Inactive Periodic stops-and-gos while performing tasks, help?

[Auvic]

Hey there!

I've recently - that is, within the last month or so - been having a number of issues with what seems to be possibly a mixture of things with my desktop. While gaming, I notice that every so often, I'll have periods of time where my computer just sort of freezes for a good 5-10 seconds, before resuming what it was doing.
Oddly enough, if I play music at the same time, the music continues to play ( I think ) without being bothered, but I've had this issue with more than one game, so I don't believe it's an issue with the games themselves.

Similarly, I've had some suspicion that it might be a bug since recent scans - I use Microsoft Security Essentials since it seems to detect things best, oddly enough - have pulled up things like:
Exploit: Java/ByteVerify
Exploit: Java/CVE:2010-0094.AK
TrojanDownloader:Java/OpenStream.AM

And things of that sort. About time that the freezes happen, if I open Task Manager immediately after, there's evidence of sudden spikes in CPU usage or memory usage, which I don't see any reason for, given that it doesn't happen at the startup of a program, but rather sometime in the middle.

I'm not entirely sure that this is a virus/malware problem, so this might really not be the correct place to ask for help with this - but if it is, would you mind looking through these logs for anything out of place? I ran my computer in Safe Mode before running TFC, DDS, and Malwarebyte's, so I hope that won't be a problem.

Thanks so much in advance!

 

[Auvic]

Here're the logs:

MBAM:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5156

Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385

11/21/2010 1:00:42 AM
mbam-log-2010-11-21 (01-00-42).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 725861
Time elapsed: 1 hour(s), 40 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

DDS:

DDS (Ver_10-11-10.01) - NTFS_AMD64 MINIMAL
Run by Vincent at 23:19:02.36 on Sat 11/20/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3070.1960 [GMT -6:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Users\Vincent\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Steam] "c:\program files (x86)\steam\steam.exe" -silent
uRun: [googletalk] C:\Users\Vincent\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
uRun: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
uRun: [Skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized
mRun: [tsnp2std] C:\Windows\tsnp2std.exe
mRun: [NPSStartup]
mRun: [ATICustomerCare] "C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\Users\Vincent\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Vincent\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll
mRun-x64: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
mRun-x64: [snp2std] C:\Windows\vsnp2std.exe

================= FIREFOX ===================

FF - ProfilePath - C:\Users\Vincent\AppData\Roaming\Mozilla\Firefox\Profiles\lt686bqs.default\
FF - prefs.js: browser.startup.homepage - hxxp://mail.google.com/mail/?shva=1#inbox
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, falseC:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
C:\Program Files (x86)\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified

============= SERVICES / DRIVERS ===============

S1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2009-12-2 173984]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-9-25 203264]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 cpuz132;cpuz132;C:\Windows\System32\drivers\cpuz132_x64.sys [2009-12-18 19432]
S2 dlea_device;dlea_device;C:\Windows\system32\dleacoms.exe -service --> C:\Windows\system32\dleacoms.exe -service [?]
S2 dleaCATSCustConnectService;dleaCATSCustConnectService;C:\Windows\System32\spool\drivers\x64\3\dleaserv.exe [2009-7-1 33448]
S3 amdkmdag;amdkmdag;C:\Windows\System32\drivers\atikmdag.sys [2010-9-25 7767040]
S3 amdkmdap;amdkmdap;C:\Windows\System32\drivers\atikmpag.sys [2010-9-25 279040]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-9-25 116240]
S3 LiveTurbineMessageService;Turbine Message Service - Live;"C:\Program Files (x86)\Turbine\Turbine Download Manager\TurbineMessageService.exe" --> C:\Program Files (x86)\Turbine\Turbine Download Manager\TurbineMessageService.exe [?]
S3 LiveTurbineNetworkService;Turbine Network Service - Live;"C:\Program Files (x86)\Turbine\Turbine Download Manager\TurbineNetworkService.exe" --> C:\Program Files (x86)\Turbine\Turbine Download Manager\TurbineNetworkService.exe [?]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\System32\drivers\MpNWMon.sys [2009-12-2 40832]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-10 187392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-5-5 1255736]

