tombaker

Network Connections folder empty

17 posts in this topic

Hello.

On my pc when I click on the Network Connections folder it is empty. I`ve checked the device manager for network adapters and it says they are working properly. I unistalled the adapters and let windows re-install them but no luck and still no internet. I also ran: regsvr32 netshell.dll, regsvr32 netcfgx.dll, regsvr32 netman.dll with success, but the folder remains empty. I`m running xp, sp3. Any help is appreciated.

Share this post


Link to post
Share on other sites

Thanks. There are no signs of infection, although I ran Malwarebytes and it found nothing. I will try your suggestion and post a followup.

Share this post


Link to post
Share on other sites

Okay when I ran the netdiag it told me that my network adapters failed (wmi error). What should I do next?

Share this post


Link to post
Share on other sites

Well next you should make sure you are using the latest driver for that network card, go to the hardware manufacturer's website and download and install the latest drive for it.

Share this post


Link to post
Share on other sites

Please run the following and post back the logs.

Download
DDS
and save it to your desktop

Disable any script blocker if your Anti-Virus/Anti-Malware has it.

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click
dds.scr
to run the tool.

When done, the
DDS.txt
will open.

Click Yes at the next prompt for Optional Scan.


    When done, DDS will open two (2) logs:

  1. DDS.txt

  2. Attach.txt

  • Save both reports to your desktop
  • Please include the following logs in your next reply:
    DDS.txt
    and
    Attach.txt

Share this post


Link to post
Share on other sites

Thanks everyone. I updated the driver and voila! connectivity is back. Still no contents in the folder, but at least my browser works. However, while I tried to install the update I was getting this message:

"The Windows Installer service could not be accessed. Contact your support personnel to verify that the Windows Installer

service is properly registered."

I finally got the update, but is my Windows Installer not correctly installed? Maybe I should post this in another thread.

Share this post


Link to post
Share on other sites

That's why I asked you to run the DDS scan so we can see more of what's going on with your system. Please run it and post back the 2 logs.

Thanks

Share this post


Link to post
Share on other sites

.

DDS (Ver_11-03-05.01) - NTFSx86

Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_23

.

============== Running Processes ===============

.

.

============== Pseudo HJT Report ===============

.

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll

BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll

BHO: UberButton Class: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\progra~1\yahoo!\common\yiesrvc.dll

BHO: PCTools Site Guard: {5c8b2a36-3db1-42a4-a3cb-d426709bbfeb} - c:\progra~1\spywar~1\tools\iesdsg.dll

BHO: YahooTaggedBM Class: {65d886a2-7ca7-479b-bb95-14d1efb7946a} - c:\progra~1\yahoo!\common\YIeTagBm.dll

BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: PCTools Browser Monitor: {b56a7d7d-6927-48c8-a975-17df180c71ac} - c:\progra~1\spywar~1\tools\iesdpb.dll

BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

BHO: 1 (0x1) - No File

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SidebarAutoLaunch Class: {f2aa9440-6328-4933-b7c9-a6ccdf9cbf6d} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll

TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

uRun: [Yahoo! Pager] "c:\progra~1\yahoo!\messen~1\YAHOOM~1.EXE" -quiet

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [sHS] "c:\program files\rogers\selfhealing\SHS.exe" /background

uRun: [update Manager] "c:\program files\rogers\update manager\UpdateManager.exe" /background

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE

mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe

mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"

mRun: [KBD] c:\hp\kbd\KBD.EXE

mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"

mRun: [EPSON Stylus CX4200 Series] c:\windows\system32\spool\drivers\w32x86\3\E_FATIAEA.EXE /P26 "EPSON Stylus CX4200 Series" /O6 "USB001" /M "Stylus CX4200"

mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop elements 6.0\apdproxy.exe"

mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [COMODO Internet Security] "c:\program files\comodo\comodo internet security\cfp.exe" -h

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\1.0.150\SSScheduler.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\9972322\program\Updates from HP.exe

IE: &Search - ?p=ZUfox000

IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000

IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe

IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll

IE: {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - {A1EDC4A1-940F-48E0-8DFD-E38F1D501021} - c:\progra~1\spywar~1\tools\iesdpb.dll

IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\progra~1\yahoo!\common\yiesrvc.dll

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scan8/oscan8.cab

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176338543343

DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} - hxxp://www.easypix.ca/en/ImageUploader4.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5082/mcfscan.cab

DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} - hxxp://walmart.pnimedia.com/upload/activex/v2_0_0_10/PCAXSetupv2.0.0.10.cab?

TCP: NameServer = 0 (0x0)

TCP: NameServer = MSICD

TCP: NameServer = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

TCP: NameServer = c:\windows\downloaded program files\erma.inf

TCP: NameServer = 10,1,3,18

TCP: NameServer = Thu, 10 Aug 2006 14:13:40 GMT

TCP: NameServer = 0 (0x0)

TCP: NameServer = MSICD

TCP: NameServer = http://go.microsoft.com/fwlink/?linkid=39204

TCP: NameServer = c:\windows\downloaded program files\LegitCheckControl.inf

TCP: NameServer = 1,4,389,0

TCP: NameServer = Sat, 05 Nov 2005 00:53:56 GMT

TCP: NameServer = 0 (0x0)

TCP: NameServer = MSICD

TCP: NameServer = http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

TCP: NameServer = c:\windows\downloaded program files\swdir.inf

TCP: NameServer = 11,0,0,465

TCP: NameServer = Wed, 06 Aug 2008 11:01:27 GMT

TCP: NameServer = 0 (0x0)

TCP: NameServer = MSICD

TCP: NameServer = http://download.bitdefender.com/resources/scan8/oscan8.cab

TCP: NameServer = c:\windows\downloaded program files\oscan8.inf

TCP: NameServer = 1,0,0,1

TCP: NameServer = Thu, 01 Jun 2006 17:51:27 GMT

TCP: NameServer = 0 (0x0)

TCP: NameServer = MSICD

TCP: NameServer = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1176338543343

TCP: NameServer = c:\windows\downloaded program files\muweb.inf

TCP: NameServer = 5,8,0,2469

TCP: NameServer = Thu, 26 May 2005 11:40:19 GMT

TCP: NameServer = 0 (0x0)

TCP: NameServer = MSICD

TCP: NameServer = http://www.easypix.ca/en/ImageUploader4.cab

TCP: NameServer = c:\windows\downloaded program files\ImageUploader4.inf

TCP: NameServer = 4,1,21,0

TCP: NameServer = Thu, 08 Mar 2007 22:57:52 GMT

TCP: NameServer = Java Runtime Environment 1.6.0

TCP: NameServer = MSICD

TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

TCP: NameServer = 1.6.0.23

TCP: NameServer = 0 (0x0)

TCP: NameServer = MSICD

TCP: NameServer = http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

TCP: NameServer = c:\windows\downloaded program files\erma.inf

TCP: NameServer = 1,0,0,29

TCP: NameServer = Mon, 15 Sep 2008 19:22:01 GMT

TCP: NameServer = Java Runtime Environment 1.6.0

TCP: NameServer = MSICD

TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

TCP: NameServer = 1.6.0.1

TCP: NameServer = Java Runtime Environment 1.6.0

TCP: NameServer = MSICD

TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

TCP: NameServer = 1.6.0.2

TCP: NameServer = Java Runtime Environment 1.6.0

TCP: NameServer = MSICD

TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

TCP: NameServer = 1.6.0.3

TCP: NameServer = Java Runtime Environment 1.6.0

TCP: NameServer = MSICD

TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

TCP: NameServer = 1.6.0.5

TCP: NameServer = Java Runtime Environment 1.6.0

TCP: NameServer = MSICD

TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

TCP: NameServer = 1.6.0.7

TCP: NameServer = Java Runtime Environment 1.6.0

TCP: NameServer = MSICD

TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

TCP: NameServer = 1.6.0.23

TCP: NameServer = Java Runtime Environment 1.6.0

TCP: NameServer = MSICD

TCP: NameServer = http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

TCP: NameServer = 1.6.0.23

TCP: NameServer = 0 (0x0)

TCP: NameServer = MSICD

TCP: NameServer = http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: NameServer = c:\windows\downloaded program files\gp.inf

TCP: NameServer = 1,6,2,41

TCP: NameServer = Fri, 07 Aug 2009 20:06:11 GMT

TCP: NameServer = 0 (0x0)

TCP: NameServer = MSICD

TCP: NameServer = http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5082/mcfscan.cab

TCP: NameServer = c:\windows\downloaded program files\mcfscan.inf

TCP: NameServer = 2,2,0,5082

TCP: NameServer = Wed, 25 Jul 2007 17:15:32 GMT

TCP: NameServer = 0 (0x0)

TCP: NameServer = MSICD

TCP: NameServer = http://walmart.pnimedia.com/upload/activex/v2_0_0_10/PCAXSetupv2.0.0.10.cab?

TCP: NameServer = c:\windows\downloaded program files\PCAXSetup.inf

TCP: NameServer = 2,0,0,10

TCP: NameServer = Tue, 22 May 2007 18:04:00 GMT

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll

Notify: AtiExtEvent - Ati2evxx.dll

Notify: avgrsstarter - avgrsstx.dll

Notify: efcCsqRK - efcCsqRK.dll

Notify: opnnkjGa - opnnkjGa.dll

AppInit_DLLs: c:\windows\system32\guard32.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\docume~1\applic~1\mozilla\firefox\profiles\gg4xcs3x.default\

FF - prefs.js: browser.search.selectedEngine - Amazon.com

FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/

FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll

FF - plugin: c:\documents and settings\local settings\application data\yahoo!\browserplus\2.9.8\plugins\npybrowserplus_2.9.8.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPMyWebS.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg9\Firefox

FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff

FF - Ext: Flash Video Resources Downloader: max@subfighter.com - %profile%\extensions\max@subfighter.com

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

.

============= SERVICES / DRIVERS ===============

.

.

=============== Created Last 30 ================

.

