Active Bad Error Related with "Generic Host Process for win32"

[Active] Bad Error Related with "Generic Host Process for win32 "

Hi all this is first time here i hop to get some help soon ,
at the beginning i was have "Generic Host Process for Win32 Error " i tried all ways to remove it finally i delete me hard drives and re create.but that's didn't work it encountered me again , some this Error message appear and some time not, but it gave classic windows style as you know my anti-virus is Bit-defender 2009 at moment but i used all anti-virus in top 10 and online scan.
and my windows was Full updated


i know how i stop this virus or problem activity by closing 445 port and disable DECOM , but when i re-install my Windows it encountered me again

i am computer user so i wouldn't be idiot

there is logs you need to analyze:

DDS Log:

DDS (Ver_09-05-14.01) - NTFSx86
Run by XPPRESP3 at 0:01:47.07 on Tue 05/26/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_02
Microsoft Windows XP Professional 5.1.2600.2.1256.966.1033.18.1023.681 [GMT 3:00]


============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Uniblue\DiskRescue\UBDiskRescueSrv.exe
C:\WINDOWS\VistaDrive\VistaDrive.exe
C:\Program Files\LClock\LClock.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\Documents and Settings\XPPRESP3\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = about:blank
uDefault_Page_URL = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
mSearchAssistant = hxxp://www.google.com/ie
mWinlogon: SfcDisable=-99 (0xffffff9d)
mWinlogon: UIHost=XPize_Logon.exe
BHO: IE7Pro BHO: {00011268-e188-40df-a514-835fcd78b1bf} - c:\program files\ie7pro\IE7Pro.dll
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - c:\program files\orbitdownloader\orbitcth.dll
BHO: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
TB: BitDefender Toolbar: {381ffde8-2394-4f90-b10d-fc6124a40f8c} - c:\program files\bitdefender\bitdefender 2009\IEToolbar.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe "
uRun: [DAEMON Tools] "c:\program files\daemon tools\daemon.exe" -lang 1033
uRun: [Rainlendar2] c:\program files\rainlendar2\Rainlendar2.exe
mRun: [High Definition Audio Property Page Shortcut] HDAShCut.exe
mRun: [VistaDrive] c:\windows\vistadrive\VistaDrive.exe
mRun: [LClock] c:\program files\lclock\LClock.exe
mRun: [Resume copy] copyfstq.exe /startup
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [BDAgent] "c:\program files\bitdefender\bitdefender 2009\bdagent.exe "
mRun: [BitDefender Antiphishing Helper] "c:\program files\bitdefender\bitdefender 2009\IEShow.exe "
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe "
dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
dRunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\orbit.lnk - c:\program files\orbitdownloader\orbitdm.exe
uPolicies-explorer: NoSMHelp = 1 (0x1)
mPolicies-explorer: ForceClassicControlPanel = 1 (0x1)
dPolicies-explorer: NoSMHelp = 1 (0x1)
IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office11\EXCEL.EXE/3000
IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM
IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-85B0-34A760E0D5FE} - c:\program files\ie7pro\IE7Pro.dll
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office11\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\xppresp3\applic~1\mozilla\firefox\profiles\2moj8l1y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.eg/
FF - component: c:\program files\mozilla firefox\components\FFComm.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll

============= SERVICES / DRIVERS ===============

R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2002-1-1 604416]
R2 Uniblue DiskRescue;Uniblue DiskRescue;c:\program files\uniblue\diskrescue\UBDiskRescueSrv.exe [2008-9-10 229648]
R3 bdfm;BDFM;c:\windows\system32\drivers\bdfm.sys [2008-9-18 111112]
S3 Arrakis3;BitDefender Arrakis Server;c:\program files\common files\bitdefender\bitdefender arrakis server\bin\Arrakis3.exe [2009-1-20 172032]

