View Full Version : I think I got a Zlob :/
Was pm'd a link on a forum and, like an idiot, clicked it. It then did all the things typical of what I hear a Zlob does, makes my toolbar go all wonky saying I'm infected and making tons of crap pop up on my screen. I immediately disconnected my computer from the power source and rebooted and ran S&D, which didn't reveal anything.
Housecall also hasn't shown anything and I've deleted all files which may have been infected including all temp files on all profiles. I am, of course, still worried as I use this computer frequently and make online purchases and such... so well, here is my HJT log. Thank you!
__________________
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:36:34 PM, on 7/11/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate1ca026aa549c7a3) (gupdate1ca026aa549c7a3) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
--
End of file - 6487 bytes
Hi Society
Download at your desktop DDS from one of the links below:
Link 1 (http://download.bleepingcomputer.com/sUBs/dds.scr)
Link 2 (http://www.forospyware.com/sUBs/dds)
Double click the tool to run it.
A black Screen will open, just read the contents and do nothing.
When the tool finish it will open 2 reports.
Copy/paste both reports back here and remove DDS from your desktop.
Sorry for the delay, I've been busy with work :(
Anywho here are the log files.
__________________________
DDS (Ver_09-06-26.01) - NTFSx86
Run by User at 18:03:59.33 on Mon 07/13/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3070.2072 [GMT -7:00]
SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\User\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
uRun: [FRUpdate]
uRun: [Aim6]
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [FRUpdate]
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~2.0_0\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} - hxxp://www.systemrequirementslab.com/sysreqlab2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\cnses7gq.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
============= SERVICES / DRIVERS ===============
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-7-7 1153368]
S2 gupdate1ca026aa549c7a3;Google Update Service (gupdate1ca026aa549c7a3);"c:\program files\google\update\googleupdate.exe" /svc --> c:\program files\google\update\GoogleUpdate.exe [?]
S4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-3-16 24652]
=============== Created Last 30 ================
2009-07-11 15:55 622,080 a------- c:\windows\system32\icardagt.exe
2009-07-11 15:55 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-07-11 15:55 97,800 a------- c:\windows\system32\infocardapi.dll
2009-07-11 15:55 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-07-11 15:55 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-07-11 15:55 11,264 a------- c:\windows\system32\icardres.dll
2009-07-11 15:55 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-07-11 15:55 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-07-11 15:53 <DIR> --d----- c:\users\user\.housecall6.6
2009-07-11 15:51 96,760 a------- c:\windows\system32\dfshim.dll
2009-07-11 15:51 282,112 a------- c:\windows\system32\mscoree.dll
2009-07-11 15:51 41,984 a------- c:\windows\system32\netfxperf.dll
2009-07-11 15:51 158,720 a------- c:\windows\system32\mscorier.dll
2009-07-11 15:51 83,968 a------- c:\windows\system32\mscories.dll
2009-07-11 14:00 <DIR> --d----- c:\program files\common files\PX Storage Engine
2009-07-11 14:00 <DIR> --d----- c:\program files\common files\DivX Shared
2009-07-08 18:20 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-07-08 12:23 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-07-08 12:23 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-07-08 12:23 <DIR> --d----- c:\program files\iPod
2009-07-08 12:23 <DIR> --d----- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-08 12:23 <DIR> --d----- c:\program files\iTunes
