Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Internet page will not open for both IE and Firefox


  • This topic is locked This topic is locked
2 replies to this topic

#1 PWW

PWW

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:01 AM

Posted 08 March 2010 - 07:01 PM

Hi need help my Internet home page will not open on my Dell CPU for either IE or Firefox, even after 30 mins! Not my wireless router as laptop will work fine. Running on Windows XP. Have ran Reg Mechanic and AVG anti-virus and spyware. Did not solve problem. Have ran Combofix here are results any suggestions would be appreciated.
ComboFix 10-03-06.01 - Peter Wright 03/06/2010 16:38:23.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.198 [GMT -5:00]
Running from: c:\documents and settings\Peter Wright\Desktop\ComboFix.exe
AV: Norton Security Online *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Security Online *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\FunWebProducts
c:\program files\INSTALL.LOG
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
c:\program files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\windows\a3kebook.ini
c:\windows\akebook.ini
c:\windows\ANS2000.INI
c:\windows\system32\f3PSSavr.scr
c:\windows\system32\syspvm-14.dll

.
((((((((((((((((((((((((( Files Created from 2010-02-06 to 2010-03-06 )))))))))))))))))))))))))))))))
.

2010-03-05 18:35 . 2010-03-05 18:35 -------- d-----w- c:\documents and settings\Peter Wright\Application Data\Registry Mechanic
2010-03-05 18:12 . 2010-03-05 18:12 -------- d-----w- c:\program files\Common Files\PC Tools
2010-03-05 16:30 . 2010-03-05 16:31 -------- d-----w- c:\program files\CCleaner
2010-03-02 23:52 . 2010-03-02 23:52 -------- d-----w- c:\documents and settings\Peter Wright\Local Settings\Application Data\Ahead
2010-03-01 19:21 . 2010-03-06 21:22 0 ----a-w- c:\documents and settings\Peter Wright\Local Settings\Application Data\prvlcl.dat
2010-03-01 15:22 . 2010-03-01 15:28 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Temp
2010-02-11 23:13 . 2010-02-11 23:13 -------- d-----w- c:\program files\Ask.com
2010-02-11 05:06 . 2010-02-11 05:06 -------- d-----w- c:\documents and settings\Peter Wright\Local Settings\Application Data\AVG Security Toolbar
2010-02-11 05:03 . 2010-02-11 12:56 -------- d-----w- C:\$AVG
2010-02-11 05:02 . 2010-02-11 05:02 12464 ----a-w- c:\windows\system32\avgrsstx.dll
2010-02-11 05:02 . 2010-02-11 05:02 360584 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2010-02-11 05:02 . 2010-02-11 05:02 333192 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2010-02-11 05:02 . 2010-02-11 05:02 28424 ----a-w- c:\windows\system32\drivers\avgmfx86.sys
2010-02-11 05:02 . 2010-03-06 13:32 -------- d-----w- c:\windows\system32\drivers\Avg
2010-02-11 05:02 . 2010-02-12 00:06 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Security Toolbar
2010-02-11 05:01 . 2010-02-11 05:01 -------- d-----w- c:\program files\AVG
2010-02-11 05:00 . 2010-02-11 05:01 -------- d-----w- c:\documents and settings\All Users\Application Data\avg9
2010-02-07 22:50 . 2010-02-07 22:50 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2010-02-05 22:24 . 2010-02-09 04:25 -------- d-----w- c:\program files\MetaTrader - ForexMeta

