Help - Search - Members - Calendar
Full Version: Ad-aware fails to connect to server
Lavasoft Support Forums > Archived Topics > Archives: Resolved/Inactive Topics > Resolved/Inactive HijackThis Logs
T-rope
Sep 13 2009, 02:40 AM
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:27:17 PM, on 12/09/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16876)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\CDProxyServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\DSentry.exe
C:\WINDOWS\SM1BG.EXE
C:\Program Files\Common Files\Dell\EUSW\Support.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dellnet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dellnet.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 142.165.3.43:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [zBrowser Launcher] "C:\Program Files\Logitech\iTouch\iTouch.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [SM1BG] C:\WINDOWS\SM1BG.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [DwlClient] "C:\Program Files\Common Files\Dell\EUSW\Support.exe"
O4 - HKLM\..\Run: [diagent] "C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe" startup
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} (CFForm Runtime) - http://www.allstrength.tv/CFIDE/classes/CFJava.cab
O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) - http://download.mcafee.com/molbin/Shared/MGBrwFld.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200305...meInstaller.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://bin.mcafee.com/molbin/shared/mcinsc...72/mcinsctl.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://us.games2.yimg.com/download.games.y...ctl_0_0_0_1.ocx
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} (InetDownload Class) - http://217.113.97.37/movies/Components/downloadcontrol.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://bin.mcafee.com/molbin/shared/mcgdmg...,15/mcgdmgr.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O16 - DPF: {CD17FAAA-17B4-4736-AAEF-436EDC304C8C} (ContentAuditX Control) - http://www.contentwatch.com/audit/includes...uditControl.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: prt_drvr - prt_drvr.dll (file missing)
O23 - Service: Plug and Play Device Manager ($sys$DRMServer) - Unknown owner - C:\WINDOWS\system32\$sys$filesystem\$sys$DRMServer.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: XCP CD Proxy (CD_Proxy) - Unknown owner - C:\WINDOWS\CDProxyServ.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe

--
End of file - 11066 bytes
Blade81
Sep 15 2009, 06:35 AM
Hi,

Are you familiar with this proxy setting: 142.165.3.43:80 ?


Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two (2) logs:
    1. DDS.txt
    2. Attach.txt
  • Save both reports to your desktop. Post them back to your topic.
    • T-rope
    Sep 19 2009, 11:32 PM
    Hello,

    Thanks for responding. No, I am not familiar with that proxy setting.

    Here are the logs you requested:

    Internet Explorer: 7.0.5730.11
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1535.576 [GMT -6:00]

    AV: BitDefender Internet Security v10 *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
    AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    FW: BitDefender Internet Security v10 *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

    ============== Running Processes ===============

    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\CDProxyServ.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\System32\CTsvcCDA.exe
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\WINDOWS\System32\MsPMSPSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\BCMSMMSG.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\WINDOWS\System32\DSentry.exe
    C:\WINDOWS\SM1BG.EXE
    C:\Program Files\Common Files\Dell\EUSW\Support.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Creative\SBLive\Diagnostics\diagent.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
    C:\Program Files\Orbitdownloader\orbitdm.exe
    C:\Program Files\Orbitdownloader\orbitnet.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\utorrent\utorrent.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\Downloads\dds.pif

