Can someone analyse my HijackThis Log?

[plutomaniac]

Hi, I'm new here so...here is my log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:12:50 πμ, on 11/6/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\PLUTOMANIAC\Documents\PLUTOMANIAC\Προγράμματα\Προγράμματα Προστασίας\TrendMicro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Βοηθός εισόδου του Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O8 - Extra context menu item: E&ξαγωγή στο Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Προσθήκη στο ιστολόγιο - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Προσθήκη στο ιστολόγιο στο Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Αποστολή στο OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Α&ποστολή στο OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://sas.zone.msn.com
O15 - Trusted Zone: www.msn.com
O15 - Trusted Zone: http://zone.msn.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate1c9b5cf9846a8ea) (gupdate1c9b5cf9846a8ea) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nHancer Support (nHancer) - KSE - Korndorfer Software Engineering - C:\Program Files\nHancer\nHancerService.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files (x86)\Roxio Creator 2009 Ultimate\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files (x86)\Roxio Creator 2009 Ultimate\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8331 bytes

Can someone help me because I think I am infected but I'm not so sure!

why can't I edit my post? - I wanted to tell you this:

Sorry if you see some Greek Words inside the log - my computer has Greek Windows and my folders are in Greek but all the other important things are in English so I don't think there will be any problem!

"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance)

Can I edit my own posts?

1. In the Spybot-S&D forum, there is a 15 minute time frame to edit one's post.
2. In the Malware Removal Forum, members may not edit their posts. A helper may already be analysing the information given.

ok sorry for doing wrong things. I read all this huge thread and understood!!!

A - What I did now:

1) First of all I temporarly uninstalled Spybot S&D
2) I made a Backup of my System Registry with ERUNT
3) I downloaded and installed HijackThis at Program Files
4) I didn't use the AnalyseThis button
5) I didn't fix anything yet
6) I unchecked "Word Wrap" in notepad
7) I disabled hot links to malware websites that where on the previous-above log file I posted
8) I posted in this post a new log from HijckThis which is better and fixed("Word Wrap" etc...)

B - What I will do after the clean-up:

1) I will post the final clean log of HijackThis so that I'll be sure I'm clean
2) I will reinstall Spybot S&D as soon as possible

C - What I may do:

1) Not bothering you again...

Here is my new log - I hope this time everything is right. I can't wait for your help!!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:41:41 πμ, on 12/6/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Βοηθός εισόδου του Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O8 - Extra context menu item: E&ξαγωγή στο Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Προσθήκη στο ιστολόγιο - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Προσθήκη στο ιστολόγιο στο Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Αποστολή στο OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Α&ποστολή στο OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://sas.zone.msn.com
O15 - Trusted Zone: www.msn.com
O15 - Trusted Zone: http://zone.msn.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate1c9b5cf9846a8ea) (gupdate1c9b5cf9846a8ea) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nHancer Support (nHancer) - KSE - Korndorfer Software Engineering - C:\Program Files\nHancer\nHancerService.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files (x86)\Roxio Creator 2009 Ultimate\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files (x86)\Roxio Creator 2009 Ultimate\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8508 bytes

PLEASE...CAN YOU HELP ME NOW???

oh...I disabled all the links with this button but they are still active...I'm sorry for that - how can I disable them now?
(and sorry for double-posting but I can't edit my post!!!)

[Shaba]

Hi plutomaniac

To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

You will now be presented with a screen similar to the one below:



5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply.

[plutomaniac]

I dont knwo why you need that but you are helping me so you must always be right. Here it is:

3D Sound Back Beta0.1
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1.2
Adobe Shockwave Player 11.5
Apple Software Update
AusLogics Disk Defrag
AusLogics Registry Cleaner
Belarc Advisor 7.2
CCleaner (remove only)
Choice Guard
CoffeeCup HTML Editor 2008
ConvertHelper 2.2
DH Mobility Modder.NET nVidia Edition
DHTML Editing Component
DirectX 9 Runtime
Driver Sweeper 1.5.5
EA Download Manager
ERUNT 1.1j
EVEREST Ultimate Edition v5.01
filehippo.com Update Checker
Flowol 3.1
Flowol More Secondary Mimics
Flowol More Secondary Mimics 2
Flowol Secondary Mimics
Google Earth
Google Earth Plugin
Google Update Helper
Grand Theft Auto IV
HDD Thermometer
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP USB Disk Storage Format Tool
J2SE Runtime Environment 5.0 Update 10
Java(TM) 6 Update 14
Junk Mail filter update
K-Lite Mega Codec Pack 4.8.5
Marvell Miniport Driver
MathType 6
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (Greek) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Greek) 2007
Microsoft Office Groove MUI (Greek) 2007
Microsoft Office InfoPath MUI (Greek) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (Greek) 2007
Microsoft Office Outlook MUI (Greek) 2007
Microsoft Office PowerPoint MUI (Greek) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Greek) 2007
Microsoft Office Proofing (Greek) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (Greek) 2007
Microsoft Office Shared MUI (Greek) 2007
Microsoft Office Word MUI (Greek) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft WSE 3.0 Runtime
MozBackup 1.4.9
Mozilla Firefox (3.0.10)
MSN BackUp 1.3.4
MSVCRT
MSXML 4.0 SP2 (KB954430)
mTC (remove only)
My Drivers 3.31
MyPhoneExplorer
Nasty File Remover v0.72 (remove only)
Notepad++
NVIDIA Display Driver Instrumentation Add-on
NVIDIA PerfHUD
NVIDIA Performance
NVIDIA Performance
NVIDIA PerfSDK
NVIDIA PhysX
NVIDIA System Monitor
NVIDIA System Monitor
NVIDIA System Update
NVIDIA System Update
OpenOffice.org 3.1
PC Wizard 2008.1.871
PDF Password Remover v3.0
PowerISO
QuickTime
Realtek High Definition Audio Driver
Recuva (remove only)
Reversi
Revo Uninstaller 1.83
Rockstar Games Social Club
Roxio Activation Module
Roxio BackOnTrack
Roxio Central
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2009 Ultimate
Roxio Creator 2009 Ultimate
Roxio Disaster Recovery
Roxio File Backup
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969679)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB969682)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office Word 2007 (KB969604)
SmartSound Quicktracks Plugin
Sony Ericsson SS1018 x64 driver v3.5.3.0
Sony Ericsson Themes Creator 4.01
Sony Ericsson W302(c)/S302(c) x64 driver v3.5.3.0
Spelling Dictionaries Support For Adobe Reader 9
SUPER © Version 2009.bld.35 (Jan 5, 2009)
Super Internet TV v7.4
SWF Opener
System Requirements Lab
Texas Instruments PCIxx21/x515/xx12 drivers.
Texas Instruments PCIxx21/x515/xx12 drivers.
The Sims™ 3
Tinker Editor
Unknown Device Identifier 6.01
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office Outlook 2007 (KB969907)
Update for Outlook 2007 Junk Email Filter (kb970012)
Update Service
VAIO Control Center
Veoh Web Player
VirusTotal Uploader
Visual C++ 8.0 Runtime Setup Package (x64)
VLC media player 0.9.9
VobSub v2.23 (Remove Only)
Windows 7 Upgrade Advisor Beta
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker Beta
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner
Windows Live Sync
Windows Live Toolbar
Windows Live Writer
WinRAR 3.80 – Εφαρμογή συμπίεσης και διαχείρισης συμπιεσμένων αρχείων
xNeat Application Builder
Βοηθός εισόδου του Windows Live
Ενημερωμένη έκδοση Microsoft Office Excel 2007 Help (KB963678)
Ενημερωμένη έκδοση Microsoft Office Powerpoint 2007 Help (KB963669)
Ενημερωμένη έκδοση Microsoft Office Word 2007 Help (KB963665)
Εργαλείο αποστολής του Windows Live
Πολυλεξικό Magenta
Συλλογή φωτογραφιών του Windows Live

