laptop Internet going where I did not click

View previous topic View next topic Go down

laptop Internet going where I did not click

Post by utopiancouple on Thu May 28, 2009 12:54 am

We received mega help with our desktop; thank you, now we need help with our laptop that is starting to display all the problems that the desktop was=but not as bad YET! So please help with problems of browser going to places we did not click, clock will not keep correct time=changes to military time, AVG detects trojan horse exploit_c.ahl, [win32/cryptor but is able to take it out so far], laptop is running slower, IE opens 2 tabs instead of one when opening it (I installed Firefox today and am useing it now), also laptop gets very hot! Thank you for all your help so very much.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:38:31, on 5/27/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18226)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Windows\ehome\ehtray.exe
C:\Utopia\Angel\Angel.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Owner\Downloads\hijackgpthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Gateway\traybar.exe"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKLM\..\RunOnce: [Uninstall getPlus(R) for Adobe] "C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1noarp
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Utopia Angel] "C:\Utopia\Angel\Angel.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Users\Owner\Desktop\Security\SUPERAntiSpyware\6d51c272-9042-4df6-a793-abac237b33e2.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Citrix XenApp.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - [You must be registered and logged in to see this link.]
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O15 - Trusted Zone: [You must be registered and logged in to see this link.]
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - [You must be registered and logged in to see this link.]
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {EC0403E0-9158-4CF8-A2B6-3C62C3B9B6B7} (CCAOControl Object) - [You must be registered and logged in to see this link.]
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe

--
End of file - 9189 bytes

utopiancouple
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
OS OS : Vista
Points Points : 27565
# Likes # Likes : 0

View user profile

Back to top Go down

Re: laptop Internet going where I did not click

Post by Belahzur on Fri May 29, 2009 10:57 am

Hello.
Please disable Ad-Watch, as it may hinder the removal of some HijackThis entries. You can re-enable it after your computer is clean. Please see here for instructions on how to disable it:

1. Right-click on the Ad-Watch icon in the system tray (located down by the system clock for most configurations)
2. Choose *Settings* from the dropdown menu
3. Under the *General Settings* tab turn OFF (red x) the option to "Load Ad-Watch at Startup" (if enabled)

4. Click on the *Status* button in the left hand menu
5. Turn OFF (red x) the option for *Regshield*
6. Close that window, then right-click on the Ad-Watch icon shield again down in the system tray next to the clock.
7. Choose *Turn off Ad-Watch* from the drop menu

  • Open HijackThis
  • Choose "Do a system scan only"
  • Check the boxes in front of these lines:


    O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O15 - Trusted Zone: [You must be registered and logged in to see this link.]


  • Press "Fix Checked"
  • Close Hijack This.

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

  • See [You must be registered and logged in to see this link.] for how to disable your AV. (AVG8)
  • Double click on ComboFix.exe.
  • Follow the prompts. NOTE:
  • Allow combofix to run
  • Post C:\combofix.txt back here.

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Ok I ran Combo-Fix

Post by utopiancouple on Fri May 29, 2009 6:33 pm

ComboFix 09-05-29.01 - Owner 05/29/2009 5:23.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3070.1869 [GMT -5:00]
Running from: c:\users\Owner\Desktop\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: MalwareRemovalBot *disabled* (Updated) {1C903D86-9D58-4622-BD6C-FCF502C03615}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\Autorun.inf
D:\Desktop.ini

.
((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-29 )))))))))))))))))))))))))))))))
.

2009-05-27 16:16 . 2009-05-27 16:16 -------- d-----w c:\program files\Sun
2009-05-27 16:16 . 2009-05-27 16:15 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-27 16:14 . 2009-05-27 16:15 -------- d-----w c:\program files\Java
2009-05-27 16:12 . 2009-05-27 16:12 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-05-27 15:57 . 2009-05-28 04:26 -------- d-----w c:\progra~2\NOS
2009-05-27 15:57 . 2009-05-28 04:26 -------- d-----w c:\program files\NOS
2009-05-27 15:46 . 2009-05-27 15:48 -------- d-----w c:\users\Owner\.SunDownloadManager
2009-05-27 15:14 . 2009-05-27 15:14 -------- d-----w c:\users\Owner\AppData\Local\Mozilla
2009-05-26 18:09 . 2009-05-26 18:10 -------- d-----w c:\program files\The Enchanting Islands
2009-05-26 16:36 . 2009-05-26 16:36 -------- d-----w c:\users\Owner\AppData\Local\Slapdash Games
2009-05-26 16:36 . 2009-05-26 16:36 -------- d-----w c:\progra~2\Slapdash Games
2009-05-26 16:32 . 2009-05-26 16:33 -------- d-----w c:\program files\Yard Sale Hidden Treasures - Lucky Junction
2009-05-26 09:33 . 2008-06-19 22:24 28544 ----a-w c:\windows\system32\drivers\pavboot.sys
2009-05-26 09:33 . 2009-05-26 09:33 -------- d-----w c:\program files\Panda Security
2009-05-25 02:06 . 2009-05-24 23:47 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-05-25 01:15 . 2008-06-20 01:14 97800 ----a-w c:\windows\system32\infocardapi.dll
2009-05-25 01:15 . 2008-06-20 01:14 105016 ----a-w c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-05-25 01:15 . 2008-06-20 01:14 43544 ----a-w c:\windows\system32\PresentationHostProxy.dll
2009-05-25 01:15 . 2008-06-20 01:14 11264 ----a-w c:\windows\system32\icardres.dll
2009-05-25 01:15 . 2008-06-20 01:14 622080 ----a-w c:\windows\system32\icardagt.exe
2009-05-25 01:15 . 2008-06-20 01:14 781344 ----a-w c:\windows\system32\PresentationNative_v0300.dll
2009-05-25 01:15 . 2008-06-20 01:14 326160 ----a-w c:\windows\system32\PresentationHost.exe
2009-05-25 01:05 . 2008-07-27 18:03 96760 ----a-w c:\windows\system32\dfshim.dll
2009-05-25 01:05 . 2008-07-27 18:03 282112 ----a-w c:\windows\system32\mscoree.dll
2009-05-25 01:05 . 2008-07-27 18:03 41984 ----a-w c:\windows\system32\netfxperf.dll
2009-05-25 01:04 . 2008-07-27 18:03 158720 ----a-w c:\windows\system32\mscorier.dll
2009-05-25 01:04 . 2008-07-27 18:03 83968 ----a-w c:\windows\system32\mscories.dll
2009-05-25 00:15 . 2009-05-25 00:15 -------- d-----w c:\program files\FileASSASSIN
2009-05-24 23:47 . 2009-05-24 23:47 -------- dc----w c:\windows\system32\DRVSTORE
2009-05-24 23:47 . 2009-05-24 23:47 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-05-24 23:29 . 2009-05-24 23:29 -------- dc-h--w c:\progra~2\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-24 23:29 . 2009-05-27 14:44 -------- d-----w c:\users\Owner\AppData\Roaming\MailWasherFree
2009-05-24 23:29 . 2009-05-24 23:29 -------- d-----w c:\program files\FireTrust
2009-05-24 20:11 . 2007-10-23 14:27 110592 ----a-w c:\users\Owner\AppData\Roaming\U3\temp\cleanup.exe
2009-05-24 20:09 . 2009-05-28 12:20 117760 ----a-w c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-05-24 20:09 . 2009-05-24 20:09 -------- d-----w c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2009-05-24 20:09 . 2009-05-24 20:09 -------- d-----w c:\progra~2\SUPERAntiSpyware.com
2009-05-24 20:05 . 2009-05-28 11:59 -------- d-----w c:\program files\SpywareBlaster
2009-05-24 20:04 . 2007-10-23 14:22 3350528 ---ha-w c:\users\Owner\AppData\Roaming\U3\temp\Launchpad Removal.exe
2009-05-24 20:04 . 2009-05-24 22:34 -------- d-----w c:\users\Owner\AppData\Roaming\U3
2009-05-23 06:19 . 2009-05-23 06:19 -------- d-----w c:\users\Owner\AppData\Roaming\Malwarebytes
2009-05-23 06:19 . 2009-04-06 20:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-23 06:18 . 2009-04-06 20:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-23 06:18 . 2009-05-23 06:19 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-23 06:18 . 2009-05-23 06:18 -------- d-----w c:\progra~2\Malwarebytes
2009-05-22 20:57 . 2009-05-28 12:23 -------- d-----w c:\progra~2\Spybot - Search & Destroy
2009-05-22 20:57 . 2009-05-24 23:58 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-05-22 20:35 . 2009-05-22 20:35 -------- d-----w c:\progra~2\Fashion Finder
2009-05-22 20:32 . 2009-05-22 20:32 -------- d-----w c:\program files\Fashion Finder - Secrets of Fashion NYC Edition
2009-05-18 03:56 . 2009-05-18 03:56 14846 ----a-r c:\users\Owner\AppData\Roaming\Microsoft\Installer\{329A3C81-7884-4A64-B8F6-078795C31506}\EPA_Icon.914326BE_BDF9_4068_A4AF_AF1B75093799.exe
2009-05-18 03:56 . 2009-05-18 03:56 -------- d-----w c:\users\Owner\AppData\Roaming\Netscape
2009-05-17 14:56 . 2009-05-17 14:56 -------- d-----w c:\users\Owner\AppData\Local\GestaltGames
2009-05-12 23:39 . 2009-05-12 23:39 -------- d-----w c:\program files\Virtual Families
2009-05-10 13:51 . 2009-05-10 13:51 -------- d-----w c:\users\Owner\AppData\Roaming\Enchanted Katya
2009-05-10 02:24 . 2009-05-10 02:24 -------- d-----w c:\progra~2\AdventureChronicles1
2009-05-09 13:36 . 2009-05-09 13:38 -------- d-----w c:\users\Owner\AppData\Roaming\Bigfish 3 Days Zoo Mystery
2009-05-02 14:27 . 2009-05-02 14:27 -------- d-----w c:\program files\Westward III

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-28 15:54 . 2007-12-14 08:57 12 ----a-w c:\windows\bthservsdp.dat
2009-05-27 17:19 . 2008-03-22 13:04 27839 ----a-w c:\users\Owner\AppData\Roaming\nvModes.dat
2009-05-27 16:12 . 2008-04-05 14:14 -------- d-----w c:\program files\Common Files\Adobe
2009-05-26 16:20 . 2008-09-10 23:27 -------- d-----w c:\program files\bfgclient
2009-05-26 15:16 . 2008-06-06 02:12 -------- d-----w c:\progra~2\Fugazo
2009-05-25 02:06 . 2008-09-17 00:33 -------- d-----w c:\program files\Cake Mania 3
2009-05-24 23:29 . 2008-05-11 20:51 -------- d-----w c:\program files\Lavasoft
2009-05-24 22:14 . 2008-10-03 02:47 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-05-24 21:58 . 2008-11-10 06:59 -------- d-----w c:\program files\Windows Live Toolbar
2009-05-23 03:10 . 2009-01-26 22:55 -------- d-----w c:\program files\Citrix
2009-05-23 03:09 . 2008-12-28 17:20 -------- d-----w c:\program files\RealArcade
2009-05-18 03:56 . 2009-01-31 09:06 -------- d-----w c:\users\Owner\AppData\Roaming\Citrix
2009-05-13 03:50 . 2007-12-14 09:31 -------- d-----w c:\progra~2\Microsoft Help
2009-05-13 03:45 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-05-08 23:48 . 2008-12-28 18:50 -------- d-----w c:\progra~2\GameHouse
2009-05-02 21:50 . 2009-01-30 23:15 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-05-02 21:50 . 2008-05-11 19:04 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-05-02 21:50 . 2008-05-11 19:04 27784 ----a-w c:\windows\system32\drivers\avgmfx86.sys
2009-05-02 21:50 . 2008-05-11 19:04 11952 ----a-w c:\windows\system32\avgrsstx.dll
2009-05-02 21:50 . 2008-05-11 19:04 -------- d-----w c:\progra~2\avg8
2009-04-25 02:52 . 2009-04-23 00:16 -------- d-----w c:\users\Owner\AppData\Roaming\Ventrilo
2009-04-23 00:15 . 2009-04-23 00:15 -------- d-----w c:\program files\Ventrilo
2009-04-21 23:32 . 2008-05-23 23:21 -------- d-----w c:\progra~2\PlayFirst
2009-04-21 23:32 . 2008-04-08 13:18 -------- d-----w c:\users\Owner\AppData\Roaming\PlayFirst
2009-04-21 13:33 . 2008-05-28 17:10 -------- d-----w c:\program files\EA GAMES
2009-04-19 14:03 . 2009-04-19 14:03 -------- d-----w c:\users\Owner\AppData\Roaming\TikGames
2009-04-19 14:03 . 2009-04-19 14:03 -------- d-----w c:\progra~2\TikGames
2009-04-14 02:54 . 2009-04-14 00:50 -------- d-----w c:\users\Owner\AppData\Roaming\Be a King
2009-04-14 00:31 . 2009-04-14 00:30 -------- d-----w c:\program files\Be a King
2009-04-07 01:34 . 2009-04-07 01:34 -------- d-----w c:\users\Owner\AppData\Roaming\ShinyTales
2009-04-07 00:55 . 2009-04-07 00:55 -------- d-----w c:\program files\Wonderburg
2009-04-06 23:33 . 2009-04-06 23:33 -------- d-----w c:\users\Owner\AppData\Roaming\Shape games
2009-04-06 23:32 . 2009-04-06 23:32 -------- d-----w c:\program files\Success Story
2009-03-21 22:18 . 2009-01-16 23:14 130424 ----a-w c:\windows\system32\drivers\PCTCore.sys
2009-03-17 03:38 . 2009-04-14 22:49 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-14 22:49 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-03 04:46 . 2009-04-14 22:49 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-14 22:49 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:40 . 2009-04-14 22:49 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:39 . 2009-04-14 22:49 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-14 22:49 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-14 22:49 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-14 22:49 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 04:37 . 2009-04-14 22:49 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-14 22:49 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-14 22:49 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-14 22:49 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-14 22:49 17408 ----a-w c:\windows\system32\iashost.exe
2009-03-03 02:28 . 2009-04-14 22:49 26624 ----a-w c:\windows\system32\ieUnatt.exe
.

utopiancouple
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
OS OS : Vista
Points Points : 27565
# Likes # Likes : 0

View user profile

Back to top Go down

2nd half of Combo-Fix

Post by utopiancouple on Fri May 29, 2009 6:34 pm

ComboFix 09-05-29.01 - Owner 05/29/2009 5:23.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3070.1869 [GMT -5:00]
Running from: c:\users\Owner\Desktop\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: MalwareRemovalBot *disabled* (Updated) {1C903D86-9D58-4622-BD6C-FCF502C03615}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\Autorun.inf
D:\Desktop.ini

.
((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-29 )))))))))))))))))))))))))))))))
.

2009-05-27 16:16 . 2009-05-27 16:16 -------- d-----w c:\program files\Sun
2009-05-27 16:16 . 2009-05-27 16:15 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-27 16:14 . 2009-05-27 16:15 -------- d-----w c:\program files\Java
2009-05-27 16:12 . 2009-05-27 16:12 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-05-27 15:57 . 2009-05-28 04:26 -------- d-----w c:\progra~2\NOS
2009-05-27 15:57 . 2009-05-28 04:26 -------- d-----w c:\program files\NOS
2009-05-27 15:46 . 2009-05-27 15:48 -------- d-----w c:\users\Owner\.SunDownloadManager
2009-05-27 15:14 . 2009-05-27 15:14 -------- d-----w c:\users\Owner\AppData\Local\Mozilla
2009-05-26 18:09 . 2009-05-26 18:10 -------- d-----w c:\program files\The Enchanting Islands
2009-05-26 16:36 . 2009-05-26 16:36 -------- d-----w c:\users\Owner\AppData\Local\Slapdash Games
2009-05-26 16:36 . 2009-05-26 16:36 -------- d-----w c:\progra~2\Slapdash Games
2009-05-26 16:32 . 2009-05-26 16:33 -------- d-----w c:\program files\Yard Sale Hidden Treasures - Lucky Junction
2009-05-26 09:33 . 2008-06-19 22:24 28544 ----a-w c:\windows\system32\drivers\pavboot.sys
2009-05-26 09:33 . 2009-05-26 09:33 -------- d-----w c:\program files\Panda Security
2009-05-25 02:06 . 2009-05-24 23:47 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-05-25 01:15 . 2008-06-20 01:14 97800 ----a-w c:\windows\system32\infocardapi.dll
2009-05-25 01:15 . 2008-06-20 01:14 105016 ----a-w c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-05-25 01:15 . 2008-06-20 01:14 43544 ----a-w c:\windows\system32\PresentationHostProxy.dll
2009-05-25 01:15 . 2008-06-20 01:14 11264 ----a-w c:\windows\system32\icardres.dll
2009-05-25 01:15 . 2008-06-20 01:14 622080 ----a-w c:\windows\system32\icardagt.exe
2009-05-25 01:15 . 2008-06-20 01:14 781344 ----a-w c:\windows\system32\PresentationNative_v0300.dll
2009-05-25 01:15 . 2008-06-20 01:14 326160 ----a-w c:\windows\system32\PresentationHost.exe
2009-05-25 01:05 . 2008-07-27 18:03 96760 ----a-w c:\windows\system32\dfshim.dll
2009-05-25 01:05 . 2008-07-27 18:03 282112 ----a-w c:\windows\system32\mscoree.dll
2009-05-25 01:05 . 2008-07-27 18:03 41984 ----a-w c:\windows\system32\netfxperf.dll
2009-05-25 01:04 . 2008-07-27 18:03 158720 ----a-w c:\windows\system32\mscorier.dll
2009-05-25 01:04 . 2008-07-27 18:03 83968 ----a-w c:\windows\system32\mscories.dll
2009-05-25 00:15 . 2009-05-25 00:15 -------- d-----w c:\program files\FileASSASSIN
2009-05-24 23:47 . 2009-05-24 23:47 -------- dc----w c:\windows\system32\DRVSTORE
2009-05-24 23:47 . 2009-05-24 23:47 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-05-24 23:29 . 2009-05-24 23:29 -------- dc-h--w c:\progra~2\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-24 23:29 . 2009-05-27 14:44 -------- d-----w c:\users\Owner\AppData\Roaming\MailWasherFree
2009-05-24 23:29 . 2009-05-24 23:29 -------- d-----w c:\program files\FireTrust
2009-05-24 20:11 . 2007-10-23 14:27 110592 ----a-w c:\users\Owner\AppData\Roaming\U3\temp\cleanup.exe
2009-05-24 20:09 . 2009-05-28 12:20 117760 ----a-w c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-05-24 20:09 . 2009-05-24 20:09 -------- d-----w c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2009-05-24 20:09 . 2009-05-24 20:09 -------- d-----w c:\progra~2\SUPERAntiSpyware.com
2009-05-24 20:05 . 2009-05-28 11:59 -------- d-----w c:\program files\SpywareBlaster
2009-05-24 20:04 . 2007-10-23 14:22 3350528 ---ha-w c:\users\Owner\AppData\Roaming\U3\temp\Launchpad Removal.exe
2009-05-24 20:04 . 2009-05-24 22:34 -------- d-----w c:\users\Owner\AppData\Roaming\U3
2009-05-23 06:19 . 2009-05-23 06:19 -------- d-----w c:\users\Owner\AppData\Roaming\Malwarebytes
2009-05-23 06:19 . 2009-04-06 20:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-23 06:18 . 2009-04-06 20:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-23 06:18 . 2009-05-23 06:19 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-23 06:18 . 2009-05-23 06:18 -------- d-----w c:\progra~2\Malwarebytes
2009-05-22 20:57 . 2009-05-28 12:23 -------- d-----w c:\progra~2\Spybot - Search & Destroy
2009-05-22 20:57 . 2009-05-24 23:58 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-05-22 20:35 . 2009-05-22 20:35 -------- d-----w c:\progra~2\Fashion Finder
2009-05-22 20:32 . 2009-05-22 20:32 -------- d-----w c:\program files\Fashion Finder - Secrets of Fashion NYC Edition
2009-05-18 03:56 . 2009-05-18 03:56 14846 ----a-r c:\users\Owner\AppData\Roaming\Microsoft\Installer\{329A3C81-7884-4A64-B8F6-078795C31506}\EPA_Icon.914326BE_BDF9_4068_A4AF_AF1B75093799.exe
2009-05-18 03:56 . 2009-05-18 03:56 -------- d-----w c:\users\Owner\AppData\Roaming\Netscape
2009-05-17 14:56 . 2009-05-17 14:56 -------- d-----w c:\users\Owner\AppData\Local\GestaltGames
2009-05-12 23:39 . 2009-05-12 23:39 -------- d-----w c:\program files\Virtual Families
2009-05-10 13:51 . 2009-05-10 13:51 -------- d-----w c:\users\Owner\AppData\Roaming\Enchanted Katya
2009-05-10 02:24 . 2009-05-10 02:24 -------- d-----w c:\progra~2\AdventureChronicles1
2009-05-09 13:36 . 2009-05-09 13:38 -------- d-----w c:\users\Owner\AppData\Roaming\Bigfish 3 Days Zoo Mystery
2009-05-02 14:27 . 2009-05-02 14:27 -------- d-----w c:\program files\Westward III

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-28 15:54 . 2007-12-14 08:57 12 ----a-w c:\windows\bthservsdp.dat
2009-05-27 17:19 . 2008-03-22 13:04 27839 ----a-w c:\users\Owner\AppData\Roaming\nvModes.dat
2009-05-27 16:12 . 2008-04-05 14:14 -------- d-----w c:\program files\Common Files\Adobe
2009-05-26 16:20 . 2008-09-10 23:27 -------- d-----w c:\program files\bfgclient
2009-05-26 15:16 . 2008-06-06 02:12 -------- d-----w c:\progra~2\Fugazo
2009-05-25 02:06 . 2008-09-17 00:33 -------- d-----w c:\program files\Cake Mania 3
2009-05-24 23:29 . 2008-05-11 20:51 -------- d-----w c:\program files\Lavasoft
2009-05-24 22:14 . 2008-10-03 02:47 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-05-24 21:58 . 2008-11-10 06:59 -------- d-----w c:\program files\Windows Live Toolbar
2009-05-23 03:10 . 2009-01-26 22:55 -------- d-----w c:\program files\Citrix
2009-05-23 03:09 . 2008-12-28 17:20 -------- d-----w c:\program files\RealArcade
2009-05-18 03:56 . 2009-01-31 09:06 -------- d-----w c:\users\Owner\AppData\Roaming\Citrix
2009-05-13 03:50 . 2007-12-14 09:31 -------- d-----w c:\progra~2\Microsoft Help
2009-05-13 03:45 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-05-08 23:48 . 2008-12-28 18:50 -------- d-----w c:\progra~2\GameHouse
2009-05-02 21:50 . 2009-01-30 23:15 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-05-02 21:50 . 2008-05-11 19:04 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-05-02 21:50 . 2008-05-11 19:04 27784 ----a-w c:\windows\system32\drivers\avgmfx86.sys
2009-05-02 21:50 . 2008-05-11 19:04 11952 ----a-w c:\windows\system32\avgrsstx.dll
2009-05-02 21:50 . 2008-05-11 19:04 -------- d-----w c:\progra~2\avg8
2009-04-25 02:52 . 2009-04-23 00:16 -------- d-----w c:\users\Owner\AppData\Roaming\Ventrilo
2009-04-23 00:15 . 2009-04-23 00:15 -------- d-----w c:\program files\Ventrilo
2009-04-21 23:32 . 2008-05-23 23:21 -------- d-----w c:\progra~2\PlayFirst
2009-04-21 23:32 . 2008-04-08 13:18 -------- d-----w c:\users\Owner\AppData\Roaming\PlayFirst
2009-04-21 13:33 . 2008-05-28 17:10 -------- d-----w c:\program files\EA GAMES
2009-04-19 14:03 . 2009-04-19 14:03 -------- d-----w c:\users\Owner\AppData\Roaming\TikGames
2009-04-19 14:03 . 2009-04-19 14:03 -------- d-----w c:\progra~2\TikGames
2009-04-14 02:54 . 2009-04-14 00:50 -------- d-----w c:\users\Owner\AppData\Roaming\Be a King
2009-04-14 00:31 . 2009-04-14 00:30 -------- d-----w c:\program files\Be a King
2009-04-07 01:34 . 2009-04-07 01:34 -------- d-----w c:\users\Owner\AppData\Roaming\ShinyTales
2009-04-07 00:55 . 2009-04-07 00:55 -------- d-----w c:\program files\Wonderburg
2009-04-06 23:33 . 2009-04-06 23:33 -------- d-----w c:\users\Owner\AppData\Roaming\Shape games
2009-04-06 23:32 . 2009-04-06 23:32 -------- d-----w c:\program files\Success Story
2009-03-21 22:18 . 2009-01-16 23:14 130424 ----a-w c:\windows\system32\drivers\PCTCore.sys
2009-03-17 03:38 . 2009-04-14 22:49 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-14 22:49 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-03 04:46 . 2009-04-14 22:49 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-14 22:49 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:40 . 2009-04-14 22:49 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:39 . 2009-04-14 22:49 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-14 22:49 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-14 22:49 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-14 22:49 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 04:37 . 2009-04-14 22:49 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-14 22:49 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-14 22:49 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-14 22:49 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-14 22:49 17408 ----a-w c:\windows\system32\iashost.exe
2009-03-03 02:28 . 2009-04-14 22:49 26624 ----a-w c:\windows\system32\ieUnatt.exe
.

utopiancouple
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
OS OS : Vista
Points Points : 27565
# Likes # Likes : 0

View user profile

Back to top Go down

Re: laptop Internet going where I did not click

Post by Belahzur on Fri May 29, 2009 8:19 pm

Can you post the rest of the log please? Smile


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

combo fix reposting log 1st page

Post by utopiancouple on Fri May 29, 2009 8:27 pm

ComboFix 09-05-29.01 - Owner 05/29/2009 5:23.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3070.1869 [GMT -5:00]
Running from: c:\users\Owner\Desktop\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: MalwareRemovalBot *disabled* (Updated) {1C903D86-9D58-4622-BD6C-FCF502C03615}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\Autorun.inf
D:\Desktop.ini

.
((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-29 )))))))))))))))))))))))))))))))
.

2009-05-27 16:16 . 2009-05-27 16:16 -------- d-----w c:\program files\Sun
2009-05-27 16:16 . 2009-05-27 16:15 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-27 16:14 . 2009-05-27 16:15 -------- d-----w c:\program files\Java
2009-05-27 16:12 . 2009-05-27 16:12 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-05-27 15:57 . 2009-05-28 04:26 -------- d-----w c:\progra~2\NOS
2009-05-27 15:57 . 2009-05-28 04:26 -------- d-----w c:\program files\NOS
2009-05-27 15:46 . 2009-05-27 15:48 -------- d-----w c:\users\Owner\.SunDownloadManager
2009-05-27 15:14 . 2009-05-27 15:14 -------- d-----w c:\users\Owner\AppData\Local\Mozilla
2009-05-26 18:09 . 2009-05-26 18:10 -------- d-----w c:\program files\The Enchanting Islands
2009-05-26 16:36 . 2009-05-26 16:36 -------- d-----w c:\users\Owner\AppData\Local\Slapdash Games
2009-05-26 16:36 . 2009-05-26 16:36 -------- d-----w c:\progra~2\Slapdash Games
2009-05-26 16:32 . 2009-05-26 16:33 -------- d-----w c:\program files\Yard Sale Hidden Treasures - Lucky Junction
2009-05-26 09:33 . 2008-06-19 22:24 28544 ----a-w c:\windows\system32\drivers\pavboot.sys
2009-05-26 09:33 . 2009-05-26 09:33 -------- d-----w c:\program files\Panda Security
2009-05-25 02:06 . 2009-05-24 23:47 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-05-25 01:15 . 2008-06-20 01:14 97800 ----a-w c:\windows\system32\infocardapi.dll
2009-05-25 01:15 . 2008-06-20 01:14 105016 ----a-w c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-05-25 01:15 . 2008-06-20 01:14 43544 ----a-w c:\windows\system32\PresentationHostProxy.dll
2009-05-25 01:15 . 2008-06-20 01:14 11264 ----a-w c:\windows\system32\icardres.dll
2009-05-25 01:15 . 2008-06-20 01:14 622080 ----a-w c:\windows\system32\icardagt.exe
2009-05-25 01:15 . 2008-06-20 01:14 781344 ----a-w c:\windows\system32\PresentationNative_v0300.dll
2009-05-25 01:15 . 2008-06-20 01:14 326160 ----a-w c:\windows\system32\PresentationHost.exe
2009-05-25 01:05 . 2008-07-27 18:03 96760 ----a-w c:\windows\system32\dfshim.dll
2009-05-25 01:05 . 2008-07-27 18:03 282112 ----a-w c:\windows\system32\mscoree.dll
2009-05-25 01:05 . 2008-07-27 18:03 41984 ----a-w c:\windows\system32\netfxperf.dll
2009-05-25 01:04 . 2008-07-27 18:03 158720 ----a-w c:\windows\system32\mscorier.dll
2009-05-25 01:04 . 2008-07-27 18:03 83968 ----a-w c:\windows\system32\mscories.dll
2009-05-25 00:15 . 2009-05-25 00:15 -------- d-----w c:\program files\FileASSASSIN
2009-05-24 23:47 . 2009-05-24 23:47 -------- dc----w c:\windows\system32\DRVSTORE
2009-05-24 23:47 . 2009-05-24 23:47 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-05-24 23:29 . 2009-05-24 23:29 -------- dc-h--w c:\progra~2\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-24 23:29 . 2009-05-27 14:44 -------- d-----w c:\users\Owner\AppData\Roaming\MailWasherFree
2009-05-24 23:29 . 2009-05-24 23:29 -------- d-----w c:\program files\FireTrust
2009-05-24 20:11 . 2007-10-23 14:27 110592 ----a-w c:\users\Owner\AppData\Roaming\U3\temp\cleanup.exe
2009-05-24 20:09 . 2009-05-28 12:20 117760 ----a-w c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-05-24 20:09 . 2009-05-24 20:09 -------- d-----w c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2009-05-24 20:09 . 2009-05-24 20:09 -------- d-----w c:\progra~2\SUPERAntiSpyware.com
2009-05-24 20:05 . 2009-05-28 11:59 -------- d-----w c:\program files\SpywareBlaster
2009-05-24 20:04 . 2007-10-23 14:22 3350528 ---ha-w c:\users\Owner\AppData\Roaming\U3\temp\Launchpad Removal.exe
2009-05-24 20:04 . 2009-05-24 22:34 -------- d-----w c:\users\Owner\AppData\Roaming\U3
2009-05-23 06:19 . 2009-05-23 06:19 -------- d-----w c:\users\Owner\AppData\Roaming\Malwarebytes
2009-05-23 06:19 . 2009-04-06 20:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-23 06:18 . 2009-04-06 20:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-23 06:18 . 2009-05-23 06:19 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-23 06:18 . 2009-05-23 06:18 -------- d-----w c:\progra~2\Malwarebytes
2009-05-22 20:57 . 2009-05-28 12:23 -------- d-----w c:\progra~2\Spybot - Search & Destroy
2009-05-22 20:57 . 2009-05-24 23:58 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-05-22 20:35 . 2009-05-22 20:35 -------- d-----w c:\progra~2\Fashion Finder
2009-05-22 20:32 . 2009-05-22 20:32 -------- d-----w c:\program files\Fashion Finder - Secrets of Fashion NYC Edition
2009-05-18 03:56 . 2009-05-18 03:56 14846 ----a-r c:\users\Owner\AppData\Roaming\Microsoft\Installer\{329A3C81-7884-4A64-B8F6-078795C31506}\EPA_Icon.914326BE_BDF9_4068_A4AF_AF1B75093799.exe
2009-05-18 03:56 . 2009-05-18 03:56 -------- d-----w c:\users\Owner\AppData\Roaming\Netscape
2009-05-17 14:56 . 2009-05-17 14:56 -------- d-----w c:\users\Owner\AppData\Local\GestaltGames
2009-05-12 23:39 . 2009-05-12 23:39 -------- d-----w c:\program files\Virtual Families
2009-05-10 13:51 . 2009-05-10 13:51 -------- d-----w c:\users\Owner\AppData\Roaming\Enchanted Katya
2009-05-10 02:24 . 2009-05-10 02:24 -------- d-----w c:\progra~2\AdventureChronicles1
2009-05-09 13:36 . 2009-05-09 13:38 -------- d-----w c:\users\Owner\AppData\Roaming\Bigfish 3 Days Zoo Mystery
2009-05-02 14:27 . 2009-05-02 14:27 -------- d-----w c:\program files\Westward III

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-28 15:54 . 2007-12-14 08:57 12 ----a-w c:\windows\bthservsdp.dat
2009-05-27 17:19 . 2008-03-22 13:04 27839 ----a-w c:\users\Owner\AppData\Roaming\nvModes.dat
2009-05-27 16:12 . 2008-04-05 14:14 -------- d-----w c:\program files\Common Files\Adobe
2009-05-26 16:20 . 2008-09-10 23:27 -------- d-----w c:\program files\bfgclient
2009-05-26 15:16 . 2008-06-06 02:12 -------- d-----w c:\progra~2\Fugazo
2009-05-25 02:06 . 2008-09-17 00:33 -------- d-----w c:\program files\Cake Mania 3
2009-05-24 23:29 . 2008-05-11 20:51 -------- d-----w c:\program files\Lavasoft
2009-05-24 22:14 . 2008-10-03 02:47 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-05-24 21:58 . 2008-11-10 06:59 -------- d-----w c:\program files\Windows Live Toolbar
2009-05-23 03:10 . 2009-01-26 22:55 -------- d-----w c:\program files\Citrix
2009-05-23 03:09 . 2008-12-28 17:20 -------- d-----w c:\program files\RealArcade
2009-05-18 03:56 . 2009-01-31 09:06 -------- d-----w c:\users\Owner\AppData\Roaming\Citrix
2009-05-13 03:50 . 2007-12-14 09:31 -------- d-----w c:\progra~2\Microsoft Help
2009-05-13 03:45 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-05-08 23:48 . 2008-12-28 18:50 -------- d-----w c:\progra~2\GameHouse
2009-05-02 21:50 . 2009-01-30 23:15 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-05-02 21:50 . 2008-05-11 19:04 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-05-02 21:50 . 2008-05-11 19:04 27784 ----a-w c:\windows\system32\drivers\avgmfx86.sys
2009-05-02 21:50 . 2008-05-11 19:04 11952 ----a-w c:\windows\system32\avgrsstx.dll
2009-05-02 21:50 . 2008-05-11 19:04 -------- d-----w c:\progra~2\avg8
2009-04-25 02:52 . 2009-04-23 00:16 -------- d-----w c:\users\Owner\AppData\Roaming\Ventrilo
2009-04-23 00:15 . 2009-04-23 00:15 -------- d-----w c:\program files\Ventrilo
2009-04-21 23:32 . 2008-05-23 23:21 -------- d-----w c:\progra~2\PlayFirst
2009-04-21 23:32 . 2008-04-08 13:18 -------- d-----w c:\users\Owner\AppData\Roaming\PlayFirst
2009-04-21 13:33 . 2008-05-28 17:10 -------- d-----w c:\program files\EA GAMES
2009-04-19 14:03 . 2009-04-19 14:03 -------- d-----w c:\users\Owner\AppData\Roaming\TikGames
2009-04-19 14:03 . 2009-04-19 14:03 -------- d-----w c:\progra~2\TikGames
2009-04-14 02:54 . 2009-04-14 00:50 -------- d-----w c:\users\Owner\AppData\Roaming\Be a King
2009-04-14 00:31 . 2009-04-14 00:30 -------- d-----w c:\program files\Be a King
2009-04-07 01:34 . 2009-04-07 01:34 -------- d-----w c:\users\Owner\AppData\Roaming\ShinyTales
2009-04-07 00:55 . 2009-04-07 00:55 -------- d-----w c:\program files\Wonderburg
2009-04-06 23:33 . 2009-04-06 23:33 -------- d-----w c:\users\Owner\AppData\Roaming\Shape games
2009-04-06 23:32 . 2009-04-06 23:32 -------- d-----w c:\program files\Success Story
2009-03-21 22:18 . 2009-01-16 23:14 130424 ----a-w c:\windows\system32\drivers\PCTCore.sys
2009-03-17 03:38 . 2009-04-14 22:49 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-14 22:49 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-03 04:46 . 2009-04-14 22:49 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-14 22:49 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:40 . 2009-04-14 22:49 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:39 . 2009-04-14 22:49 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-14 22:49 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-14 22:49 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-14 22:49 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 04:37 . 2009-04-14 22:49 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-14 22:49 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-14 22:49 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-14 22:49 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-14 22:49 17408 ----a-w c:\windows\system32\iashost.exe
2009-03-03 02:28 . 2009-04-14 22:49 26624 ----a-w c:\windows\system32\ieUnatt.exe
.

ComboFix 09-05-29.01 - Owner 05/29/2009 5:23.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3070.1869 [GMT -5:00]
Running from: c:\users\Owner\Desktop\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: MalwareRemovalBot *disabled* (Updated) {1C903D86-9D58-4622-BD6C-FCF502C03615}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

utopiancouple
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
OS OS : Vista
Points Points : 27565
# Likes # Likes : 0

View user profile

Back to top Go down

combo fix reposting log 2nd page

Post by utopiancouple on Fri May 29, 2009 8:28 pm

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

D:\Autorun.inf
D:\Desktop.ini

.
((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-29 )))))))))))))))))))))))))))))))
.

2009-05-27 16:16 . 2009-05-27 16:16 -------- d-----w c:\program files\Sun
2009-05-27 16:16 . 2009-05-27 16:15 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-27 16:14 . 2009-05-27 16:15 -------- d-----w c:\program files\Java
2009-05-27 16:12 . 2009-05-27 16:12 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-05-27 15:57 . 2009-05-28 04:26 -------- d-----w c:\progra~2\NOS
2009-05-27 15:57 . 2009-05-28 04:26 -------- d-----w c:\program files\NOS
2009-05-27 15:46 . 2009-05-27 15:48 -------- d-----w c:\users\Owner\.SunDownloadManager
2009-05-27 15:14 . 2009-05-27 15:14 -------- d-----w c:\users\Owner\AppData\Local\Mozilla
2009-05-26 18:09 . 2009-05-26 18:10 -------- d-----w c:\program files\The Enchanting Islands
2009-05-26 16:36 . 2009-05-26 16:36 -------- d-----w c:\users\Owner\AppData\Local\Slapdash Games
2009-05-26 16:36 . 2009-05-26 16:36 -------- d-----w c:\progra~2\Slapdash Games
2009-05-26 16:32 . 2009-05-26 16:33 -------- d-----w c:\program files\Yard Sale Hidden Treasures - Lucky Junction
2009-05-26 09:33 . 2008-06-19 22:24 28544 ----a-w c:\windows\system32\drivers\pavboot.sys
2009-05-26 09:33 . 2009-05-26 09:33 -------- d-----w c:\program files\Panda Security
2009-05-25 02:06 . 2009-05-24 23:47 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-05-25 01:15 . 2008-06-20 01:14 97800 ----a-w c:\windows\system32\infocardapi.dll
2009-05-25 01:15 . 2008-06-20 01:14 105016 ----a-w c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-05-25 01:15 . 2008-06-20 01:14 43544 ----a-w c:\windows\system32\PresentationHostProxy.dll
2009-05-25 01:15 . 2008-06-20 01:14 11264 ----a-w c:\windows\system32\icardres.dll
2009-05-25 01:15 . 2008-06-20 01:14 622080 ----a-w c:\windows\system32\icardagt.exe
2009-05-25 01:15 . 2008-06-20 01:14 781344 ----a-w c:\windows\system32\PresentationNative_v0300.dll
2009-05-25 01:15 . 2008-06-20 01:14 326160 ----a-w c:\windows\system32\PresentationHost.exe
2009-05-25 01:05 . 2008-07-27 18:03 96760 ----a-w c:\windows\system32\dfshim.dll
2009-05-25 01:05 . 2008-07-27 18:03 282112 ----a-w c:\windows\system32\mscoree.dll
2009-05-25 01:05 . 2008-07-27 18:03 41984 ----a-w c:\windows\system32\netfxperf.dll
2009-05-25 01:04 . 2008-07-27 18:03 158720 ----a-w c:\windows\system32\mscorier.dll
2009-05-25 01:04 . 2008-07-27 18:03 83968 ----a-w c:\windows\system32\mscories.dll
2009-05-25 00:15 . 2009-05-25 00:15 -------- d-----w c:\program files\FileASSASSIN
2009-05-24 23:47 . 2009-05-24 23:47 -------- dc----w c:\windows\system32\DRVSTORE
2009-05-24 23:47 . 2009-05-24 23:47 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-05-24 23:29 . 2009-05-24 23:29 -------- dc-h--w c:\progra~2\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-24 23:29 . 2009-05-27 14:44 -------- d-----w c:\users\Owner\AppData\Roaming\MailWasherFree
2009-05-24 23:29 . 2009-05-24 23:29 -------- d-----w c:\program files\FireTrust
2009-05-24 20:11 . 2007-10-23 14:27 110592 ----a-w c:\users\Owner\AppData\Roaming\U3\temp\cleanup.exe
2009-05-24 20:09 . 2009-05-28 12:20 117760 ----a-w c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-05-24 20:09 . 2009-05-24 20:09 -------- d-----w c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2009-05-24 20:09 . 2009-05-24 20:09 -------- d-----w c:\progra~2\SUPERAntiSpyware.com
2009-05-24 20:05 . 2009-05-28 11:59 -------- d-----w c:\program files\SpywareBlaster
2009-05-24 20:04 . 2007-10-23 14:22 3350528 ---ha-w c:\users\Owner\AppData\Roaming\U3\temp\Launchpad Removal.exe
2009-05-24 20:04 . 2009-05-24 22:34 -------- d-----w c:\users\Owner\AppData\Roaming\U3
2009-05-23 06:19 . 2009-05-23 06:19 -------- d-----w c:\users\Owner\AppData\Roaming\Malwarebytes
2009-05-23 06:19 . 2009-04-06 20:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-23 06:18 . 2009-04-06 20:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-23 06:18 . 2009-05-23 06:19 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-23 06:18 . 2009-05-23 06:18 -------- d-----w c:\progra~2\Malwarebytes
2009-05-22 20:57 . 2009-05-28 12:23 -------- d-----w c:\progra~2\Spybot - Search & Destroy
2009-05-22 20:57 . 2009-05-24 23:58 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-05-22 20:35 . 2009-05-22 20:35 -------- d-----w c:\progra~2\Fashion Finder
2009-05-22 20:32 . 2009-05-22 20:32 -------- d-----w c:\program files\Fashion Finder - Secrets of Fashion NYC Edition
2009-05-18 03:56 . 2009-05-18 03:56 14846 ----a-r c:\users\Owner\AppData\Roaming\Microsoft\Installer\{329A3C81-7884-4A64-B8F6-078795C31506}\EPA_Icon.914326BE_BDF9_4068_A4AF_AF1B75093799.exe
2009-05-18 03:56 . 2009-05-18 03:56 -------- d-----w c:\users\Owner\AppData\Roaming\Netscape
2009-05-17 14:56 . 2009-05-17 14:56 -------- d-----w c:\users\Owner\AppData\Local\GestaltGames
2009-05-12 23:39 . 2009-05-12 23:39 -------- d-----w c:\program files\Virtual Families
2009-05-10 13:51 . 2009-05-10 13:51 -------- d-----w c:\users\Owner\AppData\Roaming\Enchanted Katya
2009-05-10 02:24 . 2009-05-10 02:24 -------- d-----w c:\progra~2\AdventureChronicles1
2009-05-09 13:36 . 2009-05-09 13:38 -------- d-----w c:\users\Owner\AppData\Roaming\Bigfish 3 Days Zoo Mystery
2009-05-02 14:27 . 2009-05-02 14:27 -------- d-----w c:\program files\Westward III

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-28 15:54 . 2007-12-14 08:57 12 ----a-w c:\windows\bthservsdp.dat
2009-05-27 17:19 . 2008-03-22 13:04 27839 ----a-w c:\users\Owner\AppData\Roaming\nvModes.dat
2009-05-27 16:12 . 2008-04-05 14:14 -------- d-----w c:\program files\Common Files\Adobe
2009-05-26 16:20 . 2008-09-10 23:27 -------- d-----w c:\program files\bfgclient
2009-05-26 15:16 . 2008-06-06 02:12 -------- d-----w c:\progra~2\Fugazo
2009-05-25 02:06 . 2008-09-17 00:33 -------- d-----w c:\program files\Cake Mania 3
2009-05-24 23:29 . 2008-05-11 20:51 -------- d-----w c:\program files\Lavasoft
2009-05-24 22:14 . 2008-10-03 02:47 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-05-24 21:58 . 2008-11-10 06:59 -------- d-----w c:\program files\Windows Live Toolbar
2009-05-23 03:10 . 2009-01-26 22:55 -------- d-----w c:\program files\Citrix
2009-05-23 03:09 . 2008-12-28 17:20 -------- d-----w c:\program files\RealArcade
2009-05-18 03:56 . 2009-01-31 09:06 -------- d-----w c:\users\Owner\AppData\Roaming\Citrix
2009-05-13 03:50 . 2007-12-14 09:31 -------- d-----w c:\progra~2\Microsoft Help
2009-05-13 03:45 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-05-08 23:48 . 2008-12-28 18:50 -------- d-----w c:\progra~2\GameHouse
2009-05-02 21:50 . 2009-01-30 23:15 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-05-02 21:50 . 2008-05-11 19:04 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-05-02 21:50 . 2008-05-11 19:04 27784 ----a-w c:\windows\system32\drivers\avgmfx86.sys
2009-05-02 21:50 . 2008-05-11 19:04 11952 ----a-w c:\windows\system32\avgrsstx.dll
2009-05-02 21:50 . 2008-05-11 19:04 -------- d-----w c:\progra~2\avg8
2009-04-25 02:52 . 2009-04-23 00:16 -------- d-----w c:\users\Owner\AppData\Roaming\Ventrilo
2009-04-23 00:15 . 2009-04-23 00:15 -------- d-----w c:\program files\Ventrilo
2009-04-21 23:32 . 2008-05-23 23:21 -------- d-----w c:\progra~2\PlayFirst
2009-04-21 23:32 . 2008-04-08 13:18 -------- d-----w c:\users\Owner\AppData\Roaming\PlayFirst
2009-04-21 13:33 . 2008-05-28 17:10 -------- d-----w c:\program files\EA GAMES
2009-04-19 14:03 . 2009-04-19 14:03 -------- d-----w c:\users\Owner\AppData\Roaming\TikGames
2009-04-19 14:03 . 2009-04-19 14:03 -------- d-----w c:\progra~2\TikGames
2009-04-14 02:54 . 2009-04-14 00:50 -------- d-----w c:\users\Owner\AppData\Roaming\Be a King
2009-04-14 00:31 . 2009-04-14 00:30 -------- d-----w c:\program files\Be a King
2009-04-07 01:34 . 2009-04-07 01:34 -------- d-----w c:\users\Owner\AppData\Roaming\ShinyTales
2009-04-07 00:55 . 2009-04-07 00:55 -------- d-----w c:\program files\Wonderburg
2009-04-06 23:33 . 2009-04-06 23:33 -------- d-----w c:\users\Owner\AppData\Roaming\Shape games
2009-04-06 23:32 . 2009-04-06 23:32 -------- d-----w c:\program files\Success Story
2009-03-21 22:18 . 2009-01-16 23:14 130424 ----a-w c:\windows\system32\drivers\PCTCore.sys
2009-03-17 03:38 . 2009-04-14 22:49 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-14 22:49 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-03 04:46 . 2009-04-14 22:49 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-14 22:49 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:40 . 2009-04-14 22:49 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:39 . 2009-04-14 22:49 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-14 22:49 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-14 22:49 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-14 22:49 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 04:37 . 2009-04-14 22:49 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-14 22:49 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-14 22:49 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-14 22:49 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-14 22:49 17408 ----a-w c:\windows\system32\iashost.exe
2009-03-03 02:28 . 2009-04-14 22:49 26624 ----a-w c:\windows\system32\ieUnatt.exe
.

utopiancouple
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
OS OS : Vista
Points Points : 27565
# Likes # Likes : 0

View user profile

Back to top Go down

Re: laptop Internet going where I did not click

Post by Belahzur on Fri May 29, 2009 8:29 pm

Hello.
There should be ((((( registry loading points ))))) somewhere down the bottom of the log, that is the bit I need to see.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Should I run it again this is all that is on notepad?

Post by utopiancouple on Fri May 29, 2009 8:32 pm

Did I get it all this time? Or should I run the combo fix again??? Sorry :crazy: Bow or Thanks

utopiancouple
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
OS OS : Vista
Points Points : 27565
# Likes # Likes : 0

View user profile

Back to top Go down

I will do it ove again

Post by utopiancouple on Fri May 29, 2009 8:34 pm

Hang in there with me I will do it again

utopiancouple
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
OS OS : Vista
Points Points : 27565
# Likes # Likes : 0

View user profile

Back to top Go down

1st half combo-fix

Post by utopiancouple on Fri May 29, 2009 8:53 pm

ComboFix 09-05-29.01 - Owner 05/29/2009 7:43.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3070.1634 [GMT -5:00]
Running from: c:\users\Owner\Desktop\Combo-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: MalwareRemovalBot *disabled* (Updated) {1C903D86-9D58-4622-BD6C-FCF502C03615}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2009-04-28 to 2009-05-29 )))))))))))))))))))))))))))))))
.

2009-05-27 16:16 . 2009-05-27 16:16 -------- d-----w c:\program files\Sun
2009-05-27 16:16 . 2009-05-27 16:15 410984 ----a-w c:\windows\system32\deploytk.dll
2009-05-27 16:14 . 2009-05-27 16:15 -------- d-----w c:\program files\Java
2009-05-27 16:12 . 2009-05-27 16:12 -------- d-----w c:\program files\Common Files\Adobe AIR
2009-05-27 15:57 . 2009-05-28 04:26 -------- d-----w c:\progra~2\NOS
2009-05-27 15:57 . 2009-05-28 04:26 -------- d-----w c:\program files\NOS
2009-05-27 15:46 . 2009-05-27 15:48 -------- d-----w c:\users\Owner\.SunDownloadManager
2009-05-27 15:14 . 2009-05-27 15:14 -------- d-----w c:\users\Owner\AppData\Local\Mozilla
2009-05-26 18:09 . 2009-05-26 18:10 -------- d-----w c:\program files\The Enchanting Islands
2009-05-26 16:36 . 2009-05-26 16:36 -------- d-----w c:\users\Owner\AppData\Local\Slapdash Games
2009-05-26 16:36 . 2009-05-26 16:36 -------- d-----w c:\progra~2\Slapdash Games
2009-05-26 16:32 . 2009-05-26 16:33 -------- d-----w c:\program files\Yard Sale Hidden Treasures - Lucky Junction
2009-05-26 09:33 . 2008-06-19 22:24 28544 ----a-w c:\windows\system32\drivers\pavboot.sys
2009-05-26 09:33 . 2009-05-26 09:33 -------- d-----w c:\program files\Panda Security
2009-05-25 02:06 . 2009-05-24 23:47 15688 ----a-w c:\windows\system32\lsdelete.exe
2009-05-25 01:15 . 2008-06-20 01:14 97800 ----a-w c:\windows\system32\infocardapi.dll
2009-05-25 01:15 . 2008-06-20 01:14 105016 ----a-w c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-05-25 01:15 . 2008-06-20 01:14 43544 ----a-w c:\windows\system32\PresentationHostProxy.dll
2009-05-25 01:15 . 2008-06-20 01:14 11264 ----a-w c:\windows\system32\icardres.dll
2009-05-25 01:15 . 2008-06-20 01:14 622080 ----a-w c:\windows\system32\icardagt.exe
2009-05-25 01:15 . 2008-06-20 01:14 781344 ----a-w c:\windows\system32\PresentationNative_v0300.dll
2009-05-25 01:15 . 2008-06-20 01:14 326160 ----a-w c:\windows\system32\PresentationHost.exe
2009-05-25 01:05 . 2008-07-27 18:03 96760 ----a-w c:\windows\system32\dfshim.dll
2009-05-25 01:05 . 2008-07-27 18:03 282112 ----a-w c:\windows\system32\mscoree.dll
2009-05-25 01:05 . 2008-07-27 18:03 41984 ----a-w c:\windows\system32\netfxperf.dll
2009-05-25 01:04 . 2008-07-27 18:03 158720 ----a-w c:\windows\system32\mscorier.dll
2009-05-25 01:04 . 2008-07-27 18:03 83968 ----a-w c:\windows\system32\mscories.dll
2009-05-25 00:15 . 2009-05-25 00:15 -------- d-----w c:\program files\FileASSASSIN
2009-05-24 23:47 . 2009-05-24 23:47 -------- dc----w c:\windows\system32\DRVSTORE
2009-05-24 23:47 . 2009-05-24 23:47 64160 ----a-w c:\windows\system32\drivers\Lbd.sys
2009-05-24 23:29 . 2009-05-24 23:29 -------- dc-h--w c:\progra~2\{7972B2E5-3E09-4E5E-81B7-FE5819D6772F}
2009-05-24 23:29 . 2009-05-27 14:44 -------- d-----w c:\users\Owner\AppData\Roaming\MailWasherFree
2009-05-24 23:29 . 2009-05-24 23:29 -------- d-----w c:\program files\FireTrust
2009-05-24 20:11 . 2007-10-23 14:27 110592 ----a-w c:\users\Owner\AppData\Roaming\U3\temp\cleanup.exe
2009-05-24 20:09 . 2009-05-28 12:20 117760 ----a-w c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
2009-05-24 20:09 . 2009-05-24 20:09 -------- d-----w c:\users\Owner\AppData\Roaming\SUPERAntiSpyware.com
2009-05-24 20:09 . 2009-05-24 20:09 -------- d-----w c:\progra~2\SUPERAntiSpyware.com
2009-05-24 20:05 . 2009-05-28 11:59 -------- d-----w c:\program files\SpywareBlaster
2009-05-24 20:04 . 2007-10-23 14:22 3350528 ---ha-w c:\users\Owner\AppData\Roaming\U3\temp\Launchpad Removal.exe
2009-05-24 20:04 . 2009-05-24 22:34 -------- d-----w c:\users\Owner\AppData\Roaming\U3
2009-05-23 06:19 . 2009-05-23 06:19 -------- d-----w c:\users\Owner\AppData\Roaming\Malwarebytes
2009-05-23 06:19 . 2009-04-06 20:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-23 06:18 . 2009-04-06 20:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-23 06:18 . 2009-05-23 06:19 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-23 06:18 . 2009-05-23 06:18 -------- d-----w c:\progra~2\Malwarebytes
2009-05-22 20:57 . 2009-05-28 12:23 -------- d-----w c:\progra~2\Spybot - Search & Destroy
2009-05-22 20:57 . 2009-05-24 23:58 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-05-22 20:35 . 2009-05-22 20:35 -------- d-----w c:\progra~2\Fashion Finder
2009-05-22 20:32 . 2009-05-22 20:32 -------- d-----w c:\program files\Fashion Finder - Secrets of Fashion NYC Edition
2009-05-18 03:56 . 2009-05-18 03:56 14846 ----a-r c:\users\Owner\AppData\Roaming\Microsoft\Installer\{329A3C81-7884-4A64-B8F6-078795C31506}\EPA_Icon.914326BE_BDF9_4068_A4AF_AF1B75093799.exe
2009-05-18 03:56 . 2009-05-18 03:56 -------- d-----w c:\users\Owner\AppData\Roaming\Netscape
2009-05-17 14:56 . 2009-05-17 14:56 -------- d-----w c:\users\Owner\AppData\Local\GestaltGames
2009-05-12 23:39 . 2009-05-12 23:39 -------- d-----w c:\program files\Virtual Families
2009-05-10 13:51 . 2009-05-10 13:51 -------- d-----w c:\users\Owner\AppData\Roaming\Enchanted Katya
2009-05-10 02:24 . 2009-05-10 02:24 -------- d-----w c:\progra~2\AdventureChronicles1
2009-05-09 13:36 . 2009-05-09 13:38 -------- d-----w c:\users\Owner\AppData\Roaming\Bigfish 3 Days Zoo Mystery
2009-05-02 14:27 . 2009-05-02 14:27 -------- d-----w c:\program files\Westward III

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-28 15:54 . 2007-12-14 08:57 12 ----a-w c:\windows\bthservsdp.dat
2009-05-27 17:19 . 2008-03-22 13:04 27839 ----a-w c:\users\Owner\AppData\Roaming\nvModes.dat
2009-05-27 16:12 . 2008-04-05 14:14 -------- d-----w c:\program files\Common Files\Adobe
2009-05-26 16:20 . 2008-09-10 23:27 -------- d-----w c:\program files\bfgclient
2009-05-26 15:16 . 2008-06-06 02:12 -------- d-----w c:\progra~2\Fugazo
2009-05-25 02:06 . 2008-09-17 00:33 -------- d-----w c:\program files\Cake Mania 3
2009-05-24 23:29 . 2008-05-11 20:51 -------- d-----w c:\program files\Lavasoft
2009-05-24 22:14 . 2008-10-03 02:47 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-05-24 21:58 . 2008-11-10 06:59 -------- d-----w c:\program files\Windows Live Toolbar
2009-05-23 03:10 . 2009-01-26 22:55 -------- d-----w c:\program files\Citrix
2009-05-23 03:09 . 2008-12-28 17:20 -------- d-----w c:\program files\RealArcade
2009-05-18 03:56 . 2009-01-31 09:06 -------- d-----w c:\users\Owner\AppData\Roaming\Citrix
2009-05-13 03:50 . 2007-12-14 09:31 -------- d-----w c:\progra~2\Microsoft Help
2009-05-13 03:45 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-05-08 23:48 . 2008-12-28 18:50 -------- d-----w c:\progra~2\GameHouse
2009-05-02 21:50 . 2009-01-30 23:15 108552 ----a-w c:\windows\system32\drivers\avgtdix.sys
2009-05-02 21:50 . 2008-05-11 19:04 325896 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-05-02 21:50 . 2008-05-11 19:04 27784 ----a-w c:\windows\system32\drivers\avgmfx86.sys
2009-05-02 21:50 . 2008-05-11 19:04 11952 ----a-w c:\windows\system32\avgrsstx.dll
2009-05-02 21:50 . 2008-05-11 19:04 -------- d-----w c:\progra~2\avg8
2009-04-25 02:52 . 2009-04-23 00:16 -------- d-----w c:\users\Owner\AppData\Roaming\Ventrilo
2009-04-23 00:15 . 2009-04-23 00:15 -------- d-----w c:\program files\Ventrilo
2009-04-21 23:32 . 2008-05-23 23:21 -------- d-----w c:\progra~2\PlayFirst
2009-04-21 23:32 . 2008-04-08 13:18 -------- d-----w c:\users\Owner\AppData\Roaming\PlayFirst
2009-04-21 13:33 . 2008-05-28 17:10 -------- d-----w c:\program files\EA GAMES
2009-04-19 14:03 . 2009-04-19 14:03 -------- d-----w c:\users\Owner\AppData\Roaming\TikGames
2009-04-19 14:03 . 2009-04-19 14:03 -------- d-----w c:\progra~2\TikGames
2009-04-14 02:54 . 2009-04-14 00:50 -------- d-----w c:\users\Owner\AppData\Roaming\Be a King
2009-04-14 00:31 . 2009-04-14 00:30 -------- d-----w c:\program files\Be a King
2009-04-07 01:34 . 2009-04-07 01:34 -------- d-----w c:\users\Owner\AppData\Roaming\ShinyTales
2009-04-07 00:55 . 2009-04-07 00:55 -------- d-----w c:\program files\Wonderburg
2009-04-06 23:33 . 2009-04-06 23:33 -------- d-----w c:\users\Owner\AppData\Roaming\Shape games
2009-04-06 23:32 . 2009-04-06 23:32 -------- d-----w c:\program files\Success Story
2009-03-21 22:18 . 2009-01-16 23:14 130424 ----a-w c:\windows\system32\drivers\PCTCore.sys
2009-03-17 03:38 . 2009-04-14 22:49 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-14 22:49 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-03 04:46 . 2009-04-14 22:49 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-14 22:49 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:40 . 2009-04-14 22:49 827392 ----a-w c:\windows\system32\wininet.dll
2009-03-03 04:39 . 2009-04-14 22:49 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-14 22:49 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-14 22:49 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-14 22:49 78336 ----a-w c:\windows\system32\ieencode.dll
2009-03-03 04:37 . 2009-04-14 22:49 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-14 22:49 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-14 22:49 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-14 22:49 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-14 22:49 17408 ----a-w c:\windows\system32\iashost.exe
2009-03-03 02:28 . 2009-04-14 22:49 26624 ----a-w c:\windows\system32\ieUnatt.exe
.

utopiancouple
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
OS OS : Vista
Points Points : 27565
# Likes # Likes : 0

View user profile

Back to top Go down

2nd half

Post by utopiancouple on Fri May 29, 2009 8:53 pm

(((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"Utopia Angel"="c:\utopia\Angel\Angel.exe" [2009-05-18 3594240]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-02-15 857648]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Gateway\traybar.exe" [2007-09-13 638976]
"SysTrayApp"="c:\program files\IDT\WDM\sttray.exe" [2007-11-09 409600]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-11-15 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-15 8534560]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-15 81920]
"00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2009-02-26 2652056]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-02 1947928]
"TrueImageMonitor.exe"="c:\program files\Acronis\TrueImageHome\TrueImageMonitor.exe" [2006-10-17 1164912]
"AcronisTimounterMonitor"="c:\program files\Acronis\TrueImageHome\TimounterMonitor.exe" [2006-10-17 1941784]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2006-10-17 87584]
"Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-05-24 516440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-27 148888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-07-13 40072]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-3-29 719664]
Citrix XenApp.lnk - c:\windows\Installer\{388C130B-0079-46B4-A0D5-DC2DD7A89A7B}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe [2009-1-26 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BigFix.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\BigFix.lnk
backup=c:\windows\pss\BigFix.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{B1AB1ED7-7DD6-4AAA-94C3-23E9C1064E8D}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{6FCDA6AF-DDBF-44B5-AA47-3C69429EAE67}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{33D22029-2788-47B2-85BA-CCD347D5194D}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{6E6EF01B-BA76-4336-950E-6892F7CA5DDA}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"{01AF5E37-B956-422F-8F49-4EE32689EC37}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{DFA28032-31CD-451D-B6F5-6660CB4B502B}"= UDP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
"{898320A1-5984-4E05-96C0-C16116105A9F}"= TCP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe
"{E0F01021-3BF3-4B23-A3FB-A702281F7E47}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [5/24/2009 18:47 64160]
R0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [5/26/2009 04:33 28544]
R0 Si3531;SiI-3531 SATA Controller;c:\windows\System32\drivers\Si3531.sys [6/1/2007 13:29 210736]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [5/11/2008 14:04 325896]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [1/30/2009 18:15 108552]
R1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi.sys [1/16/2009 18:14 159600]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [5/11/2008 14:04 908568]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [5/11/2008 14:04 298776]
R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\System32\drivers\PCTAppEvent.sys [1/16/2009 18:14 73840]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [5/22/2009 16:08 1153368]
R3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw.sys [1/16/2009 18:13 95640]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3/9/2009 14:06 953168]
S3 NETw2v32;Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista;c:\windows\System32\drivers\NETw2v32.sys [11/2/2006 05:25 2589184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
.
Contents of the 'Scheduled Tasks' folder

2009-05-25 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 23:46]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: geekpolice.net\www
Trusted Zone: pandasoftware.com\www
DPF: {EC0403E0-9158-4CF8-A2B6-3C62C3B9B6B7} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\vot62qtq.default\
FF - prefs.js: browser.startup.homepage - [You must be registered and logged in to see this link.]
FF - prefs.js: network.proxy.type - 4
FF - plugin: c:\users\Owner\AppData\Roaming\Mozilla\plugins\npCtxCAO.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-05-29 07:47
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2857160768-3149739328-402376366-1000\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:82,8f,8f,82,1c,6d,87,b5,f6,d8,5f,59,24,af,01,7b,03,86,e1,a6,55,
75,ed,f9,4e,5f,6c,21,2f,e0,a3,5d,ca,30,ee,dc,16,77,04,77,39,7f,65,ae,95,8f,\
"rkeysecu"=hex:03,87,f5,2e,a9,b3,50,bc,64,95,b8,98,c9,b8,9b,51

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'lsass.exe'(796)
c:\windows\system32\relog_ap.dll

- - - - - - - > 'Explorer.exe'(4904)
c:\windows\system32\btmmhook.dll
.
Completion time: 2009-05-29 7:48
ComboFix-quarantined-files.txt 2009-05-29 12:48
ComboFix2.txt 2009-05-29 10:28

Pre-Run: 157,184,094,208 bytes free
Post-Run: 157,168,672,768 bytes free

253 --- E O F --- 2009-05-28 04:31

utopiancouple
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
OS OS : Vista
Points Points : 27565
# Likes # Likes : 0

View user profile

Back to top Go down

Re: laptop Internet going where I did not click

Post by Belahzur on Fri May 29, 2009 9:13 pm

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /u



This will also reset your restore points.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34917
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245080
# Likes # Likes : 1

View user profile

Back to top Go down

Running vey well=goes where send it now!!!!

Post by utopiancouple on Fri May 29, 2009 9:44 pm

The internet is faster. It goes where I click now. Will see if the time stays right, the Desktop picutue too and screensaver too. They were changing before. Sure is responding faster. Bow or Thanks Thank You! You guys at geekpolice ae number 1 in my book. I am so grateful.

utopiancouple
Novice
Novice

Posts Posts : 21
Joined Joined : 2009-05-24
OS OS : Vista
Points Points : 27565
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum