HungryGarou
2011-11-15, 16:22
Hello.
I've had some issues where Explorer.exe where it keeps crashing and reloading periodically. Ive ran some scans with Avast, Malwarebytes, Spybot, and CCleaner. (I've already attempted to fixed the issues in the registry with CCleaner and Spybot) I was able to rid of a weird problem where upon startup i couldn't use explorer or any browser for about ten minutes, until a "firewall is not enabled" prompt came up, and the "wireless connection 2" icon soon appeared.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_29
Run by jinjin at 8:49:12 on 2011-11-15
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2942.1784 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
L:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
L:\WINDOWS\System32\svchost.exe -k netsvcs
L:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
L:\Program Files\Alwil Software\Avast5\AvastSvc.exe
L:\WINDOWS\system32\RUNDLL32.EXE
L:\WINDOWS\RTHDCPL.EXE
L:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
L:\Program Files\Zune\ZuneLauncher.exe
L:\Program Files\Lexmark 5600-6600 Series\lxduMsdMon.exe
L:\WINDOWS\system32\spoolsv.exe
L:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
svchost.exe
L:\Program Files\D-Link\DWA-160 revA\AirNCFG.exe
L:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
L:\Program Files\Canon\MyPrinter\BJMyPrt.exe
L:\WINDOWS\System32\svchost.exe -k Akamai
L:\WINDOWS\system32\ANIWConnService.exe
L:\Program Files\QuickTime\QTTask.exe
L:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
L:\Program Files\iTunes\iTunesHelper.exe
L:\Program Files\Application Updater\ApplicationUpdater.exe
L:\Program Files\Bamboo Dock\BambooCore.exe
L:\Program Files\Bonjour\mDNSResponder.exe
L:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
L:\Program Files\Common Files\Java\Java Update\jusched.exe
L:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\program files\real\realplayer\update\realsched.exe
L:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
L:\WINDOWS\system32\ctfmon.exe
L:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
L:\Program Files\Java\jre6\bin\jqs.exe
L:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxduserv.exe
L:\WINDOWS\system32\lxducoms.exe
L:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
L:\WINDOWS\System32\svchost.exe -k HPZ12
L:\Program Files\CDBurnerXP\NMSAccessU.exe
L:\WINDOWS\system32\nvsvc32.exe
L:\WINDOWS\System32\svchost.exe -k HPZ12
L:\WINDOWS\system32\svchost.exe -k imgsvc
L:\Program Files\DAEMON Tools Lite\DTLite.exe
L:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
L:\WINDOWS\system32\ZuneBusEnum.exe
L:\Documents and Settings\jinjin\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
L:\Documents and Settings\jinjin\Local Settings\Application Data\Akamai\netsession_win.exe
L:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
L:\Program Files\Logitech\SetPoint\SetPoint.exe
L:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
L:\Program Files\MagicDisc\MagicDisc.exe
L:\Documents and Settings\jinjin\Local Settings\Application Data\Akamai\netsession_win.exe
L:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
L:\Program Files\iPod\bin\iPodService.exe
L:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
L:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
L:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
E:\firefox portable\FirefoxPortable.exe
E:\firefox portable\App\firefox\firefox.exe
E:\firefox portable\App\firefox\plugin-container.exe
L:\Program Files\Windows Media Player\wmplayer.exe
L:\PROGRA~1\THEKMP~1\KMPlayer.exe
L:\WINDOWS\explorer.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.msn.com
uSearch Page =
uSearch Bar =
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
uURLSearchHooks: Dealio Toolbar: {01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} - l:\program files\dealio toolbar\ie\4.7\dealioToolbarIE.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - l:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - d:\orbit\orbitcth.dll
BHO: Dealio Toolbar: {01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} - l:\program files\dealio toolbar\ie\4.7\dealioToolbarIE.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - l:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - l:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - l:\program files\lexmark toolbar\toolband.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - l:\program files\askbardis\bar\bin\askBar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - l:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - l:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - l:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - l:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - l:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - l:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - l:\program files\lexmark printable web\bho.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - l:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - l:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - l:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - l:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - l:\program files\lexmark toolbar\toolband.