Some things are in Greek Language - Sorry for that but my Windows Vista Ultiate x64 are in Greek and so...sorry for that - I hope this doesn't make your work harder...

[Shaba]

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

uTorrent


I'd like you to read the this thread.

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Please run a new HijackThis log scan when finished and post the log back here.

[plutomaniac]

here it is without utorrent - I don't have though problems with utorrent because I use this prog very carefully and don't download viruses from it especially because I donwload everything from a closed-trusted Greek Site and files like SP2 For Vista etc... Here:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:37:16 μμ, on 12/6/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Βοηθός εισόδου του Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O8 - Extra context menu item: E&ξαγωγή στο Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Προσθήκη στο ιστολόγιο - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Προσθήκη στο ιστολόγιο στο Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Αποστολή στο OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Α&ποστολή στο OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://sas.zone.msn.com
O15 - Trusted Zone: www.msn.com
O15 - Trusted Zone: http://zone.msn.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate1c9b5cf9846a8ea) (gupdate1c9b5cf9846a8ea) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nHancer Support (nHancer) - KSE - Korndorfer Software Engineering - C:\Program Files\nHancer\nHancerService.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files (x86)\Roxio Creator 2009 Ultimate\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files (x86)\Roxio Creator 2009 Ultimate\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8590 bytes

and also:

3D Sound Back Beta0.1
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.1.2
Adobe Shockwave Player 11.5
Apple Software Update
AusLogics Disk Defrag
AusLogics Registry Cleaner
Belarc Advisor 7.2
CCleaner (remove only)
Choice Guard
CoffeeCup HTML Editor 2008
ConvertHelper 2.2
DH Mobility Modder.NET nVidia Edition
DHTML Editing Component
DirectX 9 Runtime
Driver Sweeper 1.5.5
EA Download Manager
ERUNT 1.1j
EVEREST Ultimate Edition v5.01
filehippo.com Update Checker
Flowol 3.1
Flowol More Secondary Mimics
Flowol More Secondary Mimics 2
Flowol Secondary Mimics
Google Earth
Google Earth Plugin
Google Update Helper
Grand Theft Auto IV
HDD Thermometer
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP USB Disk Storage Format Tool
J2SE Runtime Environment 5.0 Update 10
Java(TM) 6 Update 14
Junk Mail filter update
K-Lite Mega Codec Pack 4.8.5
Marvell Miniport Driver
MathType 6
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (Greek) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Greek) 2007
Microsoft Office Groove MUI (Greek) 2007
Microsoft Office InfoPath MUI (Greek) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (Greek) 2007
Microsoft Office Outlook MUI (Greek) 2007
Microsoft Office PowerPoint MUI (Greek) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Greek) 2007
Microsoft Office Proofing (Greek) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (Greek) 2007
Microsoft Office Shared MUI (Greek) 2007
Microsoft Office Word MUI (Greek) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft WSE 3.0 Runtime
MozBackup 1.4.9
Mozilla Firefox (3.0.10)
MSN BackUp 1.3.4
MSVCRT
MSXML 4.0 SP2 (KB954430)
mTC (remove only)
My Drivers 3.31
MyPhoneExplorer
Nasty File Remover v0.72 (remove only)
Notepad++
NVIDIA Display Driver Instrumentation Add-on
NVIDIA PerfHUD
NVIDIA Performance
NVIDIA Performance
NVIDIA PerfSDK
NVIDIA PhysX
NVIDIA System Monitor
NVIDIA System Monitor
NVIDIA System Update
NVIDIA System Update
OpenOffice.org 3.1
PC Wizard 2008.1.871
PDF Password Remover v3.0
PowerISO
QuickTime
Realtek High Definition Audio Driver
Recuva (remove only)
Reversi
Revo Uninstaller 1.83
Rockstar Games Social Club
Roxio Activation Module
Roxio BackOnTrack
Roxio Central
Roxio CinePlayer
Roxio CinePlayer Decoder Pack
Roxio Creator 2009 Ultimate
Roxio Creator 2009 Ultimate
Roxio Disaster Recovery
Roxio File Backup
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969679)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB969682)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office Word 2007 (KB969604)
SmartSound Quicktracks Plugin
Sony Ericsson SS1018 x64 driver v3.5.3.0
Sony Ericsson Themes Creator 4.01
Sony Ericsson W302(c)/S302(c) x64 driver v3.5.3.0
Spelling Dictionaries Support For Adobe Reader 9
SUPER © Version 2009.bld.35 (Jan 5, 2009)
Super Internet TV v7.4
SWF Opener
System Requirements Lab
Texas Instruments PCIxx21/x515/xx12 drivers.
Texas Instruments PCIxx21/x515/xx12 drivers.
The Sims™ 3
Tinker Editor
Unknown Device Identifier 6.01
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office Outlook 2007 (KB969907)
Update for Outlook 2007 Junk Email Filter (kb970012)
Update Service
VAIO Control Center
Veoh Web Player
VirusTotal Uploader
Visual C++ 8.0 Runtime Setup Package (x64)
VLC media player 0.9.9
VobSub v2.23 (Remove Only)
Windows 7 Upgrade Advisor Beta
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker Beta
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner
Windows Live Sync
Windows Live Toolbar
Windows Live Writer
WinRAR 3.80 – Εφαρμογή συμπίεσης και διαχείρισης συμπιεσμένων αρχείων
xNeat Application Builder
Βοηθός εισόδου του Windows Live
Ενημερωμένη έκδοση Microsoft Office Excel 2007 Help (KB963678)
Ενημερωμένη έκδοση Microsoft Office Powerpoint 2007 Help (KB963669)
Ενημερωμένη έκδοση Microsoft Office Word 2007 Help (KB963665)
Εργαλείο αποστολής του Windows Live
Πολυλεξικό Magenta
Συλλογή φωτογραφιών του Windows Live

[Shaba]

That doesn't matter as it is against forum rules.

• Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<< will be maximized) and info.txt (<< will be minimized)

[plutomaniac]

Log.txt:

Logfile of random's system information tool 1.06 (written by random/random)
Run by PLATO at 2009-06-12 19:14:52
Microsoft® Windows Vista™ Ultimate Service Pack 1
System drive C: has 5 GB (3%) free of 181 GB
Total RAM: 3070 MB (31% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:14:57 μμ, on 12/6/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\PLATO\Desktop\RSIT.exe
C:\Program Files (x86)\Trend Micro\HijackThis\PLATO.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Βοηθός εισόδου του Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O8 - Extra context menu item: E&ξαγωγή στο Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Προσθήκη στο ιστολόγιο - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Προσθήκη στο ιστολόγιο στο Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Αποστολή στο OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Α&ποστολή στο OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O15 - Trusted Zone: http://sas.zone.msn.com
O15 - Trusted Zone: www.msn.com
O15 - Trusted Zone: http://zone.msn.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Roxio SAIB Service (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269) - Unknown owner - C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate1c9b5cf9846a8ea) (gupdate1c9b5cf9846a8ea) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nHancer Support (nHancer) - KSE - Korndorfer Software Engineering - C:\Program Files\nHancer\nHancerService.exe
O23 - Service: Performance Service (nTuneService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Roxio UPnP Renderer 11 - Sonic Solutions - C:\Program Files (x86)\Roxio Creator 2009 Ultimate\Digital Home 11\RoxioUPnPRenderer11.exe
O23 - Service: Roxio Upnp Server 11 - Sonic Solutions - C:\Program Files (x86)\Roxio Creator 2009 Ultimate\Digital Home 11\RoxioUpnpService11.exe
O23 - Service: LiveShare P2P Server 11 (RoxLiveShare11) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe
O23 - Service: RoxMediaDB11 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe
O23 - Service: Roxio Hard Drive Watcher 11 (RoxWatch11) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8502 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachine.job
C:\Windows\tasks\User_Feed_Synchronization-{0ACF17B2-3840-4C7F-BB24-6E984D5BA8FF}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Βοηθός εισόδου του Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-06-05 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - Veoh Web Player Video Finder - C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll [2009-03-26 429816]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"DisableStatusMessages"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoStartMenuMorePrograms"=0
"StartMenuLogOff"=0
"TaskbarNoThumbnail"=0
"HideSCABattery"=0
"HideSCANetwork"=0
"HideSCAVolume"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\AutoRun\command - H:\Autorun\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2c285f63-1d2b-11de-8d4f-806e6f6e6963}]
shell\AutoRun\command - wd_windows_tools\WDSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a2060f9-2812-11de-816a-001a80fa1571}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\strongkey.exe
shell\default\command - F:\strongkey.exe


======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1
.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-06-12 19:08:27 ----D---- C:\rsit
2009-06-12 00:40:24 ----D---- C:\Program Files (x86)\Trend Micro
2009-06-12 00:31:01 ----D---- C:\Program Files (x86)\ERUNT
2009-06-11 21:13:46 ----D---- C:\Program Files (x86)\VirusTotalUploader
2009-06-11 14:27:38 ----D---- C:\ProgramData\Windows Genuine Advantage
2009-06-11 01:33:02 ----A---- C:\Windows\system32\mshtml.dll
2009-06-11 01:32:58 ----A---- C:\Windows\system32\ieframe.dll
2009-06-11 01:32:56 ----A---- C:\Windows\system32\iertutil.dll
2009-06-11 01:32:55 ----A---- C:\Windows\system32\urlmon.dll
2009-06-11 01:32:54 ----A---- C:\Windows\system32\wininet.dll
2009-06-11 01:32:53 ----A---- C:\Windows\system32\iedkcs32.dll
2009-06-11 01:32:51 ----A---- C:\Windows\system32\jsproxy.dll
2009-06-11 01:32:51 ----A---- C:\Windows\system32\ieui.dll
2009-06-11 01:32:50 ----A---- C:\Windows\system32\ie4uinit.exe
2009-06-11 01:32:48 ----A---- C:\Windows\system32\iesetup.dll
2009-06-11 01:32:48 ----A---- C:\Windows\system32\iernonce.dll
2009-06-11 01:32:03 ----A---- C:\Windows\system32\EncDec.dll
2009-06-11 01:32:01 ----A---- C:\Windows\system32\psisdecd.dll
2009-06-11 01:31:46 ----A---- C:\Windows\system32\localspl.dll
2009-06-11 01:31:39 ----A---- C:\Windows\system32\rpcrt4.dll
2009-06-10 23:53:37 ----A---- C:\Windows\system32\E3TL.DLL
2009-06-10 23:53:10 ----D---- C:\ProgramData\Zenturi
2009-06-10 21:43:18 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-06-10 20:59:57 ----D---- C:\Windows\TEMP
2009-06-10 19:39:34 ----D---- C:\ProgramData\SecTaskMan
2009-06-10 18:47:11 ----D---- C:\ProgramData\PrevxCSI
2009-06-09 16:56:01 ----D---- C:\Program Files (x86)\Empire Interactive
2009-06-07 18:14:15 ----D---- C:\Program Files (x86)\Gabest
2009-06-06 21:13:04 ----D---- C:\Program Files (x86)\Super Internet TV
2009-06-05 19:40:21 ----D---- C:\ProgramData\Apple Computer
2009-06-05 19:40:21 ----D---- C:\Program Files (x86)\QuickTime
2009-06-05 19:37:35 ----A---- C:\Windows\system32\javaws.exe
2009-06-05 19:37:34 ----A---- C:\Windows\system32\javaw.exe
2009-06-05 19:37:34 ----A---- C:\Windows\system32\java.exe
2009-06-05 13:05:19 ----D---- C:\Program Files (x86)\MSN BackUp
2009-06-03 20:36:11 ----RHD---- C:\MSOCache
2009-06-03 18:16:05 ----D---- C:\Program Files (x86)\xNeat Application Builder
2009-06-03 10:42:13 ----A---- C:\Windows\system32\Ilda32.dll
2009-06-03 10:42:13 ----A---- C:\Windows\system32\BORLNDMM.DLL
2009-06-03 10:42:10 ----D---- C:\Program Files (x86)\CoffeeCup Software
2009-06-01 22:18:15 ----D---- C:\ProgramData\Electronic Arts
2009-06-01 22:14:59 ----D---- C:\Program Files (x86)\Microsoft WSE
2009-06-01 22:03:33 ----D---- C:\Program Files (x86)\Electronic Arts
2009-06-01 12:53:43 ----D---- C:\Program Files (x86)\KamLex
2009-06-01 11:25:31 ----A---- C:\Windows\system32\zoneoc.dll
2009-06-01 10:31:23 ----A---- C:\Windows\kk.ini
2009-06-01 10:30:34 ----D---- C:\Program Files (x86)\ReflexiveArcade
2009-06-01 08:27:59 ----D---- C:\Program Files (x86)\DriveKey
2009-05-31 12:05:50 ----D---- C:\ProgramData\ESET
2009-05-30 23:48:29 ----A---- C:\Windows\wininit.ini
2009-05-30 18:24:09 ----D---- C:\ProgramData\Apple
2009-05-30 18:24:09 ----D---- C:\Program Files (x86)\Apple Software Update
2009-05-29 14:28:22 ----D---- C:\Users\PLATO\AppData\Roaming\Auslogics
2009-05-29 12:51:44 ----D---- C:\Program Files (x86)\mTC
2009-05-27 16:04:00 ----A---- C:\Windows\system32\nvwgf2um.dll
2009-05-27 16:04:00 ----A---- C:\Windows\system32\nvoglv32.dll
2009-05-27 16:04:00 ----A---- C:\Windows\system32\nvencodemft.dll
2009-05-27 16:04:00 ----A---- C:\Windows\system32\nvdecodemft.dll
2009-05-27 16:04:00 ----A---- C:\Windows\system32\nvd3dum.dll
2009-05-27 16:04:00 ----A---- C:\Windows\system32\nvcuvid.dll
2009-05-27 16:04:00 ----A---- C:\Windows\system32\nvcuvenc.dll
2009-05-27 16:04:00 ----A---- C:\Windows\system32\nvcuda.dll
2009-05-27 16:04:00 ----A---- C:\Windows\system32\nvapi.dll
2009-05-24 13:29:36 ----D---- C:\Program Files (x86)\TimeAdjuster
2009-05-23 12:34:37 ----D---- C:\Program Files (x86)\WinRAR
2009-05-23 10:55:39 ----D---- C:\Program Files (x86)\DAMN NFO Viewer
2009-05-22 18:44:19 ----D---- C:\Users\PLATO\AppData\Roaming\MyPhoneExplorer
2009-05-22 18:43:56 ----D---- C:\Program Files (x86)\MyPhoneExplorer
2009-05-22 11:42:30 ----D---- C:\ProgramData\ABBYY
2009-05-21 15:12:11 ----AD---- C:\ProgramData\TEMP
2009-05-21 13:16:34 ----D---- C:\Windows\Java
2009-05-21 13:16:22 ----D---- C:\Program Files (x86)\PC Wizard 2008
2009-05-18 09:50:00 ----D---- C:\Users\PLATO\AppData\Roaming\nHancer
2009-05-18 09:48:29 ----D---- C:\ProgramData\nHancer
2009-05-16 14:36:29 ----D---- C:\Program Files (x86)\NVIDIA nTune Performance Application
2009-05-16 14:02:05 ----D---- C:\Program Files (x86)\MobilityDotNETnV
2009-05-14 19:12:23 ----D---- C:\Windows\pss
2009-05-14 14:03:07 ----A---- C:\Windows\system32\everest_cpl.ini
2009-05-14 13:57:19 ----D---- C:\Program Files (x86)\Lavalys
2009-05-13 21:03:44 ----D---- C:\Users\PLATO\AppData\Roaming\Download Manager