2009-07-08 12:23 <DIR> --d----- c:\progra~2\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-08 12:19 <DIR> --d----- c:\program files\Bonjour
2009-07-07 22:58 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-06-24 22:13 <DIR> --d----- c:\windows\A7E07C2B2220441587E3784D5814BC93.TMP
2009-06-24 22:13 1,846,632 a------- c:\windows\system32\D3DCompiler_41.dll
2009-06-24 22:13 453,456 a------- c:\windows\system32\d3dx10_41.dll
2009-06-24 22:13 4,178,264 a------- c:\windows\system32\D3DX9_41.dll
2009-06-24 22:13 517,448 a------- c:\windows\system32\XAudio2_4.dll
2009-06-24 22:13 69,448 a------- c:\windows\system32\XAPOFX1_3.dll
2009-06-24 22:13 235,352 a------- c:\windows\system32\xactengine3_4.dll
2009-06-24 22:13 22,360 a------- c:\windows\system32\X3DAudio1_6.dll
2009-06-24 22:13 2,036,576 a------- c:\windows\system32\D3DCompiler_40.dll
2009-06-24 22:13 452,440 a------- c:\windows\system32\d3dx10_40.dll
2009-06-24 22:13 4,379,984 a------- c:\windows\system32\D3DX9_40.dll
2009-06-23 03:20 <DIR> --d----- c:\users\user\appdata\roaming\The Creative Assembly
==================== Find3M ====================
2009-07-08 12:21 86,016 a------- c:\windows\inf\infstor.dat
2009-07-08 12:21 51,200 a------- c:\windows\inf\infpub.dat
2009-07-08 12:21 86,016 a------- c:\windows\inf\infstrng.dat
2009-06-05 11:42 2,060,288 a------- c:\windows\system32\usbaaplrc.dll
2009-06-05 11:42 39,424 a------- c:\windows\system32\drivers\usbaapl.sys
2009-06-01 16:46 138,464 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-06-01 16:46 183,128 a------- c:\windows\system32\PnkBstrB.exe
2009-05-19 12:45 75,064 a------- c:\windows\system32\PnkBstrA.exe
2009-05-17 21:41 22,328 a------- c:\users\user\appdata\roaming\PnkBstrK.sys
2009-05-17 21:40 682,280 a------- c:\windows\system32\pbsvc.exe
2009-05-13 14:54 90,112 a------- c:\windows\system32\dpl100.dll
2009-05-13 14:54 823,296 a------- c:\windows\system32\divx_xx0c.dll
2009-05-13 14:54 823,296 a------- c:\windows\system32\divx_xx07.dll
2009-05-13 14:54 815,104 a------- c:\windows\system32\divx_xx0a.dll
2009-05-13 14:54 811,008 a------- c:\windows\system32\divx_xx16.dll
2009-05-13 14:54 802,816 a------- c:\windows\system32\divx_xx11.dll
2009-05-13 14:54 685,056 a------- c:\windows\system32\DivX.dll
2009-04-30 05:37 293,376 a------- c:\windows\system32\psisdecd.dll
2009-04-30 05:37 428,544 a------- c:\windows\system32\EncDec.dll
2009-04-24 09:05 827,904 a------- c:\windows\system32\wininet.dll
2009-04-24 09:02 78,336 a------- c:\windows\system32\ieencode.dll
2009-04-24 06:44 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-04-23 05:43 784,896 a------- c:\windows\system32\rpcrt4.dll
2009-04-23 05:42 636,928 a------- c:\windows\system32\localspl.dll
2009-04-22 00:20 14,311,680 a------- c:\windows\system32\xlive.dll
2009-04-22 00:20 13,642,496 a------- c:\windows\system32\xlivefnt.dll
2009-04-21 04:55 2,033,152 a------- c:\windows\system32\win32k.sys
2008-09-06 12:32 174 a--sh--- c:\program files\desktop.ini
2008-09-06 12:24 665,600 a------- c:\windows\inf\drvindex.dat
2006-11-02 05:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 05:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 05:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 05:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
============= FINISH: 18:05:49.43 ===============
o,
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-06-26.01)
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/8/2007 2:30:21 PM
System Uptime: 7/13/2009 6:00:34 PM (0 hours ago)
Motherboard: ASUSTeK Computer INC. | | P5N-E SLI
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2400/266mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 466 GiB total, 180.477 GiB free.
D: is CDROM (CDFS)
E: is CDROM (UDF)
==== Disabled Device Manager Items =============
==== System Restore Points ===================
No restore point in system.
==== Installed Programs ======================
2007 Microsoft Office system
3DMark06
7-Zip 4.57
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.1.3
AIM 6
Apple Mobile Device Support
Apple Software Update
AutoUpdate
Azureus Vuze
Battlefield 2(TM)
Bioshock
Black & White® 2
Bonjour
Call of Duty(R) 4 - Modern Warfare(TM)
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
CDDRV_Installer
Crysis(R)
Crysis(R) SP Demo
DivX Codec
DivX Player
DivX Version Checker
DivX Web Player
EA Download Manager
Empire: Total War
EVE-ONLINE (remove only)
FLV Player 2.0, build 24
Forgotten Realm Updater
GameSpy Comrade
Gmask 1.70 English
Google Update Helper
GPGNet
Heroes of Might and Magic V
Heroes of Might and Magic® III
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iTunes
Java(TM) 6 Update 4
Java(TM) 6 Update 7
Kaspersky Online Scanner
KhalInstallWrapper
LimeWire 4.16.6
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Logitech SetPoint
Mass Effect
Medieval II - Retrofit Mod version 1.0
Medieval II Total War
Medieval II Total War : Kingdoms : Americas
Medieval II Total War : Kingdoms : Britannia
Medieval II Total War : Kingdoms : Crusades
Medieval II Total War : Kingdoms : Teutonic
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB929729)
Microsoft .NET Framework 3.5 SP1
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Word 2002
Microsoft Works 2003 Setup Launcher
Microsoft Works 7.0
Microsoft Works Suite Add-in for Microsoft Word
Microsoft WSE 3.0 Runtime
mIRC
Mozilla Firefox (3.0.11)
MWLL TeamAction v0.2
Neverwinter Nights 2
Neverwinter Nights 2 Palette Editor
NVIDIA Drivers
NVIDIA PhysX
Oblivion
Oblivion mod manager 1.1.9
OpenOffice.org 3.0
Overlord II - Demo
Pirates of the Burning Sea
Plants vs. Zombies
Portal
Project Reality 0809 Core
Project Reality 0809 Levels
Prototype
PunkBuster Services
QuickTime
Realtek High Definition Audio Driver
Savage 2 - A Tortured Soul
Shareaza 2.3.1.0
Sid Meier's Civilization 4
Sid Meier's Civilization 4 - Beyond the Sword
Sins of a Solar Empire
Spelling Dictionaries Support For Adobe Reader 8
SPORE™
Spybot - Search & Destroy
Steam
Supreme Commander
System Requirements Lab
Team Fortress 2
The Sims™ 3
Trillian
Unreal Tournament 3
VC80CRTRedist - 8.0.50727.762
Ventrilo Client
Viewpoint Media Player
Warcraft III
Warcraft III: All Products
WinRAR archiver
Works Suite OS Pack
World in Conflict
World of Warcraft
WorldGate Client
Yahoo! Messenger
==== Event Viewer Messages From Past Week ========
7/8/2009 12:21:17 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/7/2009 11:06:31 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
7/6/2009 1:50:19 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 001BFCF79453 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
7/6/2009 1:50:19 PM, Error: EventLog [6008] - The previous system shutdown at 10:53:16 AM on 7/6/2009 was unexpected.
7/12/2009 11:11:44 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate1ca026aa549c7a3) service failed to start due to the following error: The system cannot find the path specified.
7/11/2009 6:09:37 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 24.4.190.145 for the Network Card with network address 001BFCF79453 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
7/11/2009 3:49:44 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 001BFCF79453 has been denied by the DHCP server 68.87.76.39 (The DHCP Server sent a DHCPNACK message).
7/11/2009 3:08:10 PM, Error: EventLog [6008] - The previous system shutdown at 3:06:53 PM on 7/11/2009 was unexpected.
==== End Of File ===========================
IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.
LimeWire 4.16.6
Shareaza 2.3.1.0
I'd like you to read the this thread (http://forums.spybot.info/showthread.php?t=282).
Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).
Please run a new DDS scan when finished and post the logs back here.
And take two!
DDS (Ver_09-06-26.01) - NTFSx86
Run by User at 0:39:15.69 on Tue 07/14/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3070.1931 [GMT -7:00]
SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\rundll32.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Common Files\Steam\SteamService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\User\Desktop\dds.scr
============== Pseudo HJT Report ===============
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
uRun: [FRUpdate]
uRun: [Aim6]
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [FRUpdate]
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~2.0_0\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} - hxxp://www.systemrequirementslab.com/sysreqlab2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\cnses7gq.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
============= SERVICES / DRIVERS ===============
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-7-7 1153368]
S2 gupdate1ca026aa549c7a3;Google Update Service (gupdate1ca026aa549c7a3);"c:\program files\google\update\googleupdate.exe" /svc --> c:\program files\google\update\GoogleUpdate.exe [?]