=============== Created Last 30 ================

2010-11-21 02:45:13 8199504 ----a-w- C:\PROGRA~3\Microsoft\Microsoft Antimalware\Definition Updates\{E3E329C9-B9DA-416B-A672-AE0E99264374}\mpengine.dll
2010-11-16 16:09:03 -------- d-----w- C:\Program Files (x86)\COMPACT
2010-11-06 17:37:34 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2010-11-06 17:37:34 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2010-11-02 01:04:02 -------- d-----w- C:\Users\Vincent\AppData\Roaming\AVG10
2010-11-02 01:02:41 -------- d--h--w- C:\PROGRA~3\Common Files
2010-11-02 00:58:23 -------- d-----w- C:\PROGRA~3\AVG10
2010-11-02 00:49:38 -------- d-----w- C:\PROGRA~3\MFAData
2010-11-01 07:13:32 -------- d-----w- C:\Users\Vincent\AppData\Roaming\Malwarebytes
2010-11-01 07:13:24 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-11-01 07:13:22 24664 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-11-01 07:13:22 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-11-01 07:13:22 -------- d-----w- C:\PROGRA~3\Malwarebytes
2010-10-27 16:11:41 961024 ----a-w- C:\Windows\System32\CPFilters.dll
2010-10-27 16:11:41 641536 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2010-10-27 16:11:41 552960 ----a-w- C:\Windows\System32\msdri.dll
2010-10-27 16:11:41 288256 ----a-w- C:\Windows\System32\MSNP.ax
2010-10-27 16:11:41 258560 ----a-w- C:\Windows\System32\mpg2splt.ax
2010-10-27 16:11:41 204288 ----a-w- C:\Windows\SysWow64\MSNP.ax
2010-10-27 16:11:41 199680 ----a-w- C:\Windows\SysWow64\mpg2splt.ax
2010-10-27 16:11:36 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2010-10-24 08:37:43 -------- d-----w- C:\Windows\System32\appmgmt

==================== Find3M ====================

2010-10-19 20:51:33 270720 ------w- C:\Windows\System32\MpSigStub.exe
2010-09-23 05:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2010-09-21 19:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL
2010-09-21 19:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL
2010-09-15 10:50:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2010-09-08 16:17:46 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2010-09-08 16:17:46 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll
2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-09-08 04:30:04 978432 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec
2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-09-01 02:58:34 3123712 ----a-w- C:\Windows\System32\win32k.sys
2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2010-08-27 06:14:02 236032 ----a-w- C:\Windows\System32\srvsvc.dll
2010-08-27 05:46:48 9728 ----a-w- C:\Windows\SysWow64\sscore.dll
2010-08-27 03:38:04 463360 ----a-w- C:\Windows\System32\drivers\srv.sys
2010-08-27 03:37:48 402944 ----a-w- C:\Windows\System32\drivers\srv2.sys
2010-08-27 03:37:26 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2010-08-26 05:27:28 148992 ----a-w- C:\Windows\System32\t2embed.dll
2010-08-26 04:39:58 109056 ----a-w- C:\Windows\SysWow64\t2embed.dll

============= FINISH: 23:19:37.43 ===============

Attach:

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-10.01)

Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 12/18/2009 4:55:44 AM
System Uptime: 11/20/2010 11:17:26 PM (0 hours ago)

Motherboard: Gigabyte Technology Co., Ltd. | | EP45-UD3L
Processor: Intel(R) Core(TM)2 Quad CPU Q9400 @ 2.66GHz | Socket 775 | 3600/450mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 931 GiB total, 410.068 GiB free.
D: is FIXED (NTFS) - 71 GiB total, 30.042 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: sptd
Device ID: ROOT\LEGACY_SPTD\0000
Manufacturer:
Name: sptd
PNP Device ID: ROOT\LEGACY_SPTD\0000
Service: sptd

==== System Restore Points ===================

RP311: 11/18/2010 10:29:13 AM - Windows Update
RP312: 11/20/2010 8:44:49 PM - Windows Update
RP313: 11/20/2010 11:06:53 PM - Removed Microsoft Visual C++ 2005 Redistributable
RP314: 11/20/2010 11:07:52 PM - Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP315: 11/20/2010 11:08:30 PM - Removed Skype Toolbars

