Hey, well im running windows vista, and everything was working fine until two days ago, when i installed some dvd - divx software, when prompted i restarted the pc and suddenly the internet doesnt work:S it keeps saying identifying... local only, so i typed ipconfig/all in cmd prompt and it doesnt show a default gateway or a dns suffix or something, eventhough i know its connected to the router because when i restart the router it shows on the computer "network cable unplugged"

Please help ASAP i really need this pc to be back in working order like yesturday! lol thats how important it is i get this done now.

But obviously i am willing to wait if someone is willing to help:d thanks in advance

EDIT : Heres the info from the cmd prompt whe i typed ipconfig/all and also after that i tries netsh int ip reset reset.log and netsh winsock reset catalog


Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\Users\Philip>ipconfig/all

Windows IP Configuration

Host Name . . . . . . . . . . . . : Philip-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : SiS191 Ethernet Controller
Physical Address. . . . . . . . . : 00-1C-25-3C-47-F4
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.2.24(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 194.168.4.100
194.168.8.100
NetBIOS over Tcpip. . . . . . . . : Enabled

C:\Users\Philip>

Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation. All rights reserved.

C:\Users\Philip>netsh int ip reset reset.log
Reseting Echo Request, failed.
The requested operation requires elevation.
Reseting Global, failed.
The requested operation requires elevation.
Reseting Interface, failed.
The requested operation requires elevation.
Reseting Unicast Address, failed.
The requested operation requires elevation.
Reseting Route, failed.
The requested operation requires elevation.
There's no user specified settings to be reset.


C:\Users\Philip>netsh winsock reset catalog
The requested operation requires elevation.


C:\Users\Philip>

Hi welshboy07. I may have to transfer your topic to the Networking Forum for more help but first a couple of questions.

1. Have you uninstalled the program you installed and rebooted?

2. Have you tried running System Restore and choosing a date before you installed the program?

check and check, i uninstalled it and rebooted, still no luck, i then tried system restore and i had an "unspecefied error" and the only date i have to restore to s the date that i installed the app

Ok, just to make sure that we are not dealing with a malware issue, download Deckard's System Scanner (dss.exe) from here (http://deckard.geekstogo.com/dss.exe) to your Desktop. Close all open applications and windows, doubleclick on dss.exe to run it and follow the prompts.

When the scan is complete, a text file will open. Copy and paste the contents of this log (Main.txt) in your next reply. Also post the contents of Extra.txt (it will be minimised on your taskbar).

If all is well in your logs, I'll transfer your topic to the Networking Forum.

This is the info you asked for...

Sorry for the downloads... but i dont know where else to host the files and i cant post here otherwise id eed about 4 posts...

Main.txt
http://www.mediafire.com/?c3m8yzjarnc

Extra.txt
http://www.mediafire.com/?4xmd9lrgtgm

There are some entries that are highly suspicious. We need to get rid of those before we do anything else. Please post all requested logs in this topic. It is really difficult trying to compare logs when I have to download them all the time. I know that sometimes you will have to make more than one post but it does help me to help you.

Close Internet Explorer and any open windows and run Hijack This again. Check the below entries and click on Fix Checked.

O1 - Hosts: 60.12.193.37 auto.search.msn.com
O1 - Hosts: 60.12.193.37 auto.search.msn.es
O1 - Hosts: 60.12.193.37 ie.search.msn.com

Next, download the latest version of Combofix.exe from here (http://download.bleepingcomputer.com/sUBs/ComboFix.exe) and save it to your C folder (C:\ComboFix.exe) <- this is important.

Doubleclick on combofix.exe and follow the prompts. A window will open with a warning. Type "1" (and Enter) to start the fix. When the scan completes, Disk Cleanup will run and then a text window with your log will open. Please copy and paste that log back here.

A caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.

Copy this log in your next reply together with a new HijackThis log.

Here are the Main.txt and Extra.txt files from the FIRST scan that i uploaded.

Main.txt
Deckard's System Scanner v20071014.68
Run by Philip on 2008-02-09 13:17:13
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
6: 2008-02-09 00:00:01 UTC - RP107 - Scheduled Checkpoint
5: 2008-02-07 21:47:38 UTC - RP106 - Restore Operation
4: 2008-02-07 21:39:00 UTC - RP105 - Restore Operation
3: 2008-02-07 21:34:13 UTC - RP104 - Restore Operation
2: 2008-02-07 16:45:57 UTC - RP103 - Restore Operation


-- First Restore Point --
1: 2008-02-07 00:00:02 UTC - RP102 - Scheduled Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-02-09 13:18:35
Platform: Windows Vista (6.00.6000)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\System32\dwm.exe
C:\Windows\System32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\SiS VGA Utilities\SiSTray.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.ex e
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\Windows\System32\mobsync.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Windows\explorer.exe
C:\Windows\System32\notepad.exe
F:\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemonsearch.com/intl/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.uk.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://en.uk.acer.yahoo.com
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: AstroburnBar Toolbar - {e802027b-1f2b-40bd-b307-0bd96d036835} - C:\Program Files\AstroburnBar\tbAstr.dll
O1 - Hosts: 60.12.193.37 auto.search.msn.com
O1 - Hosts: 60.12.193.37 auto.search.msn.es
O1 - Hosts: 60.12.193.37 ie.search.msn.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AstroburnBar Toolbar - {e802027b-1f2b-40bd-b307-0bd96d036835} - C:\Program Files\AstroburnBar\tbAstr.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AstroburnBar Toolbar - {e802027b-1f2b-40bd-b307-0bd96d036835} - C:\Program Files\AstroburnBar\tbAstr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [SiSTray] %ProgramFiles%\SiS VGA Utilities\SiSTray.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{AE688BBD-6991-4C08-8412-D09CE60F4D74}: NameServer = 194.168.4.100,194.168.8.100
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll
O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: avgwlntf - C:\Windows\system32\avgwlntf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\Program Files\Grisoft\AVG7\avgemc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe


--
End of file - 10451 bytes

main.txt
-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R3 dvd43llh - c:\windows\system32\drivers\dvd43llh.sys <Not Verified; RIF; DVD For Free>
R3 NTIDrvr (Upper Class Filter Driver) - c:\windows\system32\drivers\ntidrvr.sys <Not Verified; NewTech Infosystems, Inc.; >
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AcerMemUsageCheckService (ePerformance Service) - c:\acer\empowering technology\eperformance\memcheck.exe <Not Verified; ; MemCheck.Service>
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 eRecoveryService (eRecovery Service) - c:\acer\empowering technology\erecovery\erecoveryservice.exe <Not Verified; Acer Inc.; eRecoveryService>
R2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" <Not Verified; ; RichVideo Module>

S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2008-01-09 and 2008-02-09 -----------------------------

2008-02-07 15:29:16 0 d-------- C:\Program Files\Ashampoo
2008-02-07 12:53:16 0 d-------- C:\Converted Videos
2008-02-07 12:52:52 0 d-------- C:\Program Files\DVDripnburn.com
2008-02-07 12:52:45 0 d-------- C:\Program Files\SystemGuards.com
2008-02-07 12:48:00 0 d-------- C:\Program Files\bitRipper
2008-02-07 12:28:31 0 d-------- C:\Program Files\Smallvideosoft
2008-02-01 20:02:18 0 d-------- C:\divx
2008-02-01 19:58:15 0 d-------- C:\Program Files\Common Files\PX Storage Engine
2008-02-01 19:53:24 0 d-------- C:\Program Files\DivX
2008-01-31 21:59:36 0 d-------- C:\Program Files\VideoLAN
2008-01-29 12:51:12 0 d-------- C:\Program Files\Common Files\Sierra On-Line
2008-01-29 12:42:57 368912 --a------ C:\Windows\system32\vbar332.dll <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Applications>
2008-01-29 12:42:57 407312 --a------ C:\Windows\system32\msrepl35.dll <Not Verified; Microsoft Corporation; Microsoft® Access>
2008-01-29 12:42:57 252176 --a------ C:\Windows\system32\msrd2x35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-01-29 12:42:57 24848 --a------ C:\Windows\system32\msjter35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-01-29 12:42:57 123664 --a------ C:\Windows\system32\Msjint35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-01-29 12:42:57 1045776 --a------ C:\Windows\system32\msjet35.dll <Not Verified; Microsoft Corporation; Microsoft® Jet>
2008-01-29 12:41:45 0 d-------- C:\Sierra
2008-01-29 12:40:50 306688 --a------ C:\Windows\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-01-27 15:40:19 0 d-------- C:\Program Files\Java
2008-01-27 15:40:17 0 d-------- C:\Program Files\Common Files\Java
2008-01-27 14:52:07 0 d-------- C:\Program Files\iPod
2008-01-27 14:52:02 0 d-------- C:\Program Files\iTunes
2008-01-27 14:50:53 0 d-------- C:\Users\All Users\Apple Computer
2008-01-27 14:50:14 0 d-------- C:\Program Files\Apple Software Update
2008-01-27 14:48:28 0 d-------- C:\Program Files\Common Files\Apple
2008-01-27 14:48:27 0 d-------- C:\Users\All Users\Apple
2008-01-27 13:24:55 0 d-------- C:\Users\Philip\My DVD's
2008-01-19 16:38:01 0 d-------- C:\Users\All Users\LightScribe
2008-01-19 16:11:22 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-19 15:44:10 0 d-------- C:\Users\All Users\Ahead
2008-01-19 15:41:43 0 d-------- C:\Users\All Users\Nero
2008-01-19 15:41:43 0 d-------- C:\Program Files\Nero
2008-01-19 15:41:42 0 d-------- C:\Program Files\Common Files\Ahead
2008-01-19 14:32:33 0 d-------- C:\Users\All Users\Yahoo! Companion
2008-01-19 14:26:50 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-01-19 14:26:29 0 d-------- C:\Program Files\Windows Live
2008-01-19 14:26:06 0 d-------- C:\Users\All Users\WLInstaller
2008-01-19 12:45:50 0 d-------- C:\Program Files\MagicISO
2008-01-19 12:41:13 0 d-------- C:\Program Files\AdVantage
2008-01-19 12:40:23 0 d-------- C:\Program Files\DAEMON Tools
2008-01-19 12:35:07 0 d-------- C:\Program Files\AstroburnBar
2008-01-19 12:35:04 685816 --a------ C:\Windows\system32\drivers\sptd.sys
2008-01-19 12:35:04 0 d-------- C:\Program Files\Astroburn
2008-01-19 12:33:13 0 d-------- C:\Users\All Users\Adobe
2008-01-19 12:33:03 0 d-------- C:\Program Files\Common Files\Adobe