2011-04-06 03:24:01 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2011-04-06 03:23:56 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2011-04-06 03:23:55 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll

2011-04-06 03:23:50 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe

2011-04-06 03:23:44 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe

2011-04-06 03:23:25 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe

2011-04-06 03:23:19 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys

2011-04-06 03:23:17 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys

2011-04-06 03:23:13 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys

2011-04-06 03:23:11 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll

2011-04-06 03:21:59 11775 ----a-w- c:\windows\system32\dllcache\wadv05nt.sys

2011-04-06 03:20:57 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys

2011-04-06 03:20:52 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys

2011-04-06 03:20:47 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys

2011-04-06 03:20:41 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys

2011-04-06 03:20:36 794399 ----a-w- c:\windows\system32\dllcache\usr1806v.sys

2011-04-06 03:20:30 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys

2011-04-06 03:20:25 794654 ----a-w- c:\windows\system32\dllcache\usr1801.sys

2011-04-06 03:20:23 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys

2011-04-06 03:20:20 32384 ----a-w- c:\windows\system32\dllcache\usb101et.sys

2011-04-06 03:20:13 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll

2011-04-06 03:20:08 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll

2011-04-06 03:20:03 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll

2011-04-06 03:19:58 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll

2011-04-06 03:19:53 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll

2011-04-06 03:19:48 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys

2011-04-06 03:19:43 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll

2011-04-06 03:19:38 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll

2011-04-06 03:19:33 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll

2011-04-06 03:19:27 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll

2011-04-06 03:19:22 36736 ----a-w- c:\windows\system32\dllcache\ultra.sys

2011-04-06 03:19:16 11520 ----a-w- c:\windows\system32\dllcache\twotrack.sys

2011-04-06 03:19:15 14336 ----a-w- c:\windows\system32\dllcache\tsprof.exe

2011-04-06 03:19:09 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys

2011-04-06 03:19:04 525568 ----a-w- c:\windows\system32\dllcache\tridxp.dll

2011-04-06 03:17:58 185344 ----a-w- c:\windows\system32\dllcache\thawbrkr.dll

2011-04-06 03:16:59 30688 ----a-w- c:\windows\system32\dllcache\sym_u3.sys

2011-04-06 03:16:55 28384 ----a-w- c:\windows\system32\dllcache\sym_hi.sys

2011-04-06 03:16:50 94293 ----a-w- c:\windows\system32\dllcache\sxports.dll

2011-04-06 03:16:45 103936 ----a-w- c:\windows\system32\dllcache\sx.sys

2011-04-06 03:16:40 3968 ----a-w- c:\windows\system32\dllcache\swusbflt.sys

2011-04-06 03:16:35 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll

2011-04-06 03:16:30 10240 ----a-w- c:\windows\system32\dllcache\swpdflt2.dll

2011-04-06 03:16:24 53760 ----a-w- c:\windows\system32\dllcache\sw_wheel.dll

2011-04-06 03:16:19 41472 ----a-w- c:\windows\system32\dllcache\sw_effct.dll

2011-04-06 03:16:12 155648 ----a-w- c:\windows\system32\dllcache\stlnprop.dll

2011-04-06 03:16:06 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll

2011-04-06 03:16:01 285760 ----a-w- c:\windows\system32\dllcache\stlnata.sys

2011-04-06 03:15:56 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys

2011-04-06 03:15:55 16896 ----a-w- c:\windows\system32\dllcache\status.dll

2011-04-06 03:15:48 48736 ----a-w- c:\windows\system32\dllcache\srwlnd5.sys

2011-04-06 03:15:43 99328 ----a-w- c:\windows\system32\dllcache\srusd.dll

2011-04-06 03:15:42 101376 ----a-w- c:\windows\system32\dllcache\srusbusd.dll

2011-04-06 03:15:35 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll

2011-04-06 03:15:27 61824 ----a-w- c:\windows\system32\dllcache\speed.sys

2011-04-06 03:15:22 106584 ----a-w- c:\windows\system32\dllcache\spdports.dll

2011-04-06 03:15:17 19072 ----a-w- c:\windows\system32\dllcache\sparrow.sys

2011-04-06 03:15:11 7552 ----a-w- c:\windows\system32\dllcache\sonypvu1.sys

2011-04-06 03:15:07 37040 ----a-w- c:\windows\system32\dllcache\sonypi.sys

2011-04-06 03:15:02 114688 ----a-w- c:\windows\system32\dllcache\sonypi.dll

2011-04-06 03:13:57 28672 ----a-w- c:\windows\system32\dllcache\sma0w.dll

2011-04-06 03:12:52 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys

2011-04-06 03:11:57 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys

2011-04-06 03:10:57 166720 ----a-w- c:\windows\system32\dllcache\s3m.sys

2011-04-06 03:09:58 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys

2011-04-06 03:08:59 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll

2011-04-06 03:07:58 20992 ----a-w- c:\windows\system32\dllcache\permchk.dll

2011-04-06 03:06:57 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe

2011-04-06 03:06:53 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll

2011-04-06 03:06:49 351616 ----a-w- c:\windows\system32\dllcache\ovcodek2.sys

2011-04-06 03:06:45 116736 ----a-w- c:\windows\system32\dllcache\ovcodec2.dll

2011-04-06 03:06:41 31872 ----a-w- c:\windows\system32\dllcache\ovce.sys

2011-04-06 03:06:37 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys

2011-04-06 03:06:33 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys

2011-04-06 03:06:29 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys

2011-04-06 03:06:25 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys

2011-04-06 03:06:21 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys

2011-04-06 03:06:15 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys

2011-04-06 03:06:11 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys

2011-04-06 03:06:02 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys

2011-04-06 03:04:56 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll

2011-04-06 03:03:58 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys

2011-04-06 03:03:53 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys

2011-04-06 03:03:46 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys

2011-04-06 03:03:44 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll

2011-04-06 03:03:44 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys

2011-04-06 03:03:36 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys

2011-04-06 03:03:32 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys

2011-04-06 03:03:25 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys

2011-04-06 03:03:20 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys

2011-04-06 03:03:15 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys

2011-04-06 03:03:09 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys

2011-04-06 03:03:07 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe

2011-04-06 03:03:03 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys

2011-04-06 03:01:59 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys

2011-04-06 03:00:59 6144 ----a-w- c:\windows\system32\dllcache\kbd101b.dll

2011-04-06 02:59:58 45056 ----a-w- c:\windows\system32\dllcache\icam5com.dll

2011-04-06 02:58:57 542879 ----a-w- c:\windows\system32\dllcache\hsf_msft.sys

2011-04-06 02:57:59 119296 ----a-w- c:\windows\system32\dllcache\hpdigwia.dll

2011-04-06 02:56:59 43520 ----a-w- c:\windows\system32\dllcache\EXCH_fcachdll.dll

2011-04-06 02:55:59 7296 ----a-w- c:\windows\system32\dllcache\elmsmc.sys

2011-04-06 02:54:59 21606 ----a-w- c:\windows\system32\dllcache\digiisdn.sys

2011-04-06 02:53:59 14976 ----a-w- c:\windows\system32\dllcache\cpqarray.sys

2011-04-06 02:52:59 45568 ----a-w- c:\windows\system32\dllcache\browscap.dll

2011-04-06 02:51:59 96256 ----a-w- c:\windows\system32\dllcache\ac97intc.sys

2011-04-06 02:51:59 297728 ----a-w- c:\windows\system32\dllcache\ac97sis.sys

2011-04-06 02:51:59 231552 ----a-w- c:\windows\system32\dllcache\ac97ali.sys

2011-04-06 02:51:58 462848 ----a-w- c:\windows\system32\dllcache\a3dapi.dll

2011-04-06 02:51:58 23552 ----a-w- c:\windows\system32\dllcache\abp480n5.sys

2011-04-06 02:51:57 98304 ----a-w- c:\windows\system32\dllcache\a3d.dll

2011-04-06 02:51:57 38400 ----a-w- c:\windows\system32\dllcache\8514a.dll

2011-04-06 02:51:57 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys

2011-04-06 02:51:56 689216 ----a-w- c:\windows\system32\dllcache\3dfxvs.dll

2011-04-06 02:51:56 148352 ----a-w- c:\windows\system32\dllcache\3dfxvsm.sys

2011-04-06 02:51:55 762780 ----a-w- c:\windows\system32\dllcache\3cwmcru.sys

2011-04-06 02:51:55 11264 ----a-w- c:\windows\system32\dllcache\1394vdbg.sys

2011-04-06 02:39:18 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll

2011-04-06 02:39:10 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll

2011-04-06 02:39:02 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe

2011-04-06 02:39:02 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll

2011-04-06 02:39:01 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll

2011-04-06 02:39:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll

2011-04-06 02:39:00 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe

2011-04-06 02:38:59 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll

2011-04-03 00:10:15 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy)

2011-04-03 00:09:45 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy)

2011-04-03 00:09:35 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy)

2011-04-03 00:09:17 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy)

2011-03-15 13:08:46 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files

.

==================== Find3M ====================

.

2011-04-05 22:32:57 3838 ----a-w- c:\windows\system32\tmp.reg

2011-03-17 03:48:11 1409 ----a-w- c:\windows\QTFont.for

2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll

2011-01-07 14:09:02 290048 ----a-w- c:\windows\system32\atmfd.dll

2006-05-03 10:06:54 163328 --sh--r- c:\windows\system32\flvDX.dll

2007-02-21 11:47:16 31232 --sh--r- c:\windows\system32\msfDX.dll

2007-12-17 13:43:00 27648 --sh--w- c:\windows\system32\Smab0.dll

.

============= FINISH: ===============

.

DDS (Ver_11-03-05.01)

.

.