==== Installed Programs ======================

µTorrent
Acrobat.com
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
AIM 7
Alien Swarm
Amazon MP3 Downloader 1.0.10
Apple Application Support
Apple Software Update
ATI Catalyst Registration
Audiosurf
AutoREALM Version 2.2
Bandisoft MPEG-1 Decoder
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
ccc-core-static
CCC Help English
Cosplay Fetish Academy v1.2
D3DX10
DAEMON Tools Toolbar
Dropbox
ENVISION V-CAM
Extension Renamer
Family Project v1.0
Google Talk (remove only)
IrfanView (remove only)
Java Auto Updater
Java(TM) 6 Update 22
K-Lite Codec Pack 5.7.0 (Full)
Killing Floor
Killing Floor Mod: Defence Alliance 2
League of Legends
Malwarebytes' Anti-Malware
McAfee Security Scan
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Mozilla Firefox (3.6.12)
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NVIDIA PhysX
OpenOffice.org 3.1
Pando Media Booster
PC Connectivity Solution
Portal
QuickTime
Samsung New PC Studio
Samsung PC Studio 3 USB Driver Installer
SamsungConnectivityCableDriver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Skype™ 4.2
SpeedFan (remove only)
Starcraft
Steam
System Requirements Lab
Team Fortress 2
The Lord of the Rings FREE Trial
Turbine Download Manager
Vindictus
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
Vivicorp Translator
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Player Firefox Plugin
World of Warcraft

==== Event Viewer Messages From Past Week ========

11/20/2010 8:34:40 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004
11/20/2010 8:34:32 PM, Error: Service Control Manager [7000] - The BuddyVM service failed to start due to the following error: The system cannot find the path specified.
11/20/2010 8:34:28 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the dleaCATSCustConnectService service to connect.
11/20/2010 8:34:28 PM, Error: Service Control Manager [7000] - The dleaCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/20/2010 12:52:29 AM, Error: bowser [8003] - The master browser has received a server announcement from the computer KATIE-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D24D0100-908C-42F1-81C1-43793060815E}. The master browser is stopping or an election is being forced.
11/20/2010 11:18:13 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
11/20/2010 11:18:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/20/2010 11:18:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/20/2010 11:18:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
11/20/2010 11:18:12 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
11/20/2010 11:18:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/20/2010 11:18:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/20/2010 11:17:58 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache MpFilter NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx Wanarpv6 WfpLwf
11/20/2010 11:17:58 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/20/2010 11:17:58 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/20/2010 11:17:58 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
11/20/2010 11:17:58 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/20/2010 11:17:58 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/20/2010 11:17:58 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
11/20/2010 11:17:58 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/20/2010 11:17:58 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/20/2010 11:17:58 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/20/2010 11:17:58 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/20/2010 11:17:30 PM, Error: sptd [4] - Driver detected an internal error in its data structures for .
11/19/2010 10:53:33 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer ALEX-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{D24D0100-908C-42F1-81C1-43793060815E}. The master browser is stopping or an election is being forced.
11/17/2010 5:40:08 PM, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 129.116.39.125. The computer with the IP address 129.116.39.57 did not allow the name to be claimed by this computer.
11/14/2010 8:25:26 AM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Java/Mesdeh.D&threatid=2147639994 User: NT AUTHORITY\NETWORK SERVICE Name: Trojan:Java/Mesdeh.D ID: 2147639994 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.93.1877.0, AS: 1.93.1877.0 Engine Version: 1.1.6301.0
11/14/2010 8:25:26 AM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Java/Mesdeh.C&threatid=2147639996 User: NT AUTHORITY\NETWORK SERVICE Name: Trojan:Java/Mesdeh.C ID: 2147639996 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.93.1877.0, AS: 1.93.1877.0 Engine Version: 1.1.6301.0
11/14/2010 8:25:26 AM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Java/Mesdeh.B&threatid=2147639995 User: NT AUTHORITY\NETWORK SERVICE Name: Trojan:Java/Mesdeh.B ID: 2147639995 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.93.1877.0, AS: 1.93.1877.0 Engine Version: 1.1.6301.0
11/14/2010 8:25:26 AM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Java/Mesdeh.A&threatid=2147639993 User: NT AUTHORITY\NETWORK SERVICE Name: Trojan:Java/Mesdeh.A ID: 2147639993 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.93.1877.0, AS: 1.93.1877.0 Engine Version: 1.1.6301.0
11/14/2010 8:25:26 AM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following: http://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Java/Mesdeh&threatid=2147639997 User: NT AUTHORITY\NETWORK SERVICE Name: Trojan:Java/Mesdeh ID: 2147639997 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.93.1877.0, AS: 1.93.1877.0 Engine Version: 1.1.6301.0

