Spyware Guard 2008 Removal

I selected internal HDD, windows loaded up to the Login page, but the mouse and keyboard wont work for it.
Well, no it doesnt have warrenty

Darn.
I was hoping the mouse and keyboard would work.

Either way, phone up dell and ask how much it would be to buy an XP disc.

Oh, im still a student unemployed.

I tried using Last known Config that worked on F8. it seemed to work
now i logged in and the Find3M thing showed up

The keyboard and mouse work now?
The find3m thing? is that the CF report?

If so, please post it.
DO NOT RUN combofix anymore.

Yea it works got desperate and tried everything on F8 and F12

ComboFix 08-12-21.04 - Blazing Ice 2008-12-22 18:55:12.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.500 [GMT -6:00]
Running from: c:\documents and settings\Blazing Ice\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Blazing Ice\Desktop\CFscript.txt.txt
* Created a new restore point

FILE ::
c:\documents and settings\All Users\hash.dat
c:\documents and settings\huang\GoToAssist_phone__317_en.ex
c:\documents and settings\huang\remote.exe
C:\eybdluq.exe
C:\rjyywg.exe
c:\windows\system32\drivers\429507c3.sys
c:\windows\system32\nnxkgkrr.dll
c:\windows\system32\windrv.sys
c:\windows\Tasks\pbnawhoi.job
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\hash.dat
c:\documents and settings\huang\remote.exe
C:\eybdluq.exe
C:\rjyywg.exe
c:\windows\system32\drivers\429507c3.sys
c:\windows\system32\nnxkgkrr.dll
c:\windows\system32\windrv.sys
c:\windows\Tasks\pbnawhoi.job

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_COOKIECOW1
-------\Legacy_GEEBERS12
-------\Legacy_ICHEAT1
-------\Legacy_ILVMONEYDRIVER53
-------\Legacy_KASPERSKY1
-------\Legacy_MOOSEKOPMA
-------\Legacy_PHOENIX1
-------\Legacy_PUMA1
-------\Legacy_REVOLUTION1
-------\Legacy_SEJT1
-------\Legacy_SORA01
-------\Legacy_SPUCE1
-------\Legacy_TOBZM
-------\Legacy_TSHAK3T1
-------\Legacy_VIEWPOINT_MANAGER_SERVICE
-------\Legacy_XP1
-------\Legacy_ZENX1
-------\Service_429507c3
-------\Service_CookieCow1
-------\Service_geebers12
-------\Service_hamachi_oem
-------\Service_iCheat1
-------\Service_IlvMoneyDRIVER53
-------\Service_kaspersky1
-------\Service_kbdcap
-------\Service_MooseKOPMA
-------\Service_¥Õ¥Ø°ê¤¤¥Í1
-------\Service_phoenix1
-------\Service_puma1
-------\Service_Revolution1
-------\Service_sejt1
-------\Service_SoRa01
-------\Service_spuce1
-------\Service_toBzM
-------\Service_TSHAK3T1
-------\Service_Viewpoint Manager Service
-------\Service_xp1
-------\Service_zenx1


((((((((((((((((((((((((( Files Created from 2008-11-23 to 2008-12-23 )))))))))))))))))))))))))))))))
.

