimplifiedChinese.dll
2009-08-03 04:21 . 2009-08-03 04:21 58648 ----a-w- c:\windows\system32\AgCPanelPortugese.dll
2009-08-03 04:21 . 2009-08-03 04:21 58648 ----a-w- c:\windows\system32\AgCPanelKorean.dll
2009-08-03 04:21 . 2009-08-03 04:21 58648 ----a-w- c:\windows\system32\AgCPanelJapanese.dll
2009-08-03 04:21 . 2009-08-03 04:21 288024 ----a-w- c:\windows\system32\PhysXCplUI.exe
2009-08-03 04:21 . 2009-08-03 04:21 288024 ----a-w- c:\windows\system32\PhysXCompatCplUI.exe
2009-08-03 04:21 . 2009-08-03 04:21 23320 ----a-w- c:\windows\system32\PhysXDevice.dll
2009-08-03 04:21 . 2009-08-03 04:21 58648 ----a-w- c:\windows\system32\AgCPanelGerman.dll
2009-08-03 04:21 . 2009-08-03 04:21 58648 ----a-w- c:\windows\system32\AgCPanelFrench.dll
2009-07-29 07:34 . 2009-07-29 07:34 0 ----a-w- c:\windows\nsreg.dat
2009-07-26 20:44 . 2009-07-26 20:44 48448 ----a-w- c:\windows\system32\sirenacm.dll
2009-07-17 19:01 . 2004-08-03 23:56 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-14 03:43 . 2007-03-21 21:39 286208 ----a-w- c:\windows\system32\wmpdxm.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2007-03-21 208952]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-07-19 52896]
"RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2007-02-07 71216]
"LanguageShortcut"="c:\program files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 54832]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-07 149280]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2006-01-12 155648]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-09-05 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-09 305440]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-08-17 13877248]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-08-17 86016]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2006-09-28 125168]
"IObit Security 360"="c:\program files\IObit\IObit Security 360\IS360tray.exe" [2009-09-29 1241872]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-11-17 17676288]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-10-07 1630208]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]
"IE7-11"="advpack.dll" - c:\windows\system32\advpack.dll [2009-03-08 128512]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.0.9.9551-to-3.1.0.9767-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\Ventrilo\\Ventrilo.exe"=
"c:\\Program Files\\Steam\\SteamApps\\tendyer\\counter-strike source\\hl2.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\bin\\AppleMobileDeviceService.exe"=
"c:\\Program Files\\Yahoo!\\SoftwareUpdate\\YahooAUService.exe"=
"c:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe"=
"c:\\WINDOWS\\system32\\searchindexer.exe"=
"c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"=
"c:\\Program Files\\Symantec AntiVirus\\VPTray.exe"=
"c:\\WINDOWS\\system32\\mmc.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-3.2.2.10482-to-3.2.2.10505-enUS-downloader.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Steam\\SteamApps\\common\\empire total war\\Empire.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724
"6112:TCP"= 6112:TCP:Blizzard Downloader
R2 IS360service;IS360service;c:\program files\IObit\IObit Security 360\is360srv.exe [10/8/2009 5:44 PM 309008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9/14/2009 12:49 AM 102448]
R3 L1e;Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1e51x86.sys [7/29/2009 11:48 PM 38400]
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [3/20/2008 7:14 AM 20160]
S3 SavRoam;SAVRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [9/27/2006 8:33 PM 116464]
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder
2009-10-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]
2009-10-09 c:\windows\Tasks\User_Feed_Synchronization-{066A772D-0CBC-4888-A2D7-F81D213996FC}.job
- c:\windows\system32\msfeedssync.exe [2007-05-14 08:31]
.
.
------- Supplementary Scan -------
.
mStart Page = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\ei3asatk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKLM-Run-Google Quick Search Box - c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe
SSODL-foyerimaw-{eae62e27-51ee-4c92-af88-344d6e9e1888} - (no file)
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.net
Rootkit scan 2009-10-09 10:37
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{95808DC4-FA4A-4c74-92FE-5B863F82066B}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2009-10-09 10:38
ComboFix-quarantined-files.txt 2009-10-09 14:38
ComboFix2.txt 2009-09-19 17:00
Pre-Run: 410,948,382,720 bytes free
Post-Run: 411,467,571,200 bytes free
251 --- E O F --- 2009-09-09 18:52