internet connected but cant browse websites

ive looked up solutions for this problem and reset ip and winsock catalog and it works for a bit but then cant access websites again on all browsers - the only way i can access websites now is by turning off my firewall! what should i do?? pls help

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:44:33, on 28/07/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Athan\Athan.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\O2\bin\sprtcmd.exe
C:\Users\Aamir\Program Files\DNA\btdna.exe
C:\Program Files\Rokario\Bandwidth Monitor\bandmon.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Dell\QuickSet\quickset.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&...amp;ibd=4080728
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.live.com/default.aspx?&ip=...0&rru=inbox
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WebPerform - {AB692F9B-27FE-4511-8885-ED62BB45197B} - C:\Windows\system32\webperform.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Veoh Web Player Video Finder - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [O2] "C:\Program Files\O2\bin\sprtcmd.exe" /P O2
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Aamir\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [bandmon] C:\Program Files\Rokario\Bandwidth Monitor\bandmon.exe
O4 - HKCU\..\Run: [VeohPlugin] "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~4.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.miniclip.com/games/go-karts/en/"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.broadband.o2.co.uk
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - https://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} (VodClient Control Class) - http://www.tvucricket.com/player/vjocx-en-black.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Intel Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SupportSoft Sprocket Service (O2) (sprtsvc_O2) - SupportSoft, Inc. - C:\Program Files\O2\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12581 bytes

2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
32 Bit HP CIO Components Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.1.3
Adobe Shockwave Player 11
Advanced Audio FX Engine
Advanced Video FX Engine
Any Video Converter 2.6.7
AoA Audio Extractor 1.0
Apple Mobile Device Support
Apple Software Update
a-squared Anti-Malware 4.5
Athan Basic 3.6
Bandwidth Monitor
Bonjour
Browser Address Error Redirector
Choice Guard
CoffeeCup HTML Editor 2008
Compatibility Pack for the 2007 Office system
Conexant HDA D330 MDC V.92 Modem
Dell Dock
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
DHTML Editing Component
Digital Line Detect
DivX Web Player
EDocs
ESET NOD32 Antivirus
Free CD Music Converter 10
GoToAssist 8.0.0.514
HijackThis 2.0.2
HP Imaging Device Functions 11.0
HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4
HP Photosmart Essential 3.0
HP Solution Center 11.0
HP Update
Intel(R) Matrix Storage Manager
Intel(R) PROSet/Wireless Software
Internet From BT
iTunes
J2SE Runtime Environment 5.0 Update 1
Java(TM) 6 Update 5
Junk Mail filter update
Laptop Integrated Webcam Driver (1.04.01.1011)
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
mCore
MediaDirect
mHelp
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
mMHouse
Modem Diagnostic Tool
Mozilla Firefox (3.0.11)
MP3 Cutter Joiner 3.00
mPfMgr
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
mWMI
NetWaiting
Nokia Connectivity Cable Driver
O2 Broadband Assistant
OCR Software by I.R.I.S. 11.0
OutlookAddinSetup
PDF reDirect (remove only)
PS Media Tunnel
QuickSet
QuickTime
Real Alternative 1.9.0
RNBDJ Screensaver (without music)
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB969679)
Security Update for Microsoft Office Excel 2007 (KB969682)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office Word 2007 (KB969604)
SolveigMM AVI Trimmer
SopCast 2.0.4
TVUPlayer 2.4.1.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB969907)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb971933)
Veoh Web Player
VideoLAN VLC media player 0.8.6h
WIDCOMM Bluetooth Software 6.0.1.3100
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Player Firefox Plugin
WinRAR archiver
Xvid 1.2.1 final uninstall
Youda Sushi Chef

Hello.

• Click Start >> Control Panel.
  
• Under the Programs click Uninstall a Program
  
• Highlight the following:
  
  Adobe Reader 8.1.3
  J2SE Runtime Environment 5.0 Update 1
  Java(TM) 6 Update 5
  
  
• Click on the Uninstall/Change button at the top.
  

Next, to go Start > Run. In the search box, type in cmd and let it find it.
Once found, right click cmd > Run as administrator.

Now when the administator command window opens, type in:

netsh winsock reset

Hit enter.
Then reboot normally.

See if there is any difference now.

why do you want me to uninstall those programs? they're needed...

That's because they are out-dated versions.

it solved it thanks a lot

but the problem might come again :S:S

my internet stopped working for 6 hours!!! now its back but who knows for how long?!

can anyone solve this problem?

Lets us know if it does come back. If it's stable for now, lets not fix it.

okay i think it needs solving, it is very unstable, works for 10 mins then not for 2 hours and then its okay for another 10 mins....v frustrating

if its any help, it all started when 13 trojans were found on my pc and they all were in the format of BITnnln.tmp (n= number, l = letter)

DDS (Ver_09-07-30.01) - NTFSx86
Run by Aamir at 15:30:35.87 on 31/07/2009
Internet Explorer: 8.0.6001.18813 BrowserJavaVersion: 1.6.0_14
Microsoft Windows Vista Home Premium 6.0.6001.1.1252.44.1033.18.3061.1307 [GMT 1:00]

AV: ESET NOD32 Antivirus 3.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: ESET NOD32 Antivirus 3.0 *enabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\a-squared Anti-Malware\a2service.exe
C:\Windows\system32\aestsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\O2\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Athan\Athan.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Users\Aamir\Program Files\DNA\btdna.exe
C:\Program Files\Rokario\Bandwidth Monitor\bandmon.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\BitTorrent\bittorrent.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Aamir\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://mail.live.com/default.aspx?&ip=10.1.106.200&d=d2821&mf=0&rru=inbox
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=4080728
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: WebPerform Object: {ab692f9b-27fe-4511-8885-ed62bb45197b} - c:\windows\system32\webperform.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - c:\program files\windows live\toolbar\wltcore.dll
TB: {0BF43445-2F28-4351-9252-17FE6E806AA0} - No File
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [BitTorrent DNA] "c:\users\aamir\program files\dna\btdna.exe"
uRun: [bandmon] c:\program files\rokario\bandwidth monitor\bandmon.exe
uRun: [VeohPlugin] "c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe"
uRun: [AdobeUpdater] "c:\program files\common files\adobe\updater5\AdobeUpdater.exe"
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~4.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.miniclip.com/games/go-karts/en/"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Athan] c:\program files\athan\Athan.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
mRun: [O2] "c:\program files\o2\bin\sprtcmd.exe" /P O2
mRun: [a-squared] "c:\program files\a-squared anti-malware\a2guard.exe" /d=60
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\users\aamir\appdata\roaming\micros~1\windows\startm~1\programs\startup\bbcipl~1.lnk - c:\program files\bbc iplayer desktop\BBC iPlayer Desktop.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Trusted Zone: o2.co.uk\*.broadband
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.tvucricket.com/player/vjocx-en-black.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

================= FIREFOX ===================

FF - ProfilePath - c:\users\aamir\appdata\roaming\mozilla\firefox\profiles\dsvcqbtq.default\
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\aamir\appdata\roaming\mozilla\firefox\profiles\dsvcqbtq.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - plugin: c:\users\aamir\appdata\roaming\mozilla\firefox\profiles\dsvcqbtq.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\aamir\program files\dna\plugins\npbtdna.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-6-10 34312]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2008-7-28 73728]
R2 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-4-28 161048]
R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2008-6-10 468224]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R2 sprtsvc_O2;SupportSoft Sprocket Service (O2);c:\program files\o2\bin\sprtsvc.exe [2007-6-7 202280]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2008-7-28 111616]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\system32\drivers\OEM02Dev.sys [2008-7-28 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\system32\drivers\OEM02Vfx.sys [2008-7-28 7424]
S2 .EsetTrialReset;Eset Trial Reset;c:\windows\system32\regedt32.exe [2006-11-2 9216]
S2 vvdsvc;VJVodClientServices;c:\windows\system32\svchost.exe -k vvdsvc [2008-1-21 21504]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-3-20 55280]
S3 fsssvc;Windows Live Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-2-6 533360]