2008-01-19 12:28:45 0 d-------- C:\Program Files\QuickTime Alternative
2008-01-19 12:28:45 0 d-------- C:\Program Files\Media Player Classic
2008-01-19 12:25:35 0 d-------- C:\Program Files\WinAVI Video Converter
2008-01-19 12:23:53 0 d-------- C:\Program Files\PowerISO
2008-01-19 12:21:39 0 d-------- C:\Users\All Users\Innovative Solutions
2008-01-19 12:21:26 0 d-------- C:\Program Files\Innovative Solutions
2008-01-19 12:19:55 0 d-------- C:\Program Files\vso
2008-01-19 12:17:44 47360 --a------ C:\Windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-01-19 12:17:39 0 d-------- C:\Program Files\LG Software Innovations
2008-01-19 12:07:41 180224 --a------ C:\Windows\system32\xvidvfw.dll
2008-01-19 12:07:41 765952 --a------ C:\Windows\system32\xvidcore.dll
2008-01-19 12:07:41 0 d-------- C:\Program Files\Xvid
2008-01-18 22:31:49 0 d-------- C:\Program Files\MSXML 4.0
2008-01-18 22:00:00 0 d-------- C:\Users\Philip\Program Files
2008-01-18 21:54:54 0 d-------- C:\Windows\system32\ZoneLabs
2008-01-18 21:54:53 0 d-------- C:\Users\All Users\CheckPoint
2008-01-18 21:53:12 0 d-------- C:\Windows\Internet Logs
2008-01-18 21:50:23 0 --a------ C:\Windows\nsreg.dat
2008-01-18 21:47:22 18816 --a------ C:\Windows\system32\drivers\dvd43llh.sys <Not Verified; RIF; DVD For Free>
2008-01-18 21:47:21 0 d-------- C:\Program Files\dvd43
2008-01-18 21:46:18 0 d-------- C:\Program Files\DNA
2008-01-18 21:46:18 0 d-------- C:\Program Files\BitTorrent
2008-01-18 21:40:56 0 d-------- C:\Program Files\Lavasoft
2008-01-18 21:40:55 0 d-------- C:\Users\All Users\Lavasoft
2008-01-18 21:40:16 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-18 21:36:15 0 d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-01-18 21:31:23 0 d-------- C:\Users\All Users\Grisoft
2008-01-18 21:31:23 0 d-------- C:\Users\All Users\avg7
2008-01-18 21:20:16 0 dr------- C:\Users\Philip\Searches
2008-01-18 21:20:07 0 dr------- C:\Users\Philip\Contacts
2008-01-18 21:19:59 0 d-------- C:\Program Files\Yahoo!
2008-01-18 21:19:44 0 dr------- C:\Users\Philip\Videos
2008-01-18 21:19:44 0 d--hs---- C:\Users\Philip\Templates
2008-01-18 21:19:44 0 d--hs---- C:\Users\Philip\Start Menu
2008-01-18 21:19:44 0 d--hs---- C:\Users\Philip\SendTo
2008-01-18 21:19:44 0 dr------- C:\Users\Philip\Saved Games
2008-01-18 21:19:44 0 d--hs---- C:\Users\Philip\Recent
2008-01-18 21:19:44 0 d--hs---- C:\Users\Philip\PrintHood
2008-01-18 21:19:44 0 dr------- C:\Users\Philip\Pictures
2008-01-18 21:19:44 2621440 --ahs---- C:\Users\Philip\ntuser.dat
2008-01-18 21:19:44 0 d--hs---- C:\Users\Philip\NetHood
2008-01-18 21:19:44 0 d--hs---- C:\Users\Philip\My Documents
2008-01-18 21:19:44 0 dr------- C:\Users\Philip\Music
2008-01-18 21:19:44 0 d--hs---- C:\Users\Philip\Local Settings
2008-01-18 21:19:44 0 dr------- C:\Users\Philip\Links
2008-01-18 21:19:44 0 dr------- C:\Users\Philip\Favorites
2008-01-18 21:19:44 0 dr------- C:\Users\Philip\Downloads
2008-01-18 21:19:44 0 dr------- C:\Users\Philip\Documents
2008-01-18 21:19:44 0 dr------- C:\Users\Philip\Desktop
2008-01-18 21:19:44 0 d--hs---- C:\Users\Philip\Cookies
2008-01-18 21:19:44 0 d--hs---- C:\Users\Philip\Application Data
2008-01-18 21:19:44 0 d--h----- C:\Users\Philip\AppData


