Solved Possible Virus,no longer have access to Internet

[Broni]

Before I review your OTL logs, I want you to run Combofix fix.
Apparently, you have tdx.sys file missing from C:\Windows\System32\drivers folder, so we'll try to put it there...

1. Please open Notepad

• Click Start , then Run
• Type notepad .exe in the Run Box
• Click OK

Windows Vista/7 users: click Start, in "Start search" type notepad and press Enter.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

FCopy::
C:\Windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys | C:\Windows\System32\drivers\tdx.sys

3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:

• Combofix.txt

When Combofix is done, re-run same commands as you did in your reply #18 and let me know, if all of them went through this time.

If they did, check your internet connection.

 

[JBEEZY]

Combofix is running now but as it completed stage 2 a popup box appeared saying 'invalid window handle' with only option to click ok?

 

[Broni]

Click OK and in case of any further opp-ups.

 

[JBEEZY]

After combofix finished a box popped up 'The recycle bin on c:\ is corrupted. Do you want to empty the recycle bin on this drive? Yes / No

 

[Broni]

Yes..........

 

[JBEEZY]

Combofix Log Report

ComboFix 11-06-13.01 - RaeJae 14/06/2011 15:55:46.3.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.2037.1106 [GMT 12:00]
Running from: c:\users\RaeJae\Desktop\ComboFix.exe
Command switches used :: F:\cfscript.txt
AV: avast! Antivirus *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2011-05-14 to 2011-06-14 )))))))))))))))))))))))))))))))
.
.
2011-06-14 04:07 . 2011-06-14 04:07 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-06-14 04:07 . 2011-06-14 04:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-14 04:07 . 2011-06-14 04:07 -------- d-----w- c:\users\ChaKotAshWai\AppData\Local\temp
2011-06-12 02:52 . 2011-06-12 02:52 -------- d-----w- c:\programdata\Evonsoft
2011-06-12 02:52 . 2011-06-12 03:06 -------- d-----w- c:\program files\Advanced System Restore
2011-06-07 06:40 . 2011-06-07 06:40 -------- d-----w- c:\users\RaeJae\DoctorWeb
2011-06-06 09:55 . 2011-06-06 09:55 -------- d-----w- c:\users\RaeJae\AppData\Roaming\IK Multimedia
2011-06-06 08:50 . 2010-12-21 23:33 9078960 ----a-w- c:\windows\system32\mkl_p4p.dll
2011-06-06 08:50 . 2010-12-21 23:33 9033904 ----a-w- c:\windows\system32\mkl_p4m3.dll
2011-06-06 08:50 . 2010-12-21 23:33 9410736 ----a-w- c:\windows\system32\mkl_p4m.dll
2011-06-06 08:50 . 2010-12-21 23:33 9210032 ----a-w- c:\windows\system32\mkl_p4.dll
2011-06-06 08:50 . 2010-12-21 23:33 6944944 ----a-w- c:\windows\system32\mkl_core.dll
2011-06-06 08:50 . 2010-12-21 23:33 3868848 ----a-w- c:\windows\system32\mkl_intel_thread.dll
2011-06-06 08:50 . 2010-12-21 23:33 530608 ----a-w- c:\windows\system32\libiomp5md.dll
2011-06-06 08:50 . 2011-03-22 23:57 499712 ----a-w- c:\windows\msvcp71.dll
2011-06-06 08:50 . 2011-03-22 23:57 348160 ----a-w- c:\windows\msvcr71.dll
2011-06-05 11:40 . 2011-06-05 11:41 -------- d-----w- c:\program files\Waves
2011-06-01 06:02 . 2011-06-01 06:02 -------- d-----w- c:\program files\DVD-Ranger 3.5.1.3
2011-06-01 03:38 . 2011-06-01 03:38 -------- d-----w- c:\program files\PSPaudioware
2011-05-31 20:57 . 2011-05-31 20:57 -------- d-----w- c:\program files\iPod
2011-05-31 20:57 . 2011-05-31 20:58 -------- d-----w- c:\program files\iTunes
2011-05-31 20:54 . 2011-05-31 20:54 -------- d-----w- c:\program files\Bonjour
2011-05-28 13:28 . 2011-05-28 13:28 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Image-Line
2011-05-27 05:37 . 2011-05-27 05:37 -------- d-----w- c:\users\RaeJae\AppData\Local\ODUI
2011-05-27 05:37 . 2011-05-27 05:37 -------- d-----w- c:\users\RaeJae\AppData\Local\Stardock
2011-05-27 05:36 . 2011-05-27 05:36 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Stardock
2011-05-27 05:36 . 2011-05-27 05:36 -------- dc-h--w- c:\programdata\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
2011-05-27 05:35 . 2011-05-27 05:35 -------- d-----w- c:\program files\Stardock
2011-05-27 05:34 . 2011-05-27 05:34 -------- d-----w- c:\users\RaeJae\AppData\Local\PackageAware
2011-05-27 02:16 . 2011-05-27 14:32 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Rainmeter
2011-05-27 02:16 . 2011-05-27 02:16 -------- d-----w- c:\program files\Rainmeter
2011-05-26 12:18 . 2011-05-26 12:18 -------- d-----w- c:\users\RaeJae\AppData\Roaming\OpenCandy
2011-05-26 12:18 . 2011-05-27 22:52 -------- d-----w- c:\program files\Dexpot
2011-05-24 15:13 . 2011-05-24 15:13 -------- d-----w- c:\users\RaeJae\AppData\Local\{36552D91-434C-4AA4-9D2D-FE3DDF1ED87B}
2011-05-24 02:33 . 2011-05-24 02:35 -------- d-----w- c:\programdata\DShield
2011-05-24 02:33 . 2011-05-24 06:03 -------- d-----w- c:\programdata\DVDRanger
2011-05-24 02:33 . 2011-05-24 02:48 -------- d-----w- C:\DVDRanger
2011-05-24 02:33 . 2011-05-24 02:33 -------- d-----w- c:\program files\Pixbyte
2011-05-23 09:41 . 2009-06-07 04:25 77824 ----a-w- c:\windows\system32\xvid.ax
2011-05-23 09:41 . 2009-06-07 04:16 819200 ----a-w- c:\windows\system32\xvidcore.dll
2011-05-23 09:41 . 2011-05-23 09:41 -------- d-----w- c:\program files\Xvid
2011-05-23 09:41 . 2009-06-07 04:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2011-05-18 14:38 . 2011-05-18 14:38 -------- d-----w- c:\program files\TweetDeck
2011-05-16 20:26 . 2011-05-17 08:27 -------- d-----w- c:\users\RaeJae\AppData\Local\{F9AB3098-395D-4FA9-A88C-4AC376788CC7}