=============== Created Last 30 ================

2009-07-30 14:34 --d----- c:\programdata\NOS
2009-07-29 20:53 410,984 a------- c:\windows\system32\deploytk.dll
2009-07-28 17:17 --d----- c:\program files\a-squared Anti-Malware
2009-07-28 15:40 --d----- c:\program files\Trend Micro
2009-07-28 15:14 --d----- C:\SDFix
2009-07-28 14:06 --d-h--- C:\VJVod_Cache
2009-07-27 21:58 289,792 a------- c:\windows\system32\atmfd.dll
2009-07-27 21:58 156,672 a------- c:\windows\system32\t2embed.dll
2009-07-27 21:58 72,704 a------- c:\windows\system32\fontsub.dll
2009-07-27 21:58 10,240 a------- c:\windows\system32\dciman32.dll
2009-07-15 19:27 --d----- c:\windows\Youda Sushi Chef
2009-07-15 19:27 --d----- c:\program files\Youda Sushi Chef
2009-07-07 12:14 728 a------- c:\windows\{4507868A-A9CD-4ECC-BD54-0EAB6EE81D42}_WiseFW.ini
2009-07-07 12:13 --d----- c:\program files\O2
2009-07-05 14:23 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
2009-07-05 13:40 --d----- c:\users\aamir\appdata\roaming\DAEMON Tools Lite

==================== Find3M ====================

2009-07-21 22:52 915,456 a------- c:\windows\system32\wininet.dll
2009-07-21 22:47 109,056 a------- c:\windows\system32\iesysprep.dll
2009-07-21 22:47 71,680 a------- c:\windows\system32\iesetup.dll
2009-07-21 21:13 133,632 a------- c:\windows\system32\ieUnatt.exe
2009-07-05 14:13 143,360 a------- c:\windows\inf\infstrng.dat
2009-07-05 14:13 86,016 a------- c:\windows\inf\infstor.dat
2009-07-05 14:13 51,200 a------- c:\windows\inf\infpub.dat
2009-07-05 13:40 721,904 a------- c:\windows\system32\drivers\sptd.sys
2009-05-31 14:27 166,127 a------- c:\windows\hpoins30.dat
2009-05-12 15:48 737,280 a------- c:\windows\iun6002.exe
2008-07-31 21:08 665,600 a------- c:\windows\inf\drvindex.dat
2008-01-21 03:43 174 a--sh--- c:\program files\desktop.ini
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2008-07-28 13:39 74 ---shr-- c:\windows\CT4CET.bin
2008-07-31 21:48 16,384 a--sh--- c:\windows\temp\cookies\index.dat
2008-07-31 21:48 32,768 a--sh--- c:\windows\temp\history\history.ie5\index.dat
2008-07-31 21:48 32,768 a--sh--- c:\windows\temp\temporary internet files\content.ie5\index.dat
2008-07-28 22:18 8,192 a--sh--- c:\windows\users\default\NTUSER.DAT

============= FINISH: 15:33:00.45 ===============

Hello.

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  O2 - BHO: WebPerform - {AB692F9B-27FE-4511-8885-ED62BB45197B} - C:\Windows\system32\webperform.dll
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Please download and run this tool.

Download Malwarebytes' Anti-Malware from Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
  
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.

Post the contents of the MBAM Log.

when i did the fix O2 BHO thing, the screen went white and when i scanned it again, it was still there

the log for the MBAM is as follows:

Malwarebytes' Anti-Malware 1.39
Database version: 2537
Windows 6.0.6001 Service Pack 1

31/07/2009 22:39:36
mbam-log-2009-07-31 (22-39-36).txt

Scan type: Quick Scan
Objects scanned: 94825
Time elapsed: 4 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Hello.

• Download combofix from here
  Link 1
  Link 2
  

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

• See HERE for how to disable your AV.
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouse click combofix's window whilst it's running. That may cause it to stall.
  

ComboFix 09-07-31.04 - Aamir 01/08/2009 16:44.1.2 - NTFSx86
Microsoft Windows Vista Home Premium 6.0.6001.1.1252.44.1033.18.3061.1779 [GMT 1:00]
Running from: c:\users\Aamir\Desktop\Combo-Fix.exe
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: ESET NOD32 Antivirus 3.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1725273720-2298473762-1769398159-500
c:\$recycle.bin\S-1-5-21-2773397201-2855733099-4214572315-500
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\Installer\1b583.msi
c:\windows\Installer\7aed038.msp
c:\windows\system32\webperform.dll

----- BITS: Possible infected sites -----

hxxp://binuser.fileave.com
.
((((((((((((((((((((((((( Files Created from 2009-07-01 to 2009-08-01 )))))))))))))))))))))))))))))))
.

2009-08-01 15:51 . 2009-08-01 15:51 -------- d-----w- c:\users\Guest\AppData\Local\temp
2009-08-01 13:56 . 2009-08-01 15:39 -------- d-----w- c:\program files\Blue Coat K9 Web Protection
2009-08-01 04:28 . 2009-08-01 04:35 -------- d-----w- c:\users\Aamir\AppData\Local\Deployment
2009-08-01 04:28 . 2009-08-01 04:28 -------- d-----w- c:\users\Aamir\AppData\Local\Apps
2009-08-01 02:52 . 2009-08-01 02:52 1924440 ----a-w- c:\users\Aamir\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
2009-07-31 21:34 . 2009-07-31 21:34 -------- d-----w- c:\users\Aamir\AppData\Roaming\Malwarebytes
2009-07-31 21:34 . 2009-07-13 12:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-31 21:34 . 2009-07-31 21:34 -------- d-----w- c:\programdata\Malwarebytes
2009-07-31 21:34 . 2009-07-31 21:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-31 21:34 . 2009-07-13 12:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-30 13:34 . 2009-07-30 14:14 -------- d-----w- c:\programdata\NOS
2009-07-30 13:34 . 2009-07-30 14:14 -------- d-----w- c:\program files\NOS
2009-07-29 19:53 . 2009-07-29 19:53 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-28 16:17 . 2009-07-28 19:08 -------- d-----w- c:\program files\a-squared Anti-Malware
2009-07-28 14:40 . 2009-07-28 14:40 -------- d-----w- c:\program files\Trend Micro
2009-07-28 14:14 . 2008-11-06 01:03 -------- d-----w- C:\SDFix
2009-07-27 20:58 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-27 20:58 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-27 20:58 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-27 20:58 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-27 16:38 . 2009-07-27 16:38 -------- d-----w- c:\users\Aamir\AppData\Local\ESET
2009-07-15 18:27 . 2009-07-27 20:45 -------- d-----w- c:\program files\Youda Sushi Chef
2009-07-07 11:13 . 2009-07-07 11:14 -------- d-----w- c:\program files\O2
2009-07-05 12:40 . 2009-07-05 12:40 -------- d-----w- c:\users\Aamir\AppData\Roaming\DAEMON Tools Lite

