Hi Guys,

Am new in this group as I searched for a reliable group to help me in fixing this worm that got to my PC yesterday.

I shall be sending the HJT file produced and the 2 other files resulting from the DDS.exe file as outlined from recent exchanges involving a similar file name at Norton 360 indicates that virus resides @
1. I:\Documents and Settings\Joey\Local Settings\Temp\tmpC.tmp (603Kb)
2. I:\Documents and Settings\Joey\Local Settings\Temp\tmp6.tmp (603kb) ---i think this is a replicant of the previous.

Please check out the HJT file:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:13:11 PM, on 12/28/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
I:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
I:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
I:\WINDOWS\Explorer.EXE
I:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
I:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
I:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
I:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe
I:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
I:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
I:\WINDOWS\RTHDCPL.EXE
I:\Program Files\ASUS\AASP\1.00.59\aaCenter.exe
I:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
I:\Program Files\Java\jre6\bin\jusched.exe
I:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
I:\Program Files\Common Files\Real\Update_OB\realsched.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
I:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
I:\WINDOWS\system32\PSIService.exe
I:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
I:\Program Files\Skype\Phone\Skype.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
I:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
I:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
I:\Program Files\Business-in-a-Box\BIBLauncher.exe
I:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
I:\Program Files\Marvell\61xx\svc\mvraidsvc.exe
I:\Program Files\Marvell\61xx\tray\zRaidTray.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
I:\Program Files\Skype\Plugin Manager\skypePM.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\Program Files\Common Files\Microsoft Shared\MODI\11.0\MSPVIEW.EXE
I:\WINDOWS\system32\WISPTIS.EXE
I:\WINDOWS\system32\notepad.exe
I:\WINDOWS\system32\notepad.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - I:\Program Files\TorrentMan\tbTor0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - I:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - I:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - I:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - I:\Program Files\TorrentMan\tbTor0.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - I:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O3 - Toolbar: TorrentMan Toolbar - {7c5c0f58-e061-457d-9033-77307f5ed00c} - I:\Program Files\TorrentMan\tbTor0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ccApp] "I:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "I:\Program Files\Norton 360 Premier Edition\osCheck.exe"
O4 - HKLM\..\Run: [Ai Nap] "I:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [CPU Power Monitor] "I:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] I:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [ASUS Energy Saving] "I:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] I:\Program Files\Corel\Corel Snapfire Plus\Corel PhotoDownloader.exe
O4 - HKLM\..\Run: [StatusClient] I:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe /auto
O4 - HKLM\..\Run: [TomcatStartup] I:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe
O4 - HKLM\..\Run: [OrderReminder] I:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "I:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PCSuiteTrayApplication] I:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [StartCCC] "I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "I:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "I:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] I:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_1_0
O4 - HKCU\..\Run: [Skype] "I:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [BIBLauncher] I:\Program Files\Business-in-a-Box\BIBLauncher.exe
O4 - Startup: MarvellTrayStartup.lnk = I:\Program Files\Marvell\61xx\tray\RaidTray.bat
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = I:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - I:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O15 - Trusted Zone: http://www.msi.com.tw
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - I:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - I:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - I:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - I:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - I:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - I:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - I:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - I:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - I:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - I:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - I:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Marvell RAID Event Agent (Marvell RAID) - Unknown owner - I:\Program Files\Marvell\61xx\svc\mvraidsvc.exe
O23 - Service: MRU Web Service (MRUWebService) - Apache Software Foundation - I:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
O23 - Service: Pml Driver HPZ12 - HP - I:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ProtexisLicensing - Unknown owner - I:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - I:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - I:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: WUSB54Gv4SVC - GEMTEKS - I:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe

--
End of file - 11453 bytes

Dear All ,

Here is the Attach file yielded by the DDS program: I have already set system to unhide mode. thanks in advance


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Version 1.0)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 9/5/2008 11:17:48 AM
System Uptime: 12/28/2008 1:56:25 PM (1 hours ago)

Motherboard: ASUSTeK Computer INC. | | P5K SE/EPU
Processor: Intel Pentium III Xeon processor | LGA775 | 2533/266mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 117 GiB total, 57.411 GiB free.
D: is FIXED (NTFS) - 67 GiB total, 12.026 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is FIXED (NTFS) - 233 GiB total, 124.851 GiB free.
H: is FIXED (NTFS) - 83 GiB total, 39.032 GiB free.
I: is FIXED (NTFS) - 98 GiB total, 61.044 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Device ID: ACPI\PNP0303\4&1400782C&0
Manufacturer: (Standard keyboards)
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&1400782C&0
Service: i8042prt

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Description: Nokia E90
Device ID: ROOT\WPD\0000
Manufacturer: Nokia
Name: Nokia E90
PNP Device ID: ROOT\WPD\0000
Service: WUDFRd

==== System Restore Points ===================

RP183: 12/28/2008 10:28:28 AM - System Checkpoint
RP184: 12/28/2008 10:29:22 AM - Restore POINT JRG

==== Installed Programs ======================

7-Zip 4.57
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Reader 9
AI Suite
AppCore
ASUSUpdate
Atheros Communications Inc.(R) L1 Gigabit Ethernet Driver
Atheros Ethernet Utility
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
Backup
BitLord 1.1
Business-in-a-Box
Canon ScanGear Toolbox CS 2.2
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
ccCommon
Corel Snapfire DVD Maker
Corel Snapfire Plus
Free Ape Player 1.2.1
GearDrvs
getPlus(R) for Adobe
Google Earth
Google Toolbar for Internet Explorer
Google Updater
High Definition Audio Driver Package - KB888111
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Business Inkjet 1200
hp LaserJet 1010 Series
i-Speeder
InfoView
Java(TM) 6 Update 11
Java(TM) 6 Update 7
Linksys Wireless-G USB Network Adapter
LiveUpdate (Symantec Corporation)
marvell 61xx
Marvell MRU
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office FrontPage 2003
Microsoft Office OneNote 2003
Microsoft Office Professional Edition 2003
Microsoft Office Project Professional 2003
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.0.4)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser
Nokia Connectivity Cable Driver
Nokia Flashing Cable Driver
Nokia PC Suite
Nokia Software Updater
Norton 360
Norton 360 HTMLHelp
Norton 360 Premier Edition (Symantec Corporation)
Norton Confidential Core
OpenOffice.org Installer 1.0
OrderReminder hp LaserJet 101x
PC Connectivity Solution
PC Probe II
RealPlayer
Realtek High Definition Audio Driver
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Skins
Skype™ 3.8
SPBBC 32bit
Symantec Real Time Storage Protection Component
Symantec Technical Support Controls
Symantec Technical Support Web Controls
SymNet
Teaching-you Project Management Skills
TorrentMan Toolbar
Try Corel Snapfire muvee autoProducer add on
Uniblue DriverScanner 2009
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
VideoLAN VLC media player 0.8.6i
videosoft
WebFldrs XP
Windows Driver Package - Nokia (WUDFRd) WPD (11/03/2006 6.82.26.2)
Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 7
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
World of Warcraft FREE Trial
WriteExpress 3,001 Business & Sales Letters

==== Event Viewer Messages From Past Week ========

12/21/2008 2:19:36 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the LiveUpdate Notice service.
12/21/2008 2:19:06 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the CLTNetCnService service.
12/21/2008 2:18:36 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the ccSetMgr service.
12/21/2008 2:18:06 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the ccEvtMgr service.
12/28/2008 1:10:31 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/28/2008 1:10:37 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
12/28/2008 1:10:37 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/28/2008 1:10:37 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/28/2008 1:10:37 PM, error: Service Control Manager [7001] - The MRU Web Service service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
12/28/2008 1:10:37 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/28/2008 1:10:37 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO eeCtrl Fips i8042prt intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SPBBCDrv SRTSPX SYMTDI Tcpip
12/28/2008 1:10:41 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

==== End Of File ===========================

ANd finally the DDS file produced by the DDS program. Hope you guys can help me soon. Thanks!


DDS (Version 1.1.0) - NTFSx86
Run by Joey at 14:50:29.26 on Sun 12/28/2008
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3071.2324 [GMT 8:00]

AV: Norton 360 Premier Edition *On-access scanning enabled* (Updated)
FW: Norton 360 Premier Edition *enabled*