2008-12-22 14:45 . 2008-12-22 14:46 d-------- c:\program files\Paint.NET
2008-12-22 11:47 . 2008-12-22 11:47 d--hs---- c:\documents and settings\Blazing Ice\PrivacIE
2008-12-22 11:25 . 2008-12-22 11:27 d--h-c--- c:\windows\ie8
2008-12-22 11:05 . 2008-12-22 14:42 d--h----- C:\$AVG8.VAULT$
2008-12-22 02:15 . 2008-12-22 10:57 d-------- c:\windows\system32\drivers\Avg
2008-12-22 02:15 . 2008-12-22 02:15 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys
2008-12-22 02:15 . 2008-12-22 02:15 76,040 --a------ c:\windows\system32\drivers\avgtdix.sys
2008-12-22 02:15 . 2008-12-22 02:15 10,520 --a------ c:\windows\system32\avgrsstx.dll
2008-12-22 00:54 . 2008-12-22 00:54 d-------- c:\program files\FileASSASSIN
2008-12-22 00:42 . 2008-12-22 00:42 d-------- c:\program files\Malwarebytes' Anti-Malware
2008-12-22 00:42 . 2008-12-22 00:42 d-------- c:\documents and settings\Blazing Ice\Application Data\Malwarebytes
2008-12-22 00:42 . 2008-12-22 00:42 d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-22 00:42 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-22 00:42 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-21 23:02 . 2008-12-21 23:02 d-------- c:\program files\CCleaner
2008-12-20 19:08 . 2008-12-20 19:09 d-------- c:\program files\Common Files\Download Manager
2008-12-20 13:40 . 2008-12-20 13:41 d-------- c:\program files\Common Files\Scanner
2008-12-20 13:40 . 2008-12-20 13:40 d-------- c:\program files\Common Files\Authentium
2008-12-20 12:53 . 2008-12-22 02:14 d-------- c:\documents and settings\All Users\Application Data\Avg8
2008-12-20 11:20 . 2008-12-20 11:20 2 --a------ C:\-400035220
2008-12-20 11:13 . 2008-12-20 11:13 d-------- c:\program files\AVG
2008-12-20 00:29 . 2008-12-20 00:29 d-------- c:\program files\Tencent
2008-12-20 00:29 . 2008-12-20 00:29 d-------- c:\documents and settings\Blazing Ice\Application Data\Tencent
2008-12-20 00:29 . 2008-12-20 00:36 d-------- c:\documents and settings\Blazing Ice\Application Data\QQ Games
2008-12-15 14:07 . 2008-12-15 17:29 d-------- c:\program files\Misthalin-V1-Cache
2008-12-12 14:53 . 2008-12-12 14:53 d-------- c:\program files\Common Files\xing shared
2008-12-12 14:52 . 2008-12-12 14:52 d-------- c:\program files\Real
2008-12-08 17:50 . 2008-12-08 18:00 d-------- c:\program files\AllToAVI
2008-12-05 23:39 . 2008-12-05 23:40 d-------- c:\program files\iTunes
2008-12-05 23:39 . 2008-12-05 23:39 d-------- c:\program files\iPod
2008-12-05 23:39 . 2008-12-05 23:40 d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-05 23:34 . 2008-12-05 23:35 d-------- c:\program files\QuickTime
2008-12-04 14:41 . 2008-12-04 14:41 d-------- c:\program files\Veoh Networks
2008-11-27 12:56 . 2008-11-27 12:56 d-------- c:\documents and settings\Blazing Ice\Application Data\acccore
2008-11-27 12:54 . 2008-11-27 12:54 d-------- c:\program files\Common Files\Software Update Utility
2008-11-27 12:54 . 2008-11-27 15:47 d-------- c:\program files\AIM Toolbar
2008-11-27 12:53 . 2008-12-20 00:31 d-------- c:\program files\AIM6
2008-11-26 20:40 . 2008-11-26 20:40 d-------- c:\program files\Lavasoft
2008-11-26 20:40 . 2008-11-26 20:40 d-------- c:\documents and settings\All Users\Application Data\Lavasoft
2008-11-26 20:39 . 2008-11-26 20:39 d-------- c:\program files\Common Files\Wise Installation Wizard
2008-11-24 21:42 . 2008-04-13 13:39 14,592 --a------ c:\windows\system32\drivers\kbdhid.sys
2008-11-24 21:42 . 2008-04-13 13:39 14,592 --a------ c:\windows\system32\dllcache\kbdhid.sys
2008-11-24 21:42 . 2001-08-17 13:48 12,160 --a------ c:\windows\system32\drivers\mouhid.sys
2008-11-24 21:42 . 2001-08-17 13:48 12,160 --a------ c:\windows\system32\dllcache\mouhid.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-22 06:46 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-22 06:46 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-22 04:57 --------- d-----w c:\program files\Internet Download Manager
2008-12-22 04:57 --------- d-----w c:\documents and settings\Blazing Ice\Application Data\uTorrent
2008-12-22 04:57 --------- d-----w c:\documents and settings\Blazing Ice\Application Data\DMCache
2008-12-20 19:40 --------- d-----w c:\program files\verizon
2008-12-20 19:38 --------- d-----w c:\documents and settings\All Users\Application Data\Verizon
2008-12-20 16:50 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-12-20 16:48 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2008-12-19 00:22 31 ----a-w c:\documents and settings\Blazing Ice\jagex_runescape_preferences.dat
2008-12-12 20:53 --------- d-----w c:\program files\Common Files\Real
2008-12-06 05:39 --------- d-----w c:\program files\Common Files\Apple
2008-12-06 05:27 --------- d-----w c:\documents and settings\Blazing Ice\Application Data\Twain
2008-12-04 20:40 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-03 13:22 --------- d-----w c:\program files\Java
2008-11-27 18:54 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2008-11-27 18:53 --------- d-----w c:\program files\Common Files\AOL
2008-11-27 02:33 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-23 00:36 --------- d-----w c:\program files\Google
2008-11-18 20:52 --------- d-----w c:\documents and settings\Blazing Ice\Application Data\Hamachi
2008-11-06 20:57 --------- d-----w c:\program files\Sun
2008-11-05 00:53 --------- d-----w c:\program files\Combined Community Codec Pack
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 05:05 --------- d-----w c:\documents and settings\Blazing Ice\Application Data\mIRC
2007-04-26 23:40 439,296 -c--a-w c:\documents and settings\huang\GoToAssist_phone__317_en.exe
2006-09-20 23:15 88 --sh--r c:\windows\system32\7CDFB2AAB5.sys
2008-07-16 20:59 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008071620080717\index.dat
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

