Active Programs not loading, no sound and browser issues

[Active] Programs not loading, no sound and browser issues

I have been having issues with this system which is not related to an earlier post for another computer. Here are the DDS scan files for your review. Thanks in advance for your assistance.


DDS (Ver_09-02-01.01) - NTFSx86
Run by Mr. Steve at 12:41:38.67 on 02/14/09
Internet Explorer: 8.0.6001.18372 BrowserJavaVersion: 1.6.0_12
Microsoft® Windows Vistaâ„¢ Ultimate 6.0.6001.1.1252.1.1033.18.2035.1083 [GMT -7:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Windows\System32\svchost.exe -k LPDService
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\tcpsvcs.exe
C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe
C:\Windows\system32\TSSchBkpService.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service Report Generator\SWASReports.exe
C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Service Driver Management\SWASDriverManagementPlugin.exe
C:\Program Files\Samsung Network Printer Utilities\SyncThru Web Admin Local Device Discovery\LocalDevDiscoveryPlugin.exe
C:\Windows\system32\nfsclnt.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Windows\System32\spool\drivers\w32x86\3\fppdis2a.exe
C:\Program Files\Common Files\AOL\1226596163\ee\aolsoftware.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Airlink101\Airlink101 WLAN Monitor\WlanMon.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\SP\ControlCenter3\brccMCtl.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Uniblue\RegistryBooster\StartRegistryBooster.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Program Files\Timeslips\TSTimer.exe
C:\Windows\system32\consent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe
C:\Program Files\Registry Mechanic\RMTray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\svchost.exe -k imgsvc
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Program Files\SP\Brmfl05b\FAXRX.exe
C:\PROGRA~1\Yahoo!\Messenger\ymsgr_tray.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Windows\system32\rundll32.exe
C:\Users\Mr. Steve\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: WormRadar.com IESiteBlocker.NavFilter: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - AVG Safe Search
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {a057a204-bacc-4d26-9990-79a187e2698e} - AVG Security Toolbar
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: MSN Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn\toolbar\3.0.0983.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: MSN Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\program files\msn\toolbar\3.0.0983.0\msneshellx.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} -
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [TSTimer] "c:\program files\timeslips\TSTimer.exe "
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [SmartRAM] "c:\program files\iobit\advanced systemcare 3\Sup_SmartRAM.exe" /m
uRun: [RegistryMechanic] c:\program files\registry mechanic\rmtray.exe /H
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [filehippo.com] "c:\program files\filehippo.com\UpdateChecker.exe" /background
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [ccleaner] "c:\program files\ccleaner\CCleaner.exe" /AUTO
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe "
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Samsung PanelMgr] c:\windows\samsung\panelmgr\ssmmgr.exe /autorun
mRun: [pdfFactory Dispatcher v2] c:\windows\system32\spool\drivers\w32x86\3\fppdis2a.exe
mRun: [HostManager] c:\program files\common files\aol\1226596163\ee\AOLSoftware.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe "
mRun: [ControlCenter3] c:\program files\sp\controlcenter3\brctrcen.exe /autorun
mRun: [BrMfcWnd] c:\program files\sp\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ANIWZCS2Service] c:\program files\ani\aniwzcs2 service\WZCSLDR2.exe
mRun: [Airlink101 WLAN Monitor] c:\program files\airlink101\airlink101 wlan monitor\WLANmon.exe
mRun: [Ad-Watch] c:\program files\lavasoft\ad-aware\AAWTray.exe
mRun: [mcagent_exe] c:\program files\mcafee.com\agent\mcagent.exe /runkey
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
uPolicies-explorer: MaxRecentDocs = 99 (0x63)
uPolicies-explorer: NoCommonGroups = 0 (0x0)
uPolicies-explorer: RestrictRun = 0 (0x0)
uPolicies-system: NoConfigPage = 0 (0x0)
uPolicies-system: NoDevMgrPage = 0 (0x0)
uPolicies-system: NoFileSysPage = 0 (0x0)
uPolicies-system: NoProfilePage = 0 (0x0)
uPolicies-system: NoPwdPage = 0 (0x0)
uPolicies-system: NoSecCPL = 0 (0x0)
uPolicies-system: NoVirtMemPage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: HideShutdownScripts = 0 (0x0)
IE: &ieSpell Options - c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
IE: Check &Spelling - c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: E&xport to Microsoft Excel - c:\progra~1\microsoft office\office12\EXCEL.EXE/3000
IE: Lookup on Merriam Webster - file://c:\program files\iespell\Merriam Webster.HTM
IE: Lookup on Wikipedia - file://c:\program files\iespell\wikipedia.HTM
IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM
IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM
IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB}
IE: {925DAB62-F9AC-4221-806A-057BFB1014AA}
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\microsoft office\office12\REFIEBAR.DLL
Trusted Zone: mcafee.com
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/F/D/9/FD9E437D-5BC8-4264-A093-DFA2C39D197E/LegitCheckControl.cab
DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} - hxxp://www.pandasecurity.com/activescan/cabs/as2stubie.cab
DPF: {5727FF4C-EF4E-4d96-A96C-03AD91910448} - hxxp://www.srtest.com/srl_bin/sysreqlab_ind.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1227465670197
DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} - hxxp://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1234398119281
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
DPF: {E5ABEB00-B357-4884-9949-77B2C71A7EE3} - hxxp://www.intel.com/design/motherbd/boardid/BoardID.cab
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5433/mcfscan.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: igfxcui - igfxdev.dll
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\mr337d~1.ste\appdata\roaming\mozilla\firefox\profiles\9gtrrxbn.default\
FF - plugin: c:\program files\google\google updater\2.4.1399.3742\npCIDetect13.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\np32dsw.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npnul32.dll

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref( "extensions.blocklist.level ", 2);
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref( "browser.ssl_override_behavior ", 2);
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref( "security.alternate_certificate_error_page ", "certerror ");
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref( "browser.privatebrowsing.autostart ", false);
c:\program files\mozilla firefox 3.1 beta 2\defaults\pref\firefox.js - pref( "browser.privatebrowsing.dont_prompt_on_enter ", false);

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-1-20 64160]
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-2-8 28544]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2008-12-4 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-12-4 55024]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-1-18 950096]
R2 NfsClnt;Client for NFS;c:\windows\system32\nfsclnt.exe [2008-11-13 50688]
R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.SYS [2008-11-13 5120]
R2 SWAS_Core;SyncThru Web Admin Service;c:\program files\samsung network printer utilities\syncthru web admin service\SWAS.exe [2008-11-28 1449984]
R2 SWAS_Report_Plugin;SyncThru Web Admin Service Report Generator;c:\program files\samsung network printer utilities\syncthru web admin service report generator\SWASReports.exe [2008-1-31 925696]
R2 SWAS_Srv_DriverManagement;SyncThru Web Admin Service Driver Management;c:\program files\samsung network printer utilities\syncthru web admin service driver management\SWASDriverManagementPlugin.exe [2008-1-31 1060864]
R2 SWAS_Srv_LDD;SyncThru Web Admin Service Local Device Discovery;c:\program files\samsung network printer utilities\syncthru web admin local device discovery\LocalDevDiscoveryPlugin.exe [2008-1-31 634880]
R2 TSScheduleBackup;TimeslipsBackup;c:\windows\system32\TSSchBkpService.exe [2008-10-15 705024]
R3 dc3d;USBCCGP filter driver (dc3d);c:\windows\system32\drivers\dc3d.sys [2009-1-15 15360]
R3 NfsRdr;Client for NFS Redirector;c:\windows\system32\drivers\nfsrdr.sys [2008-11-13 195072]
R3 RpcXdr;Server for NFS Open RPC (ONCRPC);c:\windows\system32\drivers\rpcxdr.sys [2008-11-13 74240]
S2 0282761234465810mcinstcleanup;McAfee Application Installer Cleanup (0282761234465810);c:\users\mr337d~1.ste\appdata\local\temp\028276~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service --> c:\users\mr337d~1.ste\appdata\local\temp\028276~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?]
S3 CrystalSysInfo;CrystalSysInfo;c:\program files\mediacoder\SysInfo.sys [2007-9-25 15152]
S3 N5SG;Airlink101 SuperG Wireless Network Adapter Service;c:\windows\system32\drivers\N5SG.sys [2006-11-3 467040]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2008-12-4 7408]
S3 Seekeen Service;Seekeen Service; [x]
S4 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\pcpitstop\PCPitstopScheduleService.exe [2008-11-21 77312]

