All games unplayable

RalliArt882 · 06-29-2008, 11:39 AM

Hi, I recently made a topic in the pc forum regarding WoW freezing/crashing at the loading screen. I thought that was the only game that gave me trouble since people at the WoW forums had this issue too. But now to rule out issues, I've tried playing other games now. When launching Halo and getting to the menu, it crashes. When launching BF2142 and getting to the menu, it crashes. And when I launched CS: Source and got into a game, it took me back to my desktop and gave me this message:

Of course, when I saw the word "driver", I immediatly uninstalled my vid card driver and then got the latest one. This has not fixed anything. I do not know what to do now. I will also say that this is the first time I've tried playing computer games since about April. But I havent made any changes to my pc. Any thoughts? Is a reformat necessary?

Ethereal_Dragon · 06-29-2008, 12:28 PM

Have you tried re-installing any of the games? Virsus, malware scans done?

RalliArt882 · 06-29-2008, 12:48 PM

Yes, I just got done running AVG and Spybot. Nothing found. I also completely uninstalled and reinstalled WoW. It didn't help anything. Since this problem exists on all of my games, I do not think it is the fault of the games. It is something with my system.

Mak213 · 06-29-2008, 12:57 PM

Hello,

Have you gone thru Osiris's Guide? Just running 2 scans does not make you clean. Also have you checked for updated DX9 isntalls? Have you downlaoded and installed DX9 Runtimes for June 2008?

Also why is this in the hardware troubleshooting area? IF this is OS related it should be in the Windows area.

Cheers,
Mak

RalliArt882 · 06-29-2008, 01:06 PM

Sorry I thought this may have been a vid-card related issue. I will check Osiris's Guide and I'll look into those DX9 updates.

Mak213 · 06-29-2008, 01:12 PM

Hello,

I will move it no problem.

Just wonder that is all.

Download details: DirectX End-User Runtime
There is the download for the DX9 Runtimes. If those do not work i will try to find you another download to try.

The error you recieved is related to DX9 cause that is part of it. That is a Direct3D error which is a part of DX. That is why i said that. Just for future reference.

Post your log up in the analyze area for checking if you wish.

Cheers,
Mak

RalliArt882 · 06-30-2008, 12:56 AM

Alright I followed Osiris's guide. I'm assuming this is the one you are mentioning:

http://www.tech-forums.net/pc/f51/sp...osiris-165828/

But yeah those programs got rid of alot of crap that certainly woudln't help my situation. It cut my commit charge upon normal boot from 380 to 280. I also downloaded those DX9 runtimes. Here is my Hijackthis Log after this entire process because they guide said you should look at it:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:55:49, on 6/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 0.0.23.252:80
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SetPoint] C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1200064441421
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.11) - http://gameadvisor.futuremark.com/global/msc311.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/...ploader4_5.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 6119 bytes

RalliArt882 · 06-30-2008, 02:32 AM

Nice everything works now! Runs good as new. Thanks a ton!

Mak213 · 06-30-2008, 07:52 AM

Hello RalliArt,

There are a couple of entries that make me wonder. So if you could please do as follows just to make sure you are clean and not still infected.

Download ComboFix from Here or Here to your Desktop.
Read first: "How to download and use ComboFix"
If you downloaded ComboFix previously, delete that version and download it again as the tool is frequently updated!

Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

Double click combofix.exe and follow the prompts.
When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
Be sure to re-enable your anti-virus and other security programs, after ComboFix finished.

Note: Do not mouseclick combofix's window while its running. That may cause it to stall.

Extra-Note: Please, DO NOT use ComboFix on your own. It is a very powerful tool designed to deal with sophisticated infections and if something goes wrong or you use it incorrectly, you could possibly lose the use of your computer. It is ONLY meant to be used under the direct supervision of a malware removal specialist. Please read Combofix's Disclaimer

Cheers,
Mak

RalliArt882 · 06-30-2008, 01:15 PM

Ok here you are. Thanks alot for all your help. It means alot.

THE COMBOFIX LOG:

ComboFix 08-06-20.4 - Daniel McClelland 2008-06-30 14:09:53.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1592 [GMT -4:00]
Running from: C:\Documents and Settings\Daniel McClelland\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-05-28 to 2008-06-30 )))))))))))))))))))))))))))))))
.

2008-06-30 14:03 . 2008-06-30 14:03 <DIR> d--h----- C:\$AVG8.VAULT$
2008-06-30 01:43 . 2008-06-30 01:43 <DIR> d-------- C:\WINDOWS\Logs
2008-06-30 01:24 . 2008-06-30 01:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-30 00:24 . 2008-06-30 00:24 <DIR> d-------- C:\VundoFix Backups
2008-06-29 14:46 . 2008-06-30 12:37 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-06-29 14:46 . 2008-06-29 14:46 <DIR> d-------- C:\Program Files\AVG
2008-06-29 14:46 . 2008-06-29 14:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-06-29 14:46 . 2008-06-29 14:46 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-06-29 14:46 . 2008-06-29 14:46 76,040 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-06-29 14:46 . 2008-06-29 14:46 12,936 --a------ C:\WINDOWS\system32\drivers\avgrkx86.sys
2008-06-29 14:46 . 2008-06-29 14:46 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-06-29 14:43 . 2008-06-29 14:44 <DIR> d-------- C:\Program Files\Trojan Remover
2008-06-29 14:43 . 2008-06-29 14:43 <DIR> d-------- C:\Program Files\MSConfig CleanUp
2008-06-29 14:43 . 2008-06-29 14:43 <DIR> d-------- C:\Documents and Settings\Daniel McClelland\Application Data\Simply Super Software
2008-06-29 14:43 . 2008-06-29 14:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2008-06-29 14:43 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2008-06-29 14:43 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-06-29 14:43 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2008-06-29 14:43 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-06-29 14:43 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
2008-06-29 14:42 . 2008-06-29 14:42 <DIR> d-------- C:\Program Files\CleanUp!
2008-06-29 14:41 . 2008-06-29 14:41 <DIR> d-------- C:\Program Files\CCleaner
2008-06-29 14:17 . 2008-06-30 00:23 1,804 --a------ C:\WINDOWS\system32\tmp.reg
2008-06-29 12:18 . 2008-06-02 21:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
2008-06-29 12:13 . 2008-06-29 12:13 10 --a------ C:\WINDOWS\WININIT.INI
2008-06-29 01:09 . 2008-06-29 13:59 <DIR> d-------- C:\Program Files\World of Warcraft
2008-06-29 01:09 . 2008-06-29 01:28 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment
2008-06-25 11:29 . 2008-06-25 11:29 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-06-11 11:15 . 2008-06-13 09:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys
2008-06-11 11:15 . 2008-06-13 09:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-02 23:46 . 2008-06-02 23:46 10,276,864 --a------ C:\WINDOWS\system32\atioglx2.dll
2008-06-02 23:22 . 2008-06-02 23:22 413,696 --a------ C:\WINDOWS\system32\ATIDEMGX.dll
2008-06-02 23:11 . 2008-06-02 23:11 180,224 --a------ C:\WINDOWS\system32\atipdlxx.dll
2008-06-02 23:11 . 2008-06-02 23:11 139,264 --a------ C:\WINDOWS\system32\Oemdspif.dll
2008-06-02 23:11 . 2008-06-02 23:11 43,520 --a------ C:\WINDOWS\system32\ati2edxx.dll
2008-06-02 23:11 . 2008-06-02 23:11 26,112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
2008-06-02 23:09 . 2008-06-02 23:09 552,960 --a------ C:\WINDOWS\system32\ati2evxx.exe
2008-06-02 23:08 . 2008-06-02 23:08 53,248 --a------ C:\WINDOWS\system32\ATIDDC.DLL
2008-06-02 23:04 . 2008-06-02 23:04 245,760 --a------ C:\WINDOWS\system32\atiok3x2.dll
2008-06-02 23:02 . 2008-06-02 23:02 307,200 --a------ C:\WINDOWS\system32\atiiiexx.dll
2008-06-02 22:47 . 2008-06-02 22:47 3,107,788 --a------ C:\WINDOWS\system32\ativvaxx.dat
2008-06-02 22:47 . 2008-06-02 22:47 3,107,788 --a------ C:\WINDOWS\system32\ativva5x.dat
2008-06-02 22:47 . 2008-06-02 22:47 887,724 --a------ C:\WINDOWS\system32\ativva6x.dat
2008-06-02 22:33 . 2008-06-02 22:33 48,128 --a------ C:\WINDOWS\system32\amdpcom32.dll
2008-06-02 22:29 . 2008-06-02 22:29 348,160 --a------ C:\WINDOWS\system32\atikvmag.dll
2008-06-02 22:28 . 2008-06-02 22:28 23,040 --a------ C:\WINDOWS\system32\atiadlxx.dll
2008-06-02 22:28 . 2008-06-02 22:28 17,408 --a------ C:\WINDOWS\system32\atitvo32.dll
2008-06-02 22:27 . 2008-06-02 22:27 49,152 --a------ C:\WINDOWS\system32\drivers\ati2erec.dll
2008-06-02 22:22 . 2008-06-02 22:22 5,439,488 --a------ C:\WINDOWS\system32\atioglxx.dll
2008-06-02 19:53 . 2008-06-02 19:53 <DIR> d-------- C:\Program Files\iPod
2008-06-02 19:53 . 2008-06-29 14:50 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-06-02 19:53 . 2008-06-02 19:53 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-22 14:46 . 2008-05-22 14:46 13,848 --a------ C:\WINDOWS\atiogl.xml
2008-05-15 16:40 . 2008-03-21 13:57 14,640 --------- C:\WINDOWS\system32\spmsgXP_2k3.dll
2008-05-15 16:40 . 2008-05-15 16:40 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01007_C oinstaller_Critical.Wdf
2008-05-15 16:40 . 2008-05-15 16:40 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_zumbus_010 07.Wdf