==== End Of File ===========================

 

[Bobbye]

Here's what I need to know:
1. You are running in 32bit- correct?
2. How much RAM is installed?
3. If the system freezes and you reboot, does that restore function> until the next freeze?
4. Why did you run the scans in Safe Mode? Are you unable to run in Normal Mode?
5. Are you still using these:
LiveTurbineMessageService
Turbine Download Manager
Turbine Network Service

Here's what you need to do:
1. For the Java exploits: Open the Control Panel> Java> Temporary internet files> Settings> Delete all of the files> Exit Java.

if I open Task Manager immediately after, there's evidence of sudden spikes in CPU usage or memory usage, which I don't see any reason for

2. When you note a spike in the CPU, open the Task Manager and see what process is running high. You can also prepare the system for shutdown, but don't shut down. Instead, Open the Task Manager> double click twice on the frame above the CPU column.
The only processes you should see using CPU is> System> System Idle> taskmgr. These should add up to 100%. If you have another process using more than 2-5%, note it and identify it.
Note: Memory and CPU usage are completely different. You can have high memory usage with no CPU or high CPU without high memory use.
3. Disable Steam and uTorrent and see if that makes a difference.

Please run this scan:

Run Eset NOD32 Online AntiVirus scan HEREhttp://www.eset.eu/online-scanner

1. Tick the box next to YES, I accept the Terms of Use.
2. Click Start
3. When asked, allow the Active X control to install
4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
5. Click Start
6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
7. Click Scan
8. Wait for the scan to finish
9. Re-enable your Antivirus software.
10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.

 

[Auvic]

Hey there! Thanks for the speedy response.

1. I'm actually running in 64-bit - when I installed Windows 7, I figured "Why the hell not", and installed it as such. ...Is that an issue?
2. I've got 3 gigs of RAM.
3. When the system freezes, it just pauses things for 5-10 seconds, then things continue on as normal - I can run just fine before/after the freezes, if I give them time to go away. I'm just worried that the freezes are symptoms of something worse, and aren't the problem in and of themselves.
4. I don't use them, but when I tried to uninstall them originally, it couldn't get rid of all the files, and I'm not tech-savvy enough to have confidence in my ability to dig into the registry or whatever would be required to fully get rid of them.
5. I haven't logged into Steam for a while, so at the very most, there should be very little dedicated to simply keeping the application at the login screen - I'm prompted to log in when I turn on my computer, but I just close the window. Similarly, I've had uTorrent turned off, and it doesn't seem to change anything.

I didn't quite understand what you meant by

You can also prepare the system for shutdown, but don't shut down.

I can follow opening task manager and checking for the process that's using the highest CPU, but during the freezes, I can't alt-tab, or ctrl-alt-del to open task manager, so I can't check CPU at that time. If I open task manager immediately after, the amount of CPU that had been in use visibly declines in the next 2-3 seconds, to the point that processes seem more or less normal by the time I have task manager up and am looking for a rogue process.

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6211
# api_version=3.0.2
# EOSSerial=6928bc958e01d545bb24c055886f169b
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2010-11-21 05:13:08
# local_time=2010-11-21 11:13:08 (-0600, Central Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1024 16777215 100 0 772474 772474 0 0
# compatibility_mode=5891 16776893 100 100 0 19861278 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=646440
# found=4
# cleaned=0
# scan_time=6088
D:\Documents and Settings\Vincent Cheung\Desktop\Vincent\Sysfiles\WxBug.EXE Win32/Adware.WBug.A application 00000000000000000000000000000000 I
D:\WINDOWS\system32\blxqsnws.ini Win32/Adware.Virtumonde.NEO application 00000000000000000000000000000000 I
D:\WINDOWS\system32\tbvxsquc.ini Win32/Adware.Virtumonde.NEO application 00000000000000000000000000000000 I
D:\WINDOWS\system32\tywohrcj.ini Win32/Adware.Virtumonde.NEO application 00000000000000000000000000000000 I

 

[Bobbye]

How are you determining high CPU usage?

