Active A Few Issues

[Active] A Few Issues

I am not sure if these issues are malware related but i am pretty sure they are.

I cannot download any antivirus/spyware software (even though i have one already but it's telling me nothing is there) the file is cirrupted on download and my browser crashes at 99% completed.

Whenever i try to go to an antivirus/spyware website it redirects to another search engine.

My system is incrediby slow to start up.

and other numerous issues, can anyone help.

Thanks in advance

 

Hi laertes and welcome to the BBS.

Please read this and post the requested logs. I should add that the experts in this forum can be quite busy at times but I'm sure your post will be picked up by one of them as soon as available.

 

Thank you for the welcome.

Here the logs as requested:


DDS (Ver_09-02-01.01) - NTFSx86
Run by John at 20:21:12.82 on 08/02/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_10
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.1534.694 [GMT 0:00]

AV: ESET Smart Security 3.0 *On-access scanning enabled* (Updated)
FW: ESET Personal firewall *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\RTPSvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\vVX1000.exe
C:\WINDOWS\acoustic.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\PROGRA~1\MICROS~3\Office12\OUTLOOK.EXE
C:\Documents and Settings\John\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.co.uk/
uSearchMigratedDefaultURL = hxxp://windiwsfsearch.com/search?q={searchTerms}
mStart Page = about:blank
mSearchMigratedDefaultURL = hxxp://windiwsfsearch.com/search?q={searchTerms}
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
mWinlogon: UIHost=c:\windows\system32\logonui.exe
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe "
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [VX1000] c:\windows\vVX1000.exe
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe "
mRun: [SystemTray] SysTray.Exe
mRun: [TBTray] acoustic.exe
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
StartupFolder: c:\docume~1\john\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\dap\dapextie.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download &all with DAP - c:\program files\dap\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: DirectAnimation Java Classes
DPF: Microsoft XML Parser for Java
DPF: {0CFA086E-6336-4D95-B6AA-90F564E99631} - hxxp://www.shopandscan.com/TNSClicker.CAB
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///D:/Program%20Files/Risk/Images/stg_drm.ocx
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.srtest.com/srl_bin/sysreqlab3.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www3.snapfish.co.uk/SnapfishUKActivia.cab
DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/EN-GB/a-UNO1/GAME_UNO1.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1221068789171
DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} - hxxp://www.acclaim.com/cabs/acclaim_v4.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_10-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GR99D3~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\Skype4COM.dll
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: LMIinit - LMIinit.dll
Notify: WBSrv - c:\program files\stardock\object desktop\windowblinds\wbsrv.dll
AppInit_DLLs: wbsys.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\john\applic~1\mozilla\firefox\profiles\0ia8qjvb.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo Search
FF - prefs.js: browser.startup.homepage - hxxp://www.avalon-haven.com/
FF - prefs.js: keyword.URL - hxxp://search.freecause.com/search?fr=freecause&ourmark=3&type=59033&ei=utf-8&yahoo_domain=search.yahoo.com&p=
FF - component: c:\documents and settings\john\application data\mozilla\firefox\profiles\0ia8qjvb.default\extensions\{75ac016f-ff3f-486c-9f98-36637223a8e1}\components\Engine.dll
FF - component: c:\program files\dap\dapfirefox\components\DAPFireFox.dll
FF - component: c:\program files\mozilla firefox\components\iamfamous.dll
FF - component: c:\program files\real\realplayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\documents and settings\john\application data\mozilla\firefox\profiles\0ia8qjvb.default\extensions\logmeinclient@logmein.com\plugins\npRACtrl.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\mozilla firefox\plugins\NPTURNMED.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-1-15 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-1-15 55024]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-5-12 611664]
R2 ekrn;Eset Service;c:\program files\eset\eset smart security\ekrn.exe [2007-12-21 468224]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-7-24 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-12-27 47640]
R2 PCMAVRTPService;PCMAV RealTime Protector Service;c:\windows\system32\RTPSvc.exe [2009-2-6 155648]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-1-15 7408]
R3 tbHD;Philips PSC705 WDM Driver;c:\windows\system32\drivers\TBirdHD.sys [2002-1-31 334802]
R3 TBhdgame;Philips PSC705 GamePort;c:\windows\system32\drivers\tbhdgame.sys [2001-12-19 11491]
R3 ZG760_XP;ZyXEL 802.11g XG762 1211 Driver;c:\windows\system32\drivers\WlanGZXP.sys [2009-1-6 519168]
S2 antivirwebservice;Avira Premium Security Suite WebGuard;c:\program files\avira\avira premium security suite\avwebgrd.exe [2008-9-10 258305]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\drivers\avfwim.sys --> c:\windows\system32\drivers\avfwim.sys [?]
S3 cdiskdun;cdiskdun;\??\c:\docume~1\john\locals~1\temp\cdiskdun.sys --> c:\docume~1\john\locals~1\temp\cdiskdun.sys [?]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]