=============== Created Last 30 ================

2009-05-25 23:45 <DIR> --d-h--- c:\windows\PIF
2009-05-25 12:30 <DIR> --d----- c:\documents and settings\xppresp3\ErrorLogs
2009-05-25 12:24 <DIR> --d----- c:\windows\system32\LogFiles
2009-05-25 12:21 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{A613CA96-150A-4A1D-90CE-67F81379DF8C}
2009-05-25 12:19 30,208 a------- c:\windows\system32\drivers\usbehci.sys
2009-05-25 12:19 7,168 a------- c:\windows\system32\hccoin.dll

==================== Find3M ====================

2009-05-25 12:28 81,984 a------- c:\windows\system32\bdod.bin
2009-04-27 15:21 28,928 a------- c:\windows\system32\uxtuneup.dll
2009-04-02 16:21 84,480 a------- c:\windows\system32\ff_vfw.dll
2009-02-26 23:47 2,255,360 a------- c:\windows\system32\x264vfw.dll
2002-01-01 04:44 16,384 a--sh--- c:\windows\system32\config\systemprofile\cookies\index.dat
2002-01-01 04:44 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\application data\microsoft\feeds cache\index.dat
2002-01-01 04:44 16,384 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\index.dat
2002-01-01 04:44 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\temporary internet files\content.ie5\index.dat

============= FINISH: 0:02:11.96 ===============




==============================================
Attach Log
==============================================

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-05-14.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/1/2002 1:56:02 AM
System Uptime: 5/25/2009 11:28:34 PM (1 hours ago)

Motherboard: ASUSTeK Computer INC. | | P5GPL-X
Processor: Intel(R) Pentium(R) 4 CPU 2.66GHz | LGA 775 | 2676/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 13 GiB total, 8.426 GiB free.
D: is FIXED (NTFS) - 62 GiB total, 59.179 GiB free.
E: is CDROM ()
F: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_8086&DEV_100E&SUBSYS_80EE1043&REV_02\4&32A45852&0&18F0
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_8086&DEV_100E&SUBSYS_80EE1043&REV_02\4&32A45852&0&18F0
Service:

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

حزمة اللغة لـ Microsoft .NET Framework 3.5 SP1 - ARA
BitDefender Antivirus 2009
CCleaner (remove only)
CPL All-in-One
D-Link PCI Fast Ethernet Adapter
Daemon Tools v4.10
DFE-520TX
Folder Size Shell Extension v3.2
Foxit PDF Editor
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows XP (KB954550-v5)
IE7Pro
Java(TM) 6 Update 2
K-Lite Mega Codec Pack 4.8.0
LClock
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ARA
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - ARA
Microsoft .NET Framework 3.5 Language Pack SP1 - ara
Microsoft .NET Framework 3.5 SP1
Microsoft Office Professional Edition 2003
Mozilla Firefox (3.0.10)
Nero 7 Lite v7.7.5.1
NirSoft Collection
NVIDIA Drivers
Orbit
Rainlendar2 (remove only)
RocketDock 1.3.1
Software Update for Web Folders
Spybot - Search & Destroy 1.4
SysInternals Utilities Collection
TotalCopy 1.2 (Luki Edition)
TreeCopy v1.11 (Remove Only)
TuneUp Utilities 2009
Uniblue DiskRescue 2009
Uniblue RegistryBooster 2009
Uniblue SpeedUpMyPC 2009
Vista Drive Indicator!
Win32Pad 1.5.10.2
Windows Imaging Component
WinRAR archiver
XML Paper Specification Shared Components Language Pack 1.0
XnView Complete v1.91.3 (Remove Only)
XPize 4.7 Lite Beta

==== Event Viewer Messages From Past Week ========

5/25/2009 12:41:19 PM, error: MRxSmb [8003] - The master browser has received a server announcement from the computer SICOWIN that believes that it is the master browser for the domain on transport NetBT_Tcpip_{2E306ED4-388E-4CFE-9. The master browser is stopping or an election is being forced.
5/25/2009 12:29:41 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments " " in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

==== End Of File ===========================






=====================================================
Hijackthis Log
=====================================================

[Clean HJT log removed - Broni]

============================================

 

but i am sure it virus, Generic Host Process for win32 message encountered me all da time

 

sadly this removal tool didn't fix it