2011-05-16 09:49 . 2011-05-16 09:49 53248 ----a-r- c:\users\RaeJae\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-05-16 02:49 . 2011-05-16 02:49 -------- d-----w- c:\program files\Mozilla Aurora
2011-05-16 01:59 . 2011-04-28 18:01 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-05-16 01:59 . 2011-04-28 18:01 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-05-16 01:59 . 2011-04-28 18:01 2145240 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-05-16 01:59 . 2011-04-28 18:01 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-05-16 01:59 . 2011-04-28 18:01 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-05-16 01:59 . 2011-04-28 18:01 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-05-16 01:59 . 2010-01-01 08:00 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-05-16 01:59 . 2010-01-01 08:00 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-05-16 01:50 . 2011-05-16 01:50 -------- d-----w- c:\users\RaeJae\AppData\Local\{C158D9E0-ABB3-42B1-8078-AA80D9C5B99C}
2011-05-16 00:34 . 2011-05-16 00:34 -------- d-----w- c:\users\RaeJae\AppData\Local\{2A479319-42E2-45B4-9F29-3422EDDDDDA7}
2011-05-15 16:58 . 2011-05-15 16:58 -------- d-----w- c:\users\RaeJae\AppData\Local\112dB
2011-05-15 16:57 . 2011-05-15 16:57 -------- dc-h--w- c:\programdata\{2EF924FC-80B9-43E9-BB00-5E4F302749D2}
2011-05-15 13:27 . 2011-04-09 05:56 123904 ----a-w- c:\windows\system32\poqexec.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-28 21:11 . 2011-04-20 06:23 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-28 21:11 . 2011-04-20 06:23 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-24 02:20 . 2011-04-23 03:39 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 12:10 . 2011-04-21 06:38 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-21 06:38 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:03 . 2011-04-21 06:38 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2011-04-21 06:38 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-21 06:38 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-21 06:38 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-21 06:38 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-21 06:38 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-24 14:51 . 2011-04-22 01:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-23 04:43 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-04-23 04:35 . 2011-04-23 04:35 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-23 04:35 . 2011-04-23 04:35 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-23 04:35 . 2011-04-23 04:35 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-23 04:35 . 2011-04-23 04:35 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-23 04:35 . 2011-04-23 04:35 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-23 04:35 . 2011-04-23 04:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-23 04:35 . 2011-04-23 04:35 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-23 04:35 . 2011-04-23 04:35 367104 ----a-w- c:\windows\system32\html.iec
2011-04-23 04:35 . 2011-04-23 04:35 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-23 04:35 . 2011-04-23 04:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-23 04:35 . 2011-04-23 04:35 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-23 04:35 . 2011-04-23 04:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-23 04:35 . 2011-04-23 04:35 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-23 04:35 . 2011-04-23 04:35 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-23 04:35 . 2011-04-23 04:35 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-23 04:35 . 2011-04-23 04:35 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-23 04:35 . 2011-04-23 04:35 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-23 04:35 . 2011-04-23 04:35 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-23 04:35 . 2011-04-23 04:35 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-23 04:35 . 2011-04-23 04:35 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-23 04:35 . 2011-04-23 04:35 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-19 06:45 . 2011-04-19 06:45 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-04-09 06:02 . 2011-05-12 07:29 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-12 07:29 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-06 04:20 . 2011-04-06 04:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 04:20 . 2011-04-06 04:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 04:13 . 2011-04-06 04:13 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-03-31 17:11 . 2011-03-31 17:11 4333280 ----a-w- c:\windows\system32\drivers\lvuvc.sys
2011-03-31 17:10 . 2011-03-31 17:10 539232 ----a-w- c:\windows\system32\LVUI2RC.dll
2011-03-31 17:10 . 2011-03-31 17:10 543328 ----a-w- c:\windows\system32\LVUI2.dll
2011-03-31 17:09 . 2011-03-31 17:09 291424 ----a-w- c:\windows\system32\drivers\lvrs.sys
2011-03-31 17:08 . 2011-03-31 17:08 195168 ----a-w- c:\windows\system32\lvci13251014.dll
2011-03-31 17:08 . 2011-03-31 17:08 301664 ----a-w- c:\windows\system32\lvcodec2.dll
2011-03-31 17:07 . 2011-03-31 17:07 10877272 ----a-w- c:\windows\system32\LogiDPP.dll
2011-03-31 17:07 . 2011-03-31 17:07 102744 ----a-w- c:\windows\system32\LogiDPPApp.exe
2011-03-31 17:06 . 2011-03-31 17:06 331608 ----a-w- c:\windows\system32\DevManagerCore.dll
2011-03-31 16:56 . 2011-03-31 16:56 39318 ----a-w- c:\windows\system32\Repository.reg