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://www.dellnet.com/
    uDefault_Page_URL = hxxp://www.dellnet.com
    uSearch Bar = hxxp://www.google.com/ie
    uSearch Page = hxxp://www.google.com
    uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    mSearch Bar =
    uInternet Connection Wizard,ShellNext = hxxp://www.dellnet.com/
    uInternet Settings,ProxyOverride = 127.0.0.1;*.local
    uInternet Settings,ProxyServer = 142.165.3.43:80
    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
    BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\program files\orbitdownloader\orbitcth.dll
    BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
    BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
    BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll
    BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
    BHO: 1 (0x1) - No File
    BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
    TB: {BA52B914-B692-46c4-B683-905236F6F655} - No File
    TB: {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No File
    TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
    TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
    TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - c:\program files\orbitdownloader\GrabPro.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
    EB: {90C61707-C8F8-43DB-A25C-C1F4B18EE41E} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
    mRun: [BCMSMMSG] BCMSMMSG.exe
    mRun: [zBrowser Launcher] "c:\program files\logitech\itouch\iTouch.exe"
    mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
    mRun: [UpdReg] c:\windows\UpdReg.EXE
    mRun: [DVDSentry] c:\windows\system32\DSentry.exe
    mRun: [SM1BG] c:\windows\SM1BG.EXE
    mRun: [Logitech Utility] Logi_MwX.Exe
    mRun: [DwlClient] "c:\program files\common files\dell\eusw\Support.exe"
    mRun: [diagent] "c:\program files\creative\sblive\diagnostics\diagent.exe" startup
    mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
    mRun: [Disc Detector] c:\program files\creative\sharedll\CtNotify.exe
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
    uPolicies-explorer: SpecifyDefaultButtons = 0 (0x0)
    mPolicies-explorer: <NO NAME> =
    IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201
    IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204
    IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
    IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203
    IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {00000075-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/voxacm.CAB
    DPF: {02BF25D5-8C17-4B16-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab
    DPF: {072D3F2E-5FB6-11D3-B461-00C04FA35A21} - hxxp://www.allstrength.tv/CFIDE/classes/CFJava.cab
    DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} - hxxp://download.mcafee.com/molbin/Shared/MGBrwFld.cab
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
    DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - c:\program files\yahoo!\common\yinsthelper.dll
    DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://codecs.microsoft.com/codecs/i386/wmv9dmo.cab
    DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cab
    DPF: {41F17733-B041-4099-A042-B518BB6A408C} - hxxp://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe
    DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - hxxp://bin.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,72/mcinsctl.cab
    DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} - hxxp://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
    DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} - hxxp://us.games2.yimg.com/download.games.yahoo.com/games/play/client/exentctl_0_0_0_1.ocx
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab
    DPF: {A3009861-330C-4E10-822B-39D16EC8829D} - hxxp://www.ravantivirus.com/scan/ravonline.cab
    DPF: {A922B6AB-3B87-11D3-B3C2-0008C7DA6CB9} - hxxp://217.113.97.37/movies/Components/downloadcontrol.cab
    DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - hxxp://bin.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,15/mcgdmgr.cab
    DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} - hxxp://simcity.ea.com/play/classic/SimCityX.cab
    DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab
    DPF: {CD17FAAA-17B4-4736-AAEF-436EDC304C8C} - hxxp://www.contentwatch.com/audit/includes/ContentAuditControl.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
    Notify: AtiExtEvent - Ati2evxx.dll
    Notify: avgrsstarter - avgrsstx.dll
    Notify: prt_drvr - prt_drvr.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

    ================= FIREFOX ===================

    FF - ProfilePath - c:\docume~1\trevor~1\applic~1\mozilla\firefox\profilessk6cifv.default\
    FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
    FF - plugin: c:\program files\java\jre1.5.0_01\bin\NPJava11.dll
    FF - plugin: c:\program files\java\jre1.5.0_01\bin\NPJava12.dll
    FF - plugin: c:\program files\java\jre1.5.0_01\bin\NPJava13.dll
    FF - plugin: c:\program files\java\jre1.5.0_01\bin\NPJava14.dll
    FF - plugin: c:\program files\java\jre1.5.0_01\bin\NPJava32.dll
    FF - plugin: c:\program files\java\jre1.5.0_01\bin\NPJPI150_01.dll
    FF - plugin: c:\program files\java\jre1.5.0_01\bin\NPOJI610.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
    FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll
    FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
    FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

    ---- FIREFOX POLICIES ----
    c:\program files\mozilla firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
    c:\program files\mozilla firefox\greprefs\all.js - pref("media.cache_size", 51200);
    c:\program files\mozilla firefox\greprefs\all.js - pref("media.ogg.enabled", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("media.wave.enabled", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
    c:\program files\mozilla firefox\greprefs\all.js - pref("dom.storage.default_quota", 5120);
    c:\program files\mozilla firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.dpi", -1);
    c:\program files\mozilla firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
    c:\program files\mozilla firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
    c:\program files\mozilla firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
    c:\program files\mozilla firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
    c:\program files\mozilla firefox\greprefs\all.js - pref("geo.enabled", true);
    c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
    c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.history", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions", true);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
    c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");

