Inactive Can't get on the internet even in safemode network

[msaffa]

It will not recognize a flash drive. my wireless is shut down. I can do a hijackthis log but can't get on the internet to post it. I could type it out if that would help. from looking at the hjt log looks like alot of processes are not running. if anyone could point me in the right direction where to start looking that would be great. I have read all of the post that had alot of the same things in their hjt list. so far that direction has not helped. This is my friends computer and I offered to help her get it cleaned. This all happened when her son went on some kind of peer to peer site to get music. I removed a program that was peer to peer forgot the name but it had a blue lookin bug as a moniker. thank you for any help

When I try and get on the internet safe mode with networking I get a Your security
settting level puts your cmputer at risk. click here to change our security settings.
when I click on it I click on open security settings. when I change them nothing happens
I keep getting the same warning kinda like a circle. It will not allow me to change firewall settings.
I have typed free hand a copy of my HJT log. that is the only program on this computer. it has AVG but will not allow it to opened. so here is my typed HJT log please someone help me

 

[Bobbye]

Welcome to TechSpot! I'll be glad to help, but you will have to get some information. We do not use Hijack This to 'screen' for malware. Please also note the reference to pasting logs in the reply, rather than attaching.

Since you cannot access the internet, you will need to download and update the following scans on a flash drive, then run each on the problem system. If you can get into Normal Mode when you boot, even without the internet, run that scans in Normal Mode.

Be cautious using Safe Mode with Networking because your security doesn't run in that mode.
==============================
Please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

When you have finished, leave the logs for review in your next reply .
NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
====================================================
My Guidelines: please read and follow:

• Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
• Read my instructions carefully. If you don't understand or have a problem, ask me.
• If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
• Follow the order of the tasks I give you. Order is crucial in cleaning process.
• File sharing programs should be uninstalled or disabled during the cleaning process..
• Observe these:
  [o] Don't use any other cleaning programs or scans while I'm helping you.
  [o] Don't use a Registry cleaner or make any changes in the Registry.
  [o] Don't download and install new programs- except those I give you.
• Please let me know if there is any change in the system.

If I have not replied for 2 days, you can send me a PM reminder. Include the URL of your thread. Please do not send me a PM to tell me your logs are up.
If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
=====================================

 

[msaffa]

Welcome to TechSpot! I'll be glad to help, but you will have to get some information. We do not use Hijack This to 'screen' for malware. Please also note the reference to pasting logs in the reply, rather than attaching.

Since you cannot access the internet, you will need to download and update the following scans on a flash drive, then run each on the problem system. If you can get into Normal Mode when you boot, even without the internet, run that scans in Normal Mode.

Be cautious using Safe Mode with Networking because your security doesn't run in that mode.
==============================
Please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

When you have finished, leave the logs for review in your next reply .
NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.
====================================================
My Guidelines: please read and follow:

• Be patient. Malware cleaning takes time and I am also working with other members while I am helping you.
• Read my instructions carefully. If you don't understand or have a problem, ask me.
• If you have questions, or if a program doesn't work, stop and tell me about it. Don't try to get around it yourself.
• Follow the order of the tasks I give you. Order is crucial in cleaning process.
• File sharing programs should be uninstalled or disabled during the cleaning process..
• Observe these:
  [o] Don't use any other cleaning programs or scans while I'm helping you.
  [o] Don't use a Registry cleaner or make any changes in the Registry.
  [o] Don't download and install new programs- except those I give you.
• Please let me know if there is any change in the system.

If I have not replied for 2 days, you can send me a PM reminder. Include the URL of your thread. Please do not send me a PM to tell me your logs are up.
If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.
=====================================

I have tried to run scans by flash drive the computer does not reconize the flash drive or let me add it as new hardware. sorry about the hjt log its the only program that can scan on that computer, I need some way to manually do something I was hoping after typing out the hjt log maybe someone could help. the computer will not let me do anything.