2011-03-25 02:58 . 2011-05-12 07:29 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-03-25 02:58 . 2011-05-12 07:29 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-03-25 02:58 . 2011-05-12 07:29 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-03-25 02:57 . 2011-05-12 07:29 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-03-25 02:57 . 2011-05-12 07:29 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-03-25 02:57 . 2011-05-12 07:29 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-03-22 11:58 . 2011-03-22 11:58 14168 ----a-w- c:\windows\system32\drivers\iKeyLFT2.dll
2011-03-21 22:40 . 2010-06-23 22:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-28 18:01 . 2011-05-16 01:59 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2011-01-17 14:54 175912 ----a-w- c:\program files\Freecorder\prxtbFre0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-10 02:51 3906656 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnVir Task Manager Free"="c:\program files\AnVir Task Manager Free\AnVir.exe" [2009-03-09 1563360]
"HPADVISOR"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-29 1689144]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2011-05-25 2301752]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
"YouSendIt.exe"="c:\program files\YouSendIt\Express\YouSendIt.exe" [2011-05-02 198144]
"Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"Dexpot"="c:\program files\Dexpot\dexpot.exe" [2011-05-27 1290240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-03 75016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"hpsysdrv"="c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" [2009-02-02 210216]
"KBD"="c:\program files\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-14 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-14 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-14 150552]
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2009-11-15 158752]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2009-09-26 83312]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-11 202256]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2009-11-09 643592]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Malwarebytes' Anti-Malware (reboot)"="c:\users\RaeJae\Desktop\All Folders\JB\Maintenance Tools\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-28 1047656]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
.
c:\users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files\Logitech\Ereg\eReg.exe [2009-11-16 517384]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-5-23 103424]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDockFree\ObjectDock.exe [2010-10-7 3768176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NCProTray.lnk - c:\program files\SEC\Natural Color Pro\NCProTray.exe [2010-1-9 49220]
NetComm Wireless Utility.lnk - c:\program files\NetComm\Common\RaUI.exe [2011-3-23 1830912]
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\program files\Stardock\ObjectDockFree\ODMenu.dll" [2010-10-04 511344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=KORGUMDD.DRV
"midi7"=KORGUMDD.DRV
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
2010-03-04 19:25 2815488 ----a-w- c:\program files\DAP\DAP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-11-09 13:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
R3 GTLJ;GTLJ;c:\users\RaeJae\AppData\Local\Temp\GTLJ.exe [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
R3 HCH;HCH;c:\users\RaeJae\AppData\Local\Temp\HCH.exe [x]
R3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\Drivers\KORGUMDS.SYS [2007-03-28 21984]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-25 4639136]
R3 OXYGEN;Service for M-Audio Oxygen;c:\windows\system32\DRIVERS\MAudioOxygen.sys [2010-03-03 112136]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 RE;RE;c:\users\RaeJae\AppData\Local\Temp\RE.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-02 1343400]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [2009-11-09 158600]
S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-04-28 724992]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 11:00]
.
2011-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 11:00]
.
2011-06-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000Core.job
- c:\users\RaeJae\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 02:30]
.
2011-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000UA.job
- c:\users\RaeJae\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 02:30]
.
2011-05-27 c:\windows\Tasks\HPCeeScheduleForRaeJae.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2009-05-04 08:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.nz/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_nz&c=93&bd=Presario&pf=cndt
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: &Envoyer à OneNote - /105
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2660)
c:\program files\Stardock\ObjectDockFree\DockShellHook.dll
c:\program files\AnVir Task Manager Free\AnvirHook55.dll
c:\program files\Dexpot\hooxpot.dll
c:\users\RaeJae\AppData\Local\FLVService\lib\FLVSrvLib.dll
c:\program files\Stardock\ObjectDockFree\ODMenu.dll
.
Completion time: 2011-06-14 16:09:12
ComboFix-quarantined-files.txt 2011-06-14 04:09
ComboFix2.txt 2011-06-13 21:04
.
Pre-Run: 157,888,204,800 bytes free
Post-Run: 157,819,756,544 bytes free
.
- - End Of File - - E4B84B26D83FE0EA5B174D7F7101556A

