Internet acting weird

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Curien

Thread Starter
Joined
Jun 26, 2011
Messages
32
So I'm having a very odd problem with my computer, and it is only my computer, that goes along with my internet.

I'll start up my computer, it'll run for hours just fine on anything connected to the internet, games, browsers, the like.

But after a certain amount of time, it starts refusing to allow me to connect to anything at all, it lets me stay connected to anything I'm already on ( Most the time, and with problems, typically very long load times in games, can't message half the time in messenger programs, etc ) when I try to use a browser it says "Unable to access network" but as I said, I still stay connected to what I'm already using.

It's not the network card, because unfortunately I was a dolt and already bought one and switched it out.

Any help would be highly appreciated
 
Joined
Nov 1, 2011
Messages
9
strange issue. I had a similar issue with my laptop. after a few hours, my wireless card would go into some sort of sleep mode and web pages would become unavailable.

not sure what got it to work but I did the following things:
- installed all Windows updates
- updated the WLAN drivers
- under the device manager, I opened the WLAN properties, went to the power management tab and unchecked "Allow the compter to turn off this device to save power"

hope this helps
 

Curien

Thread Starter
Joined
Jun 26, 2011
Messages
32
I gave those a try, but did not seem to work, but thank you very much though
 

Curien

Thread Starter
Joined
Jun 26, 2011
Messages
32
I still haven't gotten a solution to this problem, so in case it helps, when I try to auto repair ( Which we know only works 1 in 20 times ) I get this message.

Cannot communicate with www.microsoft.com(65.55.12.249)
 
Joined
Jun 28, 2008
Messages
263
Let's start with the basics:

What type of computer system are you using? EG: win7, xp #3, linux,
What kind of network card are you using that get's you this "error"
As a start, can you post the ipconfig here?
Can you do a ping test and post the results?

Ping test - Go to your command prompt and type the following:

ping 127.0.0.1
ping (your router's IP)
Ping www.yahoo.com

If you have a great connection, you should have a loss of 0% on all of them.
A simple test to see if you may have caught a malware such as anti-malware 2009, see if you can goto the www.microsoft.update.com page. Most malware programs will divert you from that page.
 

Curien

Thread Starter
Joined
Jun 26, 2011
Messages
32
Hmm, I do keep getting diverted from that link, what program might you reccomend to get rid of it? I used a microsoft program but it didn't come up with any results
 
Joined
Jun 28, 2008
Messages
263
Ok, Curien, here is what we need to do:

First, I am doing to ask a moderator to close this post for the reason of a possbilility of being infected.

If you are getting diverted from the update.microsoft.com webpage, then it is more than likely that you might have a virus or a mal-ware infection of some kind and it is not showing up.

So in all respect, let's make sure that you do not have any kind of infection and you need to read this post first:

http://forums.techguy.org/virus-other-malware-removal/943214-everyone-must-read-before-posting.html

I will contact a couple of moderators there to give you some help on this matter and there will be other information that we may need.

Please be patient as all of the virus and mal-ware specalists are very busy.
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
120,210
Rather than closing this, we'll continue here. We can move it if necessary.

Please download DDS by sUBs to your desktop from one of the following locations:

http://download.bleepingcomputer.com/sUBs/dds.scr
http://www.forospyware.com/sUBs/dds

Double-click the DDS.scr to run the tool.

When DDS has finished scanning, it will open two logs named as follows:

DDS.txt
Attach.txt

Save them both to your desktop. Copy and paste the contents of the DDS.txt and Attach.txt files in your reply please.


If your machine is 64-bit then do not run the following (GMER) as it only runs on 32-bit machines.

Please download GMER from: http://gmer.net/index.php

Click on the "Download EXE" button and save the randomly named .exe file to your desktop.

Note: You must uninstall any CD Emulation programs that you have before running GMER as they can cause conflicts and give false results.

Double click the GMER .exe file on your desktop to run the tool and it will automatically do a quick scan.

If the tool warns of rootkit activity and asks if you want to run a full scan, click on No and make sure the following are unchecked on the right-hand side:

IAT/EAT
Any drive letter other than the primary system drive (which is generally C).

Click the Scan button and when the scan is finished, click Save and save the log in Notepad with the name ark.txt to your desktop.

Note: It's important that all other windows be closed and that you don't touch the mouse or do anything with the computer during the scan as it may cause it to freeze. You should disable your screen saver as if it comes on it may cause the program to freeze.