======List of files/folders modified in the last 1 months======

2009-06-12 19:14:56 ----D---- C:\Users\PLATO\AppData\Roaming\uTorrent
2009-06-12 19:12:29 ----D---- C:\Windows\Prefetch
2009-06-12 01:26:15 ----D---- C:\Windows\system32\drivers
2009-06-12 00:40:24 ----RD---- C:\Program Files (x86)
2009-06-11 21:01:31 ----SHD---- C:\System Volume Information
2009-06-11 16:20:46 ----SHD---- C:\Windows\Installer
2009-06-11 16:20:41 ----D---- C:\Users\PLATO\AppData\Roaming\Media Player Classic
2009-06-11 15:03:12 ----D---- C:\Windows
2009-06-11 14:41:38 ----RD---- C:\Users
2009-06-11 14:40:52 ----D---- C:\Windows\Debug
2009-06-11 14:32:33 ----RD---- C:\Program Files
2009-06-11 14:31:43 ----D---- C:\Windows\SysWOW64
2009-06-11 14:27:38 ----HD---- C:\ProgramData
2009-06-11 11:28:52 ----D---- C:\Windows\System32
2009-06-11 11:28:52 ----D---- C:\Windows\inf
2009-06-11 09:55:01 ----D---- C:\Windows\winsxs
2009-06-11 09:41:59 ----D---- C:\Program Files (x86)\Mozilla Firefox
2009-06-11 09:41:51 ----SD---- C:\Users\PLATO\AppData\Roaming\Microsoft
2009-06-11 09:41:49 ----D---- C:\ProgramData\avg8
2009-06-11 01:55:28 ----D---- C:\Windows\Microsoft.NET
2009-06-11 01:52:08 ----D---- C:\Windows\system32\migration
2009-06-11 01:52:08 ----D---- C:\Program Files (x86)\Internet Explorer
2009-06-11 01:52:02 ----D---- C:\Windows\ehome
2009-06-11 01:49:18 ----D---- C:\ProgramData\Microsoft Help
2009-06-11 01:00:53 ----D---- C:\ProgramData\NVIDIA
2009-06-11 00:01:06 ----SD---- C:\Windows\Downloaded Program Files
2009-06-10 23:59:29 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2009-06-09 17:13:48 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2009-06-09 16:29:17 ----HD---- C:\$AVG8.VAULT$
2009-06-08 18:44:25 ----D---- C:\Program Files (x86)\NCBuy
2009-06-08 18:32:18 ----D---- C:\Program Files (x86)\Notepad++
2009-06-06 18:56:30 ----D---- C:\Program Files (x86)\AGEIA Technologies
2009-06-06 15:03:12 ----D---- C:\Program Files (x86)\Common Files\Sonic Shared
2009-06-05 19:37:10 ----A---- C:\Windows\system32\deploytk.dll
2009-06-03 11:34:25 ----D---- C:\Program Files (x86)\Auslogics
2009-06-03 11:34:03 ----D---- C:\ProgramData\HDD Thermometer
2009-06-02 23:51:50 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2009-06-01 22:15:05 ----RSD---- C:\Windows\assembly
2009-06-01 20:38:44 ----D---- C:\Users\PLATO\AppData\Roaming\Notepad++
2009-06-01 11:05:07 ----D---- C:\Windows\Help
2009-05-31 09:24:48 ----D---- C:\Program Files (x86)\Common Files
2009-05-30 18:36:45 ----D---- C:\Users\PLATO\AppData\Roaming\dvdcss
2009-05-30 16:18:08 ----D---- C:\Program Files (x86)\Google
2009-05-30 10:06:36 ----D---- C:\Users\PLATO\AppData\Roaming\vlc
2009-05-29 14:05:01 ----RSD---- C:\Windows\Fonts
2009-05-29 14:04:43 ----D---- C:\Program Files (x86)\OpenOffice.org 3
2009-05-29 13:52:48 ----D---- C:\Program Files (x86)\uTorrent
2009-05-29 12:52:13 ----D---- C:\Program Files (x86)\Sony Ericsson
2009-05-22 17:29:39 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2009-05-20 17:13:00 ----D---- C:\Users\PLATO\AppData\Roaming\WinRAR
2009-05-14 19:22:26 ----A---- C:\Windows\system32\nvRegDev.dll
2009-05-14 19:22:26 ----A---- C:\Windows\system32\nvPerfSDKUtil.dll
2009-05-14 19:22:01 ----A---- C:\Windows\system32\nvPerfHUDUtil.dll
2009-05-14 19:19:59 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2009-05-14 18:36:10 ----D---- C:\Program Files (x86)\Sony
2009-05-13 20:26:05 ----A---- C:\Windows\Lexicon.ini
2009-05-13 14:53:46 ----D---- C:\ProgramData\InstallShield
2009-05-13 10:44:29 ----D---- C:\Program Files (x86)\Windows Mail

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 SaibVdAd64;Virtual Disk Driver; C:\Windows\System32\Drivers\SaibVdAd64.sys []
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys []
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys []
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys []
R2 NVR0FLASHDev;NVR0FLASHDev; \??\C:\Windows\nvflsh64.sys [2009-01-07 40992]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys []
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
R3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw5v64.sys []
R3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 NVR0Dev;NVR0Dev; \??\C:\Windows\nvoclk64.sys [2009-01-06 40480]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\DRIVERS\SFEP.sys []
R3 ti21sony;ti21sony; C:\Windows\system32\drivers\ti21sony.sys []
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x64.sys []
S1 RxFilter;RxFilter; C:\Windows\system32\drivers\RxFilter.sys [2008-08-11 65520]
S1 SonyFanC;FAN Control Device Service; C:\Windows\system32\drivers\SonyFanC.sys [2000-08-22 44504]
S3 arjtquwk;arjtquwk; C:\Windows\system32\drivers\arjtquwk.sys []
S3 cpuz129;cpuz129; \??\C:\Program Files (x86)\PC Wizard 2008\pcwiz64.sys [2008-01-25 17384]
S3 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x64.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys []
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
S3 NETw4v64;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\NETw4v64.sys []
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys []
S3 SS1018mdm;Sony Ericsson Mobile Device Full USB Driver; C:\Windows\system32\DRIVERS\SS1018mdm_x64.sys []
S3 WimFltr;WimFltr; C:\Windows\system32\drivers\WimFltr.sys [2008-04-09 128104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service; C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [2008-08-01 125424]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2009-02-06 727720]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2009-02-27 1461520]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-02-11 354840]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nHancer;nHancer Support; C:\Program Files\nHancer\nHancerService.exe [2009-04-26 39424]
R2 nTuneService;Performance Service; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [2009-01-06 255008]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2009-02-27 830224]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 UpdateCenterService;Update Center Service; C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe [2009-01-07 169504]
S2 gupdate1c9b5cf9846a8ea;Google Update Service (gupdate1c9b5cf9846a8ea); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-04-05 133104]
S2 Roxio Upnp Server 11;Roxio Upnp Server 11; C:\Program Files (x86)\Roxio Creator 2009 Ultimate\Digital Home 11\RoxioUpnpService11.exe [2008-08-14 367088]
S2 RoxLiveShare11;LiveShare P2P Server 11; C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe [2008-08-14 309744]
S2 RoxWatch11;Roxio Hard Drive Watcher 11; C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe [2008-08-14 170480]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2009-02-06 23296]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
S3 fsssvc;Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11; C:\Program Files (x86)\Roxio Creator 2009 Ultimate\Digital Home 11\RoxioUPnPRenderer11.exe [2008-08-14 313840]
S3 RoxMediaDB11;RoxMediaDB11; C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [2008-08-14 1124848]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []

-----------------EOF-----------------
I think these files are bad:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3a2060f9-2812-11de-816a-001a80fa1571}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\strongkey.exe
shell\default\command - F:\strongkey.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
shell\AutoRun\command - H:\Autorun\Autorun.exe

Info.txt:

info.txt logfile of random's system information tool 1.06 2009-06-12 19:08:40

======Uninstall list======

-->C:\Windows\SysWOW64\\MSIEXEC.EXE /x {7B91CBFD-0671-4819-9724-CABE3014E886}
-->MsiExec /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
3D Sound Back Beta0.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{39DB116F-E088-486F-B13C-8925ECE7A6E5}\setup.exe" -removeonly
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
Adobe Shockwave Player 11.5-->C:\Windows\system32\Adobe\uninstaller.exe
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AusLogics Disk Defrag-->"C:\Program Files (x86)\Auslogics\AusLogics Disk Defrag\unins000.exe"
AusLogics Registry Cleaner-->"C:\Program Files (x86)\Auslogics\AusLogics Registry Cleaner\unins000.exe"
Belarc Advisor 7.2-->C:\PROGRA~2\Belarc\Advisor\Uninstall.exe C:\PROGRA~2\Belarc\Advisor\INSTALL.LOG
CCleaner (remove only)-->"C:\Program Files (x86)\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
CoffeeCup HTML Editor 2008-->C:\PROGRA~2\COFFEE~1\UNWISE.EXE C:\PROGRA~2\COFFEE~1\INSTALL.LOG
ConvertHelper 2.2-->"C:\Program Files (x86)\ConvertHelper\unins000.exe"
DH Mobility Modder.NET nVidia Edition-->C:\Program Files (x86)\MobilityDotNETnV\Uninstall.exe
DHTML Editing Component-->MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0}
DirectX 9 Runtime-->MsiExec.exe /I{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}
Driver Sweeper 1.5.5-->"C:\Program Files (x86)\Driver Sweeper\unins000.exe"
EA Download Manager-->C:\Program Files (x86)\Electronic Arts\EADM\Uninstall.exe
ERUNT 1.1j-->"C:\Program Files (x86)\ERUNT\unins000.exe"
EVEREST Ultimate Edition v5.01-->"C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\unins000.exe"
filehippo.com Update Checker-->"C:\Program Files (x86)\filehippo.com\uninstall.exe"
Flowol 3.1-->MsiExec.exe /I{2F07D8DD-89E1-4042-BF12-F1661B8A1A75}
Flowol More Secondary Mimics 2-->MsiExec.exe /I{5E834C5C-EBF3-4623-AFE9-5D25F924E45D}
Flowol More Secondary Mimics-->MsiExec.exe /I{2213BB04-097F-428E-8F05-1E408BF7F3A0}
Flowol Secondary Mimics-->MsiExec.exe /I{B36A46BD-050E-4072-8AE0-66E29B5148B2}
Google Earth Plugin-->MsiExec.exe /I{CFA3D1B0-415C-11DE-8251-005056806466}
Google Earth-->MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Grand Theft Auto IV-->"C:\Program Files (x86)\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly
HDD Thermometer-->C:\Program Files (x86)\HDD Thermometer\uninstall.exe
HijackThis 2.0.2-->"C:\Users\PLATO\Documents\Πλάτωνας\Προγράμματα\Προγράμματα Προστασίας\TrendMicro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""
HP USB Disk Storage Format Tool-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}\Setup.exe" -l0x9 anything
J2SE Runtime Environment 5.0 Update 10-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
Java(TM) 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
K-Lite Mega Codec Pack 4.8.5-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Marvell Miniport Driver-->C:\Program Files (x86)\Marvell\Miniport Driver\Uninst.exe
MathType 6-->"C:\Program Files (x86)\MathType\Setup.exe" -R
Microsoft Games for Windows - LIVE -->MsiExec.exe /X{4D243BA7-9AC4-46D1-90E5-EEB88974F501}
Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{05B49229-22A2-4F88-842A-BBC2EBE1CCF6}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Greek) 2007-->MsiExec.exe /X{90120000-0015-0408-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Greek) 2007-->MsiExec.exe /X{90120000-0016-0408-0000-0000000FF1CE}
Microsoft Office Groove MUI (Greek) 2007-->MsiExec.exe /X{90120000-00BA-0408-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Greek) 2007-->MsiExec.exe /X{90120000-0044-0408-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (Greek) 2007-->MsiExec.exe /X{90120000-00A1-0408-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Greek) 2007-->MsiExec.exe /X{90120000-001A-0408-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Greek) 2007-->MsiExec.exe /X{90120000-0018-0408-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Greek) 2007-->MsiExec.exe /X{90120000-001F-0408-0000-0000000FF1CE}
Microsoft Office Proofing (Greek) 2007-->MsiExec.exe /X{90120000-002C-0408-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Publisher MUI (Greek) 2007-->MsiExec.exe /X{90120000-0019-0408-0000-0000000FF1CE}
Microsoft Office Shared MUI (Greek) 2007-->MsiExec.exe /X{90120000-006E-0408-0000-0000000FF1CE}
Microsoft Office Word MUI (Greek) 2007-->MsiExec.exe /X{90120000-001B-0408-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
MozBackup 1.4.9-->C:\Program Files (x86)\MozBackup\Uninstall.exe
Mozilla Firefox (3.0.10)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSN BackUp 1.3.4-->C:\Program Files (x86)\MSN BackUp\uninst.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
mTC (remove only)-->"C:\Program Files (x86)\mTC\mtc-uninst.exe"
My Drivers 3.31-->"C:\Program Files (x86)\My Drivers\unins000.exe"
MyPhoneExplorer-->C:\Program Files (x86)\MyPhoneExplorer\uninstall.exe
Nasty File Remover v0.72 (remove only)-->"C:\Program Files (x86)\NFR\unins_NFR.exe"
Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
NVIDIA Display Driver Instrumentation Add-on-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{80C77B6E-39EC-4DFB-A5B0-025D221B5EA8}\setup.exe" -l0x9
NVIDIA PerfHUD-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{70A66934-9248-4B31-A71A-E1E4239F7BC6}\setup.exe" -l0x9
NVIDIA Performance-->"C:\Program Files (x86)\InstallShield Installation Information\{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}\setup.exe" -runfromtemp -l0x0408 -removeonly
NVIDIA Performance-->MsiExec.exe /I{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}
NVIDIA PerfSDK-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{41B6EF3E-C5D2-4196-B915-7DDD8842F8C0}\setup.exe" -l0x9