    ============= SERVICES / DRIVERS ===============

    R0 $sys$cor;$sys$cor;c:\windows\system32\drivers\$sys$cor.sys [2004-10-6 10368]
    R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-9-11 64160]
    R0 PrecSim;PrecSim;c:\windows\system32\drivers\precsim.sys [2002-5-22 69600]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-10-27 335240]
    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-10-27 27784]
    R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-8-16 297752]
    R2 CD_Proxy;XCP CD Proxy;c:\windows\CDProxyServ.exe [2004-6-22 167936]
    S1 $sys$crater;$sys$crater;\??\c:\windows\system32\$sys$filesystem\crater.sys --> c:\windows\system32\$sys$filesystem\crater.sys [?]
    S2 $sys$DRMServer;Plug and Play Device Manager;c:\windows\system32\$sys$filesystem\$sys$drmserver.exe --> c:\windows\system32\$sys$filesystem\$sys$DRMServer.exe [?]
    S2 XGFilter;Xinga Macro 2003;c:\windows\system32\drivers\XGFilter.sys [2003-9-23 9472]

    =============== Created Last 30 ================

    2009-09-19 16:21 <DIR> --d-h--- c:\windows\PIF
    2009-09-12 19:22 <DIR> --d----- c:\program files\Trend Micro
    2009-09-11 22:14 64,160 a------- c:\windows\system32\drivers\Lbd.sys
    2009-09-11 22:13 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{EF63305C-BAD7-4144-9208-D65528260864}
    2009-09-11 21:57 <DIR> --d----- c:\program files\##nospam Configuration Utility
    2009-09-11 21:54 <DIR> --d----- c:\program files\iTunes
    2009-09-11 21:54 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{755AC846-7372-4AC8-8550-C52491DAA8BD}
    2009-09-11 19:38 1,089,593 -------- c:\windows\system32\dllcache\ntprint.cat
    2009-09-10 23:24 <DIR> --d----- c:\program files\Ginipic
    2009-09-10 23:21 <DIR> --d----- c:\windows\system32\XPSViewer
    2009-09-10 23:20 597,504 -------- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2009-09-10 23:20 117,760 -------- c:\windows\system32\prntvpt.dll
    2009-09-10 23:20 89,088 -------- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2009-09-10 23:20 1,676,288 -------- c:\windows\system32\xpssvcs.dll
    2009-09-10 23:20 1,676,288 -------- c:\windows\system32\dllcache\xpssvcs.dll
    2009-09-10 23:20 575,488 -------- c:\windows\system32\xpsshhdr.dll
    2009-09-10 23:20 575,488 -------- c:\windows\system32\dllcache\xpsshhdr.dll
    2009-09-10 23:20 <DIR> --d----- C:\6fb9a5876bf735d23fbd477c4c9d5a37
    2009-09-09 10:51 153,088 -------- c:\windows\system32\dllcache\triedit.dll
    2009-09-05 01:54 94,208 a------- c:\windows\system32\QuickTimeVR.qtx
    2009-09-05 01:54 69,632 a------- c:\windows\system32\QuickTime.qts