S4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-3-16 24652]
=============== Created Last 30 ================
2009-07-11 15:55 622,080 a------- c:\windows\system32\icardagt.exe
2009-07-11 15:55 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-07-11 15:55 97,800 a------- c:\windows\system32\infocardapi.dll
2009-07-11 15:55 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-07-11 15:55 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-07-11 15:55 11,264 a------- c:\windows\system32\icardres.dll
2009-07-11 15:55 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-07-11 15:55 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-07-11 15:53 <DIR> --d----- c:\users\user\.housecall6.6
2009-07-11 15:51 96,760 a------- c:\windows\system32\dfshim.dll
2009-07-11 15:51 282,112 a------- c:\windows\system32\mscoree.dll
2009-07-11 15:51 41,984 a------- c:\windows\system32\netfxperf.dll
2009-07-11 15:51 158,720 a------- c:\windows\system32\mscorier.dll
2009-07-11 15:51 83,968 a------- c:\windows\system32\mscories.dll
2009-07-11 14:00 <DIR> --d----- c:\program files\common files\PX Storage Engine
2009-07-11 14:00 <DIR> --d----- c:\program files\common files\DivX Shared
2009-07-08 18:20 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-07-08 12:23 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-07-08 12:23 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-07-08 12:23 <DIR> --d----- c:\program files\iPod
2009-07-08 12:23 <DIR> --d----- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-08 12:23 <DIR> --d----- c:\program files\iTunes
2009-07-08 12:23 <DIR> --d----- c:\progra~2\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-08 12:19 <DIR> --d----- c:\program files\Bonjour
2009-07-07 22:58 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-06-24 22:13 <DIR> --d----- c:\windows\A7E07C2B2220441587E3784D5814BC93.TMP
2009-06-24 22:13 1,846,632 a------- c:\windows\system32\D3DCompiler_41.dll
2009-06-24 22:13 453,456 a------- c:\windows\system32\d3dx10_41.dll
2009-06-24 22:13 4,178,264 a------- c:\windows\system32\D3DX9_41.dll
2009-06-24 22:13 517,448 a------- c:\windows\system32\XAudio2_4.dll
2009-06-24 22:13 69,448 a------- c:\windows\system32\XAPOFX1_3.dll
2009-06-24 22:13 235,352 a------- c:\windows\system32\xactengine3_4.dll
2009-06-24 22:13 22,360 a------- c:\windows\system32\X3DAudio1_6.dll
2009-06-24 22:13 2,036,576 a------- c:\windows\system32\D3DCompiler_40.dll
2009-06-24 22:13 452,440 a------- c:\windows\system32\d3dx10_40.dll
2009-06-24 22:13 4,379,984 a------- c:\windows\system32\D3DX9_40.dll
2009-06-23 03:20 <DIR> --d----- c:\users\user\appdata\roaming\The Creative Assembly
==================== Find3M ====================
2009-07-08 12:21 86,016 a------- c:\windows\inf\infstor.dat
2009-07-08 12:21 51,200 a------- c:\windows\inf\infpub.dat
2009-07-08 12:21 86,016 a------- c:\windows\inf\infstrng.dat
2009-06-05 11:42 2,060,288 a------- c:\windows\system32\usbaaplrc.dll
2009-06-05 11:42 39,424 a------- c:\windows\system32\drivers\usbaapl.sys
2009-06-01 16:46 138,464 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-06-01 16:46 183,128 a------- c:\windows\system32\PnkBstrB.exe
2009-05-19 12:45 75,064 a------- c:\windows\system32\PnkBstrA.exe
2009-05-17 21:41 22,328 a------- c:\users\user\appdata\roaming\PnkBstrK.sys
2009-05-17 21:40 682,280 a------- c:\windows\system32\pbsvc.exe
2009-05-13 14:54 90,112 a------- c:\windows\system32\dpl100.dll
2009-05-13 14:54 823,296 a------- c:\windows\system32\divx_xx0c.dll
2009-05-13 14:54 823,296 a------- c:\windows\system32\divx_xx07.dll
2009-05-13 14:54 815,104 a------- c:\windows\system32\divx_xx0a.dll
2009-05-13 14:54 811,008 a------- c:\windows\system32\divx_xx16.dll
2009-05-13 14:54 802,816 a------- c:\windows\system32\divx_xx11.dll
2009-05-13 14:54 685,056 a------- c:\windows\system32\DivX.dll
2009-04-30 05:37 293,376 a------- c:\windows\system32\psisdecd.dll
2009-04-30 05:37 428,544 a------- c:\windows\system32\EncDec.dll
2009-04-24 09:05 827,904 a------- c:\windows\system32\wininet.dll
2009-04-24 09:02 78,336 a------- c:\windows\system32\ieencode.dll
2009-04-24 06:44 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-04-23 05:43 784,896 a------- c:\windows\system32\rpcrt4.dll
2009-04-23 05:42 636,928 a------- c:\windows\system32\localspl.dll
2009-04-22 00:20 14,311,680 a------- c:\windows\system32\xlive.dll
2009-04-22 00:20 13,642,496 a------- c:\windows\system32\xlivefnt.dll
2009-04-21 04:55 2,033,152 a------- c:\windows\system32\win32k.sys
2008-09-06 12:32 174 a--sh--- c:\program files\desktop.ini
2008-09-06 12:24 665,600 a------- c:\windows\inf\drvindex.dat
2006-11-02 05:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 05:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 05:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 05:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
============= FINISH: 0:40:35.22 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-06-26.01)
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/8/2007 2:30:21 PM
System Uptime: 7/14/2009 12:36:20 AM (0 hours ago)
Motherboard: ASUSTeK Computer INC. | | P5N-E SLI
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2400/266mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 466 GiB total, 180.396 GiB free.