=============== Created Last 30 ================

2009-02-12 12:12 10,877 a------- c:\windows\system32\Config.MPF
2009-02-12 12:10 33,832 a------- c:\windows\system32\drivers\mferkdk.sys
2009-02-12 12:10 201,320 a------- c:\windows\system32\drivers\mfehidk.sys
2009-02-12 12:10 79,304 a------- c:\windows\system32\drivers\mfeavfk.sys
2009-02-12 12:10 40,488 a------- c:\windows\system32\drivers\mfesmfk.sys
2009-02-12 12:10 35,240 a------- c:\windows\system32\drivers\mfebopk.sys
2009-02-12 12:10 125,728 a------- c:\windows\system32\drivers\Mpfp.sys
2009-02-12 12:09 <DIR> --d----- c:\program files\McAfee.com
2009-02-12 12:09 <DIR> --d----- c:\program files\common files\McAfee
2009-02-12 12:09 <DIR> --d----- c:\program files\McAfee
2009-02-12 11:58 <DIR> --d----- c:\programdata\McAfee
2009-02-11 20:56 <DIR> --d----- C:\ComboFix
2009-02-11 17:45 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_dc3d_01005.Wdf
2009-02-11 17:28 428,544 a------- c:\windows\system32\EncDec.dll
2009-02-11 17:28 217,088 a------- c:\windows\system32\psisrndr.ax
2009-02-11 17:28 293,376 a------- c:\windows\system32\psisdecd.dll
2009-02-11 17:28 177,664 a------- c:\windows\system32\mpg2splt.ax
2009-02-11 17:28 80,896 a------- c:\windows\system32\MSNP.ax
2009-02-11 11:58 <DIR> --d----- c:\programdata\avg8
2009-02-11 11:58 <DIR> --d----- c:\progra~2\avg8
2009-02-08 21:01 28,544 a------- c:\windows\system32\drivers\pavboot.sys
2009-02-06 12:21 2,335,270 a------- c:\windows\system32\225EABC.mht
2009-02-05 18:48 161,792 a------- c:\windows\SWREG.exe
2009-02-05 18:48 98,816 a------- c:\windows\sed.exe
2009-02-05 13:16 119,120 a------- c:\windows\dxsdkuninst.exe
2009-02-05 13:16 <DIR> --d----- c:\program files\Microsoft DirectX SDK (November 2008)
2009-02-05 12:02 <DIR> --d----- C:\VersalSoft
2009-02-05 12:02 <DIR> --d----- c:\program files\VersalSoft
2009-02-05 12:02 <DIR> --d----- c:\program files\Universal
2009-01-29 11:40 <DIR> --d----- c:\users\mr. steve\Timeslips
2009-01-29 11:25 37,136 a------- c:\windows\system32\Regsc2b2.rra
2009-01-29 11:11 37,136 a------- c:\windows\system32\Regsf5a4.rra
2009-01-29 11:04 274,704 -------- c:\windows\system32\ntwdblib.dll
2009-01-29 11:04 37,136 a------- c:\windows\system32\Regsd603.rra
2009-01-29 11:04 520,760 -------- c:\windows\system32\Cfx32.ocx
2009-01-28 17:14 <DIR> --d----- c:\program files\MSECache
2009-01-28 14:29 <DIR> --d----- c:\program files\Norton Security Scan
2009-01-27 12:01 82,768 a------- c:\windows\system32\lmdimon8.dll
2009-01-27 12:00 <DIR> --d----- c:\programdata\Applications
2009-01-27 12:00 <DIR> --d----- c:\progra~2\Applications
2009-01-26 05:24 <DIR> --d----- c:\program files\Microsoft
2009-01-22 18:24 15,688 a------- c:\windows\system32\lsdelete.exe
2009-01-22 14:19 <DIR> --d----- c:\program files\Driver Sweeper
2009-01-20 12:48 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-01-20 12:45 <DIR> -cd-h--- c:\programdata\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-20 12:45 <DIR> -cd-h--- c:\progra~2\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-20 12:45 <DIR> --d----- c:\program files\Lavasoft
2009-01-20 06:49 142,848 a------- c:\windows\system32\drivers\Rtlh86.sys
2009-01-16 09:59 73,728 a------- c:\windows\system32\RtNicProp32.dll

==================== Find3M ====================

2009-02-11 17:46 143,360 a------- c:\windows\inf\infstrng.dat
2009-02-11 17:46 86,016 a------- c:\windows\inf\infstor.dat
2009-02-11 17:46 51,200 a------- c:\windows\inf\infpub.dat
2009-02-04 12:39 410,984 a------- c:\windows\system32\deploytk.dll
2009-01-28 11:46 56,912 a------- c:\users\mr. steve\g2mdlhlpx.exe
2009-01-15 09:15 15,360 a------- c:\windows\system32\drivers\dc3d.sys
2009-01-15 03:05 911,872 a------- c:\windows\system32\wininet.dll
2009-01-15 03:05 43,008 a------- c:\windows\system32\licmgr10.dll
2009-01-15 03:04 18,944 a------- c:\windows\system32\corpol.dll
2009-01-15 03:04 109,056 a------- c:\windows\system32\iesysprep.dll
2009-01-15 03:04 132,096 a------- c:\windows\system32\ieUnatt.exe
2009-01-15 03:04 109,568 a------- c:\windows\system32\PDMSetup.exe
2009-01-15 03:04 107,520 a------- c:\windows\system32\RegisterIEPKEYs.exe
2009-01-15 03:04 107,008 a------- c:\windows\system32\SetIEInstalledDate.exe
2009-01-15 03:04 103,936 a------- c:\windows\system32\SetDepNx.exe
2009-01-15 03:03 420,352 a------- c:\windows\system32\vbscript.dll
2009-01-15 03:03 72,704 a------- c:\windows\system32\admparse.dll
2009-01-15 03:03 71,680 a------- c:\windows\system32\iesetup.dll
2009-01-15 03:03 66,560 a------- c:\windows\system32\wextract.exe
2009-01-15 03:02 169,472 a------- c:\windows\system32\iexpress.exe
2009-01-15 03:01 34,304 a------- c:\windows\system32\imgutil.dll
2009-01-15 03:00 48,128 a------- c:\windows\system32\mshtmler.dll
2009-01-15 03:00 45,568 a------- c:\windows\system32\mshta.exe
2009-01-15 02:50 156,160 a------- c:\windows\system32\msls31.dll
2009-01-14 16:11 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-14 16:11 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-09 14:23 150,040 a------- c:\windows\system32\igfxtray.exe
2009-01-09 14:23 256,536 a------- c:\windows\system32\igfxsrvc.exe
2009-01-09 14:23 154,136 a------- c:\windows\system32\igfxpers.exe
2009-01-09 14:23 178,712 a------- c:\windows\system32\igfxext.exe
2009-01-09 14:23 670,232 a------- c:\windows\system32\igfxcfg.exe
2009-01-09 14:23 178,712 a------- c:\windows\system32\hkcmd.exe
2009-01-09 14:23 920,088 a------- c:\windows\system32\igxpun.exe
2008-12-23 10:51 147,456 a------- c:\windows\system32\igfxCoIn_v1624.dll
2008-12-23 10:43 3,411,968 a------- c:\windows\system32\igdumd32.dll
2008-12-23 10:43 2,476,032 a------- c:\windows\system32\drivers\igdkmd32.sys
2008-12-23 10:38 536,576 a------- c:\windows\system32\igdumdx32.dll
2008-12-23 10:24 2,359,296 a------- c:\windows\system32\ig4dev32.dll
2008-12-23 10:23 3,895,296 a------- c:\windows\system32\ig4icd32.dll
2008-12-23 09:57 258,048 a------- c:\windows\system32\igfxTMM.dll
2008-12-23 09:56 69,632 a------- c:\windows\system32\oemdspif.dll
2008-12-23 09:56 217,088 a------- c:\windows\system32\igfxpph.dll
2008-12-23 09:56 24,576 a------- c:\windows\system32\igfxexps.dll
2008-12-23 09:56 52,224 a------- c:\windows\system32\igfxsrvc.dll
2008-12-23 09:56 135,168 a------- c:\windows\system32\igfxdo.dll
2008-12-23 09:56 106,496 a------- c:\windows\system32\hccutils.dll
2008-12-23 09:55 5,672,960 a------- c:\windows\system32\igfxress.dll
2008-12-23 09:55 221,184 a------- c:\windows\system32\igfxdev.dll
2008-12-09 16:04 8,198,680 a------- c:\windows\system32\TVWSetup.exe
2008-12-04 09:31 53,248 a------- c:\windows\system32\CSVer.dll
2008-12-02 12:40 155,648 a------- c:\windows\system32\igfxCoIn_v1608.dll
2008-12-02 12:04 398,336 a------- c:\windows\system32\TVWizudlg.exe
2008-12-02 12:03 140,288 a------- c:\windows\system32\igfxtvcx.dll
2008-11-13 08:35 174 a--sh--- c:\program files\desktop.ini
2008-11-13 08:28 665,600 a------- c:\windows\inf\drvindex.dat
2006-11-02 05:40 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 05:40 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 05:40 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 05:40 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 02:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 02:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 12:42:33.90 ===============




UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft® Windows Vistaâ„¢ Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 11/08/08 3:46:45 PM
System Uptime: 02/12/09 1:06:11 PM (47 hours ago)

Motherboard: Intel Corporation | | DG31PR
Processor: Intel(R) Core(TM)2 Duo CPU E6750 @ 2.66GHz | J3E1 | 1998/1333mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 186 GiB total, 70.526 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 149 GiB total, 21.739 GiB free.
F: is FIXED (NTFS) - 233 GiB total, 14.459 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: USB Mass Storage Device
Device ID: USB\VID_154B&PID_0016\5&94B8C27&0&7
Manufacturer: Compatible USB storage device
Name: USB Mass Storage Device
PNP Device ID: USB\VID_154B&PID_0016\5&94B8C27&0&7
Service: USBSTOR

==== System Restore Points ===================

RP732: 02/11/09 11:58:01 AM - Installed AVG Free 8.0
RP733: 02/11/09 5:29:39 PM - Windows Update
RP735: 02/11/09 5:43:17 PM - Uniblue RegistryBooster 2009
RP737: 02/11/09 5:44:57 PM - Windows Update
RP738: 02/11/09 8:39:44 PM - Ad-Aware Checkpoint
RP739: 02/11/09 9:00:16 PM - ComboFix created restore point
RP740: 02/12/09 11:51:11 AM - Windows Update
RP742: 02/12/09 12:36:12 PM - DriverScanner install: Samsung ML-6060 Series PCL 6
RP744: 02/12/09 12:42:03 PM - DriverScanner install: Samsung ML-6060 Series PCL 6
RP745: 02/14/09 12:00:16 AM - Scheduled Checkpoint

==== Installed Programs ======================

2007 Microsoft Office Suite Service Pack 1 (SP1)
7-Zip 4.65
Acrobat.com
ActiveSpeed
Ad-Aware
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9
Advanced SystemCare 3
afreeCodecVT
ANIO Service
ANIWZCS2 Service
AoA Audio Extractor 1.0
AOL Uninstaller (Choose which Products to Remove)
ATX / Kleinrock Tax Products (Remove Only)
ATX / Kleinrock Tax Products 2006 (Remove Only)
ATX / Kleinrock Tax Products 2007 (Remove Only)
Avant Browser (remove only)
AVS Audio Converter version 5.1
AVS4YOU Software Navigator 1.2
Belarc Advisor 7.2
CCleaner (remove only)
Debugging Tools for Windows (x86)
Driver Sweeper 1.5.5
ESET Online Scanner
EVEREST Home Edition v2.20
filehippo.com Update Checker
FreeSpell+ProSpell (remove only)
GoodSync
Google Toolbar for Internet Explorer
Google Updater
GoToMeeting/GoToWebinar 3.0.0.198
HijackThis / CWShredder Installer 1.0
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
ieSpell
Intel(R) Graphics Media Accelerator Driver
Intel(R) TV Wizard
Java(TM) 6 Update 12
Java(TM) 6 Update 7
Macromedia Flash Player 8
Malwarebytes' Anti-Malware
McAfee SecurityCenter
MediaCoder 0.6.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB929729)
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft DirectX SDK (November 2008)
Microsoft IntelliPoint 6.3
Microsoft IntelliType Pro 6.3
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office Live Meeting 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft XML Parser
Mozilla Firefox (3.0.4)
Mozilla Firefox (3.1b2)
MP3 Rocket
MSN Toolbar
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 Parser and SDK
Multi-Function Suite
OpenOffice.org 3.0
Panda ActiveScan 2.0
PC Pitstop Exterminate2 2.0
pdfFactory
QODBC Driver
QuickBooks Enterprise Solutions: Accountant Edition 7.0
QuickBooks Product Listing Service
Readiris Pro 10
Realtek 8169 8168 8101E 8102E Ethernet Driver
Recuva (remove only)
Registry Mechanic 8.0
Samsung CLP-600 Series
Samsung CLP-600 Series SmartPanel
Samsung ML-1250 PCL 6
Samsung ML-6060 Series PCL 6
Samsung ML-6060 Series PS
Samsung SCX-4x16 Series
Samsung SCX-4x21 Series
Security Update for 2007 Microsoft Office System (KB951550)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB958439)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB958437)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB956828)
Security Update for Microsoft Office Word 2007 (KB956358)
Smart Defrag 1.10
SmarThru 4
SmarThru PC Fax
SUPERAntiSpyware Free Edition
SupportSoft Assisted Service
SyncThru Web Admin Local Device Discovery
SyncThru Web Admin Service
SyncThru Web Admin Service Driver Management
SyncThru Web Admin Service Report Generator
System Requirements Lab
The Ultimate Troubleshooter
Timeslips
Timeslips by Sage 2007
TP-LINK Driver Installation Program
Ultimate Extras sounds from Microsoft® Tinkerâ„¢
Uniblue DriverScanner 2009
Uniblue PixelPerfect
Uniblue PowerSuite 2009
Uniblue RegistryBooster 2009
Uniblue SpeedUpMyPC 2009
Uniblue SpyEraser
Uniblue System Tweaker
Update for Microsoft Office 2007 Help for Common Features (KB957244)
Update for Microsoft Office Access 2007 Help (KB957241)
Update for Microsoft Office Excel 2007 Help (KB957242)
Update for Microsoft Office InfoPath 2007 Help (KB957243)
Update for Microsoft Office OneNote 2007 Help (KB957245)
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Microsoft Office Outlook 2007 Help (KB957246)
Update for Microsoft Office PowerPoint 2007 Help (KB957247)
Update for Microsoft Office Publisher 2007 Help (KB957249)
Update for Microsoft Office Word 2007 Help (KB957252)
Update for Microsoft Script Editor Help (KB957253)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb959634)
Versal FileDownload ActiveX Control Trial Version
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebEx Event Manager for Internet Explorer
Windows Live Sign-in Assistant
Windows NT Backup - Restore Utility
Windows Sound Schemes
Windows Vista MUI Hacker 3.0
WinRAR archiver
WLAN Monitor
xMy.Freeze.com Toolbar with NetAssistant
Yahoo! Messenger
Yahoo! Toolbar

==== Event Viewer Messages From Past Week ========

02/07/09 4:27:35 PM, Error: volmgr [46] - Crash dump initialization failed!
02/07/09 4:28:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments " " in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
02/07/09 4:28:43 PM, Error: Service Control Manager [7001] - The TCP/IP Print Server service depends on the Print Spooler service which failed to start because of the following error: The dependency service or group failed to start.
02/07/09 4:28:43 PM, Error: Service Control Manager [7001] - The Client for NFS service depends on the Client for NFS Redirector service which failed to start because of the following error: The dependency service or group failed to start.
02/07/09 4:28:43 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: mfehidk SASDIFSV SASKUTIL spldr Wanarpv6
02/07/09 4:28:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
02/07/09 4:28:57 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments " " in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
02/07/09 4:32:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNASvc with arguments " " in order to run the server: {24F616A1-B755-4053-8018-C3425DC8B68A}
02/07/09 4:41:23 PM, Error: volsnap [25] - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
02/07/09 4:42:14 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SASDIFSV SASKUTIL spldr Wanarpv6
02/07/09 4:42:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments " " in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
02/07/09 4:54:26 PM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Send To OneNote 2007 with shared resource name Send To OneNote 2007. Error 2114. The printer cannot be used by others on the network.
02/07/09 4:54:26 PM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Samsung ML-6060 Series PS (Copy 1) with shared resource name Samsung ML-6060 Series PCL 6. Error 2114. The printer cannot be used by others on the network.
02/07/09 4:54:26 PM, Error: Microsoft-Windows-PrintSpooler [19] - The print spooler failed to share printer Samsung ML-6060 Series PCL6 with shared resource name Samsung ML-6060 Series PCL6. Error 2114. The printer cannot be used by others on the network.
02/07/09 4:54:42 PM, Error: Service Control Manager [7000] - The DgiVecp service failed to start due to the following error: The system cannot find the device specified.
02/07/09 4:54:42 PM, Error: Service Control Manager [7023] - The Diagnostic Service Host service terminated with the following error: The requested control is not valid for this service.
02/07/09 4:54:42 PM, Error: Service Control Manager [7023] - The Diagnostic System Host service terminated with the following error: The requested control is not valid for this service.
02/07/09 4:55:03 PM, Error: Service Control Manager [7001] - The Windows Media Player Network Sharing Service service depends on the UPnP Device Host service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
02/08/09 8:36:51 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
02/09/09 9:10:47 AM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {3A65891C-3794-43E5-89C8-20CCD19902CE}. The error: "3" Happened while starting this command: "C:\Users\Mr. Steve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EQE2P15P\mvtapp[1].exe" -Embedding
02/11/09 3:02:00 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments " " in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
02/11/09 3:02:01 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
02/11/09 3:02:01 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
02/11/09 11:59:10 AM, Error: Service Control Manager [7000] - The AVG Free8 Network Redirector service failed to start due to the following error: The system cannot find the device specified.
02/11/09 12:06:14 PM, Error: PlugPlayManager [11] - The device Root\LEGACY_AVGLDX86\0000 disappeared from the system without first being prepared for removal.

==== End Of File ===========================

 

Nothing appearing malware related. Can you give us a bit more deatil about the problem(s), eg: what programs won't load, what sort of browser issues, etc.?

 

The Intel on board audio will not play sound and hasn't for quite some time. The program Timeslips 2007 will not load and keeps returning error's related to database error's. I have used the same data file on an XP system without issue until today it has the same problems loading the database and program files. I have run several different scans over about the last year and cannot resolve the issues. While reading mail on Mozilla Firefox suddenly the entire mail list will disappear as if there is no mail when just prior to this screen the mail was listed. It seems to have all started when the sound stopped working. I assumed it was a media virus as my pages kept getting high-jacked to downloads of some vrus software that just immediately started to load. I have cleaned quite a bit since the infection but because the sound does not function and similar quirks as mentioned along with not being recognized on my home network. It seems as if there is some problem that I haven't been able to resolve as it keeps coming back through a different area. If there is something more specific that you can think of then please ask! I appreciated your help so far very much, Thank you again.

 

Are there errors shown in the device manager for the sound device?
Have you uninstalled the sound device via the device manager and rebooted?
Have you checked for and updated the sound drivers?
Do you have front (headphone) and rear sound ports, and have you tried them both?


Lets get a rootkit scan just to be sure it's not an issue. Download GMER Rootkit Scanner from here.

• Extract the contents of the zipped file to desktop.
• Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
• If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.

• In the right panel, you will see several boxes that have been checked. Uncheck the following ...
  • Sections
  • IAT/EAT
  • Drives/Partition other than Systemdrive (typically C:\)
  • Show All (don't miss this one)
• Then click the Scan button & wait for it to finish.
• Once done click on the [Save..] button, and in the File name area, type in ark.txt

Save it where you can easily find it, such as your desktop then post the contents here.

**Caution**
Rootkit scans often produce false positives. Do NOT take action on any <---- ROOKIT entries

Note - Please close all other programs, and all open browser windows prior to starting the scan.

 

Here are the results from the GMER scan. To answer your other questions; there are not problems listed under device manager for sound device. I have been trying to resolve this issue since I obtained this computer as the sound worked for about 1 day, then nothing. I have tried every driver as they have been released for a little over a year now. I almost had sound around the beginning of December 2008 but the Tech that built this machine changed some things that took me back to start. I have noticed that there seems to be quite a few individuals with this Intel DG31PR board that have the same problem but no resolution. The reason I upgraded this machine to Vista Ultimate was due to being told this was the only way to correct the sound problem, obviously it was not successful. Let me know what else I can help you with and Thanks for helping me out! I appreciated it very much.


GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2009-02-18 09:59:00
Windows 6.0.6001 Service Pack 1


---- System - GMER 1.0.14 ----

Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateFile [0x8D68C9BE]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcess [0x8D68C958]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateProcessEx [0x8D68C96C]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwMapViewOfSection [0x8D68C9FC]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenProcess [0x8D68C930]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenThread [0x8D68C944]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwProtectVirtualMemory [0x8D68C9D2]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetContextThread [0x8D68C9AA]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwSetInformationProcess [0x8D68C996]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwTerminateProcess [0x8D68CA2B]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0x8D68CA12]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwYieldExecution [0x8D68C9E8]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateUserProcess [0x8D68C982]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtCreateFile
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtMapViewOfSection
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenProcess
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenThread
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtSetInformationProcess

---- Devices - GMER 1.0.14 ----

AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\Tcp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Udp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \Driver\tdx \Device\RawIp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)

---- EOF - GMER 1.0.14 ----

 

I recommend you download and install the latest BIOS and sound drivers for that board from Intel.

 

I had downloaded the latest BIOS and drivers prior to this however I followed your link and downloaded the BIOS update again. The system restarted to reinstall the latest BIOS and the following error message appeared:

Microsoft Windows
EBIOSPost.exe has stopped working.

A Problem caused the program to stop working correctly. Windows will close the program and notify you when a solution is available.

Any ideas?

 

Hi CountVak

noahdfear will be gone for a few days, please be patient untill his return.

I would try to help you out, but I believe you will have better results with noahdfear then you would with me in this instance.

Thanks
Geri

 

Thanks for your help Geri! I appreciate any an all assistance with the issue of mine! I have lost enough hair! lol

 

Just wondering if Noahdfear is back?

Thanks

 

Hi
Not quite yet, he has made it here briefly, but then disappears.

He is having ISP problems, so as soon as he can get it resolved he'll be here.

Sorry for the wait.

Geri

 

Thats OK! I know what the problems can be like that is for sure! lmao Thanks for the update!

 

Combofix ran on this system so I posted the most recent log if this helps?

Thanks!

ComboFix 09-03-13.02 - Mr. Steve 2009-03-14 19:15:37.21 - NTFSx86
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.1033.18.2035.1209 [GMT -7:00]
Running from: c:\users\Mr. Steve\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\temp.094

.
((((((((((((((((((((((((( Files Created from 2009-02-15 to 2009-03-15 )))))))))))))))))))))))))))))))
.

2009-03-10 21:07 . 2009-02-08 20:10 2,033,152 --a------ c:\windows\System32\win32k.sys
2009-03-10 21:07 . 2008-11-26 21:43 268,288 --a------ c:\windows\System32\schannel.dll
2009-03-09 14:54 . 2009-03-09 14:55 364,544 --a------ C:\BackupATX07.mdb
2009-03-08 13:29 . 2008-07-28 12:57 1,388,544 --a------ c:\windows\System32\temp.13F
2009-03-08 13:29 . 2008-07-28 12:57 598,288 --a------ c:\windows\System32\temp.140
2009-03-08 13:29 . 2008-07-28 12:57 164,112 --a------ c:\windows\System32\temp.141
2009-03-08 13:29 . 2008-07-28 12:57 17,920 --a------ c:\windows\System32\temp.142
2009-03-03 13:01 . 2009-03-03 12:58 64,160 --a------ c:\windows\System32\drivers\Lbd.sys
2009-03-02 15:52 . 2009-03-02 15:52 <DIR> d-------- c:\program files\Verizon Wireless
2009-03-01 14:25 . 2008-12-15 20:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2009-03-01 14:25 . 2008-12-15 22:31 7,680 --a------ c:\windows\System32\spwmp.dll
2009-03-01 14:25 . 2008-12-15 22:31 4,096 --a------ c:\windows\System32\msdxm.ocx
2009-03-01 14:25 . 2008-12-15 22:31 4,096 --a------ c:\windows\System32\dxmasf.dll
2009-02-28 20:27 . 2009-02-26 11:41 102,664 --a------ c:\windows\System32\drivers\tmcomm.sys
2009-02-27 17:48 . 2009-03-01 13:11 <DIR> d-------- c:\windows\System32\RTCOM
2009-02-27 16:34 . 2009-02-27 16:39 <DIR> d--h-c--- c:\users\All Users\{5B85955C-92A8-4C87-8577-917CF53455BC}
2009-02-27 16:34 . 2009-02-27 16:39 <DIR> d--h-c--- c:\programdata\{5B85955C-92A8-4C87-8577-917CF53455BC}
2009-02-27 11:42 . 2009-02-27 11:42 <DIR> d-------- c:\users\Mr. Steve\AppData\Roaming\SystemRequirementsLab
2009-02-27 11:17 . 2009-02-27 11:18 <DIR> d-------- C:\Combo fix
2009-02-26 11:41 . 2009-03-07 23:41 <DIR> d-------- c:\users\Mr. Steve\.housecall6.6
2009-02-25 12:10 . 2009-02-25 12:31 <DIR> d-------- c:\program files\NoAdware
2009-02-24 12:04 . 2005-02-28 09:49 34,064 --a------ c:\windows\System32\drivers\Invoker.sys
2009-02-24 12:04 . 2005-02-28 09:49 33,148 --a------ c:\windows\System32\drivers\FlexBios.sys
2009-02-20 21:25 . 2009-02-20 21:25 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2009-02-20 19:31 . 2009-02-27 17:47 319,456 --a------ c:\windows\DIFxAPI.dll
2009-02-18 12:27 . 2009-02-18 12:27 <DIR> d--h-c--- c:\users\All Users\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2009-02-18 12:27 . 2009-02-18 12:27 <DIR> d--h-c--- c:\programdata\{66E2F539-12B6-4870-A500-7689CDE75C5E}
2009-02-18 00:14 . 2009-02-21 13:37 250 --a------ c:\windows\gmer.ini