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - l:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - l:\program files\askbardis\bar\bin\askBar.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - d:\orbit\GrabPro.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - l:\program files\daemon tools toolbar\DTToolbar.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - l:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Pictures: {8e929f51-5914-11d6-971f-0050fc3f9161} - l:\program files\diodia software\pictures toolbar\Pictures.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - l:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Dealio Toolbar: {01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} - l:\program files\dealio toolbar\ie\4.7\dealioToolbarIE.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - l:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - l:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [ctfmon.exe] l:\windows\system32\ctfmon.exe
uRun: [swg] "l:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [DAEMON Tools Lite] "l:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [msnmsgr] "l:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [SansaDispatch] l:\documents and settings\jinjin\application data\sandisk\sansa updater\SansaDispatch.exe
uRun: [Akamai NetSession Interface] l:\documents and settings\jinjin\local settings\application data\akamai\netsession_win.exe
mRun: [NvCplDaemon] RUNDLL32.EXE l:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE l:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [IMJPMIG8.1] "l:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] l:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] l:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] l:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [lxdumon.exe] "l:\program files\lexmark 5600-6600 series\lxdumon.exe"
mRun: [lxduamon] "l:\program files\lexmark 5600-6600 series\lxduamon.exe"
mRun: [Zune Launcher] "l:\program files\zune\ZuneLauncher.exe"
mRun: [ClientGW]
mRun: [eSnips] "l:\program files\esnips\ClientGW.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [hpqSRMon]
mRun: [ANIWZCS2Service] l:\program files\ani\aniwzcs2 service\WZCSLDR2.exe
mRun: [D-Link D-Link Xtreme N Dual Band DWA-160] l:\program files\d-link\dwa-160 reva\AirNCFG.exe
mRun: [avast5] l:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [CanonMyPrinter] l:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenu] l:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [QuickTime Task] "l:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "l:\program files\itunes\iTunesHelper.exe"
mRun: [DivXUpdate] "l:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [BambooCore] l:\program files\bamboo dock\BambooCore.exe
mRun: [<NO NAME>]
mRun: [SearchSettings] "l:\program files\common files\spigot\search settings\SearchSettings.exe"
mRun: [SunJavaUpdateSched] "l:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Malwarebytes' Anti-Malware] "l:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: l:\docume~1\jinjin\startm~1\programs\startup\erunta~1.lnk - l:\program files\erunt\AUTOBACK.EXE
StartupFolder: l:\docume~1\jinjin\startm~1\programs\startup\magicd~1.lnk - l:\program files\magicdisc\MagicDisc.exe
StartupFolder: l:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - l:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: l:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - l:\program files\logitech\setpoint\SetPoint.exe
IE: &Download by Orbit - d:\orbit\orbitmxt.dll/201
IE: &Grab video by Orbit - d:\orbit\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - d:\orbit\orbitmxt.dll/203
IE: Down&load all by Orbit - d:\orbit\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - l:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: Extract Flash Video with Bytescout... - l:\program files\bytescout movies extractor scout\flashextract_ie.html
IE: Google Sidewiki... - l:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Snip to my eSnips account - l:\program files\esnips\res\SnipIt.htm
IE: {626B5BA3-81E5-4748-A4C5-B77434C12DD3} - l:\program files\bytescout movies extractor scout\flashextract_ie.html
IE: {72270F2D-66B9-477D-9A1F-180EB66AA23B} - l:\program files\bytescout movies extractor scout\flashextract_ie.html
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - l:\documents and settings\jinjin\start menu\programs\imvu\Run IMVU.lnk
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - l:\program files\messenger\msmsgs.exe
IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - l:\program files\winhttrack\WinHTTrackIEBar.dll
IE: {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - {17A84966-F1E9-4645-AA9E-5E771EE1C859} - l:\progra~1\nuclea~1\videoget\plugins\VIDEOG~1.DLL
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - l:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - l:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - l:\progra~1\spybot~1\SDHelper.dll