D: is CDROM (CDFS)
E: is CDROM (UDF)
==== Disabled Device Manager Items =============
==== System Restore Points ===================
No restore point in system.
==== Installed Programs ======================
2007 Microsoft Office system
3DMark06
7-Zip 4.57
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.1.3
AIM 6
Apple Mobile Device Support
Apple Software Update
AutoUpdate
Azureus Vuze
Battlefield 2(TM)
Bioshock
Black & White® 2
Bonjour
Call of Duty(R) 4 - Modern Warfare(TM)
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
CDDRV_Installer
Crysis(R)
Crysis(R) SP Demo
DivX Codec
DivX Player
DivX Version Checker
DivX Web Player
EA Download Manager
Empire: Total War
EVE-ONLINE (remove only)
FLV Player 2.0, build 24
Forgotten Realm Updater
GameSpy Comrade
Gmask 1.70 English
Google Update Helper
GPGNet
Heroes of Might and Magic V
Heroes of Might and Magic® III
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iTunes
Java(TM) 6 Update 4
Java(TM) 6 Update 7
Kaspersky Online Scanner
KhalInstallWrapper
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Logitech SetPoint
Mass Effect
Medieval II - Retrofit Mod version 1.0
Medieval II Total War
Medieval II Total War : Kingdoms : Americas
Medieval II Total War : Kingdoms : Britannia
Medieval II Total War : Kingdoms : Crusades
Medieval II Total War : Kingdoms : Teutonic
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB929729)
Microsoft .NET Framework 3.5 SP1
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Word 2002
Microsoft Works 2003 Setup Launcher
Microsoft Works 7.0
Microsoft Works Suite Add-in for Microsoft Word
Microsoft WSE 3.0 Runtime
mIRC
Mozilla Firefox (3.0.11)
MWLL TeamAction v0.2
Neverwinter Nights 2
Neverwinter Nights 2 Palette Editor
NVIDIA Drivers
NVIDIA PhysX
Oblivion
Oblivion mod manager 1.1.9
OpenOffice.org 3.0
Overlord II - Demo
Pirates of the Burning Sea
Plants vs. Zombies
Portal
Project Reality 0809 Core
Project Reality 0809 Levels
Prototype
PunkBuster Services
QuickTime
Realtek High Definition Audio Driver
Savage 2 - A Tortured Soul
Sid Meier's Civilization 4
Sid Meier's Civilization 4 - Beyond the Sword
Sins of a Solar Empire
Spelling Dictionaries Support For Adobe Reader 8
SPORE™
Spybot - Search & Destroy
Steam
Supreme Commander
System Requirements Lab
Team Fortress 2
The Sims™ 3
Trillian
Unreal Tournament 3
VC80CRTRedist - 8.0.50727.762
Ventrilo Client
Viewpoint Media Player
Warcraft III
Warcraft III: All Products
WinRAR archiver
Works Suite OS Pack
World in Conflict
World of Warcraft
WorldGate Client
Yahoo! Messenger
==== Event Viewer Messages From Past Week ========
7/8/2009 12:21:17 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/7/2009 11:06:31 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
7/14/2009 12:36:40 AM, Error: EventLog [6008] - The previous system shutdown at 12:35:52 AM on 7/14/2009 was unexpected.