 

[JBEEZY]

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>NET START NSI
The requested service has already been started.

More help is available by typing NET HELPMSG 2182.


C:\Windows\system32>NET START TDX
The service name is invalid.

More help is available by typing NET HELPMSG 2185.


C:\Windows\system32>NET START AFD
The requested service has already been started.

More help is available by typing NET HELPMSG 2182.


C:\Windows\system32>NET START DHCP
System error 1075 has occurred.

The dependency service does not exist or has been marked for deletion.


C:\Windows\system32>

 

[JBEEZY]

Still no internet connection and everything I click on (Folder,MP3) comes up with an error saying 'Illegal operation attempted on a registry key that has been marked for deletion.'

 

[Broni]

First of all, you didn't run my script in Combofix, so it couldn't work.

Please, re-read my reply #26 and do it correctly.

 

[JBEEZY]

It wont work cause it keeps popping up that error in my previous post (Illegal operation attempted on a registry key that has been marked for deletion)

 

[Broni]

Restart computer to make that error go away.

 

[JBEEZY]

Copied and dragged into Combofix as you suggested,this is the Log Report

ComboFix 11-06-13.01 - RaeJae 15/06/2011 8:36.4.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.2037.913 [GMT 12:00]
Running from: c:\users\RaeJae\Desktop\ComboFix.exe
Command switches used :: c:\users\RaeJae\Desktop\CFScript,txt.txt
AV: avast! Antivirus *Disabled/Outdated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Outdated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
--------------- FCopy ---------------
.
c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7600.16385_none_ea141e6f3d693e28\tdx.sys --> c:\windows\System32\drivers\tdx.sys
.
((((((((((((((((((((((((( Files Created from 2011-05-14 to 2011-06-14 )))))))))))))))))))))))))))))))
.
.
2011-06-14 20:49 . 2011-06-14 20:49 -------- d-----w- c:\users\Public\AppData\Local\temp
2011-06-14 20:49 . 2011-06-14 20:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-06-14 20:49 . 2011-06-14 20:49 -------- d-----w- c:\users\ChaKotAshWai\AppData\Local\temp
2011-06-14 20:36 . 2009-07-13 23:12 74240 ----a-w- c:\windows\system32\drivers\tdx.sys
2011-06-12 02:52 . 2011-06-12 02:52 -------- d-----w- c:\programdata\Evonsoft
2011-06-12 02:52 . 2011-06-12 03:06 -------- d-----w- c:\program files\Advanced System Restore
2011-06-07 06:40 . 2011-06-07 06:40 -------- d-----w- c:\users\RaeJae\DoctorWeb
2011-06-06 09:55 . 2011-06-06 09:55 -------- d-----w- c:\users\RaeJae\AppData\Roaming\IK Multimedia
2011-06-06 08:50 . 2010-12-21 23:33 9078960 ----a-w- c:\windows\system32\mkl_p4p.dll
2011-06-06 08:50 . 2010-12-21 23:33 9033904 ----a-w- c:\windows\system32\mkl_p4m3.dll
2011-06-06 08:50 . 2010-12-21 23:33 9410736 ----a-w- c:\windows\system32\mkl_p4m.dll
2011-06-06 08:50 . 2010-12-21 23:33 9210032 ----a-w- c:\windows\system32\mkl_p4.dll
2011-06-06 08:50 . 2010-12-21 23:33 6944944 ----a-w- c:\windows\system32\mkl_core.dll
2011-06-06 08:50 . 2010-12-21 23:33 3868848 ----a-w- c:\windows\system32\mkl_intel_thread.dll
2011-06-06 08:50 . 2010-12-21 23:33 530608 ----a-w- c:\windows\system32\libiomp5md.dll
2011-06-06 08:50 . 2011-03-22 23:57 499712 ----a-w- c:\windows\msvcp71.dll
2011-06-06 08:50 . 2011-03-22 23:57 348160 ----a-w- c:\windows\msvcr71.dll
2011-06-05 11:40 . 2011-06-05 11:41 -------- d-----w- c:\program files\Waves
2011-06-01 06:02 . 2011-06-01 06:02 -------- d-----w- c:\program files\DVD-Ranger 3.5.1.3
2011-06-01 03:38 . 2011-06-01 03:38 -------- d-----w- c:\program files\PSPaudioware
2011-05-31 20:57 . 2011-05-31 20:57 -------- d-----w- c:\program files\iPod
2011-05-31 20:57 . 2011-05-31 20:58 -------- d-----w- c:\program files\iTunes
2011-05-31 20:54 . 2011-05-31 20:54 -------- d-----w- c:\program files\Bonjour
2011-05-28 13:28 . 2011-05-28 13:28 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Image-Line
2011-05-27 05:37 . 2011-05-27 05:37 -------- d-----w- c:\users\RaeJae\AppData\Local\ODUI
2011-05-27 05:37 . 2011-05-27 05:37 -------- d-----w- c:\users\RaeJae\AppData\Local\Stardock
2011-05-27 05:36 . 2011-05-27 05:36 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Stardock
2011-05-27 05:36 . 2011-05-27 05:36 -------- dc-h--w- c:\programdata\{5486EA6B-AF91-4B4B-868E-F80AB4BCD83A}
2011-05-27 05:35 . 2011-05-27 05:35 -------- d-----w- c:\program files\Stardock
2011-05-27 05:34 . 2011-05-27 05:34 -------- d-----w- c:\users\RaeJae\AppData\Local\PackageAware