Open the ark.txt file and copy and paste the contents of the log here please.
 

Curien

Thread Starter
Joined
Jun 26, 2011
Messages
32
Alright, these are the results.

Honestly I never thought it to be malware, aside from the occasional internet issue I spoke of, computer never ran slow or acted too funny
 

Attachments

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
120,210
Please copy and paste the logs unless requested to attach them for easier viewing. I'll post them here.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6000.17037 BrowserJavaVersion: 1.6.0_29
Run by User at 13:07:30 on 2011-12-11
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.3070.1014 [GMT -5:00]
.
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\svchost.exe -k Akamai
C:\Windows\system32\libusbd-nt.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\User\AppData\Local\Akamai\netsession_win.exe
C:\Users\User\AppData\Local\Google\Update\1.3.21.57\GoogleCrashHandler.exe
C:\Users\User\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\World of Warcraft\WoW.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = local
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: GameBox Toolbar: {0fef2d2c-cda6-45e4-b2ed-9df7c50c95ff} -
uRun: [Google Update] "c:\users\user\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe
uRun: [MSWUpdate] "c:\users\user\appdata\roaming\services.exe"
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [Akamai NetSession Interface] c:\users\user\appdata\local\akamai\netsession_win.exe
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mPolicies-system: EnableLUA = 0 (0x0)
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{9E4BF4AC-BEE1-46CF-96B9-0AD8674784EF} : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{A4C60178-CC3A-4F58-B463-88D2E3DF0B50} : DhcpNameServer = 209.18.47.61 209.18.47.62
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\user\appdata\roaming\mozilla\firefox\profiles\8ixuv7ty.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z142&install_date=20110829
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z142&form=ZGAADF&install_date=20110829&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\users\user\appdata\local\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\users\user\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-11-16 239168]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 165648]
R1 MpKsl0c0904ec;MpKsl0c0904ec;c:\programdata\microsoft\microsoft antimalware\definition updates\{c18b6f9a-20c4-45bb-b3e4-e3d0408dc78f}\MpKsl0c0904ec.sys [2011-12-11 29904]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2006-11-2 22016]
R2 libusbd;LibUsb-Win32 - Daemon, Version 0.1.10.1;system32\libusbd-nt.exe --> system32\libusbd-nt.exe [?]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-6-26 2253120]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-10-14 381248]
R3 DLKRT32;D-Link DGE-530T Gigabit Ethernet Adapter Driver;c:\windows\system32\drivers\DLKRT32.sys [2011-11-28 261152]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [2010-10-18 33792]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2010-10-24 43392]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2011-10-27 139880]
S1 MpKsl878d867e;MpKsl878d867e;c:\programdata\microsoft\microsoft antimalware\definition updates\{c18b6f9a-20c4-45bb-b3e4-e3d0408dc78f}\MpKsl878d867e.sys [2011-12-10 29904]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-22 136176]
S3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-7-22 193840]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-22 136176]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2006-11-2 987648]
S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2006-11-2 251904]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2010-11-11 268528]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2020-04-17 18:59:34 299008 ----a-w- c:\windows\system32\BattleP.dll
2020-04-17 18:39:54 -------- d-----w- c:\windows\pss
2020-04-17 18:09:23 439632 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\nisbackup\gapaengine.dll
2020-04-17 18:09:22 439632 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{b16ff529-be26-4c66-aebd-e5e01c4102ad}\gapaengine.dll
2011-12-11 17:32:23 29904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c18b6f9a-20c4-45bb-b3e4-e3d0408dc78f}\MpKsl0c0904ec.sys
2011-12-11 17:32:21 56200 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c18b6f9a-20c4-45bb-b3e4-e3d0408dc78f}\offreg.dll
2011-12-11 00:50:51 6823496 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c18b6f9a-20c4-45bb-b3e4-e3d0408dc78f}\mpengine.dll
2011-12-11 00:46:01 -------- d-----w- c:\users\user\appdata\roaming\QuickScan
2011-11-29 00:41:39 80416 ----a-w- c:\windows\system32\RtNicProp.dll
2011-11-29 00:41:39 261152 ----a-w- c:\windows\system32\drivers\DLKRT32.sys
2011-11-29 00:41:24 -------- d-----w- c:\program files\D-Link
2011-11-20 01:53:47 -------- d-----w- c:\program files\The Elder Scrolls V Skyrim
2011-11-18 02:31:45 -------- d-----w- c:\program files\common files\DivX Shared