=============== Created Last 30 ================

2009-02-08 18:14 218,112 a------- C:\wsongs.exe
2009-02-08 16:10 <DIR> --d----- c:\program files\Network Stumbler
2009-02-08 15:19 26,832 a------- c:\windows\system\CTL3DV2.DLL
2009-02-08 15:19 <DIR> --d----- C:\ASRAPI2
2009-02-08 15:19 <DIR> --d----- C:\FRENCH
2009-02-06 19:23 <DIR> --d----- C:\AeriaGames
2009-02-06 14:47 <DIR> --d----- c:\docume~1\john\applic~1\Command & Conquer 3 Kane's Wrath
2009-02-06 11:59 120,320 a------- c:\windows\system32\RTPScan.dll
2009-02-06 11:59 155,648 a------- c:\windows\system32\RTPSvc.exe
2009-02-05 01:27 <DIR> --d----- c:\docume~1\john\applic~1\Ubisoft
2009-02-04 22:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-02-04 22:01 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-02-04 22:01 <DIR> --d----- c:\docume~1\john\applic~1\SUPERAntiSpyware.com
2009-02-03 19:27 0 a------- c:\windows\PowerReg.dat
2009-02-03 19:22 <DIR> --d----- c:\program files\Red Storm Entertainment
2009-02-02 15:15 <DIR> --d-h--- C:\LG3G
2009-02-02 12:01 <DIR> --d----- c:\docume~1\john\applic~1\TVSM
2009-02-02 11:58 <DIR> --d----- c:\program files\TV Station Manager
2009-02-01 20:33 <DIR> --d----- c:\docume~1\john\applic~1\My Battle for Middle-earth(tm) II Files
2009-01-31 16:27 <DIR> --d----- c:\program files\Bridge Building Game
2009-01-31 15:25 <DIR> --d----- c:\program files\Bridge Construction Set Demo
2009-01-31 15:16 <DIR> --d----- c:\program files\Bridge Builder
2009-01-30 15:00 <DIR> --d----- c:\program files\Cinemaware Marquee
2009-01-30 14:46 <DIR> --d----- c:\documents and settings\john\Darwinia
2009-01-30 13:28 <DIR> --d----- c:\program files\Buena Vista Interactive
2009-01-30 11:05 <DIR> --d----- c:\docume~1\john\applic~1\Sierra
2009-01-29 23:17 <DIR> --d----- c:\program files\Defcon
2009-01-28 14:55 <DIR> --d----- C:\Westwood
2009-01-28 00:42 <DIR> --d----- c:\program files\EvilLyrics
2009-01-28 00:23 <DIR> --d----- c:\documents and settings\john\S
2009-01-28 00:23 <DIR> --d----- c:\windows\system\KEEPER
2009-01-27 20:23 4,390,912 a------- C:\VTMB.ISO
2009-01-27 20:18 292 a------- c:\windows\vtmb.ini
2009-01-26 23:06 <DIR> --d----- c:\program files\Hasbro Interactive
2009-01-25 18:15 <DIR> --d----- c:\program files\Anno 1602
2009-01-25 18:01 738,304 -------- c:\windows\system32\1602Unst.exe
2009-01-24 23:25 <DIR> --d----- c:\program files\MSN Messenger
2009-01-24 20:52 <DIR> --d----- c:\program files\Populous Reincarnated
2009-01-24 17:54 <DIR> --d----- c:\program files\TPW
2009-01-24 17:29 50,620 a------- c:\windows\system32\command.com.bak
2009-01-24 17:29 2,577 a------- c:\windows\system32\config.nt.bak
2009-01-24 17:29 1,688 a------- c:\windows\system32\autoexec.nt.bak
2009-01-24 11:55 <DIR> --d----- c:\program files\Enlight
2009-01-23 21:42 24,576 a------- c:\windows\system32\ealtest.exe
2009-01-23 20:37 <DIR> --d----- c:\docume~1\john\applic~1\My Battle for Middle-earth Files
2009-01-22 18:28 <DIR> --d----- c:\program files\Railroad Tycoon 3
2009-01-21 15:52 <DIR> --d----- c:\program files\Bullfrog
2009-01-21 15:52 299,008 a------- c:\windows\uninst.exe
2009-01-17 21:33 <DIR> --d----- c:\program files\Yahoo!
2009-01-13 23:49 <DIR> --d----- c:\program files\Hamachi
2009-01-13 22:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SpeedBit
2009-01-13 22:31 479,298 a------- c:\windows\system32\wbocx.ocx
2009-01-13 22:31 172,032 a------- c:\windows\system32\AniGIF.ocx
2009-01-13 22:31 50,688 a------- c:\windows\system32\wbhelp2.dll
2009-01-13 22:31 <DIR> --d----- c:\program files\DAP
2009-01-12 15:53 <DIR> --d----- c:\program files\TaMiGoN
2009-01-12 15:11 <DIR> --d----- c:\program files\Crossword Man
2009-01-12 15:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Crossword Man
2009-01-10 16:12 <DIR> --d-h--- c:\program files\InstallJammer Registry