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1244245586125
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{4DAC69A4-7758-4596-9F7B-4BAD8028ACD6} : DhcpNameServer = 209.18.47.61 209.18.47.62
Notify: LBTWlgn - l:\program files\common files\logitech\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - l:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - l:\documents and settings\jinjin\application data\mozilla\firefox\profiles\1dkcd1uf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WEATDF&PC=WEATDF&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=992732&ilc=12&p=
FF - component: l:\documents and settings\jinjin\application data\mozilla\firefox\profiles\1dkcd1uf.default\extensions\{db9127a2-3381-41ec-82b3-1b6ed4c6f29a}\components\FlashGetXPI.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nppl3260.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprjplug.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpjplug.dll
FF - plugin: l:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: l:\documents and settings\jinjin\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: l:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: l:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: l:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: l:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: l:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: l:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: l:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: l:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: l:\program files\mozilla firefox\plugins\npkanevapatch.dll
FF - plugin: l:\program files\mozilla firefox\plugins\npOGAPlugin.dll
FF - plugin: l:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - l:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - l:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - l:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - l:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - l:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - l:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - l:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Edit Cookies: {ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99} - %profile%\extensions\{ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Movies Extractor Scout helper: {ABD59049-8F4C-4F50-A274-CC63527942FA} - %profile%\extensions\{ABD59049-8F4C-4F50-A274-CC63527942FA}
FF - Ext: flashget3 Extension: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A} - %profile%\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
FF - Ext: BatchDownload: batchdownload@panshisoft.cn - %profile%\extensions\batchdownload@panshisoft.cn
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - l:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - l:\program files\java\jre6\lib\deploy\jqs\ff
.
---- FIREFOX POLICIES ----
pref(dom.disable_open_during_load, true);
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;l:\windows\system32\drivers\aswSnx.sys [2011-4-2 442200]
R1 aswSP;aswSP;l:\windows\system32\drivers\aswSP.sys [2008-11-3 320856]
R2 Akamai;Akamai NetSession Interface;l:\windows\system32\svchost.exe -k Akamai [2008-4-14 14336]
R2 ANIWConnService;ANIWConn Service;l:\windows\system32\ANIWConnService.exe [2010-2-21 147456]
R2 Application Updater;Application Updater;l:\program files\application updater\ApplicationUpdater.exe [2011-9-27 745880]
R2 aswFsBlk;aswFsBlk;l:\windows\system32\drivers\aswFsBlk.sys [2008-11-3 20568]
R2 avast! Antivirus;avast! Antivirus;l:\program files\alwil software\avast5\AvastSvc.exe [2010-3-23 44768]
R2 lxdu_device;lxdu_device;l:\windows\system32\lxducoms.exe -service --> l:\windows\system32\lxducoms.exe -service [?]
R2 lxduCATSCustConnectService;lxduCATSCustConnectService;l:\windows\system32\spool\drivers\w32x86\3\lxduserv.exe [2008-11-29 98984]
R2 MBAMService;MBAMService;l:\program files\malwarebytes' anti-malware\mbamservice.exe [2008-11-12 366152]
R3 arusb(Atheros);D-Link Wireless Network Adapter Service;l:\windows\system32\drivers\dwarusb.sys [2010-2-21 457728]
R3 MBAMProtector;MBAMProtector;l:\windows\system32\drivers\mbam.sys [2008-11-12 22216]
S2 gupdate1ca6268959ce04c;Google Update Service (gupdate1ca6268959ce04c);l:\program files\google\update\GoogleUpdate.exe [2009-11-10 133104]
S3 gupdatem;Google Update Service (gupdatem);l:\program files\google\update\GoogleUpdate.exe [2009-11-10 133104]
S3 hid8101;hid8101;l:\windows\system32\drivers\hid8101.sys [2010-2-9 31899]
S3 NPF;NetGroup Packet Filter Driver;l:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S3 PL-40R;CASIO USB MIDI;l:\windows\system32\drivers\pl40rwdm.sys [2011-5-17 18048]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;l:\windows\system32\drivers\rt2870.sys --> l:\windows\system32\drivers\rt2870.sys [?]
S3 xbreader;MaxDrive XBox Driver (xbreader.sys);l:\windows\system32\drivers\xbreader.sys [2001-1-2 19677]
S3 XDva311;XDva311;\??\l:\windows\system32\xdva311.sys --> l:\windows\system32\XDva311.sys [?]
S3 XDva344;XDva344;\??\l:\windows\system32\xdva344.sys --> l:\windows\system32\XDva344.sys [?]
.