 

[Bobbye]

You do not need to quote my reply. It takes up too much space. And it is always visible.

The system isn't configured correctly. IT is difficult to give '3rd party help'> you, me and the user-because we have to go back and forth. And you will need to know "How to add new hardware:"
The Add Hardware Wizard enables you to add new hardware or troubleshoot any hardware-related problems.

Open the Add Hardware Wizard
Click Start> Control Panel> Click Printers and Other Hardware> . Under See Also>> click Add Hardware.
======================================
I looked at the HJT log: This is a big NO One wrong letter in a word can change an entry to malware.

I have typed free hand a copy of my HJT log.

If you got the log, you can copy it:

• [*]When started click on the Scan button and then the Save Log button to create a log of your information.
  [*]The log file and then the log will open in notepad. Be sure to click on Format> Uncheck Word Wrap when you open Notepad
  [*] Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
  [*] Come back here to this thread and paste (Ctrl+V) the log in your next reply.

=====================================
Regarding HijackThis:
1. It's an outdated version.
2. You should not makes comments in any log. If you want to explain something, do it at the end.
3. It is not the complete HJT log. (NO, I don't want you to run it except to check the entries in #5
4. Did you set this or type it in?

O15 - ProtocolDefaults: '@ivt' protocol is in My computer Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone

These entries are why you can't access the internet. They are not correct.

5. Run HJT again in the 'do system scan only mode. Check the following if present:

RO-HKCUsoftware\microsoft\internet explorer\main,start page =
RO-HKCU\software\microsoft\internet explorer\main,local page =
RO-HKCU\software\microsoft\internet explorer\toolbar, linksfolder name=
R3- Default URLSearchhook is missing
04- HKLM\..\run:[MSConfig} C:\window\PCHelpCtr\Binaries\MSConfig.exe /auto
O15 - ProtocolDefaults: '@ivt' protocol is in My computer Zone, should be Intranet Zone
O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be internet Zone
O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone

Close all Windows except HJT. Click on "Fix Checked."

You have no homepage set, no search page, no links page, no indication of whether the system is configured correctly.
===============================
When finished the above, do this:
Click on Start> Settings> Control Panel> Internet Options>
Advanced tab> Check 'Restore Defaults'
Programs tab> Check 'Reset Web Settings
Programs tab> Check 'Internet Explorer should check to see if it's the default
Click on Apply
Confirm the IE should check now. If it is set as default, okay. If it is not, click 'yes' t set as default
Click OK
Close Internet Options
Reboot the computer into Normal Mode.
=================================
Let me know the result. Depending on the result, I may have your thread moved to a more suitable forum as this is more of a system problem that it is a malware problem.

 

[msaffa]

I am not going through anyone else I have the computer right here beside me. I did everything you told me. I still can't get on the internet. all the hjt came back except the 04 one.

I did not set the ProtocolDefaults or type them in anywhere

When I try and get on the internet this is what it says:
A Program on your computer has corrupted your default search provider setting for Internet
Explorer Internet Explorer has reset this setting to your original search provider, Live Search (search.live.com)
Internet Explorer will now open Search Settings, shere you can change this setting or install more search providers.

If I bring up internet tools it show the Home page as www.msn.com.

The add Hardware wizard will not open

I am able to boot up in normal mode.

 

[Bobbye]

See if this will work:

Here are instructions to remove SearchSettings:

1. Click on Start> Control Panel> Add/Remove Programs" or "Uninstall a Program."
2. Look for Search Settings in the list that follows. If it appears (it usually doesn't), select and delete it.
3. Click on Start> All Programs> Accessories> System Tools> Windows Explorers.
4. Once in Windws Explorer> click on Tools> Folder Options> View tab> Check 'show hidden files and folders'> Uncheck 'Hide system files Recommended> Click on Apply and click yes to Confirm.
5. Again click on the Tools> Manage Add-ons> Find Search Settings among the list and select Disable (or Remove if possible). Note: Look in both 'addons currently on system' and addons previously on system'
6. Open Firefox if you have it installed> Tools> Add-ons> Look for Search for Search Settings. If it's there, click the Uninstall button.
7. Download the free Windows Installer CleanUp Utility . Install, then open the utility. Look for Search Settings among the programs listed, select it, and then press the "Remove" button.

 

[msaffa]

I finally got Window Explorer opened. Under tools I changed viewing files and folders. I do not have Manage Add-ons.

If I click on Help I get a pop up Windows cannot open Help and Support because a system service is not running to fix this problem, start the service named "Help and Support'

ok question under computer Management (Local) Services should everything under startup type be disabled?

 

[Bobbye]

Tools in Windows Explorer is for Folder Options.

For Manage Addons, you must use Tools in Internet Explorer

The "Tools" have different content according to their location.

No. If all the Services are disabled, you won't be able to do anything. Some of them have to be set to Automatic in order to startup and access the internet. Did you find them all disabled? IF the Services are all disabled, do the following:Start> Run> type in msconfig> enter> Services tab> Check Enable All

The 'enable all' is only a temporary reversal of you found them all disabled.

 

[msaffa]

they were all disbled except for 4 of them.

 

[msaffa]

k I can now use the usb what do I need to down load to it, still can not get on the internet

 

[Bobbye]

Every sentence in a new post generted an email feedback to me. Please use the Edit feature for short post. Just don't edit to put logs in.

Continue with this:
If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

NOTE: If you already have any of the scanning programs on the computer, please remove them and download the versions in these links.

When you have finished, leave the logs for review in your next reply .
NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.

Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.

 

[msaffa]

after downloading Malwear-bytes on install I get a warning HKEY-Current-user\Software\malwear-bytes'anti-ware
RegCreat Key failed Code 5 access is denied

 

[Bobbye]

This is my friends computer and I offered to help her get it cleaned.

Perhaps you should return it to your friend and suggest she/he take it to a shop to fix it. You committed yourself to your friend to clean the computer, then you come here to have it done. I have given you the instructions you need, but you aren't able to follow them. There is a limit to what we can do here.

 

[msaffa]

k got the software down loaded followed the rest of the instructions I hope
here are the logs

Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Database version: 6949

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

6/25/2011 3:00:18 PM
mbam-log-2011-06-25 (15-00-18).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 230831
Time elapsed: 34 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\Hotbar@Hotbar.com (Adware.Hotbar) -> Value: Hotbar@Hotbar.com -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

GMER 1.0.15.15640 - http://www.gmer.net
Rootkit quick scan 2011-06-25 15:10:05
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0 ST916031 rev.0002
Running: f2zkzdu2.exe; Driver: C:\WINDOWS\TEMP\fxaiaaod.sys


