PDA

View Full Version : Need help - kire



kire1
2009-12-20, 19:39
Okey, so Ive tried scanning my computer for viruses since I obviously had one due to an expired version of my virus protection. I noticed two differences on my computer, first of all I had gotten two new icons on my desk, suspecting viruses, they were called "system defender" and "Privacy center" when i saw them I used norton, which got rid of one and windows defender who got rid of the second. Before I got rid of them I was recieving a screen which said that I had many viruses and stuff from privacy center, and also it had stopped explorer from opening, so the screen was black except for that pop up. however I manage to get explorer running, with help from a friend. And well that pop up is gone and explorer starts normally, but according to hijackthis there is possibly something still there.

This is the log file I have and I was wondering if you could look it through and help me out, in getting rid of this virus please.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:19:25, on 2009-12-18
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Windows\System32\nvraidservice.exe

C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe

C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Users\erik\Program Files\DNA\btdna.exe
C:\Windows\ehome\ehtray.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\MP4 Player\Mp4Player.exe

C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Portrait Displays\Pivot Software\floater.exe

c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Philips Display\SmartControl II\DTHtml.exe

C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\conime.exe

C:\Program Files\Left 4 Dead 2\revLoader.exe

C:\Program Files\Left 4 Dead 2\left4dead2.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe





R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=92&bd=Presario&pf=cndt

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=92&bd=Presario&pf=cndt

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=92&bd=Presario&pf=cndt

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=92&bd=Presario&pf=cndt

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =



O1 - Hosts: ::1 localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL

O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Verktygsfält 5.0\aoltb.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Verktygsfält 5.0\aoltb.dll

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll

O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [hpsysdrv] c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe

O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe

O4 - HKLM\..\Run: [StartCCC] "c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

O4 - HKLM\..\Run: [UpdateP2GoShortCut] "c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [UpdateLBPShortCut] "c:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [UpdatePDIRShortCut] "c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"

O4 - HKLM\..\Run: [UpdatePSTShortCut] "c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\Portrait Displays\Pivot Software\wpctrl.exe"

O4 - HKLM\..\Run: [DT PHL] C:\Program Files\Common Files\Portrait Displays\Shared\DT_startup.exe -PHL


O4 - HKLM\..\Run: [TVAgent] "C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Skype] "C:\Users\erik\Desktop\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\erik\Program Files\DNA\btdna.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [System Defender] "C:\ProgramData\b984ecb\WSb984.exe" /s /d

O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [MP4 Player] "C:\Program Files\MP4 Player\mp4Player.exe" hmw

O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files\GamersFirst\LIVE!\Live.exe

O4 - Global Startup: McAfee Security Scan.lnk = ?

O8 - Extra context menu item: &AOL Verktygsfalt Sök - C:\ProgramData\AOL\ieToolbar\resources\sv-SE\local\search.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Blogga detta - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blogga detta i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll

O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe

O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe

O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)

O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe

O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe


--
End of file - 11247 bytes

Blade81
2009-12-23, 23:11
Hi,

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

uTorrent
BitTorrent
DNA


I'd like you to read this thread (http://forums.spybot.info/showthread.php?t=282).

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).


After that:

Download DDS and save it to your desktop from here (http://www.techsupportforum.com/sectools/sUBs/dds) or here (http://download.bleepingcomputer.com/sUBs/dds.scr) or here (http://www.forospyware.com/sUBs/dds).
Disable any script blocker, and then double click dds.scr to run the tool.
When done, DDS will open two (2) logs:
DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.

kire1
2009-12-29, 17:27
okey so here are the DDS file



DS (Ver_09-12-01.01) - NTFSx86
Run by erik at 0:37:47,85 on 2009-12-25
Internet Explorer: 7.0.6002.18005
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.3582.2000 [GMT 1:00]

SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Windows\System32\nvraidservice.exe
C:\Program Files\Portrait Displays\Pivot Software\wpCtrl.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\MP4 Player\Mp4Player.exe
C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
C:\Windows\ehome\ehmsas.exe
c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Philips Display\SmartControl II\DTHtml.exe
C:\Program Files\Portrait Displays\Pivot Software\floater.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Windows\system32\conime.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\erik\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=92&bd=Presario&pf=cndt
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=92&bd=Presario&pf=cndt
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=92&bd=Presario&pf=cndt
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=92&bd=Presario&pf=cndt
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\16.7.2.11\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\16.7.2.11\IPSBHO.DLL
BHO: AOL Toolbar BHO: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol\aol verktygsfält 5.0\aoltb.dll
BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol verktygsfält 5.0\aoltb.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\16.7.2.11\coIEPlg.dll
TB: {472734EA-242A-422B-ADF8-83D1E48CC825} - No File
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Skype] "c:\users\erik\desktop\Skype.exe" /nosplash /minimized
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [System Defender] "c:\programdata\b984ecb\WSb984.exe" /s /d
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [MP4 Player] "c:\program files\mp4 player\mp4Player.exe" hmw
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\program files\hewlett-packard\hp odometer\hpsysdrv.exe
mRun: [NVRaidService] c:\windows\system32\nvraidservice.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [UpdateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"
mRun: [UpdateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"
mRun: [UpdatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"
mRun: [UpdatePSTShortCut] "c:\program files\cyberlink\cyberlink dvd suite deluxe\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\cyberlink dvd suite deluxe" updatewithcreateonce "software\cyberlink\PowerStarter"
mRun: [PivotSoftware] "c:\program files\portrait displays\pivot software\wpctrl.exe"
mRun: [DT PHL] c:\program files\common files\portrait displays\shared\DT_startup.exe -PHL
mRun: [TVAgent] "c:\program files\hewlett-packard\media\tv\TVAgent.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\gamers~1.lnk - c:\program files\gamersfirst\live!\Live.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\1.0.150\SSScheduler.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: &AOL Verktygsfalt Sök - c:\programdata\aol\ietoolbar\resources\sv-se\local\search.html
IE: E&xportera till Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\engine\16.7.2.11\CoIEPlg.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\erik\appdata\roaming\mozilla\firefox\profiles\1fuar4eu.default\
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\coffplgn\components\coFFPlgn.dll
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\program files\java\jre1.5.0_03\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_03\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_03\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_03\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_03\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_03\bin\NPJPI150_03.dll
FF - plugin: c:\program files\java\jre1.5.0_03\bin\NPOJI610.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
pref(dom.disable_open_during_load, true);c:\program files\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");
c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");
c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

============= SERVICES / DRIVERS ===============

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1007020.00b\SymEFA.sys [2009-12-15 310320]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1007020.00b\BHDrvx86.sys [2009-12-15 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1007020.00b\cchpx86.sys [2009-12-15 482432]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20091217.002\IDSvix86.sys [2009-12-18 343088]
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]
R2 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\engine\16.7.2.11\ccSvcHst.exe [2009-12-15 117640]
R2 PdiService;Portrait Displays SDK Service;c:\program files\common files\portrait displays\drivers\pdisrvc.exe [2009-7-10 109096]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-12-15 1153368]
R2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\hewlett-packard\media\tv\kernel\tv\TVCapSvc.exe [2009-4-22 296320]
R2 TVSched;TV Task Scheduler (TVTS);c:\program files\hewlett-packard\media\tv\kernel\tv\TVSched.exe [2009-4-22 116104]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-12-14 102448]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\nis\1007020.00b\symndisv.sys [2009-12-15 48688]
S2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-9-6 234888]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-8-2 32512]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pc-doc~1\PCD5SRVC.pkms [2008-11-5 22896]

=============== Created Last 30 ================

2009-12-24 23:16:38 0 d-----w- c:\program files\common files\Steam
2009-12-24 23:16:31 0 d-----w- c:\program files\Steam
2009-12-24 23:14:15 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2009-12-18 18:18:58 0 d-----w- c:\program files\Trend Micro
2009-12-17 19:50:13 0 d-----w- c:\program files\HP
2009-12-17 19:49:58 0 d-----w- c:\users\erik\appdata\roaming\HpUpdate
2009-12-17 19:49:55 0 d-----w- c:\windows\Hewlett-Packard
2009-12-17 18:30:37 0 d-----w- c:\program files\MP4 Player
2009-12-17 18:29:06 1038893 ----a-w- c:\users\erik\Mp4PlayerSetup.exe
2009-12-16 22:13:51 0 d-----w- c:\program files\Windows Portable Devices
2009-12-16 22:13:39 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2009-12-16 21:03:28 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2009-12-16 21:03:26 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2009-12-16 21:03:26 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-12-16 21:01:28 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-12-16 20:59:50 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-12-16 20:59:49 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-12-16 20:59:49 234496 ----a-w- c:\windows\system32\oleacc.dll
2009-12-15 20:09:48 0 d-----w- c:\programdata\Spybot - Search & Destroy
2009-12-15 20:09:48 0 d-----w- c:\program files\Spybot - Search & Destroy
2009-12-15 17:36:44 195456 ------w- c:\windows\system32\MpSigStub.exe
2009-12-15 15:38:35 0 d-----w- c:\windows\system32\eu-ES
2009-12-15 15:38:35 0 d-----w- c:\windows\system32\ca-ES
2009-12-15 15:38:34 0 d-----w- c:\windows\system32\vi-VN
2009-12-15 12:15:56 25648 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2009-12-15 12:15:52 806 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF
2009-12-15 12:15:52 7456 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT
2009-12-15 12:15:52 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-12-15 12:15:52 0 d-----w- c:\program files\Symantec
2009-12-15 12:15:52 0 d-----w- c:\program files\common files\Symantec Shared
2009-12-15 12:15:27 0 d-----w- c:\windows\system32\drivers\NIS
2009-12-15 12:15:25 0 d-----w- c:\program files\Norton Internet Security
2009-12-15 12:11:48 0 d-----w- c:\program files\NortonInstaller
2009-12-12 19:55:29 0 d-----w- c:\users\erik\appdata\roaming\PC
2009-12-12 19:54:47 0 d-sh--w- c:\users\erik\appdata\roaming\System Defender
2009-12-12 19:54:47 0 d-sh--w- c:\programdata\WSEUTSMD_APDM
2009-12-12 19:54:35 0 d-sh--w- c:\programdata\b984ecb
2009-12-10 17:22:27 24064 ----a-w- c:\windows\system32\nshhttp.dll
2009-12-10 17:22:23 411648 ----a-w- c:\windows\system32\drivers\http.sys
2009-12-10 17:22:23 30720 ----a-w- c:\windows\system32\httpapi.dll
2009-12-09 15:56:36 377344 ----a-w- c:\windows\system32\winhttp.dll
2009-12-09 15:56:31 243712 ----a-w- c:\windows\system32\rastls.dll
2009-12-09 15:55:59 834048 ----a-w- c:\windows\system32\wininet.dll
2009-12-09 15:55:55 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-12-08 15:40:55 0 d-----w- C:\gPotato.com
2009-12-07 22:24:12 0 d-----w- c:\programdata\PMB Files
2009-12-07 22:23:49 0 d-----w- c:\program files\Pando Networks
2009-11-30 19:33:46 41872 ----a-w- c:\windows\system32\xfcodec.dll
2009-11-30 15:44:24 0 d-----w- c:\users\erik\appdata\roaming\Xfire
2009-11-30 15:44:22 0 d-----w- c:\programdata\Xfire
2009-11-30 15:44:22 0 d-----w- c:\program files\Xfire
2009-11-27 19:45:15 0 d-----w- c:\program files\Left 4 Dead 2
2009-11-27 19:36:42 0 d-----w- C:\Left 4 dead 2
2009-11-26 15:07:27 2048 ----a-w- c:\windows\system32\tzres.dll
2009-11-25 15:09:37 1401856 ----a-w- c:\windows\system32\msxml6.dll
2009-11-25 15:09:37 1248768 ----a-w- c:\windows\system32\msxml3.dll
2009-11-25 15:09:30 714240 ----a-w- c:\windows\system32\timedate.cpl

==================== Find3M ====================

2009-12-24 11:40:35 597598 ----a-w- c:\windows\system32\perfh01D.dat
2009-12-24 11:40:35 117210 ----a-w- c:\windows\system32\perfc01D.dat
2009-12-16 22:13:47 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-16 22:13:47 51200 ----a-w- c:\windows\inf\infpub.dat
2009-12-16 22:13:47 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-12-16 22:13:47 143360 ----a-w- c:\windows\inf\infstor.dat
2009-12-15 14:40:26 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont
2009-10-01 01:02:17 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 01:02:05 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 01:02:04 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 01:02:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 01:02:00 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 01:01:59 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 01:01:59 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-10-01 01:01:56 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 01:01:56 350208 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 01:01:56 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 01:01:56 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-03-07 03:14:58 35978 ----a-w- c:\windows\inf\perflib\041d\perfd.dat
2009-03-07 03:14:58 35978 ----a-w- c:\windows\inf\perflib\041d\perfc.dat
2009-03-07 03:14:58 290490 ----a-w- c:\windows\inf\perflib\041d\perfi.dat
2009-03-07 03:14:58 290490 ----a-w- c:\windows\inf\perflib\041d\perfh.dat
2008-01-21 02:43:21 174 --sha-w- c:\program files\desktop.ini
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-03-07 04:13:53 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

============= FINISH: 0:39:48,86 ===============




and heres the attach file, werent sure how to "zip it up" so I'm just going to do as I did with the DDS file (sorry)



DDS (Ver_09-12-01.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 2009-03-17 11:52:28
System Uptime: 2009-12-24 12:34:00 (12 hours ago)