---- Directory of C:\Ntreev ----

2008-12-15 15:34 72 --a------ c:\ntreev\Grand Chase\NewOption.dat
2008-12-15 15:34 46703 --a------ c:\ntreev\Grand Chase\GameGuard\npsc.erl
2008-12-15 15:34 23582 --a------ c:\ntreev\Grand Chase\GameGuard\npgl.erl
2008-12-15 15:34 11 --a------ c:\ntreev\Grand Chase\KeySetting.dat
2008-12-15 15:34 106801 --a------ c:\ntreev\Grand Chase\GameGuard\npgm.erl
2008-12-15 15:29 548 --a------ c:\ntreev\Grand Chase\log.htm
2008-12-15 15:29 20463 --a------ c:\ntreev\Grand Chase\GameGuard\npgg.erl
2008-12-15 15:28 9383394 --a------ c:\ntreev\Grand Chase\Motion\Motion_Monster0.kom
2008-12-15 15:28 8074823 --a------ c:\ntreev\Grand Chase\Texture\Map27.kom
2008-12-15 15:28 7923929 --a------ c:\ntreev\Grand Chase\Motion\Motion_Monster1.kom
2008-12-15 15:28 7492233 --a------ c:\ntreev\Grand Chase\Motion\Motion_Monster3.kom
2008-12-15 15:28 7432869 --a------ c:\ntreev\Grand Chase\Texture\SetItem1.kom
2008-12-15 15:28 6642051 --a------ c:\ntreev\Grand Chase\Motion\motion_monster4.kom
2008-12-15 15:28 6310881 --a------ c:\ntreev\Grand Chase\Texture\Map33.kom
2008-12-15 15:28 6066721 --a------ c:\ntreev\Grand Chase\Texture\Map34.kom
2008-12-15 15:28 5819801 --a------ c:\ntreev\Grand Chase\Motion\Motion_Char0.kom
2008-12-15 15:28 5653958 --a------ c:\ntreev\Grand Chase\Texture\Sbta14.kom
2008-12-15 15:28 5306215 --a------ c:\ntreev\Grand Chase\Texture\particle\particle2.kom
2008-12-15 15:28 4599209 --a------ c:\ntreev\Grand Chase\Texture\map36.kom
2008-12-15 15:28 415703 --a------ c:\ntreev\Grand Chase\Motion\Motion_Pet_Egg.kom
2008-12-15 15:28 262370 --a------ c:\ntreev\Grand Chase\Texture\emoticon0.kom
2008-12-15 15:28 25 --a------ c:\ntreev\Grand Chase\GameGuard\GameGuard.ver
2008-12-15 15:28 24139 --a------ c:\ntreev\Grand Chase\GameGuard\npgmup.erl
2008-12-15 15:28 1908 --a------ c:\ntreev\Grand Chase\Texture\fortool.kom
2008-12-15 15:27 19742 --a------ c:\ntreev\Grand Chase\Ver.xml
2008-12-10 15:46 1308038 --a------ c:\ntreev\Grand Chase\Texture\ui_news.kom
2008-12-10 15:45 8829033 --a------ c:\ntreev\Grand Chase\Texture\ui2.kom
2008-12-10 15:44 666278 --a------ c:\ntreev\Grand Chase\Texture\sbta19.kom
2008-12-10 15:44 2937933 --a------ c:\ntreev\Grand Chase\Texture\sbta20.kom
2008-12-10 15:44 2599485 --a------ c:\ntreev\Grand Chase\Texture\sbta21.kom
2008-12-10 15:44 1496936 --a------ c:\ntreev\Grand Chase\Texture\tex_abta5.kom
2008-12-10 15:43 4307822 --a------ c:\ntreev\Grand Chase\Texture\Sbta1.kom
2008-12-10 15:43 1048704 --a------ c:\ntreev\Grand Chase\Texture\load2_usa.dds
2008-12-10 15:42 185222 --a------ c:\ntreev\Grand Chase\Stage\str_mission_us.stg
2008-12-10 15:42 1048704 --a------ c:\ntreev\Grand Chase\Texture\load1_usa.dds
2008-12-10 15:41 836854 --a------ c:\ntreev\Grand Chase\Stage\Script.kom
2008-12-10 15:41 4370092 --a------ c:\ntreev\Grand Chase\Sound\Sound_Korea2.kom
2008-12-10 15:41 336314 --a------ c:\ntreev\Grand Chase\Stage\str_en.stg
2008-12-10 15:39 4148205 --a------ c:\ntreev\Grand Chase\Model\model_abta8.kom
2008-12-10 15:39 3450368 --a------ c:\ntreev\Grand Chase\main.exe
2008-12-05 18:58 479339 --a------ c:\ntreev\Grand Chase\PairPlay.DAT
2008-12-04 22:31 1929648 --a------ c:\ntreev\Grand Chase\Texture\ui3.kom
2008-12-04 22:30 1532983 --a------ c:\ntreev\Grand Chase\Texture\Tex_Monster.kom
2008-12-04 22:30 11229933 --a------ c:\ntreev\Grand Chase\Texture\SetItem2.kom
2008-12-04 22:29 413207 --a------ c:\ntreev\Grand Chase\Stage\ui\ui.kom
2008-12-04 22:28 3315481 --a------ c:\ntreev\Grand Chase\Model\Model_Monster.kom
2008-11-30 11:53 14848 --ahs---- c:\ntreev\Grand Chase\ScreenShot\Thumbs.db
2008-11-26 16:53 5799751 --a------ c:\ntreev\Grand Chase\Texture\Sbta4.kom
2008-11-26 16:53 2533461 --a------ c:\ntreev\Grand Chase\Texture\particle\particle3.kom
2008-11-26 16:53 1293430 --a------ c:\ntreev\Grand Chase\Stage\gcnewmapparticlescript.stg
2008-11-26 16:51 1675264 --------- c:\ntreev\Grand Chase\grandchase.exe
2008-11-23 10:15 2739202 --a------ c:\ntreev\Grand Chase\GameGuard\GameMon.des
2008-11-22 18:43 8105960 --a------ c:\ntreev\Grand Chase\Texture\ui_seasson2.kom
2008-11-22 18:42 8411771 --a------ c:\ntreev\Grand Chase\Texture\Texture00.kom
2008-11-22 18:41 398615 --a------ c:\ntreev\Grand Chase\Texture\Tex_Pet.kom
2008-11-22 18:41 2920742 --a------ c:\ntreev\Grand Chase\Texture\Tex_Dungeon_Monster.kom
2008-11-22 18:41 12562807 --a------ c:\ntreev\Grand Chase\Texture\Tex_Dungeon_Loading.kom
2008-11-22 18:40 6336566 --a------ c:\ntreev\Grand Chase\Texture\square0.kom
2008-11-22 18:40 3561048 --a------ c:\ntreev\Grand Chase\Texture\Tex_Abta4.kom
2008-11-22 18:40 2377993 --a------ c:\ntreev\Grand Chase\Texture\square1.kom
2008-11-22 18:40 2258914 --a------ c:\ntreev\Grand Chase\Texture\Tex_Dungeon_InfoImage.kom