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-06-29 19:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-29 19:17 --------- d-----w C:\Program Files\IrfanView
2008-06-29 19:17 --------- d-----w C:\Program Files\Google
2008-06-29 18:55 --------- d-----w C:\Program Files\WhiteCanyon
2008-06-03 06:20 3,100,160 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-06-03 03:21 306,688 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2008-06-03 03:11 139,264 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2008-06-03 02:59 3,500,352 ----a-w C:\WINDOWS\system32\ati3duag.dll
2008-06-03 02:48 2,120,832 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2008-06-03 02:21 557,056 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2008-06-02 23:58 --------- d-----w C:\Program Files\iTunes
2008-05-30 18:19 507,400 ----a-w C:\WINDOWS\system32\XAudio2_1.dll
2008-05-30 18:18 238,088 ----a-w C:\WINDOWS\system32\xactengine3_1.dll
2008-05-30 18:17 65,032 ----a-w C:\WINDOWS\system32\XAPOFX1_0.dll
2008-05-30 18:17 25,608 ----a-w C:\WINDOWS\system32\X3DAudio1_4.dll
2008-05-30 18:11 467,984 ----a-w C:\WINDOWS\system32\d3dx10_38.dll
2008-05-30 18:11 3,850,760 ----a-w C:\WINDOWS\system32\D3DX9_38.dll
2008-05-30 18:11 1,491,992 ----a-w C:\WINDOWS\system32\D3DCompiler_38.dll
2008-05-14 00:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 04:55 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-04 17:16 --------- d-----w C:\Program Files\Electronic Arts
2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-17 23:11 1,112,288 ----a-w C:\WINDOWS\system32\WdfCoInstaller01007.dll
2008-04-11 01:05 485,240 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-21 17:57 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe
2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-05 20:03 479,752 ----a-w C:\WINDOWS\system32\XAudio2_0.dll
2008-03-05 20:03 238,088 ----a-w C:\WINDOWS\system32\xactengine3_0.dll
2008-03-05 20:00 25,608 ----a-w C:\WINDOWS\system32\X3DAudio1_3.dll
2008-03-05 19:56 3,786,760 ----a-w C:\WINDOWS\system32\D3DX9_37.dll
2008-03-05 19:56 1,420,824 ----a-w C:\WINDOWS\system32\D3DCompiler_37.dll
2007-03-14 23:41 92,064 ----a-w C:\Documents and Settings\Daniel McClelland\mqdmmdm.sys
2007-03-14 23:41 9,232 ----a-w C:\Documents and Settings\Daniel McClelland\mqdmmdfl.sys
2007-03-14 23:41 79,328 ----a-w C:\Documents and Settings\Daniel McClelland\mqdmserd.sys
2007-03-14 23:41 66,656 ----a-w C:\Documents and Settings\Daniel McClelland\mqdmbus.sys
2007-03-14 23:41 6,208 ----a-w C:\Documents and Settings\Daniel McClelland\mqdmcmnt.sys
2007-03-14 23:41 5,936 ----a-w C:\Documents and Settings\Daniel McClelland\mqdmwhnt.sys
2007-03-14 23:41 4,048 ----a-w C:\Documents and Settings\Daniel McClelland\mqdmcr.sys
2007-03-14 23:41 25,600 ----a-w C:\Documents and Settings\Daniel McClelland\usbsermptxp.sys
2007-03-14 23:41 22,768 ----a-w C:\Documents and Settings\Daniel McClelland\usbsermpt.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-15 08:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 19:07 49152]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-06-29 14:46 1231128]
"RivaTunerStartupDaemon"="C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe" [2006-12-24 15:15 2576384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Microsoft Games\\Halo Custom Edition\\haloce.exe"=
"C:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"=
"C:\\Program Files\\Xfire\\xfire.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\count er-strike\\hl.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\day of defeat\\hl.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\death match classic\\hl.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\ricoc het\\hl.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\half-life deathmatch source\\hl2.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\count er-strike source\\hl2.exe"=
"C:\\Program Files\\FlashFXP\\FlashFXP.exe"=
"C:\\Program Files\\GIGABYTE\\@BIOS\\GWF32.EXE"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\HP\\Photosmart Essential\\HP_IZE.exe"=
"C:\\Program Files\\AIM6\\aim6.exe"=
"C:\\Program Files\\Microsoft Games\\Halo\\halo.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\half-life 2 deathmatch\\hl2.exe"=
"C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\garry smod\\hl2.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\World of Warcraft\\Repair.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\ avgrkx86.sys [2008-06-29 14:46]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-06-29 14:46]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-06-29 14:46]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-06-29 14:46]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-06-29 14:46]
R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepK E.sys [2006-09-01 13:32]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38]
R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-12-19 09:36]
S2 zumbus;Zune Bus Enumerator Driver;C:\WINDOWS\system32\DRIVERS\zumbus.sys []

