pc slow 150 outbound connections help pls

hi , running vista installed comodo firewall when i launch firefox get up to 150 outbound connections then after a minute or so they are gone.i get kicked from internet a lot . i am wi-fi at a hotel its unsecured. i dont know where i got this or how long it is been on my pc if it is a virus . pls help me. this is my first pc . i have no idea what is going on still a noob. thank u in advance for any help . pls help

ComboFix 10-06-03.01 - jkr 06/06/2010 16:33:51.1.2 - x86
Microsoft® Windows Vistaâ„¢ Home Premium 6.0.6000.0.1252.1.1033.18.1014.414 [GMT -8:00]
Running from: c:\users\jkr\Downloads\c-fixed.exe
SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\404Fix.exe
c:\windows\system32\Agent.OMZ.Fix.exe
c:\windows\system32\dumphive.exe
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\o4Patch.exe
c:\windows\system32\Process.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe

.
((((((((((((((((((((((((( Files Created from 2010-05-07 to 2010-06-07 )))))))))))))))))))))))))))))))
.

2010-06-07 00:46 . 2010-06-07 00:47 -------- d-----w- c:\users\jkr\AppData\Local\temp
2010-06-07 00:46 . 2010-06-07 00:46 -------- d-----w- c:\users\Public\AppData\Local\temp
2010-06-07 00:46 . 2010-06-07 00:46 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-06-06 04:27 . 2010-06-06 04:34 -------- d-----w- c:\windows\system32\SmitfraudFix
2010-06-06 03:25 . 2010-06-06 03:44 -------- d-----w- C:\c-fixed19940c
2010-06-06 03:23 . 2010-06-06 03:23 -------- d-----w- C:\c-fixed
2010-06-06 00:55 . 2010-06-06 00:55 -------- d-----w- C:\New Folder
2010-06-04 21:34 . 2010-06-04 21:35 -------- d-----w- c:\programdata\COMODO
2010-06-04 14:11 . 2010-06-04 14:11 -------- d-----w- c:\program files\COMODO
2010-06-04 14:08 . 2010-06-04 14:09 -------- d-----w- c:\programdata\Comodo Downloader
2010-05-31 09:45 . 2010-05-31 09:45 -------- d-----w- c:\users\jkr\AppData\Local\CircleDock
2010-05-31 09:44 . 2010-05-31 09:44 -------- d-----w- c:\program files\Circle Dock
2010-05-31 09:44 . 2010-05-31 09:44 -------- d-----w- C:\Circle Dock AddIns
2010-05-28 03:23 . 2010-05-28 03:23 -------- d-----w- c:\program files\TrendMicro
2010-05-27 00:44 . 2010-05-27 00:44 4369388 ---ha-w- c:\windows\system32\drivers\spython.bin
2010-05-26 23:21 . 2010-05-26 23:21 2855 ----a-w- c:\windows\system32\mscdexnt.PIF
2010-05-25 21:12 . 2010-05-25 21:12 -------- d--h--w- c:\windows\PIF
2010-05-24 02:37 . 2010-06-07 00:24 -------- d-----w- c:\program files\iolo
2010-05-24 02:36 . 2010-06-07 00:24 -------- d-----w- c:\programdata\iolo
2010-05-24 02:36 . 2010-05-24 02:37 -------- d-----w- c:\users\jkr\AppData\Roaming\iolo
2010-05-23 21:49 . 2010-05-23 21:49 -------- d-----w- c:\users\jkr\AppData\Local\Mozilla
2010-05-22 05:03 . 2010-05-22 05:03 -------- d-----w- c:\users\jkr\AppData\Roaming\Malwarebytes
2010-05-19 20:40 . 2010-05-19 20:40 70888 ----a-w- c:\users\jkr\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-19 20:26 . 2010-05-19 20:29 -------- d-----w- c:\users\jkr\AppData\Roaming\.k3d
2010-05-19 19:20 . 2010-04-29 23:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-19 19:20 . 2010-05-19 19:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-05-19 19:20 . 2010-05-19 19:20 -------- d-----w- c:\programdata\Malwarebytes
2010-05-19 19:20 . 2010-04-29 23:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-05-17 03:39 . 2010-05-17 03:39 -------- d-----w- c:\programdata\KingsIsle Entertainment
2010-05-13 21:02 . 2010-05-13 21:02 319456 ----a-w- c:\windows\DIFxAPI.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-07 00:25 . 2007-02-24 18:34 -------- d-----w- c:\program files\Sony
2010-06-07 00:25 . 2007-02-24 18:22 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-06 04:33 . 2010-06-06 01:19 691 ----a-w- c:\users\jkr\AppData\Roaming\GetValue.vbs
2010-06-06 04:33 . 2010-06-06 01:19 35 ----a-w- c:\users\jkr\AppData\Roaming\SetValue.bat
2010-06-04 10:25 . 2010-04-17 09:57 -------- d-----w- c:\program files\Vuze
2010-05-24 06:23 . 2010-05-06 15:56 -------- d-----w- c:\program files\Spybot - Search & Destroy
2010-05-24 06:23 . 2010-05-06 15:56 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2010-05-19 20:23 . 2010-05-19 20:23 -------- d-----w- c:\users\jkr\AppData\Roaming\Sony Corporation
2010-05-13 21:06 . 2010-05-13 21:01 -------- d--h--w- c:\program files\Temp
2010-04-27 10:59 . 2010-04-27 10:59 -------- d-----w- c:\program files\NewFreeScreensavers
2010-04-26 14:51 . 2010-04-26 14:51 -------- d-----w- c:\program files\FileSubmit
2010-04-24 12:49 . 2010-04-23 22:20 -------- d-----w- c:\program files\Silkroad
2010-04-21 21:46 . 2010-04-21 20:34 -------- d-----w- c:\program files\WhatsRunning
2010-04-18 03:31 . 2010-04-17 10:28 -------- d-----w- c:\programdata\Norton
2010-04-18 03:29 . 2010-04-17 10:00 -------- d-----w- c:\program files\Microsoft
2010-04-17 10:28 . 2009-12-29 12:33 -------- d-----w- c:\programdata\Symantec
2010-04-17 10:28 . 2010-04-17 10:28 -------- d-----w- c:\programdata\NortonInstaller
2010-04-17 09:58 . 2010-04-17 09:58 -------- d-----w- c:\programdata\Azureus
2010-04-16 07:46 . 2010-04-16 07:46 -------- d-----w- c:\program files\Elaborate Bytes
2010-04-15 01:55 . 2010-05-13 21:01 232792 ----a-w- c:\windows\system32\MaxxAudioAPO20.dll
2010-04-12 00:47 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-04-12 00:46 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-04-12 00:39 . 2010-04-12 00:39 72704 ----a-w- c:\windows\system32\fontsub.dll
2010-04-12 00:39 . 2010-04-12 00:39 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-04-12 00:39 . 2010-04-12 00:39 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-04-12 00:39 . 2010-04-12 00:39 24064 ----a-w- c:\windows\system32\lpk.dll
2010-04-12 00:39 . 2010-04-12 00:39 156672 ----a-w- c:\windows\system32\t2embed.dll
2010-04-12 00:39 . 2010-04-12 00:39 10240 ----a-w- c:\windows\system32\dciman32.dll
2010-04-12 00:37 . 2010-04-12 00:37 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2010-04-12 00:37 . 2010-04-12 00:37 61440 ----a-w- c:\windows\system32\winipsec.dll
2010-04-12 00:37 . 2010-04-12 00:37 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2010-04-12 00:37 . 2010-04-12 00:37 272896 ----a-w- c:\windows\system32\polstore.dll
2010-04-12 00:36 . 2010-04-12 00:36 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-04-12 00:36 . 2010-04-12 00:36 306688 ----a-w- c:\windows\system32\drivers\srv.sys
2010-04-12 00:34 . 2010-04-12 00:34 87040 ----a-w- c:\windows\system32\msoert2.dll
2010-04-12 00:34 . 2010-04-12 00:34 39424 ----a-w- c:\windows\system32\ACCTRES.dll
2010-04-12 00:34 . 2010-04-12 00:34 205824 ----a-w- c:\windows\system32\msoeacct.dll
2010-04-12 00:33 . 2010-04-12 00:33 15360 ----a-w- c:\windows\system32\netevent.dll
2010-04-12 00:33 . 2010-04-12 00:33 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2010-04-12 00:33 . 2010-04-12 00:33 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2010-04-12 00:33 . 2010-04-12 00:33 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2010-04-12 00:33 . 2010-04-12 00:33 19968 ----a-w- c:\windows\system32\ARP.EXE
2010-04-12 00:33 . 2010-04-12 00:33 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2010-04-12 00:33 . 2010-04-12 00:33 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2010-04-12 00:33 . 2010-04-12 00:33 103936 ----a-w- c:\windows\system32\netiohlp.dll
2010-04-12 00:33 . 2010-04-12 00:33 10240 ----a-w- c:\windows\system32\finger.exe
2010-04-12 00:31 . 2010-04-12 00:31 194560 ----a-w- c:\windows\system32\WebClnt.dll
2010-04-12 00:31 . 2010-04-12 00:31 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2010-04-12 00:30 . 2010-04-12 00:30 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2010-04-12 00:30 . 2010-04-12 00:30 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2010-04-12 00:30 . 2010-04-12 00:30 502272 ----a-w- c:\windows\system32\wlansvc.dll
2010-04-12 00:30 . 2010-04-12 00:30 47104 ----a-w- c:\windows\system32\wlanapi.dll
2010-04-12 00:30 . 2010-04-12 00:30 297984 ----a-w- c:\windows\system32\wlansec.dll
2010-04-12 00:30 . 2010-04-12 00:30 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2010-04-12 00:28 . 2010-04-12 00:28 1260032 ----a-w- c:\windows\system32\msxml3.dll
2010-04-12 00:28 . 2010-04-12 00:28 2048 ----a-w- c:\windows\system32\msxml6r.dll
2010-04-12 00:28 . 2010-04-12 00:28 2048 ----a-w- c:\windows\system32\msxml3r.dll
2010-04-12 00:28 . 2010-04-12 00:28 1406464 ----a-w- c:\windows\system32\msxml6.dll
2010-04-12 00:27 . 2010-04-12 00:27 7680 ----a-w- c:\windows\system32\lsass.exe
2010-04-12 00:27 . 2010-04-12 00:27 72704 ----a-w- c:\windows\system32\secur32.dll
2010-04-12 00:27 . 2010-04-12 00:27 408136 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2010-04-12 00:27 . 2010-04-12 00:27 216576 ----a-w- c:\windows\system32\msv1_0.dll
2010-04-12 00:27 . 2010-04-12 00:27 175104 ----a-w- c:\windows\system32\wdigest.dll
2010-04-12 00:27 . 2010-04-12 00:27 1233920 ----a-w- c:\windows\system32\lsasrv.dll
2010-04-12 00:26 . 2010-04-12 00:26 49664 ----a-w- c:\windows\system32\csrsrv.dll
2010-04-12 00:26 . 2010-04-12 00:26 376320 ----a-w- c:\windows\system32\winsrv.dll
2010-04-12 00:24 . 2010-04-12 00:24 98816 ----a-w- c:\windows\system32\mfps.dll
2010-04-12 00:24 . 2010-04-12 00:24 52736 ----a-w- c:\windows\system32\rrinstaller.exe
2010-04-12 00:24 . 2010-04-12 00:24 2855424 ----a-w- c:\windows\system32\mf.dll
2010-04-12 00:24 . 2010-04-12 00:24 24576 ----a-w- c:\windows\system32\mfpmp.exe
2010-04-12 00:24 . 2010-04-12 00:24 2048 ----a-w- c:\windows\system32\mferror.dll
2010-04-12 00:21 . 2010-04-12 00:21 376832 ----a-w- c:\windows\system32\winhttp.dll
2010-04-12 00:20 . 2010-04-12 00:20 71680 ----a-w- c:\windows\system32\atl.dll
2010-04-12 00:18 . 2010-04-12 00:18 297472 ----a-w- c:\windows\system32\gdi32.dll
2010-04-12 00:15 . 2010-04-12 00:15 374456 ----a-w- c:\windows\system32\mcupdate_GenuineIntel.dll
2010-04-12 00:14 . 2010-04-12 00:14 500736 ----a-w- c:\windows\system32\msdtcprx.dll
2010-04-12 00:14 . 2010-04-12 00:14 30208 ----a-w- c:\windows\system32\xolehlp.dll
2010-04-12 00:13 . 2010-04-12 00:13 156160 ----a-w- c:\windows\system32\wkssvc.dll
2010-04-12 00:11 . 2010-04-12 00:11 36352 ----a-w- c:\windows\system32\tsgqec.dll
2010-04-12 00:11 . 2010-04-12 00:11 116736 ----a-w- c:\windows\system32\aaclient.dll
2010-04-12 00:11 . 2010-04-12 00:11 1871872 ----a-w- c:\windows\system32\mstscax.dll
2010-04-12 00:10 . 2010-04-12 00:10 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2010-04-12 00:07 . 2010-04-12 00:07 414208 ----a-w- c:\windows\system32\msscp.dll
2010-04-12 00:06 . 2010-04-12 00:06 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2010-04-12 00:06 . 2010-04-12 00:06 396800 ----a-w- c:\windows\system32\MPSSVC.dll
2010-04-12 00:06 . 2010-04-12 00:06 392192 ----a-w- c:\windows\system32\FirewallAPI.dll
2010-04-12 00:06 . 2010-04-12 00:06 86016 ----a-w- c:\windows\system32\icfupgd.dll
2010-04-12 00:06 . 2010-04-12 00:06 61952 ----a-w- c:\windows\system32\cmifw.dll
2010-04-12 00:06 . 2010-04-12 00:06 23040 ----a-w- c:\windows\system32\drivers\tunnel.sys
2010-04-12 00:06 . 2010-04-12 00:06 16896 ----a-w- c:\windows\system32\wfapigp.dll
2010-04-12 00:06 . 2010-04-12 00:06 178688 ----a-w- c:\windows\system32\iphlpsvc.dll
2010-04-12 00:06 . 2010-04-12 00:06 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2010-04-11 23:59 . 2010-04-11 23:59 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-11 23:57 . 2010-04-11 23:57 696832 ----a-w- c:\windows\system32\localspl.dll
2010-04-11 23:56 . 2010-04-11 23:56 104448 ----a-w- c:\windows\system32\DWWIN.EXE
2010-04-11 23:54 . 2010-04-11 23:54 72704 ----a-w- c:\windows\system32\admparse.dll
2010-04-11 23:54 . 2010-04-11 23:54 832512 ----a-w- c:\windows\system32\wininet.dll
2010-04-11 23:54 . 2010-04-11 23:54 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-04-11 23:54 . 2010-04-11 23:54 48128 ----a-w- c:\windows\system32\mshtmler.dll
2010-04-11 23:54 . 2010-04-11 23:54 26624 ----a-w- c:\windows\system32\ieUnatt.exe
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\pagefile.sys
2009-11-04 18:14 . 2010-05-06 15:56 1168216 --sha-r- c:\windows\System32\ss64\Program Files\Spybot - Search & Destroy\advcheck.dll
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\pagefile.sys
2009-11-04 18:14 . 2010-05-06 15:56 1168216 --sha-r- c:\windows\System32\ss64\Windows\System32\ss64\Program Files\Spybot - Search & Destroy\advcheck.dll
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\pagefile.sys
2009-11-04 18:14 . 2010-05-06 15:56 1168216 --sha-r- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Program Files\Spybot - Search & Destroy\advcheck.dll
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\pagefile.sys
2009-11-04 18:14 . 2010-05-06 15:56 1168216 --sha-r- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Program Files\Spybot - Search & Destroy\advcheck.dll
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\pagefile.sys
2009-11-04 18:14 . 2010-05-06 15:56 1168216 --sha-r- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Program Files\Spybot - Search & Destroy\advcheck.dll
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\pagefile.sys
2009-11-04 18:14 . 2010-05-06 15:56 1168216 --sha-r- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Program Files\Spybot - Search & Destroy\advcheck.dll
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\pagefile.sys
2009-11-04 18:14 . 2010-05-06 15:56 1168216 --sha-r- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Program Files\Spybot - Search & Destroy\advcheck.dll
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\pagefile.sys
2009-11-04 18:14 . 2010-05-06 15:56 1168216 --sha-r- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Program Files\Spybot - Search & Destroy\advcheck.dll
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\pagefile.sys
2009-11-04 18:14 . 2010-05-06 15:56 1168216 --sha-r- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Program Files\Spybot - Search & Destroy\advcheck.dll
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\pagefile.sys
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\pagefile.sys
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Boot\bootstat.dat
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Users\jkr\NTUSER.DAT
1601-01-01 00:00 . 1601-01-01 00:00 0 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6000.16386_none_ef216b8c52ca2227\WinMail.exe
2006-11-02 12:34 . 2006-11-02 12:34 397312 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6000.16386_none_ef216b8c52ca2227\WinMail.exe
2006-11-02 12:34 . 2006-11-02 12:34 397312 --sha-w- c:\windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\System32\ss64\Windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.0.6000.16386_none_ef216b8c52ca2227\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2006-11-13 118784]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegedit"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-02-13 23:19 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk
backup=c:\windows\pss\Adobe Acrobat Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=c:\windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
2007-01-23 04:39 321656 ----a-w- c:\program files\Sony\ISB Utility\ISBMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSConfig]
2006-11-02 09:45 222208 ----a-w- c:\windows\System32\msconfig.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickBooks Simple Start]
2007-01-31 05:59 371712 ----a-w- c:\program files\Intuit\SimpleStartEntice\entice.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2010-05-01 01:25 1833504 ------w- c:\program files\Realtek\Audio\HDA\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-02-24 17:34 77824 ----a-w- c:\program files\Java\jre1.6.0\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VAIOSecurity]
2006-11-28 22:30 2150400 ----a-w- c:\program files\Sony\VAIO Security Center\VSC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
2006-11-02 12:34 1004136 ----a-w- c:\program files\Windows Defender\MSASCui.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"IgfxTray"=c:\windows\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
Contents of the 'Scheduled Tasks' folder

2007-02-24 c:\windows\Tasks\Vaio Service Utility.job
- c:\program files\Sony\Vaio Service Utility\VAIO-SU.exe [2007-02-16 12:34]
.
.
------- Supplementary Scan -------
.
FF - ProfilePath - c:\users\jkr\AppData\Roaming\Mozilla\Firefox\Profiles\6vbla4fk.default\
FF - plugin: c:\program files\Java\jre1.6.0\bin\npjpi160.dll
FF - plugin: c:\programdata\NexonUS\NGM\npNxGameUS.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-dmboot.sys
SafeBoot-dmio.sys
SafeBoot-dmload.sys
SafeBoot-dmadmin
SafeBoot-dmserver
SafeBoot-SRService
MSConfigStartUp-ioloDelayModule - c:\program files\iolo\System Mechanic 6\delay.exe
MSConfigStartUp-SMSystemAnalyzer - c:\program files\iolo\System Mechanic 6\SMSystemAnalyzer.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-06 16:47
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2010-06-06 17:00:40
ComboFix-quarantined-files.txt 2010-06-07 01:00
ComboFix2.txt 2010-06-06 03:44

Pre-Run: 90,159,685,632 bytes free
Post-Run: 90,113,581,056 bytes free

- - End Of File - - E09149A36175262B9763DA142E0CBA44
cant get hijack to run i will try to post if i get it any help would be great ty

Merging posts and moving to log forum. ~ OB

Edited by Orange Blossom, 06 June 2010 - 07:12 PM.

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:

• Download DDS by sUBs from one of the following links. Save it to your desktop.
  • DDS.scr
  • DDS.pif
• Double click on the DDS icon, allow it to run.
• A small box will open, with an explaination about the tool. No input is needed, the scan is running.
• Notepad will open with the results.
• Follow the instructions that pop up for posting the results.
• Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE



Please download GMER from one of the following locations and save it to your desktop:

• Main Mirror
  This version will download a randomly named file (Recommended)
• Zipped Mirror
  This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.

• Disconnect from the Internet and close all running programs.
• Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
• Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
• Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.
  
  
  
• GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
• If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
• Now click the Scan button. If you see a rootkit warning window, click OK.
• When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
• Click the Copy button and paste the results into your next reply.
• Exit GMER and re-enable all active protection when done.

-- If you encounter any problems, try running GMER in Safe Mode.

Due to the lack of feedback, this topic is now closed.
If you need this topic reopened, please PM a staff member and we will reopen it for you (include the address of this thread in your request). This applies to the original topic starter only. Everyone else with similar problems, please start a new topic.