NVIDIA PhysX-->MsiExec.exe /X{B83FC356-B7C0-441F-8A4D-D71E088E7974}
NVIDIA System Monitor-->"C:\Program Files (x86)\InstallShield Installation Information\{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}\setup.exe" -runfromtemp -l0x0408 -removeonly
NVIDIA System Monitor-->MsiExec.exe /I{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}
NVIDIA System Update-->"C:\Program Files (x86)\InstallShield Installation Information\{6F69C969-2942-4E7B-B594-75B37664B8BA}\setup.exe" -runfromtemp -l0x0408 -removeonly
NVIDIA System Update-->MsiExec.exe /I{6F69C969-2942-4E7B-B594-75B37664B8BA}
OpenOffice.org 3.1-->MsiExec.exe /I{A16B3EA2-8798-4960-8D8B-18D3149AD617}
PC Wizard 2008.1.871-->"C:\Program Files (x86)\PC Wizard 2008\unins000.exe"
PDF Password Remover v3.0-->"C:\Program Files (x86)\PDF Password Remover v3.0\unins000.exe"
PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe"
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Recuva (remove only)-->"C:\Program Files (x86)\Recuva\uninst.exe"
Reversi-->MsiExec.exe /I{169C556D-38B7-45AD-89D6-9E2C9B9DC29F}
Revo Uninstaller 1.83-->C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe
Rockstar Games Social Club-->"C:\Program Files (x86)\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly
Roxio Activation Module-->MsiExec.exe /I{1D53B6F9-E66E-42D8-A221-4FF8AC134FD7}
Roxio BackOnTrack-->MsiExec.exe /I{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}
Roxio Central-->MsiExec.exe /I{3383136B-4F86-4F05-8612-DD4BB16A1EAE}
Roxio CinePlayer Decoder Pack-->MsiExec.exe /I{C0FE37FA-0886-4B66-B01B-76CF70FB77AB}
Roxio CinePlayer-->MsiExec.exe /I{AA749D64-3741-4D5F-B804-B0BC05D179D1}
Roxio Creator 2009 Ultimate-->C:\ProgramData\Uninstall\{7919D8D9-69FB-4E94-B330-04C4AF251867}\setup.exe /x {7919D8D9-69FB-4E94-B330-04C4AF251867}
Roxio Creator 2009 Ultimate-->MsiExec.exe /I{09EA3E66-F60C-45EF-9C16-6CA2262E21C4}
Roxio Disaster Recovery-->MsiExec.exe /I{87A83C6F-F53C-448A-B078-FF00E3EAEB29}
Roxio File Backup-->MsiExec.exe /I{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
SmartSound Quicktracks Plugin-->C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Sony Ericsson SS1018 x64 driver v3.5.3.0-->"C:\Program Files (x86)\Sony Ericsson\SS1018\Drivers\uninstall.exe" /ID=SS1018_x64
Sony Ericsson Themes Creator 4.01-->C:\Program Files (x86)\Sony Ericsson\Themes Creator\Uninstall.exe
Sony Ericsson W302(c)/S302(c) x64 driver v3.5.3.0-->"C:\Program Files (x86)\Sony Ericsson\W302_S302\Drivers\uninstall.exe" /ID=2G_FENG_AN_x64
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
SUPER © Version 2009.bld.35 (Jan 5, 2009)-->C:\PROGRA~2\ERIGHT~1\SUPER\Setup.exe /remove /q0
Super Internet TV v7.4-->"C:\Program Files (x86)\Super Internet TV\unins000.exe"
SWF Opener-->"C:\Program Files (x86)\UnH Solutions\SWF Opener\unins000.exe"
System Requirements Lab-->C:\Program Files (x86)\SystemRequirementsLab\Uninstall.exe
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files (x86)\InstallShield Installation Information\{DB780B85-B4B5-4864-A49C-9B706B169C93}\setup.exe -runfromtemp -l0x0409
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files (x86)\InstallShield Installation Information\{F7B05784-334C-4F76-8BAB-30ABEB7FD534}\setup.exe -runfromtemp -l0x0409
The Sims™ 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x0008 -removeonly
Tinker Editor-->MsiExec.exe /I{FED8ABBB-FC3F-45A7-B4F3-23A42E7B1BA1}
Unknown Device Identifier 6.01-->"C:\Program Files (x86)\Unknown Device Identifier\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office Outlook 2007 (KB969907)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {74F98B24-AFBD-4800-9BD6-87D349B5C462}
Update for Outlook 2007 Junk Email Filter (kb970012)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {DC4A962B-9EC2-469C-BC9C-87312ADAEE81}
Update Service-->C:\Program Files (x86)\Sony Ericsson\Update Service\uninst.exe
VAIO Control Center-->"C:\Program Files (x86)\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -runfromtemp -l0x0009 -removeonly
Veoh Web Player-->"C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\uninst.exe"
VirusTotal Uploader-->"C:\Program Files (x86)\VirusTotalUploader\uninstall.exe"
Visual C++ 8.0 Runtime Setup Package (x64)-->MsiExec.exe /I{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}
VLC media player 0.9.9-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
VobSub v2.23 (Remove Only)-->"C:\Program Files (x86)\Gabest\VobSub\uninstall.exe"
Windows 7 Upgrade Advisor Beta-->MsiExec.exe /I{4394DC3A-5DAC-4C80-A86E-FF462D0AD653}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{9EC9D0F4-30DA-40D9-9187-4F8E8054D482}
Windows Live Mail-->MsiExec.exe /I{D9774586-F0BF-462E-94B3-054A2D860475}
Windows Live Messenger-->MsiExec.exe /X{3DB32E25-391D-4151-B683-52F466EB95DE}
Windows Live Movie Maker Beta-->MsiExec.exe /X{521438C4-056C-4ACD-AD80-237AD77B12F3}
Windows Live OneCare safety scanner-->"C:\Program Files (x86)\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Sync-->MsiExec.exe /X{7CEBA0CA-27CD-4D76-BF4D-B0131EA12C61}
Windows Live Toolbar-->MsiExec.exe /X{14001B93-0C6F-4353-8A10-BE96EE174E17}
Windows Live Writer-->MsiExec.exe /X{9D492015-8B58-4EEB-87B3-D2F82AD092A1}
WinRAR 3.80 – Εφαρμογή συμπίεσης και διαχείρισης συμπιεσμένων αρχείων-->C:\Program Files (x86)\WinRAR\uninstall.exe
xNeat Application Builder-->C:\Program Files (x86)\xNeat Application Builder\uninstall.exe
Βοηθός εισόδου του Windows Live-->MsiExec.exe /I{1A08F24B-CA66-4BA9-9933-A9D20A66E8D8}
Ενημερωμένη έκδοση Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0408-0000-0000000FF1CE} /uninstall {08A4BDB3-7A63-4F59-B9FA-EE80ADE88DC2}
Ενημερωμένη έκδοση Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0408-0000-0000000FF1CE} /uninstall {C52A655D-F8AE-485D-908D-62CEC754B6A4}
Ενημερωμένη έκδοση Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0408-0000-0000000FF1CE} /uninstall {054186C0-F351-472E-84E8-D5E16FA08241}
Εργαλείο αποστολής του Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Πολυλεξικό Magenta-->"C:\Windows\Πολυλεξικό Magenta\uninstall.exe" "/U:C:\Program Files (x86)\Πολυλεξικό Magenta\Uninstall\uninstall.xml"
Συλλογή φωτογραφιών του Windows Live-->MsiExec.exe /X{BD642C49-D86F-4871-848E-C4F97BC3A2A9}