7/12/2009 11:11:44 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate1ca026aa549c7a3) service failed to start due to the following error: The system cannot find the path specified.
7/11/2009 6:09:37 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 24.4.190.145 for the Network Card with network address 001BFCF79453 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
7/11/2009 3:49:44 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 001BFCF79453 has been denied by the DHCP server 68.87.76.39 (The DHCP Server sent a DHCPNACK message).
7/11/2009 3:08:10 PM, Error: EventLog [6008] - The previous system shutdown at 3:06:53 PM on 7/11/2009 was unexpected.
==== End Of File ===========================
Sorry, missed this one:
Azureus Vuze
Please uninstall it as well.
Do you have any antivirus installed?
take three!
DDS (Ver_09-06-26.01) - NTFSx86
Run by User at 13:17:38.92 on Tue 07/14/2009
Internet Explorer: 7.0.6001.18000
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3070.2017 [GMT -7:00]
SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\rundll32.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\User\Desktop\dds.scr
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
uRun: [FRUpdate]
uRun: [Aim6]
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [FRUpdate]
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_07\bin\jusched.exe"
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~2.0_0\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} - hxxp://www.systemrequirementslab.com/sysreqlab2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
================= FIREFOX ===================
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\cnses7gq.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
============= SERVICES / DRIVERS ===============
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-7-7 1153368]
S2 gupdate1ca026aa549c7a3;Google Update Service (gupdate1ca026aa549c7a3);"c:\program files\google\update\googleupdate.exe" /svc --> c:\program files\google\update\GoogleUpdate.exe [?]
S4 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-3-16 24652]
=============== Created Last 30 ================
2009-07-11 15:55 622,080 a------- c:\windows\system32\icardagt.exe
2009-07-11 15:55 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-07-11 15:55 97,800 a------- c:\windows\system32\infocardapi.dll
2009-07-11 15:55 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-07-11 15:55 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-07-11 15:55 11,264 a------- c:\windows\system32\icardres.dll
2009-07-11 15:55 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-07-11 15:55 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-07-11 15:53 <DIR> --d----- c:\users\user\.housecall6.6
2009-07-11 15:51 96,760 a------- c:\windows\system32\dfshim.dll
2009-07-11 15:51 282,112 a------- c:\windows\system32\mscoree.dll
2009-07-11 15:51 41,984 a------- c:\windows\system32\netfxperf.dll
2009-07-11 15:51 158,720 a------- c:\windows\system32\mscorier.dll
2009-07-11 15:51 83,968 a------- c:\windows\system32\mscories.dll
2009-07-11 14:00 <DIR> --d----- c:\program files\common files\PX Storage Engine
2009-07-11 14:00 <DIR> --d----- c:\program files\common files\DivX Shared
2009-07-08 18:20 0 a---h--- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2009-07-08 12:23 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-07-08 12:23 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-07-08 12:23 <DIR> --d----- c:\program files\iPod
2009-07-08 12:23 <DIR> --d----- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-08 12:23 <DIR> --d----- c:\program files\iTunes
2009-07-08 12:23 <DIR> --d----- c:\progra~2\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-08 12:19 <DIR> --d----- c:\program files\Bonjour
2009-07-07 22:58 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-06-24 22:13 <DIR> --d----- c:\windows\A7E07C2B2220441587E3784D5814BC93.TMP
2009-06-24 22:13 1,846,632 a------- c:\windows\system32\D3DCompiler_41.dll
2009-06-24 22:13 453,456 a------- c:\windows\system32\d3dx10_41.dll
2009-06-24 22:13 4,178,264 a------- c:\windows\system32\D3DX9_41.dll
2009-06-24 22:13 517,448 a------- c:\windows\system32\XAudio2_4.dll
2009-06-24 22:13 69,448 a------- c:\windows\system32\XAPOFX1_3.dll
2009-06-24 22:13 235,352 a------- c:\windows\system32\xactengine3_4.dll
2009-06-24 22:13 22,360 a------- c:\windows\system32\X3DAudio1_6.dll
2009-06-24 22:13 2,036,576 a------- c:\windows\system32\D3DCompiler_40.dll
2009-06-24 22:13 452,440 a------- c:\windows\system32\d3dx10_40.dll
2009-06-24 22:13 4,379,984 a------- c:\windows\system32\D3DX9_40.dll
2009-06-23 03:20 <DIR> --d----- c:\users\user\appdata\roaming\The Creative Assembly
==================== Find3M ====================
2009-07-08 12:21 86,016 a------- c:\windows\inf\infstor.dat
2009-07-08 12:21 51,200 a------- c:\windows\inf\infpub.dat
2009-07-08 12:21 86,016 a------- c:\windows\inf\infstrng.dat
2009-06-05 11:42 2,060,288 a------- c:\windows\system32\usbaaplrc.dll
2009-06-05 11:42 39,424 a------- c:\windows\system32\drivers\usbaapl.sys
2009-06-01 16:46 138,464 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-06-01 16:46 183,128 a------- c:\windows\system32\PnkBstrB.exe
2009-05-19 12:45 75,064 a------- c:\windows\system32\PnkBstrA.exe
2009-05-17 21:41 22,328 a------- c:\users\user\appdata\roaming\PnkBstrK.sys
2009-05-17 21:40 682,280 a------- c:\windows\system32\pbsvc.exe
2009-05-13 14:54 90,112 a------- c:\windows\system32\dpl100.dll
2009-05-13 14:54 823,296 a------- c:\windows\system32\divx_xx0c.dll
2009-05-13 14:54 823,296 a------- c:\windows\system32\divx_xx07.dll
2009-05-13 14:54 815,104 a------- c:\windows\system32\divx_xx0a.dll
2009-05-13 14:54 811,008 a------- c:\windows\system32\divx_xx16.dll
2009-05-13 14:54 802,816 a------- c:\windows\system32\divx_xx11.dll
2009-05-13 14:54 685,056 a------- c:\windows\system32\DivX.dll
2009-04-30 05:37 293,376 a------- c:\windows\system32\psisdecd.dll
2009-04-30 05:37 428,544 a------- c:\windows\system32\EncDec.dll
2009-04-24 09:05 827,904 a------- c:\windows\system32\wininet.dll
2009-04-24 09:02 78,336 a------- c:\windows\system32\ieencode.dll
2009-04-24 06:44 26,624 a------- c:\windows\system32\ieUnatt.exe
2009-04-23 05:43 784,896 a------- c:\windows\system32\rpcrt4.dll
2009-04-23 05:42 636,928 a------- c:\windows\system32\localspl.dll
2009-04-22 00:20 14,311,680 a------- c:\windows\system32\xlive.dll
2009-04-22 00:20 13,642,496 a------- c:\windows\system32\xlivefnt.dll
2009-04-21 04:55 2,033,152 a------- c:\windows\system32\win32k.sys
2008-09-06 12:32 174 a--sh--- c:\program files\desktop.ini
2008-09-06 12:24 665,600 a------- c:\windows\inf\drvindex.dat
2006-11-02 05:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 05:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 05:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 05:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
============= FINISH: 13:18:49.95 ===============
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-06-26.01)
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/8/2007 2:30:21 PM
System Uptime: 7/14/2009 1:13:03 PM (0 hours ago)
Motherboard: ASUSTeK Computer INC. | | P5N-E SLI
Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2400/266mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 466 GiB total, 180.948 GiB free.
D: is CDROM (CDFS)
E: is CDROM (UDF)
==== Disabled Device Manager Items =============
==== System Restore Points ===================
No restore point in system.
==== Installed Programs ======================
2007 Microsoft Office system
3DMark06
7-Zip 4.57
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.1.3
AIM 6
Apple Mobile Device Support
Apple Software Update
AutoUpdate
Battlefield 2(TM)
Bioshock
Black & White® 2
Bonjour
Call of Duty(R) 4 - Modern Warfare(TM)
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
CDDRV_Installer
Crysis(R)
Crysis(R) SP Demo
DivX Codec
DivX Player
DivX Version Checker
DivX Web Player
EA Download Manager
Empire: Total War
EVE-ONLINE (remove only)
FLV Player 2.0, build 24
Forgotten Realm Updater
GameSpy Comrade
Gmask 1.70 English
Google Update Helper
GPGNet
Heroes of Might and Magic V
Heroes of Might and Magic® III
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iTunes
Java(TM) 6 Update 4
Java(TM) 6 Update 7
Kaspersky Online Scanner
KhalInstallWrapper
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
Logitech SetPoint
Mass Effect
Medieval II - Retrofit Mod version 1.0
Medieval II Total War
Medieval II Total War : Kingdoms : Americas
Medieval II Total War : Kingdoms : Britannia
Medieval II Total War : Kingdoms : Crusades
Medieval II Total War : Kingdoms : Teutonic
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB929729)
Microsoft .NET Framework 3.5 SP1
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Word 2002
Microsoft Works 2003 Setup Launcher
Microsoft Works 7.0
Microsoft Works Suite Add-in for Microsoft Word
Microsoft WSE 3.0 Runtime
mIRC
Mozilla Firefox (3.0.11)
MWLL TeamAction v0.2
Neverwinter Nights 2
Neverwinter Nights 2 Palette Editor
NVIDIA Drivers
NVIDIA PhysX
Oblivion
Oblivion mod manager 1.1.9
OpenOffice.org 3.0
Overlord II - Demo
Pirates of the Burning Sea
Plants vs. Zombies
Portal
Project Reality 0809 Core
Project Reality 0809 Levels
Prototype
PunkBuster Services
QuickTime
Realtek High Definition Audio Driver
Savage 2 - A Tortured Soul
Sid Meier's Civilization 4
Sid Meier's Civilization 4 - Beyond the Sword
Sins of a Solar Empire
Spelling Dictionaries Support For Adobe Reader 8
SPORE™
Spybot - Search & Destroy
Steam
Supreme Commander
System Requirements Lab
Team Fortress 2
The Sims™ 3
Trillian
Unreal Tournament 3
VC80CRTRedist - 8.0.50727.762
Ventrilo Client
Viewpoint Media Player
Warcraft III
Warcraft III: All Products
WinRAR archiver
Works Suite OS Pack
World in Conflict
World of Warcraft
WorldGate Client
Yahoo! Messenger
==== Event Viewer Messages From Past Week ========
7/8/2009 12:21:17 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/7/2009 11:06:31 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
7/14/2009 12:59:02 AM, Error: EventLog [6008] - The previous system shutdown at 12:57:40 AM on 7/14/2009 was unexpected.
7/14/2009 12:36:40 AM, Error: EventLog [6008] - The previous system shutdown at 12:35:52 AM on 7/14/2009 was unexpected.
7/12/2009 11:11:44 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate1ca026aa549c7a3) service failed to start due to the following error: The system cannot find the path specified.
7/11/2009 6:09:37 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 24.4.190.145 for the Network Card with network address 001BFCF79453 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
7/11/2009 3:49:44 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.2 for the Network Card with network address 001BFCF79453 has been denied by the DHCP server 68.87.76.39 (The DHCP Server sent a DHCPNACK message).
7/11/2009 3:08:10 PM, Error: EventLog [6008] - The previous system shutdown at 3:06:53 PM on 7/11/2009 was unexpected.
==== End Of File ===========================
Please answer also to antivirus question :)
Sorry for the long delay :(
After my most recent post I downloaded McAfee (comes free for comcast users) and did a complete scan. Nothing showed up.
Not long after I started freezing whenever I used any application which used higher end graphics (games) but occasionally just while doing normal activities.
I formatted hoping I could squish a bug with a sledge hammer but the problems actually got worse afterward... after several formats and some other attempts to get things rolling again I dropped my machine off with a tech, as I'm now BSOD'd on startup :/
Thanks for your help, otherwise, but it seems a bit late though. The techs can't seem to figure out what's wrong, they haven't found anything wrong on the side of the hardware but I don't see how it can be a software issue after a format, that basically is a kill-all right?
Well that sounds like hardware issue to me.
What does it say in BSOD?
Don't remember the exacts :(
I was getting some weird errors including
bad or missing command interpreter
enter the full shell command line:
command.com /P /E:256
toward the end of an error while booting up before windows loaded. It's been a few days and they've still no idea what's wrong with my machine :( I'm beginning to think they don't know what they're doing any more than I do.
This (http://www.tomshardware.co.uk/forum/page-222181_12_0.html) might help.
Due to the lack of feedback this Topic is closed.
If it has been four days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.
If it has been less than four days since your last response and you need the thread re-opened, please send a private message (pm). A valid, working link to the closed topic is required.
Everyone else please begin a New Topic.