Active Generic Host Process for Win32

[Active]Generic Host Process for Win32

So i have been getting this error:

Generic Host Process for Win32 Services has encountered a problem and needs to close. We are sorry for the inconvenience.


Tried reading another thread over here and did all the things said there but it still didn't fix it. Dowloaded all windows updates, but still nothing.

So i would like some help in removing this.
Here is a log file, not sure if it will be useful however.
(POSTED ALL THESE LOGS TO FOLLOW RULES)

Malwarebytes' Anti-Malware 1.36
Database version: 2069
Windows 5.1.2600 Service Pack 2

03/05/2009 15:39:06
mbam-log-2009-05-03 (15-39-06).txt

Scan type: Quick Scan
Objects scanned: 80641
Time elapsed: 4 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 21
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 4
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.

Registry Keys Infected:
HKEY_CLASSES_ROOT\toolbar.tb (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\toolbar.tb.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\UpMedia (Adware.SmartShopper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Relevant Knowledge (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\ (Broken.OpenCommand) -> Bad: ( "%1" %*) Good: (regedit.exe "%1 ") -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\WinBudget (Adware.AdMedia) -> Quarantined and deleted successfully.
C:\Program Files\WinBudget\bin (Adware.AdMedia) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\UpMedia (Adware.SmartShopper) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\717305 (Trojan.BHO) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\WinBudget\bin\matrix.dat (Adware.AdMedia) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\msn_0804_upd111646.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-03-16.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 18/04/2007 04:12:37
System Uptime: 05/03/2009 15:40:55 (1416 hours ago)

Motherboard: | | ConRoeXFire-eSATA2.
Processor: Intel(R) Pentium(R) D CPU 3.40GHz | CPUSocket | 3396/200mhz
Processor: Intel(R) Pentium(R) D CPU 3.40GHz | CPUSocket | 3396/200mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 233 GiB total, 140.922 GiB free.
D: is CDROM ()
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP382: 04/02/2009 14:58:06 - System Checkpoint
RP383: 06/02/2009 14:37:51 - System Checkpoint
RP384: 07/02/2009 21:14:25 - System Checkpoint
RP385: 09/02/2009 12:56:36 - System Checkpoint
RP386: 13/02/2009 16:52:42 - System Checkpoint
RP387: 14/02/2009 20:39:54 - System Checkpoint
RP388: 19/02/2009 19:54:30 - System Checkpoint
RP389: 20/02/2009 15:45:21 - Installed Steam
RP390: 28/02/2009 11:02:06 - System Checkpoint
RP391: 04/03/2009 18:17:26 - System Checkpoint
RP392: 06/03/2009 12:20:08 - System Checkpoint
RP393: 06/03/2009 16:10:07 - Removed Windows Live installer
RP394: 06/03/2009 16:12:01 - Removed Windows Live Mail
RP395: 06/03/2009 16:12:49 - Installed Windows XP KB954708.
RP396: 06/03/2009 16:13:01 - Installed DirectX
RP397: 06/03/2009 16:13:33 - Removed Windows Live Photo Gallery
RP398: 06/03/2009 16:15:03 - Removed Windows Live Toolbar
RP399: 06/03/2009 16:15:27 - Removed Windows Live Writer
RP400: 07/03/2009 18:14:51 - System Checkpoint
RP401: 08/03/2009 11:30:50 - Installed DirectX
RP402: 09/03/2009 20:07:38 - Installed MetaFuze_MSI.
RP403: 09/03/2009 20:28:34 - Installed MetaFuze_MSI.
RP404: 12/03/2009 20:18:12 - System Checkpoint
RP405: 14/03/2009 15:32:41 - System Checkpoint
RP406: 15/03/2009 16:48:59 - System Checkpoint
RP407: 21/03/2009 10:06:33 - System Checkpoint
RP408: 23/03/2009 19:12:34 - System Checkpoint
RP409: 25/03/2009 16:12:17 - Installed Flash
RP410: 27/03/2009 17:25:53 - System Checkpoint
RP411: 28/03/2009 18:00:25 - Installed Java(TM) 6 Update 13
RP412: 29/03/2009 00:18:35 - Installed Windows Media Format Runtime
RP413: 31/03/2009 15:14:07 - System Checkpoint
RP414: 04/04/2009 20:31:52 - System Checkpoint
RP415: 08/04/2009 19:06:14 - System Checkpoint
RP416: 09/04/2009 13:53:08 - Installed Dekaron.
RP417: 11/04/2009 10:30:30 - System Checkpoint
RP418: 14/04/2009 16:03:23 - System Checkpoint
RP419: 15/04/2009 16:26:10 - System Checkpoint
RP420: 16/04/2009 18:02:52 - System Checkpoint
RP421: 17/04/2009 19:25:11 - System Checkpoint
RP422: 20/04/2009 13:24:25 - System Checkpoint
RP423: 24/04/2009 10:12:02 - Installed SPORE™
RP424: 24/04/2009 10:13:22 - Installed SPORE™
RP425: 25/04/2009 13:27:41 - System Checkpoint
RP426: 26/04/2009 14:35:33 - Installed AVG Free 8.5
RP427: 26/04/2009 14:38:37 - Installed AVG Free 8.5
RP428: 26/04/2009 15:02:12 - Removed Stronghold Crusader
RP429: 26/04/2009 15:04:57 - Removed Flash
RP430: 26/04/2009 15:08:55 - Removed Google Earth.
RP431: 26/04/2009 15:13:52 - Removed Dekaron.
RP432: 27/04/2009 09:39:09 - Avg8 Update
RP433: 28/04/2009 12:19:07 - System Checkpoint
RP434: 29/04/2009 16:27:46 - System Checkpoint
RP435: 30/04/2009 13:26:38 - Avg8 Update
RP436: 30/04/2009 19:41:25 - Installed Windows Defender
RP437: 30/04/2009 20:10:43 - Software Distribution Service 3.0
RP438: 01/05/2009 13:50:24 - Installed Windows Internet Explorer 8.
RP439: 02/05/2009 23:42:21 - Installed Windows XP KB894391.
RP440: 03/05/2009 10:13:18 - Avg8 Update
RP441: 03/05/2009 10:14:50 - Avg8 Update
RP442: 03/05/2009 12:10:38 - Installed Windows XP KB894391.
RP443: 03/05/2009 12:12:26 - Installed Windows XP KB921883.
RP444: 03/05/2009 12:53:13 - Installed AppRanger
RP445: 03/05/2009 12:58:40 - Removed AppRanger
RP446: 03/05/2009 13:53:29 - Installed Windows XP KB921883.
RP447: 03/05/2009 15:50:50 - Software Distribution Service 3.0

==== Installed Programs ======================

1Click DVD Copy 4.1
3DVIA Player 4.1
a-squared Anti-Malware 4.0
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop CS3
Adobe Reader 7.0
Adobe Setup
Adobe Shockwave Player 11
Advanced Office Repair v1.0
AnyDVD
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoStudio 5.5
AutoUpdate
avast! Antivirus
AVG 8.5
BitComet 1.03
Bonjour
BUFFALO TurboUSB for FLASH/HDD
Canon MP Navigator 3.0
Canon MP160
Canon MP160 User Registration
Canon Utilities Easy-PhotoPrint
CDBurnerXP
Choice Guard
CopyToDVD
DebugMode Wax 2.0
DivX Codec
DivX Converter
DivX Player
DivX Web Player
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVD2One 1.5.2
Easy-WebPrint
FM Modifier 2.25
Football Manager 2005
Football Manager 2008
Football Manager 2009
GPGNet
Hamachi 1.0.2.2
High Definition Audio Driver Package - KB888111
Highlight Viewer (Windows Live Toolbar)
HijackThis 2.0.2
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB954708)
iLike
iTunes
J2SE Runtime Environment 5.0 Update 3
Jasc Paint Shop Pro 9
Java(TM) 6 Update 13
Java(TM) 6 Update 2
Junk Mail filter update
LibUSB-Win32-0.1.10.1
LimeWire 4.16.6
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
Messenger Plus! Live & Sponsor (CiD)
MetaFuze_MSI
Metal Gear Solid
mgs4_ss_1600_1200_2 ?????????
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft Application Error Reporting
Microsoft Encarta Premium 2006 DVD
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office FrontPage 2003
Microsoft Office Professional Edition 2003
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual J# 2.0 Redistributable Package
Mozilla Firefox (3.0.10)
Mozilla Firefox (3.0b4)
MpcStar 3.6
MSI Wireless Client Utility Installation Program
MSVCRT
Nero 7 Ultra Edition
NetBattle
Network Play System (Patching)
Nintendo Wi-Fi USB Connector Registration Tool
Nokia Connectivity Cable Driver
Nokia PC Connectivity Solution
Nokia PC Suite
NVIDIA Drivers
OneCare Advisor (Windows Live Toolbar)
Panda ActiveScan 2.0
Pando
Pando Toolbar
PFConfig 1.0.193
Popup Blocker (Windows Live Toolbar)
PowerDVD
PowerISO
Python 2.5.2
QuickTime
RealPlayer
Realtek High Definition Audio Driver
REALTEK PCIE NIC Driver
Redshark 2.30
Rhapsody Player Engine
Safari
SAMSUNG CDMA Modem Driver Set
SAMSUNG Mobile Composite Device Software
SAMSUNG Mobile Modem Driver Set
Samsung Mobile phone USB driver Software
SAMSUNG Mobile USB Modem 1.0 Software
SAMSUNG Mobile USB Modem Software
Samsung PC Studio 3
ScanSoft OmniPage SE 4.0
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows XP (KB921883)
Segoe UI
Shoddy Battle
Skype™ 4.0
Smart Menus (Windows Live Toolbar)
Sony ACID Music Studio 5.0
SopCast 3.0.0
SPORE™
Starcraft
Steam
Supreme Commander - Forged Alliance
System Requirements Lab
Tabbed Browsing (Windows Live Toolbar)
The Sims
Ulead PhotoImpact 11
Ultra MPEG-4 Converter 4.2.0705
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB904942)
Update for Windows XP (KB932823-v3)
Veetle TV Player 0.9.13
VLC media player 0.9.8a
WebFldrs XP
Windows Defender
Windows Driver Package - Nokia Modem (07/24/2006 6.81.0.23)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Favorites for Windows Live Toolbar
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows Live Upload Tool
Windows Live Writer
Windows Media Format Runtime
Windows Media Player 10
Windows Movie Maker 2.0
WinRAR archiver
WinZip
Xilisoft Video Converter Platinum
XP Codec Pack
Xvid 1.1.2 final uninstall
Yahoo! Software Update
Yahoo! Toolbar
Zwei-Stein Video Compositor 3.01 (Beta 2).

==== Event Viewer Messages From Past Week ========

30/04/2009 19:17:00, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the MSI Configuration Service service to connect.
30/04/2009 15:18:58, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
30/04/2009 15:18:49, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
27/04/2009 14:31:02, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the iPod Service service to connect.
27/04/2009 14:31:02, error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
27/04/2009 14:31:02, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service iPod Service with arguments " " in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
26/04/2009 11:03:13, error: HTTP [15005] - Unable to bind to the underlying transport for 0.0.0.0:2869. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.
02/05/2009 23:32:15, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
01/05/2009 15:17:49, error: ipnathlp [32003] - The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.
01/05/2009 09:38:20, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)

==== End Of File ===========================

 

DDS (Ver_09-03-16.01) - NTFSx86
Run by Administrator at 15:53:55.67 on 03/05/2009
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.1023.260 [GMT 2:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
AV: avast! antivirus 4.8.1335 [VPS 090502-0] *On-access scanning enabled* (Updated)
AV: a-squared Anti-Malware *On-access scanning disabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\libusbd-nt.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Documents and Settings\Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uWindow Title = Windows Internet Explorer provided by Yahoo!
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
uURLSearchHooks: N/A: {06663b56-0d73-4f9f-bcc5-4aa941470afd} - c:\program files\pandobar\srchastt\1.bin\P4SRCHAS.DLL
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Pando Search Assistant BHO: {06663b51-0d73-4f9f-bcc5-4aa941470afd} - c:\program files\pandobar\srchastt\1.bin\P4SRCHAS.DLL
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: CInterceptor Object: {38d3fe60-3d53-4f37-bb0e-c7a97a26a156} - c:\program files\pando networks\pando\PandoIEPlugin.dll
BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.2.6.26.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: EWPBrowseObject Class: {68f9551e-0411-48e4-9aaf-4bc42a6a46be} - c:\program files\canon\easy-webprint\EWPBrowseLoader.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Encarta Web Companion Helper Object: {955be0b8-bc85-4caf-856e-8e0d8b610560} - c:\program files\common files\microsoft shared\encarta web companion\ENCWCBAR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: Pando Toolbar BHO: {e3ea4fd1-cade-4ae5-84f7-086eee888be4} - c:\program files\pandobar\bar\1.bin\PANDOBAR.DLL
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
TB: Encarta Web Companion: {147d6308-0614-4112-89b1-31402f9b82c4} - c:\program files\common files\microsoft shared\encarta web companion\ENCWCBAR.DLL
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: Pando Toolbar: {e3ea4fd9-cade-4ae5-84f7-086eee888be4} - c:\program files\pandobar\bar\1.bin\PANDOBAR.DLL
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [System Services Monitor] C:\LDFfansn.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [IMC] c:\program files\friendfinder\friendfinder messenger 40\imc.exe
uRun: [E06AXLRD_591125] "c:\program files\microsoft encarta\encarta premium dvd 2006\EDICT.EXE" -m
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe "
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [y] c:\windows\system32\y.exe
mRun: [wb] c:\windows\system32\wb.exe
mRun: [syx] c:\windows\system32\syx.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [lj] c:\windows\system32\lj.exe
mRun: [jr] c:\windows\system32\jr.exe
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [aum] c:\windows\system32\aum.exe
mRun: [Alcmtr] ALCMTR.EXE
mRun: [TkBellExe] "c:\program files\mpcstar\codecs\real\rcaplugins\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [a-squared] "c:\program files\a-squared anti-malware\a2guard.exe "