2011-11-16 07:47:02 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2011-11-16 07:47:02 515416 ----a-w- c:\windows\system32\XAudio2_5.dll
2011-11-16 07:47:01 238936 ----a-w- c:\windows\system32\xactengine3_5.dll
2011-11-16 07:45:59 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
2011-11-16 07:45:59 1374232 ----a-w- c:\windows\system32\D3DCompiler_36.dll
2011-11-16 07:45:54 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
2011-11-16 07:45:50 17928 ----a-w- c:\windows\system32\X3DAudio1_2.dll
2011-11-16 07:35:15 -------- d-----w- c:\users\user\appdata\local\Skyrim
2011-11-16 07:23:52 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-11-16 07:23:41 -------- d-----w- c:\program files\DAEMON Tools Lite
2011-11-16 07:22:53 -------- d-----w- c:\users\user\appdata\roaming\DAEMON Tools Lite
2011-11-16 07:22:51 -------- d-----w- c:\programdata\DAEMON Tools Lite
2011-11-16 07:11:13 3734536 ----a-w- c:\windows\system32\SETCCC4.tmp
2011-11-16 07:11:09 267112 ----a-w- c:\windows\system32\xactengine2_9.dll
2011-11-16 07:11:02 444776 ----a-w- c:\windows\system32\d3dx10_35.dll
2011-11-16 07:11:02 1358192 ----a-w- c:\windows\system32\D3DCompiler_35.dll
2011-11-16 07:09:58 440080 ----a-w- c:\windows\system32\d3dx10.dll
2011-11-16 07:09:47 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2011-11-16 07:09:45 237848 ----a-w- c:\windows\system32\xactengine2_4.dll
2011-11-16 07:09:38 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2011-11-16 07:09:34 236824 ----a-w- c:\windows\system32\xactengine2_3.dll
2011-11-16 07:09:33 62744 ----a-w- c:\windows\system32\xinput1_2.dll
2011-11-16 07:08:47 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2011-11-16 01:31:12 -------- d-----w- c:\program files\uTorrent
2011-11-16 01:30:27 -------- d-----w- c:\users\user\appdata\local\uTorrent
.
==================== Find3M ====================
.
2011-11-10 06:18:15 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-15 04:54:52 321856 ----a-w- c:\windows\system32\nvStreaming.exe
2011-10-05 16:57:08 258352 ----a-w- c:\windows\system32\unicows.dll
.
============= FINISH: 13:08:47.81 ===============
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
120,210
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 7/22/2009 1:02:25 PM
System Uptime: 12/11/2011 12:31:46 PM (1 hours ago)
.
Motherboard: ECS | | Nettle3
Processor: AMD Phenom(tm) 9500 Quad-Core Processor | Socket AM2 | 2200/201mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 38.34 GiB free.
D: is FIXED (NTFS) - 335 GiB total, 271.385 GiB free.
E: is CDROM (CDFS)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
µTorrent
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9
Akamai NetSession Interface
Akamai NetSession Interface Service
Apple Application Support
Apple Software Update
Atheros Driver Installation Program
ATI Catalyst Install Manager
Bandisoft MPEG-1 Decoder
Broadcom 802.11 Wireless LAN Adapter
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center HydraVision Full
Catalyst Control Center Localization All
ccc-utility
CDBurnerXP
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conexant HD Audio
Counter-Strike: Condition Zero
DAEMON Tools Lite
DGE-530T Ethernet Controller All-In-One Windows Driver
DivX Setup
GloveBox Configuration Software
Google Chrome
Google Earth Plug-in
Google Update Helper
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Quick Launch Buttons 6.40 H2
Java Auto Updater
Java(TM) 6 Update 29
Junk Mail filter update
Katawa Shoujo Act 1
League of Legends
Left 4 Dead 2
LibUSB-Win32-0.1.10.1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Mozilla Firefox 4.0.1 (x86 en-US)
MSVCRT
NetWaiting
NVIDIA 3D Vision Controller Driver
NVIDIA 3D Vision Controller Driver 285.62
NVIDIA 3D Vision Driver 285.62
NVIDIA Control Panel 285.62
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA Graphics Driver 285.62
NVIDIA HD Audio Driver 1.2.24.0
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.11.0621
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.5.20
NVIDIA Update Components
OGA Notifier 2.0.0048.0
Pando Media Booster
QuickTime
RCA Detective 2.0.0.95
RCA Memory Manager 2.0.0.107
Realtek High Definition Audio Driver
Security Update for Windows Media Encoder (KB954156)
Skype™ 5.5
Soft Data Fax Modem with SmartCP
Stardock MyColors
Steam
System Requirements Lab
Team Fortress 2
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VC80CRTRedist - 8.0.50727.6195
Ventrilo Client
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Upload Tool
Windows Media Encoder 9 Series
Windows Mobile Device Updater Component
WinRAR 4.00 (32-bit)
World of Warcraft
Xvid Codec 1.1.3
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
Zune
Zune Language Pack (DEU)
Zune Language Pack (ESP)
Zune Language Pack (FRA)
Zune Language Pack (ITA)
Zune Language Pack (NLD)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
.
==== Event Viewer Messages From Past Week ========
.
12/9/2011 8:56:46 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 24.210.134.55 for the Network Card with network address 001E9016CFF6 has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
12/8/2011 9:32:07 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.100.2 for the Network Card with network address 001E9016CFF6 has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
12/8/2011 3:32:58 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
12/7/2011 12:57:44 AM, Error: EventLog [6008] - The previous system shutdown at 12:56:18 AM on 12/7/2011 was unexpected.
12/7/2011 12:38:00 PM, Error: EventLog [6008] - The previous system shutdown at 12:33:18 PM on 12/7/2011 was unexpected.
12/5/2011 9:32:18 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: i8042prt
12/5/2011 9:32:13 PM, Error: Service Control Manager [7000] - The Stardock WindowBlinds service failed to start due to the following error: The system cannot find the file specified.
12/5/2011 9:32:13 PM, Error: Service Control Manager [7000] - The Ricoh xD-Picture Card Driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12/5/2011 9:32:13 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12/5/2011 9:32:13 PM, Error: Service Control Manager [7000] - The Ati External Event Utility service failed to start due to the following error: The system cannot find the file specified.
12/5/2011 11:04:06 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.100.2 for the Network Card with network address 1C7EE523E682 has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
12/5/2011 11:02:49 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 24.210.84.189 for the Network Card with network address 1C7EE523E682 has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a DHCPNACK message).
12/4/2011 6:30:43 PM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsSidebarKillbits (Feature Pack) into Absent(Absent) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsRecoveryDisc (Feature Pack) into Absent(Absent) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package VistaSP1CEIP (Feature Pack) into Absent(Absent) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package Microsoft-Windows-VistaServicePack-UninstallRemoval-Package (Feature Pack) into Absent(Absent) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB974306 (Update) into Staged(Staged) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB974306 (Update) into Installed(Installed) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB972036 (Update) into Staged(Staged) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB972036 (Update) into Installed(Installed) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB970710 (Security Update) into Staged(Staged) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB970710 (Security Update) into Installed(Installed) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB967632 (Update) into Staged(Staged) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB967632 (Update) into Installed(Installed) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB957388 (Update) into Staged(Staged) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB957388 (Update) into Installed(Installed) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB936330 (Service Pack) into Absent(Absent) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB905866 (Update) into Staged(Staged) state
12/4/2011 1:21:29 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB905866 (Update) into Installed(Installed) state
12/11/2011 1:47:56 AM, Error: EventLog [6008] - The previous system shutdown at 1:45:32 AM on 12/11/2011 was unexpected.
.
==== End Of File ===========================
 

Cookiegal

Karen
Administrator
Malware Specialist Coordinator
Joined
Aug 27, 2003
Messages
120,210
There is evidence of malware so let's continue.

Please visit Combofix Guide & Instructions for instructions for installing the recovery console and downloading and running ComboFix.

The only thing different from the instructions there is that when downloading and saving the ComboFix.exe I would like you to rename it to puppy.exe please.

Post the log from ComboFix when you've accomplished that along with a new HijackThis log.

Important notes regarding ComboFix:

ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. This can easily be changed once we're finished.

ComboFix also prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you, please let me know. This can be undone manually when we're finished. Read HERE for an article written by dvk01 on why we disable autoruns.
 

Curien

Thread Starter
Joined
Jun 26, 2011
Messages
32
Hmm, every time I try to open that link on google chrome it just keeps telling me to reload the page, won't allow me to visit it
 

Curien

Thread Starter
Joined
Jun 26, 2011
Messages
32
I was able to access a cached copy of it.

On second thought, it's not letting me download it, was able to get cached copies of the pages, but now it won't let me download, though every other web page opens fine
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top