---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Tcp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Sandy at 15:11:25 on 2011-06-25
.
============== Running Processes ===============
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\TEMP.YOUR-ADIKE1WB0D\My Documents\Downloads\dds.scr
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
mRun: [LiveUpdate] c:\program files\asus\liveupdate\LiveUpdate.exe auto
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [EEESplendidAR] c:\program files\asus\epc\eeesplendid\AutoRun.exe
mRun: [AsusTray] c:\program files\eeepc\acpi\AsTray.exe
mRun: [AsusEPCMonitor] c:\program files\eeepc\acpi\AsEPCMon.exe
mRun: [AsusACPIServer] c:\program files\eeepc\acpi\AsAcpiSvr.exe
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBJAC0AQQBTAFgATgBOAC0AWAA0AFcARwBXAC0ATQA"&"inst=NwA4AC0AMgAzADAAMQAzADg"&"prod=94"&"ver=9.0.791
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {5067A26B-1337-4436-8AFE-EE169C2DA79F} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{E13197E0-C3D7-4DD1-884C-39D29C40A518} : DhcpNameServer = 192.168.1.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\temp.your-adike1wb0d\application data\mozilla\firefox\profiles\k8f0ou1b.default\
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
============= SERVICES / DRIVERS ===============
.
R? Ambfilt;Ambfilt
R? AmUStor;AM USB Stroage Driver
R? AVGIDSAgent;AVGIDSAgent
R? fsssvc;Windows Live Family Safety
R? MBAMSwissArmy;MBAMSwissArmy
R? RT80x86;Ralink 802.11n Wireless Driver
R? uvclf;uvclf
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSEH;AVGIDSEH
S? AVGIDSFilter;AVGIDSFilter
S? AVGIDSShim;AVGIDSShim
S? Avgldx86;AVG AVI Loader Driver
S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx86;AVG Anti-Rootkit Driver
S? Avgtdix;AVG TDI Driver
S? avgwd;AVG WatchDog
S? fssfltr;fssfltr
S? L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
.
=============== Created Last 30 ================
.
2011-06-25 19:23:14 -------- d-----w- c:\documents and settings\temp.your-adike1wb0d\application data\Malwarebytes
2011-06-25 19:23:02 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-06-25 19:23:00 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2011-06-25 19:22:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-06-25 18:10:04 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-25 18:10:04 -------- d-----w- c:\program files\grappy peat
2011-06-25 16:37:33 -------- d-----w- c:\documents and settings\temp.your-adike1wb0d\application data\AVG10
2011-06-25 16:36:12 -------- d--h--w- c:\documents and settings\all users\application data\Common Files
2011-06-25 16:34:46 -------- d-----w- c:\windows\system32\drivers\AVG
2011-06-25 16:34:46 -------- d-----w- c:\documents and settings\all users\application data\AVG10
2011-06-25 04:11:57 -------- d-----w- c:\documents and settings\all users\application data\MFAData
2011-06-25 02:54:24 -------- d-----w- c:\documents and settings\temp.your-adike1wb0d\application data\SUPERAntiSpyware.com
2011-06-25 02:54:24 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2011-06-24 19:09:19 -------- d-----w- c:\documents and settings\temp.your-adike1wb0d\local settings\application data\Microsoft Help
.
==================== Find3M ====================
.
2011-05-02 15:31:52 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-04-15 02:28:42 134480 ----a-w- c:\windows\system32\drivers\AVGIDSDriver.sys
2011-04-05 05:59:56 297168 ----a-w- c:\windows\system32\drivers\avgtdix.sys
.
============= FINISH: 15:12:04.89 ===============


.
==== Installed Programs ======================
.
3ivx MPEG-4 5.0.3 (remove only)
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.1
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Asus ACPI Driver
ASUS USB2.0 UVC VGA WebCam
ASUSUpdate for Eee PC
Atheros Client Installation Program
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
AVG 2011
Bonjour
CCleaner
Choice Guard
Compatibility Pack for the 2007 Office system
Data Sync
Eee Docking 1.3.6.0
EeeSplendid
EzMessenger
FlipShare
FontResizer
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Intel(R) Graphics Media Accelerator Driver
iTunes
Java(TM) 6 Update 15
Junk Mail filter update
Malwarebytes' Anti-Malware version 1.51.0.1200
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Search Enhancement Pack
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Works
Mozilla Firefox 5.0 (x86 en-US)
MSVCRT
QuickTime
Ralink RT2860 Wireless LAN Card
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2509488)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Skype web features
Skype™ 4.2
Super Hybrid Engine
Synaptics Pointing Device Driver
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB898461)
Update for Windows XP (KB942763)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951618-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
USB2.0 UVC Camera Device
WebFldrs XP
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
.
==== End Of File ===========================


Thank you so much don't give up on me,

 

[Bobbye]

Much better! Thank you. I do have a couple of questions:

Did you set this directory up or did the user?