2011-05-27 02:16 . 2011-05-27 14:32 -------- d-----w- c:\users\RaeJae\AppData\Roaming\Rainmeter
2011-05-27 02:16 . 2011-05-27 02:16 -------- d-----w- c:\program files\Rainmeter
2011-05-26 12:18 . 2011-05-26 12:18 -------- d-----w- c:\users\RaeJae\AppData\Roaming\OpenCandy
2011-05-26 12:18 . 2011-05-27 22:52 -------- d-----w- c:\program files\Dexpot
2011-05-24 15:13 . 2011-05-24 15:13 -------- d-----w- c:\users\RaeJae\AppData\Local\{36552D91-434C-4AA4-9D2D-FE3DDF1ED87B}
2011-05-24 02:33 . 2011-05-24 02:35 -------- d-----w- c:\programdata\DShield
2011-05-24 02:33 . 2011-05-24 06:03 -------- d-----w- c:\programdata\DVDRanger
2011-05-24 02:33 . 2011-05-24 02:48 -------- d-----w- C:\DVDRanger
2011-05-24 02:33 . 2011-05-24 02:33 -------- d-----w- c:\program files\Pixbyte
2011-05-23 09:41 . 2009-06-07 04:25 77824 ----a-w- c:\windows\system32\xvid.ax
2011-05-23 09:41 . 2009-06-07 04:16 819200 ----a-w- c:\windows\system32\xvidcore.dll
2011-05-23 09:41 . 2011-05-23 09:41 -------- d-----w- c:\program files\Xvid
2011-05-23 09:41 . 2009-06-07 04:24 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2011-05-18 14:38 . 2011-05-18 14:38 -------- d-----w- c:\program files\TweetDeck
2011-05-16 20:26 . 2011-05-17 08:27 -------- d-----w- c:\users\RaeJae\AppData\Local\{F9AB3098-395D-4FA9-A88C-4AC376788CC7}
2011-05-16 09:49 . 2011-05-16 09:49 53248 ----a-r- c:\users\RaeJae\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-05-16 02:49 . 2011-05-16 02:49 -------- d-----w- c:\program files\Mozilla Aurora
2011-05-16 01:59 . 2011-04-28 18:01 142296 ----a-w- c:\program files\Mozilla Firefox\components\browsercomps.dll
2011-05-16 01:59 . 2011-04-28 18:01 781272 ----a-w- c:\program files\Mozilla Firefox\mozsqlite3.dll
2011-05-16 01:59 . 2011-04-28 18:01 2145240 ----a-w- c:\program files\Mozilla Firefox\mozjs.dll
2011-05-16 01:59 . 2011-04-28 18:01 465880 ----a-w- c:\program files\Mozilla Firefox\libGLESv2.dll
2011-05-16 01:59 . 2011-04-28 18:01 15832 ----a-w- c:\program files\Mozilla Firefox\mozalloc.dll
2011-05-16 01:59 . 2011-04-28 18:01 89048 ----a-w- c:\program files\Mozilla Firefox\libEGL.dll
2011-05-16 01:59 . 2010-01-01 08:00 1974616 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_42.dll
2011-05-16 01:59 . 2010-01-01 08:00 1892184 ----a-w- c:\program files\Mozilla Firefox\d3dx9_42.dll
2011-05-16 01:50 . 2011-05-16 01:50 -------- d-----w- c:\users\RaeJae\AppData\Local\{C158D9E0-ABB3-42B1-8078-AA80D9C5B99C}
2011-05-16 00:34 . 2011-05-16 00:34 -------- d-----w- c:\users\RaeJae\AppData\Local\{2A479319-42E2-45B4-9F29-3422EDDDDDA7}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-28 21:11 . 2011-04-20 06:23 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-05-28 21:11 . 2011-04-20 06:23 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-05-24 02:20 . 2011-04-23 03:39 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-05-10 12:10 . 2011-04-21 06:38 40112 ----a-w- c:\windows\avastSS.scr
2011-05-10 12:10 . 2011-04-21 06:38 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-05-10 12:03 . 2011-04-21 06:38 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-05-10 12:03 . 2011-04-21 06:38 307928 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-05-10 12:02 . 2011-04-21 06:38 49240 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-05-10 11:59 . 2011-04-21 06:38 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-05-10 11:59 . 2011-04-21 06:38 53592 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-05-10 11:59 . 2011-04-21 06:38 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-04-24 14:51 . 2011-04-22 01:43 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-23 04:43 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-04-23 04:35 . 2011-04-23 04:35 86528 ----a-w- c:\windows\system32\iesysprep.dll
2011-04-23 04:35 . 2011-04-23 04:35 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2011-04-23 04:35 . 2011-04-23 04:35 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2011-04-23 04:35 . 2011-04-23 04:35 74752 ----a-w- c:\windows\system32\iesetup.dll
2011-04-23 04:35 . 2011-04-23 04:35 63488 ----a-w- c:\windows\system32\tdc.ocx
2011-04-23 04:35 . 2011-04-23 04:35 48640 ----a-w- c:\windows\system32\mshtmler.dll
2011-04-23 04:35 . 2011-04-23 04:35 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-04-23 04:35 . 2011-04-23 04:35 367104 ----a-w- c:\windows\system32\html.iec
2011-04-23 04:35 . 2011-04-23 04:35 35840 ----a-w- c:\windows\system32\imgutil.dll