2008-11-22 18:40 2206107 --a------ c:\ntreev\Grand Chase\Texture\Special2.kom
2008-11-22 18:40 1025212 --a------ c:\ntreev\Grand Chase\Texture\SkillImage.kom
2008-11-22 18:36 5618486 --a------ c:\ntreev\Grand Chase\Texture\Map2.kom
2008-11-22 18:36 2234104 --a------ c:\ntreev\Grand Chase\Texture\sbta16.kom
2008-11-22 18:35 80149 --a------ c:\ntreev\Grand Chase\Texture\anim\UIAnim0.kom
2008-11-22 18:35 685478 --a------ c:\ntreev\Grand Chase\Texture\anim\PetAnim0.kom
2008-11-22 18:35 5336907 --a------ c:\ntreev\Grand Chase\Texture\Fight0.kom
2008-11-22 18:35 3582517 --a------ c:\ntreev\Grand Chase\Texture\Fight2.kom
2008-11-22 18:35 3223481 --a------ c:\ntreev\Grand Chase\Texture\anim\ItemAnim2.kom
2008-11-22 18:35 2315680 --a------ c:\ntreev\Grand Chase\Texture\Fight3.kom
2008-11-22 18:33 44353 --a------ c:\ntreev\Grand Chase\Stage\PlayerTemplate.kom
2008-11-22 18:32 9346 --a------ c:\ntreev\Grand Chase\Stage\aipet.kom
2008-11-22 18:32 933778 --a------ c:\ntreev\Grand Chase\Stage\fan_map\fan_map.kom
2008-11-22 18:32 6093487 --a------ c:\ntreev\Grand Chase\Sound\Sound_Korea3.kom
2008-11-22 18:32 318236 --a------ c:\ntreev\Grand Chase\Stage\AI\ai.kom
2008-11-22 18:32 1145803 --a------ c:\ntreev\Grand Chase\Sound\Sound_Pet.kom
2008-11-22 18:31 4372953 --a------ c:\ntreev\Grand Chase\Sound\sound3.kom
2008-11-22 18:31 16107173 --a------ c:\ntreev\Grand Chase\Sound\Sound_Korea.kom
2008-11-22 18:30 4483000 --a------ c:\ntreev\Grand Chase\Motion\motion_pet2.kom
2008-11-22 18:29 7055558 --a------ c:\ntreev\Grand Chase\Motion\Motion_Pet1.kom
2008-11-22 18:29 2238934 --a------ c:\ntreev\Grand Chase\Motion\motion_damage0.kom
2008-11-22 18:28 12184371 --a------ c:\ntreev\Grand Chase\Motion\Motion_Char4.kom
2008-11-22 17:52 618668 --a------ c:\ntreev\Grand Chase\Model\Model_Pet.kom
2008-11-22 17:50 7383779 --a------ c:\ntreev\Grand Chase\Model\model_abta7.kom
2008-11-22 17:41 634417 --a------ c:\ntreev\Grand Chase\Model\Etc.kom
2008-11-22 17:39 656930 --a------ c:\ntreev\Grand Chase\Texture\sbta18.kom
2008-11-22 17:39 1735931 --a------ c:\ntreev\Grand Chase\Texture\sbta17.kom
2008-11-22 17:38 8989831 --a------ c:\ntreev\Grand Chase\Texture\map37.kom
2008-11-22 17:36 6994 --a------ c:\ntreev\Grand Chase\Stage\str_ctmission_us.stg
2008-11-22 17:36 1419705 --a------ c:\ntreev\Grand Chase\Music\champion.mp3
2008-11-22 17:36 1048704 --a------ c:\ntreev\Grand Chase\Texture\load2-1_usa.dds
2008-11-22 17:36 1048704 --a------ c:\ntreev\Grand Chase\Texture\load1-1_usa.dds
2008-11-22 17:36 10216394 --a------ c:\ntreev\Grand Chase\Motion\motion_char5.kom
2008-11-22 17:31 51 --a------ c:\ntreev\Grand Chase\Grand Chase.url
2008-11-22 17:31 50612 --a------ c:\ntreev\Grand Chase\uninst.exe
2008-11-16 21:29 266843 --a------ c:\ntreev\Grand Chase\GameGuard\ggscan.des
2008-11-12 18:46 94299 --a------ c:\ntreev\Grand Chase\GameGuard\npggNT.des
2008-10-16 17:46 70233 --a------ c:\ntreev\Grand Chase\GameGuard\npsc.des
2008-10-14 09:46 366 --a------ c:\ntreev\Grand Chase\GameGuard\GrandChaseUS.ini
2008-09-04 09:58 172123 --a------ c:\ntreev\Grand Chase\GameGuard\npgmup.des.new
2008-09-04 09:58 172123 --a------ c:\ntreev\Grand Chase\GameGuard\npgmup.des
2008-08-27 17:31 43099 --a------ c:\ntreev\Grand Chase\GameGuard\npgg9x.des
2008-08-26 22:55 5355458 --a------ c:\ntreev\Grand Chase\Texture\ui1.kom
2008-08-26 22:55 5261231 --a------ c:\ntreev\Grand Chase\Texture\sbta15.kom
2008-07-30 14:22 5756691 --a------ c:\ntreev\Grand Chase\Texture\Sbta7.kom
2008-07-29 23:34 5310188 --a------ c:\ntreev\Grand Chase\Texture\Sbta8.kom
2008-07-09 00:03 5648481 --a------ c:\ntreev\Grand Chase\Texture\Sbta9.kom
2008-07-09 00:03 5381900 --a------ c:\ntreev\Grand Chase\Texture\Sbta10.kom
2008-06-24 22:50 4284166 --a------ c:\ntreev\Grand Chase\Texture\Tex_Abta1.kom
2008-06-24 22:50 3143735 --a------ c:\ntreev\Grand Chase\Texture\Tex_Abta2.kom
2008-06-24 22:50 2982099 --a------ c:\ntreev\Grand Chase\Texture\Tex_Abta3.kom
2008-06-24 22:49 2692 --a------ c:\ntreev\Grand Chase\Stage\total_en.stg
2008-06-24 22:48 9273315 --a------ c:\ntreev\Grand Chase\Model\Model_Abta4.kom
2008-06-24 22:48 8973588 --a------ c:\ntreev\Grand Chase\Model\Model_Abta6.kom
2008-06-24 22:48 5711129 --a------ c:\ntreev\Grand Chase\Model\Model_Abta3.kom
2008-06-24 22:48 3733155 --a------ c:\ntreev\Grand Chase\Model\Model_Abta5.kom
2008-05-29 02:20 8282871 --a------ c:\ntreev\Grand Chase\Sound\Sound2.kom
2008-05-29 02:20 8246045 --a------ c:\ntreev\Grand Chase\Motion\Motion_Monster2.kom
2008-05-29 02:20 6271940 --a------ c:\ntreev\Grand Chase\Texture\Sbta5.kom
2008-05-29 02:20 6078500 --a------ c:\ntreev\Grand Chase\Texture\map35.kom
2008-05-29 02:20 4308628 --a------ c:\ntreev\Grand Chase\Texture\Sbta12.kom
2008-05-29 02:20 3230 --a------ c:\ntreev\Grand Chase\Stage\Fight_stg.kom