*Newly Created Service* - CATCHME
.
************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-30 14:11:58
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
Completion time: 2008-06-30 14:12:39
ComboFix-quarantined-files.txt 2008-06-30 18:12:37

Pre-Run: 184,059,613,184 bytes free
Post-Run: 184,053,075,968 bytes free

183 --- E O F --- 2008-06-20 17:47:25

THE HIJACKTHIS LOG:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:13:49, on 6/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 0.0.23.252:80
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe" /S
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1200064441421
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.11) - http://gameadvisor.futuremark.com/global/msc311.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/...ploader4_5.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 6261 bytes

06-29-2008, 11:39 AM	#1 (permalink)
RalliArt882 Ultra Techie Join Date: Aug 2006 Posts: 558	All games unplayable Hi, I recently made a topic in the pc forum regarding WoW freezing/crashing at the loading screen. I thought that was the only game that gave me trouble since people at the WoW forums had this issue too. But now to rule out issues, I've tried playing other games now. When launching Halo and getting to the menu, it crashes. When launching BF2142 and getting to the menu, it crashes. And when I launched CS: Source and got into a game, it took me back to my desktop and gave me this message: Of course, when I saw the word "driver", I immediatly uninstalled my vid card driver and then got the latest one. This has not fixed anything. I do not know what to do now. I will also say that this is the first time I've tried playing computer games since about April. But I havent made any changes to my pc. Any thoughts? Is a reformat necessary? __________________ Alpine ida-x100 Rockford Fosgate T500.1BD 792W RMS 2x Rockford Fosgate Punch Stage 2 12" Memphis Enclosure; running 1ohm

06-29-2008, 12:28 PM	#2 (permalink)
Ethereal_Dragon EagleMod Join Date: Feb 2006 Location: Bolingbrook, IL - USA Posts: 3,390	Re: All games unplayable Have you tried re-installing any of the games? Virsus, malware scans done? __________________ Please excuse spelling/grammar issues in my posts, 95% of my posting is now done from my iPhone. Still getting used to it. -Thanks. Gaming Rig: - GIGABYTE GA-X38-DQ6, Intel E6750 @ 3.0 Ghz, TRUE (MX-2 & 2 Scythe SFF21D), Crucial Ballistix 4GB DDR 800, HIS Radeon X1950XT, CORSAIR CMPSU-520HX, 2x Seagate 7200.11 ST3500320AS 500 GB, ASUS DRW-2014L1T, Antec 900 The NAS Box: D-Link DNS-323 & 2x Seagate 7200.10 ST3500630AS 500GB - RAID 1 Current Project: Operation Home Run Status: COMPLETED!!! \| My Antec 900 Build Log \| Project Pink \| Operation Home Run \| \| General Forum Rules \| Networking FAQs & Tutorials \| Hardware Tutorials \| \| My Random Phone Cam Pics \| Useful Linux Websites \| T-F F@H Milestones Clubs \| \| Graphics Card Rankings \| T-F 3DMark06 Rankings \| T-F Case Gallery \|

06-29-2008, 12:48 PM	#3 (permalink)
RalliArt882 Ultra Techie Join Date: Aug 2006 Posts: 558	Re: All games unplayable Yes, I just got done running AVG and Spybot. Nothing found. I also completely uninstalled and reinstalled WoW. It didn't help anything. Since this problem exists on all of my games, I do not think it is the fault of the games. It is something with my system. __________________ Alpine ida-x100 Rockford Fosgate T500.1BD 792W RMS 2x Rockford Fosgate Punch Stage 2 12" Memphis Enclosure; running 1ohm

06-29-2008, 12:57 PM	#4 (permalink)
Mak213 Commander Super Mod Joker Join Date: Sep 2004 Location: In Trotter's crawl space Posts: 15,622	Re: All games unplayable Hello, Have you gone thru Osiris's Guide? Just running 2 scans does not make you clean. Also have you checked for updated DX9 isntalls? Have you downlaoded and installed DX9 Runtimes for June 2008? Also why is this in the hardware troubleshooting area? IF this is OS related it should be in the Windows area. Cheers, Mak __________________

06-29-2008, 01:06 PM	#5 (permalink)
RalliArt882 Ultra Techie Join Date: Aug 2006 Posts: 558	Re: All games unplayable Sorry I thought this may have been a vid-card related issue. I will check Osiris's Guide and I'll look into those DX9 updates. __________________ Alpine ida-x100 Rockford Fosgate T500.1BD 792W RMS 2x Rockford Fosgate Punch Stage 2 12" Memphis Enclosure; running 1ohm

06-29-2008, 01:12 PM	#6 (permalink)
Mak213 Commander Super Mod Joker Join Date: Sep 2004 Location: In Trotter's crawl space Posts: 15,622	Re: All games unplayable Hello, I will move it no problem. Just wonder that is all. Download details: DirectX End-User Runtime There is the download for the DX9 Runtimes. If those do not work i will try to find you another download to try. The error you recieved is related to DX9 cause that is part of it. That is a Direct3D error which is a part of DX. That is why i said that. Just for future reference. Post your log up in the analyze area for checking if you wish. Cheers, Mak __________________

06-30-2008, 12:56 AM	#7 (permalink)
RalliArt882 Ultra Techie Join Date: Aug 2006 Posts: 558	Re: All games unplayable Alright I followed Osiris's guide. I'm assuming this is the one you are mentioning: http://www.tech-forums.net/pc/f51/sp...osiris-165828/ But yeah those programs got rid of alot of crap that certainly woudln't help my situation. It cut my commit charge upon normal boot from 380 to 280. I also downloaded those DX9 runtimes. Here is my Hijackthis Log after this entire process because they guide said you should look at it: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:55:49, on 6/30/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\WINDOWS\system32\IoctlSvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 0.0.23.252:80 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [SetPoint] C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1200064441421 O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.11) - http://gameadvisor.futuremark.com/global/msc311.cab O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/...ploader4_5.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 6119 bytes __________________ Alpine ida-x100 Rockford Fosgate T500.1BD 792W RMS 2x Rockford Fosgate Punch Stage 2 12" Memphis Enclosure; running 1ohm

06-30-2008, 02:32 AM	#8 (permalink)
RalliArt882 Ultra Techie Join Date: Aug 2006 Posts: 558	Re: All games unplayable Nice everything works now! Runs good as new. Thanks a ton! __________________ Alpine ida-x100 Rockford Fosgate T500.1BD 792W RMS 2x Rockford Fosgate Punch Stage 2 12" Memphis Enclosure; running 1ohm

06-30-2008, 07:52 AM	#9 (permalink)
Mak213 Commander Super Mod Joker Join Date: Sep 2004 Location: In Trotter's crawl space Posts: 15,622	Re: All games unplayable Hello RalliArt, There are a couple of entries that make me wonder. So if you could please do as follows just to make sure you are clean and not still infected. Download ComboFix from Here or Here to your Desktop. Read first: "How to download and use ComboFix" If you downloaded ComboFix previously, delete that version and download it again as the tool is frequently updated! Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Click on this link* to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.* Double click combofix.exe and follow the prompts. When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply Be sure to re-enable your anti-virus and other security programs, after ComboFix finished. Note: Do not mouseclick combofix's window while its running. That may cause it to stall. Extra-Note: Please, DO NOT use ComboFix on your own. It is a very powerful tool designed to deal with sophisticated infections and if something goes wrong or you use it incorrectly, you could possibly lose the use of your computer. It is ONLY meant to be used under the direct supervision of a malware removal specialist. Please read Combofix's Disclaimer Cheers, Mak __________________

06-30-2008, 01:15 PM	#10 (permalink)
RalliArt882 Ultra Techie Join Date: Aug 2006 Posts: 558	Re: All games unplayable Ok here you are. Thanks alot for all your help. It means alot. THE COMBOFIX LOG: ComboFix 08-06-20.4 - Daniel McClelland 2008-06-30 14:09:53.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1592 [GMT -4:00] Running from: C:\Documents and Settings\Daniel McClelland\Desktop\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2008-05-28 to 2008-06-30 ))))))))))))))))))))))))))))))) . 2008-06-30 14:03 . 2008-06-30 14:03 <DIR> d--h----- C:\$AVG8.VAULT$ 2008-06-30 01:43 . 2008-06-30 01:43 <DIR> d-------- C:\WINDOWS\Logs 2008-06-30 01:24 . 2008-06-30 01:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TEMP 2008-06-30 00:24 . 2008-06-30 00:24 <DIR> d-------- C:\VundoFix Backups 2008-06-29 14:46 . 2008-06-30 12:37 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg 2008-06-29 14:46 . 2008-06-29 14:46 <DIR> d-------- C:\Program Files\AVG 2008-06-29 14:46 . 2008-06-29 14:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8 2008-06-29 14:46 . 2008-06-29 14:46 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys 2008-06-29 14:46 . 2008-06-29 14:46 76,040 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys 2008-06-29 14:46 . 2008-06-29 14:46 12,936 --a------ C:\WINDOWS\system32\drivers\avgrkx86.sys 2008-06-29 14:46 . 2008-06-29 14:46 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll 2008-06-29 14:43 . 2008-06-29 14:44 <DIR> d-------- C:\Program Files\Trojan Remover 2008-06-29 14:43 . 2008-06-29 14:43 <DIR> d-------- C:\Program Files\MSConfig CleanUp 2008-06-29 14:43 . 2008-06-29 14:43 <DIR> d-------- C:\Documents and Settings\Daniel McClelland\Application Data\Simply Super Software 2008-06-29 14:43 . 2008-06-29 14:43 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software 2008-06-29 14:43 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll 2008-06-29 14:43 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll 2008-06-29 14:43 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll 2008-06-29 14:43 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll 2008-06-29 14:43 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll 2008-06-29 14:42 . 2008-06-29 14:42 <DIR> d-------- C:\Program Files\CleanUp! 2008-06-29 14:41 . 2008-06-29 14:41 <DIR> d-------- C:\Program Files\CCleaner 2008-06-29 14:17 . 2008-06-30 00:23 1,804 --a------ C:\WINDOWS\system32\tmp.reg 2008-06-29 12:18 . 2008-06-02 21:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe 2008-06-29 12:13 . 2008-06-29 12:13 10 --a------ C:\WINDOWS\WININIT.INI 2008-06-29 01:09 . 2008-06-29 13:59 <DIR> d-------- C:\Program Files\World of Warcraft 2008-06-29 01:09 . 2008-06-29 01:28 <DIR> d-------- C:\Program Files\Common Files\Blizzard Entertainment 2008-06-25 11:29 . 2008-06-25 11:29 0 --a------ C:\WINDOWS\ativpsrm.bin 2008-06-11 11:15 . 2008-06-13 09:10 272,128 --------- C:\WINDOWS\system32\drivers\bthport.sys 2008-06-11 11:15 . 2008-06-13 09:10 272,128 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys 2008-06-02 23:46 . 2008-06-02 23:46 10,276,864 --a------ C:\WINDOWS\system32\atioglx2.dll 2008-06-02 23:22 . 2008-06-02 23:22 413,696 --a------ C:\WINDOWS\system32\ATIDEMGX.dll 2008-06-02 23:11 . 2008-06-02 23:11 180,224 --a------ C:\WINDOWS\system32\atipdlxx.dll 2008-06-02 23:11 . 2008-06-02 23:11 139,264 --a------ C:\WINDOWS\system32\Oemdspif.dll 2008-06-02 23:11 . 2008-06-02 23:11 43,520 --a------ C:\WINDOWS\system32\ati2edxx.dll 2008-06-02 23:11 . 2008-06-02 23:11 26,112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe 2008-06-02 23:09 . 2008-06-02 23:09 552,960 --a------ C:\WINDOWS\system32\ati2evxx.exe 2008-06-02 23:08 . 2008-06-02 23:08 53,248 --a------ C:\WINDOWS\system32\ATIDDC.DLL 2008-06-02 23:04 . 2008-06-02 23:04 245,760 --a------ C:\WINDOWS\system32\atiok3x2.dll 2008-06-02 23:02 . 2008-06-02 23:02 307,200 --a------ C:\WINDOWS\system32\atiiiexx.dll 2008-06-02 22:47 . 2008-06-02 22:47 3,107,788 --a------ C:\WINDOWS\system32\ativvaxx.dat 2008-06-02 22:47 . 2008-06-02 22:47 3,107,788 --a------ C:\WINDOWS\system32\ativva5x.dat 2008-06-02 22:47 . 2008-06-02 22:47 887,724 --a------ C:\WINDOWS\system32\ativva6x.dat 2008-06-02 22:33 . 2008-06-02 22:33 48,128 --a------ C:\WINDOWS\system32\amdpcom32.dll 2008-06-02 22:29 . 2008-06-02 22:29 348,160 --a------ C:\WINDOWS\system32\atikvmag.dll 2008-06-02 22:28 . 