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-01 15:48 . 2008-11-12 17:29 -------- d-----w- c:\users\Aamir\AppData\Roaming\DNA
2009-08-01 13:56 . 2008-07-28 13:26 836 ----a-w- c:\windows\bthservsdp.dat
2009-08-01 13:56 . 2008-11-12 17:29 -------- d-----w- c:\users\Aamir\AppData\Roaming\BitTorrent
2009-07-30 15:00 . 2008-09-17 18:28 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-29 21:15 . 2008-08-19 01:05 -------- d-----w- c:\program files\Free CD Music Converter
2009-07-29 19:57 . 2008-07-28 12:35 -------- d-----w- c:\program files\Java
2009-07-29 19:51 . 2008-07-28 12:47 -------- d-----w- c:\programdata\McAfee
2009-07-28 02:03 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-07-28 02:03 . 2008-09-13 21:53 -------- d-----w- c:\programdata\Microsoft Help
2009-07-27 20:45 . 2009-05-31 13:17 -------- d-----w- c:\programdata\HP Product Assistant
2009-07-21 21:52 . 2009-07-28 19:13 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-28 19:13 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-28 19:13 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-28 19:13 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-07 11:14 . 2008-07-28 12:50 -------- d-----w- c:\programdata\SupportSoft
2009-07-06 13:07 . 2008-12-06 21:32 -------- d-----w- c:\users\Aamir\AppData\Roaming\Any Video Converter
2009-07-05 13:23 . 2009-07-05 13:23 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
2009-07-05 13:14 . 2008-10-12 15:35 -------- d-----w- c:\programdata\VMware
2009-07-05 12:40 . 2008-10-04 23:19 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-06-26 23:12 . 2009-06-26 23:11 -------- d-----w- c:\program files\AoA Audio Extractor
2009-06-19 18:51 . 2009-06-19 18:49 5 ----a-w- c:\windows\system32\SySMP3CutJoin.dat
2009-06-19 18:49 . 2009-06-19 18:49 -------- d-----w- c:\program files\AudioToolsFactory
2009-06-19 18:43 . 2008-11-24 22:35 -------- d-----w- c:\program files\Easy MP3 Cutter
2009-06-14 20:22 . 2009-06-14 20:22 -------- d-----w- c:\users\Aamir\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
2009-06-10 17:37 . 2009-06-10 17:37 5589408 ----a-w- c:\users\Aamir\AppData\Roaming\TVU networks\TVU AutoUpgrade\TVUPlayer2.4.5.3.exe
2009-06-10 17:37 . 2009-06-10 17:37 -------- d-----w- c:\users\Aamir\AppData\Roaming\TVU networks
2009-06-10 17:37 . 2009-06-10 17:37 -------- d-----w- c:\programdata\TVU Networks
2009-05-31 13:27 . 2009-05-31 12:50 166127 ----a-w- c:\windows\hpoins30.dat
2009-05-19 23:04 . 2009-05-19 23:04 110373 ----a-w- c:\programdata\tmpC380.tmp
2009-05-19 22:57 . 2009-05-19 22:57 110373 ----a-w- c:\programdata\tmp98D7.tmp
2009-05-12 14:48 . 2009-05-12 14:48 737280 ----a-w- c:\windows\iun6002.exe
2009-06-16 13:51 . 2008-07-31 20:00 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2008-07-28 12:39 . 2008-07-28 12:39 74 --sh--r- c:\windows\CT4CET.bin
2008-07-28 21:18 . 2008-07-28 21:18 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"BitTorrent DNA"="c:\users\Aamir\Program Files\DNA\btdna.exe" [2009-01-09 342848]
"bandmon"="c:\program files\Rokario\Bandwidth Monitor\bandmon.exe" [2008-06-01 1529856]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-04-03 3558648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-05-04 167936]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2008-03-04 36864]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-06 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-06 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-06 133656]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-06-10 1447168]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
"Athan"="c:\program files\Athan\Athan.exe" [2009-05-01 1130496]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]
"O2"="c:\program files\O2\bin\sprtcmd.exe" [2008-03-28 198184]
"a-squared"="c:\program files\A-SQUARED ANTI-MALWARE\a2guard.exe" [2009-07-28 3208848]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-29 148888]

c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-5-13 1058088]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-7-28 50688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-07-28 12:54 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{89C25CC2-F7F6-47F5-A697-8208B5A116B9}"= c:\program files\Dell\MediaDirect\MediaDirect.exe:Dell MediaDirect
"{DE0A2CE6-7718-4441-A4D5-E2CF1C00A3AB}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{3D488133-E4DA-43D6-AC77-D2BEDB35DE73}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{8EC51EE4-14CF-420C-A499-0802AC05C85B}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{649E2C62-3BCC-4EDC-BDA1-BAA50070B18F}"= UDP:c:\program files\Kontiki\KService.exe:Delivery Manager Service
"{510B18C9-4B87-4779-A436-EC66A148380D}"= TCP:c:\program files\Kontiki\KService.exe:Delivery Manager Service
"TCP Query User{9B7A8A0D-906F-47D0-9423-7D6ABC62724E}c:\\program files\\kontiki\\khost.exe"= UDP:c:\program files\kontiki\khost.exe:Delivery Manager
"UDP Query User{2EA3AE87-6EF9-4438-A08E-C32FD95EBCDA}c:\\program files\\kontiki\\khost.exe"= TCP:c:\program files\kontiki\khost.exe:Delivery Manager
"TCP Query User{3A9469E5-B307-420A-9AF9-AFD2B212E316}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{31F61B2E-546F-4E23-AE6C-0C70E0838A96}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{4AC55498-A11D-4FC2-B728-22C2878DC976}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{D6041F4F-7CDE-459D-A889-DF62533930C5}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{31BFECD6-1297-4D09-B819-627480C57BCF}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{FD9A5F87-4213-4BA8-869B-DB1FB5C5057B}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{6B042DD6-5A6F-44F2-AECD-70A891A95EDD}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{CE456609-0E45-4077-8528-974952A041BB}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"TCP Query User{C55A967F-CD10-49F1-B868-1D171AECEA87}c:\\program files\\tvants\\tvants.exe"= UDP:c:\program files\tvants\tvants.exe:TVAnts
"UDP Query User{96A10B2E-7C3C-451B-9B9B-F57E11B23D4D}c:\\program files\\tvants\\tvants.exe"= TCP:c:\program files\tvants\tvants.exe:TVAnts
"TCP Query User{2B75AAFC-1C76-40FF-8D50-FCDF3E4F9C57}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{0F6008CB-4040-4ABB-8132-7143EA8FD4E0}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{A0CD4DAD-1720-42AB-BE42-5FC53D8DCE93}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{4D691B76-72DE-4AB9-B113-1FF4F11FD58E}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{DA1CFAC3-4BAC-49DB-82EA-9DB569896973}c:\\users\\aamir\\program files\\dna\\btdna.exe"= UDP:c:\users\aamir\program files\dna\btdna.exe:btdna.exe
"UDP Query User{7E664DE4-51EE-4228-9135-D992224C58E8}c:\\users\\aamir\\program files\\dna\\btdna.exe"= TCP:c:\users\aamir\program files\dna\btdna.exe:btdna.exe
"{196AC28E-2031-44AF-9B6C-64F871EE7F74}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{A0C49E3E-E16E-4157-9A15-BF809F9B5044}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour

"{3737E4EF-547B-48EF-BD09-BAF16954ECE9}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{EDD9B689-004A-4702-B76D-AA3A7BE891A6}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{DC70CA1E-49BF-416D-9FE3-DCE98CD3ED0A}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{7DD3C9D4-3A2F-4D28-B76C-2AF0876E45FF}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{17CA79D4-460D-40D9-B075-001FFFC3F36F}"= UDP:c:\program files\TVersity\Media Server\web\admin\TVersity.exe:TVersity Media Server
"{921CF375-17D7-4584-8111-B7D251167A20}"= TCP:c:\program files\TVersity\Media Server\web\admin\TVersity.exe:TVersity Media Server
"{B933BEDC-3226-4515-BA14-078E87362A56}"= UDP:41952:Tversity
"{C9A6EAD0-E943-4149-9333-2EE6594802A2}"= Disabled:UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In)
"{F5FF143B-5C3E-4629-B467-39F20B457186}"= Disabled:TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In)
"{5E88F7CD-B796-4402-91D2-46C763D18F90}"= e:\setup\hpznui01.exe:hpznui01.exe
"{6FFC8E04-D218-43A6-84E9-1CCF667A81EF}"= TCP:427|RPort=427|c:\windows\system32\svchost.exe|Svc=HPSLPSVC:SLP_Service
"{9DD8884D-6065-4A2D-9F53-781647B70B13}"= c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{32480EC1-EA1E-4DC1-AD14-080C1113E152}"= c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{E42D771B-5696-4974-9FF7-AA8253CD4DDB}"= c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{0255AE1A-BFAF-4E57-BB5B-9BF4078E12B4}"= c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{7C038E26-E7AD-4D08-BCEC-BADC1D8EA935}"= c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{F8F64528-0944-4BF5-B4D8-F79AC0B4F375}"= c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{2A6343FF-5BDF-4228-A7F3-1F7D0FF88EBF}"= c:\program files\Common Files\HP\Digital Imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{038AFC15-3DF7-43F9-854A-65B4986765DD}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{B4891F42-32BB-467F-BAFA-2A07C6498AEC}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{E578C9B4-E145-4ECB-B4E4-634601ED3F49}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{688BE959-2F05-47C6-91FA-C1AEEC22A5E4}"= c:\program files\HP\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe
"{0B8B84CA-43DC-4073-8D6F-E0088D80DE37}"= c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe
"TCP Query User{7DEFB218-127B-4CDB-ABB2-22C4E9063EDB}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"UDP Query User{ECA3CB92-518A-4348-8DD1-85DF6A885A2B}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"TCP Query User{BABE41DD-3214-4003-890A-3EBEA3FE99E9}c:\\program files\\surfstation\\server9\\ss9server.exe"= UDP:c:\program files\surfstation\server9\ss9server.exe:SS9Server
"UDP Query User{33B6C9D3-5AFC-4398-B9CE-A1AB45303C3C}c:\\program files\\surfstation\\server9\\ss9server.exe"= TCP:c:\program files\surfstation\server9\ss9server.exe:SS9Server
"TCP Query User{9B9E3C51-4E9E-42AD-BC4B-3807E8A7714A}c:\\program files\\java\\jre1.6.0_05\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0_05\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{5FC1CE4F-EB9F-4DEE-94A5-6E62BC944C8D}c:\\program files\\java\\jre1.6.0_05\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0_05\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{78BB2CDA-F5B5-429A-A527-6FF4D7CC6D7C}c:\\program files\\digital integration ltd\\ps media tunnel\\psmediatunnel.exe"= UDP:c:\program files\digital integration ltd\ps media tunnel\psmediatunnel.exe:Media Tunnel for Home Entertainment Systems
"UDP Query User{6C1DA349-2894-4E44-88DD-56398AE75E88}c:\\program files\\digital integration ltd\\ps media tunnel\\psmediatunnel.exe"= TCP:c:\program files\digital integration ltd\ps media tunnel\psmediatunnel.exe:Media Tunnel for Home Entertainment Systems
"{E581AE85-36A8-4ABC-B67D-9B125457BFAE}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{0D98AC32-08ED-4432-8631-EF6AEB59F840}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{A7F34BD0-AFE6-4532-AB22-134A636D60F9}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"{918C7B5F-D20C-4767-BE6F-C0E6458FBF44}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"{C2C9F2C1-2EC7-400F-8B1F-0341DB850828}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"{F43FB4C3-905B-40AD-8AB7-DC4644F49E7F}"= UDP:990:LocalSubnet:LocalSubnet|IF={0F3CDABF-E273-4073-822C-7C18684F0C00}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001
"{B8C95EC2-F0CB-49F8-BB7A-983EFB681336}"= UDP:c:\program files\O2\bin\wificfg.exe:sprtcmd.exe
"{42D04E6E-4CFE-4418-9C2D-9F5295BAC438}"= TCP:c:\program files\O2\bin\wificfg.exe:sprtcmd.exe
"{4ACF2784-EDD3-4181-9B68-09BE008B6DD1}"= UDP:c:\program files\O2\agent\bin\bcont.exe:bcont.exe
"{A22875A8-A710-4057-AD0F-745AA816A219}"= TCP:c:\program files\O2\agent\bin\bcont.exe:bcont.exe
"{10DF902A-0C9F-4C86-B8C1-6DCB1A1A1308}"= UDP:c:\program files\Common Files\supportsoft\bin\ssrc.exe:ssrc.exe
"{9897100B-3EE8-45F9-963B-6702E6A94FD0}"= TCP:c:\program files\Common Files\supportsoft\bin\ssrc.exe:ssrc.exe
"{952FA68D-E208-4F20-A921-A34641558F69}"= UDP:c:\program files\O2\agent\bin\bcont_nm.exe:bcont_nm.exe
"{F92806FF-9D4B-4B74-BD0B-5359F9523E3D}"= TCP:c:\program files\O2\agent\bin\bcont_nm.exe:bcont_nm.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R1 bckd;bckd;c:\windows\System32\drivers\bckd.sys [14/01/2009 00:39 72992]
R1 epfwtdir;epfwtdir;c:\windows\System32\drivers\epfwtdir.sys [10/06/2008 18:56 34312]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [28/07/2008 14:24 73728]
R2 bckwfs;Blue Coat K9 Web Protection;c:\program files\Blue Coat K9 Web Protection\k9filter.exe [14/01/2009 00:39 1078560]
R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [28/04/2008 16:56 161048]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [10/06/2008 18:53 468224]
R2 sprtsvc_O2;SupportSoft Sprocket Service (O2);c:\program files\O2\bin\sprtsvc.exe [07/06/2007 16:19 202280]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [28/07/2008 22:19 111616]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\System32\drivers\OEM02Dev.sys [28/07/2008 22:19 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\System32\drivers\OEM02Vfx.sys [28/07/2008 22:19 7424]
S2 .EsetTrialReset;Eset Trial Reset;c:\windows\System32\regedt32.exe [02/11/2006 09:32 9216]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [20/03/2009 22:00 55280]
S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - BCKD
*Deregistered* - mchInjDrv

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKCU-Run-AdobeUpdater - c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://mail.live.com/default.aspx?&ip=10.1.106.200&d=d2821&mf=0&rru=inbox
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: o2.co.uk\*.broadband
FF - ProfilePath - c:\users\Aamir\AppData\Roaming\Mozilla\Firefox\Profiles\dsvcqbtq.default\
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Aamir\AppData\Roaming\Mozilla\Firefox\Profiles\dsvcqbtq.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\Aamir\Program Files\DNA\plugins\npbtdna.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-01 16:51
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1725273720-2298473762-1769398159-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B4A4B4BE-3FEB-8565-8F90-29189E7B3386}*]
"haebblmcdpdjocho"=hex:6b,61,70,6e,69,69,6f,6d,67,68,6b,6d,70,67,61,61,70,70,
66,6b,6e,62,00,00
"iacblpionfgcjhfjbf"=hex:6b,61,67,6f,62,61,70,64,65,67,63,67,69,6a,69,6a,64,67,
6e,6b,6e,61,00,00
"hagmlkilbooelfod"=hex:61,61,00,00
"hagmlkilebdfkkhk"=hex:61,61,00,00

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-08-01 16:53
ComboFix-quarantined-files.txt 2009-08-01 15:53

Pre-Run: 146,933,448,704 bytes free
Post-Run: 146,964,037,632 bytes free

298 --- E O F --- 2009-08-01 02:00

someone help please :(

even with firewall down, internet doesnt work for hours on end! it says connected and everything but the browsers dont connect. there arent even error messages on the browsers, its just a white screen and says connecting but it never does

Hello.

• Open HijackThis.
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Now open a new notepad file.
Input this into the notepad file:

RegNull::
[HKEY_USERS\S-1-5-21-1725273720-2298473762-1769398159-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{B4A4B4BE-3FEB-8565-8F90-29189E7B3386}*]

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.

ComboFix 09-08-04.04 - Aamir 06/08/2009 19:15.2.2 - NTFSx86
Microsoft Windows Vista Home Premium 6.0.6001.1.1252.44.1033.18.3061.1755 [GMT 1:00]
Running from: c:\users\Aamir\Desktop\Combo-Fix.exe
Command switches used :: c:\users\Aamir\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
SP: ESET NOD32 Antivirus 3.0 *disabled* (Updated) {E5E70D32-0101-4B98-A4D6-D1D15C3BB448}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2009-07-06 to 2009-08-06 )))))))))))))))))))))))))))))))
.

2009-08-06 18:18 . 2009-08-06 18:18 -------- d-----w- c:\users\Guest\AppData\Local\temp
2009-08-06 18:18 . 2009-08-06 18:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-08-03 23:08 . 2009-08-03 23:08 -------- d-----w- c:\users\Aamir\AppData\Roaming\CasualForge
2009-08-03 23:08 . 2009-08-03 23:08 -------- d-----w- c:\programdata\CasualForge
2009-08-03 16:09 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2009-08-03 01:29 . 2009-08-03 01:29 -------- d-----w- c:\users\Guest\AppData\Local\Mozilla
2009-08-03 01:20 . 2009-08-03 01:22 -------- d-----w- c:\users\Guest\AppData\Local\VirtualStore
2009-08-01 13:56 . 2009-08-06 16:07 -------- d-----w- c:\program files\Blue Coat K9 Web Protection
2009-08-01 04:28 . 2009-08-01 04:35 -------- d-----w- c:\users\Aamir\AppData\Local\Deployment
2009-08-01 04:28 . 2009-08-01 04:28 -------- d-----w- c:\users\Aamir\AppData\Local\Apps
2009-08-01 02:52 . 2009-08-01 02:52 1924440 ----a-w- c:\users\Aamir\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
2009-07-31 21:34 . 2009-07-31 21:34 -------- d-----w- c:\users\Aamir\AppData\Roaming\Malwarebytes
2009-07-31 21:34 . 2009-07-13 12:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-07-31 21:34 . 2009-07-31 21:34 -------- d-----w- c:\programdata\Malwarebytes
2009-07-31 21:34 . 2009-07-31 21:34 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-07-31 21:34 . 2009-07-13 12:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-07-30 13:34 . 2009-07-30 14:14 -------- d-----w- c:\programdata\NOS
2009-07-30 13:34 . 2009-07-30 14:14 -------- d-----w- c:\program files\NOS
2009-07-29 19:53 . 2009-07-29 19:53 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-07-28 16:17 . 2009-08-02 21:08 -------- d-----w- c:\program files\a-squared Anti-Malware
2009-07-28 14:40 . 2009-07-28 14:40 -------- d-----w- c:\program files\Trend Micro
2009-07-28 14:14 . 2008-11-06 01:03 -------- d-----w- C:\SDFix
2009-07-27 20:58 . 2009-06-15 15:24 156672 ----a-w- c:\windows\system32\t2embed.dll
2009-07-27 20:58 . 2009-06-15 15:20 72704 ----a-w- c:\windows\system32\fontsub.dll
2009-07-27 20:58 . 2009-06-15 15:20 10240 ----a-w- c:\windows\system32\dciman32.dll
2009-07-27 20:58 . 2009-06-15 12:52 289792 ----a-w- c:\windows\system32\atmfd.dll
2009-07-27 16:38 . 2009-07-27 16:38 -------- d-----w- c:\users\Aamir\AppData\Local\ESET
2009-07-15 18:27 . 2009-07-27 20:45 -------- d-----w- c:\program files\Youda Sushi Chef

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-06 18:13 . 2008-11-12 17:29 -------- d-----w- c:\users\Aamir\AppData\Roaming\DNA
2009-08-06 12:01 . 2008-07-28 13:26 836 ----a-w- c:\windows\bthservsdp.dat
2009-08-06 12:01 . 2008-11-12 17:29 -------- d-----w- c:\users\Aamir\AppData\Roaming\BitTorrent
2009-08-04 15:18 . 2009-05-31 12:50 166157 ----a-w- c:\windows\hpoins30.dat
2009-08-03 16:11 . 2008-09-17 18:28 -------- d-----w- c:\program files\Common Files\Adobe
2009-08-01 23:03 . 2008-12-06 21:32 -------- d-----w- c:\users\Aamir\AppData\Roaming\Any Video Converter
2009-07-29 21:15 . 2008-08-19 01:05 -------- d-----w- c:\program files\Free CD Music Converter
2009-07-29 19:57 . 2008-07-28 12:35 -------- d-----w- c:\program files\Java
2009-07-29 19:51 . 2008-07-28 12:47 -------- d-----w- c:\programdata\McAfee
2009-07-28 02:03 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-07-28 02:03 . 2008-09-13 21:53 -------- d-----w- c:\programdata\Microsoft Help
2009-07-27 20:45 . 2009-05-31 13:17 -------- d-----w- c:\programdata\HP Product Assistant
2009-07-21 21:52 . 2009-07-28 19:13 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-28 19:13 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-28 19:13 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-28 19:13 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-07 11:14 . 2008-07-28 12:50 -------- d-----w- c:\programdata\SupportSoft
2009-07-07 11:14 . 2009-07-07 11:13 -------- d-----w- c:\program files\O2
2009-07-05 13:23 . 2009-07-05 13:23 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdRapi_01_00_00.Wdf
2009-07-05 13:14 . 2008-10-12 15:35 -------- d-----w- c:\programdata\VMware
2009-07-05 12:40 . 2008-10-04 23:19 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-07-05 12:40 . 2009-07-05 12:40 -------- d-----w- c:\users\Aamir\AppData\Roaming\DAEMON Tools Lite
2009-06-26 23:12 . 2009-06-26 23:11 -------- d-----w- c:\program files\AoA Audio Extractor
2009-06-19 18:51 . 2009-06-19 18:49 5 ----a-w- c:\windows\system32\SySMP3CutJoin.dat
2009-06-19 18:49 . 2009-06-19 18:49 -------- d-----w- c:\program files\AudioToolsFactory
2009-06-19 18:43 . 2008-11-24 22:35 -------- d-----w- c:\program files\Easy MP3 Cutter
2009-06-14 20:22 . 2009-06-14 20:22 -------- d-----w- c:\users\Aamir\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
2009-06-10 17:37 . 2009-06-10 17:37 5589408 ----a-w- c:\users\Aamir\AppData\Roaming\TVU networks\TVU AutoUpgrade\TVUPlayer2.4.5.3.exe
2009-06-10 17:37 . 2009-06-10 17:37 -------- d-----w- c:\users\Aamir\AppData\Roaming\TVU networks
2009-06-10 17:37 . 2009-06-10 17:37 -------- d-----w- c:\programdata\TVU Networks
2009-05-19 23:04 . 2009-05-19 23:04 110373 ----a-w- c:\programdata\tmpC380.tmp
2009-05-19 22:57 . 2009-05-19 22:57 110373 ----a-w- c:\programdata\tmp98D7.tmp
2009-05-12 14:48 . 2009-05-12 14:48 737280 ----a-w- c:\windows\iun6002.exe
2008-07-28 12:39 . 2008-07-28 12:39 74 --sh--r- c:\windows\CT4CET.bin
2008-07-28 21:18 . 2008-07-28 21:18 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((( SnapShot@2009-08-01_15.51.19 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2009-08-06 12:05 64440 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-08-06 12:05 97316 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-07-31 16:15 . 2009-08-06 12:05 10718 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1725273720-2298473762-1769398159-1000_UserData.bin
- 2008-07-31 16:15 . 2009-08-01 15:42 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-07-31 16:15 . 2009-08-06 18:12 32768 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-07-31 16:15 . 2009-08-01 15:42 65536 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-07-31 16:15 . 2009-08-06 18:12 65536 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-07-31 16:15 . 2009-08-01 15:42 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-07-31 16:15 . 2009-08-06 18:12 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-08-01 23:25 . 2009-08-03 18:52 1844 c:\windows\System32\WDI\ERCQueuedResolutions.dat
- 2008-08-01 23:25 . 2009-07-05 12:41 1844 c:\windows\System32\WDI\ERCQueuedResolutions.dat
- 2009-08-01 13:57 . 2009-08-01 13:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-08-06 12:02 . 2009-08-06 12:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-08-06 12:02 . 2009-08-06 12:02 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-08-01 13:57 . 2009-08-01 13:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-08-01 17:55 . 2009-08-05 09:14 347666 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2008-07-31 20:48 . 2009-08-06 18:03 487036 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2006-11-02 10:33 . 2009-08-04 14:27 600378 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-07-28 14:16 600378 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-07-28 14:16 105852 c:\windows\System32\perfc009.dat
+ 2006-11-02 10:33 . 2009-08-04 14:27 105852 c:\windows\System32\perfc009.dat
+ 2009-03-27 14:18 . 2009-08-06 12:02 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-03-27 14:18 . 2009-08-01 13:58 245760 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
+ 2009-01-18 15:05 . 2009-01-18 15:05 675840 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0100000010\9.1.0\JP2KLib.dll
+ 2009-08-02 17:49 . 2009-08-02 17:49 6653952 c:\windows\Installer\1066cb2.msp
+ 2009-08-02 18:37 . 2009-08-02 18:37 1697792 c:\windows\Installer\1066cb1.msp
+ 2008-12-18 15:48 . 2008-12-18 15:48 3645440 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0100000010\9.1.0\authplay.dll
+ 2009-05-03 02:00 . 2009-08-03 01:38 46403410 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
+ 2009-02-27 15:37 . 2009-02-27 15:37 20403568 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B7449A0100000010\9.1.0\AcroRd32.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"BitTorrent DNA"="c:\users\Aamir\Program Files\DNA\btdna.exe" [2009-01-09 342848]
"bandmon"="c:\program files\Rokario\Bandwidth Monitor\bandmon.exe" [2008-06-01 1529856]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2009-04-03 3558648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-05-04 167936]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2008-03-04 36864]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-11-12 405504]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-03-06 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-03-06 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-03-06 133656]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 174872]
"dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384]
"DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-13 206064]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-06-10 1447168]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
"Athan"="c:\program files\Athan\Athan.exe" [2009-05-01 1130496]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-03-13 81920]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]
"O2"="c:\program files\O2\bin\sprtcmd.exe" [2008-03-28 198184]
"a-squared"="c:\program files\A-SQUARED ANTI-MALWARE\a2guard.exe" [2009-07-28 3208848]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-29 148888]

c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-5-13 1058088]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-8-3 113664]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-3 703280]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-7-28 50688]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
QuickSet.lnk - c:\program files\Dell\QuickSet\quickset.exe [2008-2-22 1193240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-07-28 12:54 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{89C25CC2-F7F6-47F5-A697-8208B5A116B9}"= c:\program files\Dell\MediaDirect\MediaDirect.exe:Dell MediaDirect
"{DE0A2CE6-7718-4441-A4D5-E2CF1C00A3AB}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{3D488133-E4DA-43D6-AC77-D2BEDB35DE73}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine.exe:Cyberlink Media Server Browser Engine
"{8EC51EE4-14CF-420C-A499-0802AC05C85B}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe:CyberLink Media Server
"{649E2C62-3BCC-4EDC-BDA1-BAA50070B18F}"= UDP:c:\program files\Kontiki\KService.exe:Delivery Manager Service
"{510B18C9-4B87-4779-A436-EC66A148380D}"= TCP:c:\program files\Kontiki\KService.exe:Delivery Manager Service