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
dRunOnce: [RunNarrator] Narrator.exe
IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Toolband.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Toolband.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Toolband.dll/RC_Print.html
IE: Open in new background tab - c:\program files\windows live toolbar\components\en-gb\msntabres.dll.mui/229?a6481e959abe4d78af4232bd909c9968
IE: Open in new foreground tab - c:\program files\windows live toolbar\components\en-gb\msntabres.dll.mui/230?a6481e959abe4d78af4232bd909c9968
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.2.6.26.dll/206
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD} - c:\program files\common files\microsoft shared\encarta search bar\ENCSBAR.DLL
Trusted Zone: doginhispen.com
Trusted Zone: whataboutadog.com
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
TCP: {31712930-9295-4263-9DBC-B7B2D134A854} = 194.158.37.196,194.158.37.211
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: avgrsstarter - avgrsstx.dll
STS: frowardness: {b0fdc513-46b9-46fc-8e70-d575ee546dae} - c:\windows\system32\zfaiqwr.dll
SEH: Microsoft AntiMalware ShellExecuteHook: {091eb208-39dd-417d-a5dd-7e2c2d8fb9cb} - c:\progra~1\wifd1f~1\MpShHook.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\7e1le0xi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - GoogleCOM
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.mt/
FF - prefs.js: keyword.URL - hxxp://www.wcsearch.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - component: c:\documents and settings\administrator\application data\mozilla\firefox\profiles\7e1le0xi.default\extensions\{b042753d-f57e-4e8e-a01b-7379a6d4cefb}\components\IBitCometExtension.dll
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\documents and settings\all users\application data\nexoneu\ngm\npNxGameeu.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\program files\mpcstar\codecs\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\mpcstar\codecs\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlc\npvlc.dll
FF - plugin: c:\program files\virtools\3d life player\npvirtools.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

---- FIREFOX POLICIES ----


FF - user.js: browser.search.selectedEngine - GoogleCOM
FF - user.js: keyword.URL - hxxp://www.ffsearching.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

FF - user.js: keyword.URL - hxxp://www.wcsearch.com/search/?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-5-3 28544]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-4-6 114768]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-4-26 325896]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-4-26 27784]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-4-26 108552]
R2 a2AntiMalware;a-squared Anti-Malware Service;c:\program files\a-squared anti-malware\a2service.exe [2009-4-30 425080]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-4-6 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2007-4-18 138680]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-4-26 298776]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-1-14 226656]
R2 WinDefend;Windows Defender;c:\program files\windows defender\MsMpEng.exe [2006-11-3 13592]
R2 YahooAUService;Yahoo! Updater;c:\program files\yahoo!\softwareupdate\YahooAUService.exe [2008-11-9 602392]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2007-4-18 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2007-4-18 352920]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2008-3-7 33792]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-5-3 38496]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2008-7-6 16512]
S3 bfturboh;BUFFALO TurboUSB for HD Filter;c:\windows\system32\drivers\bfturboh.sys [2009-1-8 15872]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 XDva039;XDva039;\??\c:\windows\system32\xdva039.sys --> c:\windows\system32\XDva039.sys [?]
S3 XDva090;XDva090;\??\c:\windows\system32\xdva090.sys --> c:\windows\system32\XDva090.sys [?]

=============== Created Last 30 ================

2009-05-03 15:51 <DIR> --d----- c:\windows\system32\PreInstall
2009-05-03 15:33 <DIR> --d----- c:\docume~1\admini~1\applic~1\Malwarebytes
2009-05-03 15:33 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-05-03 15:33 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-03 15:33 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-05-03 15:33 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-05-03 14:13 <DIR> --d----- c:\program files\Trend Micro
2009-05-03 13:39 28,544 a------- c:\windows\system32\drivers\pavboot.sys
2009-05-03 13:38 <DIR> --d----- c:\program files\Panda Security
2009-05-03 13:29 383 a------- c:\windows\wininit.ini
2009-05-03 13:13 <DIR> --d----- c:\docume~1\admini~1\applic~1\Uniblue
2009-05-03 13:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SecTaskMan
2009-05-03 13:06 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-05-03 13:06 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2009-05-03 12:53 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AppRanger
2009-05-03 12:53 <DIR> --d----- c:\program files\AppRanger
2009-05-01 14:08 <DIR> --dsh--- c:\documents and settings\administrator\IECompatCache
2009-05-01 14:05 <DIR> --dsh--- c:\documents and settings\administrator\PrivacIE
2009-05-01 14:02 <DIR> --dsh--- c:\documents and settings\administrator\IETldCache
2009-05-01 13:46 <DIR> -cd-h--- c:\windows\ie8
2009-04-30 19:32 <DIR> --d----- c:\program files\a-squared Anti-Malware
2009-04-29 14:36 <DIR> --d----- c:\program files\SystemRequirementsLab
2009-04-28 18:41 12,264 a------- c:\windows\scunin.dat
2009-04-28 18:41 68,096 a------- c:\windows\ScUnin.exe
2009-04-28 18:41 967 a------- c:\windows\ScUnin.pif
2009-04-28 18:40 <DIR> --d----- c:\program files\Starcraft
2009-04-26 15:09 <DIR> --d----- c:\windows\pss
2009-04-26 14:50 <DIR> --d-h--- C:\$AVG8.VAULT$
2009-04-26 14:39 11,952 a------- c:\windows\system32\avgrsstx.dll
2009-04-26 14:39 108,552 a------- c:\windows\system32\drivers\avgtdix.sys
2009-04-26 14:39 325,896 a------- c:\windows\system32\drivers\avgldx86.sys
2009-04-26 14:39 <DIR> --d----- c:\windows\system32\drivers\Avg
2009-04-26 12:54 56 a---h--- c:\windows\system32\ezsidmv.dat
2009-04-26 12:50 <DIR> --d--r-- c:\program files\Skype
2009-04-24 10:25 <DIR> --d----- c:\docume~1\admini~1\applic~1\SPORE
2009-04-23 10:43 <DIR> --d----- c:\program files\Free Download Manager
2009-04-09 13:59 2,813,085 a------- c:\windows\system32\GameMon.des
2009-04-09 13:53 <DIR> --d----- c:\program files\GameTribe
2009-04-09 12:01 <DIR> --d----- c:\docume~1\admini~1\applic~1\Canneverbe_Limited

==================== Find3M ====================

2009-03-28 19:00 410,984 a------- c:\windows\system32\deploytk.dll
2009-03-08 04:34 914,944 a------- c:\windows\system32\wininet.dll
2009-03-08 04:34 43,008 a------- c:\windows\system32\licmgr10.dll
2009-03-08 04:33 18,944 a------- c:\windows\system32\corpol.dll
2009-03-08 04:33 420,352 a------- c:\windows\system32\vbscript.dll
2009-03-08 04:32 72,704 a------- c:\windows\system32\admparse.dll
2009-03-08 04:32 71,680 a------- c:\windows\system32\iesetup.dll
2009-03-08 04:31 34,816 a------- c:\windows\system32\imgutil.dll
2009-03-08 04:31 48,128 a------- c:\windows\system32\mshtmler.dll
2009-03-08 04:31 45,568 a------- c:\windows\system32\mshta.exe
2009-03-08 04:22 156,160 a------- c:\windows\system32\msls31.dll
2009-02-24 20:43 796,672 a------- c:\windows\GPInstall.exe
2009-02-06 20:03 307,576 a------- c:\windows\WLXPGSS.SCR
2009-02-06 19:52 49,504 a------- c:\windows\system32\sirenacm.dll
2008-08-26 08:53 23 a------- c:\documents and settings\administrator\jagex_runescape_preferences.dat

============= FINISH: 15:55:01.14 ===============

 

Anyone can help???