2008-05-29 02:20 308221 --a------ c:\ntreev\Grand Chase\Texture\anim\mapanim3.kom
2008-05-29 02:20 2069334 --a------ c:\ntreev\Grand Chase\Texture\anim\MapAnim2.kom
2008-05-29 02:20 192029 --a------ c:\ntreev\Grand Chase\Texture\neonsign0.kom
2008-05-29 02:20 17382 --a------ c:\ntreev\Grand Chase\Stage\map.kom
2008-05-29 02:20 164128 --a------ c:\ntreev\Grand Chase\Texture\square_object.kom
2008-05-29 02:19 6285302 --a------ c:\ntreev\Grand Chase\Motion\Motion_Char1.kom
2008-05-29 02:19 4836345 --a------ c:\ntreev\Grand Chase\Motion\Motion_Char3.kom
2008-05-29 02:19 4112206 --a------ c:\ntreev\Grand Chase\Motion\Motion_Char2.kom
2008-04-02 01:23 2310376 --a------ c:\ntreev\Grand Chase\Music\sorcery master.mp3
2008-04-02 01:23 2049988 --a------ c:\ntreev\Grand Chase\Music\temple master.mp3
2008-03-11 18:47 649637 --a------ c:\ntreev\Grand Chase\Music\trackl.mp3
2008-02-25 19:49 3794424 --a------ c:\ntreev\Grand Chase\xfire_installer.grandchase.exe
2008-02-12 23:32 4273867 --a------ c:\ntreev\Grand Chase\Model\Model_Abta2.kom
2008-02-12 23:32 4143026 --a------ c:\ntreev\Grand Chase\Model\Model_Abta1.kom
2008-02-12 23:32 188964 --a------ c:\ntreev\Grand Chase\Music\usa_logo.mp3
2008-02-04 12:48 4131944 --a------ c:\ntreev\Grand Chase\Music\Track0.mp3
2008-02-02 08:32 2238340 --a------ c:\ntreev\Grand Chase\Texture\Tex_MonsterCrusader.kom
2008-02-02 08:31 9358946 --a------ c:\ntreev\Grand Chase\Texture\Map12.kom
2008-02-02 08:31 8959556 --a------ c:\ntreev\Grand Chase\Texture\Sbta11.kom
2008-02-02 08:31 8637715 --a------ c:\ntreev\Grand Chase\Texture\Map17.kom
2008-02-02 08:31 8336543 --a------ c:\ntreev\Grand Chase\Texture\Map29.kom
2008-02-02 08:31 8117157 --a------ c:\ntreev\Grand Chase\Texture\Map6.kom
2008-02-02 08:31 7937518 --a------ c:\ntreev\Grand Chase\Texture\Map5.kom
2008-02-02 08:31 7559229 --a------ c:\ntreev\Grand Chase\Texture\Map15.kom
2008-02-02 08:31 7492036 --a------ c:\ntreev\Grand Chase\Texture\map4.kom
2008-02-02 08:31 7377525 --a------ c:\ntreev\Grand Chase\Texture\Map28.kom
2008-02-02 08:31 7307025 --a------ c:\ntreev\Grand Chase\Texture\anim\ItemAnim0.kom
2008-02-02 08:31 7295007 --a------ c:\ntreev\Grand Chase\Texture\Map30.kom
2008-02-02 08:31 6777445 --a------ c:\ntreev\Grand Chase\Texture\Map21.kom
2008-02-02 08:31 6649553 --a------ c:\ntreev\Grand Chase\Texture\Map26.kom
2008-02-02 08:31 6627606 --a------ c:\ntreev\Grand Chase\Texture\Map13.kom
2008-02-02 08:31 6619613 --a------ c:\ntreev\Grand Chase\Texture\Map11.kom
2008-02-02 08:31 6561729 --a------ c:\ntreev\Grand Chase\Texture\Map8.kom
2008-02-02 08:31 6535105 --a------ c:\ntreev\Grand Chase\Motion\Motion_Pet0.kom
2008-02-02 08:31 6519615 --a------ c:\ntreev\Grand Chase\Texture\Map32.kom
2008-02-02 08:31 6443891 --a------ c:\ntreev\Grand Chase\Texture\Map18.kom
2008-02-02 08:31 6389813 --a------ c:\ntreev\Grand Chase\Texture\Map7.kom
2008-02-02 08:31 6314958 --a------ c:\ntreev\Grand Chase\Texture\Sbta0.kom
2008-02-02 08:31 6309914 --a------ c:\ntreev\Grand Chase\Texture\Map9.kom
2008-02-02 08:31 5960945 --a------ c:\ntreev\Grand Chase\Texture\Map22.kom
2008-02-02 08:31 5858397 --a------ c:\ntreev\Grand Chase\Texture\anim\ItemAnim1.kom
2008-02-02 08:31 5845596 --a------ c:\ntreev\Grand Chase\Texture\Fight1.kom
2008-02-02 08:31 5821063 --a------ c:\ntreev\Grand Chase\Texture\Map24.kom
2008-02-02 08:31 5762392 --a------ c:\ntreev\Grand Chase\Texture\Map31.kom
2008-02-02 08:31 5724145 --a------ c:\ntreev\Grand Chase\Texture\Sbta3.kom
2008-02-02 08:31 5664771 --a------ c:\ntreev\Grand Chase\Texture\Tex_Abta0.kom
2008-02-02 08:31 5625788 --a------ c:\ntreev\Grand Chase\Texture\Map20.kom
2008-02-02 08:31 5597518 --a------ c:\ntreev\Grand Chase\Texture\Sbta13.kom
2008-02-02 08:31 5593377 --a------ c:\ntreev\Grand Chase\Texture\Map23.kom
2008-02-02 08:31 5486677 --a------ c:\ntreev\Grand Chase\Texture\Map16.kom
2008-02-02 08:31 5462000 --a------ c:\ntreev\Grand Chase\Texture\particle\particle.kom
2008-02-02 08:31 5446499 --a------ c:\ntreev\Grand Chase\Texture\Map14.kom
2008-02-02 08:31 5421465 --a------ c:\ntreev\Grand Chase\Texture\Map0.kom
2008-02-02 08:31 535685 --a------ c:\ntreev\Grand Chase\Texture\Spark0.kom
2008-02-02 08:31 5352487 --a------ c:\ntreev\Grand Chase\Texture\Sbta2.kom
2008-02-02 08:31 5322174 --a------ c:\ntreev\Grand Chase\Texture\anim\MapAnim1.kom
2008-02-02 08:31 5209304 --a------ c:\ntreev\Grand Chase\Texture\Map19.kom
2008-02-02 08:31 5179041 --a------ c:\ntreev\Grand Chase\Texture\Map3.kom
2008-02-02 08:31 5119293 --a------ c:\ntreev\Grand Chase\Texture\SetItem0.kom
2008-02-02 08:31 5112043 --a------ c:\ntreev\Grand Chase\Texture\Map25.kom
2008-02-02 08:31 5073679 --a------ c:\ntreev\Grand Chase\Texture\Sbta6.kom
2008-02-02 08:31 4822620 --a------ c:\ntreev\Grand Chase\Texture\Map10.kom
2008-02-02 08:31 4704988 --a------ c:\ntreev\Grand Chase\Texture\Map1.kom
2008-02-02 08:31 4627113 --a------ c:\ntreev\Grand Chase\Model\Model_Abta0.kom
2008-02-02 08:31 2772068 --a------ c:\ntreev\Grand Chase\Texture\anim\MapAnim0.kom
2008-02-02 08:31 230052 --a------ c:\ntreev\Grand Chase\Texture\anim\SkillAnim0.kom
2008-02-02 08:31 1320477 --a------ c:\ntreev\Grand Chase\Texture\Special1.kom
2008-02-02 08:31 1224040 --a------ c:\ntreev\Grand Chase\Texture\Special0.kom
2008-02-02 08:31 10938573 --a------ c:\ntreev\Grand Chase\Sound\Sound.kom
2008-01-31 04:05 274726 --------- c:\ntreev\Grand Chase\images.kom
2008-01-30 12:33 4131944 --a------ c:\ntreev\Grand Chase\Music\Track9.mp3
2008-01-26 22:45 340 --a------ c:\ntreev\Grand Chase\grandchase.ini
2008-01-24 15:32 41750 --a------ c:\ntreev\Grand Chase\GameGuard\Splash.jpg
2008-01-24 03:50 172202 --a------ c:\ntreev\Grand Chase\Stage\str_Mission_en.stg
2008-01-23 22:41 1064 --------- c:\ntreev\Grand Chase\PatchStr.stg
2008-01-23 18:23 326 --a------ c:\ntreev\Grand Chase\GrandChaseUS.ini
2008-01-20 17:36 74240 --a------ c:\ntreev\Grand Chase\zlibwapi.dll
2008-01-20 17:36 59904 --a------ c:\ntreev\Grand Chase\zlib1.dll
2008-01-20 17:36 245408 --a------ c:\ntreev\Grand Chase\unicows.dll
2008-01-20 17:36 1959 --a------ c:\ntreev\Grand Chase\Texture\ui_temp.kom
2008-01-20 17:35 94007 --a------ c:\ntreev\Grand Chase\Music\Logo.mp3
2008-01-20 17:35 838959 --a------ c:\ntreev\Grand Chase\Music\Run.mp3
2008-01-20 17:35 7418 --a------ c:\ntreev\Grand Chase\GrandChase.fx
2008-01-20 17:35 639678 --a------ c:\ntreev\Grand Chase\Music\Track6.mp3
2008-01-20 17:35 61440 --a------ c:\ntreev\Grand Chase\KncFirewall.dll
2008-01-20 17:35 6114396 --a------ c:\ntreev\Grand Chase\HMFMOLD.TTF
2008-01-20 17:35 500425 --a------ c:\ntreev\Grand Chase\Music\TrackK.mp3
2008-01-20 17:35 489984 --a------ c:\ntreev\Grand Chase\dbghelp.dll
2008-01-20 17:35 4115152 --a------ c:\ntreev\Grand Chase\d3dx9d_30.dll
2008-01-20 17:35 32768 --a------ c:\ntreev\Grand Chase\MailSMTP.dll
2008-01-20 17:35 3257315 --a------ c:\ntreev\Grand Chase\Music\Track1.mp3
2008-01-20 17:35 28672 --a------ c:\ntreev\Grand Chase\MailMIME.dll
2008-01-20 17:35 2467968 --a------ c:\ntreev\Grand Chase\Music\Track7.mp3
2008-01-20 17:35 2453504 --a------ c:\ntreev\Grand Chase\Music\TrackD.mp3
2008-01-20 17:35 241664 --a------ c:\ntreev\Grand Chase\SSOWebDLL.dll
2008-01-20 17:35 2357836 --a------ c:\ntreev\Grand Chase\Music\TrackC.mp3
2008-01-20 17:35 2101627 --a------ c:\ntreev\Grand Chase\Music\GorgosLair.mp3
2008-01-20 17:35 2025786 --a------ c:\ntreev\Grand Chase\Music\Track2.mp3
2008-01-20 17:35 1994211 --a------ c:\ntreev\Grand Chase\Music\TrackH.mp3
2008-01-20 17:35 192654 --a------ c:\ntreev\Grand Chase\Music\Track3.mp3
2008-01-20 17:35 1922322 --a------ c:\ntreev\Grand Chase\Music\TrackA.mp3
2008-01-20 17:35 1908948 --a------ c:\ntreev\Grand Chase\Music\TrackF.mp3
2008-01-20 17:35 171780 --a------ c:\ntreev\Grand Chase\Music\Track4.mp3
2008-01-20 17:35 1695370 --a------ c:\ntreev\Grand Chase\Music\TrackI.mp3
2008-01-20 17:35 1677398 --a------ c:\ntreev\Grand Chase\Music\TrackG.mp3
2008-01-20 17:35 1661286 --a------ c:\ntreev\Grand Chase\Music\QFinal.mp3
2008-01-20 17:35 16512 --a------ c:\ntreev\Grand Chase\Texture\Cursor0.dds
2008-01-20 17:35 1507579 --a------ c:\ntreev\Grand Chase\Music\Track8.mp3
2008-01-20 17:35 1451700 --a------ c:\ntreev\Grand Chase\Music\TrackB.mp3
2008-01-20 17:35 131072 --a------ c:\ntreev\Grand Chase\KncCrashRpt.dll
2008-01-20 17:35 1234361 --a------ c:\ntreev\Grand Chase\Music\TrackJ.mp3
2008-01-20 17:35 1233814 --a------ c:\ntreev\Grand Chase\Music\Track5.mp3
2008-01-20 17:35 108548 --a------ c:\ntreev\Grand Chase\Music\TrackE.mp3
2008-01-20 17:35 1075307 --a------ c:\ntreev\Grand Chase\Music\XmasEvent.mp3
2008-01-18 19:15 276161 --a------ c:\ntreev\Grand Chase\GameGuard.des
2008-01-17 17:15 276161 --a------ c:\ntreev\Grand Chase\GameGuard\GameGuard.des