2011-04-23 04:35 . 2011-04-23 04:35 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-04-23 04:35 . 2011-04-23 04:35 23552 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-23 04:35 . 2011-04-23 04:35 1797632 ----a-w- c:\windows\system32\jscript9.dll
2011-04-23 04:35 . 2011-04-23 04:35 161792 ----a-w- c:\windows\system32\msls31.dll
2011-04-23 04:35 . 2011-04-23 04:35 152064 ----a-w- c:\windows\system32\wextract.exe
2011-04-23 04:35 . 2011-04-23 04:35 150528 ----a-w- c:\windows\system32\iexpress.exe
2011-04-23 04:35 . 2011-04-23 04:35 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2011-04-23 04:35 . 2011-04-23 04:35 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-04-23 04:35 . 2011-04-23 04:35 11776 ----a-w- c:\windows\system32\mshta.exe
2011-04-23 04:35 . 2011-04-23 04:35 1126912 ----a-w- c:\windows\system32\wininet.dll
2011-04-23 04:35 . 2011-04-23 04:35 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2011-04-23 04:35 . 2011-04-23 04:35 101888 ----a-w- c:\windows\system32\admparse.dll
2011-04-19 06:45 . 2011-04-19 06:45 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin
2011-04-09 06:02 . 2011-05-12 07:29 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-12 07:29 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-04-09 05:56 . 2011-05-15 13:27 123904 ----a-w- c:\windows\system32\poqexec.exe
2011-04-06 04:20 . 2011-04-06 04:20 91424 ----a-w- c:\windows\system32\dnssd.dll
2011-04-06 04:20 . 2011-04-06 04:20 107808 ----a-w- c:\windows\system32\dns-sd.exe
2011-04-06 04:13 . 2011-04-06 04:13 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-03-31 17:11 . 2011-03-31 17:11 4333280 ----a-w- c:\windows\system32\drivers\lvuvc.sys
2011-03-31 17:10 . 2011-03-31 17:10 539232 ----a-w- c:\windows\system32\LVUI2RC.dll
2011-03-31 17:10 . 2011-03-31 17:10 543328 ----a-w- c:\windows\system32\LVUI2.dll
2011-03-31 17:09 . 2011-03-31 17:09 291424 ----a-w- c:\windows\system32\drivers\lvrs.sys
2011-03-31 17:08 . 2011-03-31 17:08 195168 ----a-w- c:\windows\system32\lvci13251014.dll
2011-03-31 17:08 . 2011-03-31 17:08 301664 ----a-w- c:\windows\system32\lvcodec2.dll
2011-03-31 17:07 . 2011-03-31 17:07 10877272 ----a-w- c:\windows\system32\LogiDPP.dll
2011-03-31 17:07 . 2011-03-31 17:07 102744 ----a-w- c:\windows\system32\LogiDPPApp.exe
2011-03-31 17:06 . 2011-03-31 17:06 331608 ----a-w- c:\windows\system32\DevManagerCore.dll
2011-03-31 16:56 . 2011-03-31 16:56 39318 ----a-w- c:\windows\system32\Repository.reg
2011-03-25 02:58 . 2011-05-12 07:29 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-03-25 02:58 . 2011-05-12 07:29 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-03-25 02:58 . 2011-05-12 07:29 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-03-25 02:57 . 2011-05-12 07:29 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-03-25 02:57 . 2011-05-12 07:29 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-03-25 02:57 . 2011-05-12 07:29 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-03-22 11:58 . 2011-03-22 11:58 14168 ----a-w- c:\windows\system32\drivers\iKeyLFT2.dll
2011-03-21 22:40 . 2010-06-23 22:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-28 18:01 . 2011-05-16 01:59 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
2011-01-17 14:54 175912 ----a-w- c:\program files\Freecorder\prxtbFre0.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-10 02:51 3906656 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FF6C3CF0-4B15-11D1-ABED-709549C10000}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\prxtbFre0.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
.
[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-05-10 12:10 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnVir Task Manager Free"="c:\program files\AnVir Task Manager Free\AnVir.exe" [2009-03-09 1563360]
"HPADVISOR"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2010-06-29 1689144]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2011-05-25 2301752]
"FileHippo.com"="c:\program files\FileHippo.com\UpdateChecker.exe" [2010-08-09 248832]
"YouSendIt.exe"="c:\program files\YouSendIt\Express\YouSendIt.exe" [2011-05-02 198144]
"Logitech Vid"="c:\program files\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"Dexpot"="c:\program files\Dexpot\dexpot.exe" [2011-05-27 1290240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-12-14 47904]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-12-03 75016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"hpsysdrv"="c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-12-03 218408]