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-15 01:34 --------- d-----w c:\program files\Avant Browser
2009-03-14 10:19 --------- d-----w c:\programdata\Google Updater
2009-03-11 21:52 --------- d-----w c:\program files\ATX2007
2009-03-11 10:07 --------- d-----w c:\program files\Windows Mail
2009-03-11 10:01 --------- d-----w c:\programdata\Microsoft Help
2009-03-08 20:29 --------- d-----w c:\program files\Common Files\ATX
2009-03-07 01:02 --------- d-----w c:\program files\Timeslips
2009-03-02 03:55 --------- d-----w c:\program files\Mozilla Firefox 3.1 Beta 2
2009-02-28 05:08 --------- d-----w c:\program files\ATX2006
2009-02-28 02:42 --------- d-----w c:\program files\Common Files\Adobe AIR
2009-02-28 00:49 --------- d--h--w c:\program files\Temp
2009-02-28 00:47 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-26 09:39 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-25 05:07 --------- d-----w c:\program files\SUPERAntiSpyware
2009-02-24 22:52 --------- d-----w c:\programdata\DriverScanner
2009-02-21 04:22 --------- d---a-w c:\programdata\TEMP
2009-02-21 01:31 --------- d-----w c:\program files\MP3 Rocket
2009-02-21 01:30 --------- d-----w c:\users\Mr. Steve\AppData\Roaming\MP3Rocket
2009-02-20 18:41 --------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-02-19 01:40 998,432 ----a-w c:\windows\System32\RtkPgExt.dll
2009-02-19 01:40 45,600 ----a-w c:\windows\System32\RtkCoInst.dll
2009-02-19 01:40 326,176 ----a-w c:\windows\System32\RtkApoApi.dll
2009-02-19 01:40 2,523,680 ----a-w c:\windows\System32\RtkAPO.dll
2009-02-19 01:30 2,323,680 ----a-w c:\windows\system32\drivers\RTKVHDA.sys
2009-02-13 03:24 282,112 ----a-w c:\windows\System32\RTPCEE32.dll
2009-02-12 23:52 159,232 ----a-w c:\windows\System32\FMAPO.dll
2009-02-12 19:37 --------- d-----w c:\program files\Samsung
2009-02-12 00:45 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_dc3d_01005.Wdf
2009-02-11 18:59 --------- d-----w c:\programdata\avg8
2009-02-11 17:19 38,496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-11 17:19 15,504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-02-09 04:01 --------- d-----w c:\program files\Panda Security
2009-02-06 04:29 --------- d-----w c:\program files\Driver Sweeper
2009-02-05 20:19 --------- d-----w c:\program files\Microsoft DirectX SDK (November 2008)
2009-02-05 20:16 119,120 ----a-w c:\windows\dxsdkuninst.exe
2009-02-05 19:02 --------- d-----w c:\program files\VersalSoft
2009-02-05 19:02 --------- d-----w c:\program files\Universal
2009-02-04 19:39 410,984 ----a-w c:\windows\System32\deploytk.dll
2009-02-04 19:02 --------- d-----w c:\program files\Java
2009-02-03 22:20 --------- d-----w c:\program files\7-Zip
2009-01-31 21:23 --------- d-----w c:\program files\Norton Security Scan
2009-01-30 17:56 15,688 ----a-w c:\windows\System32\lsdelete.exe
2009-01-29 00:14 --------- d-----w c:\program files\MSECache
2009-01-28 18:46 56,912 ----a-w c:\users\Mr. Steve\g2mdlhlpx.exe
2009-01-27 19:00 --------- d-----w c:\programdata\Applications
2009-01-26 12:27 --------- d-----w c:\program files\Google
2009-01-26 12:24 --------- d-----w c:\program files\Microsoft
2009-01-26 12:19 --------- d-----w c:\program files\Recuva
2009-01-23 21:57 993,816 ----a-w c:\windows\System32\igxpun.exe
2009-01-23 05:36 --------- d-----w c:\users\Mr. Steve\AppData\Roaming\WebEx
2009-01-20 19:45 --------- dc-h--w c:\programdata\{83C91755-2546-441D-AC40-9A6B4B860800}
2009-01-20 19:45 --------- d-----w c:\programdata\Lavasoft
2009-01-20 19:45 --------- d-----w c:\program files\Lavasoft
2009-01-20 13:49 142,848 ----a-w c:\windows\system32\drivers\Rtlh86.sys
2009-01-17 21:47 --------- d-----w c:\users\Mr. Steve\AppData\Roaming\IObit
2009-01-16 16:59 73,728 ----a-w c:\windows\System32\RtNicProp32.dll
2009-01-16 16:11 8,198,680 ----a-w c:\windows\System32\TVWSetup.exe
2009-01-16 16:11 252,952 ----a-w c:\windows\System32\igfxsrvc.exe
2009-01-16 16:11 141,848 ----a-w c:\windows\System32\igfxtray.exe
2009-01-16 16:10 668,696 ----a-w c:\windows\System32\igfxcfg.exe
2009-01-16 16:10 173,592 ----a-w c:\windows\System32\hkcmd.exe
2009-01-16 16:10 173,080 ----a-w c:\windows\System32\igfxext.exe
2009-01-16 16:10 150,552 ----a-w c:\windows\System32\igfxpers.exe
2009-01-16 16:02 155,648 ----a-w c:\windows\System32\igfxCoIn_v1637.dll
2009-01-16 15:53 4,568,064 ----a-w c:\windows\system32\drivers\igdkmd32.sys
2009-01-16 15:53 3,821,568 ----a-w c:\windows\System32\igdumd32.dll
2009-01-16 15:48 536,576 ----a-w c:\windows\System32\igdumdx32.dll
2009-01-16 15:29 2,674,688 ----a-w c:\windows\System32\ig4dev32.dll
2009-01-16 15:28 4,112,384 ----a-w c:\windows\System32\ig4icd32.dll
2009-01-16 15:16 59,392 ----a-w c:\windows\System32\oemdspif.dll
2009-01-16 15:16 398,336 ----a-w c:\windows\System32\TVWizudlg.exe
2009-01-16 15:16 257,536 ----a-w c:\windows\System32\igfxTMM.dll
2009-01-16 15:15 94,208 ----a-w c:\windows\System32\hccutils.dll
2009-01-16 15:15 51,712 ----a-w c:\windows\System32\igfxsrvc.dll
2009-01-16 15:15 23,552 ----a-w c:\windows\System32\igfxexps.dll
2009-01-16 15:15 200,192 ----a-w c:\windows\System32\igfxpph.dll
2009-01-16 15:15 140,288 ----a-w c:\windows\System32\igfxtvcx.dll
2009-01-16 15:15 130,048 ----a-w c:\windows\System32\igfxdo.dll
2009-01-16 15:14 5,702,656 ----a-w c:\windows\System32\igfxress.dll
2009-01-16 15:14 210,432 ----a-w c:\windows\System32\igfxdev.dll
2009-01-16 15:13 319,456 ----a-w c:\windows\System32\difxapi.dll
2009-01-16 00:55 --------- d-----w c:\program files\CCleaner
2009-01-15 16:15 15,360 ----a-w c:\windows\system32\drivers\dc3d.sys
2009-01-15 10:05 911,872 ----a-w c:\windows\System32\wininet.dll
2009-01-15 10:05 43,008 ----a-w c:\windows\System32\licmgr10.dll
2009-01-15 10:04 18,944 ----a-w c:\windows\System32\corpol.dll
2009-01-15 10:04 132,096 ----a-w c:\windows\System32\ieUnatt.exe
2009-01-15 10:04 109,568 ----a-w c:\windows\System32\PDMSetup.exe
2009-01-15 10:04 109,056 ----a-w c:\windows\System32\iesysprep.dll
2009-01-15 10:04 107,520 ----a-w c:\windows\System32\RegisterIEPKEYs.exe
2009-01-15 10:04 107,008 ----a-w c:\windows\System32\SetIEInstalledDate.exe
2009-01-15 10:04 103,936 ----a-w c:\windows\System32\SetDepNx.exe
2009-01-15 10:03 72,704 ----a-w c:\windows\System32\admparse.dll
2009-01-15 10:03 71,680 ----a-w c:\windows\System32\iesetup.dll
2009-01-15 10:03 66,560 ----a-w c:\windows\System32\wextract.exe
2009-01-15 10:03 420,352 ----a-w c:\windows\System32\vbscript.dll
2009-01-15 10:02 169,472 ----a-w c:\windows\System32\iexpress.exe
2009-01-15 10:01 34,304 ----a-w c:\windows\System32\imgutil.dll
2009-01-15 10:00 48,128 ----a-w c:\windows\System32\mshtmler.dll
2009-01-15 10:00 45,568 ----a-w c:\windows\System32\mshta.exe
2008-11-20 09:41 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-11-20 09:41 32,768 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-11-20 09:41 16,384 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG "= "c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"Uniblue RegistryBooster 2009 "= "c:\program files\uniblue\registrybooster\StartRegistryBooster.exe" [2008-09-09 99624]
"swg "= "c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-26 68856]
"SmartRAM "= "c:\program files\IObit\Advanced SystemCare 3\Sup_SmartRAM.exe" [2009-02-19 202064]
"Messenger (Yahoo!) "= "c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-02-18 4363504]
"filehippo.com "= "c:\program files\filehippo.com\UpdateChecker.exe" [2008-12-31 146432]
"ehTray.exe "= "c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"ccleaner "= "c:\program files\CCleaner\CCleaner.exe" [2009-02-19 1471728]
"SUPERAntiSpyware "= "c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-02-24 1830128]
"TSTimer "= "c:\program files\Timeslips\TSTimer.exe" [2006-06-15 2429992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"itype "= "c:\program files\Microsoft IntelliType Pro\itype.exe" [2008-06-10 1442888]
"Samsung PanelMgr "= "c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2006-12-01 520192]
"pdfFactory Dispatcher v2 "= "c:\windows\system32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2004-08-25 442368]
"HostManager "= "c:\program files\Common Files\AOL\1226596163\ee\AOLSoftware.exe" [2007-04-12 42032]
"GrooveMonitor "= "c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"ControlCenter3 "= "c:\program files\SP\ControlCenter3\brctrcen.exe" [2006-07-19 65536]
"BrMfcWnd "= "c:\program files\SP\Brmfcmon\BrMfcWnd.exe" [2007-05-15 622592]
"Ad-Watch "= "c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-03-03 515416]
"IgfxTray "= "c:\windows\system32\igfxtray.exe" [2009-01-16 141848]
"HotKeysCmds "= "c:\windows\system32\hkcmd.exe" [2009-01-16 173592]
"Persistence "= "c:\windows\system32\igfxpers.exe" [2009-01-16 150552]
"RtHDVCpl "= "c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-02-18 6793760]
"Skytel "= "c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-02-18 1833504]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2008-03-18 972064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle "= 0 (0x0)
"HideShutdownScripts "= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoConfigPage "= 0 (0x0)
"NoDevMgrPage "= 0 (0x0)
"NoFileSysPage "= 0 (0x0)
"NoProfilePage "= 0 (0x0)
"NoPwdPage "= 0 (0x0)
"NoSecCPL "= 0 (0x0)
"NoVirtMemPage "= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs "= 99 (0x63)
"NoCommonGroups "= 0 (0x0)
"RestrictRun "= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-01-06 10:30 356352 c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs "=G