==== Disk Partitions =========================

.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Acrobat.com

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Photoshop Elements 6.0

Adobe Reader 9.4.1

Adobe Shockwave Player

Agere Systems PCI-SV92PP Soft Modem

AiO_Scan_CDA

AiOSoftwareNPI

ATI Control Panel

ATI Display Driver

AVG Free 9.0

Avi2Dvd 0.4.5 beta

AviSynth 2.5

BlackBerry Desktop Software 4.2.2

BlackBerry Device Software v4.5.0 for the BlackBerry 8320 smartphone

BufferChm

CameraDrivers

CCleaner

COMODO Internet Security

CP_AtenaShokunin1Config

CP_CalendarTemplates1

cp_LightScribeConfig

cp_LightScribePlugin

CP_Package_Basic1

CP_Package_Variety1

CP_Package_Variety2

CP_Package_Variety3

CP_Panorama1Config

CueTour

Destinations

DeviceManagementQFolder

DocProc

DocumentViewer

DocumentViewerQFolder

Enhanced Multimedia Keyboard Solution

EPSON CX 4200 4800 Guide

EPSON Printer Software

Fax_CDA

ffdshow [rev 610] [2006-12-01]

Firebird 2.1.0.16780 (Win32)

GdiplusUpgrade

GTK+ 2.10.6-1 runtime environment

Highlight Viewer (Windows Live Toolbar)

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB954550-v5)

HP Boot Optimizer

HP DigitalMedia Archive

HP Document Viewer 5.3

HP Image Zone 5.3

HP Image Zone for Media Center PC

HP Imaging Device Functions 5.3

HP Photosmart 330,380,420,470,7800,8000,8200 Series

HP Photosmart Cameras 5.0

HP PSC & OfficeJet 5.3.A

HP Solution Center & Imaging Support Tools 5.3

HP Update

HPProductAssistant

HpSdpAppCoreApp

Inkscape 0.46

InstantShareDevices

Java Auto Updater

Java 6 Update 2

Java 6 Update 23

Java 6 Update 3

Java 6 Update 5

Java 6 Update 7

Java SE Runtime Environment 6 Update 1

LightScribe 1.4.84.1

Malwarebytes' Anti-Malware

Map Button (Windows Live Toolbar)

McAfee Security Scan

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Away Mode

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Office XP Professional with FrontPage

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

Mozilla Firefox (3.6.16)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

muvee autoProducer 4.5

muvee autoProducer unPlugged 1.2

NewCopy_CDA

PanoStandAlone

PC-Doctor 5 for Windows

PhotoGallery

PS2

PSPrinters08

PSTAPlugin

Python 2.2 pywin32 extensions (build 203)

Python 2.2.3

QuickTime

RandMap

RealPlayer

Realtek High Definition Audio Driver

Rogers Online Protection

Rogers Self Healing (remove only)

Rogers Update Manager (remove only)

Rogers Yahoo! Applications

Roxio Media Manager

RPS AntiVirus

RPS CRT

Scan

ScannerCopy

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360131)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2416400)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2482017)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982802)

SkinsHP1

Smart Menus (Windows Live Toolbar)

SolutionCenter

Sonic Express Labeler

Sonic MyDVD Plus

Sonic RecordNow Audio

Sonic RecordNow Copy

Sonic RecordNow Data

Sonic Update Manager

Sonic_PrimoSDK

Spelling Dictionaries Support For Adobe Reader 9

Spyware Doctor 3.1

SpywareBlaster 4.1

Status

SUPER

Share this post


Link to post
Share on other sites

Well for Starters you should go into your Control Panel and remove the following Java applications.

Java Auto Updater

Java

Share this post


Link to post
Share on other sites

Thanks. I should point out that I was unable to uninstall any of the java components (error read installer was not working). Nevertheless, here are the scan results:

ComboFix 11-04-07.06 - 07/04/2011 22:09:50.1.2 - x86

Running from: c:\documents and settings\J\Desktop\ComboFix.exe

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\docume~1\J\LOCALS~1\Temp\IadHide5.dll

c:\documents and settings\Administrator\WINDOWS

c:\documents and settings\A\WINDOWS

c:\documents and settings\Default User\WINDOWS

c:\documents and settings\Family\WINDOWS

c:\documents and settings\HP_Administrator\WINDOWS

c:\documents and settings\J\Application Data\inst.exe

c:\documents and settings\J\Local Settings\Temp\IadHide5.dll

c:\documents and settings\J\WINDOWS

c:\documents and settings\Jle\WINDOWS

c:\windows\dat.txt

c:\windows\system32\config\systemprofile\WINDOWS

c:\windows\system32\dumphive.exe

c:\windows\system32\IEDFix.exe

c:\windows\system32\Process.exe

c:\windows\system32\ps2.bat

c:\windows\system32\SrchSTS.exe

c:\windows\system32\tmp.reg

c:\windows\system32\VACFix.exe

c:\windows\system32\VCCLSID.exe

c:\windows\system32\WS2Fix.exe

D:\Autorun.inf

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_MYWEBSEARCHSERVICE

-------\Legacy_USNJSVC

-------\Service_MyWebSearchService

-------\Service_usnjsvc

.

.

((((((((((((((((((((((((( Files Created from 2011-03-08 to 2011-04-08 )))))))))))))))))))))))))))))))

.

.

2011-04-08 00:17 . 2011-04-08 00:18 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData

2011-04-07 02:52 . 2011-04-08 00:05 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software

2011-04-07 02:52 . 2011-04-07 02:52 -------- d-----w- c:\program files\AVAST Software

2011-04-07 02:27 . 2011-04-08 00:23 -------- d-----w- c:\documents and settings\J\Application Data\FixCleaner

2011-04-07 02:26 . 2011-04-07 02:28 -------- d-----w- c:\program files\FixCleaner

2011-04-07 01:29 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll

2011-04-07 01:29 . 2011-03-18 17:53 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll

2011-04-07 01:29 . 2011-03-18 17:53 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll

2011-04-07 01:29 . 2011-03-18 17:53 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll

2011-04-07 01:29 . 2011-03-18 17:53 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll

2011-04-07 01:29 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll

2011-04-07 01:29 . 2011-03-18 17:53 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll

2011-04-07 01:29 . 2011-03-18 17:53 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll

2011-04-06 03:24 . 2008-04-13 23:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2011-04-06 03:23 . 2001-08-18 02:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2011-04-06 03:23 . 2008-04-13 23:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll

2011-04-06 03:23 . 2001-08-18 02:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe

2011-04-06 03:23 . 2001-08-18 02:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe

2011-04-06 03:23 . 2001-08-18 02:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe

2011-04-06 03:23 . 2001-08-17 16:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys

2011-04-06 03:23 . 2004-08-04 01:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys

2011-04-06 03:23 . 2004-08-04 01:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys

2011-04-06 03:23 . 2008-04-13 23:12 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll

2011-04-06 03:21 . 2004-08-04 01:29 11775 ----a-w- c:\windows\system32\dllcache\wadv05nt.sys

2011-04-06 03:20 . 2001-08-17 17:28 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys

2011-04-06 03:20 . 2001-08-17 17:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys

2011-04-06 03:20 . 2001-08-17 17:28 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys

2011-04-06 03:20 . 2001-08-17 17:28 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys

2011-04-06 03:20 . 2001-08-17 17:28 794399 ----a-w- c:\windows\system32\dllcache\usr1806v.sys

2011-04-06 03:20 . 2001-08-17 17:28 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys

2011-04-06 03:20 . 2001-08-17 17:28 794654 ----a-w- c:\windows\system32\dllcache\usr1801.sys

2011-04-06 03:20 . 2008-04-13 17:45 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys

2011-04-06 03:20 . 2004-08-04 01:31 32384 ----a-w- c:\windows\system32\dllcache\usb101et.sys

2011-04-06 03:20 . 2001-08-18 02:36 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll

2011-04-06 03:20 . 2001-08-18 02:36 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll

2011-04-06 03:20 . 2001-08-18 02:36 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll

2011-04-06 03:19 . 2001-08-18 02:36 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll

2011-04-06 03:19 . 2001-08-18 02:36 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll

2011-04-06 03:19 . 2001-08-17 17:58 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys

2011-04-06 03:19 . 2001-08-18 02:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll

2011-04-06 03:19 . 2001-08-18 02:36 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll

2011-04-06 03:19 . 2001-08-18 02:36 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll

2011-04-06 03:19 . 2001-08-18 02:36 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll

2011-04-06 03:19 . 2001-08-17 17:52 36736 ----a-w- c:\windows\system32\dllcache\ultra.sys

2011-04-06 03:19 . 2001-08-17 17:48 11520 ----a-w- c:\windows\system32\dllcache\twotrack.sys

2011-04-06 03:19 . 2004-08-10 05:00 14336 ----a-w- c:\windows\system32\dllcache\tsprof.exe

2011-04-06 03:19 . 2001-08-17 16:51 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys

2011-04-06 03:19 . 2001-08-18 02:36 525568 ----a-w- c:\windows\system32\dllcache\tridxp.dll

2011-04-06 03:17 . 2004-08-10 05:00 185344 ----a-w- c:\windows\system32\dllcache\thawbrkr.dll

2011-04-06 03:16 . 2001-08-17 18:07 30688 ----a-w- c:\windows\system32\dllcache\sym_u3.sys

2011-04-06 03:16 . 2001-08-17 18:07 28384 ----a-w- c:\windows\system32\dllcache\sym_hi.sys

2011-04-06 03:16 . 2001-08-18 02:36 94293 ----a-w- c:\windows\system32\dllcache\sxports.dll

2011-04-06 03:16 . 2001-08-17 17:50 103936 ----a-w- c:\windows\system32\dllcache\sx.sys

2011-04-06 03:16 . 2001-08-17 18:02 3968 ----a-w- c:\windows\system32\dllcache\swusbflt.sys

2011-04-06 03:16 . 2001-08-18 02:36 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll

2011-04-06 03:16 . 2001-08-18 02:36 10240 ----a-w- c:\windows\system32\dllcache\swpdflt2.dll

2011-04-06 03:16 . 2001-08-18 02:36 53760 ----a-w- c:\windows\system32\dllcache\sw_wheel.dll

2011-04-06 03:16 . 2001-08-18 02:36 41472 ----a-w- c:\windows\system32\dllcache\sw_effct.dll

2011-04-06 03:16 . 2001-08-18 02:36 155648 ----a-w- c:\windows\system32\dllcache\stlnprop.dll

2011-04-06 03:16 . 2001-08-18 02:36 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll

2011-04-06 03:16 . 2001-08-17 16:18 285760 ----a-w- c:\windows\system32\dllcache\stlnata.sys

2011-04-06 03:15 . 2001-08-17 17:51 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys

2011-04-06 03:15 . 2004-08-10 05:00 16896 ----a-w- c:\windows\system32\dllcache\status.dll

2011-04-06 03:15 . 2001-08-17 16:11 48736 ----a-w- c:\windows\system32\dllcache\srwlnd5.sys

2011-04-06 03:15 . 2001-08-18 02:36 99328 ----a-w- c:\windows\system32\dllcache\srusd.dll

