Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

laptop locking up and roorepeal not running


  • Please log in to reply

#1
Krymzon

Krymzon

    Member

  • Member
  • PipPip
  • 16 posts
well i started a thread here http://www.geekstogo...ng-t255842.html and was told to start one under this section so i am. As stated in the other post and thread, my laptop freezes every now and again for apparently no reason, i do believe it's because my ram and cpu get maxed for 2-20 minutes at a time and takes a few trie for my comp to boot to the windows loading screen which also lags at times and locks up occassionally and makes it near impossible to enter safe mode as well... I have run otl and mbam and hijack this but when i try to run rootrepeal it freezes up on hidden services. I didnt run erunt because i used a different program before this and backed up my registry already. I ran superantispyware and avira and removed a few trojans and such. now i beleieve i was supposed to post the logs in here from the scans... so here we go
starting with otl it is a couple days old

OTL logfile created on: 10/21/2009 11:28:18 PM - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Users\Jack\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

957.87 Mb Total Physical Memory | 409.79 Mb Available Physical Memory | 42.78% Memory free
2.13 Gb Paging File | 1.20 Gb Available in Paging File | 56.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 67.91 Gb Total Space | 1.52 Gb Free Space | 2.23% Space Free | Partition Type: NTFS
Drive D: | 6.62 Gb Total Space | 0.63 Gb Free Space | 9.56% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MYPC
Current User Name: Jack
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2009/10/21 23:25:44 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Users\Jack\Desktop\OTL.exe
PRC - [2009/10/18 00:15:20 | 02,000,112 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2009/09/14 01:23:18 | 00,307,704 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/07/21 14:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/04/11 02:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/03/02 13:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/12/04 03:42:00 | 00,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2008/08/09 14:42:02 | 03,585,384 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
PRC - [2008/07/30 14:45:38 | 00,809,296 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/01/19 03:38:38 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/12/03 16:44:06 | 00,823,296 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtWlan.exe
PRC - [2007/07/27 12:49:46 | 00,036,864 | ---- | M] (Realtek) -- C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
PRC - [2007/07/10 06:28:08 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe
PRC - [2006/11/24 19:34:20 | 00,118,877 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
PRC - [2006/11/24 19:34:16 | 00,270,431 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
PRC - [2006/11/20 10:30:54 | 00,250,368 | ---- | M] (The Privoxy team - www.privoxy.org) -- C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
PRC - [2006/05/02 18:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
PRC - [2006/03/26 14:31:26 | 00,431,104 | ---- | M] (Unique Internet Services) -- C:\Program Files\ProxyFirewall\ProxyFirewall.exe

========== Win32 Services (SafeList) ==========

SRV - [2009/07/21 14:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/04/11 02:28:25 | 01,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2009/03/30 00:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/02/18 14:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/02/18 14:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/02/18 14:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2009/01/30 15:54:20 | 00,242,424 | ---- | M] (WildTangent, Inc.) -- C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe -- (GameConsoleService [On_Demand | Stopped])
SRV - [2009/01/19 12:13:44 | 02,789,160 | ---- | M] (Wacom Technology, Corp.) -- C:\Windows\System32\Pen_Tablet.exe -- (TabletServicePen [Disabled | Stopped])
SRV - [2008/12/04 03:42:00 | 00,203,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running])
SRV - [2008/11/09 16:48:14 | 00,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService [Disabled | Stopped])
SRV - [2008/08/09 14:42:02 | 03,585,384 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- (WebrootSpySweeperService [Auto | Running])
SRV - [2008/07/30 14:45:38 | 00,809,296 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService [Auto | Running])
SRV - [2008/03/18 17:52:32 | 00,020,480 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService [Disabled | Stopped])
SRV - [2008/01/19 03:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2008/01/19 03:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [Disabled | Stopped])
SRV - [2008/01/19 03:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2007/09/19 18:30:52 | 00,065,536 | ---- | M] (Hewlett-Packard) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service [Disabled | Stopped])
SRV - [2007/09/17 16:05:25 | 00,066,872 | ---- | M] () -- C:\Windows\System32\PnkBstrA.exe -- (PnkBstrA [Disabled | Stopped])
SRV - [2007/07/27 12:49:46 | 00,036,864 | ---- | M] (Realtek) -- C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe -- (RealtekUSB [Auto | Running])
SRV - [2007/07/10 06:28:08 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Running])
SRV - [2007/06/28 20:01:48 | 00,092,792 | ---- | M] (CACE Technologies) -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd [On_Demand | Stopped])
SRV - [2007/05/18 15:36:07 | 00,072,704 | ---- | M] (Adobe Systems) -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service [On_Demand | Stopped])
SRV - [2006/11/24 19:34:20 | 00,118,877 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched [Auto | Running])
SRV - [2006/11/24 19:34:16 | 00,270,431 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc [Auto | Running])
SRV - [2006/11/09 19:30:14 | 00,065,536 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService [Disabled | Stopped])
SRV - [2006/11/06 17:31:14 | 00,887,544 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9 [On_Demand | Stopped])
SRV - [2006/11/02 08:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 08:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [On_Demand | Stopped])
SRV - [2006/11/01 15:17:32 | 00,073,728 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [Disabled | Stopped])
SRV - [2006/10/26 23:49:34 | 00,441,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 18:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2006/10/19 17:52:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Disabled | Stopped])
SRV - [2006/07/10 11:32:46 | 00,495,616 | ---- | M] ( ) -- C:\Windows\System32\lxdbcoms.exe -- (lxdb_device [Disabled | Stopped])
SRV - [2006/06/26 13:50:08 | 00,126,976 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe -- (AddFiltr [On_Demand | Stopped])
SRV - [2006/05/02 18:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex [Auto | Running])
SRV - [2004/10/22 07:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [Disabled | Stopped])

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...O&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...O&pf=laptop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...O&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL File not found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 0.0.0.0.:80

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Thottbot WoW"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:0.7.5.5
FF - prefs.js..extensions.enabledItems: {e0204bd5-9d31-402b-a99d-a6aa8ffebdca}:1.2.1
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:0.0.0
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14
FF - prefs.js..extensions.enabledItems: [email protected]:2.028
FF - prefs.js..network.proxy.type: 4


FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Mozilla\Firefox Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2007/06/17 12:22:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/01 22:59:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/09/14 01:23:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.14\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/14 01:23:23 | 00,000,000 | ---D | M]

[2008/08/08 01:35:27 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\mozilla\Extensions
[2008/08/08 01:35:27 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/21 20:41:31 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\mozilla\Firefox\Profiles\vhzbht5l.default\extensions
[2008/08/08 01:29:10 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\mozilla\Firefox\Profiles\vhzbht5l.default\extensions\{4AB21F99-91C5-4a9d-813E-425841874FB1}
[2009/03/24 03:23:46 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\mozilla\Firefox\Profiles\vhzbht5l.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}
[2008/12/09 21:22:12 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\mozilla\Firefox\Profiles\vhzbht5l.default\extensions\[email protected]
[2008/11/29 09:34:14 | 00,001,088 | ---- | M] () -- C:\Users\Jack\AppData\Roaming\Mozilla\FireFox\Profiles\vhzbht5l.default\searchplugins\thottbot-wow.xml
[2009/05/26 20:55:36 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/09/14 01:23:23 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/08/17 13:55:57 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2007/06/17 12:23:13 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\[email protected]
[2009/09/14 01:23:17 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/09/14 01:23:17 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/05/01 17:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\libdivx.dll
[2007/04/10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2009/05/12 14:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2009/05/18 18:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2007/04/24 11:36:16 | 01,452,416 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll
[2009/09/14 01:23:20 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2008/10/14 21:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2008/09/10 15:56:44 | 00,144,960 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2007/07/19 23:49:36 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2007/07/19 23:49:37 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2007/07/19 23:49:37 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2007/07/19 23:49:37 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2007/07/19 23:49:37 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2007/07/19 23:49:37 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2007/07/19 23:49:37 | 00,131,072 | ---- | M] (Apple Computer, Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2007/05/22 19:32:00 | 01,560,576 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npRACtrl.dll
[2008/09/10 15:37:54 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2007/05/22 19:14:00 | 00,008,784 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ractrlkeyhook.dll
[2009/05/01 17:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files\mozilla firefox\plugins\ssldivx.dll
[2007/05/22 19:17:00 | 00,245,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\unicows.dll
[2008/07/02 12:31:38 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2008/07/02 12:31:38 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2008/07/02 12:31:38 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2008/11/13 16:44:53 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2008/07/02 12:31:38 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2008/07/02 12:31:38 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2008/07/02 12:31:38 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (Ask Search Assistant BHO) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL File not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\system32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\system32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe (Webroot Software, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 66.76.227.40 208.180.42.68
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/12/18 17:53:03 | 00,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 10:18:54 | 00,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\SETUP.EXE -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\SETUP.EXE -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

NetSvcs: FastUserSwitchingCompatibility - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: Nla - Service key not found. File not found
NetSvcs: Ntmssvc - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: SRService - Service key not found. File not found
NetSvcs: Wmi - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: LogonHours - Service key not found. File not found
NetSvcs: PCAudit - Service key not found. File not found
NetSvcs: helpsvc - Service key not found. File not found
NetSvcs: uploadmgr - Service key not found. File not found

========== Files/Folders - Created Within 14 Days ==========

[2009/10/18 19:43:49 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2009/10/17 21:29:21 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/10/17 21:28:04 | 00,000,000 | ---D | C] -- C:\Users\Jack\AppData\Roaming\SUPERAntiSpyware.com
[2009/10/18 19:43:49 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/10/20 23:05:11 | 00,000,000 | ---D | C] -- C:\Program Files\Project64 1.6
[2009/10/17 21:28:04 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/10/21 23:19:54 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/10/18 19:43:51 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2009/10/18 19:43:51 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2009/10/18 19:43:51 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2009/10/16 08:56:49 | 00,000,000 | ---D | C] -- C:\Users\Jack\Desktop\dads stuff
[2009/10/08 21:32:25 | 00,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2009/10/08 21:32:25 | 00,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2009/10/08 21:32:25 | 00,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2009/10/08 19:03:32 | 00,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2006/07/10 11:44:20 | 01,183,744 | ---- | C] ( ) -- C:\Windows\System32\lxdbserv.dll
[2006/07/10 11:40:00 | 00,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxdbcomm.dll
[2006/07/10 11:33:44 | 00,536,576 | ---- | C] ( ) -- C:\Windows\System32\lxdblmpm.dll
[2006/07/10 11:32:54 | 00,114,688 | ---- | C] ( ) -- C:\Windows\System32\lxdbpplc.dll
[2006/07/10 11:32:14 | 00,610,304 | ---- | C] ( ) -- C:\Windows\System32\lxdbcomc.dll
[2006/07/10 11:31:44 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxdbprox.dll
[2006/07/10 11:30:30 | 00,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxdbhbn3.dll
[2006/07/10 11:27:00 | 00,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxdbusb1.dll
[2006/07/10 11:22:40 | 00,393,216 | ---- | C] ( ) -- C:\Windows\System32\lxdbiesc.dll
[2006/07/10 11:20:44 | 00,409,600 | ---- | C] ( ) -- C:\Windows\System32\lxdbinpa.dll

========== Files - Modified Within 14 Days ==========

[1 C:\Windows\*.tmp files]
[2009/10/21 23:30:00 | 00,000,432 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A32AFB94-FA5A-440F-94D6-0ED2FD657E31}.job
[2009/10/21 23:19:55 | 00,001,874 | ---- | M] () -- C:\Users\Jack\Desktop\HijackThis.lnk
[2009/10/21 22:10:31 | 00,005,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/10/21 22:10:31 | 00,005,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/10/21 20:33:43 | 00,093,604 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/10/21 20:06:54 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/10/21 20:06:50 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/10/21 10:21:04 | 03,140,590 | -H-- | M] () -- C:\Users\Jack\AppData\Local\IconCache.db
[2009/10/20 23:42:05 | 00,703,448 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/10/20 23:42:05 | 00,604,012 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/10/20 23:42:05 | 00,105,040 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/10/20 23:30:30 | 00,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2009/10/20 22:50:41 | 00,030,208 | ---- | M] () -- C:\Users\Jack\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/20 19:29:48 | 00,113,367 | ---- | M] () -- C:\Users\Jack\Desktop\Bookmarks 2009-10-20.json
[2009/10/20 15:33:19 | 00,093,604 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/10/16 09:03:44 | 00,106,329 | ---- | M] () -- C:\Users\Jack\Desktop\Bookmarks 2009-10-16.json
[2009/10/09 07:00:05 | 00,001,484 | ---- | M] () -- C:\Windows\tasks\wrSpySweeperFullSweep.job
[2009/10/08 21:38:28 | 00,380,224 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files - No Company Name ==========
[2009/10/21 23:19:55 | 00,001,874 | ---- | C] () -- C:\Users\Jack\Desktop\HijackThis.lnk
[2009/10/20 23:31:01 | 03,140,590 | -H-- | C] () -- C:\Users\Jack\AppData\Local\IconCache.db
[2009/10/20 23:30:30 | 00,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2009/10/20 19:29:48 | 00,113,367 | ---- | C] () -- C:\Users\Jack\Desktop\Bookmarks 2009-10-20.json
[2009/10/16 09:03:44 | 00,106,329 | ---- | C] () -- C:\Users\Jack\Desktop\Bookmarks 2009-10-16.json
[2009/10/08 18:56:10 | 00,130,008 | ---- | C] () -- C:\Windows\System32\systemsf.ebd
[2009/10/08 18:56:05 | 00,009,239 | ---- | C] () -- C:\Windows\System32\spcinstrumentation.man
[2009/10/08 18:55:34 | 00,442,788 | ---- | C] () -- C:\Windows\System32\dot3.tmf
[2009/10/08 18:55:29 | 00,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/10/08 18:55:28 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/10/08 18:55:26 | 03,662,128 | ---- | C] () -- C:\Windows\System32\locale.nls
[2009/10/08 18:55:25 | 00,392,170 | ---- | C] () -- C:\Windows\System32\onex.tmf
[2009/10/08 18:55:20 | 00,344,698 | ---- | C] () -- C:\Windows\System32\eaphost.tmf
[2009/10/08 18:55:01 | 00,208,966 | ---- | C] () -- C:\Windows\System32\WFP.TMF
[2009/10/08 18:54:58 | 00,092,918 | ---- | C] () -- C:\Windows\System32\slmgr.vbs
[2009/10/08 18:53:20 | 00,009,212 | ---- | C] () -- C:\Windows\System32\RacUR.xml
[2009/10/08 18:53:10 | 00,000,153 | ---- | C] () -- C:\Windows\System32\RacUREx.xml
[2009/10/06 22:28:46 | 00,000,620 | ---- | C] () -- C:\Windows\RegGenie.ini
[2009/08/13 15:53:54 | 00,041,872 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2009/07/06 10:56:41 | 00,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/07/06 10:56:40 | 00,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2009/07/06 10:56:38 | 02,402,304 | ---- | C] () -- C:\Windows\System32\x264vfw.dll
[2009/04/15 07:14:22 | 00,061,440 | ---- | C] () -- C:\Windows\System32\drivers\wfhvb.sys
[2009/04/15 07:14:22 | 00,000,248 | ---- | C] () -- C:\Program Files\rsrnzo.txt
[2009/02/22 13:57:52 | 04,421,889 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2009/02/18 09:57:22 | 00,557,451 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2009/02/16 13:19:42 | 00,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/02/16 12:32:20 | 00,425,040 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2009/02/16 12:30:30 | 00,903,703 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2009/02/16 12:23:50 | 00,145,081 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2009/02/16 10:49:30 | 00,328,334 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2009/02/14 11:15:42 | 00,486,400 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2009/02/09 18:28:18 | 00,098,304 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2009/02/09 16:19:18 | 00,183,296 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2009/02/09 16:19:12 | 00,178,688 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2009/02/09 16:18:52 | 00,113,152 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2009/02/09 16:18:32 | 00,146,944 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2009/02/09 16:18:24 | 00,257,024 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2009/02/09 16:18:20 | 00,142,848 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2009/02/09 15:56:22 | 00,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009/01/11 01:26:48 | 00,000,552 | ---- | C] () -- C:\Users\Jack\AppData\Local\d3d8caps.dat
[2009/01/10 18:17:32 | 00,163,840 | ---- | C] () -- C:\Windows\System32\ts.dll
[2009/01/10 18:16:56 | 00,148,480 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2009/01/10 18:16:50 | 00,108,032 | ---- | C] () -- C:\Windows\System32\avi.dll
[2009/01/10 18:16:14 | 00,141,312 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2009/01/10 18:15:54 | 00,120,832 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2009/01/10 18:15:44 | 00,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll
[2009/01/10 18:15:32 | 00,102,400 | ---- | C] () -- C:\Windows\System32\avss.dll
[2009/01/10 18:15:28 | 00,246,784 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2009/01/10 18:15:12 | 00,097,280 | ---- | C] () -- C:\Windows\System32\avs.dll
[2009/01/10 18:14:08 | 00,079,360 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2009/01/10 18:14:06 | 00,023,552 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2009/01/03 20:10:35 | 00,093,604 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/01/03 20:10:34 | 00,093,604 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/12/03 18:11:50 | 00,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/11/06 12:37:32 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/11/06 12:34:00 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/08/09 14:42:08 | 00,031,080 | ---- | C] () -- C:\Windows\System32\wrLZMA.dll
[2008/06/10 20:02:23 | 00,000,407 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008/03/29 21:04:13 | 00,000,032 | ---- | C] () -- C:\ProgramData\ezsid.dat
[2008/02/09 18:36:53 | 00,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007/12/22 19:31:59 | 00,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2007/10/13 05:30:20 | 00,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2007/09/17 16:05:42 | 00,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2007/08/26 22:42:16 | 00,685,816 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2007/08/03 00:53:11 | 00,000,000 | ---- | C] () -- C:\Users\Jack\AppData\Local\FnF4.txt
[2007/07/26 19:37:30 | 00,030,208 | ---- | C] () -- C:\Users\Jack\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/07/24 15:36:07 | 00,001,356 | ---- | C] () -- C:\Users\Jack\AppData\Local\d3d9caps.dat
[2007/07/24 15:24:56 | 00,048,670 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\nvModes.001
[2007/07/24 15:24:51 | 00,048,670 | ---- | C] () -- C:\Users\Jack\AppData\Roaming\nvModes.dat
[2007/07/24 13:53:16 | 00,100,032 | ---- | C] () -- C:\Users\Jack\AppData\Local\GDIPFONTCACHEV1.DAT
[2007/07/24 13:53:16 | 00,000,000 | ---- | C] () -- C:\Users\Jack\AppData\Local\DSwitch.txt
[2007/07/24 13:53:15 | 00,000,000 | ---- | C] () -- C:\Users\Jack\AppData\Local\QSwitch.txt
[2007/07/24 13:53:15 | 00,000,000 | ---- | C] () -- C:\Users\Jack\AppData\Local\AtStart.txt
[2007/07/10 13:10:12 | 00,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2007/06/28 20:01:48 | 00,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2007/06/10 01:37:32 | 00,000,320 | ---- | C] () -- C:\Windows\YAHELITE_IGNORE.INI
[2007/06/10 01:26:57 | 00,439,635 | ---- | C] () -- C:\Windows\YAHELITE.INI
[2007/03/31 10:00:36 | 00,032,768 | ---- | C] () -- C:\Windows\System32\jlussmeyerot.dll
[2007/02/08 03:29:28 | 00,001,504 | ---- | C] () -- C:\Windows\System32\lxdbprod.ini
[2006/11/29 03:32:42 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 08:50:50 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 08:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:25:21 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 06:23:31 | 00,000,247 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 06:23:31 | 00,000,173 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 03:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/19 03:02:40 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/19 03:02:40 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/07/17 13:11:36 | 00,667,280 | ---- | C] () -- C:\Windows\System32\tx12.dll
[2006/03/09 19:58:00 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/02/15 03:23:22 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxdbvs.dll
[2006/02/09 04:20:00 | 00,000,530 | ---- | C] () -- C:\Windows\System32\tx12_ic.ini
[2005/05/07 08:06:00 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2004/09/16 16:24:26 | 03,375,104 | ---- | C] () -- C:\Windows\System32\qt-mt331.dll

========== LOP Check ==========

[2009/10/19 10:26:44 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming
[2007/08/26 23:30:32 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Ahead
[2009/01/03 22:35:02 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\CyberLink
[2009/08/12 19:14:24 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Digsby
[2008/07/07 21:10:10 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\DVD Flick
[2008/05/10 23:53:19 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\dvdcss
[2008/11/25 19:35:11 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\FrostWire
[2008/08/08 22:07:49 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\iWin
[2007/08/26 14:24:31 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\LimeWire
[2006/11/02 08:37:34 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Media Center Programs
[2007/09/02 22:31:57 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\mIRC
[2007/08/18 20:38:28 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Roxio
[2008/04/10 23:40:20 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Syntrillium
[2008/06/30 23:14:38 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\teamspeak2
[2009/01/18 19:47:49 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\tor
[2008/03/25 14:39:08 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\UFOAI
[2009/10/06 01:18:48 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\uTorrent
[2008/06/30 22:55:48 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Ventrilo
[2009/01/18 19:47:49 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Vidalia
[2007/10/13 15:09:48 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\WildTangent
[2009/08/22 06:36:21 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\WTablet
[2009/08/28 20:03:08 | 00,000,000 | ---D | M] -- C:\Users\Jack\AppData\Roaming\Xfire
[2009/10/21 20:06:54 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/10/21 10:21:47 | 00,032,622 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/10/21 23:30:00 | 00,000,432 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A32AFB94-FA5A-440F-94D6-0ED2FD657E31}.job
[2009/10/09 07:00:05 | 00,001,484 | ---- | M] () -- C:\Windows\Tasks\wrSpySweeperFullSweep.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >
[2007/06/17 22:53:45 | 00,188,603 | ---- | M] () -- C:\WarLord.exe

< %systemroot%\system32\eventlog.dll >

< %systemroot%\system32\scecli.dll >
[2009/04/11 02:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scecli.dll

< %systemroot%\netlogon.dll >

< %systemroot%\system32\cngaudit.dll >
[2006/11/02 05:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cngaudit.dll

< %systemroot%\system32\sceclt.dll >

< %systemroot%\ntelogon.dll >

< %systemroot%\system32\logevent.dll >
< End of report >

and followed by hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:39:44 PM, on 10/22/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
C:\Windows\system32\svchost.exe
C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtWlan.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\Program Files\ProxyFirewall\ProxyFirewall.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...O&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...O&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...O&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 0.0.0.0.:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn1\yt.dll
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NvCplDaemon] "C:\Windows\system32\RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] "C:\Windows\system32\RUNDLL32.EXE" C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [SpybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
O4 - HKCU\..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe"
O4 - HKCU\..\Run: [ehTray.exe] "C:\Windows\ehome\ehTray.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{AACD4BAE-B2CF-466B-8EA4-4151527DD36A}: NameServer = 192.168.1.1
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RealtekUSB - Realtek - C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 9085 bytes


and followed by mbam

Malwarebytes' Anti-Malware 1.41
Database version: 3012
Windows 6.0.6002 Service Pack 2

10/23/2009 8:18:50 PM
mbam-log-2009-10-23 (20-18-50).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 317778
Time elapsed: 1 hour(s), 53 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

well those are the logs i have ty and please if you can help me :)
  • 0

Advertisements


#2
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Hello Krymzon

Welcome to G2Go. :)
=====================
Hi can you tell me what issues are happening at present?
Has there been any change?
Does the computer still freeze at random?
  • 0

#3
Krymzon

Krymzon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
it's still about the same, not quite as frequent but it still happens at random. It' as if all my ram and cpu usage get maxed and the comp locks untill it's freed, mainly happens during gaming but can happen anytime. Still takes a few tries to reboot my copm it gets to the bios ver and all then the screen before windows loading screen and reboots itself and starts all over gain, takes a few times to gt thru and then the windos loading screen lag and locks up occasionally anywhere from 2min to 30 minutes same as in windows whilst gaming and all.. It happens during puzzle quest which cant be that taxing, and WoW ad various psx emud games and during other such things. It also seems to lock up when it gets unplugged and moved elsewhere.
  • 0

#4
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
You will need to know the manufacturer's name of the hard drive you have installed.
To get that go to Start then right click on the C:\drive and choose properties.
Then click on the hardware tab.

Then you can write down what you see there under Disk Drives and post that info here for me to see then I will be able to help you further.
  • 0

#5
Krymzon

Krymzon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
ST980811 AS SCSI
  • 0

#6
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok download and run this diagnostic check please it can be found here:
http://www.seagate.c...000dd04090aRCRD

Let me know how it goes.
  • 0

#7
Krymzon

Krymzon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
well i ran all the tests i could with the exception of the advance tests, nothing showed up as being wrong or faulty.. and it seem snow it locks up more durig playing flash games than anything else...weird i say
  • 0

#8
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Ok well that is a far as I would like to venture in this thread.
I would say now that this is an operating System issue.
Therefore you will need to start a new topic in this forum:
http://www.geekstogo...dows-7-f79.html

They will be able to help you further.

You can delete all that I had you download.
  • 0

#9
Krymzon

Krymzon

    Member

  • Topic Starter
  • Member
  • PipPip
  • 16 posts
guess that means i can post bac in my original thread then ido believe it was under vista..
  • 0

#10
kahdah

kahdah

    GeekU Teacher

  • Retired Staff
  • 15,822 posts
Yes that will be fine.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP