Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Run DLL Error loading C:\Windows\system32\xxhqs.dll

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Run DLL Error loading C:\Windows\system32\xxhqs.dll

Unread postby thomba24 » April 30th, 2011, 10:49 pm

So every time i boot up i get this message. Run DLL Error loading C:\Windows\system32\xxhqs.dll I have Vista
I believe it is malware related. I am not very computer savy, i dont even know what malware is, i am a novice. here is my DDS and the other file i am supposed to post, I think. hopefully i did this properly thanks brian


DDS NOTEPAD
DDS (Ver_11-03-05.01) - NTFS_AMD64
Run by Thompson at 13:33:58.94 on Thu 04/14/2011
Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_24
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.4094.2400 [GMT -4:00]
.
AV: Kaspersky Anti-Virus *Disabled/Outdated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
AV: Kaspersky Anti-Virus *Enabled/Updated* {AE1D740B-8F0F-D137-211D-873D44B3F4AE}
SP: Kaspersky Anti-Virus *Enabled/Updated* {157C95EF-A935-DEB9-1BAD-BC4F3F34BE13}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Anti-Virus *Disabled/Outdated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
FW: Kaspersky Anti-Virus *Disabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\MsgTranAgt64.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\Steam\1\Steam.exe
C:\Program files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files (x86)\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Amazon\Amazon Unbox Video\ADVWindowsClientService.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Windows\ASScrPro.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\x64\klwtblfs.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\SysWOW64\notepad.exe
C:\Windows\explorer.exe
C:\Users\Thompson\Downloads\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://asus.msn.com
mDefault_Page_URL = hxxp://www.yahoo.com
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} -

C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
BHO: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
TB: Search Toolbar: {9d425283-d487-4337-bab6-ab8354a81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: RadioBar Toolbar: {5b291e6c-9a74-4034-971b-a4b007a0b315} -
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [5a143dc3a13a948fccfbceaefece1364] C:\Users\Public\DOWNLO~1\COHSET~2.EXE /r
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Search Protection] C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
uRun: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [uPc+kt0NtdJsiv] rundll32.exe C:\Windows\system32\xxhqs.dll, SystemServer
uRun: [Lvhveiejl+1wmpson\AppData\Local\Temp\1682678023.exe] C:\Users\Thompson\AppData\Local\Temp\1682678023.exe
uRun: [Lvhveiejlqse] C:\Users\Thompson\AppData\Local\Temp\winlogon.exe
uRun: [Lvhveiejlqvc] C:\Users\Thompson\AppData\Local\Temp\svchost.exe
uRun: [LvhveiejlsPc] C:\Users\Thompson\AppData\Local\Temp\nvsvc32.exe
uRun: [Lvhveiejlhb] C:\Users\Thompson\AppData\Local\Temp\debug.exe
uRun: [Lvhveiejlud] C:\Users\Thompson\AppData\Local\Temp\system.exe
uRun: [Lvhveiejlora] C:\Users\Thompson\AppData\Local\Temp\iexplarer.exe
uRun: [Lvhveiejlqc] C:\Users\Thompson\AppData\Local\Temp\win.exe
uRun: [Lvhveiejlotc] C:\Users\Thompson\AppData\Local\Temp\hexdump.exe
uRun: [Lvhveiejlmc] C:\Users\Thompson\AppData\Local\Temp\mdm.exe
uRun: [Lvhveiejlo+] C:\Users\Thompson\AppData\Local\Temp\avp32.exe
uRun: [Lvhveiejlpe] C:\Users\Thompson\AppData\Local\Temp\csrss.exe
uRun: [Lvhveiejlna] C:\Users\Thompson\AppData\Local\Temp\login.exe
uRun: [Lvhveiejlpsc] C:\Users\Thompson\AppData\Local\Temp\taskmgr.exe
uRun: [Lvhveiejlqb] C:\Users\Thompson\AppData\Local\Temp\winamp.exe
uRun: [Lvhveiejlkc] C:\Users\Thompson\AppData\Local\Temp\cmd.exe
uRun: [Lvhveiejlppf] C:\Users\Thompson\AppData\Local\Temp\services.exe
uRun: [Lvhveiejlrf] C:\Users\Thompson\AppData\Local\Temp\smss.exe
uRun: [Lvhveiejl/0zmpson\AppData\Local\Temp\3496091952.exe] C:\Users\Thompson\AppData\Local\Temp\3496091952.exe
uRun: [Mquxe] C:\Windows\system.exe
uRun: [MqpSc] C:\Windows\avp32.exe
uRun: [Mquse] C:\Windows\svchost.exe
uRun: [Mqqsc] C:\Windows\drweb.exe
uRun: [Mqsuc] C:\Windows\lsass.exe
uRun: [Mque] C:\Windows\user.exe
uRun: [MqvPc] C:\Windows\win32.exe
uRun: [Lvhveiejlqf] C:\Users\Thompson\AppData\Local\Temp\user.exe
uRun: [LvhveiejlqW] C:\Users\Thompson\AppData\Local\Temp\drweb.exe
uRun: [Steam] "C:\Program Files (x86)\Steam\1\Steam.exe" -silent
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce

"Software\CyberLink\LabelPrint\2.5"
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce

"SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
mRun: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
mRun: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
mRun: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
mRun: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRun: [Vyikofudocayewid] rundll32.exe "C:\Windows\system32\config\systemprofile\AppData\Local\wiatodC.dll",Startup
dRun: [uPc+kt0NtdJsiv] rundll32.exe C:\Windows\system32\xxhqs.dll, SystemServer
uPolicies-explorer: NoFolderOptions = 1 (0x1)
uPolicies-system: DisableRegistryTools = 1 (0x1)
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-explorer: NoFolderOptions = 1 (0x1)
dPolicies-system: DisableRegistryTools = 1 (0x1)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocach ... .0.1.1.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDow ... ab_nvd.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDow ... rtScan.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.cvsphoto.com/upload/activex/ ... ontrol.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll
LSA: Notification Packages = scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Thompson\AppData\Roaming\Mozilla\Firefox\Profiles\8r41gnc5.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/?pc=Z039&form=ZGAPHP
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z039&form=ZGAADF&q=
FF - prefs.js: network.proxy.type - 0
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\KavLinkFilter.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: QueryExplorer: {27E679CC-6AAB-4B2A-BB87-096FE4178464} - C:\Program Files (x86)\Mozilla Firefox\extensions\{27E679CC-6AAB-4B2A-BB87-096FE4178464}
FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation

Foundation\DotNetAssistantExtension
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: XULRunner: {4045810D-51E7-44A0-8F7E-30C4237B2268} - C:\Windows\system32\config\systemprofile\AppData\Local\{4045810D-51E7-44A0-8F7E-30C4237B2268}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Search Toolbar: searchtoolbar@zugo.com - %profile%\extensions\searchtoolbar@zugo.com
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(general.useragent.extra.brc, BRI/1
.
============= SERVICES / DRIVERS ===============
.
R0 KLBG;Kaspersky Lab Boot Guard Driver;C:\Windows\System32\drivers\klbg.sys [2008-12-15 38416]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2009-5-15 26640]
R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2009-8-27 14904]
R2 AVP;Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe [2009-7-3 311680]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\System32\drivers\itecir.sys [2009-8-27 59392]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-5-16 21008]
R3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2008-8-28 4745216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate1ca8f757c6158f0;Google Update Service (gupdate1ca8f757c6158f0);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-7 133104]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2006-11-2 273408]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-27 93184]
.
=============== File Associations ===============
.
.txt=
.
=============== Created Last 30 ================
.
2011-04-07 18:02:57 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2011-04-07 18:00:12 -------- d-----w- C:\PROGRA~3\NVIDIA Corporation
2011-04-07 17:52:49 -------- d-----w- C:\NVIDIA
2011-04-07 17:42:38 -------- d-----w- C:\Program Files (x86)\SystemRequirementsLab
2011-03-27 01:35:31 -------- d-----w- C:\Users\Thompson\AppData\Local\Ubisoft Game Launcher
2011-03-26 23:26:58 -------- d-----w- C:\Users\Thompson\AppData\Local\World in Conflict
2011-03-26 22:39:17 -------- d-----w- C:\Program Files (x86)\Steam
.
==================== Find3M ====================
.
2011-03-12 02:52:29 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-03-12 02:52:29 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-02-10 19:10:56 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2011-02-03 01:40:23 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
.
============= FINISH: 13:37:13.77 ===============

.ATTACH NOTEPAD
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_11-03-05.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/27/2009 9:50:46 PM
System Uptime: 4/14/2011 12:54:00 PM (1 hours ago)
.
Motherboard: PEGATRON Corp. | | G60VX
Processor: Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz | Socket 478 | 800/267mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 285 GiB total, 122.975 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Reader 9.3.4
Amazon Unbox Video
ASUS Data Security Manager
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
Asus_Camera_ScreenSaver
ATK Generic Function Service
ATK Hotkey
ATK Media
ATKOSD2
Autodesk 3ds Max 2010 32-bit
Autodesk Backburner 2008.1
Bing Bar
Bing Rewards Client Installer
Capitalism II
Choice Guard
Civilization V CODE (remove only)
Commandos Behind Enemy Lines
Company of Heroes
Company of Heroes - FAKEMSI
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
CyberLink LabelPrint
CyberLink Power2Go
Dawn of Discovery
deskPDF 2.5 Standard Edition
Dev-C++ 5 beta 9 release (4.9.9.2)
DivX Setup
Express Gate
Galapago
Gangsters
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GPGNet
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Deskjet 3050 J610 series Help
HP Photo Creations
HP Update
ITECIR
Java Auto Updater
Java(TM) 6 Update 24
Kaspersky Anti-Virus 2010
LoJack Factory Installer
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Rise Of Nations
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
Mozilla Firefox (3.6.15)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML4 Parser
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
OverDrive Media Console
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek 8169 8168 8101E 8102E Ethernet Driver
RealUpgrade 1.1
Rise of Nations Thrones and Patriots
Search Toolbar
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Sid Meier's Civilization V
Sid Meier's Civilization V SDK
Sid Meier's Railroads!
SimCity 4 Deluxe
StarCraft II
Steam
Supreme Commander
System Requirements Lab
The Settlers 7 - Paths to a Kingdom
The Settlers IV (remove only)
Total Annihilation
Tropico 3 1.00
ubi.com
Ubisoft Game Launcher
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974631)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053
VLC media player 1.0.1
Wireless Console 2
World in Conflict: Soviet Assault
Xvid 1.2.1 final uninstall
.
==== End Of File ===========================