"UpdatePSTShortCut"="c:\program files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" [2009-02-02 210216]
"KBD"="c:\program files\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-14 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-14 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-14 150552]
"Freecorder FLV Service"="c:\program files\Freecorder\FLVSrvc.exe" [2009-11-15 158752]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2009-09-26 83312]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2010-03-11 202256]
"M-Audio Taskbar Icon"="c:\windows\system32\M-AudioTaskBarIcon.exe" [2009-11-09 643592]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-01 190808]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Malwarebytes' Anti-Malware (reboot)"="c:\users\RaeJae\Desktop\All Folders\JB\Maintenance Tools\Malwarebytes' Anti-Malware\mbam.exe" [2011-05-28 1047656]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-04-26 421160]
.
c:\users\RaeJae\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files\Logitech\Ereg\eReg.exe [2009-11-16 517384]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2011-5-23 103424]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDockFree\ObjectDock.exe [2010-10-7 3768176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NCProTray.lnk - c:\program files\SEC\Natural Color Pro\NCProTray.exe [2010-1-9 49220]
NetComm Wireless Utility.lnk - c:\program files\NetComm\Common\RaUI.exe [2011-3-23 1830912]
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-4-19 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984D045-52CF-49cd-DB77-08F378FEA4DB}"= "c:\program files\Stardock\ObjectDockFree\ODMenu.dll" [2010-10-04 511344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi1"=KORGUMDD.DRV
"midi7"=KORGUMDD.DRV
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]
2010-03-04 19:25 2815488 ----a-w- c:\program files\DAP\DAP.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-11-09 13:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
R3 GTLJ;GTLJ;c:\users\RaeJae\AppData\Local\Temp\GTLJ.exe [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 135664]
R3 HCH;HCH;c:\users\RaeJae\AppData\Local\Temp\HCH.exe [x]
R3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\Drivers\KORGUMDS.SYS [2007-03-28 21984]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-09-25 4639136]
R3 OXYGEN;Service for M-Audio Oxygen;c:\windows\system32\DRIVERS\MAudioOxygen.sys [2010-03-03 112136]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 RE;RE;c:\users\RaeJae\AppData\Local\Temp\RE.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-03-02 1343400]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-05-10 53592]
S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys [2009-11-09 158600]
S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2009-04-28 724992]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
.
.
Contents of the 'Scheduled Tasks' folder
.
2011-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 11:00]
.
2011-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-09 11:00]
.
2011-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000Core.job
- c:\users\RaeJae\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 02:30]
.
2011-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-677347413-2995805031-2245204369-1000UA.job
- c:\users\RaeJae\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-29 02:30]
.
2011-05-27 c:\windows\Tasks\HPCeeScheduleForRaeJae.job
- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2009-05-04 08:17]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.nz/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_nz&c=93&bd=Presario&pf=cndt
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: &Envoyer à OneNote - /105
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-677347413-2995805031-2245204369-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5564)
c:\program files\Stardock\ObjectDockFree\DockShellHook.dll
c:\program files\AnVir Task Manager Free\AnvirHook55.dll
c:\program files\Dexpot\hooxpot.dll
c:\users\RaeJae\AppData\Local\FLVService\lib\FLVSrvLib.dll
c:\program files\Stardock\ObjectDockFree\ODMenu.dll
.
Completion time: 2011-06-15 08:51:41
ComboFix-quarantined-files.txt 2011-06-14 20:51
ComboFix2.txt 2011-06-14 04:09
ComboFix3.txt 2011-06-13 21:04
.
Pre-Run: 157,830,139,904 bytes free
Post-Run: 157,780,922,368 bytes free
.
- - End Of File - - FD1984AF1F07646D73A2932BC566B3DE

 

[Broni]

Now, it's corect.
See, if you can run those commands (your post #18) now without any errors.

 

[JBEEZY]

Got this message again

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>NET START NSI
The requested service has already been started.

More help is available by typing NET HELPMSG 2182.


C:\Windows\system32>NET START TDX
The service name is invalid.

More help is available by typing NET HELPMSG 2185.


C:\Windows\system32>NET START AFD
The requested service has already been started.

More help is available by typing NET HELPMSG 2182.


C:\Windows\system32>NET START DHCP
System error 1075 has occurred.

The dependency service does not exist or has been marked for deletion.


C:\Windows\system32>

 

[Broni]

Please, restart computer and try again.

 

[JBEEZY]

Restarted computer and still no luck.

Still have the little yellow triangle over the internet wireless icon/bars and still says 'connected' with no internet access.

 

[Broni]

No, after restarting, please re-run same commands and post new results.

 

[JBEEZY]

Re-ran same commands and got the same outcome as the 2 previous times. Thank you for helping me through this. What shall I do now?

 

[Broni]

Go Start>Run ("Start Search" in Vista/7), type in:
sfc /scannow
Click OK (hold CTRL, and SHIFT, hit Enter in Vista/7).
Have Windows CD/DVD handy (with Vista/7, most likely, you won't need it).
If System File Checker (sfc) will find any errors, it may ask you for the CD/DVD (rarely in Vista/7 case).

 

[JBEEZY]

Nothing happens,a black box pops up for a split second and disappears. I tried start/run and start/search and both do same thing. Does that mean it's running or failing to run?

 

[Broni]

No, it's that fast in Windows 7.
Hold on....

 

[Broni]

Let's try some basic steps...

Make sure, your computer is set to obtain IP address automatically.
1. Go Start>Settings>Control Panel (Vista/7 users: Start>Control Panel)
2. Double click Network Connections (Vista/7 users: Network and Sharing Center)
3. Vista/7 users - From the list of tasks on the left, click Manage network connections.
4. For a wired network connection, right-click Local Area Connection, and then select Properties.
For a wireless network connection, right-click Wireless Network Connection, and then select Properties.
5. From the General tab (Vista/7 users: Networking tab), click Internet Protocol (TCP/IP), make sure it is checked, and then click Properties
6. Click Obtain an IP Address Automatically, and then click OK.

If that doesn't work...
Turn off computer. Disconnect router, and modem from power source for 1 minute. At the same time disconnect ethernet cable as well.
Reconnect everything.
Restart computer.

If that doesn't work, bypass router, and connect computer straight to the modem.

If that doesn't work...
Go Start>Run (Start search in Vista), type in:
cmd
Click OK (in Vista and 7, while holding CTRL, and SHIFT, press Enter).

In Command Prompt window, type in following commands, and hit Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
net stop "dns client"
net start "dns client"


Restart computer.

If that doesn't work...
Go Start>Run (Start search in Vista and 7), type in:
cmd
Click OK (in Vista, while holding CTRL, and SHIFT, press Enter).

At Command Prompt, type in:
netsh int ip reset reset.log
Hit Enter.
Type in:
netsh winsock reset catalog
Hit Enter.

Restart computer.

 

[JBEEZY]

I tried all those suggestions and nothing worked.

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>ipconfig /flushdns

Windows IP Configuration

Could not flush the DNS Resolver Cache: Function failed during execution.


C:\Windows\system32>ipconfig /registerdns

Windows IP Configuration

Registration of DNS records failed: The RPC server is unavailable.


C:\Windows\system32>ipconfig /release

Windows IP Configuration

An error occurred while releasing interface Wireless Network Connection : The RP
C server is unavailable.

No operation can be performed on Local Area Connection while it has its media di
sconnected.

C:\Windows\system32>ipconfig /renew

Windows IP Configuration

An error occurred while renewing interface Wireless Network Connection : The RPC
server is unavailable.

No operation can be performed on Local Area Connection while it has its media di
sconnected.

C:\Windows\system32>net stop "dns client"
The DNS Client service is not started.

More help is available by typing NET HELPMSG 3521.


C:\Windows\system32>net start "dns client"
System error 1075 has occurred.

The dependency service does not exist or has been marked for deletion.


C:\Windows\system32>

 

[JBEEZY]

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>netsh int ip reset reset.log
Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Restart the computer to complete this action.


C:\Windows\system32>netsh winsock reset catalog

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


C:\Windows\system32>

 

[JBEEZY]

Restarted computer,followed everything step by step and still can't connect.