2011-04-06 03:15 . 2004-08-10 05:00 101376 ----a-w- c:\windows\system32\dllcache\srusbusd.dll

2011-04-06 03:15 . 2001-08-18 02:36 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll

2011-04-06 03:15 . 2001-08-17 17:51 61824 ----a-w- c:\windows\system32\dllcache\speed.sys

2011-04-06 03:15 . 2001-08-18 02:36 106584 ----a-w- c:\windows\system32\dllcache\spdports.dll

2011-04-06 03:15 . 2001-08-17 18:07 19072 ----a-w- c:\windows\system32\dllcache\sparrow.sys

2011-04-06 03:15 . 2001-08-17 17:56 7552 ----a-w- c:\windows\system32\dllcache\sonypvu1.sys

2011-04-06 03:15 . 2001-08-17 16:51 37040 ----a-w- c:\windows\system32\dllcache\sonypi.sys

2011-04-06 03:15 . 2001-08-18 02:36 114688 ----a-w- c:\windows\system32\dllcache\sonypi.dll

2011-04-06 03:13 . 2001-08-18 02:36 28672 ----a-w- c:\windows\system32\dllcache\sma0w.dll

2011-04-06 03:12 . 2001-07-21 18:29 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys

2011-04-06 03:11 . 2001-08-17 17:51 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys

2011-04-06 03:10 . 2001-08-17 16:50 166720 ----a-w- c:\windows\system32\dllcache\s3m.sys

2011-04-06 03:09 . 2001-08-17 17:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys

2011-04-06 03:08 . 2008-04-13 23:12 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll

2011-04-06 03:07 . 2004-08-10 05:00 20992 ----a-w- c:\windows\system32\dllcache\permchk.dll

2011-04-06 03:06 . 2001-08-18 02:36 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe

2011-04-06 03:06 . 2001-08-18 02:36 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll

2011-04-06 03:06 . 2001-08-17 18:05 351616 ----a-w- c:\windows\system32\dllcache\ovcodek2.sys

2011-04-06 03:06 . 2001-08-18 02:36 116736 ----a-w- c:\windows\system32\dllcache\ovcodec2.dll

2011-04-06 03:06 . 2001-08-17 18:05 31872 ----a-w- c:\windows\system32\dllcache\ovce.sys

2011-04-06 03:06 . 2001-08-17 18:05 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys

2011-04-06 03:06 . 2001-08-17 18:05 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys

2011-04-06 03:06 . 2001-08-17 18:05 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys

2011-04-06 03:06 . 2001-08-17 17:28 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys

2011-04-06 03:06 . 2001-08-17 16:12 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys

2011-04-06 03:06 . 2001-08-17 16:12 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys

2011-04-06 03:06 . 2001-08-17 16:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys

2011-04-06 03:06 . 2001-08-17 16:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys

2011-04-06 03:04 . 2001-08-17 18:56 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll

2011-04-06 03:03 . 2008-04-13 17:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys

2011-04-06 03:03 . 2001-08-17 17:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys

2011-04-06 03:03 . 2001-08-17 18:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys

2011-04-06 03:03 . 2008-04-13 17:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys

2011-04-06 03:03 . 2004-08-10 05:00 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll

2011-04-06 03:03 . 2001-08-17 18:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys

2011-04-06 03:03 . 2001-08-17 17:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys

2011-04-06 03:03 . 2001-08-17 17:52 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys

2011-04-06 03:03 . 2008-04-13 17:46 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys

2011-04-06 03:03 . 2001-08-17 17:57 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys

2011-04-06 03:03 . 2001-08-17 17:52 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys

2011-04-06 03:03 . 2004-08-10 05:00 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe

2011-04-06 03:03 . 2001-08-17 16:50 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys

2011-04-06 03:01 . 2001-08-17 16:12 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys

2011-04-06 03:00 . 2004-08-10 05:00 6144 ----a-w- c:\windows\system32\dllcache\kbd101a.dll

2011-04-06 02:59 . 2001-08-18 02:36 45056 ----a-w- c:\windows\system32\dllcache\icam5com.dll

2011-04-06 02:58 . 2001-08-17 17:28 542879 ----a-w- c:\windows\system32\dllcache\hsf_msft.sys

2011-04-06 02:57 . 2001-08-18 02:36 119296 ----a-w- c:\windows\system32\dllcache\hpdigwia.dll

2011-04-06 02:56 . 2001-08-18 02:36 43520 ----a-w- c:\windows\system32\dllcache\EXCH_fcachdll.dll

2011-04-06 02:55 . 2001-08-17 17:53 7296 ----a-w- c:\windows\system32\dllcache\elmsmc.sys

2011-04-06 02:54 . 2001-08-17 16:14 21606 ----a-w- c:\windows\system32\dllcache\digiisdn.sys

2011-04-06 02:53 . 2001-08-17 17:52 14976 ----a-w- c:\windows\system32\dllcache\cpqarray.sys

2011-04-06 02:52 . 2004-08-10 05:00 45568 ----a-w- c:\windows\system32\dllcache\browscap.dll

2011-04-06 02:51 . 2004-08-04 01:32 231552 ----a-w- c:\windows\system32\dllcache\ac97ali.sys

2011-04-06 02:51 . 2001-08-17 16:20 297728 ----a-w- c:\windows\system32\dllcache\ac97sis.sys

2011-04-06 02:51 . 2001-08-17 16:20 96256 ----a-w- c:\windows\system32\dllcache\ac97intc.sys

2011-04-06 02:51 . 2001-08-18 02:36 462848 ----a-w- c:\windows\system32\dllcache\a3dapi.dll

2011-04-06 02:51 . 2001-08-17 17:52 23552 ----a-w- c:\windows\system32\dllcache\abp480n5.sys

2011-04-06 02:51 . 2008-04-13 17:40 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys

2011-04-06 02:51 . 2001-08-18 02:36 98304 ----a-w- c:\windows\system32\dllcache\a3d.dll

2011-04-06 02:51 . 2001-08-17 18:55 38400 ----a-w- c:\windows\system32\dllcache\8514a.dll

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-04-07 02:33 . 2011-01-21 02:58 1409 ----a-w- c:\windows\QTFont.for

2011-01-21 14:44 . 2004-08-10 05:00 439296 ----a-w- c:\windows\system32\shimgvw.dll

2011-03-18 17:53 . 2011-04-07 01:29 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll

2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll

2007-12-17 13:43 27648 --sh--w- c:\windows\system32\Smab0.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SHS"="c:\program files\Rogers\SelfHealing\SHS.exe" [2005-05-17 2418344]

"FixCleaner"="c:\program files\FixCleaner\FixCleaner.exe" [2011-04-01 47650656]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]

"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-09-21 1605740]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-04-05 344064]

"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]

"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-04-23 228088]

"EPSON Stylus CX4200 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAEA.EXE" [2005-03-08 98304]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe" [2007-09-11 67488]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-04-18 1800464]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"AvgUninstallURL"="start http:" [X]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]

McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-27 199184]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

Updates from HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2005-11-25 36903]

.

c:\documents and settings\Default User\Start Menu\Programs\Startup\

Pin.lnk - c:\hp\bin\CLOAKER.EXE [2005-11-25 27136]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\system32\guard32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-04-18 134344]

S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-04-18 25160]

S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [2007-10-16 81920]

S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [2007-10-16 2711552]

.

.

Contents of the 'Scheduled Tasks' folder

.

2011-04-08 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 15:20]

.

2011-04-07 c:\windows\Tasks\FixCleaner Scan.job

- c:\program files\FixCleaner\FixCleaner.exe [2011-04-07 18:45]

.

.

------- Supplementary Scan -------

.

IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000

FF - ProfilePath - c:\documents and settings\J\Application Data\Mozilla\Firefox\Profiles\gg4xcs3x.default\

FF - prefs.js: browser.search.selectedEngine - Amazon.com

FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/

.

- - - - ORPHANS REMOVED - - - -

.

Notify-efcCsqRK - efcCsqRK.dll

Notify-opnnkjGa - opnnkjGa.dll

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-04-07 22:33

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(804)

c:\windows\system32\Ati2evxx.dll

.

- - - - - - - > 'explorer.exe'(3704)

c:\windows\system32\msi.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

c:\windows\arservice.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\system32\HPZipm12.exe

c:\windows\System32\StkASv2K.exe

c:\windows\ehome\mcrdsvc.exe

c:\windows\system32\wscntfy.exe

c:\windows\RTHDCPL.EXE

c:\program files\McAfee Security Scan\1.0.150\McUICnt.exe

c:\windows\system\hpsysdrv.exe

.

**************************************************************************

.

Completion time: 2011-04-07 23:00:08 - machine was rebooted

ComboFix-quarantined-files.txt 2011-04-08 02:59

.

Pre-Run: 21,983,531,008 bytes free

Post-Run: 22,092,926,976 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

.

- - End Of File - - A963D01E31D5D739E0C2B236A4651E53

Share this post


Link to post
Share on other sites

Please delete the current copy of Combofix and download a new fresh version and run it again. Do not edit the log before posting, the current log is either corrupt or has been edited to remove important header information.

Then also run a new DDS scan and post back those NEW logs too.

Share this post


Link to post
Share on other sites

okay here's the log as I have it:

ComboFix 11-04-07.06 - Jason 07/04/2011 22:09:50.1.2 - x86

Running from: c:\documents and settings\Jason\Desktop\ComboFix.exe

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\docume~1\Jason\LOCALS~1\Temp\IadHide5.dll

c:\documents and settings\Administrator\WINDOWS

c:\documents and settings\Amy\WINDOWS

c:\documents and settings\Default User\WINDOWS

c:\documents and settings\Family\WINDOWS

c:\documents and settings\HP_Administrator\WINDOWS

c:\documents and settings\Jason\Application Data\inst.exe

c:\documents and settings\Jason\Local Settings\Temp\IadHide5.dll

c:\documents and settings\Jason\WINDOWS

c:\documents and settings\Jessica\WINDOWS

c:\windows\dat.txt

c:\windows\system32\config\systemprofile\WINDOWS

c:\windows\system32\dumphive.exe

c:\windows\system32\IEDFix.exe

c:\windows\system32\Process.exe

c:\windows\system32\ps2.bat

c:\windows\system32\SrchSTS.exe

c:\windows\system32\tmp.reg

c:\windows\system32\VACFix.exe

c:\windows\system32\VCCLSID.exe

c:\windows\system32\WS2Fix.exe

D:\Autorun.inf

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_MYWEBSEARCHSERVICE

-------\Legacy_USNJSVC

-------\Service_MyWebSearchService

-------\Service_usnjsvc

.