    ==================== Find3M ====================

    2009-08-16 08:47 11,952 a------- c:\windows\system32\avgrsstx.dll
    2009-08-16 08:47 335,240 a------- c:\windows\system32\drivers\avgldx86.sys
    2009-08-13 09:16 512,000 -------- c:\windows\system32\dllcache\jscript.dll
    2009-08-05 03:01 204,800 a------- c:\windows\system32\mswebdvd.dll
    2009-08-05 03:01 204,800 -------- c:\windows\system32\dllcache\mswebdvd.dll
    2009-07-19 07:33 3,597,824 a------- c:\windows\system32\dllcache\mshtml.dll
    2009-07-19 07:32 6,067,200 -------- c:\windows\system32\dllcache\ieframe.dll
    2009-07-17 13:01 58,880 a------- c:\windows\system32\atl.dll
    2009-07-17 13:01 58,880 -------- c:\windows\system32\dllcache\atl.dll
    2009-07-13 23:43 10,841,088 a------- c:\windows\system32\dllcache\wmp.dll
    2009-07-13 23:43 286,208 a------- c:\windows\system32\wmpdxm.dll
    2009-07-13 23:43 286,208 a------- c:\windows\system32\dllcache\wmpdxm.dll
    2009-07-10 07:27 1,315,328 -------- c:\windows\system32\dllcache\msoe.dll
    2009-06-29 05:07 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
    2009-06-29 05:07 70,656 -------- c:\windows\system32\dllcache\ie4uinit.exe
    2009-06-29 02:35 634,632 -------- c:\windows\system32\dllcache\iexplore.exe
    2009-06-29 02:33 2,452,872 -------- c:\windows\system32\dllcache\ieapfltr.dat
    2009-06-29 02:33 161,792 a------- c:\windows\system32\dllcache\ieakui.dll
    2009-06-25 02:25 730,112 a------- c:\windows\system32\lsasrv.dll
    2009-06-25 02:25 301,568 a------- c:\windows\system32\kerberos.dll
    2009-06-25 02:25 147,456 a------- c:\windows\system32\schannel.dll
    2009-06-25 02:25 136,192 a------- c:\windows\system32\msv1_0.dll
    2009-06-25 02:25 56,832 a------- c:\windows\system32\secur32.dll
    2009-06-25 02:25 54,272 a------- c:\windows\system32\wdigest.dll
    2009-06-25 02:25 730,112 -------- c:\windows\system32\dllcache\lsasrv.dll
    2009-06-25 02:25 301,568 -------- c:\windows\system32\dllcache\kerberos.dll
    2009-06-25 02:25 147,456 -------- c:\windows\system32\dllcache\schannel.dll
    2009-06-25 02:25 136,192 -------- c:\windows\system32\dllcache\msv1_0.dll
    2009-06-25 02:25 56,832 -------- c:\windows\system32\dllcache\secur32.dll
    2009-06-25 02:25 54,272 -------- c:\windows\system32\dllcache\wdigest.dll
    2009-06-24 05:18 92,928 -------- c:\windows\system32\dllcache\ksecdd.sys
    2008-12-31 01:49 60,896 a------- c:\docume~1\trevor~1\applic~1\GDIPFONTCACHEV1.DAT
    2006-05-11 18:35 1,273 ac------ c:\program files\INSTALL.LOG
    2005-01-10 22:08 284 a------- c:\docume~1\trevor~1\applic~1\ViewerApp.dat
    2003-08-27 15:19 36,963 a----r-- c:\program files\common files\SM1updtr.dll
    2005-05-13 18:12 217,073 a--shr-- c:\windows\meta4.exe
    2005-10-24 12:13 66,560 a--shr-- c:\windows\MOTA113.exe
    2005-10-13 22:27 422,400 a--shr-- c:\windows\x2.64.exe
    2005-10-07 20:14 308,224 a--shr-- c:\windows\system32\avisynth.dll
    2005-07-14 13:31 27,648 a--shr-- c:\windows\system32\AVSredirect.dll
    2005-06-26 16:32 616,448 a--shr-- c:\windows\system32\cygwin1.dll
    2005-06-21 23:37 45,568 a--shr-- c:\windows\system32\cygz.dll
    2004-01-25 01:00 70,656 a--shr-- c:\windows\system32\i420vfw.dll
    2007-07-18 21:52 2,516 a--sh--- c:\windows\system32\KGyGaAvL.sys
    2003-09-11 08:36 149,131 a--sh--- c:\windows\system32\rvrd_trp.dat
    2005-12-22 21:23 816,640 a--shr-- c:\windows\system32\smab.dll
    2005-02-28 14:16 240,128 a--shr-- c:\windows\system32\x.264.exe
    2004-01-25 01:00 70,656 a--shr-- c:\windows\system32\yv12vfw.dll
    2008-10-11 17:27 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008101120081012\index.dat

    ============= FINISH: 16:23:06.84 ===============
    T-rope
    Sep 19 2009, 11:33 PM
    DDS (Ver_09-07-30.01)

    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install Date: 02/07/2003 11:43:19 AM
    System Uptime: 09/12/2009 2:16:12 PM (-1942 hours ago)

    Motherboard: Dell Computer Corp. | | 0G0728
    Processor: Intel® Pentium® 4 CPU 2.60GHz | Microprocessor | 2593/800mhz

    ==== Disk Partitions =========================

    A: is Removable
    C: is FIXED (NTFS) - 112 GiB total, 28.091 GiB free.