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-4JJQP-TP64Y-RPFFV
Windows Product Key Hash: W7I5PeTN2iJuvTTU9QmIXc6iQqY=
Windows Product ID: 89583-OEM-7332157-00043
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.0.6001.2.00010300.1.0.003
ID: {F11EAA32-189F-4D74-A43A-BEF58D9A4626}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows Vista (TM) Home Premium
Architecture: 0x00000009
Build lab: 6001.vistasp1_gdr.101014-0432
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 100 Genuine
Microsoft Office Home and Student 2007 - 100 Genuine
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: B4D0AA8B-604-645_025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{F11EAA32-189F-4D74-A43A-BEF58D9A4626}</UGUID><Version>1.9.0027.0</Version><OS>6.0.6001.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-RPFFV</PKey><PID>89583-OEM-7332157-00043</PID><PIDType>2</PIDType><SID>S-1-5-21-3090070989-868362510-393952071</SID><SYSTEM><Manufacturer>ASUSTeK Computer Inc. </Manufacturer><Model>G60VX </Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>203 </Version><SMBIOSVersion major="2" minor="5"/><Date>20090527000000.000000+000</Date></BIOS><HWID>69303507018400F8</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>_ASUS_</OEMID><OEMTableID>Notebook</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-002F-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Home and Student 2007</Name><Ver>12</Ver><Val>8D8472FDDE63738</Val><Hash>ypmDfjT+awjHZ2e/vpdITkmyiuI=</Hash><Pid>81602-924-3452086-68161</Pid><PidType>1</PidType></Product></Products><Applications><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="A1" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.0.6001.18000
Name: Windows(TM) Vista, HomePremium edition
Description: Windows Operating System - Vista, OEM_SLP channel
Activation ID: bffdc375-bbd5-499d-8ef1-4f37b61c895f
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 89583-00146-321-500043-02-1033-6001.0000-2692009
Installation ID: 105652687803999723838231172820165293083465804742732140
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43473
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43474
Use License URL: http://go.microsoft.com/fwlink/?LinkID=43476
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43475
Partial Product Key: RPFFV
License Status: Licensed

Windows Activation Technologies-->
N/A

HWID Data-->
HWID Hash Current: NgAAAAEABAABAAEAAQABAAAAAwABAAEA6GG8HdYLPuVmUPDr6MPsajwP8vQSZVw2pmGsVkbK

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20000
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC 052709 APIC1358
FACP 052709 FACP1358
DBGP 052709 DBGP1358
HPET 052709 OEMHPET
BOOT 052709 BOOT1358
MCFG 052709 OEMMCFG
SLIC _ASUS_ Notebook
ECDT 052709 OEMECDT
OEMB 052709 OEMB1358
SSDT PmRef CpuPm
thomba24
Active Member
 
Posts: 11
Joined: April 14th, 2011, 1:37 pm
Advertisement
Register to Remove

Re: Run DLL Error loading C:\Windows\system32\xxhqs.dll

Unread postby thomba24 » April 30th, 2011, 10:56 pm

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\2k games\firaxis games\sid meier's railroads!\assets\terrain\textures\crackeddesertground.dds
c:\program files (x86)\2k games\firaxis games\sid meier's railroads!\assets\terrain\textures\crackeddesertground2.dds
c:\program files (x86)\2k games\firaxis games\sid meier's railroads!\assets\terrain\textures\crackeddesertground2_normal.dds
c:\program files (x86)\2k games\firaxis games\sid meier's railroads!\assets\terrain\textures\crackeddesertground_normal.dds
scanner sequence 3.CA.11
----- EOF -----
thomba24
Active Member
 
Posts: 11
Joined: April 14th, 2011, 1:37 pm

Re: Run DLL Error loading C:\Windows\system32\xxhqs.dll

Unread postby NonSuch » May 1st, 2011, 2:41 am

Please familiarize yourself with the forum rules: >Forum Posting Rules - Please Read<

We're sorry, but it is necessary to close your topic because you have replied to it prior to receiving a response from a helper.

Due to adding on to your topic with your second post it is highly unlikely that you would have received a response. Our helpers are looking for topics with zero responses. When you post replies to your own topic, it no longer has zero responses, and so it appears that you have received help when in fact, you have not.

If you still require help, please open a new thread in the Malware Removal forum and wait for assistance. Please do not run additional programs and/or post additional logs. Just your DDS log to start with is adequate. Your helper will ask for additional logs as needed. DO NOT reply to your own topic until you have received a response from a helper. Be patient. There are others who have been waiting longer than you, so do not expect an immediate reply.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27304
Joined: February 23rd, 2005, 7:08 am
Location: California


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 49 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware