im not sure when this started happening but recently my computer only connects through the internet via firefox. IE and other browsers wont work, some programs that access online for updates dont work aswell. I've tried working it out but i cant find the problem. checked for viruses....nothing malware/spyware...nothing turned off firewall....nothing my ps3 and my other laptop work perfectly, both IE and Firefox work on the other laptop. the oldest restore point is much help to me, and recently my firefox installed an update and right after it stopped working. also if when i try to install a new anti virus or something it cannot finish the install because it cannot connect to the server im running vista on an hp laptop Anyone got an idea? I'll run a HJT report if needed. and here is a thread i posted a while back, and the things i've tried already, http://forums.afterdawn.com/thread_view.cfm/746942 Thank you!!!
Hi mondax So sorry to hear your problems... don't you hate it when such things happen? For us to be able to help you, we'll need to run a few tools to see what the problem is. 1. • Please download RSIT from here. • Please download the HijackThis zip file and unzip HijackThis.exe into the same folder as RSIT.exe. We will need it later. • Run RSIT.exe and follow the prompts. • When the scan is finished, two notepad windows will pop up; log.txt and info.txt. They are also located at C:\rsit. • Post log.txt and info.txt here. 2. • Please download GMER: • Unzip (extract) it. • Double-click gmer.exe to run it. • Let the gmer.sys driver load if asked. • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan... click NO. • Click the Rootkit tab. • Make sure only these boxes on the right of the screen are checked. Do not check Show All. Code: System Modules Processes Threads Libraries Services Registry Files C:\ and any other drives ADS • Then click the Scan button. Wait for the scan to finish. • Once done, click the Copy button. • This will copy the results to the clipboard. Open Notepad, paste the log into it, and save it. Post this log to your next reply. Things I'll need in your next post: 1. RSIT logs 2. GMER log Best Regards
RSIT Log Logfile of random's system information tool 1.06 (written by random/random) Run by Family at 2009-07-03 11:31:09 Microsoft® Windows Vista™ Home Premium Service Pack 1 System drive C: has 24 GB (14%) free of 179 GB Total RAM: 2942 MB (70% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:31:19 AM, on 7/3/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18248) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Windows\system32\wuauclt.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Family\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\Family.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [StartupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxba_device - - C:\Windows\system32\lxbacoms.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8920 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Check Updates for Windows Live Toolbar.job C:\Windows\tasks\HPCeeScheduleForFamily.job C:\Windows\tasks\User_Feed_Synchronization-{EFB89D09-7609-450D-AC3E-E4CE180B8E26}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7}] HP Print Clips - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-08-31 177504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800] "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-12-19 468264] "QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-19 202032] "OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-09-04 554320] "UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-08-17 218408] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1008184] "HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16 75008] "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-09-13 480560] "WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-08 311296] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-04 13556256] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-04 92704] "StartupDelayer"=C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [2007-12-14 26112] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-20 1233920] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 125952] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-20 202240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{03286811-51bc-11dd-bf22-001e68856b83}] shell\Auto\command - infrom.exe shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL infrom.