Combofix started a updated version when I did this. Hope this worked. I already had Hijack this on my desktop when I followed your directions.
ComboFix 11-04-16.02 - bandit 04/17/2011 7:58.7.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3070.1763 [GMT -4:00]
Running from: c:\users\bandit\Documents\combofix.exe
Command switches used :: c:\users\bandit\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\CFScript.txt
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files\Internet Explorer\PLUGINS\RichFX\Player\nprfxins.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Internet Explorer\PLUGINS\RichFX\Player\nprfxins.dll
c:\programdata\92f7a8
c:\programdata\92f7a8\115722.reg
c:\programdata\92f7a8\BMP.ico
c:\programdata\92f7a8\mcp.ico
c:\users\bandit\AppData\Local\{1729A054-CBC2-43D1-BA88-EBA641FCCE1C}
c:\users\bandit\AppData\Local\{463853B4-7A15-403A-A815-C1E2259B389C}
c:\windows\TEMP\logishrd\LVPrcInj01.dll
.
.
((((((((((((((((((((((((( Files Created from 2011-03-17 to 2011-04-17 )))))))))))))))))))))))))))))))
.
.
2011-04-17 12:04 . 2011-04-17 12:09 -------- d-----w- c:\users\bandit\AppData\Local\temp
2011-04-17 12:04 . 2011-04-17 12:04 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-04-17 12:04 . 2011-04-17 12:04 -------- d-----w- c:\users\IUSR_NMPR\AppData\Local\temp
2011-04-17 12:04 . 2011-04-17 12:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-04-17 11:25 . 2011-04-17 11:25 -------- d-----w- c:\users\bandit\AppData\Local\{9871DB89-ADE3-4CDA-84DB-222C0CAA56A3}
2011-04-16 22:59 . 2011-04-16 22:59 -------- d-----w- c:\users\bandit\AppData\Local\{A0BCB5FF-7895-4FD2-BFCE-663965D284EC}
2011-04-16 10:56 . 2011-04-16 10:56 -------- d-----w- c:\users\bandit\AppData\Local\{846CA33D-1861-4879-B68F-BD2C59B2A27F}
2011-04-15 06:24 . 2011-03-23 14:11 6792528 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{27E251E5-7D14-4A15-86EC-59E4F291E699}\mpengine.dll
2011-04-14 12:13 . 2011-04-14 12:13 -------- d-----w- c:\users\bandit\AppData\Local\{EEB5146B-6B3D-45A7-9265-ECCDBFA5C3D2}
2011-04-13 20:49 . 2011-04-13 20:49 388096 ----a-r- c:\users\bandit\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-04-13 15:23 . 2011-04-13 15:23 -------- d-----w- c:\users\bandit\AppData\Local\{C493ACB2-BEEB-409A-B379-49848A6B4693}
2011-04-12 12:05 . 2010-12-20 22:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-04-12 12:05 . 2011-04-16 11:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-04-12 12:05 . 2010-12-20 22:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-04-12 11:55 . 2011-04-12 11:55 -------- d-----w- c:\users\bandit\AppData\Local\{4AABA6FA-DAE2-4073-8EBB-314FC229AD92}
2011-04-10 03:47 . 2011-04-10 18:58 -------- d-sh--w- c:\programdata\BMOMLEGTCEP
2011-04-09 03:27 . 2011-04-10 15:28 -------- d-----w- c:\users\bandit\AppData\Local\{A15DAA33-3E1F-4155-BF26-8C3550777BA8}
2011-04-07 00:47 . 2011-04-07 00:47 -------- d-----w- c:\users\bandit\AppData\Local\{C1E2E3B1-825A-4990-AB5C-EF0E2C4E25F3}
2011-04-04 19:18 . 2011-04-05 19:19 -------- d-----w- c:\users\bandit\AppData\Local\{D20D988D-B267-4AFA-829D-B50701341537}
2011-04-04 19:11 . 2011-04-10 20:29 -------- d-----w- c:\users\Sawyer
2011-03-23 01:03 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2011-03-23 01:03 . 2011-02-22 13:33 1068544 ----a-w- c:\windows\system32\DWrite.dll
2011-03-23 01:03 . 2011-02-22 13:33 797696 ----a-w- c:\windows\system32\FntCache.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-17 10:35 . 2010-09-28 15:32 137656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-03-10 20:39 . 2010-06-24 15:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-02-22 11:51 . 2010-04-23 10:56 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-02-02 22:11 . 2009-10-03 06:19 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-01-20 16:37 . 2011-02-09 18:37 638336 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2011-01-20 16:08 . 2011-02-09 18:37 478720 ----a-w- c:\windows\system32\dxgi.dll
2011-01-20 16:08 . 2011-02-09 18:37 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2011-01-20 16:08 . 2011-02-09 18:37 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2011-01-20 16:08 . 2011-02-09 18:37 1029120 ----a-w- c:\windows\system32\d3d10.dll
2011-01-20 16:08 . 2011-02-09 18:37 189952 ----a-w- c:\windows\system32\d3d10core.dll
2011-01-20 16:07 . 2011-02-09 18:37 37376 ----a-w- c:\windows\system32\cdd.dll
2011-01-20 16:07 . 2011-02-09 18:37 258048 ----a-w- c:\windows\system32\winspool.drv
2011-01-20 16:07 . 2011-02-09 18:37 586240 ----a-w- c:\windows\system32\stobject.dll
2011-01-20 16:06 . 2011-02-09 18:37 2873344 ----a-w- c:\windows\system32\mf.dll
2011-01-20 16:06 . 2011-02-09 18:37 26112 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll
2011-01-20 16:04 . 2011-02-09 18:37 209920 ----a-w- c:\windows\system32\mfplat.dll
2011-01-20 16:04 . 2011-02-09 18:37 98816 ----a-w- c:\windows\system32\mfps.dll
2011-01-20 14:28 . 2011-02-09 18:37 1554432 ----a-w- c:\windows\system32\xpsservices.dll
2011-01-20 14:27 . 2011-02-09 18:37 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2011-01-20 14:26 . 2011-02-09 18:37 667648 ----a-w- c:\windows\system32\printfilterpipelinesvc.exe