=============== Created Last 30 ================
.
2011-11-15 06:18:53 388096 ----a-r- l:\documents and settings\jinjin\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-11-15 06:18:52 -------- d-----w- l:\program files\Trend Micro
2011-11-15 01:46:14 -------- d-----w- l:\program files\Spybot - Search & Destroy
2011-11-15 01:46:14 -------- d-----w- l:\documents and settings\all users\application data\Spybot - Search & Destroy
2011-11-12 06:46:18 -------- d-----w- l:\documents and settings\jinjin\application data\SumatraPDF
2011-11-12 06:46:12 -------- d-----w- l:\program files\SumatraPDF
2011-11-12 06:29:47 -------- d-----w- l:\documents and settings\jinjin\application data\IObit
2011-11-12 04:34:55 -------- d-----w- l:\program files\Defraggler
2011-11-09 01:03:43 -------- d-----w- l:\documents and settings\jinjin\application data\bsnes
2011-11-08 04:58:38 -------- d-----w- l:\documents and settings\jinjin\application data\.anki
2011-11-08 04:40:12 -------- d-----w- l:\program files\Anki
2011-11-07 13:38:09 -------- d-----w- l:\program files\common files\xing shared
2011-11-03 01:03:40 1033728 ----a-w- l:\windows\system32\explorer.exe
2011-11-03 00:39:24 -------- d-----w- l:\documents and settings\jinjin\local settings\application data\Akamai
.
==================== Find3M ====================
.
2011-11-07 13:37:35 499712 ----a-w- l:\windows\system32\msvcp71.dll
2011-11-07 13:37:35 348160 ----a-w- l:\windows\system32\msvcr71.dll
2011-10-27 13:51:13 414368 ----a-w- l:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22:41 692736 ----a-w- l:\windows\system32\inetcomm.dll
2011-10-03 10:06:03 472808 ----a-w- l:\windows\system32\deployJava1.dll
2011-10-03 07:37:52 73728 ----a-w- l:\windows\system32\javacpl.cpl
2011-09-28 07:06:50 599040 ----a-w- l:\windows\system32\crypt32.dll
2011-09-26 16:41:20 611328 ----a-w- l:\windows\system32\uiautomationcore.dll
2011-09-26 16:41:20 220160 ----a-w- l:\windows\system32\oleacc.dll
2011-09-26 16:41:14 20480 ----a-w- l:\windows\system32\oleaccrc.dll
2011-09-06 21:45:29 41184 ----a-w- l:\windows\avastSS.scr
2011-09-06 21:38:05 442200 ----a-w- l:\windows\system32\drivers\aswSnx.sys
2011-09-06 13:20:51 1858944 ----a-w- l:\windows\system32\win32k.sys
2011-08-31 23:00:50 22216 ----a-w- l:\windows\system32\drivers\mbam.sys
2011-08-17 21:32:17 832512 ----a-w- l:\windows\system32\wininet.dll
2011-08-17 21:32:16 78336 ----a-w- l:\windows\system32\ieencode.dll
2011-08-17 21:32:16 1830912 ------w- l:\windows\system32\inetcpl.cpl
2011-08-17 21:32:15 17408 ----a-w- l:\windows\system32\corpol.dll
2006-05-03 09:06:54 163328 --sh--r- l:\windows\system32\flvDX.dll
2007-02-21 10:47:16 31232 --sh--r- l:\windows\system32\msfDX.dll
2008-03-16 12:30:52 216064 --sh--r- l:\windows\system32\nbDX.dll
.
============= FINISH: 8:52:02.09 ===============
also..if it helps
--error signature--
EventType : BEX P1 : explorer.exe P2 : 6.0.2900.5512 P3 : 48025c30
P4 : unknown P5 : 0.0.0.0 P6 : 00000000 P7 : 0b789290
P8 : c0000005 P9 : 00000008
I've had some issues where Explorer.exe where it keeps crashing and reloading periodically. Ive ran some scans with Avast, Malwarebytes, Spybot, and CCleaner. (I've already attempted to fixed the issues in the registry with CCleaner and Spybot) I was able to rid of a weird problem where upon startup i couldn't use explorer or any browser for about ten minutes, until a "firewall is not enabled" prompt came up, and the "wireless connection 2" icon soon appeared.