-- Find3M Report ---------------------------------------------------------------

2008-02-09 08:00:04 0 d-------- C:\Users\Philip\AppData\Roaming\AVG7
2008-02-07 21:49:38 0 d-------- C:\Users\Philip\AppData\Roaming\BitTorrent
2008-02-01 22:06:32 0 d-------- C:\Users\Philip\AppData\Roaming\DivX
2008-02-01 19:58:15 0 d-------- C:\Program Files\Common Files
2008-02-01 19:55:34 0 d-------- C:\Users\Philip\AppData\Roaming\Pegasys Inc
2008-01-31 22:01:34 0 d-------- C:\Users\Philip\AppData\Roaming\vlc
2008-01-30 17:22:39 0 d-------- C:\Users\Philip\AppData\Roaming\Astroburn
2008-01-29 13:52:08 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-01-29 12:35:57 0 d-------- C:\Users\Philip\AppData\Roaming\Template
2008-01-28 18:31:02 0 d-------- C:\Users\Philip\AppData\Roaming\Apple Computer
2008-01-21 18:53:53 0 d-------- C:\Users\Philip\AppData\Roaming\Adobe
2008-01-20 19:33:19 0 d-------- C:\Users\Philip\AppData\Roaming\WinRAR
2008-01-19 20:05:16 0 d-------- C:\Users\Philip\AppData\Roaming\1clickPro
2008-01-19 16:40:38 0 d-------- C:\Users\Philip\AppData\Roaming\Ahead
2008-01-19 14:09:43 0 d-------- C:\Users\Philip\AppData\Roaming\DNA
2008-01-19 12:18:35 0 d-------- C:\Users\Philip\AppData\Roaming\Vso
2008-01-19 12:18:35 34 --a------ C:\Users\Philip\AppData\Roaming\pcouffin.log
2008-01-19 12:17:44 47360 --a------ C:\Users\Philip\AppData\Roaming\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-01-19 12:17:44 1144 --a------ C:\Users\Philip\AppData\Roaming\pcouffin.inf
2008-01-19 12:17:44 7176 --a------ C:\Users\Philip\AppData\Roaming\pcouffin.cat
2008-01-19 12:17:44 81920 --a------ C:\Users\Philip\AppData\Roaming\ezpinst.exe
2008-01-19 05:33:19 0 --a------ C:\Users\Philip\AppData\Roaming\wklnhst.dat
2008-01-19 03:15:01 174 --ahs---- C:\Program Files\desktop.ini
2008-01-19 03:10:56 0 d-------- C:\Program Files\Windows Calendar
2008-01-19 03:10:53 0 d-------- C:\Program Files\Windows Mail
2008-01-19 03:10:43 0 d-------- C:\Program Files\Windows Sidebar
2008-01-18 21:50:18 0 d-------- C:\Users\Philip\AppData\Roaming\Mozilla
2008-01-18 21:30:26 0 d-------- C:\Program Files\Common Files\Symantec Shared
2008-01-18 21:20:25 0 d-------- C:\Users\Philip\AppData\Roaming\Macromedia
2008-01-18 21:20:09 0 d-------- C:\Users\Philip\AppData\Roaming\Identities
2008-01-04 21:58:50 3596288 --a------ C:\Windows\system32\qt-dx331.dll
2008-01-04 21:57:22 196608 --a------ C:\Windows\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-01-04 21:57:22 81920 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-01-04 21:57:12 823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 21:57:10 802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-01-04 21:57:10 823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 21:57:10 682496 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-01-04 21:56:24 12288 --a------ C:\Windows\system32\DivXWMPExtType.dll

Main.txt
-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e802027b-1f2b-40bd-b307-0bd96d036835}]
28/10/2007 15:45 1502232 --a------ C:\Program Files\AstroburnBar\tbAstr.dll

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{E802027B-1F2B-40BD-B307-0BD96D036835}"= C:\Program Files\AstroburnBar\tbAstr.dll [28/10/2007 15:45 1502232]

[-HKEY_CLASSES_ROOT\CLSID\{E802027B-1F2B-40BD-B307-0BD96D036835}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [14/09/2007 03:17]
"RtHDVCpl"="RtHDVCpl.exe" [20/06/2007 08:56 C:\Windows\RtHDVCpl.exe]
"Acer Empowering Technology Monitor"="C:\Acer\Empowering Technology\SysMonitor.exe" [31/05/2007 23:35]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [25/04/2007 23:33]
"Acer Tour"="" []
"SiSTray"="C:\Program Files\SiS VGA Utilities\SiSTray.exe" [05/06/2007 11:07]
"eRecoveryService"="" []
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [06/11/2006 05:48]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [26/01/2008 17:54]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [04/06/2007 05:24]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 19:51]
"QuickTime Task"="C:\Program Files\QuickTime Alternative\QTTask.exe" [19/10/2007 20:16]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 01:11]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [18/01/2008 22:34]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [31/08/2007 16:46]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 11:34]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [27/06/2007 19:03]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [14/09/2007 03:38:32]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 18/01/2008 21:31 9216 C:\Windows\System32\avgwlntf.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- Hosts -----------------------------------------------------------------------

60.12.193.37 auto.search.msn.com
60.12.193.37 auto.search.msn.es
60.12.193.37 ie.search.msn.com


-- End of Deckard's System Scanner: finished at 2008-02-09 13:19:44 ------------

Extra.txt
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Home Premium (build 6000)
Architecture: X86; Language: English

CPU 0: Intel(R) Pentium(R) Dual CPU E2140 @ 1.60GHz
Percentage of Memory in Use: 51%
Physical Memory (total/avail): 1790.94 MiB / 872.49 MiB
Pagefile Memory (total/avail): 3815.71 MiB / 2488.3 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1921.93 MiB

C: is Fixed (NTFS) - 69.77 GiB total, 42.47 GiB free.
D: is Fixed (NTFS) - 69.52 GiB total, 69.43 GiB free.
E: is CDROM (No Media)
F: is Removable (FAT)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
L: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - Hitachi HDS721616PLA380 ATA Device - 149.05 GiB - 3 partitions
\PARTITION0 - Unknown - 9.76 GiB
\PARTITION1 (bootable) - MS-DOS V4 Huge - 69.77 GiB - C:
\PARTITION2 - Installable File System - 69.52 GiB - D:

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device - 964.84 MiB - 1 partition
\PARTITION0 - MS-DOS V4 Huge - 968.5 MiB - F:

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FW: ZoneAlarm Firewall v7.1.078.000 (Check Point, LTD.)
AV: AVG 7.5.516 v7.5.516 (Grisoft)
AS: Spybot - Search and Destroy v1.0.0.4 (Safer Networking Ltd.) Outdated
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTor rent"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Philip\AppData\Roaming
CLASSPATH=.;C:\Program Files\QuickTime Alternative\QTSystem\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PHILIP-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Philip
LOCALAPPDATA=C:\Users\Philip\AppData\Local
LOGONSERVER=\\PHILIP-PC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\Sys tem32\Wbem;C:\Program Files\QuickTime Alternative\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\QuickTime Alternative\QTSystem\QTJava.zip
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Philip\AppData\Local\Temp
TMP=C:\Users\Philip\AppData\Local\Temp
tvdumpflags=8
USERDOMAIN=Philip-PC
USERNAME=Philip
USERPROFILE=C:\Users\Philip
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

Philip


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Windows\UNNeroBackItUp.exe /UNINSTALL
--> C:\Windows\UNNeroMediaHome.exe /UNINSTALL
--> C:\Windows\UNNeroShowTime.exe /UNINSTALL
--> C:\Windows\UNNeroVision.exe /UNINSTALL
--> C:\Windows\UNRecode.exe /UNINSTALL
1Click DVD Copy Pro 2.3.1.1 --> "C:\Program Files\LG Software Innovations\1Click DVD Copy Pro\unins000.exe"
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Acer Arcade Live Main Page --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\setup.exe" -uninstall
Acer DV Magician --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6EFFB76-4A07-11DA-9D78-000129760D75}\setup.exe" -uninstall
Acer DVDivine --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall
Acer eDataSecurity Management --> C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL
Acer Empowering Technology --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x9 -removeonly
Acer ePerformance Management --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D462BF9E-0C35-4705-BF9B-3DF9F3816643}\setup.exe" -l0x9 -removeonly
Acer HomeMedia --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe" -uninstall
Acer HomeMedia Connect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{132888AE-EF67-41C5-BCA2-7D5D2488AB63}\Setup.exe" -uninstall
Acer ScreenSaver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer SlideShow DVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41581EF5-45A7-11DA-9D78-000129760D75}\Setup.exe" -uninstall
Acer Tour --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x9 -removeonly
Acer VideoMagician --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall
Activation Assistant for the 2007 Microsoft Office suites --> "C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player Plugin --> C:\Windows\system32\Macromed\Flash\uninstall_plugi n.exe
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
Advanced Uninstaller PRO - Version 8 --> "C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO - Version 8\unins000.exe"
Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Astroburn --> C:\Program Files\Astroburn\uninst.exe
AstroburnBar Toolbar --> C:\PROGRA~1\ASTROB~2\UNWISE.EXE C:\PROGRA~1\ASTROB~2\INSTALL.LOG
AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
BitTorrent 6.0 --> C:\Program Files\BitTorrent\uninst.exe
CopyToDVD --> "C:\Program Files\vso\CopyToDVD\unins000.exe"
DivX Author 1.5 --> C:\Program Files\DivX\DivX Author 1.5\DivXAuthorUninstall.exe /DIVX_AUTHOR
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DNA --> "C:\Users\Philip\Program Files\DNA\btdna.exe" /UNINSTALL
DVD43 v4.0.0 --> "C:\Program Files\dvd43\unins000.exe"
eSobi v2 --> C:\Program Files\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x0409
Homespun Content Pack --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{62201736-0A1F-4C6F-9C59-1AA3360CEA50}\Setup.exe" -l0x9
iTunes --> MsiExec.exe /I{E3FEE4E7-4488-4A3F-A6BD-13745936EADB}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Magic ISO Maker v5.4 (build 0239) --> C:\PROGRA~1\MagicISO\UNWISE.EXE C:\PROGRA~1\MagicISO\INSTALL.LOG
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007 --> MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007 --> MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007 --> MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007 --> MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007 --> MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works --> MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181) --> MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833) --> MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Nero 7 Ultra Edition --> MsiExec.exe /X{847CAE64-4CD2-4B2D-AF00-978FF5431033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NTI Backup NOW! 4.7 --> "C:\Program Files\InstallShield Installation Information\{67ADE9AF-5CD9-4089-8825-55DE4B366799}\setup.exe" -removeonly
NTI CD & DVD-Maker --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\ID river.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1033 CDM7
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
QuickTime --> MsiExec.exe /I{5B09BD67-4C99-46A1-8161-B7208CE18121}
QuickTime Alternative 1.47 --> "C:\Program Files\QuickTime Alternative\unins000.exe"
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x9 -removeonly
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SierraAddressBook 3.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7CE979C6-E5FF-41C5-B6CC-4EE18071563B}\setup.exe"
SierraHome Print Artist --> C:\Windows\IsUninst.exe -f"C:\Sierra\Print Artist\HiUninst.isu" -c"C:\Sierra\Print Artist\Uninstpa.DLL"
SiS VGA Utilities --> C:\Program Files\SiS VGA Utilities\Setup.exe -u
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
VideoLAN VLC media player 0.8.6d --> C:\Program Files\VideoLAN\VLC\uninstall.exe
WinAVI Video Converter --> "C:\Program Files\WinAVI Video Converter\unins000.exe"
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Mail --> MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live Writer --> MsiExec.exe /X{9176251A-4CC1-4DDB-B343-B487195EB397}
Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Xvid 1.1.3 final uninstall --> "C:\Program Files\Xvid\unins000.exe"
Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\common\unyt.exe
ZoneAlarm --> C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type17397 / Error
Event Submitted/Written: 02/08/2008 07:52:05 PM
Event ID/Source: 1002 / Application Hang
Event Description:
The program Explorer.EXE version 6.0.6000.16549 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 73c
Start Time: 01c869d3c08f631e
Termination Time: 94

Event Record #/Type16081 / Error
Event Submitted/Written: 02/07/2008 10:00:41 PM
Event ID/Source: 5007 / WerSvc
Event Description:
The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9.

Event Record #/Type16070 / Error
Event Submitted/Written: 02/07/2008 09:53:43 PM
Event ID/Source: 8209 / System Restore
Event Description:
An unspecified error occurred during System Restore: (Scheduled Checkpoint). Additional information: .

Event Record #/Type16057 / Success
Event Submitted/Written: 02/07/2008 09:53:27 PM
Event ID/Source: 5617 / WinMgmt
Event Description:


Event Record #/Type16056 / Success
Event Submitted/Written: 02/07/2008 09:53:25 PM
Event ID/Source: 5615 / WinMgmt
Event Description:




-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type17592 / Warning
Event Submitted/Written: 02/08/2008 09:53:27 PM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not synchronized the system time for 86400 seconds because none of the time service providers provided a usable time stamp. The time service will not update the local system time until it is able to synchronize with a time source. If the local system is configured to act as a time server for clients, it will stop advertising as a time source to clients. The time service will continue to retry and sync time with its time sources. Check system event log for other W32time events for more details. Run 'w32tm /resync' to force an instant time synchronization.

Event Record #/Type17590 / Error
Event Submitted/Written: 02/08/2008 07:56:02 PM
Event ID/Source: 8003 / bowser
Event Description:
The master browser has received a server announcement from the computer ADAM-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{AE688BBD-6991-4C08-8412-D09CE60F4D.
The master browser is stopping or an election is being forced.

Event Record #/Type17560 / Warning
Event Submitted/Written: 02/08/2008 02:37:10 PM
Event ID/Source: 54 / AFD
Event Description:
\Device\Afd

Event Record #/Type17428 / Warning
Event Submitted/Written: 02/07/2008 09:53:04 PM
Event ID/Source: 1003 / Dhcp
Event Description:
Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 001C253C47F4. The following error occurred:
%%121. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.

Event Record #/Type17421 / Error
Event Submitted/Written: 02/07/2008 09:52:10 PM
Event ID/Source: 6 / ACPI
Event Description:
IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 31, function 0.
Please contact your system vendor for technical assistance.



-- End of Deckard's System Scanner: finished at 2008-02-09 13:19:44 ------------

I dont have access to the problem pc at the moment, so i will scan it later and edit this post with the results:d thanks for the help so far

EDIT : Ive tried running combofix 5 times now, in the c:\ dir (windows vista) and a dos window opens, then closes and another one opens, it says preparing to start and then it says "out of memory":s dont know what to do now...

EDIT 2: On the majorgeeks forum, theres a thread with someone having the same problem as me, and someone says combofix will not work on 64bit systems... which is what i have

No it wont nor will most of our custom utilities. Ok, make the changes with Hijack This and then just to be sure that Zone Alarm is not causing your problem, shut it down from the icon in the lower righthand corner of your screen, uninstall it and reboot. Enable the Windows firewall for now. Post back and let me know if you are still having problems and if so, I'll transfer your topic to the Networking Forum.

hey, dont worry about the problem aymore, i figured out a work around, im just using a wireless dongle instead of a cable connection... i uninstalled the sis191 network card drivers, then downloaded them from the official website, installed and still no luck... so i dont know, it might be the network card (onboard) i dont know.

Thanks for your help:D

Ok. I am glad all is well now and thanks for the update welshboy07.