lme328

It works. Thanks again!

Ok no it doesn't work! It was working offline

Ok Nevermind. It works!!! Thank you for all your help!!!

Ok the white smoke is gone!!!! It's no longer in my programs list! Could u help me get my Internet explorer working again? It works in safe mode but not in regular mode

Ok I followed those instructions and ie still doesn't work. My computer shows I'm connected to my wireless network. In safe mode I have internet

Ok I have no ie. I have a Sony vaio laptop. I ran a vaio recovery and it restored my c drive back to factory settings. Now when I try to use ie it tells me that Microsoft SQL server service manager is not connected. I can't access the Internet

Ok how do I run updates without Internet? Even in safe mode I have no internet

On my iphone

Ok Im in big trouble! My computer has no Internet explorer now and I don't know what to do

I'm sick....I NEED HELP BAD!!!! IM INFECTED!!!!

I have gotten the whitesmoke viurs and I need help. I had Norton 360 installed and running on my computer at time of infection. Background screen changed, computer running slow and now my Norton will not work!!!! Tried to uninstall it but it will not let me!!! Please help me figure out how to fix it! I'm semi-computer savy...... i ran the combo fix and below is my log.....PLEASE HELP ME!!! ComboFix 11-11-29.04 - Elliott Family 11/29/2011 21:30:40.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.319 [GMT -6:00] Running from: c:\documents and settings\Elliott Family\Desktop\ComboFix.exe AV: Norton 360 *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\program files\GuffinsEI c:\program files\GuffinsEI\Installr\1.bin\NPu4EISb.dll c:\program files\GuffinsEI\Installr\1.bin\u4EIPlug.dll c:\program files\GuffinsEI\Installr\1.bin\u4EZSETP.dll c:\windows\CSC\d6 c:\windows\dasetup.log c:\windows\kb835221.exe c:\windows\kb913800.exe c:\windows\setup.exe c:\windows\system32\Thumbs.db c:\windows\system32\usmt\migwiz_a.exe c:\windows\windows-kb870669-x86-enu.exe c:\windows\windowsinstaller-kb893803-v2-x86.exe c:\windows\windowsmedia10-kb917734-x86-enu.exe c:\windows\windowsxp-kb307154-x86-enu.exe c:\windows\windowsxp-kb873339-x86-enu.exe c:\windows\windowsxp-kb884018-x86-enu.exe c:\windows\windowsxp-kb884575-x86-enu.exe c:\windows\windowsxp-kb885250-x86-enu.exe c:\windows\windowsxp-kb885835-x86-enu.exe c:\windows\windowsxp-kb885836-x86-enu.exe c:\windows\windowsxp-kb886185-x86-enu.exe c:\windows\windowsxp-kb887472-x86-enu.exe c:\windows\windowsxp-kb887742-x86-enu.exe c:\windows\windowsxp-kb888113-x86-enu.exe c:\windows\windowsxp-kb888239-x86-enu.exe c:\windows\windowsxp-kb888302-x86-enu.exe c:\windows\windowsxp-kb888321-x86-enu.exe c:\windows\windowsxp-kb890046-x86-enu.exe c:\windows\windowsxp-kb890859-x86-enu.exe c:\windows\windowsxp-kb891781-x86-enu.exe c:\windows\windowsxp-kb892130-enu-x86.exe c:\windows\WindowsXP-KB893056-x86-ENU.exe c:\windows\windowsxp-kb893066-v2-x86-enu.exe c:\windows\windowsxp-kb893357-v2-x86-enu.exe c:\windows\windowsxp-kb893756-x86-enu.exe c:\windows\windowsxp-kb894391-x86-enu.exe c:\windows\windowsxp-kb896358-x86-enu.exe c:\windows\windowsxp-kb896422-x86-enu.exe c:\windows\windowsxp-kb896423-x86-enu.exe c:\windows\windowsxp-kb896424-x86-enu.exe c:\windows\windowsxp-kb896428-x86-enu.exe c:\windows\windowsxp-kb896688-x86-enu.exe c:\windows\windowsxp-kb896727-x86-enu.exe c:\windows\windowsxp-kb899587-x86-enu.exe c:\windows\windowsxp-kb899588-x86-enu.exe c:\windows\windowsxp-kb899589-x86-enu.exe c:\windows\windowsxp-kb899591-x86-enu.exe c:\windows\windowsxp-kb900466-x86-enu.exe c:\windows\windowsxp-kb900485-v2-x86-enu.exe c:\windows\windowsxp-kb900725-x86-enu.exe c:\windows\windowsxp-kb901017-x86-enu.exe c:\windows\windowsxp-kb901214-x86-enu.exe c:\windows\windowsxp-kb902400-x86-enu.exe c:\windows\windowsxp-kb903235-x86-enu.exe c:\windows\windowsxp-kb904706-x86-enu.exe c:\windows\windowsxp-kb905414-x86-enu.exe c:\windows\windowsxp-kb905749-x86-enu.exe c:\windows\windowsxp-kb905915-x86-enu.exe c:\windows\windowsxp-kb908519-x86-enu.exe c:\windows\windowsxp-kb908531-x86-enu.exe c:\windows\windowsxp-kb909667-x86-enu.exe c:\windows\windowsxp-kb910437-x86-enu.exe c:\windows\windowsxp-kb910728-x86-enu.exe c:\windows\windowsxp-kb911280-x86-enu.exe c:\windows\windowsxp-kb911562-x86-enu.exe c:\windows\windowsxp-kb911567-x86-enu.exe c:\windows\windowsxp-kb911927-x86-enu.exe c:\windows\windowsxp-kb912919-x86-enu.exe c:\windows\windowsxp-kb912945-x86-enu.exe c:\windows\windowsxp-kb914388-x86-enu.exe c:\windows\windowsxp-kb914389-x86-enu.exe c:\windows\windowsxp-kb916281-x86-enu.exe c:\windows\windowsxp-kb917159-x86-enu.exe c:\windows\windowsxp-kb917344-x86-enu.exe c:\windows\windowsxp-kb917953-x86-enu.exe c:\windows\windowsxp-kb918439-x86-enu.exe . . ((((((((((((((((((((((((( Files Created from 2011-10-28 to 2011-11-30 ))))))))))))))))))))))))))))))) . . 2011-11-30 01:10 . 2011-11-30 01:10 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Conduit 2011-11-30 01:10 . 2011-11-30 01:10 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\AskToolbar 2011-11-30 01:10 . 2011-11-30 01:10 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google 2011-11-30 01:10 . 2011-11-30 01:10 -------- d-----w- c:\documents and settings\Administrator\Application Data\Yahoo! 2011-11-30 01:10 . 2011-11-30 01:11 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Zynga 2011-11-30 00:47 . 2011-11-30 00:52 -------- d-----w- c:\documents and settings\Elliott Family 2011-11-30 00:42 . 2011-11-30 00:42 -------- d-----w- c:\documents and settings\Administrator\Application Data\Tific 2011-11-30 00:42 . 2011-11-30 00:42 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Symantec 2011-11-29 23:51 . 2011-11-29 23:51 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE 2011-11-29 14:31 . 2011-11-29 14:32 -------- d-----w- c:\documents and settings\Administrator\Application Data\Apple Computer 2011-11-29 14:25 . 2011-11-29 14:25 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache 2011-11-29 03:10 . 2011-11-29 03:10 -------- d-----w- c:\windows\system32\drivers\NBRTWizard 2011-11-29 03:10 . 2011-11-29 03:10 -------- d-----w- c:\program files\Norton Bootable Recovery Tool Wizard 2011-11-19 23:09 . 2011-11-19 23:09 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll 2011-11-19 23:09 . 2011-11-19 23:09 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll 2011-11-19 23:09 . 2011-11-19 23:09 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll 2011-11-19 23:09 . 2011-11-19 23:09 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll 2011-11-19 23:09 . 2011-11-19 23:09 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll 2011-11-19 23:09 . 2011-11-19 23:09 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll 2011-11-19 23:09 . 2011-11-19 23:09 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll 2011-11-19 23:08 . 2011-11-19 23:09 -------- d-----w- c:\program files\QuickTime 2011-11-19 23:02 . 2011-11-19 23:02 -------- d-----w- c:\program files\iPod 2011-11-19 23:02 . 2011-11-19 23:03 -------- d-----w- c:\program files\iTunes 2011-11-19 22:53 . 2011-11-19 22:54 -------- d-----w- c:\program files\Bonjour 2011-11-16 19:00 . 2011-11-16 19:00 -------- d-----w- c:\program files\Inbox Toolbar 2011-11-16 08:10 . 2011-11-29 03:54 -------- d-----w- c:\program files\WhiteSmoke . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-10-24 20:29 . 2011-10-24 20:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx 2011-10-24 20:29 . 2011-10-24 20:29 69632 ----a-w- c:\windows\system32\QuickTime.qts 2011-10-10 14:22 . 2006-09-01 22:12 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-09-29 01:40 . 2011-05-16 23:25 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-09-28 07:06 . 2006-09-01 21:55 599040 ----a-w- c:\windows\system32\crypt32.dll 2011-09-26 16:41 . 2008-07-30 01:59 611328 ----a-w- c:\windows\system32\uiautomationcore.dll 2011-09-26 16:41 . 2006-09-01 21:55 220160 ----a-w- c:\windows\system32\oleacc.dll 2011-09-26 16:41 . 2006-09-01 21:55 20480 ----a-w- c:\windows\system32\oleaccrc.dll 2011-09-06 13:20 . 2006-09-01 21:55 1858944 ----a-w- c:\windows\system32\win32k.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7b13ec3e-999a-4b70-b9cb-2617b8323822}] 2011-05-09 09:49 176936 ----a-w- c:\program files\Zynga\prxtbZyn2.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2011-07-26 23:23 1493160 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-07-26 1493160] "{7b13ec3e-999a-4b70-b9cb-2617b8323822}"= "c:\program files\Zynga\prxtbZyn2.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-07-26 1493160] "{7B13EC3E-999A-4B70-B9CB-2617B8323822}"= "c:\program files\Zynga\prxtbZyn2.dll" [2011-05-09 176936] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{7b13ec3e-999a-4b70-b9cb-2617b8323822}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-12-07 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\Apoint\Apoint.exe" [2004-11-18 118784] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "SkyTel"="SkyTel.EXE" [2006-05-17 2879488] "AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-08-25 53248] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768] "VAIO Update 3"="c:\program files\Sony\VAIO Update 3\VAIOUpdt.exe" [2007-05-16 551032] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Bomgar_Cleanup_ZD6493722209"="rd" [X] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2006-06-20 23:11 73728 ----a-w- c:\windows\system32\VESWinlogon.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0pgdfgsvc C 1 . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\FrostWire 5\\FrostWire.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Program Files\\World of Warcraft\\Launcher.exe"= "c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0501000.01D\symds.sys [5/9/2011 4:20 PM 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0501000.01D\symefa.sys [5/9/2011 4:20 PM 744568] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111123.001\BHDrvx86.sys [11/29/2011 6:06 PM 819320] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0501000.01D\ironx86.sys [5/9/2011 4:20 PM 136312] R2 MotoConnect Service;MotoConnect Service;c:\program files\Motorola\MotoConnectService\MotoConnectService.exe [6/27/2011 6:18 PM 91392] R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB [?] R2 N360;Norton 360;c:\program files\Norton 360\Engine\5.1.0.29\ccsvchst.exe [5/9/2011 4:20 PM 130008] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [11/9/2011 11:02 AM 106104] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111128.030\IDSXpx86.sys [11/28/2011 9:06 PM 356280] R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [9/1/2006 3:56 PM 226304] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/6/2010 11:33 PM 136176] S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys [6/27/2011 6:18 PM 6016] S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/6/2010 11:33 PM 136176] S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [6/27/2011 6:18 PM 19712] S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [6/27/2011 6:18 PM 8320] S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\Motousbnet.sys [6/27/2011 6:18 PM 24960] S3 motport;Motorola USB Diagnostic Port;c:\windows\system32\drivers\motport.sys [6/27/2011 6:18 PM 23936] S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys [6/27/2011 6:18 PM 6656] S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB [?] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2011-11-26 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 22:57] . 2011-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc6fd148c0e6a6.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-07 05:33] . 2011-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cc6fd14b494666.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-12-07 05:33] . 2010-12-06 c:\windows\Tasks\Registration reminder 3.job - c:\windows\system32\OOBE\oobebaln.exe [2006-09-01 00:12] . 2011-11-30 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2011-07-26 23:23] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.sony.com/vaiopeople IE: &AOL Toolbar Search - c:\program files\aol\aol toolbar 3.0\resources\en-US\local\search.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 206.255.244.169 206.255.244.170 . - - - - ORPHANS REMOVED - - - - . HKLM-Run-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-11-29 21:40 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\5.1.0.29\diMaster.dll\" /prefetch:1" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(904) c:\windows\system32\VESWinlogon.dll . Completion time: 2011-11-29 21:43:52 ComboFix-quarantined-files.txt 2011-11-30 03:43 . Pre-Run: 36,987,318,272 bytes free Post-Run: 36,953,944,064 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /fastdetect /NoExecute=OptOut . - - End Of File - - FCB28BF13B52BAD0C7ECAC9B0630425E