Let's move the Eset malware processes:

Please download OTMovit by Old Timer and save to your desktop.

• Double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  :Processes	
  
  :Services
  
  :Reg
  
  :Files  
  D:\Documents and Settings\Vincent Cheung\Desktop\Vincent\Sysfiles\WxBug.EXE 
  D:\WINDOWS\system32\blxqsnws.ini 
  D:\WINDOWS\system32\tbvxsquc.ini 
  D:\WINDOWS\system32\tywohrcj.ini 
  :Commands
  [purity]
  [emptytemp]
  [start explorer]
  [Reboot]

• Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
• Click the red Moveit! button.
• A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
• Close OTMoveIt3

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
========================================

I don't use them, but when I tried to uninstall them originally, it couldn't get rid of all the files,

Boot into Safe Mode

• Restart your computer and start pressing the F8 key on your keyboard.
• Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.

Run> type in services.msc> Find each of the following> Double click on each to open> Set Startup type to Disabled> Stop the Service:
LiveTurbineMessageService
Turbine Download Manager
Turbine Network Service

 

[Auvic]

Turned off the services, and ran the OTM:

Log:
All processes killed
========== PROCESSES ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
D:\Documents and Settings\Vincent Cheung\Desktop\Vincent\Sysfiles\WxBug.EXE moved successfully.
D:\WINDOWS\system32\blxqsnws.ini moved successfully.
D:\WINDOWS\system32\tbvxsquc.ini moved successfully.
D:\WINDOWS\system32\tywohrcj.ini moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

User: Vincent
->Temp folder emptied: 1010747 bytes
->Temporary Internet Files folder emptied: 11444641 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 101024772 bytes
->Flash cache emptied: 9958 bytes

User: Vincent Cheung

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 325178 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 109.00 mb


OTM by OldTimer - Version 3.1.17.2 log created on 11222010_125136

Files moved on Reboot...
C:\Users\Vincent\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

 

[Bobbye]

Sorry- I lost you! I'm still not getting enough information. You speak of freezes, but describe a 'delay of a a few seconds.'

While gaming, I notice that every so often, I'll have periods of time where my computer just sort of freezes for a good 5-10 seconds, before resuming what it was doing.

About time that the freezes happen, if I open Task Manager immediately after, there's evidence of sudden spikes in CPU usage or memory usage, which I don't see any reason for

To me, 5-10 seconds is a delay, not a freeze. As for "spikes in CPU usage or memory usage"- what do you consider a 'spike'?

And although you may not be aware of a reason, I would consider any auto-updates you allow, any file sharing you're doing. OTMoveIt shows. Total Files Cleaned = 109.00 mb That's a lot of files! What kind of maintenance schedule do you have: disc cleanup, defrag, error check> are these done regularly?

You had malware entries of Vundo/Virtumondo> that puts a lot of entries on a system.

Next time you get one of these "freezes" check the time on the computer clock and write it down. Then

Please download VEW and save it to your Desktop:

Setting up the program

Double-click VEW.exe to run.

• 
  Select log to query, select
• Application
• System
  
  Under Select type to list, select:
• Critical (Vista only)
• Error
  
  Click the radio button for Number of events
• Type 20 in the 1 to 20 box
• Then click the Run button.
• Notepad will open with the output log.
  
  Load the log
• In Notepad, click Edit> Select all
• Then press Edit > Copy
• Press Ctrl+V on your keyboard to paste the log to your next reply.

(Courtesy rev-Olie)

 

[Auvic]

Sorry about the wait! I didn't have access to my desktop for a few days, so I figured I might as well wait until I could take a look at it again.

I suppose that technically, it's just a 'delay for a few seconds', though I think I remember that when my computer froze in the past, it would do things like freeze the mouse in place, cause music to loop a short 1-2 second tidbit over and over, and things like that - things that happen as well during my 'short delays'. I suppose it's not a real 'freeze' in the 'oh god ctrl-alt-del failed, hard reboot now' sense, but it does seem to show similar..symptoms, I guess?
...Just for not nearly as long as a real freeze, since a real freeze would probably just last for forever.