2008-06-02 22:28 23,040 --a------ C:\WINDOWS\system32\atiadlxx.dll 2008-06-02 22:28 . 2008-06-02 22:28 17,408 --a------ C:\WINDOWS\system32\atitvo32.dll 2008-06-02 22:27 . 2008-06-02 22:27 49,152 --a------ C:\WINDOWS\system32\drivers\ati2erec.dll 2008-06-02 22:22 . 2008-06-02 22:22 5,439,488 --a------ C:\WINDOWS\system32\atioglxx.dll 2008-06-02 19:53 . 2008-06-02 19:53 <DIR> d-------- C:\Program Files\iPod 2008-06-02 19:53 . 2008-06-29 14:50 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2008-06-02 19:53 . 2008-06-02 19:53 1,409 --a------ C:\WINDOWS\QTFont.for 2008-05-22 14:46 . 2008-05-22 14:46 13,848 --a------ C:\WINDOWS\atiogl.xml 2008-05-15 16:40 . 2008-03-21 13:57 14,640 --------- C:\WINDOWS\system32\spmsgXP_2k3.dll 2008-05-15 16:40 . 2008-05-15 16:40 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01007_C oinstaller_Critical.Wdf 2008-05-15 16:40 . 2008-05-15 16:40 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_zumbus_010 07.Wdf . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) )) . 2008-06-29 19:18 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-06-29 19:17 --------- d-----w C:\Program Files\IrfanView 2008-06-29 19:17 --------- d-----w C:\Program Files\Google 2008-06-29 18:55 --------- d-----w C:\Program Files\WhiteCanyon 2008-06-03 06:20 3,100,160 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys 2008-06-03 03:21 306,688 ----a-w C:\WINDOWS\system32\ati2dvag.dll 2008-06-03 03:11 139,264 ----a-w C:\WINDOWS\system32\ati2evxx.dll 2008-06-03 02:59 3,500,352 ----a-w C:\WINDOWS\system32\ati3duag.dll 2008-06-03 02:48 2,120,832 ----a-w C:\WINDOWS\system32\ativvaxx.dll 2008-06-03 02:21 557,056 ----a-w C:\WINDOWS\system32\ati2cqag.dll 2008-06-02 23:58 --------- d-----w C:\Program Files\iTunes 2008-05-30 18:19 507,400 ----a-w C:\WINDOWS\system32\XAudio2_1.dll 2008-05-30 18:18 238,088 ----a-w C:\WINDOWS\system32\xactengine3_1.dll 2008-05-30 18:17 65,032 ----a-w C:\WINDOWS\system32\XAPOFX1_0.dll 2008-05-30 18:17 25,608 ----a-w C:\WINDOWS\system32\X3DAudio1_4.dll 2008-05-30 18:11 467,984 ----a-w C:\WINDOWS\system32\d3dx10_38.dll 2008-05-30 18:11 3,850,760 ----a-w C:\WINDOWS\system32\D3DX9_38.dll 2008-05-30 18:11 1,491,992 ----a-w C:\WINDOWS\system32\D3DCompiler_38.dll 2008-05-14 00:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-05-07 04:55 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll 2008-05-04 17:16 --------- d-----w C:\Program Files\Electronic Arts 2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll 2008-04-17 23:11 1,112,288 ----a-w C:\WINDOWS\system32\WdfCoInstaller01007.dll 2008-04-11 01:05 485,240 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe 2008-03-27 08:12 151,583 ----a-w C:\WINDOWS\system32\msjint40.dll 2008-03-21 17:57 23,856 ----a-w C:\WINDOWS\system32\spupdsvc.exe 2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys 2008-03-05 20:03 479,752 ----a-w C:\WINDOWS\system32\XAudio2_0.dll 2008-03-05 20:03 238,088 ----a-w C:\WINDOWS\system32\xactengine3_0.dll 2008-03-05 20:00 25,608 ----a-w C:\WINDOWS\system32\X3DAudio1_3.dll 2008-03-05 19:56 3,786,760 ----a-w C:\WINDOWS\system32\D3DX9_37.dll 2008-03-05 19:56 1,420,824 ----a-w C:\WINDOWS\system32\D3DCompiler_37.dll 2007-03-14 23:41 92,064 ----a-w C:\Documents and Settings\Daniel McClelland\mqdmmdm.sys 2007-03-14 23:41 9,232 ----a-w C:\Documents and Settings\Daniel McClelland\mqdmmdfl.sys 2007-03-14 23:41 79,328 ----a-w C:\Documents and Settings\Daniel McClelland\mqdmserd.sys 2007-03-14 23:41 66,656 ----a-w C:\Documents and Settings\Daniel McClelland\mqdmbus.sys 2007-03-14 23:41 6,208 ----a-w C:\Documents and Settings\Daniel McClelland\mqdmcmnt.sys 2007-03-14 23:41 5,936 ----a-w C:\Documents and Settings\Daniel McClelland\mqdmwhnt.sys 2007-03-14 23:41 4,048 ----a-w C:\Documents and Settings\Daniel McClelland\mqdmcr.sys 2007-03-14 23:41 25,600 ----a-w C:\Documents and Settings\Daniel McClelland\usbsermptxp.sys 2007-03-14 23:41 22,768 ----a-w C:\Documents and Settings\Daniel McClelland\usbsermpt.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-15 08:00 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run] "AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [2005-11-04 19:07 49152] "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-06-29 14:46 1231128] "RivaTunerStartupDaemon"="C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe" [2006-12-24 15:15 2576384] [HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system] "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=avgrsstx.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\WINDOWS\\system32\\dpvsetup.exe"= "C:\\Program Files\\Microsoft Games\\Halo Custom Edition\\haloce.exe"= "C:\\Program Files\\Electronic Arts\\Battlefield 2142\\BF2142.exe"= "C:\\Program Files\\Xfire\\xfire.exe"= "C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\count er-strike\\hl.exe"= "C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\day of defeat\\hl.exe"= "C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\death match classic\\hl.exe"= "C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\ricoc het\\hl.exe"= "C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\half-life deathmatch source\\hl2.exe"= "C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\count er-strike source\\hl2.exe"= "C:\\Program Files\\FlashFXP\\FlashFXP.exe"= "C:\\Program Files\\GIGABYTE\\@BIOS\\GWF32.EXE"= "C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "C:\\Program Files\\HP\\Photosmart Essential\\HP_IZE.exe"= "C:\\Program Files\\AIM6\\aim6.exe"= "C:\\Program Files\\Microsoft Games\\Halo\\halo.exe"= "C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\half-life 2 deathmatch\\hl2.exe"= "C:\\Program Files\\Valve\\Steam\\SteamApps\\ralliart882\\garry smod\\hl2.exe"= "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"= "C:\\Program Files\\MSN Messenger\\livecall.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\iTunes\\iTunes.exe"= "C:\\Program Files\\World of Warcraft\\Repair.exe"= "C:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\ avgrkx86.sys [2008-06-29 14:46] R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-06-29 14:46] R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-06-29 14:46] R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-06-29 14:46] R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-06-29 14:46] R2 LBeepKE;LBeepKE;C:\WINDOWS\system32\Drivers\LBeepK E.sys [2006-09-01 13:32] R2 Viewpoint Manager Service;Viewpoint Manager Service;"C:\Program Files\Viewpoint\Common\ViewpointService.exe" [2007-01-04 17:38] R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2006-12-19 09:36] S2 zumbus;Zune Bus Enumerator Driver;C:\WINDOWS\system32\DRIVERS\zumbus.sys [] Newly Created Service - CATCHME . ************************************************ ******************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-30 14:11:58 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************** ********************** . Completion time: 2008-06-30 14:12:39 ComboFix-quarantined-files.txt 2008-06-30 18:12:37 Pre-Run: 184,059,613,184 bytes free Post-Run: 184,053,075,968 bytes free 183 --- E O F --- 2008-06-20 17:47:25 THE HIJACKTHIS LOG: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:13:49, on 6/30/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\PROGRA~1\AVG\AVG8\avgam.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\WINDOWS\system32\IoctlSvc.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Viewpoint\Common\ViewpointService.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\SYSTEM32\CTXFISPI.EXE C:\WINDOWS\system32\notepad.exe C:\WINDOWS\explorer.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 0.0.23.252:80 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 Final Release\RivaTuner.exe" /S O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/...oUploader5.cab O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - http://download.gigabyte.com.tw/object/Dldrv.ocx O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1200064441421 O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.11) - http://gameadvisor.futuremark.com/global/msc311.cab O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/...ploader4_5.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe -- End of file - 6261 bytes __________________ Alpine ida-x100 Rockford Fosgate T500.1BD 792W RMS 2x Rockford Fosgate Punch Stage 2 12" Memphis Enclosure; running 1ohm Last edited by RalliArt882; 06-30-2008 at 01:21 PM.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Five Free Games for Geeks	Osiris	PC Gaming	2	07-31-2007 11:10 AM
""10 Reasons Why PS3 Will Win This Console Generation" - Insomniac Games Chief Creati	TheEnd187	PlayStation 1/2/3/PSP	97	07-12-2007 06:52 AM