.

((((((((((((((((((((((((( Files Created from 2011-03-08 to 2011-04-08 )))))))))))))))))))))))))))))))

.

.

2011-04-08 00:17 . 2011-04-08 00:18 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData

2011-04-07 02:52 . 2011-04-08 00:05 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software

2011-04-07 02:52 . 2011-04-07 02:52 -------- d-----w- c:\program files\AVAST Software

2011-04-07 02:27 . 2011-04-08 00:23 -------- d-----w- c:\documents and settings\Jason\Application Data\FixCleaner

2011-04-07 02:26 . 2011-04-07 02:28 -------- d-----w- c:\program files\FixCleaner

2011-04-07 01:29 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll

2011-04-07 01:29 . 2011-03-18 17:53 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll

2011-04-07 01:29 . 2011-03-18 17:53 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll

2011-04-07 01:29 . 2011-03-18 17:53 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll

2011-04-07 01:29 . 2011-03-18 17:53 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll

2011-04-07 01:29 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll

2011-04-07 01:29 . 2011-03-18 17:53 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll

2011-04-07 01:29 . 2011-03-18 17:53 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll

2011-04-06 03:24 . 2008-04-13 23:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2011-04-06 03:23 . 2001-08-18 02:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2011-04-06 03:23 . 2008-04-13 23:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll

2011-04-06 03:23 . 2001-08-18 02:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe

2011-04-06 03:23 . 2001-08-18 02:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe

2011-04-06 03:23 . 2001-08-18 02:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe

2011-04-06 03:23 . 2001-08-17 16:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys

2011-04-06 03:23 . 2004-08-04 01:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys

2011-04-06 03:23 . 2004-08-04 01:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys

2011-04-06 03:23 . 2008-04-13 23:12 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll

2011-04-06 03:21 . 2004-08-04 01:29 11775 ----a-w- c:\windows\system32\dllcache\wadv05nt.sys

2011-04-06 03:20 . 2001-08-17 17:28 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys

2011-04-06 03:20 . 2001-08-17 17:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys

2011-04-06 03:20 . 2001-08-17 17:28 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys

2011-04-06 03:20 . 2001-08-17 17:28 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys

2011-04-06 03:20 . 2001-08-17 17:28 794399 ----a-w- c:\windows\system32\dllcache\usr1806v.sys

2011-04-06 03:20 . 2001-08-17 17:28 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys

2011-04-06 03:20 . 2001-08-17 17:28 794654 ----a-w- c:\windows\system32\dllcache\usr1801.sys

2011-04-06 03:20 . 2008-04-13 17:45 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys

2011-04-06 03:20 . 2004-08-04 01:31 32384 ----a-w- c:\windows\system32\dllcache\usb101et.sys

2011-04-06 03:20 . 2001-08-18 02:36 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll

2011-04-06 03:20 . 2001-08-18 02:36 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll

2011-04-06 03:20 . 2001-08-18 02:36 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll

2011-04-06 03:19 . 2001-08-18 02:36 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll

2011-04-06 03:19 . 2001-08-18 02:36 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll

2011-04-06 03:19 . 2001-08-17 17:58 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys

2011-04-06 03:19 . 2001-08-18 02:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll

2011-04-06 03:19 . 2001-08-18 02:36 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll

2011-04-06 03:19 . 2001-08-18 02:36 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll

2011-04-06 03:19 . 2001-08-18 02:36 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll

2011-04-06 03:19 . 2001-08-17 17:52 36736 ----a-w- c:\windows\system32\dllcache\ultra.sys

2011-04-06 03:19 . 2001-08-17 17:48 11520 ----a-w- c:\windows\system32\dllcache\twotrack.sys

2011-04-06 03:19 . 2004-08-10 05:00 14336 ----a-w- c:\windows\system32\dllcache\tsprof.exe

2011-04-06 03:19 . 2001-08-17 16:51 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys

2011-04-06 03:19 . 2001-08-18 02:36 525568 ----a-w- c:\windows\system32\dllcache\tridxp.dll

2011-04-06 03:17 . 2004-08-10 05:00 185344 ----a-w- c:\windows\system32\dllcache\thawbrkr.dll

2011-04-06 03:16 . 2001-08-17 18:07 30688 ----a-w- c:\windows\system32\dllcache\sym_u3.sys

2011-04-06 03:16 . 2001-08-17 18:07 28384 ----a-w- c:\windows\system32\dllcache\sym_hi.sys

2011-04-06 03:16 . 2001-08-18 02:36 94293 ----a-w- c:\windows\system32\dllcache\sxports.dll

2011-04-06 03:16 . 2001-08-17 17:50 103936 ----a-w- c:\windows\system32\dllcache\sx.sys

2011-04-06 03:16 . 2001-08-17 18:02 3968 ----a-w- c:\windows\system32\dllcache\swusbflt.sys

2011-04-06 03:16 . 2001-08-18 02:36 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll

2011-04-06 03:16 . 2001-08-18 02:36 10240 ----a-w- c:\windows\system32\dllcache\swpdflt2.dll

2011-04-06 03:16 . 2001-08-18 02:36 53760 ----a-w- c:\windows\system32\dllcache\sw_wheel.dll

2011-04-06 03:16 . 2001-08-18 02:36 41472 ----a-w- c:\windows\system32\dllcache\sw_effct.dll

2011-04-06 03:16 . 2001-08-18 02:36 155648 ----a-w- c:\windows\system32\dllcache\stlnprop.dll

2011-04-06 03:16 . 2001-08-18 02:36 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll

2011-04-06 03:16 . 2001-08-17 16:18 285760 ----a-w- c:\windows\system32\dllcache\stlnata.sys

2011-04-06 03:15 . 2001-08-17 17:51 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys

2011-04-06 03:15 . 2004-08-10 05:00 16896 ----a-w- c:\windows\system32\dllcache\status.dll

2011-04-06 03:15 . 2001-08-17 16:11 48736 ----a-w- c:\windows\system32\dllcache\srwlnd5.sys

2011-04-06 03:15 . 2001-08-18 02:36 99328 ----a-w- c:\windows\system32\dllcache\srusd.dll

2011-04-06 03:15 . 2004-08-10 05:00 101376 ----a-w- c:\windows\system32\dllcache\srusbusd.dll

2011-04-06 03:15 . 2001-08-18 02:36 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll

2011-04-06 03:15 . 2001-08-17 17:51 61824 ----a-w- c:\windows\system32\dllcache\speed.sys

2011-04-06 03:15 . 2001-08-18 02:36 106584 ----a-w- c:\windows\system32\dllcache\spdports.dll

2011-04-06 03:15 . 2001-08-17 18:07 19072 ----a-w- c:\windows\system32\dllcache\sparrow.sys

2011-04-06 03:15 . 2001-08-17 17:56 7552 ----a-w- c:\windows\system32\dllcache\sonypvu1.sys

2011-04-06 03:15 . 2001-08-17 16:51 37040 ----a-w- c:\windows\system32\dllcache\sonypi.sys

2011-04-06 03:15 . 2001-08-18 02:36 114688 ----a-w- c:\windows\system32\dllcache\sonypi.dll

2011-04-06 03:13 . 2001-08-18 02:36 28672 ----a-w- c:\windows\system32\dllcache\sma0w.dll

2011-04-06 03:12 . 2001-07-21 18:29 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys

2011-04-06 03:11 . 2001-08-17 17:51 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys

2011-04-06 03:10 . 2001-08-17 16:50 166720 ----a-w- c:\windows\system32\dllcache\s3m.sys

2011-04-06 03:09 . 2001-08-17 17:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys

2011-04-06 03:08 . 2008-04-13 23:12 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll

2011-04-06 03:07 . 2004-08-10 05:00 20992 ----a-w- c:\windows\system32\dllcache\permchk.dll

2011-04-06 03:06 . 2001-08-18 02:36 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe

2011-04-06 03:06 . 2001-08-18 02:36 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll

2011-04-06 03:06 . 2001-08-17 18:05 351616 ----a-w- c:\windows\system32\dllcache\ovcodek2.sys

2011-04-06 03:06 . 2001-08-18 02:36 116736 ----a-w- c:\windows\system32\dllcache\ovcodec2.dll

2011-04-06 03:06 . 2001-08-17 18:05 31872 ----a-w- c:\windows\system32\dllcache\ovce.sys

2011-04-06 03:06 . 2001-08-17 18:05 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys

2011-04-06 03:06 . 2001-08-17 18:05 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys

2011-04-06 03:06 . 2001-08-17 18:05 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys

2011-04-06 03:06 . 2001-08-17 17:28 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys

2011-04-06 03:06 . 2001-08-17 16:12 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys

2011-04-06 03:06 . 2001-08-17 16:12 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys

2011-04-06 03:06 . 2001-08-17 16:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys

2011-04-06 03:06 . 2001-08-17 16:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys

2011-04-06 03:04 . 2001-08-17 18:56 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll

2011-04-06 03:03 . 2008-04-13 17:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys

2011-04-06 03:03 . 2001-08-17 17:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys

2011-04-06 03:03 . 2001-08-17 18:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys

2011-04-06 03:03 . 2008-04-13 17:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys

2011-04-06 03:03 . 2004-08-10 05:00 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll

2011-04-06 03:03 . 2001-08-17 18:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys

2011-04-06 03:03 . 2001-08-17 17:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys

2011-04-06 03:03 . 2001-08-17 17:52 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys

2011-04-06 03:03 . 2008-04-13 17:46 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys

2011-04-06 03:03 . 2001-08-17 17:57 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys

2011-04-06 03:03 . 2001-08-17 17:52 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys

2011-04-06 03:03 . 2004-08-10 05:00 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe

2011-04-06 03:03 . 2001-08-17 16:50 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys

2011-04-06 03:01 . 2001-08-17 16:12 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys

2011-04-06 03:00 . 2004-08-10 05:00 6144 ----a-w- c:\windows\system32\dllcache\kbd101a.dll

2011-04-06 02:59 . 2001-08-18 02:36 45056 ----a-w- c:\windows\system32\dllcache\icam5com.dll

2011-04-06 02:58 . 2001-08-17 17:28 542879 ----a-w- c:\windows\system32\dllcache\hsf_msft.sys

2011-04-06 02:57 . 2001-08-18 02:36 119296 ----a-w- c:\windows\system32\dllcache\hpdigwia.dll

2011-04-06 02:56 . 2001-08-18 02:36 43520 ----a-w- c:\windows\system32\dllcache\EXCH_fcachdll.dll

2011-04-06 02:55 . 2001-08-17 17:53 7296 ----a-w- c:\windows\system32\dllcache\elmsmc.sys

2011-04-06 02:54 . 2001-08-17 16:14 21606 ----a-w- c:\windows\system32\dllcache\digiisdn.sys

2011-04-06 02:53 . 2001-08-17 17:52 14976 ----a-w- c:\windows\system32\dllcache\cpqarray.sys

2011-04-06 02:52 . 2004-08-10 05:00 45568 ----a-w- c:\windows\system32\dllcache\browscap.dll

2011-04-06 02:51 . 2004-08-04 01:32 231552 ----a-w- c:\windows\system32\dllcache\ac97ali.sys

2011-04-06 02:51 . 2001-08-17 16:20 297728 ----a-w- c:\windows\system32\dllcache\ac97sis.sys

2011-04-06 02:51 . 2001-08-17 16:20 96256 ----a-w- c:\windows\system32\dllcache\ac97intc.sys

2011-04-06 02:51 . 2001-08-18 02:36 462848 ----a-w- c:\windows\system32\dllcache\a3dapi.dll

2011-04-06 02:51 . 2001-08-17 17:52 23552 ----a-w- c:\windows\system32\dllcache\abp480n5.sys

2011-04-06 02:51 . 2008-04-13 17:40 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys

2011-04-06 02:51 . 2001-08-18 02:36 98304 ----a-w- c:\windows\system32\dllcache\a3d.dll

2011-04-06 02:51 . 2001-08-17 18:55 38400 ----a-w- c:\windows\system32\dllcache\8514a.dll

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-04-07 02:33 . 2011-01-21 02:58 1409 ----a-w- c:\windows\QTFont.for

2011-01-21 14:44 . 2004-08-10 05:00 439296 ----a-w- c:\windows\system32\shimgvw.dll

2011-03-18 17:53 . 2011-04-07 01:29 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll

2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll

2007-12-17 13:43 27648 --sh--w- c:\windows\system32\Smab0.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SHS"="c:\program files\Rogers\SelfHealing\SHS.exe" [2005-05-17 2418344]

"FixCleaner"="c:\program files\FixCleaner\FixCleaner.exe" [2011-04-01 47650656]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]

"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-09-21 1605740]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-04-05 344064]

"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]

"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-04-23 228088]

"EPSON Stylus CX4200 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAEA.EXE" [2005-03-08 98304]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe" [2007-09-11 67488]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-04-18 1800464]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"AvgUninstallURL"="start http:" [X]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]

McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-27 199184]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

Updates from HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2005-11-25 36903]

.

c:\documents and settings\Default User\Start Menu\Programs\Startup\

Pin.lnk - c:\hp\bin\CLOAKER.EXE [2005-11-25 27136]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\system32\guard32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-04-18 134344]

S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-04-18 25160]

S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [2007-10-16 81920]

S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [2007-10-16 2711552]

.

.

Contents of the 'Scheduled Tasks' folder

.

2011-04-08 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 15:20]

.

2011-04-07 c:\windows\Tasks\FixCleaner Scan.job

- c:\program files\FixCleaner\FixCleaner.exe [2011-04-07 18:45]

.

.

------- Supplementary Scan -------

.

IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000

FF - ProfilePath - c:\documents and settings\Jason\Application Data\Mozilla\Firefox\Profiles\gg4xcs3x.default\

FF - prefs.js: browser.search.selectedEngine - Amazon.com

FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/

.

- - - - ORPHANS REMOVED - - - -

.

Notify-efcCsqRK - efcCsqRK.dll

Notify-opnnkjGa - opnnkjGa.dll

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-04-07 22:33

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(804)

c:\windows\system32\Ati2evxx.dll

.

- - - - - - - > 'explorer.exe'(3704)

c:\windows\system32\msi.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

c:\windows\arservice.exe

c:\windows\system32\Ati2evxx.exe

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\system32\HPZipm12.exe

c:\windows\System32\StkASv2K.exe

c:\windows\ehome\mcrdsvc.exe

c:\windows\system32\wscntfy.exe

c:\windows\RTHDCPL.EXE

c:\program files\McAfee Security Scan\1.0.150\McUICnt.exe

c:\windows\system\hpsysdrv.exe

.

**************************************************************************

.

Completion time: 2011-04-07 23:00:08 - machine was rebooted

ComboFix-quarantined-files.txt 2011-04-08 02:59

.

Pre-Run: 21,983,531,008 bytes free

Post-Run: 22,092,926,976 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

.

- - End Of File - - A963D01E31D5D739E0C2B236A4651E53

NEXT LOG

.

DDS (Ver_11-03-05.01)

.

.

==== Disk Partitions =========================

.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

Acrobat.com

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Photoshop Elements 6.0

Adobe Reader 9.4.1

Adobe Shockwave Player

Agere Systems PCI-SV92PP Soft Modem

AiO_Scan_CDA

AiOSoftwareNPI

ATI Control Panel

ATI Display Driver

Avi2Dvd 0.4.5 beta

AviSynth 2.5

BlackBerry Desktop Software 4.2.2

BlackBerry Device Software v4.5.0 for the BlackBerry 8320 smartphone

BufferChm

CameraDrivers

CCleaner

COMODO Internet Security

CP_AtenaShokunin1Config

CP_CalendarTemplates1

cp_LightScribeConfig

cp_LightScribePlugin

CP_Package_Basic1

CP_Package_Variety1

CP_Package_Variety2

CP_Package_Variety3

CP_Panorama1Config

CueTour

Destinations

DeviceManagementQFolder

DocProc

DocumentViewer

DocumentViewerQFolder

Enhanced Multimedia Keyboard Solution

EPSON CX 4200 4800 Guide

EPSON Printer Software

Fax_CDA

ffdshow [rev 610] [2006-12-01]

Firebird 2.1.0.16780 (Win32)

FixCleaner 2.0.4118

GdiplusUpgrade

GTK+ 2.10.6-1 runtime environment

Highlight Viewer (Windows Live Toolbar)

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB954550-v5)

HP Boot Optimizer

HP DigitalMedia Archive

HP Document Viewer 5.3

HP Image Zone 5.3

HP Image Zone for Media Center PC

HP Imaging Device Functions 5.3

HP Photosmart 330,380,420,470,7800,8000,8200 Series

HP Photosmart Cameras 5.0

HP PSC & OfficeJet 5.3.A

HP Solution Center & Imaging Support Tools 5.3

HP Update

HPProductAssistant

HpSdpAppCoreApp

Inkscape 0.46

InstantShareDevices

Java Auto Updater

Java 6 Update 2

Java 6 Update 23

Java 6 Update 3

Java 6 Update 5

Java 6 Update 7

Java SE Runtime Environment 6 Update 1

LightScribe 1.4.84.1

Malwarebytes' Anti-Malware

Map Button (Windows Live Toolbar)

McAfee Security Scan

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Away Mode

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Office XP Professional with FrontPage

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

Mozilla Firefox 4.0 (x86 en-US)

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

muvee autoProducer 4.5

muvee autoProducer unPlugged 1.2

NewCopy_CDA

PanoStandAlone

PC-Doctor 5 for Windows

PhotoGallery

PS2

PSPrinters08

PSTAPlugin

Python 2.2 pywin32 extensions (build 203)

Python 2.2.3

QuickTime

RandMap

RealPlayer

Realtek High Definition Audio Driver

Rogers Online Protection

Rogers Self Healing (remove only)

Rogers Update Manager (remove only)

Rogers Yahoo! Applications

Roxio Media Manager

RPS AntiVirus

RPS CRT

Scan

ScannerCopy

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360131)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2416400)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2482017)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982802)

SkinsHP1

Smart Menus (Windows Live Toolbar)

SolutionCenter

Sonic Express Labeler

Sonic MyDVD Plus

Sonic RecordNow Audio

Sonic RecordNow Copy

Sonic RecordNow Data

Sonic Update Manager

Sonic_PrimoSDK

Spelling Dictionaries Support For Adobe Reader 9

Spyware Doctor 3.1

SpywareBlaster 4.1

Status

StudioTax 2007

StudioTax 2008

StudioTax 2009

SUPER

Share this post


Link to post
Share on other sites

That is the same log file from yesterday. Please download a NEW version once again of Combofix and run it again and post back the NEW one.

Please also let me know how the system is working and what issues you seem to have with it.

Thanks

Share this post


Link to post
Share on other sites

Okay, the problem that remains is that anytime I try to install or uninstall software (like java) I get a pop up telling me that Windows Installer is not working. I tried installing Microsoft Essentials and the error pops up. I tried installing Adobe Reader updates and the error pops up. Do I have a virus that is preventing Installer from functioning ie to deny me from installing anti-virus software?

ComboFix 11-04-08.01 - Jason 08/04/2011 20:25:47.2.2 - x86

Running from: c:\documents and settings\Jason\Desktop\ComboFix.exe

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\docume~1\Jason\LOCALS~1\Temp\IadHide5.dll

c:\documents and settings\Jason\Local Settings\Temp\IadHide5.dll

.

.

((((((((((((((((((((((((( Files Created from 2011-03-09 to 2011-04-09 )))))))))))))))))))))))))))))))

.

.

2011-04-08 00:17 . 2011-04-08 00:18 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData

2011-04-07 02:52 . 2011-04-08 00:05 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software

2011-04-07 02:52 . 2011-04-07 02:52 -------- d-----w- c:\program files\AVAST Software

2011-04-07 02:27 . 2011-04-08 00:23 -------- d-----w- c:\documents and settings\Jason\Application Data\FixCleaner

2011-04-07 02:26 . 2011-04-07 02:28 -------- d-----w- c:\program files\FixCleaner

2011-04-07 01:29 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll

2011-04-07 01:29 . 2011-03-18 17:53 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll

2011-04-07 01:29 . 2011-03-18 17:53 1874904 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll

2011-04-07 01:29 . 2011-03-18 17:53 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll

2011-04-07 01:29 . 2011-03-18 17:53 728024 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll

2011-04-07 01:29 . 2011-03-18 17:53 142296 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll

2011-04-07 01:29 . 2011-03-18 17:53 1893336 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll

2011-04-07 01:29 . 2011-03-18 17:53 1975768 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll

2011-04-06 03:24 . 2008-04-13 23:12 116224 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2011-04-06 03:23 . 2001-08-18 02:36 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2011-04-06 03:23 . 2008-04-13 23:12 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll

2011-04-06 03:23 . 2001-08-18 02:37 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe

2011-04-06 03:23 . 2001-08-18 02:37 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe

2011-04-06 03:23 . 2001-08-18 02:37 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe

2011-04-06 03:23 . 2001-08-17 16:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys

2011-04-06 03:23 . 2004-08-04 01:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys

2011-04-06 03:23 . 2004-08-04 01:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys

2011-04-06 03:23 . 2008-04-13 23:12 8192 ----a-w- c:\windows\system32\dllcache\wshirda.dll

2011-04-06 03:21 . 2004-08-04 01:29 11775 ----a-w- c:\windows\system32\dllcache\wadv05nt.sys

2011-04-06 03:20 . 2001-08-17 17:28 765884 ----a-w- c:\windows\system32\dllcache\usrti.sys

2011-04-06 03:20 . 2001-08-17 17:28 113762 ----a-w- c:\windows\system32\dllcache\usrpda.sys

2011-04-06 03:20 . 2001-08-17 17:28 7556 ----a-w- c:\windows\system32\dllcache\usroslba.sys

2011-04-06 03:20 . 2001-08-17 17:28 224802 ----a-w- c:\windows\system32\dllcache\usr1807a.sys

2011-04-06 03:20 . 2001-08-17 17:28 794399 ----a-w- c:\windows\system32\dllcache\usr1806v.sys

2011-04-06 03:20 . 2001-08-17 17:28 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys

2011-04-06 03:20 . 2001-08-17 17:28 794654 ----a-w- c:\windows\system32\dllcache\usr1801.sys

2011-04-06 03:20 . 2008-04-13 17:45 26112 ----a-w- c:\windows\system32\dllcache\usbser.sys

2011-04-06 03:20 . 2004-08-04 01:31 32384 ----a-w- c:\windows\system32\dllcache\usb101et.sys

2011-04-06 03:20 . 2001-08-18 02:36 94720 ----a-w- c:\windows\system32\dllcache\umaxud32.dll

2011-04-06 03:20 . 2001-08-18 02:36 28160 ----a-w- c:\windows\system32\dllcache\umaxu40.dll

2011-04-06 03:20 . 2001-08-18 02:36 26624 ----a-w- c:\windows\system32\dllcache\umaxu22.dll

2011-04-06 03:19 . 2001-08-18 02:36 69632 ----a-w- c:\windows\system32\dllcache\umaxu12.dll

2011-04-06 03:19 . 2001-08-18 02:36 50688 ----a-w- c:\windows\system32\dllcache\umaxscan.dll

2011-04-06 03:19 . 2001-08-17 17:58 22912 ----a-w- c:\windows\system32\dllcache\umaxpcls.sys

2011-04-06 03:19 . 2001-08-18 02:36 50176 ----a-w- c:\windows\system32\dllcache\umaxp60.dll

2011-04-06 03:19 . 2001-08-18 02:36 47616 ----a-w- c:\windows\system32\dllcache\umaxcam.dll

2011-04-06 03:19 . 2001-08-18 02:36 211968 ----a-w- c:\windows\system32\dllcache\um54scan.dll

2011-04-06 03:19 . 2001-08-18 02:36 216064 ----a-w- c:\windows\system32\dllcache\um34scan.dll

2011-04-06 03:19 . 2001-08-17 17:52 36736 ----a-w- c:\windows\system32\dllcache\ultra.sys

2011-04-06 03:19 . 2001-08-17 17:48 11520 ----a-w- c:\windows\system32\dllcache\twotrack.sys

2011-04-06 03:19 . 2004-08-10 05:00 14336 ----a-w- c:\windows\system32\dllcache\tsprof.exe

2011-04-06 03:19 . 2001-08-17 16:51 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys

2011-04-06 03:19 . 2001-08-18 02:36 525568 ----a-w- c:\windows\system32\dllcache\tridxp.dll

2011-04-06 03:17 . 2004-08-10 05:00 185344 ----a-w- c:\windows\system32\dllcache\thawbrkr.dll

2011-04-06 03:16 . 2001-08-17 18:07 30688 ----a-w- c:\windows\system32\dllcache\sym_u3.sys

2011-04-06 03:16 . 2001-08-17 18:07 28384 ----a-w- c:\windows\system32\dllcache\sym_hi.sys

2011-04-06 03:16 . 2001-08-18 02:36 94293 ----a-w- c:\windows\system32\dllcache\sxports.dll

2011-04-06 03:16 . 2001-08-17 17:50 103936 ----a-w- c:\windows\system32\dllcache\sx.sys

2011-04-06 03:16 . 2001-08-17 18:02 3968 ----a-w- c:\windows\system32\dllcache\swusbflt.sys

2011-04-06 03:16 . 2001-08-18 02:36 10240 ----a-w- c:\windows\system32\dllcache\swpidflt.dll

2011-04-06 03:16 . 2001-08-18 02:36 10240 ----a-w- c:\windows\system32\dllcache\swpdflt2.dll

2011-04-06 03:16 . 2001-08-18 02:36 53760 ----a-w- c:\windows\system32\dllcache\sw_wheel.dll

2011-04-06 03:16 . 2001-08-18 02:36 41472 ----a-w- c:\windows\system32\dllcache\sw_effct.dll

2011-04-06 03:16 . 2001-08-18 02:36 155648 ----a-w- c:\windows\system32\dllcache\stlnprop.dll

2011-04-06 03:16 . 2001-08-18 02:36 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll

2011-04-06 03:16 . 2001-08-17 16:18 285760 ----a-w- c:\windows\system32\dllcache\stlnata.sys

2011-04-06 03:15 . 2001-08-17 17:51 16896 ----a-w- c:\windows\system32\dllcache\stcusb.sys

2011-04-06 03:15 . 2004-08-10 05:00 16896 ----a-w- c:\windows\system32\dllcache\status.dll

2011-04-06 03:15 . 2001-08-17 16:11 48736 ----a-w- c:\windows\system32\dllcache\srwlnd5.sys

2011-04-06 03:15 . 2001-08-18 02:36 99328 ----a-w- c:\windows\system32\dllcache\srusd.dll

2011-04-06 03:15 . 2004-08-10 05:00 101376 ----a-w- c:\windows\system32\dllcache\srusbusd.dll

2011-04-06 03:15 . 2001-08-18 02:36 24660 ----a-w- c:\windows\system32\dllcache\spxupchk.dll

2011-04-06 03:15 . 2001-08-17 17:51 61824 ----a-w- c:\windows\system32\dllcache\speed.sys

2011-04-06 03:15 . 2001-08-18 02:36 106584 ----a-w- c:\windows\system32\dllcache\spdports.dll

2011-04-06 03:15 . 2001-08-17 18:07 19072 ----a-w- c:\windows\system32\dllcache\sparrow.sys

2011-04-06 03:15 . 2001-08-17 17:56 7552 ----a-w- c:\windows\system32\dllcache\sonypvu1.sys

2011-04-06 03:15 . 2001-08-17 16:51 37040 ----a-w- c:\windows\system32\dllcache\sonypi.sys

2011-04-06 03:15 . 2001-08-18 02:36 114688 ----a-w- c:\windows\system32\dllcache\sonypi.dll

2011-04-06 03:13 . 2001-08-18 02:36 28672 ----a-w- c:\windows\system32\dllcache\sma0w.dll

2011-04-06 03:12 . 2001-07-21 18:29 161568 ----a-w- c:\windows\system32\dllcache\sgsmusb.sys

2011-04-06 03:11 . 2001-08-17 17:51 23936 ----a-w- c:\windows\system32\dllcache\sccmusbm.sys

2011-04-06 03:10 . 2001-08-17 16:50 166720 ----a-w- c:\windows\system32\dllcache\s3m.sys

2011-04-06 03:09 . 2001-08-17 17:51 19584 ----a-w- c:\windows\system32\dllcache\rasirda.sys

2011-04-06 03:08 . 2008-04-13 23:12 159232 ----a-w- c:\windows\system32\dllcache\ptpusd.dll

2011-04-06 03:07 . 2004-08-10 05:00 20992 ----a-w- c:\windows\system32\dllcache\permchk.dll

2011-04-06 03:06 . 2001-08-18 02:36 39424 ----a-w- c:\windows\system32\dllcache\ovcoms.exe

2011-04-06 03:06 . 2001-08-18 02:36 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll

2011-04-06 03:06 . 2001-08-17 18:05 351616 ----a-w- c:\windows\system32\dllcache\ovcodek2.sys

2011-04-06 03:06 . 2001-08-18 02:36 116736 ----a-w- c:\windows\system32\dllcache\ovcodec2.dll

2011-04-06 03:06 . 2001-08-17 18:05 31872 ----a-w- c:\windows\system32\dllcache\ovce.sys

2011-04-06 03:06 . 2001-08-17 18:05 28032 ----a-w- c:\windows\system32\dllcache\ovcd.sys

2011-04-06 03:06 . 2001-08-17 18:05 48000 ----a-w- c:\windows\system32\dllcache\ovcam2.sys

2011-04-06 03:06 . 2001-08-17 18:05 25088 ----a-w- c:\windows\system32\dllcache\ovca.sys

2011-04-06 03:06 . 2001-08-17 17:28 54186 ----a-w- c:\windows\system32\dllcache\otcsercb.sys

2011-04-06 03:06 . 2001-08-17 16:12 43689 ----a-w- c:\windows\system32\dllcache\otceth5.sys

2011-04-06 03:06 . 2001-08-17 16:12 27209 ----a-w- c:\windows\system32\dllcache\otc06x5.sys

2011-04-06 03:06 . 2001-08-17 16:20 54528 ----a-w- c:\windows\system32\dllcache\opl3sax.sys