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_29
Run by jinjin at 8:49:12 on 2011-11-15
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2942.1784 [GMT -6:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ===============
.
L:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
L:\WINDOWS\System32\svchost.exe -k netsvcs
L:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
L:\Program Files\Alwil Software\Avast5\AvastSvc.exe
L:\WINDOWS\system32\RUNDLL32.EXE
L:\WINDOWS\RTHDCPL.EXE
L:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
L:\Program Files\Zune\ZuneLauncher.exe
L:\Program Files\Lexmark 5600-6600 Series\lxduMsdMon.exe
L:\WINDOWS\system32\spoolsv.exe
L:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
svchost.exe
L:\Program Files\D-Link\DWA-160 revA\AirNCFG.exe
L:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
L:\Program Files\Canon\MyPrinter\BJMyPrt.exe
L:\WINDOWS\System32\svchost.exe -k Akamai
L:\WINDOWS\system32\ANIWConnService.exe
L:\Program Files\QuickTime\QTTask.exe
L:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
L:\Program Files\iTunes\iTunesHelper.exe
L:\Program Files\Application Updater\ApplicationUpdater.exe
L:\Program Files\Bamboo Dock\BambooCore.exe
L:\Program Files\Bonjour\mDNSResponder.exe
L:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
L:\Program Files\Common Files\Java\Java Update\jusched.exe
L:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\program files\real\realplayer\update\realsched.exe
L:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
L:\WINDOWS\system32\ctfmon.exe
L:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
L:\Program Files\Java\jre6\bin\jqs.exe
L:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxduserv.exe
L:\WINDOWS\system32\lxducoms.exe
L:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
L:\WINDOWS\System32\svchost.exe -k HPZ12
L:\Program Files\CDBurnerXP\NMSAccessU.exe
L:\WINDOWS\system32\nvsvc32.exe
L:\WINDOWS\System32\svchost.exe -k HPZ12
L:\WINDOWS\system32\svchost.exe -k imgsvc
L:\Program Files\DAEMON Tools Lite\DTLite.exe
L:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
L:\WINDOWS\system32\ZuneBusEnum.exe
L:\Documents and Settings\jinjin\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe
L:\Documents and Settings\jinjin\Local Settings\Application Data\Akamai\netsession_win.exe
L:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
L:\Program Files\Logitech\SetPoint\SetPoint.exe
L:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
L:\Program Files\MagicDisc\MagicDisc.exe
L:\Documents and Settings\jinjin\Local Settings\Application Data\Akamai\netsession_win.exe
L:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
L:\Program Files\iPod\bin\iPodService.exe
L:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
L:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
L:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
E:\firefox portable\FirefoxPortable.exe
E:\firefox portable\App\firefox\firefox.exe
E:\firefox portable\App\firefox\plugin-container.exe
L:\Program Files\Windows Media Player\wmplayer.exe
L:\PROGRA~1\THEKMP~1\KMPlayer.exe
L:\WINDOWS\explorer.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.msn.com
uSearch Page =
uSearch Bar =
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
uURLSearchHooks: Dealio Toolbar: {01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} - l:\program files\dealio toolbar\ie\4.7\dealioToolbarIE.dll
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - l:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - d:\orbit\orbitcth.dll
BHO: Dealio Toolbar: {01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} - l:\program files\dealio toolbar\ie\4.7\dealioToolbarIE.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - l:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - l:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - l:\program files\lexmark toolbar\toolband.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - l:\program files\askbardis\bar\bin\askBar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - l:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - l:\program files\canon\easy-webprint ex\ewpexbho.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - l:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - l:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - l:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - l:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: Lexmark Printable Web: {d2c5e510-be6d-42cc-9f61-e4f939078474} - l:\program files\lexmark printable web\bho.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - l:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - l:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - l:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - l:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Lexmark Toolbar: {1017a80c-6f09-4548-a84d-edd6ac9525f0} - l:\program files\lexmark toolbar\toolband.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - l:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - l:\program files\askbardis\bar\bin\askBar.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - d:\orbit\GrabPro.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - l:\program files\daemon tools toolbar\DTToolbar.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - l:\program files\canon\easy-webprint ex\ewpexhlp.dll