2011-01-20 14:25 . 2011-02-09 18:37 847360 ----a-w- c:\windows\system32\OpcServices.dll
2011-01-20 14:24 . 2011-02-09 18:37 135680 ----a-w- c:\windows\system32\XpsRasterService.dll
2011-01-20 14:15 . 2011-02-09 18:37 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2011-01-20 14:14 . 2011-02-09 18:37 357376 ----a-w- c:\windows\system32\MFHEAACdec.dll
2011-01-20 14:14 . 2011-02-09 18:37 302592 ----a-w- c:\windows\system32\mfmp4src.dll
2011-01-20 14:14 . 2011-02-09 18:37 261632 ----a-w- c:\windows\system32\mfreadwrite.dll
2011-01-20 14:12 . 2011-02-09 18:37 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2011-01-20 14:11 . 2011-02-09 18:37 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2011-01-20 13:47 . 2011-02-09 18:37 683008 ----a-w- c:\windows\system32\d2d1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-11-10 4240760]
"Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-06-02 5451536]
"HPADVISOR"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-08-05 1644088]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2007-04-17 184320]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2008-01-10 92704]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-01-10 8530464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-01-10 88608]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2008-06-02 178712]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-09-22 47904]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-05-08 2780432]
"CTxfiHlp"="CTXFIHLP.EXE" [2008-02-21 23552]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-07 421160]
.
c:\users\Sawyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\users\bandit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-27 715568]
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-1-10 291896]
Snapfish Media Detector.lnk - c:\program files\Snapfish Picture Mover\SnapfishMediaDetector.exe [2007-5-7 1273856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2010-01-19 04:55 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2008-08-22 18688]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2008-08-22 8320]
R3 motport;Motorola USB Diagnostic Port;c:\windows\system32\DRIVERS\motport.sys [2007-06-19 23680]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-10-30 12872]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-10-30 12872]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2010-10-30 67656]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-11-03 135336]
S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
S2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 198240]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2011-01-10 993848]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [2011-01-10 399416]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
S3 TotRec7;Total Recorder WDM audio driver;c:\windows\system32\drivers\TotRec7.sys [2008-04-17 120472]
S3 xcbdaNtsc;ViXS Tuner Card (NTSC);c:\windows\system32\DRIVERS\xcbda.sys [2007-09-07 156928]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2011-04-12 c:\windows\Tasks\HPCeeScheduleForbandit.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-11-14 00:55]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTxfiHlp = CTXFIHLP.EXE?
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3936)
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Microsoft\BingBar\SeaPort.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\RtHDVCpl.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\windows\SYSTEM32\CTXFISPI.EXE
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Logishrd\LQCVFX\COCIManager.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2011-04-17 08:15:05 - machine was rebooted
ComboFix-quarantined-files.txt 2011-04-17 12:15
ComboFix2.txt 2011-04-16 22:24
.
Pre-Run: 373,437,464,576 bytes free
Post-Run: 373,347,594,240 bytes free
.
- - End Of File - - 8B8DE6DA3B09648F240FE9E4E4C5C712
Before Hijack this ran an error message came on about write protect file host that had to be manually deleted. I did not do this I hit ok and Hijact this ran
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:22:27 AM, on 4/17/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Logitech\Logitech Vid\Vid.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\wbem\unsecapp.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\Explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Secunia PSI Tray.lnk = C:\Program Files\Secunia\PSI\psi_tray.exe
O4 - Global Startup: Snapfish Media Detector.lnk = C:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exe
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) -
http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUplden-us.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1257394853137
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) -
http://download.eset.com/special/eos-beta/OnlineScanner.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -
http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) -
http://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-us.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
--
End of file - 11785 bytes