============== Running Processes ===============

I:\WINDOWS\system32\Ati2evxx.exe
I:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
I:\WINDOWS\System32\svchost.exe -k netsvcs
I:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
I:\WINDOWS\system32\Ati2evxx.exe
I:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
I:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
I:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
I:\WINDOWS\Explorer.EXE
I:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
I:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
I:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
I:\Program Files\ASUS\Ai Suite\EnergySaving\PwSave.exe
I:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
I:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
I:\WINDOWS\RTHDCPL.EXE
I:\Program Files\ASUS\AASP\1.00.59\aaCenter.exe
I:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
I:\Program Files\Java\jre6\bin\jusched.exe
I:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
I:\Program Files\Common Files\Real\Update_OB\realsched.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
I:\Program Files\Java\jre6\bin\jqs.exe
I:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
I:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
I:\WINDOWS\system32\PSIService.exe
I:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
I:\Program Files\Skype\Phone\Skype.exe
I:\WINDOWS\system32\svchost.exe -k imgsvc
I:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
I:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv4.exe
I:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
I:\Program Files\Business-in-a-Box\BIBLauncher.exe
I:\Program Files\Marvell\61xx\Apache2\bin\Apache.exe
I:\Program Files\PC Connectivity Solution\ServiceLayer.exe
I:\Program Files\Marvell\61xx\svc\mvraidsvc.exe
I:\Program Files\Marvell\61xx\tray\zRaidTray.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
I:\WINDOWS\System32\svchost.exe -k HTTPFilter
I:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
I:\Program Files\Skype\Plugin Manager\skypePM.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\WINDOWS\system32\wuauclt.exe
I:\Program Files\Common Files\Microsoft Shared\MODI\11.0\MSPVIEW.EXE
I:\WINDOWS\system32\WISPTIS.EXE
I:\Documents and Settings\Joey\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = <local>
uURLSearchHooks: TorrentMan Toolbar: {7c5c0f58-e061-457d-9033-77307f5ed00c} - i:\program files\torrentman\tbTor0.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - i:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - i:\program files\common files\symantec shared\coshared\browser\2.6\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - i:\progra~1\common~1\symant~1\ids\IPSBHO.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - i:\program files\java\jre6\bin\ssv.dll
BHO: TorrentMan Toolbar: {7c5c0f58-e061-457d-9033-77307f5ed00c} - i:\program files\torrentman\tbTor0.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - i:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - i:\program files\google\googletoolbar2.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - i:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - i:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - i:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - i:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll
TB: TorrentMan Toolbar: {7c5c0f58-e061-457d-9033-77307f5ed00c} - i:\program files\torrentman\tbTor0.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - i:\program files\google\googletoolbar2.dll
uRun: [ctfmon.exe] i:\windows\system32\ctfmon.exe
uRun: [MsnMsgr] "i:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [updateMgr] i:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe AcRdB7_1_0
uRun: [Skype] "i:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [BIBLauncher] i:\program files\business-in-a-box\BIBLauncher.exe
mRun: [ccApp] "i:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "i:\program files\norton 360 premier edition\osCheck.exe"
mRun: [Ai Nap] "i:\program files\asus\ai suite\ainap\AiNap.exe"
mRun: [CPU Power Monitor] "i:\program files\asus\ai suite\aigear3\CpuPowerMonitor.exe"
mRun: [Cpu Level Up help] i:\program files\asus\ai suite\CpuLevelUpHelp.exe
mRun: [ASUS Energy Saving] "i:\program files\asus\ai suite\energysaving\PwSave.exe"
mRun: [Corel Photo Downloader] i:\program files\corel\corel snapfire plus\Corel PhotoDownloader.exe
mRun: [<NO NAME>]
mRun: [StatusClient] i:\program files\hewlett-packard\toolbox2.0\apache tomcat 4.0\webapps\toolbox\statusclient\StatusClient.exe /auto
mRun: [TomcatStartup] i:\program files\hewlett-packard\toolbox2.0\hpbpsttp.exe
mRun: [OrderReminder] i:\program files\hewlett-packard\orderreminder\orderreminder\OrderReminder.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Adobe Reader Speed Launcher] "i:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [PCSuiteTrayApplication] i:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -startup
mRun: [StartCCC] "i:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "i:\program files\java\jre6\bin\jusched.exe"
mRun: [TkBellExe] "i:\program files\common files\real\update_ob\realsched.exe" -osboot
StartupFolder: i:\docume~1\joey\startm~1\programs\startup\marvel~1.lnk - i:\program files\marvell\61xx\tray\RaidTray.bat
StartupFolder: i:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - i:\program files\microsoft office\office11\ONENOTEM.EXE
IE: E&xport to Microsoft Excel - i:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - i:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - i:\progra~1\micros~2\office11\REFIEBAR.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - i:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - i:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - i:\docume~1\joey\applic~1\mozilla\firefox\profiles\wmjp6ulb.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1640187&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - component: i:\program files\mozilla firefox\components\coFFPlgn.dll
FF - component: i:\program files\mozilla firefox\extensions\{7c5c0f58-e061-457d-9033-77307f5ed00c}\components\FFAlert.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nppl3260.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprjplug.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpjplug.dll
FF - plugin: i:\program files\google\google updater\2.4.1399.3742\npCIDetect13.dll

============= SERVICES / DRIVERS ===============

R0 mv61xx;mv61xx;i:\windows\system32\drivers\mv61xx.sys [2007-6-15 143256]
R2 ccEvtMgr;Symantec Event Manager;"i:\program files\common files\symantec shared\ccSvcHst.exe" /h ccCommon [2008-2-19 149352]
R2 ccSetMgr;Symantec Settings Manager;"i:\program files\common files\symantec shared\ccSvcHst.exe" /h ccCommon [2008-2-19 149352]
R2 LiveUpdate Notice;LiveUpdate Notice;"i:\program files\common files\symantec shared\ccSvcHst.exe" /h ccCommon [2008-2-19 149352]
R2 MRUWebService;MRU Web Service;"i:\program files\marvell\61xx\apache2\bin\Apache.exe" -k runservice [2007-5-23 20539]
R2 Symantec Core LC;Symantec Core LC;i:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-9-5 1245064]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;i:\windows\system32\drivers\l151x86.sys [2008-9-7 37376]
R3 Marvell RAID;Marvell RAID Event Agent;i:\program files\marvell\61xx\svc\mvraidsvc.exe [2007-6-13 61440]
R3 NAVENG;NAVENG;\??\i:\progra~1\common~1\symant~1\virusd~1\20081227.019\NAVENG.SYS [2008-12-28 89104]
R3 NAVEX15;NAVEX15;\??\i:\progra~1\common~1\symant~1\virusd~1\20081227.019\NAVEX15.SYS [2008-12-28 876112]
S3 COH_Mon;COH_Mon;\??\i:\windows\system32\drivers\COH_Mon.sys [2008-1-13 23888]
S3 getPlus(R) Helper;getPlus(R) Helper;i:\program files\nos\bin\getPlus_HelperSvc.exe [2008-9-21 33752]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;i:\windows\system32\drivers\nmwcdnsu.sys [2008-9-23 138112]
S3 nmwcdnsuc;Nokia USB Flashing Generic;i:\windows\system32\drivers\nmwcdnsuc.sys [2008-9-23 8320]

=============== Created Last 30 ================

2008-12-28 13:06 <DIR> --d----- i:\windows\pss
2008-12-28 10:21 <DIR> --d----- i:\program files\ACW
2008-12-28 10:16 91,632,848 a------- I:\SYM_REGISTRY_BACKUP.reg
2008-12-27 17:16 268 a---h--- I:\sqmdata15.sqm
2008-12-27 17:16 244 a---h--- I:\sqmnoopt15.sqm
2008-12-27 12:35 268 a---h--- I:\sqmdata14.sqm
2008-12-27 12:35 244 a---h--- I:\sqmnoopt14.sqm
2008-12-27 11:31 72,192 a------- i:\windows\system32\drivers\msqpdxserv.sys
2008-12-27 11:31 55,296 a------- i:\windows\system32\msqpdxoqebotdp.dll
2008-12-27 11:30 <DIR> --dshr-- I:\resycled
2008-12-27 11:30 255 ---shr-- I:\autorun.inf
2008-12-27 11:30 <DIR> --d----- i:\program files\videosoft
2008-12-15 01:08 0 a---h--- i:\windows\system32\drivers\Msft_Kernel_ccdcmb_01007.Wdf
2008-12-15 01:08 0 a---h--- i:\windows\system32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
2008-12-15 01:08 14,640 -------- i:\windows\system32\spmsgXP_2k3.dll
2008-12-15 01:04 8,064 a------- i:\windows\system32\drivers\usbser_lowerfltj.sys
2008-12-15 01:04 22,016 a------- i:\windows\system32\drivers\ccdcmbo.sys
2008-12-15 01:04 8,064 a------- i:\windows\system32\drivers\usbser_lowerflt.sys
2008-12-15 01:04 1,112,288 a------- i:\windows\system32\wdfcoinstaller01007.dll
2008-12-15 01:04 659,968 a------- i:\windows\system32\nmwcdcocls.dll
2008-12-15 01:04 17,664 a------- i:\windows\system32\drivers\ccdcmb.sys
2008-12-07 03:09 410,984 a------- i:\windows\system32\deploytk.dll

==================== Find3M ====================

2008-12-03 14:47 6,578 a--sh--- i:\windows\system32\KGyGaAvL.sys
2008-10-23 20:36 286,720 a------- i:\windows\system32\gdi32.dll
2008-10-17 04:38 826,368 a------- i:\windows\system32\wininet.dll
2008-10-16 14:06 268,648 a------- i:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- i:\windows\system32\muweb.dll
2008-10-03 18:02 247,326 a------- i:\windows\system32\strmdll.dll
2008-09-30 16:43 1,286,152 a------- i:\windows\system32\msxml4.dll
2006-06-23 22:48 32,768 a----r-- i:\windows\inf\UpdateUSB.exe
2008-09-06 00:29 8 ---shr-- i:\windows\system32\BF219EF93F.sys
2008-09-21 12:11 32,768 a--sh--- i:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090120080908\index.dat
2008-09-21 12:11 32,768 a--sh--- i:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008092120080922\index.dat

============= FINISH: 14:50:46.15 ===============