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c5e365c-55c8-11dd-a23e-001e68856b83}] shell\Auto\command - infrom.exe shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL infrom.exe ======List of files/folders created in the last 1 months====== 2009-07-03 11:31:09 ----D---- C:\rsit 2009-07-02 14:36:20 ----D---- C:\ProgramData\WindowsSearch 2009-06-30 19:44:33 ----A---- C:\Windows\ntbtlog.txt 2009-06-27 14:17:18 ----D---- C:\Program Files\Trend Micro 2009-06-27 13:45:33 ----D---- C:\Users\Family\AppData\Roaming\Malwarebytes 2009-06-27 13:45:28 ----D---- C:\ProgramData\Malwarebytes 2009-06-27 13:45:28 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-06-19 23:26:04 ----D---- C:\Users\Family\AppData\Roaming\Sony 2009-06-19 23:26:04 ----D---- C:\ProgramData\Sony 2009-06-19 23:20:40 ----D---- C:\Program Files\Common Files\Sony Shared 2009-06-19 23:19:30 ----D---- C:\Program Files\Sony Setup 2009-06-16 18:18:16 ----D---- C:\Windows\CheckSur 2009-06-15 18:38:46 ----A---- C:\Windows\system32\psisdecd.dll 2009-06-15 18:38:44 ----A---- C:\Windows\system32\EncDec.dll 2009-06-14 11:07:48 ----A---- C:\Windows\system32\localspl.dll 2009-06-14 11:07:31 ----A---- C:\Windows\system32\rpcrt4.dll 2009-06-14 11:07:19 ----A---- C:\Windows\system32\mshtml.dll 2009-06-14 11:07:14 ----A---- C:\Windows\system32\ieframe.dll 2009-06-14 11:07:13 ----A---- C:\Windows\system32\urlmon.dll 2009-06-14 11:07:12 ----A---- C:\Windows\system32\wininet.dll 2009-06-14 11:07:12 ----A---- C:\Windows\system32\msfeeds.dll 2009-06-14 11:07:12 ----A---- C:\Windows\system32\iertutil.dll 2009-06-14 11:07:12 ----A---- C:\Windows\system32\iedkcs32.dll 2009-06-14 11:07:11 ----A---- C:\Windows\system32\occache.dll 2009-06-14 11:07:11 ----A---- C:\Windows\system32\ieUnatt.exe 2009-06-14 11:07:11 ----A---- C:\Windows\system32\ieencode.dll 2009-06-14 11:07:11 ----A---- C:\Windows\system32\ieaksie.dll 2009-06-14 11:07:10 ----A---- C:\Windows\system32\mstime.dll 2009-06-14 11:07:10 ----A---- C:\Windows\system32\jsproxy.dll ======List of files/folders modified in the last 1 months====== 2009-07-03 11:31:19 ----D---- C:\Windows\Prefetch 2009-07-03 11:31:10 ----D---- C:\Windows\Temp 2009-07-03 11:22:47 ----D---- C:\Windows\System32 2009-07-03 11:22:47 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-07-03 11:22:46 ----D---- C:\Windows\inf 2009-07-03 08:37:45 ----SHD---- C:\System Volume Information 2009-07-02 21:58:23 ----SD---- C:\Users\Family\AppData\Roaming\Microsoft 2009-07-02 14:36:20 ----HD---- C:\ProgramData 2009-06-30 20:22:49 ----D---- C:\Program Files\Mozilla Firefox 2009-06-30 20:21:33 ----D---- C:\Windows\system32\drivers 2009-06-30 19:44:33 ----D---- C:\Windows 2009-06-29 18:28:36 ----D---- C:\Windows\system32\Msdtc 2009-06-29 18:28:33 ----D---- C:\Windows\system32\wbem 2009-06-29 18:27:30 ----D---- C:\Windows\system32\config 2009-06-29 18:27:12 ----D---- C:\Windows\Tasks 2009-06-29 18:27:12 ----D---- C:\Windows\system32\Tasks 2009-06-29 18:27:12 ----D---- C:\Windows\system32\spool 2009-06-29 18:27:12 ----D---- C:\Windows\system32\CodeIntegrity 2009-06-29 18:27:12 ----D---- C:\Windows\system32\catroot2 2009-06-29 18:27:12 ----D---- C:\Users\Family\AppData\Roaming\vlc 2009-06-29 18:27:12 ----D---- C:\Users\Family\AppData\Roaming\r2 Studios 2009-06-29 18:27:12 ----D---- C:\Program Files\Internet Explorer 2009-06-29 18:27:07 ----D---- C:\ProgramData\r2 Studios 2009-06-29 18:27:07 ----D---- C:\Program Files\r2 Studios 2009-06-29 18:27:06 ----D---- C:\Windows\registration 2009-06-27 14:17:18 ----RD---- C:\Program Files 2009-06-19 23:43:01 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-06-19 23:43:00 ----D---- C:\ProgramData\Spybot - Search & Destroy 2009-06-19 23:21:50 ----RSD---- C:\Windows\assembly 2009-06-19 23:21:49 ----SHD---- C:\Windows\Installer 2009-06-19 23:21:07 ----D---- C:\Windows\winsxs 2009-06-19 23:20:40 ----D---- C:\Program Files\Common Files 2009-06-19 23:20:24 ----D---- C:\Program Files\Sony 2009-06-16 15:28:05 ----D---- C:\Windows\Microsoft.NET 2009-06-16 15:20:45 ----D---- C:\Windows\ehome 2009-06-16 11:09:13 ----D---- C:\Windows\system32\catroot 2009-06-15 18:34:47 ----D---- C:\Program Files\Microsoft Works 2009-06-15 18:33:36 ----D---- C:\ProgramData\Microsoft Help 2009-06-14 10:51:40 ----D---- C:\Program Files\Windows Mail 2009-06-14 10:51:39 ----D---- C:\ProgramData\FLEXnet 2009-06-09 17:30:46 ----D---- C:\Windows\Minidump ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-07-07 56108] R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2008-06-13 24112] R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2008-06-13 184240] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-22 37376] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-12-06 761856] R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-20 