Motherboard: PEGATRON CORPORATION | | VIOLET
Processor: AMD Phenom(tm) 8750 Triple-Core Processor | CPU 1 | 1200/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 453 GiB total, 230,554 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 1,84 GiB free.
E: is CDROM (UDF)
F: is Removable

==== Disabled Device Manager Items =============

Class GUID:
Description: Xtreme N GIGABIT Router
Device ID: UUID:6C3A15D8-7657-3630-9E3D-7172667EA977\UMB\3&221889F4&0&UUID:6C3A15D8-7657-3630-9E3D-7172667EA977
Manufacturer:
Name: Xtreme N GIGABIT Router
PNP Device ID: UUID:6C3A15D8-7657-3630-9E3D-7172667EA977\UMB\3&221889F4&0&UUID:6C3A15D8-7657-3630-9E3D-7172667EA977
Service:

==== System Restore Points ===================

RP148: 2009-12-18 16:07:09 - Windows Update
RP149: 2009-12-20 19:35:20 - Schemalagd kontrollpunkt
RP150: 2009-12-21 15:50:12 - Windows Update
RP151: 2009-12-22 18:27:46 - Schemalagd kontrollpunkt
RP152: 2009-12-23 12:51:33 - Schemalagd kontrollpunkt
RP153: 2009-12-24 20:15:13 - Schemalagd kontrollpunkt
RP155: 2009-12-25 00:12:57 - DirectX har installerats
RP156: 2009-12-25 00:16:17 - Installed Steam

==== Installed Programs ======================

ActiveCheck component for HP Active Support Library
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.3
Adobe Shockwave Player 11.5
Aion
Allods Online 1.0.04.11
AOL Verktygsfält 5.0
Ask Toolbar
ATI Catalyst Install Manager
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Compatibility Pack för Office 2007-systemet
CyberLink DVD Suite Deluxe
DirectX for Managed Code Update (Summer 2004)
Fraps (remove only)
GamersFirst LIVE!
GameSpy Arcade
Heroes of Might and Magic IV: Winds of War
HijackThis 2.0.2
Hårdvarudiagnostikverktyg
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP MediaSmart TV
HP Odometer
HP Recovery Manager RSS
HP Support Information
HP Total Care Setup
HP Update
HPAsset component for HP Active Support Library
J2SE Runtime Environment 5.0 Update 3
Junk Mail filter update
LabelPrint
LightScribe System Software
LimeWire 4.12.11
McAfee Security Scan
Microsoft .NET Framework 3.5 Language Pack SP1 - sve
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel 2007 Help Uppdatering (KB963678)
Microsoft Office Excel MUI (Swedish) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (Swedish) 2007
Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669)
Microsoft Office PowerPoint MUI (Swedish) 2007
Microsoft Office PowerPoint Viewer 2007 (Swedish)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (Finnish) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Swedish) 2007
Microsoft Office Proofing (Swedish) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (Swedish) 2007
Microsoft Office Word 2007 Help Uppdatering (KB963665)
Microsoft Office Word MUI (Swedish) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
Mozilla Firefox (3.5.6)
MP4 Player
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee Reveal
My HP Games
Norton Internet Security
NVIDIA Drivers
OGA Notifier 2.0.0048.0
Pando Media Booster
PComponents
Pivot Software
Power2Go
PowerDirector
Python 2.6 pywin32-212
Python 2.6.1
Realtek High Definition Audio Driver
SDK
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Skins
Skype™ 4.1
SmartControl II
Spelling Dictionaries Support For Adobe Reader 8
Spotify
Språkpaket för Microsoft .NET Framework 3.5 SP 1 - sve
Spybot - Search & Destroy
Starcraft
Steam
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office InfoPath 2007 (KB976416)
Update for Microsoft Office Word 2007 (KB974561)
Utvärderingsversion av Microsoft Office hem- och studentutgåva 2007
War Rock
Warcraft III
Warcraft III: All Products
WC3Banlist
Ventrilo Client
Windows Live Communications Platform
Windows Live Essentials
Windows Live inloggningsassistenten
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinPcap 3.1
Xfire (remove only)

==== End Of File ===========================

Blade81
2009-12-29, 18:13
Hi,

Please visit this webpage for download links, and instructions for running ComboFix tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully first.

Please continue as follows:


Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link (http://www.bleepingcomputer.com/forums/topic114351.html)
Remember to re-enable them afterwards.


Click Yes to allow ComboFix to continue scanning for malware.


When the tool is finished, it will produce a report for you.

Please include the following reports for further review, and so we may continue cleansing the system:

C:\ComboFix.txt
New dds log.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.

Blade81
2010-01-05, 20:54
Due to inactivity, this thread will now be closed.

Note:If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.

If it has been less than four days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.