"TCP Query User{9B7A8A0D-906F-47D0-9423-7D6ABC62724E}c:\\program files\\kontiki\\khost.exe"= UDP:c:\program files\kontiki\khost.exe:Delivery Manager
"UDP Query User{2EA3AE87-6EF9-4438-A08E-C32FD95EBCDA}c:\\program files\\kontiki\\khost.exe"= TCP:c:\program files\kontiki\khost.exe:Delivery Manager
"TCP Query User{3A9469E5-B307-420A-9AF9-AFD2B212E316}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= UDP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"UDP Query User{31F61B2E-546F-4E23-AE6C-0C70E0838A96}c:\\program files\\veoh networks\\veoh\\veohclient.exe"= TCP:c:\program files\veoh networks\veoh\veohclient.exe:Veoh Client
"TCP Query User{4AC55498-A11D-4FC2-B728-22C2878DC976}c:\\program files\\mozilla firefox\\firefox.exe"= UDP:c:\program files\mozilla firefox\firefox.exe:Firefox
"UDP Query User{D6041F4F-7CDE-459D-A889-DF62533930C5}c:\\program files\\mozilla firefox\\firefox.exe"= TCP:c:\program files\mozilla firefox\firefox.exe:Firefox
"TCP Query User{31BFECD6-1297-4D09-B819-627480C57BCF}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"UDP Query User{FD9A5F87-4213-4BA8-869B-DB1FB5C5057B}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer
"{6B042DD6-5A6F-44F2-AECD-70A891A95EDD}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{CE456609-0E45-4077-8528-974952A041BB}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"TCP Query User{C55A967F-CD10-49F1-B868-1D171AECEA87}c:\\program files\\tvants\\tvants.exe"= UDP:c:\program files\tvants\tvants.exe:TVAnts
"UDP Query User{96A10B2E-7C3C-451B-9B9B-F57E11B23D4D}c:\\program files\\tvants\\tvants.exe"= TCP:c:\program files\tvants\tvants.exe:TVAnts
"TCP Query User{2B75AAFC-1C76-40FF-8D50-FCDF3E4F9C57}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"UDP Query User{0F6008CB-4040-4ABB-8132-7143EA8FD4E0}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver
"TCP Query User{A0CD4DAD-1720-42AB-BE42-5FC53D8DCE93}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"UDP Query User{4D691B76-72DE-4AB9-B113-1FF4F11FD58E}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent
"TCP Query User{DA1CFAC3-4BAC-49DB-82EA-9DB569896973}c:\\users\\aamir\\program files\\dna\\btdna.exe"= UDP:c:\users\aamir\program files\dna\btdna.exe:btdna.exe
"UDP Query User{7E664DE4-51EE-4228-9135-D992224C58E8}c:\\users\\aamir\\program files\\dna\\btdna.exe"= TCP:c:\users\aamir\program files\dna\btdna.exe:btdna.exe
"{196AC28E-2031-44AF-9B6C-64F871EE7F74}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{A0C49E3E-E16E-4157-9A15-BF809F9B5044}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{3737E4EF-547B-48EF-BD09-BAF16954ECE9}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{EDD9B689-004A-4702-B76D-AA3A7BE891A6}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{DC70CA1E-49BF-416D-9FE3-DCE98CD3ED0A}"= UDP:c:\program files\DNA\btdna.exe:DNA (TCP-In)
"{7DD3C9D4-3A2F-4D28-B76C-2AF0876E45FF}"= TCP:c:\program files\DNA\btdna.exe:DNA (UDP-In)
"{17CA79D4-460D-40D9-B075-001FFFC3F36F}"= UDP:c:\program files\TVersity\Media Server\web\admin\TVersity.exe:TVersity Media Server
"{921CF375-17D7-4584-8111-B7D251167A20}"= TCP:c:\program files\TVersity\Media Server\web\admin\TVersity.exe:TVersity Media Server
"{B933BEDC-3226-4515-BA14-078E87362A56}"= UDP:41952:Tversity
"{C9A6EAD0-E943-4149-9333-2EE6594802A2}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In)
"{F5FF143B-5C3E-4629-B467-39F20B457186}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In)
"{5E88F7CD-B796-4402-91D2-46C763D18F90}"= e:\setup\hpznui01.exe:hpznui01.exe
"{6FFC8E04-D218-43A6-84E9-1CCF667A81EF}"= TCP:427|RPort=427|c:\windows\system32\svchost.exe|Svc=HPSLPSVC:SLP_Service
"{9DD8884D-6065-4A2D-9F53-781647B70B13}"= c:\program files\HP\Digital Imaging\bin\hpqtra08.exe:hpqtra08.exe
"{32480EC1-EA1E-4DC1-AD14-080C1113E152}"= c:\program files\HP\Digital Imaging\bin\hpqste08.exe:hpqste08.exe
"{E42D771B-5696-4974-9FF7-AA8253CD4DDB}"= c:\program files\HP\Digital Imaging\bin\hposid01.exe:hposid01.exe
"{0255AE1A-BFAF-4E57-BB5B-9BF4078E12B4}"= c:\program files\HP\Digital Imaging\bin\hpqkygrp.exe:hpqkygrp.exe
"{7C038E26-E7AD-4D08-BCEC-BADC1D8EA935}"= c:\program files\HP\Digital Imaging\bin\hpoews01.exe:hpoews01.exe
"{F8F64528-0944-4BF5-B4D8-F79AC0B4F375}"= c:\program files\HP\Digital Imaging\bin\hpiscnapp.exe:hpiscnapp.exe
"{2A6343FF-5BDF-4228-A7F3-1F7D0FF88EBF}"= c:\program files\Common Files\HP\Digital Imaging\bin\hpqphotocrm.exe:hpqphotocrm.exe
"{038AFC15-3DF7-43F9-854A-65B4986765DD}"= c:\program files\HP\Digital Imaging\bin\hpqsudi.exe:hpqsudi.exe
"{B4891F42-32BB-467F-BAFA-2A07C6498AEC}"= c:\program files\HP\Digital Imaging\bin\hpqpsapp.exe:hpqpsapp.exe
"{E578C9B4-E145-4ECB-B4E4-634601ED3F49}"= c:\program files\HP\Digital Imaging\bin\hpqpse.exe:hpqpse.exe
"{688BE959-2F05-47C6-91FA-C1AEEC22A5E4}"= c:\program files\HP\Digital Imaging\bin\hpqgplgtupl.exe:hpqgplgtupl.exe
"{0B8B84CA-43DC-4073-8D6F-E0088D80DE37}"= c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe:hpqgpc01.exe
"TCP Query User{7DEFB218-127B-4CDB-ABB2-22C4E9063EDB}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"UDP Query User{ECA3CB92-518A-4348-8DD1-85DF6A885A2B}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component
"TCP Query User{BABE41DD-3214-4003-890A-3EBEA3FE99E9}c:\\program files\\surfstation\\server9\\ss9server.exe"= UDP:c:\program files\surfstation\server9\ss9server.exe:SS9Server
"UDP Query User{33B6C9D3-5AFC-4398-B9CE-A1AB45303C3C}c:\\program files\\surfstation\\server9\\ss9server.exe"= TCP:c:\program files\surfstation\server9\ss9server.exe:SS9Server
"TCP Query User{9B9E3C51-4E9E-42AD-BC4B-3807E8A7714A}c:\\program files\\java\\jre1.6.0_05\\bin\\javaw.exe"= UDP:c:\program files\java\jre1.6.0_05\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{5FC1CE4F-EB9F-4DEE-94A5-6E62BC944C8D}c:\\program files\\java\\jre1.6.0_05\\bin\\javaw.exe"= TCP:c:\program files\java\jre1.6.0_05\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{78BB2CDA-F5B5-429A-A527-6FF4D7CC6D7C}c:\\program files\\digital integration ltd\\ps media tunnel\\psmediatunnel.exe"= UDP:c:\program files\digital integration ltd\ps media tunnel\psmediatunnel.exe:Media Tunnel for Home Entertainment Systems
"UDP Query User{6C1DA349-2894-4E44-88DD-56398AE75E88}c:\\program files\\digital integration ltd\\ps media tunnel\\psmediatunnel.exe"= TCP:c:\program files\digital integration ltd\ps media tunnel\psmediatunnel.exe:Media Tunnel for Home Entertainment Systems
"{E581AE85-36A8-4ABC-B67D-9B125457BFAE}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"TCP Query User{0D98AC32-08ED-4432-8631-EF6AEB59F840}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"UDP Query User{A7F34BD0-AFE6-4532-AB22-134A636D60F9}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application
"{918C7B5F-D20C-4767-BE6F-C0E6458FBF44}"= UDP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"{C2C9F2C1-2EC7-400F-8B1F-0341DB850828}"= TCP:c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe:Veoh Web Player
"{F43FB4C3-905B-40AD-8AB7-DC4644F49E7F}"= UDP:990:LocalSubnet:LocalSubnet|IF={0F3CDABF-E273-4073-822C-7C18684F0C00}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001
"{B8C95EC2-F0CB-49F8-BB7A-983EFB681336}"= UDP:c:\program files\O2\bin\wificfg.exe:sprtcmd.exe
"{42D04E6E-4CFE-4418-9C2D-9F5295BAC438}"= TCP:c:\program files\O2\bin\wificfg.exe:sprtcmd.exe
"{4ACF2784-EDD3-4181-9B68-09BE008B6DD1}"= UDP:c:\program files\O2\agent\bin\bcont.exe:bcont.exe
"{A22875A8-A710-4057-AD0F-745AA816A219}"= TCP:c:\program files\O2\agent\bin\bcont.exe:bcont.exe
"{10DF902A-0C9F-4C86-B8C1-6DCB1A1A1308}"= UDP:c:\program files\Common Files\supportsoft\bin\ssrc.exe:ssrc.exe
"{9897100B-3EE8-45F9-963B-6702E6A94FD0}"= TCP:c:\program files\Common Files\supportsoft\bin\ssrc.exe:ssrc.exe
"{952FA68D-E208-4F20-A921-A34641558F69}"= UDP:c:\program files\O2\agent\bin\bcont_nm.exe:bcont_nm.exe
"{F92806FF-9D4B-4B74-BD0B-5359F9523E3D}"= TCP:c:\program files\O2\agent\bin\bcont_nm.exe:bcont_nm.exe
"TCP Query User{8A99EA17-5107-409B-A1D3-1D10CE88D6CD}c:\\program files\\bitlord\\bitlord.exe"= UDP:c:\program files\bitlord\bitlord.exe:BitLord
"TCP Query User{E6A28BA1-4BAD-4694-93CB-214074231499}c:\\program files\\bittornado\\btdownloadgui.exe"= UDP:c:\program files\bittornado\btdownloadgui.exe:btdownloadgui
"UDP Query User{19ACC42F-8341-40AE-AF26-9BA46581FF9D}c:\\program files\\bittornado\\btdownloadgui.exe"= TCP:c:\program files\bittornado\btdownloadgui.exe:btdownloadgui
"UDP Query User{AE78D229-4213-442D-92A0-5E098B5C54F8}c:\\program files\\bitlord\\bitlord.exe"= TCP:c:\program files\bitlord\bitlord.exe:BitLord
"{0B808580-0A5F-4FBE-91A8-E4CB23C97D67}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbTray.exe:OrbTray
"{24768509-3451-42DF-B0F9-275AB2BE9B39}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbIR.exe:OrbIR
"{4BE15C0F-CDA0-442A-8B80-0869F6F1A4DF}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbTray.exe:OrbTray
"{4DC973DF-F895-4836-8DD3-FC5F5A1419F8}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbIR.exe:OrbIR
"{66592F56-95DE-4B46-8FFC-F067569B5A85}"= UDP:c:\program files\Orb Networks\Orb\bin\Orb.exe:Orb
"{BB173DA5-2392-400E-A434-27EF0DA07A3A}"= UDP:c:\program files\Orb Networks\Orb\bin\OrbStreamerClient.exe:Orb Stream Client
"{BCF8CE64-D864-4EEE-A381-411F46FD94FE}"= TCP:c:\program files\Orb Networks\Orb\bin\OrbStreamerClient.exe:Orb Stream Client
"{CA85ECAB-84F0-4D05-9CDD-EFDD0D68CC02}"= UDP:19581:BitTorrrent
"{D00FEA72-29CB-4572-905C-76F60B370E3B}"= TCP:c:\program files\Orb Networks\Orb\bin\Orb.exe:Orb
"{D0883946-B35C-44FF-ADC1-019B9C0D5C53}"= UDP:8080:Bit Torrent 8080