14208] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768] R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896] R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-06 1059112] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-04 7606688] R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-20 88576] R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2008-06-13 13616] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-12-21 123952] R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2008-06-13 96432] R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2008-06-13 41008] R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2008-06-13 22320] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472] R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-20 134016] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-20 11264] R3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-20 39936] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-20 83328] S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-20 45696] S3 Avc;AVC Device; C:\Windows\system32\DRIVERS\avc.sys [2008-01-20 40448] S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632] S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-09-09 176640] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-20 200704] S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-20 52608] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016] S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys [] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000] S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-20 73088] S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-20 35328] S3 WinDriver6;WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [2008-07-03 193696] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-16 94208] R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2006-05-02 135168] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136] R2 lxba_device;lxba_device; C:\Windows\system32\lxbacoms.exe [2007-04-24 537520] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-04 203296] R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-12-19 271760] R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-12-19 112016] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560] R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872] S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-13 654848] S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2008-05-05 165416] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] -----------------EOF----------------- Logfile of random's system information tool 1.06 (written by random/random) Run by Family at 2009-07-03 11:31:09 Microsoft® Windows Vista™ Home Premium Service Pack 1 System drive C: has 24 GB (14%) free of 179 GB Total RAM: 2942 MB (70% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:31:19 AM, on 7/3/2009 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18248) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\HP\QuickPlay\QPService.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe C:\Program Files\PowerISO\PWRISOVM.EXE C:\Windows\system32\wuauclt.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Family\Desktop\RSIT.exe C:\Program Files\Trend Micro\HijackThis\Family.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0" O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [StartupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: lxba_device - - C:\Windows\system32\lxbacoms.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8920 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Check Updates for Windows Live Toolbar.job C:\Windows\tasks\HPCeeScheduleForFamily.job C:\Windows\tasks\User_Feed_Synchronization-{EFB89D09-7609-450D-AC3E-E4CE180B8E26}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}] Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7}] HP Print Clips - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-08-31 177504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-03-28 1045800] "QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-12-19 468264] "QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-09-19 202032] "OnScreenDisplay"=C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe [2007-09-04 554320] "UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2007-08-17 218408] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1008184] "HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16 75008] "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-09-13 480560] "WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-08 