    ==== Disabled Device Manager Items =============

    Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
    Description: CD-ROM Drive
    Device ID: IDE\CDROMHL-DT-ST_DVD-RAM_GH22LP20_______________1.01____\5&3A22A7D4&0&0.0.0
    Manufacturer: (Standard CD-ROM drives)
    Name: HL-DT-ST DVD-RAM GH22LP20
    PNP Device ID: IDE\CDROMHL-DT-ST_DVD-RAM_GH22LP20_______________1.01____\5&3A22A7D4&0&0.0.0
    Service: cdrom

    Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
    Description: CD-ROM Drive
    Device ID: SCSI\CDROM&VEN_IMAGE&PROD_SIMULATION&REV_1.0G\1&2AFD7D61&2&000
    Manufacturer: (Standard CD-ROM drives)
    Name: Image Simulation SCSI CdRom Device
    PNP Device ID: SCSI\CDROM&VEN_IMAGE&PROD_SIMULATION&REV_1.0G\1&2AFD7D61&2&000
    Service: cdrom

    ==== System Restore Points ===================

    No restore point in system.

    ==== Installed Programs ======================


    µTorrent
    Acrobat.com
    Ad-Aware
    Adobe AIR
    Adobe Anchor Service CS3
    Adobe Asset Services CS3
    Adobe Bridge CS3
    Adobe Bridge Start Meeting
    Adobe Camera Raw 4.0
    Adobe CMaps
    Adobe Color - Photoshop Specific
    Adobe Color Common Settings
    Adobe Color EU Extra Settings
    Adobe Color JA Extra Settings
    Adobe Color NA Recommended Settings
    Adobe Default Language CS3
    Adobe Device Central CS3
    Adobe Download Manager 2.0 (Remove Only)
    Adobe ExtendScript Toolkit 2
    Adobe Flash Player 10 Plugin
    Adobe Fonts All
    Adobe Help Viewer CS3
    Adobe Linguistics CS3
    Adobe PDF Library Files
    Adobe Photoshop CS3
    Adobe Reader 9.1.1
    Adobe Setup
    Adobe Stock Photos CS3
    Adobe Type Support
    Adobe Update Manager CS3
    Adobe Version Cue CS3 Client
    Adobe WinSoft Linguistics Plugin
    Adobe XMP Panels CS3
    Adobe® Photoshop® Album Starter Edition 3.0
    AnyDVD
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Ask Toolbar
    ATI - Software Uninstall Utility
    ATI Control Panel
    ATI Display Driver
    ATI HYDRAVISION
    ATI Parental Control & Encoder
    ATI Problem Report Wizard
    AVG Free 8.5
    Battlefield 1942
    BCM V.92 56K Modem
    Bonjour
    Britannica Ready Reference
    CCleaner (remove only)
    CDRWIN 5
    Classic PhoneTools
    coverXP (remove only)
    Critical Update for Windows Media Player 11 (KB959772)
    Cypress USB Mass Storage Driver Installation
    DAO
    Dell Driver Reset Tool
    Dell Picture Studio - Dell Image Expert
    Dell ResourceCD
    Dell Solution Center
    Dell Support 5.0.0 (766)
    DivX Codec
    DVD Decrypter (Remove Only)
    DVD Shrink 3.2
    DVDSentry
    eMusic Download Manager
    ffdshow [rev 2073] [2008-08-11]
    FLV Player 1.3.3
    Ginipic
    Google Toolbar for Internet Explorer
    Help and Support Customization
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    hp deskjet 3820 series (Remove only)
    hp instant support
    Image Grabber II
    Intel® PRO Network Adapters and Drivers
    Intel® PROSet
    ##nospam Configuration Utility
    iPod for Windows 2005-02-07
    iPod for Windows 2005-03-23
    iPod for Windows 2005-06-26
    iPod for Windows 2005-10-12
    iPod for Windows 2006-03-23
    iTunes
    J2SE Runtime Environment 5.0 Update 1
    JFK Reloaded 1.1
    LimeWire PRO 4.17.4
    Logitech iTouch Software
    Logitech MouseWare 9.79
    Macromedia Flash Player
    Macromedia Flash Player 8
    Macromedia Shockwave Player
    Map Button (Windows Live Toolbar)
    Microsoft .NET Framework (English)
    Microsoft .NET Framework (English) v1.0.3705
    Microsoft .NET Framework 1.0 Hotfix (KB928367)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Hotfix (KB928366)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Data Access Components KB870669
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office XP Professional with FrontPage
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Modem Helper
    Mozilla Firefox (3.5.3)
    MS Access 97 SP2
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML4 Parser
    Music Visualizer Library 1.4.00
    MUSICMATCH® Jukebox
    MyDVD
    Nero 7 Demo
    Net MD Simple Burner
    Network Play System (Patching)
    Nic's XviD Decoder
    OneCare Advisor (Windows Live Toolbar)
    OpenMG Limited Patch 3.2-03-02-21-08
    OpenMG Limited Patch 3.2-03-04-14-02
    OpenMG Limited Patch 3.2-03-04-17-02
    OpenMG Secure Module 3.2
    Orbit Downloader
    Paint Shop Pro 7
    PDF Settings
    Picture Package
    Popup Blocker (Windows Live Toolbar)
    PowerDVD
    QuickTime
    RealPlayer
    Rhapsody Player Engine
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Media Encoder (KB954156)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973869)
    Smart Menus (Windows Live Toolbar)
    SonicStage 1.5.53
    Sony USB Driver
    SoulSeek Client 156c
    Sound Blaster Live!
    SpeechRedist
    Spelling Dictionaries Support For Adobe Reader 9
    Spybot - Search & Destroy
    Spybot - Search & Destroy 1.4
    Tiger Woods PGA TOUR 2005
    TMPGEnc Plus 2.5
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB973815)
    USB Storage Adapter FX (SM1)
    Veoh Web Player Beta
    VeohTV BETA
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    WebFldrs XP
    Winamp
    Windows Genuine Advantage Notifications (KB905474)
    Windows Internet Explorer 7
    Windows Live Favorites for Windows Live Toolbar
    Windows Live Messenger
    Windows Live Outlook Toolbar (Windows Live Toolbar)
    Windows Live Sign-in Assistant
    Windows Live Toolbar
    Windows Live Toolbar Extension (Windows Live Toolbar)
    Windows Media Encoder 9 Series
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Service Pack 3
    WingMan Software
    WinRAR archiver
    WordPerfect Office 11
    Xbox Music Mixer PC Tool
    XviD 1.1 final uninstall
    Yahoo! Toolbar

    ==== Event Viewer Messages From Past Week ========

    12/09/2009 2:17:29 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: $sys$crater
    12/09/2009 2:17:28 PM, error: Service Control Manager [7000] - The Xinga Macro 2003 service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    12/09/2009 2:17:28 PM, error: Service Control Manager [7000] - The Plug and Play Device Manager service failed to start due to the following error: The system cannot find the file specified.
    12/09/2009 2:17:28 PM, error: Service Control Manager [7000] - The BDRSDRV service failed to start due to the following error: The system cannot find the file specified.

    ==== End Of File ===========================
    Blade81
    Sep 20 2009, 09:08 AM
    Hi,

    You seem to have µTorrent & LimeWire p2p file sharing programs installed there. I strongly recommend that you uninstall them. P2P downloads are one of the biggest source of infection nowadays.

    Do you still have BitDefender installed?


    Please visit this webpage for download links, and instructions for running ComboFix tool:

    http://www.bleepingcomputer.com/combofix/how-to-use-combofix

    Please ensure you read this guide carefully and install the Recovery Console first.

    The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

    Once installed, you should see a blue screen prompt that says:

    The Recovery Console was successfully installed.

    Please continue as follows:
    1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link
      Remember to re-enable them afterwards.

    2. Click Yes to allow ComboFix to continue scanning for malware.

    When the tool is finished, it will produce a report for you.

    Please include the following reports for further review, and so we may continue cleansing the system:

    C:\ComboFix.txt
    New dds.txt log.

    A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix. This tool is not a toy and not for everyday use.
    Blade81
    Oct 9 2009, 03:31 PM
    Due to lack of feedback, this topic has been closed.

    If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

    Everyone else please begin a New Topic.

    Thank You !
    This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
    Invision Power Board © 2001-2009 Invision Power Services, Inc.