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R1 bckd;bckd;c:\windows\System32\drivers\bckd.sys [14/01/2009 00:39 72992]
R1 epfwtdir;epfwtdir;c:\windows\System32\drivers\epfwtdir.sys [10/06/2008 18:56 34312]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\AEstSrv.exe [28/07/2008 14:24 73728]
R2 bckwfs;Blue Coat K9 Web Protection;c:\program files\Blue Coat K9 Web Protection\k9filter.exe [14/01/2009 00:39 1078560]
R2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [28/04/2008 16:56 161048]
R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [10/06/2008 18:53 468224]
R2 sprtsvc_O2;SupportSoft Sprocket Service (O2);c:\program files\O2\bin\sprtsvc.exe [07/06/2007 16:19 202280]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;c:\windows\System32\drivers\IntcHdmi.sys [28/07/2008 22:19 111616]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\System32\drivers\OEM02Dev.sys [28/07/2008 22:19 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\System32\drivers\OEM02Vfx.sys [28/07/2008 22:19 7424]
S2 .EsetTrialReset;Eset Trial Reset;c:\windows\System32\regedt32.exe [02/11/2006 09:32 9216]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [20/03/2009 22:00 55280]
S3 fsssvc;Windows Live Family Safety;c:\program files\Windows Live\Family Safety\fsssvc.exe [06/02/2009 19:08 533360]

--- Other Services/Drivers In Memory ---

*Deregistered* - mchInjDrv

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://mail.live.com/default.aspx?rru=inbox&wa=wsignin1.0
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: o2.co.uk\*.broadband
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
FF - ProfilePath - c:\users\Aamir\AppData\Roaming\Mozilla\Firefox\Profiles\dsvcqbtq.default\
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Aamir\AppData\Roaming\Mozilla\Firefox\Profiles\dsvcqbtq.default\extensions\firefox@tvunetworks.com\plugins\npTVUAx.dll
FF - plugin: c:\users\Aamir\Program Files\DNA\plugins\npbtdna.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-06 19:18
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-08-06 19:20
ComboFix-quarantined-files.txt 2009-08-06 18:20
ComboFix2.txt 2009-08-01 15:53

Pre-Run: 138,351,403,008 bytes free
Post-Run: 138,320,199,680 bytes free

329 --- E O F --- 2009-08-01 02:00

Hello.
Any change now?

Hey, I won't know till tomorrow if it is working or not.

However, when I did everything you said, internet explorer was not even opening or even firefox, it said it had been deleted (firefox) or that it wasn't functioning properly (ie) but i restarted it and it worked fine afterwards.

But I won't know if everything is okay for at least 24 hours because it works perfectly sometimes and then suddenly stops working.

Download the GMER rootkit scan from here: GMER

1. Unzip it and start GMER.
   
2. Click the >>> tab and then click the Scan button.
   
3. Once done, click the Copy button.
   
4. This will copy the results to your clipboard.
   
5. Paste the results in your next reply.
   

Note:
If you're having problems with running GMER.exe, try it in safe mode. This tools works in safe mode.
You can also try renaming it since some malware blocks GMER.

Nope it didn't work!

GMER 1.0.15.15020 [ifqpj924.exe] - http://www.gmer.net
Rootkit scan 2009-08-07 19:28:51
Windows 6.0.6001 Service Pack 1


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001fe1e2c811
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001fe1e2c811@001d9859a762 0x84 0x2E 0xF6 0x54 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBE 0x73 0x07 0xC2 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xDE 0x53 0xC7 0x2F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x4A 0xFE 0x34 0x89 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001fe1e2c811 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001fe1e2c811@001d9859a762 0x84 0x2E 0xF6 0x54 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xBE 0x73 0x07 0xC2 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xDE 0x53 0xC7 0x2F ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x4A 0xFE 0x34 0x89 ...

---- EOF - GMER 1.0.15 ----

Still having problems with Internet Explorer? I recommend ditching it and using Firefox anyway.

its not just explorer, its all browers, including firefox and chrome! there is something on my pc that is randomly stopping browsers from accessing internet. bit torrent works fine all the time and downloads all the time so internet is connected but there is something wrong with all my browsers, i dont know what it is but for a few hours every day none of them work, they all say loading page but they never load...

think ive worked out what the problem is...

hadnt used bit torrent for a while and everything was fine...then started downloading a torrent today and the problem started all over again. when i closed bit torrent and restarted computer, was working fine again...

so i uninstalled bit torrent and installed it again, but same problem...

any suggestions? (except for dont use bit torrent!)

Don't use torrent at all would be a good idea...