((((((((((((((((((((((((((((( snapshot@2008-12-22_14.39.15.83 )))))))))))))))))))))))))))))))))))))))))
.
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-22 39408]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2008-11-03 3522296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-12-13 98304]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-12-13 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-12-13 118784]
"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2005-12-28 667718]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2005-12-28 602182]
"Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2006-04-06 1032192]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"PCMService"="c:\program files\Dell\Media Experience\PCMService.exe" [2004-04-11 290816]
"DVDLauncher"="c:\program files\CyberLink\PowerDVD\DVDLauncher.exe" [2005-12-09 49152]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920]
"A Verizon App"="c:\progra~1\VERIZO~1\HELPSU~1\VERIZO~1.EXE" [2005-05-23 50744]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-05-31 122941]
"Motive SmartBridge"="c:\progra~1\verizon\SMARTB~1\MotiveSB.exe" [2006-06-23 438359]
"Verizon_McciTrayApp"="c:\program files\Verizon\McciTrayApp.exe" [2007-06-06 936960]
"VerizonServicepoint.exe"="c:\program files\Verizon\VSP\VerizonServicepoint.exe" [2007-11-16 2065648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-09-03 111936]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-12-12 185872]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-22 1261336]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-24 c:\windows\stsystra.exe]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2006-07-11 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.I420"= i420vfw.dll
"vidc.ffds"= c:\progra~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 c:\windows\system32\opnkiGAq