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2054-11-18 16:24 . 2002-09-17 14:21 299520 ----a-w- c:\windows\uninst.exe
2010-03-06 21:29 . 2009-05-25 14:31 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-03-06 21:21 . 2010-01-11 23:26 -------- d-----w- c:\documents and settings\Peter Wright\Application Data\Dropbox
2010-03-06 21:15 . 2009-06-05 18:27 -------- d-----w- c:\program files\Blue Coat K9 Web Protection
2010-03-06 19:00 . 2009-02-22 22:05 -------- d-----w- c:\program files\LogMeIn
2010-03-05 16:47 . 2007-07-03 17:41 256 ----a-w- c:\windows\system32\pool.bin
2010-03-04 00:30 . 2009-03-28 18:21 -------- d-----w- c:\program files\Burn4Free
2010-03-01 15:33 . 2010-01-11 23:28 91696 ----a-w- c:\documents and settings\Peter Wright\Application Data\Dropbox\bin\Uninstall.exe
2010-03-01 15:25 . 2010-03-01 15:25 13264416 ----a-w- c:\documents and settings\Peter Wright\Application Data\Dropbox\cache\Dropbox-update-0.7.110.exe
2010-02-26 05:10 . 2010-02-26 05:10 21979992 ----a-w- c:\documents and settings\Peter Wright\Application Data\Dropbox\bin\Dropbox.exe
2010-02-12 00:49 . 2005-03-03 18:11 -------- d-----w- c:\program files\Yahoo!
2010-02-12 00:41 . 2009-01-03 14:20 -------- d-----w- c:\program files\Pando Networks
2010-02-12 00:38 . 2003-10-02 22:56 -------- d-----w- c:\program files\Palm
2010-02-12 00:37 . 2009-06-25 22:45 -------- d-----w- c:\program files\MVP Software
2010-02-12 00:37 . 2002-09-17 14:23 -------- d-----w- c:\program files\Maximizer
2010-02-12 00:36 . 2009-02-08 22:52 -------- d-----w- c:\program files\Lexmark Toolbar
2010-02-12 00:04 . 2002-10-19 15:39 -------- d-----w- c:\program files\Extreme HU
2010-02-11 04:45 . 2009-06-18 21:30 175952 --sha-w- c:\windows\system32\drivers\fidbox2.idx
2010-02-11 04:45 . 2009-06-18 21:30 1854240 --sha-w- c:\windows\system32\drivers\fidbox2.dat
2010-02-11 04:45 . 2009-06-18 21:30 544352 --sha-w- c:\windows\system32\drivers\fidbox.idx
2010-02-11 04:45 . 2009-06-18 21:30 40488480 --sha-w- c:\windows\system32\drivers\fidbox.dat
2010-02-11 03:51 . 2009-06-18 21:03 -------- d-----w- c:\documents and settings\Peter Wright\Application Data\Rogers Online Protection
2010-02-11 03:51 . 2009-12-19 23:35 -------- d-----w- c:\documents and settings\Matt\Application Data\Rogers Online Protection
2010-02-11 03:51 . 2009-06-18 21:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Rogers Online Protection
2010-02-10 04:09 . 2009-02-08 22:54 -------- d-----w- c:\program files\Lx_cats
2010-02-07 22:49 . 2004-05-25 17:14 -------- d-----w- c:\program files\Google
2010-02-02 14:37 . 2010-02-02 14:14 -------- d-----w- c:\program files\Ahead
2010-02-02 14:23 . 2010-02-02 14:15 -------- d-----w- c:\program files\Common Files\Ahead
2010-02-02 14:15 . 2010-02-02 14:15 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2010-02-02 00:16 . 2010-02-02 00:16 -------- d-----w- c:\program files\Live Mesh
2010-02-02 00:07 . 2010-02-02 00:17 9040 ----a-w- c:\windows\system32\drivers\rdpdispm.sys
2010-02-02 00:07 . 2010-02-02 00:17 118736 ----a-w- c:\windows\system32\rdpdispd.dll
2010-02-02 00:07 . 2010-02-02 00:17 19408 ----a-w- c:\windows\system32\drivers\rdpvmp.sys
2010-02-02 00:07 . 2010-02-02 00:17 15696 ----a-w- c:\windows\system32\rdpvdd.dll
2010-01-23 00:37 . 2009-09-18 22:30 -------- d-----w- c:\program files\Microsoft Silverlight
2010-01-16 17:02 . 2009-12-07 21:06 -------- d-----w- c:\documents and settings\All Users\Application Data\CA-SupportBridge
2010-01-16 16:59 . 2009-12-07 21:06 70920 ----a-w- c:\documents and settings\All Users\Application Data\CA-SupportBridge\Customer_rc.dll
2010-01-15 22:54 . 2010-01-15 22:54 1956072 ----a-w- c:\documents and settings\Peter Wright\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe
2010-01-08 23:53 . 2010-01-08 19:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Maxtor
2010-01-08 19:24 . 2010-01-08 19:24 -------- d-----w- c:\program files\Maxtor
2010-01-06 01:00 . 2008-03-10 19:35 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-12-31 16:50 . 2001-08-18 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-21 19:14 . 2004-02-06 22:05 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-20 02:47 . 2004-09-08 22:01 96560 ----a-w- c:\documents and settings\Marilyn Wright\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-19 23:36 . 2009-12-19 23:36 96560 ----a-w- c:\documents and settings\Matt\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-12-16 18:43 . 2004-05-25 00:53 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2001-08-18 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-09 01:19 . 2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Peter Wright\Application Data\Dropbox\bin\DropboxExt.13.dll
2009-12-08 19:27 . 1980-01-01 05:00 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 18:43 . 1980-01-01 05:00 2066048 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-12-07 21:07 . 2009-12-07 21:07 359424 ----a-w- c:\documents and settings\All Users\Application Data\CA-SupportBridge\Tools.ART.Client.dll
2009-12-07 21:07 . 2009-12-07 21:07 18432 ----a-w- c:\documents and settings\All Users\Application Data\CA-SupportBridge\Tools.ART.Client_rc.dll
2009-12-07 21:06 . 2009-12-07 21:06 544768 ----a-w- c:\documents and settings\All Users\Application Data\CA-SupportBridge\Tools.Scripting.Client.dll
2009-12-07 21:06 . 2009-12-07 21:06 22016 ----a-w- c:\documents and settings\All Users\Application Data\CA-SupportBridge\Tools.Scripting.Client_rc.dll
2009-12-07 21:06 . 2009-12-07 21:06 626440 ----a-w- c:\documents and settings\All Users\Application Data\CA-SupportBridge\Customer.exe
2009-12-07 21:06 . 2009-12-07 21:06 599304 ----a-w- c:\documents and settings\All Users\Application Data\CA-SupportBridge\Controller.exe
2009-12-07 21:06 . 2009-12-07 21:06 353544 ----a-w- c:\documents and settings\All Users\Application Data\CA-SupportBridge\SoftwareUpdater.exe
2009-12-07 21:06 . 2009-12-07 21:06 632072 ----a-w- c:\documents and settings\All Users\Application Data\CA-SupportBridge\msvcr80.dll
1999-03-29 06:34 . 1999-03-29 06:34 106768 ----a-w- c:\program files\msscript.ocx
1997-05-24 06:16 . 2003-07-17 23:49 70780 ----a-r- c:\program files\msscript.hlp
1997-05-24 06:16 . 2003-07-17 23:49 2154 ----a-r- c:\program files\msscript.cnt
2009-02-22 21:54 . 2006-05-31 17:13 27976 ----a-w- c:\program files\mozilla firefox\plugins\atgpcdec.dll
2009-02-22 21:54 . 2006-05-31 17:13 126360 ----a-w- c:\program files\mozilla firefox\plugins\atgpcext.dll
2009-02-22 21:55 . 2009-02-22 21:55 98712 ----a-w- c:\program files\mozilla firefox\plugins\ieatgpc.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-11-25 18:01 1230080 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2009-11-25 1230080]

[HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Peter Wright\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Peter Wright\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2009-12-09 01:19 94208 ----a-w- c:\documents and settings\Peter Wright\Application Data\Dropbox\bin\DropboxExt.13.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-28 68856]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
"MoeMonitor.exe"="c:\documents and settings\Peter Wright\Local Settings\Application Data\Microsoft\Live Mesh\Bin\Servicing\0.9.4014.7\MoeMonitor.exe" [2010-02-01 1315152]
"RegistryMechanic"="c:\program files\Registry Mechanic\RegMech.exe" [2009-11-25 3176408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\point32.exe" [2004-06-03 204800]
"MMTray"="c:\program files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" [2005-05-10 110592]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-08 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288]
"mxomssmenu"="c:\program files\Maxtor\OneTouch Status\maxmenumgr.exe" [2007-09-06 169264]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

c:\documents and settings\Peter Wright\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\Peter Wright\Application Data\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]
Webshots.lnk - c:\program files\Webshots\WebshotsTray.exe [2003-2-5 208896]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
ADSL Diagnostic Tools.LNK - c:\windows\SYSTEM32\mapiicon.exe [2001-10-11 373248]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
TEW-624UB & TEW-644UB Manager.lnk - c:\program files\TRENDnet\TEW-624UB_TEW-644UB\WlanCU.exe [2009-10-28 368640]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2010-02-11 05:02 12464 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-10-17 01:35 87352 ----a-w- c:\windows\SYSTEM32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlcrdplauncher]
2010-02-01 23:44 21840 ----a-w- c:\program files\Live Mesh\Remote Desktop\wlcrdplauncher.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Acoustica CD Label Maker\\CDLabel.exe"=
"c:\\Program Files\\SmartFTP Client 2.0\\SmartFTP.exe"=
"c:\\Program Files\\LimeWire\\LimeWire 4.2.6\\LimeWire.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\Peter Wright\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Live Mesh\\Remote Desktop\\wlcrasvc.exe"=
"c:\\Documents and Settings\\Peter Wright\\Local Settings\\Application Data\\Microsoft\\Live Mesh\\GacBase\\Moe.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG9\\avgnsx.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [2/11/2010 12:02 AM 333192]
R1 AvgTdiX;AVG Free Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [2/11/2010 12:02 AM 360584]
R1 bckd;bckd;c:\windows\SYSTEM32\DRIVERS\bckd.sys [1/13/2009 6:39 PM 72992]
R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2/11/2010 12:01 AM 285392]
R2 bckwfs;Blue Coat K9 Web Protection;c:\program files\Blue Coat K9 Web Protection\k9filter.exe [1/13/2009 6:39 PM 1078560]
R2 fssfltr;FssFltr;c:\windows\SYSTEM32\DRIVERS\fssfltr_tdi.sys [9/18/2009 5:28 PM 54752]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [7/24/2008 6:46 PM 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\SYSTEM32\DRIVERS\LMIRfsDriver.sys [2/22/2009 5:06 PM 47640]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;c:\program files\Common Files\PC Tools\sMonitor\StartManSvc.exe [3/5/2010 1:12 PM 632792]
R2 wlcrasvc;Live Mesh Remote Desktop;c:\program files\Live Mesh\Remote Desktop\wlcrasvc.exe [2/1/2010 7:16 PM 44880]
R2 WLNdis50;Wireless Lan NDIS Protocol I/O Control;c:\windows\SYSTEM32\DRIVERS\WLNdis50.sys [10/28/2009 1:13 PM 20480]
R3 itexadsla2;ITeX ADSL PCI NIC Service;c:\windows\SYSTEM32\DRIVERS\itxi95a2.sys [1/1/1980 424320]
R3 RDPDISPM;RDPDISPM;c:\windows\SYSTEM32\DRIVERS\rdpdispm.sys [2/1/2010 7:17 PM 9040]
R3 RDPVDD;RDPVDD;c:\windows\SYSTEM32\DRIVERS\rdpvmp.sys [2/1/2010 7:17 PM 19408]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\SYSTEM32\DRIVERS\rt2870.sys [10/28/2009 1:12 PM 564480]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/7/2010 5:49 PM 135664]
S2 Norton LiveConnect Service;Norton LiveConnect Service;"c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll" --> c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [?]
S2 pifCore;Norton LiveConnect Service Ex;"c:\program files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon --> c:\program files\Common Files\Symantec Shared\ccSvcHst.exe [?]
S2 WLSVC;WLSVC;c:\program files\TRENDnet\TEW-624UB_TEW-644UB\WLSVC.exe [10/28/2009 1:12 PM 167936]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\Windows Live\Family Safety\fsssvc.exe [8/5/2009 9:48 PM 704864]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-03-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 17:34]

2010-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-07 22:49]

2010-03-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-07 22:49]

2010-03-06 c:\windows\Tasks\ParetoLogic Registration.job
- c:\program files\Common Files\ParetoLogic\UUS2\UUS.dll [2010-01-04 23:00]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;<local>
uCustomizeSearch =
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
Trusted Zone: musicmatch.com\online
Handler: intu-qt2007 - {026BF40D-BA05-467b-9F1F-AD0D7A3F5F11} - c:\program files\QuickTax 2007\ic2007pp.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
DPF: {237F3A38-E718-4FE3-AB18-BCF0AF75B34A} - hxxp://downloads.rogershelp.com/updates.cab
FF - ProfilePath - c:\documents and settings\Peter Wright\Application Data\Mozilla\Firefox\Profiles\b1xsiw4v.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Yahoo! Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=en&q=
FF - component: c:\program files\AVG\AVG9\Firefox\components\avgssff.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
FF - plugin: c:\program files\Google\Update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npatgpc.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS REMOVED - - - -

BHO-{992AF86E-C27A-CE2A-B6FB-E7D901911AE4} - (no file)
WebBrowser-{A806884C-7D63-10BA-D856-CB482E968206} - (no file)
WebBrowser-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
AddRemove-Creative News - c:\program files\Creative\News\CTNews.isu



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-03-06 16:50
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1729697498-2143260530-3168066103-1006\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(508)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
Completion time: 2010-03-06 16:58:42
ComboFix-quarantined-files.txt 2010-03-06 21:58

Pre-Run: 22,822,338,560 bytes free
Post-Run: 22,984,441,856 bytes free

WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn

- - End Of File - - A5E777E921DB8D62F641216C6D0A709C

Edit: Moved topic from XP to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:01 PM

Posted 11 March 2010 - 02:16 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#3 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:03:01 PM

Posted 15 March 2010 - 08:42 PM

This topic has been closed.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users