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: PLATONAS
Event Code: 7036
Message: Η υπηρεσία Windows Modules Installer έχει μεταβεί σε κατάσταση stopped.
Record Number: 37000
Source Name: Service Control Manager
Time Written: 20090612082642.000000-000
Event Type: Πληροφορίες (Information)
User:

Computer Name: PLATONAS
Event Code: 7036
Message: Η υπηρεσία WinHTTP Web Proxy Auto-Discovery Service έχει μεταβεί σε κατάσταση stopped.
Record Number: 37001
Source Name: Service Control Manager
Time Written: 20090612083245.000000-000
Event Type: Πληροφορίες (Information)
User:

Computer Name: PLATONAS
Event Code: 6013
Message: Ο χρόνος λειτουργίας του συστήματος είναι 92031 δευτερόλεπτα (System Working Time is 92031 Seconds).
Record Number: 37002
Source Name: EventLog
Time Written: 20090612090047.000000-000
Event Type: Πληροφορίες (Information)
User:

Computer Name: PLATONAS
Event Code: 7036
Message: Η υπηρεσία Windows CardSpace έχει μεταβεί σε κατάσταση running.
Record Number: 37003
Source Name: Service Control Manager
Time Written: 20090612120638.000000-000
Event Type: Πληροφορίες (Information)
User:

Computer Name: PLATONAS
Event Code: 7036
Message: Η υπηρεσία Windows CardSpace έχει μεταβεί σε κατάσταση stopped.
Record Number: 37004
Source Name: Service Control Manager
Time Written: 20090612130636.000000-000
Event Type: Πληροφορίες (Information)
User:

=====Application event log=====

Computer Name: PLATONAS
Event Code: 3013
Message: The entry <C:\USERS\PLATO\.HOUSECALL6.6\AU_LOG\TEMPSAVE\4020_4956\2\4\BPMNT.DLL> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Record Number: 6860
Source Name: Microsoft-Windows-Search
Time Written: 20090611222808.000000-000
Event Type: Σφάλμα (Error)
User:

Computer Name: PLATONAS
Event Code: 1015
Message: Event ID 3013 for the Windows Search Service has been suppressed 52 time(s) since 1:28:10 πμ. This event is used to suppress Windows Search Service events that have occurred frequently within a short period of time. See Event ID 3013 for further details on this event.
Record Number: 6861
Source Name: Microsoft-Windows-Search
Time Written: 20090611225759.000000-000
Event Type: Προειδοποίηση (Warning)
User:

Computer Name: PLATONAS
Event Code: 0
Again some things especially at info.txt are in Greek and so I translated some of them for you to understand. For example Πληροφορίες = Information , Προειδοποίηση = Warning , Σφάλμα = Error etc... I also found from these logs some suspicious to me files like autorun.exe , check them please you too so that I know...

[Shaba]

Delete this folder:

C:\Users\PLATO\AppData\Roaming\uTorrent

Empty Recycle Bin.

Please go to Kaspersky website and perform an online antivirus scan.

1. Read through the requirements and privacy statement and click on Accept button.
2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
3. When the downloads have finished, click on Settings.
4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
   • Spyware, Adware, Dialers, and other potentially dangerous programs
     Archives
     
5. Click on My Computer under Scan.
6. Once the scan is complete, it will display the results. Click on View Scan Report.
7. You will see a list of infected items there. Click on Save Report As....
8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
9. Please post this log in your next reply along with a fresh HijackThis log.

[plutomaniac]

actually I have already done this two days before and it didn't find anything but I'll do it again and tell you If it found anything!

[Shaba]

OK, post back afterwards