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Ntreev\\Grand Chase\\main.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\AIM6\\aim6.exe"=
"c:\\Program Files\\Tencent\\QQ Games\\QQGames.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Veoh Networks\\VeohWebPlayer\\veohwebplayer.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Intel\\Wireless\\Bin\\ZCfgSvc.exe"=
"c:\\Program Files\\Intel\\Wireless\\Bin\\EvtEng.exe"=
"c:\\Program Files\\Intel\\Wireless\\Bin\\S24EvMon.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-12-22 97928]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-12-22 875288]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-22 231704]
R2 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2008-12-22 76040]
S3 MzBot.sys;MzBot.sys;\??\c:\windows\system32\MzBot.sys [2007-04-01 3584]
.
Contents of the 'Scheduled Tasks' folder

2008-12-16 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2007-05-28 c:\windows\Tasks\MP Scheduled Quick Scan.job
- c:\program files\Microsoft Windows OneCare Live\Antivirus\MpCmdRun.exe []
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = 0
IE: {{d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html
IE: {{d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html -
FF - ProfilePath - c:\documents and settings\Blazing Ice\Application Data\Mozilla\Firefox\Profiles\qv3l0vqn.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=&query=
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-23 14:42:39
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Intel\Wireless\Bin\EvtEng.exe
c:\program files\Intel\Wireless\Bin\S24EvMon.exe
c:\program files\Intel\Wireless\Bin\WLKEEPER.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Authentium\AntiVirus\dvpapi.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Dell\QuickSet\NicConfigSvc.exe
c:\program files\Intel\Wireless\Bin\RegSrvc.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\Verizon Online\ConnMgr\cmisrv.exe
c:\progra~1\Intel\Wireless\Bin\Dot1XCfg.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Common Files\Verizon Online\AppMgr\vzOpenUIServer.exe
.
**************************************************************************
.
Completion time: 2008-12-23 14:47:52 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-23 20:47:48
ComboFix2.txt 2008-12-22 20:39:58

Pre-Run: 32,692,842,496 bytes free
Post-Run: 32,905,515,008 bytes free

530 --- E O F --- 2008-12-22 17:49:16

Okay, since we got the keyboard and mouse back, I'm not gonna touch anything.
We just need to remove this leftover.

• Now open a new notepad file.
  
• Input this into the notepad file:
  

  
  Windows Registry Editor Version 5.00
  
  [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
  "Authentication Packages"="msv1_0"
  
  

  
  
• Save this as fix.reg, save it to your desktop.
  
• Double click fix.reg to run it.
  
• Select yes to the registry merge prompt.
  

What problems remain now? :whistle:

ok it has been added

Okay, but you didn't answer my question at the bottom of my post.

That was it, also is the backdoor gone?

Yep.
But the machine has been compromised.

If you don't want to format, I would advice to NEVER do any online baking (Paypal, ebay, etc) on this machine.

What does The machine has been Compromised mean?

Also are Game logins / Forums / Email ok? None of them uses money.

Okay, think of it like this.

A normal machines security level - 5
Your security level - 2, maybe 3.

Okay, just change your passwords for forums/email/games.

How can i make it higher then the one i have right now?

You can't.
Malware does damage, damage that can't always be reversed.

So is there still anything in my computer that can get my info of logins and such?

Nope, the backdoor is gone and the logs look clean.
Just be careful.

We need to make a new restore point.

To turn off System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (or the Turn off System Restore on all drives check box), and then click OK.
4. Click Yes when you receive the prompt to the turn off System Restore.

Now we need to make a new restore point.
To turn on System Restore, follow these steps:
1. Click Start, right-click My Computer, and then click Properties.
2. Click the System Restore tab.
3. Click the Turn off System Restore check box (To turn on System Restore), and then click OK.

Below I have included a number of recommendations for how to protect your computer in order to prevent future malware infections. Please take these recommendations seriously; these few simple steps can stave off the vast majority of spyware problems. As happy as we are to help you, for your sake we would rather not have repeat customers.

1) Please navigate to http://windowsupdate.microsoft.com and download all the "critical updates" for Windows. This can patch many of the security holes through which attackers can gain access to your computer.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates , or get into the habit of checking for Windows updates regularly. I cannot stress enough how important this is.

2) In order to protect yourself against spyware, you should consider installing and running the following free programs:

Ad-Aware SE
A tutorial on using Ad-Aware to remove spyware from your computer may be found here.

Spybot-Search & Destroy
A tutorial on using Spybot to remove spyware from your computer may be found here. Please also remember to enable Spybot's "Immunize" and "TeaTimer" features.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent spyware from ever installing on your computer may be found here.

SpywareGuard
A tutorial on using SpywareGuard for realtime protection against spyware and hijackers may be found here.

Make sure to keep these programs up-to-date and to run them regularly, as this can prevent a great deal of spyware hassle.

3) Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in popup blocker (as an added benefit!) that I have ever seen. If you are interested, Firefox may be downloaded from here:
http://www.mozilla.org/products/firefox/
I also recommand the following add-ons for Firefox, they will help keep you safe from malicious scripts or activeX exploits.
https://addons.mozilla.org/en-US/firefox/addon/722
https://addons.mozilla.org/en-US/firefox/addon/1865

4) Also make sure to run your antivirus software regularly, and to keep it up-to-date.

5) Finally, consider maintaining a firewall. Some good free firewalls are Kerio, or
Outpost
A tutorial on understanding and using firewalls may be found here.

Please also read Tony Klein's excellent article: How I got Infected in the First Place

Hopefully this should take care of your problems! Good luck.

I have had/downloaded
AVG Free
Ad-Aware Free
SpywareGuard
SpywareBlaster

Also for SpywareGuard Javacool, how does it work? It doesnt have any scans.
is it like when a Virus/etc comes up it will block? or something else?

Also for Outpost Free is it better then Windows Firewall?

If you don't use spywaregaurd, uninstall it and stick with MBAM.
Yes, outpost firewall is better than windows firewall.

Ok, im all finished. Thanks for the all great help. Ill post another thread if i even encounter another problem.

Oh wait i see that Agnitum Outpost Free is out of date and it wants me to go get Pro

There is also Kerio Firewall if outpost doesn't work in the free version.

I see that Kerio has all these protections NETWORK SECURITY,CONTENT FILTERING,STATISTICS, LOGGING,ADMINISTRATION. Whats the diff between Windows Firewall and Kerios Firewall? in Free Verison

A 3rd party firewall is much safer than Windows Firewall.

Last and final question, My AVG Free Update Manager says Database update is disabled. How do i enable it?

Nevermind.

Topic marked as solved as requested.

Since this issue is resolved, this topic is closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else, please open a new topic for your questions.