I've been told that Windows 7 runs differently from XP, in that it attempts to allocate more memory and things than I'm used to seeing, so maybe the 50 to 70-80% memory usage in the Task Manager isn't actually an issue at all.
As for CPU spikes, if I open task manager as soon as I can after one of the 'delays', I can see that it'll tell me CPU usage was at something far above the normal running CPU usage; I mean, ~10% CPU is what I tend to have even when games are running, I think. For whatever reason, though, by the time I hit 'show processes from all users', Task Manager refreshes - and by the time it comes back, the CPU usage has already dropped and I can't tell what was using the...CPU. ...Lots of CPU in that right there.

I've noticed these delays only really happen while I'm gaming, though it's not restricted to any one game or another, which is why I suspected it was something up with my computer, and not one of the game files.
Should I run VEW now, or try and run it as soon as I can after I get one of those freezes while gaming?

 

[Auvic]

Also: Attempts to run VEW just result in a "cannot find the c:\VEW.txt file. Do you want to create a new file?"

Whether I press yes or no, all I get is a blank notepad file.

 

[Bobbye]

IF you can't get VEW to run, try this:

run it as soon as I can after I get one of those freezes while gaming?

Start> Run> type in eventvwr

Do this on each the System and the Applications logs:
[1]. Click to open the log>
[2]. Look for the Error>
[3] .Double click on the Error ro open.
[4]. Click on Copy button, top right, below the down arrow >
[5]. Paste here (Ctrl V)
[6].NOTES

• You can ignore Warnings and Information Events.
• If you have a recurring Error with same ID#, same Source and same Description, only one copy is needed.
• You don't need to include the lines of code in the box below the Description, if any.
• Please do not copy the entire Event log.

Errors are time coded. Check the computer clock on freeze.

 

[Auvic]

Very unexpectedly, actually, I believe I found out what's wrong with my computer - recently, I've been getting messages that my hard drive is failing.

...As it is right now, I've managed to back up everything to a backup hard drive, and I'm awaiting the inevitable crash. So sorry to bother you with something that doesn't seem like much of a spyware/malware issue in the end, though!

 

[Bobbye]

How can you have a failing hard drive on Windows 7? Did you update to an older system? What kind of 'failing' messages are you getting?

C: is FIXED (NTFS) - 931 GiB total, 410.068 GiB free.
D: is FIXED (NTFS) - 71 GiB total, 30.042 GiB free.

 

[Auvic]

I would answer the question if I could, but...I'm not quite tech-savvy enough to understand what's going on.

Windows is, however, screaming at me periodically that my hard drive has experienced some sort of failure, and that I need to make a back up. And by periodically, I mean every 30 minutes or so.
I got SeaTools to check the drive, and it proceeded to fail the SMART check, and both the short and long DST(?) checks.

..Granted, I have no idea what's actually going on, but from anything that I can guess, I think my hard drive is just flat out dying on me.

 

[Auvic]

Ah. Specifically, it's telling me "Windows has detected a hard disk problem".

 

[Bobbye]

Well, I guess you wanted to get my attention!!

According to this, failure of the short test means the hard drive is going to fail momentarily:
http://www.sevenforums.com/hardware-devices/63089-windows-has-detected-hard-disk-problem.html

I am not a hardware person, nor am I familiar with test for failing drives. But I did check Windows 7 forums and the consensus was:
Try running the Chkdsk first: You''ll find a good walkthru with screen shots in this Windows 7 Forum:

When you get this screen:

I suggest you check both of the boxes: Fix Errors and Scan for recovery. You will then get a message that you can close, then reboot for the checking to start.

Depending on how bad the problem is, this may or may not help, but it won't hurt. You can always follow up with the reformat/reinstall and then repeat the Chkdsk.

I guess it's good to know that Window 7 has a "Smart" process to advise of this. I don't know any details of your system, but if this was my problem, I'd want to know what caused a failure in a relatively new hard drive- unless your is not new!

 

[Bobbye]

Closing thread due to inactivity. If problem continues, please send me a PM with thread URL and request to reopen.