311296] "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784] "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840] "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-12-04 13556256] "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-12-04 92704] "StartupDelayer"=C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe [2007-12-14 26112] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-20 1233920] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 125952] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-20 202240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184] C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{03286811-51bc-11dd-bf22-001e68856b83}] shell\Auto\command - infrom.exe shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL infrom.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c5e365c-55c8-11dd-a23e-001e68856b83}] shell\Auto\command - infrom.exe shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL infrom.exe ======List of files/folders created in the last 1 months====== 2009-07-03 11:31:09 ----D---- C:\rsit 2009-07-02 14:36:20 ----D---- C:\ProgramData\WindowsSearch 2009-06-30 19:44:33 ----A---- C:\Windows\ntbtlog.txt 2009-06-27 14:17:18 ----D---- C:\Program Files\Trend Micro 2009-06-27 13:45:33 ----D---- C:\Users\Family\AppData\Roaming\Malwarebytes 2009-06-27 13:45:28 ----D---- C:\ProgramData\Malwarebytes 2009-06-27 13:45:28 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-06-19 23:26:04 ----D---- C:\Users\Family\AppData\Roaming\Sony 2009-06-19 23:26:04 ----D---- C:\ProgramData\Sony 2009-06-19 23:20:40 ----D---- C:\Program Files\Common Files\Sony Shared 2009-06-19 23:19:30 ----D---- C:\Program Files\Sony Setup 2009-06-16 18:18:16 ----D---- C:\Windows\CheckSur 2009-06-15 18:38:46 ----A---- C:\Windows\system32\psisdecd.dll 2009-06-15 18:38:44 ----A---- C:\Windows\system32\EncDec.dll 2009-06-14 11:07:48 ----A---- C:\Windows\system32\localspl.dll 2009-06-14 11:07:31 ----A---- C:\Windows\system32\rpcrt4.dll 2009-06-14 11:07:19 ----A---- C:\Windows\system32\mshtml.dll 2009-06-14 11:07:14 ----A---- C:\Windows\system32\ieframe.dll 2009-06-14 11:07:13 ----A---- C:\Windows\system32\urlmon.dll 2009-06-14 11:07:12 ----A---- C:\Windows\system32\wininet.dll 2009-06-14 11:07:12 ----A---- C:\Windows\system32\msfeeds.dll 2009-06-14 11:07:12 ----A---- C:\Windows\system32\iertutil.dll 2009-06-14 11:07:12 ----A---- C:\Windows\system32\iedkcs32.dll 2009-06-14 11:07:11 ----A---- C:\Windows\system32\occache.dll 2009-06-14 11:07:11 ----A---- C:\Windows\system32\ieUnatt.exe 2009-06-14 11:07:11 ----A---- C:\Windows\system32\ieencode.dll 2009-06-14 11:07:11 ----A---- C:\Windows\system32\ieaksie.dll 2009-06-14 11:07:10 ----A---- C:\Windows\system32\mstime.dll 2009-06-14 11:07:10 ----A---- C:\Windows\system32\jsproxy.dll ======List of files/folders modified in the last 1 months====== 2009-07-03 11:31:19 ----D---- C:\Windows\Prefetch 2009-07-03 11:31:10 ----D---- C:\Windows\Temp 2009-07-03 11:22:47 ----D---- C:\Windows\System32 2009-07-03 11:22:47 ----A---- C:\Windows\system32\PerfStringBackup.INI 2009-07-03 11:22:46 ----D---- C:\Windows\inf 2009-07-03 08:37:45 ----SHD---- C:\System Volume Information 2009-07-02 21:58:23 ----SD---- C:\Users\Family\AppData\Roaming\Microsoft 2009-07-02 14:36:20 ----HD---- C:\ProgramData 2009-06-30 20:22:49 ----D---- C:\Program Files\Mozilla Firefox 2009-06-30 20:21:33 ----D---- C:\Windows\system32\drivers 2009-06-30 19:44:33 ----D---- C:\Windows 2009-06-29 18:28:36 ----D---- C:\Windows\system32\Msdtc 2009-06-29 18:28:33 ----D---- C:\Windows\system32\wbem 2009-06-29 18:27:30 ----D---- C:\Windows\system32\config 2009-06-29 18:27:12 ----D---- C:\Windows\Tasks 2009-06-29 18:27:12 ----D---- C:\Windows\system32\Tasks 2009-06-29 18:27:12 ----D---- C:\Windows\system32\spool 2009-06-29 18:27:12 ----D---- C:\Windows\system32\CodeIntegrity 2009-06-29 18:27:12 ----D---- C:\Windows\system32\catroot2 2009-06-29 18:27:12 ----D---- C:\Users\Family\AppData\Roaming\vlc 2009-06-29 18:27:12 ----D---- C:\Users\Family\AppData\Roaming\r2 Studios 2009-06-29 18:27:12 ----D---- C:\Program Files\Internet Explorer 2009-06-29 18:27:07 ----D---- C:\ProgramData\r2 Studios 2009-06-29 18:27:07 ----D---- C:\Program Files\r2 Studios 2009-06-29 18:27:06 ----D---- C:\Windows\registration 2009-06-27 14:17:18 ----RD---- C:\Program Files 2009-06-19 23:43:01 ----D---- C:\Program Files\Spybot - Search & Destroy 2009-06-19 23:43:00 ----D---- C:\ProgramData\Spybot - Search & Destroy 2009-06-19 23:21:50 ----RSD---- C:\Windows\assembly 2009-06-19 23:21:49 ----SHD---- C:\Windows\Installer 2009-06-19 23:21:07 ----D---- C:\Windows\winsxs 2009-06-19 23:20:40 ----D---- C:\Program Files\Common Files 2009-06-19 23:20:24 ----D---- C:\Program Files\Sony 2009-06-16 15:28:05 ----D---- C:\Windows\Microsoft.NET 2009-06-16 15:20:45 ----D---- C:\Windows\ehome 2009-06-16 11:09:13 ----D---- C:\Windows\system32\catroot 2009-06-15 18:34:47 ----D---- C:\Program Files\Microsoft Works 2009-06-15 18:33:36 ----D---- C:\ProgramData\Microsoft Help 2009-06-14 10:51:40 ----D---- C:\Program Files\Windows Mail 2009-06-14 10:51:39 ----D---- C:\ProgramData\FLEXnet 2009-06-09 17:30:46 ----D---- C:\Windows\Minidump ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-07-07 56108] R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2008-06-13 24112] R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2008-06-13 184240] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-02-24 39936] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-01-23 42496] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-03-22 37376] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-12-06 761856] R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-20 14208] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768] R3 HpqRemHid;HP Remote Control HID Device; C:\Windows\system32\DRIVERS\HpqRemHid.sys [2007-07-11 7168] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896] R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2007-03-06 1059112] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-04 7606688] R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-16 12032] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-20 88576] R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2008-06-13 13616] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2008-12-21 123952] R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2008-06-13 96432] R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2008-06-13 41008] R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2008-06-13 22320] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-03-28 199472] R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-20 134016] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504] R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-20 11264] R3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-20 39936] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-20 83328] S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-20 45696] S3 Avc;AVC Device; C:\Windows\system32\DRIVERS\avc.sys [2008-01-20 40448] S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632] S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-09-09 176640] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-20 200704] S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-20 52608] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016] S3 SymIMMP;SymIMMP; C:\Windows\system32\DRIVERS\SymIM.sys [] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000] S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-20 73088] S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-20 35328] S3 WinDriver6;WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [2008-07-03 193696] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-06-16 94208] R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2006-05-02 135168] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-08-23 79136] R2 lxba_device;lxba_device; C:\Windows\system32\lxbacoms.exe [2007-04-24 537520] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-04 203296] R2 QPCapSvc;QuickPlay Background Capture Service (QBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe [2007-12-19 271760] R2 QPSched;QuickPlay Task Scheduler (QTS); C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe [2007-12-19 112016] R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-01-09 272024] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560] R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872] S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-03-05 110592] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-07-13 654848] S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2008-05-05 165416] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] -----------------EOF----------------- As for the GMER log, all i got were false positives on files that i already know are 100 percent safe and not a factor with the internet connectivity issue also my firefox has stopped working recently after a family member tried updating it to the newest version, firefox will not load at all. I've tried system restore and it still continues to happen.
Hey mondax 1. Now, please download ComboFix. With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it. Save it to your Desktop. Please disable all security programs, such as antiviruses, antispywares, and firewalls. • Run Combo-Fix.exe and follow the prompts. • Accept the End-User License Agreement. (If the Recovery Console has been installed on your computer, ComboFix will skip the next three steps.) • Allow the Recovery Console to be installed. • When you see the window below, click on Yes. • When the Recovery Console has been installed, click on Yes to start the scan. **Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later. • Wait for the scan to be fully completed. • If it requires a reboot, please do so. • After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt) Do not click on the ComboFix window, as it may cause it to stall. 2. Please reboot your computer into Safe Mode With Networking by doing the following: • Restart your computer • After pressing the power button, repeatedly tap the F8 key. • Instead of Windows loading as normal, the Advanced Options Menu should appear; • Select the option to run Windows in Safe Mode With Networking, then press Enter. • Choose the administrator's account. Does the internet work here? Things I'll need in your next post: 1. ComboFix log 2. Whether or not internet works in Safe Mode with Networking. Best Regards
ComboFix 09-07-08.02 - Family 07/08/2009 17:29.3 - NTFSx86 NETWORK Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2942.2410 [GMT -5:00] Running from: c:\users\Family\Desktop\ComboFix.exe SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((( Files Created from 2009-06-08 to 2009-07-08 ))))))))))))))))))))))))))))))) . 2009-07-08 22:36 . 2009-07-08 22:36 -------- d-----w- c:\users\Family\AppData\Local\temp 2009-07-03 18:00 . 2009-07-03 18:00 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-07-03 18:00 . 2009-07-03 18:00 108552 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2009-07-03 18:00 . 2009-07-03 18:00 327688 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-07-03 18:00 . 2009-07-03 18:00 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-07-03 18:00 . 2009-07-03 18:00 -------- d-----w- c:\windows\system32\drivers\Avg 2009-07-03 16:31 . 2009-07-03 16:31 -------- d-----w- C:\rsit 2009-07-02 19:36 . 2009-07-02 19:36 -------- d-----w- c:\programdata\WindowsSearch 2009-06-29 23:39 . 2009-06-17 16:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-06-29 23:39 . 2009-06-17 16:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-06-27 19:17 . 2009-06-27 19:17 -------- d-----w- c:\program files\Trend Micro 2009-06-27 18:45 . 2009-06-27 18:45 -------- d-----w- c:\users\Family\AppData\Roaming\Malwarebytes 2009-06-27 18:45 . 2009-06-29 23:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-06-27 18:45 . 2009-06-27 18:45 -------- d-----w- c:\programdata\Malwarebytes 2009-06-20 04:26 . 2009-06-20 04:26 -------- d-----w- c:\users\Family\AppData\Roaming\Sony 2009-06-20 04:26 . 2009-06-20 04:26 -------- d-----w- c:\programdata\Sony 2009-06-20 04:21 . 2009-06-20 04:21 -------- d-----w- c:\users\Family\AppData\Local\Sony 2009-06-20 04:20 . 2009-06-20 04:20 -------- d-----w- c:\program files\Common Files\Sony Shared 2009-06-20 04:19 . 2009-06-20 04:19 -------- d-----w- c:\program files\Sony Setup 2009-06-16 23:18 . 2009-06-16 23:18 -------- d-----w- c:\windows\CheckSur 2009-06-15 23:38 . 2009-04-30 12:37 293376 ----a-w- c:\windows\system32\psisdecd.dll 2009-06-15 23:38 . 2009-04-30 12:37 428544 ----a-w- c:\windows\system32\EncDec.dll 2009-06-14 16:06 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-07-08 22:22 . 2009-07-06 16:05 0 ---ha-w- c:\users\Family\BITE46D.tmp 2009-07-08 22:20 . 2008-12-29 20:45 27934 ----a-w- c:\programdata\nvModes.dat 2009-07-08 21:39 . 2008-07-16 20:37 7620 ----a-w- c:\users\Family\AppData\Local\d3d9caps.dat 2009-07-03 17:59 . 2009-01-26 21:09 -------- d-----w- c:\programdata\avg8 2009-07-03 17:41 . 2008-07-14 00:45 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2009-07-03 17:30 . 2008-07-14 00:45 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-06-29 23:27 . 2009-01-14 14:11 -------- d-----w- c:\users\Family\AppData\Roaming\vlc 2009-06-29 23:27 . 2008-10-24 22:32 -------- d-----w- c:\users\Family\AppData\Roaming\r2 Studios 2009-06-29 23:27 . 2008-10-24 22:32 -------- d-----w- c:\programdata\r2 Studios 2009-06-29 23:27 . 2008-10-24 22:32 -------- d-----w- c:\program files\r2 Studios 2009-06-20 04:20 . 2008-11-25 20:00 -------- d-----w- c:\program files\Sony 2009-06-15 23:34 . 2008-04-25 02:11 -------- d-----w- c:\program files\Microsoft Works 2009-06-15 23:33 . 2008-04-25 02:33 -------- d-----w- c:\programdata\Microsoft Help 2009-06-14 15:51 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-06-14 15:51 . 2008-07-13 23:55 -------- d-----w- c:\programdata\FLEXnet 2009-06-08 21:05 . 2009-06-08 21:05 758088 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2009-05-15 23:04 . 2009-05-15 23:04 416128 ----a-w- c:\programdata\Microsoft\eHome\Packages\NetTV\Browse\NetTVResources.dll 2009-04-24 16:05 . 2009-06-14 16:07 827904 ----a-w- c:\windows\system32\wininet.dll 2009-04-24 16:02 . 2009-06-14 16:07 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-04-24 13:44 . 2009-06-14 16:07 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-04-23 12:43 . 2009-06-14 16:07 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-04-23 12:42 . 2009-06-14 16:07 636928 ----a-w- c:\windows\system32\localspl.dll . ((((((((((((((((((((((((((((( SnapShot@2009-07-08_21.49.40 ))))))))))))))))))))))))))))))))))))))))) . + 2008-01-21 01:58 . 2009-07-08 22:22 59264 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2006-11-02 13:05 . 2009-07-08 22:22 96098 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-07-13 21:40 . 2009-07-08 22:22 12730 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-877479627-3809478448-3701232382-1000_UserData.bin + 2006-11-02 10:33 . 2009-07-08 22:34 594698 c:\windows\System32\perfh009.dat + 2006-11-02 10:33 . 2009-07-08 22:34 100766 c:\windows\System32\perfc009.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-28 1045800] "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-12-20 468264] "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032] "OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320] "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 218408] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008] "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560] "WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-04 13556256] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-04 92704] "StartupDelayer"="c:\program files\r2 Studios\Startup Delayer\Startup Launcher.exe" [2007-12-14 26112] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-07-03 1948440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "GrpConv"="grpconv -o" [X] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^Users^Family^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] path=c:\users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "DefaultOutboundAction"= 0 (0x0) "DefaultInboundAction"= 1 (0x1) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{6435A5D5-321F-405F-AB32-F4CDD8884A4F}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{CEB005FC-A593-403D-9E0F-B5D6D6CB7B01}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{D1D6E669-9DD7-4B12-8B84-4A3DF994AD90}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector "{7EB085B8-344E-41CB-9D92-AB651F064199}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl "{F5FD2F6C-4959-4877-8963-91D77D16EACE}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl "{AF92B6E9-02ED-485F-8196-528D4296F852}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl "{B45744D4-86A4-4417-A215-719ED5DE9E9A}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl "{11CF649A-B94A-4777-BBC2-B29FB89F961F}"= UDP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl "{71E69720-498E-4AC0-B143-D5C5E53EA1E4}"= TCP:c:\program files\earthlink totalaccess\TaskPanl.exe:taskpanl "{EF8034C3-E49D-41FA-8162-13E38E8ACCF5}"= c:\program files\HP\QuickPlay\QP.exe:Quick Play "{87202176-5AD3-4E9E-B920-6CE22A830A41}"= c:\program files\HP\QuickPlay\QPService.exe:Quick Play Resident Program "{42D95EB2-FA1E-4943-B5BF-DA358C10178E}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxbapswx.exerinter Status Window "{A8B79248-BF63-4116-BFAE-86C31281ABB7}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxbapswx.exerinter Status Window "{F8B9E698-62DF-4214-ADE8-17E0D2CA123F}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{99A2690F-8777-4F3B-BDC2-C993F2D0F14E}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{8B504DB5-70AA-476D-99CC-973CE0FCFDC0}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{88D232C7-06B7-4F74-994E-527A0DF59E6C}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour "{D29EEEE2-5C83-4ED8-AA4C-DF705CCB2653}"= UDP:c:\windows\System32\lxbacoms.exe:Lexmark Communications System "{8BDA2EA0-41C5-41D5-A97B-43D5872A4092}"= TCP:c:\windows\System32\lxbacoms.exe:Lexmark Communications System "{E6C01AEC-F5AB-4FF6-AA78-C31837A393D8}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes "{5116ACC3-0BCB-4735-BA28-39B34D18D4D1}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes "{CF6FBAF3-12E6-45A5-BB23-8FEA3D07E41B}"= UDP:c:\program files\Internet Explorer\iexplore.exe:Internet Explorer "{C99A468B-00F3-468B-AD8F-485C2C238CA5}"= TCP:c:\program files\Internet Explorer\iexplore.exe:Internet Explorer "{D7036846-DF0F-426A-9545-09FB033F3A6B}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{97C3F72E-321D-417F-8DDE-7348E280E913}"= UDP:c:\program files\Mozilla Firefox\firefox.exe:Mozilla Firefox "{C1259C76-B6C3-4E76-85B2-D9BE41BDCD1D}"= TCP:c:\program files\Mozilla Firefox\firefox.exe:Mozilla Firefox "{7DAAA77D-D339-4C00-A7D1-42881E692799}"= Disabled:UDP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader "{11C8DC70-3736-4C5E-AA43-D49EAA46E75F}"= Disabled:TCP:c:\program files\Common Files\AOL\Loader\aolload.exe:AOL Loader "{578FBDDF-2C6F-4123-B861-AA03BDE60A3A}"= c:\program files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{30C15DB4-685C-4FCD-ABBE-E76AB0F92CF3}"= UDP:c:\windows\System32\lxbacoms.exe:Lexmark Communications System "{DA75E266-DF99-4B57-B1C8-1A167739D47F}"= TCP:c:\windows\System32\lxbacoms.exe:Lexmark Communications System "{F9449888-7742-44B1-AF05-9E9ADC2C811F}"= UDP:c:\windows\System32\spool\drivers\w32x86\3\lxbapswx.exerinter Status Window "{6A59D251-79B9-4860-84EF-89940DD7D9F7}"= TCP:c:\windows\System32\spool\drivers\w32x86\3\lxbapswx.exerinter Status Window "{719AFECE-BDD5-4C5C-B8C3-A17AE0BDB961}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{CDCF1521-C153-401D-B76A-96689223DEA9}"= UDP:c:\program files\Sony\Media Manager for WALKMAN\MediaManager.exe:Media Manager for WALKMAN 1.2 "{9A6B072C-B0E8-4C4A-A5CD-C45E78ED5994}"= TCP:c:\program files\Sony\Media Manager for WALKMAN\MediaManager.exe:Media Manager for WALKMAN 1.2 "{267F3806-7629-4C79-B38B-AD85E0ECCFC6}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe "{435A2E72-35B8-4558-8723-FDC2D535D1EE}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe "{6F95C398-7BB3-4BF1-9F8B-B5C6883B0698}"= UDP:c:\program files\Internet Explorer\iexplore.exe:Internet Explorer "{13164497-7855-43FF-A884-2D1BF8DC0B7D}"= TCP:c:\program files\Internet Explorer\iexplore.exe:Internet Explorer [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "DefaultOutboundAction"= 0 (0x0) "DefaultInboundAction"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "DefaultOutboundAction"= 0 (0x0) "DefaultInboundAction"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\EarthLink TotalAccess\\TaskPanl.exe"= c:\program files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [7/3/2009 1:00 PM 108552] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [7/3/2009 1:00 PM 327688] S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [7/3/2009 12:59 PM 298776] S2 lxba_device;lxba_device;c:\windows\system32\lxbacoms.exe -service --> c:\windows\system32\lxbacoms.exe -service [?] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [7/3/2009 12:30 PM 1153368] S3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [6/13/2008 3:13 PM 41008] --- Other Services/Drivers In Memory --- *NewlyCreated* - ECACHE [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . Contents of the 'Scheduled Tasks' folder 2009-02-01 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job - c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 17:20] 2009-07-06 c:\windows\Tasks\HPCeeScheduleForFamily.job - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-04-25 18:58] 2009-07-08 c:\windows\Tasks\User_Feed_Synchronization-{EFB89D09-7609-450D-AC3E-E4CE180B8E26}.job - c:\windows\system32\msfeedssync.exe [2008-01-21 02:24] . - - - - ORPHANS REMOVED - - - - HKLM-RunOnce-<NO NAME> - (no file) . ------- Supplementary Scan ------- . uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop uInternet Settings,ProxyOverride = *.local IE: Add to Windows &Live Favorites IE: E&xport to Microsoft Excel IE: eBay Search FF - ProfilePath - c:\users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\1ebe22rt.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: network.proxy.type - 4 FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\NPTURNMED.dll FF - plugin: c:\program files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll FF - plugin: c:\users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\1ebe22rt.default\extensions\moveplayer@movenetworks.com\platform\WINNT_x86-msvc\plugins\npmnqmp071303000005.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-08 17:36 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'Explorer.exe'(1952) c:\program files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll . Completion time: 2009-07-08 17:37 ComboFix-quarantined-files.txt 2009-07-08 22:37 ComboFix2.txt 2009-07-08 22:17 ComboFix3.txt 2009-07-08 21:51 Pre-Run: 19,624,189,952 bytes free Post-Run: 19,487,592,448 bytes free 232 --- E O F --- 2009-06-18 16:14 theres the combo fix log, and i still cannot connect to the internet via safe mode with networking again thanks for helping