2011-04-06 03:06 . 2001-08-17 16:50 198144 ----a-w- c:\windows\system32\dllcache\nv3.sys

2011-04-06 03:04 . 2001-08-17 18:56 91488 ----a-w- c:\windows\system32\dllcache\n9i3disp.dll

2011-04-06 03:03 . 2008-04-13 17:46 49024 ----a-w- c:\windows\system32\dllcache\mstape.sys

2011-04-06 03:03 . 2001-08-17 17:48 12416 ----a-w- c:\windows\system32\dllcache\msriffwv.sys

2011-04-06 03:03 . 2001-08-17 18:00 2944 ----a-w- c:\windows\system32\dllcache\msmpu401.sys

2011-04-06 03:03 . 2008-04-13 17:54 22016 ----a-w- c:\windows\system32\dllcache\msircomm.sys

2011-04-06 03:03 . 2004-08-10 05:00 98304 ----a-w- c:\windows\system32\dllcache\msir3jp.dll

2011-04-06 03:03 . 2001-08-17 18:02 35200 ----a-w- c:\windows\system32\dllcache\msgame.sys

2011-04-06 03:03 . 2001-08-17 17:48 6016 ----a-w- c:\windows\system32\dllcache\msfsio.sys

2011-04-06 03:03 . 2001-08-17 17:52 17280 ----a-w- c:\windows\system32\dllcache\mraid35x.sys

2011-04-06 03:03 . 2008-04-13 17:46 15232 ----a-w- c:\windows\system32\dllcache\mpe.sys

2011-04-06 03:03 . 2001-08-17 17:57 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys

2011-04-06 03:03 . 2001-08-17 17:52 6528 ----a-w- c:\windows\system32\dllcache\miniqic.sys

2011-04-06 03:03 . 2004-08-10 05:00 34304 ----a-w- c:\windows\system32\dllcache\migisol.exe

2011-04-06 03:03 . 2001-08-17 16:50 320384 ----a-w- c:\windows\system32\dllcache\mgaum.sys

2011-04-06 03:01 . 2001-08-17 16:12 70730 ----a-w- c:\windows\system32\dllcache\lne100tx.sys

2011-04-06 03:00 . 2004-08-10 05:00 6144 ----a-w- c:\windows\system32\dllcache\kbd101a.dll

2011-04-06 02:59 . 2001-08-18 02:36 45056 ----a-w- c:\windows\system32\dllcache\icam5com.dll

2011-04-06 02:58 . 2001-08-17 17:28 542879 ----a-w- c:\windows\system32\dllcache\hsf_msft.sys

2011-04-06 02:57 . 2001-08-18 02:36 119296 ----a-w- c:\windows\system32\dllcache\hpdigwia.dll

2011-04-06 02:56 . 2001-08-18 02:36 43520 ----a-w- c:\windows\system32\dllcache\EXCH_fcachdll.dll

2011-04-06 02:55 . 2001-08-17 17:53 7296 ----a-w- c:\windows\system32\dllcache\elmsmc.sys

2011-04-06 02:54 . 2001-08-17 16:14 21606 ----a-w- c:\windows\system32\dllcache\digiisdn.sys

2011-04-06 02:53 . 2001-08-17 17:52 14976 ----a-w- c:\windows\system32\dllcache\cpqarray.sys

2011-04-06 02:52 . 2004-08-10 05:00 45568 ----a-w- c:\windows\system32\dllcache\browscap.dll

2011-04-06 02:51 . 2004-08-04 01:32 231552 ----a-w- c:\windows\system32\dllcache\ac97ali.sys

2011-04-06 02:51 . 2001-08-17 16:20 297728 ----a-w- c:\windows\system32\dllcache\ac97sis.sys

2011-04-06 02:51 . 2001-08-17 16:20 96256 ----a-w- c:\windows\system32\dllcache\ac97intc.sys

2011-04-06 02:51 . 2001-08-18 02:36 462848 ----a-w- c:\windows\system32\dllcache\a3dapi.dll

2011-04-06 02:51 . 2001-08-17 17:52 23552 ----a-w- c:\windows\system32\dllcache\abp480n5.sys

2011-04-06 02:51 . 2008-04-13 17:40 12288 ----a-w- c:\windows\system32\dllcache\4mmdat.sys

2011-04-06 02:51 . 2001-08-18 02:36 98304 ----a-w- c:\windows\system32\dllcache\a3d.dll

2011-04-06 02:51 . 2001-08-17 18:55 38400 ----a-w- c:\windows\system32\dllcache\8514a.dll

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-04-07 02:33 . 2011-01-21 02:58 1409 ----a-w- c:\windows\QTFont.for

2011-01-21 14:44 . 2004-08-10 05:00 439296 ----a-w- c:\windows\system32\shimgvw.dll

2011-03-18 17:53 . 2011-04-07 01:29 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2006-05-03 10:06 163328 --sh--r- c:\windows\system32\flvDX.dll

2007-02-21 11:47 31232 --sh--r- c:\windows\system32\msfDX.dll

2007-12-17 13:43 27648 --sh--w- c:\windows\system32\Smab0.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2011-04-08_02.34.10 )))))))))))))))))))))))))))))))))))))))))

.

+ 2011-04-09 00:43 . 2011-04-09 00:43 16384 c:\windows\Temp\Perflib_Perfdata_7fc.dat

+ 2005-08-31 05:07 . 2011-04-09 00:47 71732 c:\windows\system32\perfc009.dat

- 2005-08-31 05:07 . 2011-04-08 02:35 71732 c:\windows\system32\perfc009.dat

+ 2005-08-31 05:07 . 2011-04-09 00:47 442466 c:\windows\system32\perfh009.dat

- 2005-08-31 05:07 . 2011-04-08 02:35 442466 c:\windows\system32\perfh009.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SHS"="c:\program files\Rogers\SelfHealing\SHS.exe" [2005-05-17 2418344]

"FixCleaner"="c:\program files\FixCleaner\FixCleaner.exe" [2011-04-01 47650656]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]

"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-09-21 1605740]

"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-04-05 344064]

"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]

"RoxWatchTray"="c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2007-04-23 228088]

"EPSON Stylus CX4200 Series"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAEA.EXE" [2005-03-08 98304]

"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe" [2007-09-11 67488]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-04-18 1800464]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"AvgUninstallURL"="start http:" [X]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]

McAfee Security Scan.lnk - c:\program files\McAfee Security Scan\1.0.150\SSScheduler.exe [2009-7-27 199184]

Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

Updates from HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2005-11-25 36903]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"AppInit_DLLs"=c:\windows\system32\guard32.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2010-04-18 134344]

S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2010-04-18 25160]

S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [2007-10-16 81920]

S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [2007-10-16 2711552]

.

.

Contents of the 'Scheduled Tasks' folder

.

2011-04-09 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job

- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 15:20]

.

.

------- Supplementary Scan -------

.

IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office10\EXCEL.EXE/3000

FF - ProfilePath - c:\documents and settings\Jason\Application Data\Mozilla\Firefox\Profiles\gg4xcs3x.default\

FF - prefs.js: browser.search.selectedEngine - Amazon.com

FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-04-08 20:49

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(804)

c:\windows\system32\Ati2evxx.dll

.

- - - - - - - > 'explorer.exe'(3244)

c:\windows\system32\msi.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

c:\windows\arservice.exe

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\system32\HPZipm12.exe

c:\windows\System32\StkASv2K.exe

c:\windows\ehome\mcrdsvc.exe

c:\windows\system32\wscntfy.exe

c:\windows\system32\Ati2evxx.exe

c:\program files\McAfee Security Scan\1.0.150\McUICnt.exe

c:\windows\RTHDCPL.EXE

c:\windows\system32\space.scr

.

**************************************************************************

.

Completion time: 2011-04-08 21:15:50 - machine was rebooted

ComboFix-quarantined-files.txt 2011-04-09 01:15

ComboFix2.txt 2011-04-08 03:00

.

Pre-Run: 22,174,978,048 bytes free

Post-Run: 21,952,475,136 bytes free

.

- - End Of File - - 55287CC5C5A8C16BE2ED12A2CC12329C

Share this post


Link to post
Share on other sites

No you probably have the service disabled. Please run the following and post back the results.

STEP 01

Using your mouse, Highlight and then Right-click | Copy the entire contents of the Code box below, including blank lines


Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SHS"=-
"FixCleaner"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=-
File::
c:\documents and settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan.lnk

Open a new Notepad session (Do not use a Word Processor or WordPad). Click "Format" and be certain that Word Wrap is not enabled. Right-click | Paste the Code box contents from above into Notepad. Click File, Save as..., and set the location to your Desktop, and enter (including quotation marks) as the filename: "CFscript.txt" .

Using your mouse, drag the new file CFscript.txt and drop it on the Combo-Fix.exe icon as shown:

CFScript.gif

  • Important: Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
  • Disable your Antivirus software. If it has Script Blocking features, please disable these as well.
  • A window may open with a series of Disclaimers. Accept the Disclaimers to start the fix.
    When the scan completes Notepad will open with with your results log open. Do a File, Exit.

A caution - Do not run Combofix more than once. Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop. Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.

Post back the Combofix log on your next reply.

STEP 02

  1. Download the Event Viewer Tool by Vino Rosso VEW and save it to your Desktop:
  2. Double-click VEW.exe
  3. Under 'Select log to query', select:
    • Application
    • System

[*]Under 'Select type to list', select:

  • Error

[*] Click the radio button for 'Number of events'

[*]Type 20 in the 1 to 20 box

[*]Then click the Run button.

[*]Notepad will open with the output log.

Please post the Output log in your next reply

STEP 03

Let's get a NEW DDS scan please.

Download
DDS
and save it to your desktop

Disable any script blocker if your Anti-Virus/Anti-Malware has it.

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.

Then double click
dds.scr
to run the tool.

When done, the
DDS.txt
will open.

Click Yes at the next prompt for Optional Scan.


    When done, DDS will open two (2) logs:

  1. DDS.txt

  2. Attach.txt

  • Save both reports to your desktop
  • Please include the following logs in your next reply:
    DDS.txt
    and
    Attach.txt

STEP 04

Please click on this link and download and then run the following Windows Installer 4.5 Redistributable

Look for the following file and download it to run. WindowsXP-KB942288-v3-x86.exe

If that does not correct the Windows installer issue then please review the suggestions from this page

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.