==================== Find3M ====================

2009-02-04 20:05 43,520 a------- c:\windows\system32\CmdLineExt03.dll
2009-02-04 14:54 361,344 a------- c:\windows\system32\drivers\tcpip.sys
2009-01-24 21:52 107,888 a------- c:\windows\system32\CmdLineExt.dll
2009-01-24 17:49 148,248 a------- c:\windows\system32\GDIPFONTCACHEV1.DAT
2009-01-24 17:40 112,212 a---h--- c:\windows\system32\mlfcache.dat
2009-01-13 23:49 15,440 a------- c:\windows\system32\drivers\hamachi.sys
2009-01-05 22:33 3,751,995 a------- c:\windows\system32\GPhotos.scr
2008-12-27 16:18 3,082 a------- c:\windows\system32\affv9869p2now.sys
2008-12-26 00:08 453,152 a------- c:\windows\system32\nvudisp.exe
2008-12-24 15:27 87,608 a------- c:\docume~1\john\applic~1\inst.exe
2008-12-24 15:27 47,360 a------- c:\docume~1\john\applic~1\pcouffin.sys
2008-12-24 15:25 47,360 a------- c:\windows\system32\drivers\pcouffin.sys
2008-12-24 14:58 10,538,464 a------- C:\smart-dvd-creator-pro-setup.exe
2008-12-24 14:55 9,078,088 a------- C:\CheetahDVDBurner.exe
2008-12-24 13:28 2,048 a------- c:\windows\eReg.dat
2008-12-23 21:58 453,152 a------- c:\windows\system32\NVUNINST.EXE
2008-12-23 17:14 604 a---h--- c:\program files\STLL Notifier
2008-12-08 19:33 2,076,672 a------- c:\windows\system32\libmysql.dll
2008-12-08 19:33 2,076,672 a------- c:\windows\libmysql.dll
2008-12-08 11:53 57,344 a------- c:\windows\system32\ff_vfw.dll
2008-12-04 22:55 307,560 a------- c:\windows\WLXPGSS.SCR
2008-11-29 11:41 2,294,291 a------- c:\windows\system32\x264vfw.dll
2008-11-19 19:14 249,856 -------- c:\windows\Setup1.exe
2008-11-19 19:14 73,216 a------- c:\windows\ST6UNST.EXE
2008-09-30 21:27 22,328 a------- c:\docume~1\john\applic~1\PnkBstrK.sys
2008-09-21 01:16 417,792 a------- c:\documents and settings\john\BNUpdate.exe
2008-09-11 22:35 708 a------- c:\program files\INSTALL.LOG
2008-09-10 21:41 120,286 a------- c:\docume~1\alluse~1\applic~1\firstlsp.reg.dat
2003-12-18 10:33 20,102 a------- c:\program files\Readme.txt
2003-09-03 06:46 10,960 a------- c:\program files\EULA.txt

============= FINISH: 20:21:40.50 ===============


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/09/2008 17:38:14
System Uptime: 02/08/2009 19:15:41 (-4199 hours ago)

Motherboard: ASUSTek Computer INC. | | NARRA
Processor: AMD Athlon(tm) 64 Processor 3800+ | Socket AM2 | 2411/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 298 GiB total, 63.764 GiB free.
D: is FIXED (NTFS) - 144 GiB total, 43.297 GiB free.
E: is FIXED (NTFS) - 5 GiB total, 3.038 GiB free.
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
L: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\128C8B111D800
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\128C8B111D800
Service: NIC1394

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: NVIDIA nForce Networking Controller
Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV03EF\4&B2E3328&0&00
Manufacturer: NVIDIA
Name: NVIDIA nForce Networking Controller
PNP Device ID: {1A3E09BE-1E45-494B-9174-D7385B45BBF5}\NVNET_DEV03EF\4&B2E3328&0&00
Service: NVENETFD

==== System Restore Points ===================

No restore point in system.

==== Installed Programs ======================

7-Zip 4.62
Acute Softwares Diary 5.0
Ad-Aware
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader 6.0
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced WindowsCare Personal
Age of Empires III
Age of Mythology
AIM Pro
Airport Tycoon 2
Alien Nations
AlphaStar v.1.0.02
Anno 1602
Anno 1701
Apophysis 2.0
Apple Mobile Device Support
Apple Software Update
Ares 2.1.1
µTorrent
AusLogics Disk Defrag
AutoUpdate
AviSynth 2.5
AVS DVD Player version 2.4
AVS4YOU Software Navigator 1.2
Battlecraft 1942
Battlefield 1942
Battlefield 1942: The Road To Rome
BC-Mod Installer .NET - FINAL Version
BC-Mod Packager BETA 4.4 - FULL Version
Black & White® 2
Black and White
Bonjour
Bridge Builder
Bridge Building Game
Bridge Construction Set Demo
BroadJump Client Foundation
Casino Empire
Casino Inc
Casino Inc - The Management
Cheetah DVD Burner
Choice Guard
Circus Rmpire
Command & Conquer 3
Command & Conquer The First Decade
Command & Conquer(tm) Red Alert(tm) 3 Worldbuilder
Command & Conquerâ„¢ Red Alertâ„¢ 3
Crysis(R)
CSI
CSI-3 Dimensions of Murder 1.0
CSI-Dark Motives
CSI-Hard Evidence
CSI-Miami
CursorFX
Darwinia v1.42
Defcon
Democracy 2
Deus Ex
Disney Pirates of the Caribbean Online
DivX Codec
DivX Converter
DivX Player
DivX Web Player
Download Accelerator Plus (DAP)
Dungeon Keeper 2
Dungeon Keeper Gold
Emperor: Battle For Dune
Emperor: Rise of the Middle Kingdom 1.0.1.0
Empire Earth II
Empire Earth II: The Art of Supremacy
ESET Smart Security
EuropeMapleStory
EvilLyrics
Expression Web 1 Extras Toolbar
Expression Web 2 Extras Toolbar
Freelancer
GameSpy Arcade
GameSpy Comrade
Genesis Rising
Guild Wars
Hamachi 1.0.1.1
High Definition Audio Driver Package - KB888111
HijackThis 1.99.1
Hitman - Codename 47
Homeworld2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB945282)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946040)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946308)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946344)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947540)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947789)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB948127)
Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB951708)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
iTunes
James Bond 007: Nightfire
Java(TM) 6 Update 10
K-Lite Codec Pack 4.4.2 (Full)
LG PC Suite
LG USB Modem driver
LimeWire 4.18.8
LogMeIn
LogonStudio
Luxor Mahjong
Macromedia Dreamweaver 8
Macromedia Extension Manager
Magic ISO Maker v5.4 (build 0251)
MagicDisc 2.7.105
Malwarebytes' Anti-Malware
MB Astrology Birth Chart
MB Numerology Compatibility Software
Medieval Lords
Medieval Total War
Messenger Plus! Live
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Game Studios Common Redistributables Pack 1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Rise Of Nations
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual J# 2.0 Redistributable Package
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
Microsoft XML Parser
Mozilla Firefox (3.0.6)
Mozilla Thunderbird (2.0.0.19)
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML4 Parser
Nero 7 Ultra Edition
neroxml
Network Play System (Patching)
Network Stumbler 0.4.0 (remove only)
NOD32 v3.x FiX 1.1 by TemDono (Free Updates - Expire in 2050)
Nostradamus - The Last Prophecy
NVIDIA Drivers
PDF Settings
Pegasus Mail
Picasa 3
Populous Matchmaker
Populous: The Beginning
Populous: Undiscovered Worlds - Patch
PunkBuster Services
QuickPar 0.9
QuickTime
Railroad Tycoon 3
Realtek High Definition Audio Driver
RealWorld Icon Editor
Rise of Nations Thrones and Patriots
Roll
RollerCoaster Tycoon 2
RollerCoaster Tycoon 2: Time Twister
RollerCoaster Tycoon 2: Wacky Worlds
Security Update for 2007 Microsoft Office System (KB951596)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for Microsoft Office Excel 2007 (KB951546)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Visio 2007 (KB947590)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Segoe UI
Sid Meier's Civilization 4 Complete
SimCity 3000
SimCityâ„¢ Societies
SimCityâ„¢ Societies Destinations
Sins of a Solar Empire
Skypeâ„¢ Beta 4.0
SmartFTP Client
SPOREâ„¢
Star Trek Elite Force II
Star Wars Empire at War
Star Wars Empire at War Forces of Corruption
Star Wars Jedi Knight Jedi Academy
Stronghold 2 Deluxe
Stronghold Crusader Extreme
Stronghold Legends
SUPERAntiSpyware Free Edition
System Requirements Lab
TaMiGoN (remove only)
TEA Evaluation 2.9
The Battle for Middle-earth (tm)
The Battle for Middle-earth (tm) II
The Sims 2
The Sims 2 Family Fun Stuff
The Sims 2 Glamour Life Stuff
The Sims 2 Nightlife
The Sims 2 Open For Business
The Sims 2 Pets
The Sims 2 University
The Sims Livin' it up
The Sims Makin' Magic
The Simsâ„¢ 2 Apartment Life
The Simsâ„¢ 2 Bon Voyage
The Simsâ„¢ 2 Celebration! Stuff
The Simsâ„¢ 2 FreeTime
The Simsâ„¢ 2 H&M® Fashion Stuff
The Simsâ„¢ 2 IKEA® Home Stuff
The Simsâ„¢ 2 Kitchen & Bath Interior Design Stuff
The Simsâ„¢ 2 Mansion and Garden Stuff
The Simsâ„¢ 2 Seasons
The Simsâ„¢ 2 Teen Style Stuff
Theme Hospital
Theme Park World
Theme Park World Fix
Tom Clancy's Rainbow Six 3: Raven Shield
Tom Clancy's Splinter Cell
Total Annihilation
Tron 2.0
TV Station Manager
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB934391)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb956080)
Update for Windows XP (KB898461)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
UseNeXT
Vampire - The Masquerade Bloodlines
VLC media player 0.9.2
Warcraft III: All Products
Water 1.04. for Adobe After Effects
WebFldrs XP
Winamp
WinAVIVideoConverter
WindowBlinds
Windows Internet Explorer 7
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Service Pack 3
WinRAR archiver
xp-AntiSpy 3.96-8
Yahoo! Messenger
Yahoo! Toolbar
Zeus
Zoo Tycoon 2 - Zookeeper Collection
Zoo Tycoon: Complete Collection
Zune Desktop Theme

==== Event Viewer Messages From Past Week ========

02/02/2009 20:44:10, error: Service Control Manager [7001] - The SSDP Discovery Service service depends on the HTTP service which failed to start because of the following error: The specified procedure could not be found.
02/02/2009 20:44:10, error: Service Control Manager [7000] - The HTTP service failed to start due to the following error: The specified procedure could not be found.
02/02/2009 20:44:08, error: Service Control Manager [7003] - The Avira Premium Security Suite WebGuard service depends on the following nonexistent service: AVEService
02/02/2009 19:49:00, error: Service Control Manager [7001] - The Universal Plug and Play Device Host service depends on the HTTP service which failed to start because of the following error: The specified procedure could not be found.
02/02/2009 19:48:59, error: DCOM [10005] - DCOM got error "%1068" attempting to start the service upnphost with arguments " " in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
01/02/2009 00:28:10, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
03/02/2009 22:45:20, error: Dhcp [1002] - The IP address lease 192.168.1.64 for the Network Card with network address 0013498ED804 has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
04/02/2009 22:18:43, error: MRxSmb [8003] - The master browser has received a server announcement from the computer SHELL-IVUW7W2CA that believes that it is the master browser for the domain on transport NetBT_Tcpip_{60743EE0-224. The master browser is stopping or an election is being forced.
08/02/2009 14:46:19, error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
08/02/2009 18:59:22, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
08/02/2009 18:59:49, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments " " in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
08/02/2009 18:59:59, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
08/02/2009 18:59:59, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
08/02/2009 18:59:59, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error: A device attached to the system is not functioning.
08/02/2009 18:59:59, error: Service Control Manager [7001] - The IPv6 Helper Service service depends on the Microsoft IPv6 Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
08/02/2009 18:59:59, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
08/02/2009 18:59:59, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
08/02/2009 18:59:59, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD avipbb easdrv epfwtdi Fips IPSec MRxSmb NetBIOS NetBT Processor prodrv06 RasAcd Rdbss SASDIFSV SASKUTIL ssmdrv Tcpip Tcpip6
08/02/2009 19:00:13, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments " " in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
04/02/2009 14:54:20, information: Windows File Protection [64004] - The protected system file tcpip.sys could not be restored to its original, valid version. The file version of the bad file is 5.1.2600.5512 The specific error code is 0x800b0100 [No signature was present in the subject. ].

==== End Of File ===========================

 

Welcome to WindowsBBS Laertes


Download RootRepeal to your Desktop.

• Extract the compressed file to it's own folder.
• Open the folder and doubleclick on RootRepeal.exe to run it.
• Click on the Report tab, and then click on: Scan
• A window opens asking what to include in the scan.
• Check the following boxes then click OK:
  • Drivers
  • Files
  • Processes
  • SSDT
  • Stealth Objects
  • Hidden Services
• You will then be asked which drive to scan.
• Check C: (or the drive your operating system is installed on, if not C)
• Click OK once again.

The tool will begin scanning and may take a while to complete, so please be patient.

When the scan finishes, click on: Save Report
Name the log RootRepeal.txt and save it to your Documents folder (it should default there).

Post the contents of the report in a reply here.