TB: Pictures: {8e929f51-5914-11d6-971f-0050fc3f9161} - l:\program files\diodia software\pictures toolbar\Pictures.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - l:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Dealio Toolbar: {01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} - l:\program files\dealio toolbar\ie\4.7\dealioToolbarIE.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - l:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - l:\program files\canon\easy-webprint ex\ewpexhlp.dll
uRun: [ctfmon.exe] l:\windows\system32\ctfmon.exe
uRun: [swg] "l:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [DAEMON Tools Lite] "l:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [msnmsgr] "l:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [SansaDispatch] l:\documents and settings\jinjin\application data\sandisk\sansa updater\SansaDispatch.exe
uRun: [Akamai NetSession Interface] l:\documents and settings\jinjin\local settings\application data\akamai\netsession_win.exe
mRun: [NvCplDaemon] RUNDLL32.EXE l:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE l:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [IMJPMIG8.1] "l:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [MSPY2002] l:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] l:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] l:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [lxdumon.exe] "l:\program files\lexmark 5600-6600 series\lxdumon.exe"
mRun: [lxduamon] "l:\program files\lexmark 5600-6600 series\lxduamon.exe"
mRun: [Zune Launcher] "l:\program files\zune\ZuneLauncher.exe"
mRun: [ClientGW]
mRun: [eSnips] "l:\program files\esnips\ClientGW.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [hpqSRMon]
mRun: [ANIWZCS2Service] l:\program files\ani\aniwzcs2 service\WZCSLDR2.exe
mRun: [D-Link D-Link Xtreme N Dual Band DWA-160] l:\program files\d-link\dwa-160 reva\AirNCFG.exe
mRun: [avast5] l:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mRun: [CanonMyPrinter] l:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenu] l:\program files\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [QuickTime Task] "l:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "l:\program files\itunes\iTunesHelper.exe"
mRun: [DivXUpdate] "l:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [BambooCore] l:\program files\bamboo dock\BambooCore.exe
mRun: [<NO NAME>]
mRun: [SearchSettings] "l:\program files\common files\spigot\search settings\SearchSettings.exe"
mRun: [SunJavaUpdateSched] "l:\program files\common files\java\java update\jusched.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [Malwarebytes' Anti-Malware] "l:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: l:\docume~1\jinjin\startm~1\programs\startup\erunta~1.lnk - l:\program files\erunt\AUTOBACK.EXE
StartupFolder: l:\docume~1\jinjin\startm~1\programs\startup\magicd~1.lnk - l:\program files\magicdisc\MagicDisc.exe
StartupFolder: l:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - l:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: l:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - l:\program files\logitech\setpoint\SetPoint.exe
IE: &Download by Orbit - d:\orbit\orbitmxt.dll/201
IE: &Grab video by Orbit - d:\orbit\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - d:\orbit\orbitmxt.dll/203
IE: Down&load all by Orbit - d:\orbit\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - l:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: Extract Flash Video with Bytescout... - l:\program files\bytescout movies extractor scout\flashextract_ie.html
IE: Google Sidewiki... - l:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: Snip to my eSnips account - l:\program files\esnips\res\SnipIt.htm
IE: {626B5BA3-81E5-4748-A4C5-B77434C12DD3} - l:\program files\bytescout movies extractor scout\flashextract_ie.html
IE: {72270F2D-66B9-477D-9A1F-180EB66AA23B} - l:\program files\bytescout movies extractor scout\flashextract_ie.html
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - l:\documents and settings\jinjin\start menu\programs\imvu\Run IMVU.lnk
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - l:\program files\messenger\msmsgs.exe
IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - l:\program files\winhttrack\WinHTTrackIEBar.dll
IE: {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - {17A84966-F1E9-4645-AA9E-5E771EE1C859} - l:\progra~1\nuclea~1\videoget\plugins\VIDEOG~1.DLL
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - l:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - l:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - l:\progra~1\spybot~1\SDHelper.dll