2011-06-25 02:54:24 -------- d-----w- c:\documents and settings\temp.your-adike1wb0d\application data\SUPERAntiSpyware.com
2011-06-25 19:23:14 -------- d-----w- c:\documents and settings\temp.your-adike1wb0d\application data\Malwarebytes
2011-06-25 16:37:33 -------- d-----w- c:\documents and settings\temp.your-adike1wb0d\application data\AVG10
2011-06-24 19:09:19 -------- d-----w- c:\documents and settings\temp.your-adike1wb0d\local settings\application data\Microsoft Help

-------------------------
What is temp.your-adike1wb0d?
-------------------------
Do you know what this program is? >> 2011-06-25 18:10:04 -------- d-----w- c:\program files\grappy peat It was just installed.
---------------------------
There is no homepage or search engine set up for the browser. That should be done. I can have you run more scans, but I don't know if they will help with the problem of not being able to access the internet. If you're up to some more scans, here they are:

You will need to temporarily uninstall AVG to run Combofix. Use the following for that:
Download AppRemover and save to the desktop

1. Double click the setup on the desktop> click Next
2. Select “Remove Security Application”
3. Let scan finish to determine security apps
4. A screen like below will appear:
   
   
5. Click on Next after choice has been made
6. Check the AVG program you want to uninstall
7. After uninstall shows complete, follow online prompts to Exit the program.

Temporary AV: Use one:
Avira-AntiVir-Personal-Free-Antivirus
Avast Free Version
=============================
You won't be able to update Combofix or install the Registry Console without an internet connection- so update when you put it on the flash drive.
Please note: If you have Combofix on the desktop already, please uninstall it. Then download the current version and do the scan: Uninstall directions, if needed

• Click START> then RUN
• Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.

--------------------------------------
Download Combofix from HERE or HEREhttp://www.forospyware.com/sUBs/ComboFix.exe and save to the desktop

• Double click combofix.exe & follow the prompts.
• ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
  **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
• Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
  
  
• .Click on Yes, to continue scanning for malware
• .If Combofix asks you to update the program, allow
• .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
• .Close any open browsers.
• .Double click combofix.exe
  
  & follow the prompts to run.
• When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..

Re-enable your Antivirus software.

Note 1:Do not mouse-click Combofix's window while it is running. That may cause it to stall.
Note 2: ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
Note 3: Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
Note 4: CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
Note 5: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion", restart computer to fix the issue.
=================================
We'll see how this goes. I might ask for some specific browser information later, because there is a god chance it isn't set up right and that's causing the problem.

 

[msaffa]

Thank you so much. I am back to the point of not being able to get back on the internet. Crabby peat is just renaming Hijackthis I did it just before getting on with you. read somewhere. I don't know what What is temp.your-adike1wb0d. I am going to try and get it back up on the internet and run the scans, unless you have something else That you think I need to do. After running the scans I will get back to you. Thank you

Neither of us added these
2011-06-25 02:54:24 -------- d-----w- c:\documents and settings\temp.your-adike1wb0d\application data\SUPERAntiSpyware.com
2011-06-25 19:23:14 -------- d-----w- c:\documents and settings\temp.your-adike1wb0d\application data\Malwarebytes
2011-06-25 16:37:33 -------- d-----w- c:\documents and settings\temp.your-adike1wb0d\application data\AVG10
2011-06-24 19:09:19 -------- d-----w- c:\documents and settings\temp.your-adike1wb0d\local settings\application data\Microsoft Help

 

[Bobbye]

The programs in the above 'mystery' entries, but but the entries themselves are not 'normal.' I can remove them after you run Combofix.

You can go ahead and uninstall HijackThis- it's an outdated version. And delete the log.

Do what you can- but keep in mind what I've said. I don't think the computer settings are configured correctly. So whether you scan or no, whether we remove malware or not, the system may still not work.

 

[Bobbye]

If I don't get a reply from you in 5 days, the thread will be closed. If your problem persist, you can send a PM to reopen it.