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@= "Service "

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MP3 Rocket (Minimized).lnk]
backup=c:\windows\pss\MP3 Rocket (Minimized).lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{022C1412-07F9-425F-8C8D-8A95B21C9C81} "= UDP:c:\program files\Windows Calendar\WinCal.exe:Windows Calendar
"{603EC307-B815-4C0A-A4BF-082AB0D7D651} "= TCP:c:\program files\Windows Calendar\WinCal.exe:Windows Calendar
"{AAB76FA8-B710-4C2B-ADBD-0AED945A48A8} "= UDP:c:\program files\Windows Defender\MSASCui.exe:Windows Defender
"{5B03DD3E-8DBD-4297-A23B-0A01320318A4} "= TCP:c:\program files\Windows Defender\MSASCui.exe:Windows Defender
"{986810A3-D239-4C6F-98EE-5F6E83CB9FE0} "= UDP:c:\windows\ehome\ehshell.exe:Windows Media Center
"{1E576F96-2B3B-4C06-87E9-EF7C25361248} "= TCP:c:\windows\ehome\ehshell.exe:Windows Media Center
"{29FC0ACA-B8CF-4142-B111-80572F7E2739} "= UDP:c:\windows\System32\msra.exe:Windows Remote Assistance
"{7DD41FDD-54C1-4F38-B5E6-5C8D964CF85E} "= TCP:c:\windows\System32\msra.exe:Windows Remote Assistance
"{2EB49C94-0334-4151-A8C2-0F1BA60FD2E2} "= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{8E5E3A51-ED0D-4777-AD0E-3B254F725BA3} "= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{DF3961B8-AF01-4E83-B5A0-E5D66A23E9A2} "= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{AB2DDDAF-1643-4ABD-AB77-3B032F246C1B} "= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{EFC79375-EE07-4DD6-857B-5CCD768AF76C} "= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{42C6BF91-6B9E-44BD-B9B5-09C5AF030215} "= UDP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{CE1C29D8-C261-43C5-8E4A-742D9EC007F7} "= TCP:c:\program files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{EC83C1A1-7838-4DD0-8DC5-87E4FD01B06D} "= UDP:12422:BitComet 12422 TCP
"{41FF3BE6-BC5D-4A64-A65F-3430570A3E4F} "= TCP:12422:BitComet 12422 UDP
"TCP Query User{CD3BBC35-BBCA-4462-9C6C-293467BABE2F}c:\\program files\\java\\jre6\\bin\\javaw.exe "= UDP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"UDP Query User{16329AE8-36DC-4E77-A816-B328C66E714D}c:\\program files\\java\\jre6\\bin\\javaw.exe "= TCP:c:\program files\java\jre6\bin\javaw.exe:Java(TM) Platform SE binary
"TCP Query User{EBD1C0F0-BBB9-4466-BDEE-86DC1A04CCF6}c:\\program files\\avant browser\\avant.exe "= UDP:c:\program files\avant browser\avant.exe:avant
"UDP Query User{31CDEC45-DFB0-4B31-A8F1-720FCAD7FFCA}c:\\program files\\avant browser\\avant.exe "= TCP:c:\program files\avant browser\avant.exe:avant
"{78FE7F35-C848-4B01-9997-209AD1E5EA38} "= UDP:c:\users\Mr. Steve\Desktop\ComboFix.exe:ComboFix
"{9EA3A871-9D62-4137-86F4-EC425139D57E} "= TCP:c:\users\Mr. Steve\Desktop\ComboFix.exe:ComboFix
"{54571158-36BF-4BAF-BC93-BC2E15639100} "= UDP:e:\program files\MAX2004\atx2004.exe:atx2004
"{9D637C9D-E1B0-4E34-BC29-6CE2D0836B18} "= TCP:e:\program files\MAX2004\atx2004.exe:atx2004
"{894F1446-D3EB-480F-95AC-865713CE6C5F} "= Disabled:UDP:c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe:SUPERAntiSpyware Free Edition
"{9A6CEED4-78BD-4FC7-AEE7-61385BC1E1D1} "= Disabled:TCP:c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe:SUPERAntiSpyware Free Edition
"{7F769E3F-5DE4-4CBA-973E-D38C764A99C0} "= UDP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{BA9A27CF-B8D9-4963-8A65-2BA84830B5B3} "= TCP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{C283ADA1-C6EC-464A-9F4E-A486C442AD5E} "= UDP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{77011298-C04C-4A1F-89BA-25BCFE6EFD53} "= TCP:c:\program files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:Microsoft Office Live Meeting 2007
"{41D50B8B-C805-4655-B53A-13D28B196A96} "= Profile=Private|Profile=Public|c:\program files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Configurable\System]
"Rip-Listener-1 "= TCP:520|%SystemRoot%\System32\svchost.exe|Svc=ipripiprip.dll,-200|

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [2009-03-03 64160]
R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [2009-02-08 28544]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-12-04 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-12-04 55024]
R2 NfsClnt;Client for NFS;c:\windows\System32\nfsclnt.exe [2008-11-13 50688]
R2 SSPORT;SSPORT;c:\windows\System32\drivers\SSPORT.SYS [2008-11-13 5120]
R2 SWAS_Core;SyncThru Web Admin Service;c:\program files\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe [2008-11-28 1449984]
R2 SWAS_Report_Plugin;SyncThru Web Admin Service Report Generator;c:\program files\Samsung Network Printer Utilities\SyncThru Web Admin Service Report Generator\SWASReports.exe [2008-01-31 925696]
R2 SWAS_Srv_DriverManagement;SyncThru Web Admin Service Driver Management;c:\program files\Samsung Network Printer Utilities\SyncThru Web Admin Service Driver Management\SWASDriverManagementPlugin.exe [2008-01-31 1060864]
R2 SWAS_Srv_LDD;SyncThru Web Admin Service Local Device Discovery;c:\program files\Samsung Network Printer Utilities\SyncThru Web Admin Local Device Discovery\LocalDevDiscoveryPlugin.exe [2008-01-31 634880]
R2 TSScheduleBackup;TimeslipsBackup;c:\windows\System32\TSSchBkpService.exe [2008-10-15 705024]
R3 dc3d;USBCCGP filter driver (dc3d);c:\windows\System32\drivers\dc3d.sys [2009-01-15 15360]
R3 NfsRdr;Client for NFS Redirector;c:\windows\System32\drivers\nfsrdr.sys [2008-11-13 195072]
R3 RpcXdr;Server for NFS Open RPC (ONCRPC);c:\windows\System32\drivers\rpcxdr.sys [2008-11-13 74240]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2009-01-18 951632]
S3 CrystalSysInfo;CrystalSysInfo;c:\program files\MediaCoder\SysInfo.sys [2007-09-25 15152]
S3 N5SG;Airlink101 SuperG Wireless Network Adapter Service;c:\windows\System32\drivers\N5SG.sys [2006-11-03 467040]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-12-04 7408]
S3 Seekeen Service;Seekeen Service; [x]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LPDService REG_MULTI_SZ LPDSVC
ipripsvc REG_MULTI_SZ iprip
rsmsvcs REG_MULTI_SZ ntmssvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\shell\AutoRun\command - D:\SETUP.EXE /AUTO

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a09ff448-ade5-11dd-bf0a-806e6f6e6963}]
\shell\AutoRun\command - D:\SETUP.EXE /AUTO

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c669221b-c513-11dd-8d33-001d6a1211a6}]
\shell\AutoRun\command - G:\LaunchU3.exe -a

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll ",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
%SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
Contents of the 'Scheduled Tasks' folder

2009-03-10 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-03 12:50]

2009-03-15 c:\windows\Tasks\AutoSmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-02-13 18:15]

2009-03-15 c:\windows\Tasks\AWC Startup.job
- c:\program files\IObit\Advanced SystemCare 3\AWC.exe [2009-02-22 14:45]

2009-03-15 c:\windows\Tasks\PCConfidential.job
- c:\program files\Winferno\PC Confidential\PCConfidential.exe []

2009-03-02 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-02-13 18:15]

2009-03-02 c:\windows\Tasks\SmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\ [2009-02-26 09:56]

2008-12-03 c:\windows\Tasks\Uniblue SpyEraser.job
- c:\program files\Uniblue\SpyEraser\SpyEraser.exe [2008-10-26 02:01]

2009-03-15 c:\windows\Tasks\User_Feed_Synchronization-{2200CE9B-ADE1-45B7-9C1E-32B66A24FE38}.job
- c:\windows\system32\msfeedssync.exe [2009-01-15 03:01]
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: &ieSpell Options - c:\program files\ieSpell\iespell.dll/SPELLOPTION.HTM
IE: Check &Spelling - c:\program files\ieSpell\iespell.dll/SPELLCHECK.HTM
IE: E&xport to Microsoft Excel - c:\progra~1\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Lookup on Merriam Webster - file://c:\program files\ieSpell\Merriam Webster.HTM
IE: Lookup on Wikipedia - file://c:\program files\ieSpell\wikipedia.HTM
Trusted Zone: mcafee.com
FF - ProfilePath - c:\users\Mr. Steve\AppData\Roaming\Mozilla\Firefox\Profiles\9gtrrxbn.default\
FF - plugin: c:\program files\Google\Google Updater\2.4.1399.3742\npCIDetect13.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np32dsw.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npnul32.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref( "extensions.blocklist.level ", 2);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref( "browser.ssl_override_behavior ", 2);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref( "security.alternate_certificate_error_page ", "certerror ");
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref( "browser.privatebrowsing.autostart ", false);
c:\program files\Mozilla Firefox 3.1 Beta 2\defaults\pref\firefox.js - pref( "browser.privatebrowsing.dont_prompt_on_enter ", false);
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-14 19:19:22
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-03-14 19:22:58
ComboFix-quarantined-files.txt 2009-03-15 02:22:57
ComboFix2.txt 2009-03-02 23:22:37
ComboFix3.txt 2009-03-02 18:42:27
ComboFix4.txt 2009-03-02 18:24:03
ComboFix5.txt 2009-03-15 02:14:53

Pre-Run: 56,879,091,712 bytes free
Post-Run: 56,801,607,680 bytes free

336 --- E O F --- 2009-03-14 23:39:31

 

Hi
OK this is not really my area of experience, so with out waiting for noahdfear (This Is At Your Own Risk) And My best advise would be to post in the appropriate OS Forum with this problem.

Otherwise

It looks like your Microsoft UAA Bus Driver does not support the Intel DG31PR board
http://www.techspot.com/drivers/driver/file/information/9662/

Download your Audio Drivers, but don't install them yet.
http://downloadcenter.intel.com/fil...dows+Vista*+32&lang=eng&strOSs=164&submit=Go!

1}Click Start
2)Right Click My computer
3)Click properties
4)Select Hardware Tab
5)Click Device Manager
6)Click on the + of System Devices
7)Right Click Microsoft UAA Bus driver for high definition Audio
8)Uninstall this (this is the problem making place and this might indicated as yellow color explanation mark before you uninstall it)Just uninstall it
9)Now install your newly downloaded drivers.
10)System will ask to restart momentarily just follow the instructions and reassert .
Once all the installation and restarting are done your Audio may work with out any issues

Geri

 

Geri, Thanks for your help. I have downloaded the referenced drivers but have not installed them. I went to device manager and expanded the System Devices but do not show that "Microsoft UAA Bus Driver for high definition Audio ". The only similar reference that is shown is referenced in this listing as "High Definition Audio Controller ". The only entry that reflects a reference to a Bus is "UMBus Enumerator" and "UMBus Root Bus Enumerator ". Thanks again.

 

Addendum There is also a "PCI Bus" entry referenced.

 

Hi
OK this is really out of my area, and I don't want to give advice that may be wrong and cause damage.

Please post this in the windows Vista forum, and give a link to this topic. Someone there will be more knowledgeable about this then I am.

Geri

 

Thanks Geri!

 

Hi
You're welcome, good luck and if someone figures it out please let me know what the problem was.

Thanks
Geri

 

I have been trying to get this fixed now for about 18 months! I find a lot of other people with the same board and the same problem so if I can ever get it resolved, I shout it from the mountain top! lol

Thanks again Geri, your great!

Steven