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1244245586125
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{4DAC69A4-7758-4596-9F7B-4BAD8028ACD6} : DhcpNameServer = 209.18.47.61 209.18.47.62
Notify: LBTWlgn - l:\program files\common files\logitech\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - l:\windows\system32\WPDShServiceObj.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - l:\documents and settings\jinjin\application data\mozilla\firefox\profiles\1dkcd1uf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=WEATDF&PC=WEATDF&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=992732&ilc=12&p=
FF - component: l:\documents and settings\jinjin\application data\mozilla\firefox\profiles\1dkcd1uf.default\extensions\{db9127a2-3381-41ec-82b3-1b6ed4c6f29a}\components\FlashGetXPI.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nppl3260.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprjplug.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpjplug.dll
FF - plugin: l:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: l:\documents and settings\jinjin\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll
FF - plugin: l:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: l:\program files\canon\easy-photoprint ex\NPEZFFPI.DLL
FF - plugin: l:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: l:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: l:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: l:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: l:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: l:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: l:\program files\mozilla firefox\plugins\npkanevapatch.dll
FF - plugin: l:\program files\mozilla firefox\plugins\npOGAPlugin.dll
FF - plugin: l:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - l:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - l:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - l:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - l:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - l:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - l:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - l:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Edit Cookies: {ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99} - %profile%\extensions\{ea2b95c2-9be8-48ed-bdd1-5fcd2ad0ff99}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Movies Extractor Scout helper: {ABD59049-8F4C-4F50-A274-CC63527942FA} - %profile%\extensions\{ABD59049-8F4C-4F50-A274-CC63527942FA}
FF - Ext: flashget3 Extension: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A} - %profile%\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
FF - Ext: BatchDownload: batchdownload@panshisoft.cn - %profile%\extensions\batchdownload@panshisoft.cn
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - l:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: Java Quick Starter: jqs@sun.com - l:\program files\java\jre6\lib\deploy\jqs\ff
.
---- FIREFOX POLICIES ----
pref(dom.disable_open_during_load, true);
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;l:\windows\system32\drivers\aswSnx.sys [2011-4-2 442200]
R1 aswSP;aswSP;l:\windows\system32\drivers\aswSP.sys [2008-11-3 320856]
R2 Akamai;Akamai NetSession Interface;l:\windows\system32\svchost.exe -k Akamai [2008-4-14 14336]
R2 ANIWConnService;ANIWConn Service;l:\windows\system32\ANIWConnService.exe [2010-2-21 147456]
R2 Application Updater;Application Updater;l:\program files\application updater\ApplicationUpdater.exe [2011-9-27 745880]
R2 aswFsBlk;aswFsBlk;l:\windows\system32\drivers\aswFsBlk.sys [2008-11-3 20568]
R2 avast! Antivirus;avast! Antivirus;l:\program files\alwil software\avast5\AvastSvc.exe [2010-3-23 44768]
R2 lxdu_device;lxdu_device;l:\windows\system32\lxducoms.exe -service --> l:\windows\system32\lxducoms.exe -service [?]
R2 lxduCATSCustConnectService;lxduCATSCustConnectService;l:\windows\system32\spool\drivers\w32x86\3\lxduserv.exe [2008-11-29 98984]
R2 MBAMService;MBAMService;l:\program files\malwarebytes' anti-malware\mbamservice.exe [2008-11-12 366152]
R3 arusb(Atheros);D-Link Wireless Network Adapter Service;l:\windows\system32\drivers\dwarusb.sys [2010-2-21 457728]
R3 MBAMProtector;MBAMProtector;l:\windows\system32\drivers\mbam.sys [2008-11-12 22216]
S2 gupdate1ca6268959ce04c;Google Update Service (gupdate1ca6268959ce04c);l:\program files\google\update\GoogleUpdate.exe [2009-11-10 133104]
S3 gupdatem;Google Update Service (gupdatem);l:\program files\google\update\GoogleUpdate.exe [2009-11-10 133104]
S3 hid8101;hid8101;l:\windows\system32\drivers\hid8101.sys [2010-2-9 31899]
S3 NPF;NetGroup Packet Filter Driver;l:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S3 PL-40R;CASIO USB MIDI;l:\windows\system32\drivers\pl40rwdm.sys [2011-5-17 18048]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;l:\windows\system32\drivers\rt2870.sys --> l:\windows\system32\drivers\rt2870.sys [?]
S3 xbreader;MaxDrive XBox Driver (xbreader.sys);l:\windows\system32\drivers\xbreader.sys [2001-1-2 19677]
S3 XDva311;XDva311;\??\l:\windows\system32\xdva311.sys --> l:\windows\system32\XDva311.sys [?]
S3 XDva344;XDva344;\??\l:\windows\system32\xdva344.sys --> l:\windows\system32\XDva344.sys [?]
.
=============== Created Last 30 ================
.
2011-11-15 06:18:53 388096 ----a-r- l:\documents and settings\jinjin\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-11-15 06:18:52 -------- d-----w- l:\program files\Trend Micro
2011-11-15 01:46:14 -------- d-----w- l:\program files\Spybot - Search & Destroy
2011-11-15 01:46:14 -------- d-----w- l:\documents and settings\all users\application data\Spybot - Search & Destroy
2011-11-12 06:46:18 -------- d-----w- l:\documents and settings\jinjin\application data\SumatraPDF
2011-11-12 06:46:12 -------- d-----w- l:\program files\SumatraPDF
2011-11-12 06:29:47 -------- d-----w- l:\documents and settings\jinjin\application data\IObit
2011-11-12 04:34:55 -------- d-----w- l:\program files\Defraggler
2011-11-09 01:03:43 -------- d-----w- l:\documents and settings\jinjin\application data\bsnes
2011-11-08 04:58:38 -------- d-----w- l:\documents and settings\jinjin\application data\.anki
2011-11-08 04:40:12 -------- d-----w- l:\program files\Anki
2011-11-07 13:38:09 -------- d-----w- l:\program files\common files\xing shared
2011-11-03 01:03:40 1033728 ----a-w- l:\windows\system32\explorer.exe
2011-11-03 00:39:24 -------- d-----w- l:\documents and settings\jinjin\local settings\application data\Akamai
.
==================== Find3M ====================
.
2011-11-07 13:37:35 499712 ----a-w- l:\windows\system32\msvcp71.dll
2011-11-07 13:37:35 348160 ----a-w- l:\windows\system32\msvcr71.dll
2011-10-27 13:51:13 414368 ----a-w- l:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-10 14:22:41 692736 ----a-w- l:\windows\system32\inetcomm.dll
2011-10-03 10:06:03 472808 ----a-w- l:\windows\system32\deployJava1.dll
2011-10-03 07:37:52 73728 ----a-w- l:\windows\system32\javacpl.cpl
2011-09-28 07:06:50 599040 ----a-w- l:\windows\system32\crypt32.dll
2011-09-26 16:41:20 611328 ----a-w- l:\windows\system32\uiautomationcore.dll
2011-09-26 16:41:20 220160 ----a-w- l:\windows\system32\oleacc.dll
2011-09-26 16:41:14 20480 ----a-w- l:\windows\system32\oleaccrc.dll
2011-09-06 21:45:29 41184 ----a-w- l:\windows\avastSS.scr
2011-09-06 21:38:05 442200 ----a-w- l:\windows\system32\drivers\aswSnx.sys
2011-09-06 13:20:51 1858944 ----a-w- l:\windows\system32\win32k.sys
2011-08-31 23:00:50 22216 ----a-w- l:\windows\system32\drivers\mbam.sys
2011-08-17 21:32:17 832512 ----a-w- l:\windows\system32\wininet.dll
2011-08-17 21:32:16 78336 ----a-w- l:\windows\system32\ieencode.dll
2011-08-17 21:32:16 1830912 ------w- l:\windows\system32\inetcpl.cpl
2011-08-17 21:32:15 17408 ----a-w- l:\windows\system32\corpol.dll
2006-05-03 09:06:54 163328 --sh--r- l:\windows\system32\flvDX.dll
2007-02-21 10:47:16 31232 --sh--r- l:\windows\system32\msfDX.dll
2008-03-16 12:30:52 216064 --sh--r- l:\windows\system32\nbDX.dll
.
============= FINISH: 8:52:02.09 ===============
also..if it helps
--error signature--
EventType : BEX P1 : explorer.exe P2 : 6.0.2900.5512 P3 : 48025c30
P4 : unknown P5 : 0.0.0.0 P6 : 00000000 P7 : 0b789290
P8 : c0000005 P9 : 00000008