TechTalkz.com Logo

Go Back   TechTalkz.com Technology & Computer Troubleshooting Forums > Tech World > Computer Security
Reload this Page Cannot access Antivirus Sites/Google/Avast etc.
Register Forum Rules Getting Started! - Guide Blog Videos Gallery Members List Mark Forums Read

Notices

Cannot access Antivirus Sites/Google/Avast etc.

Computer Security


Reply
Page 18 of 80 « First 81617 18 19202868 Last »
 
Thread Tools Display Modes
Old 21-01-2009, 11:19 AM   #171
Junior Member (25+)
 
Join Date: Jan 2009
Posts: 47
Thanks: 3
Thanked 0 Times in 0 Posts
Rep Power: 0 Speedgraphic is an unknown quantity at this point


OS: Windows XP


Re: Cannot access Antivirus Sites/Google/Avast etc.
Thanks for your help Strider. I did as you said and below is the HJT file:

Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:58:58 AM, on 1/20/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ThreatFire\TFService.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\ThreatFire\TFTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Documents and Settings\Jerks\Desktop\HJT.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe Version Cue CS2] C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [realteke] "C:\Documents and Settings\Jerks\Application Data\Google\cijwg16225165.exe" 2
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\ThreatFire\TFTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AdobeUpdateManager.exe" AcPro7_0_9 -reboot 1
O4 - HKLM\..\Policies\Explorer\Run: [ishost.exe] ishost.exe
O4 - HKLM\..\Policies\Explorer\Run: [kernel32.dll] C:\WINDOWS\System32\isnotify.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1194607305656
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\System32\hpbpro.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\System32\hpboid.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SupportSoft Listener Service (sprtlisten) - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\sprtlisten.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\ThreatFire\TFService.exe

--
End of file - 12224 bytes
Does that look o.k.?
Last edited by Strider; 21-01-2009 at 12:29 PM..
Speedgraphic is offline   Reply With Quote
Old 21-01-2009, 12:37 PM   #172
Network Dude
 
Petrowhisky's Avatar
 
Join Date: Nov 2005
Location: http://www.corenetworkz.com
Posts: 133
Thanks: 5
Thanked 13 Times in 11 Posts
Rep Power: 5 Petrowhisky will become famous soon enoughPetrowhisky will become famous soon enough


OS: Windows XP Windows Vista Linux


Talking Re: Cannot access Antivirus Sites/Google/Avast etc.
Hi Strider you better change your profile as a security expert
__________________
Internet Technology Blog
Petrowhisky is offline   Reply With Quote
Old 21-01-2009, 01:29 PM   #173
Newbie
 
Join Date: Jan 2009
Posts: 12
Thanks: 4
Thanked 0 Times in 0 Posts
Rep Power: 0 kenzie is an unknown quantity at this point


OS: Windows XP


Re: Cannot access Antivirus Sites/Google/Avast etc.
Helpppppp....
I got the same issue too. At 1/19/09 I did the HJT and spybot scan and fix something, and the problem were gone. I managed to connect to AVG.com and the update was succesfull.
But strangely enough, I can't update AGAIN today. Can't go any antivirus sites.
I did the combofix too at 1/19, and it says stage_49 complete, but i didn't saw any other stage... is that normal???

This is HJT log. (Sorry, I'm an idiot, I dunno how to attch it...)

Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:32:47 PM, on 1/21/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Trading\MetaTrader Data Center\mtdcsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Tools\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\U-ABIT\abitEQ\ABITEQ.exe
C:\Program Files\Tools\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Tools\Internet Download Manager\IDMan.exe
C:\Program Files\Tools\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\PROGRA~1\Tools\MICROS~1\rapimgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\Acrobat_sl.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Tools\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Tools\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\Tools\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=012209 serial=DR12WEC-9211671-XEU lang=EN
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [WinLog] C:\WINDOWS\winsis.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ABIT uGuruIII] C:\Program Files\U-ABIT\abitEQ\ABITEQ.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [UsrSys] C:\WINDOWS\system32\drvsck.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Tools\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Tools\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Tools\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\Tools\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\Tools\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Tools\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Tools\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Tools\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\googletoolbar.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Tools\MICROS~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Tools\MICROS~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\Tools\MICROS~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1225656834083
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.logicity.co.uk/game/start...s/cortvrml.cab
O16 - DPF: {EA6246B4-F380-443F-8727-9AEA3371146C} (CPlayFirstWeddingDashControl Object) - http://www.shockwave.com/content/wed...h.1.0.0.47.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A387C73F-6876-4BAE-A947-9FAC07FF00C8}: NameServer = 192.168.0.0
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MetaTrader Data Center (mtdcsrv) - MetaQuotes Software Corp. - C:\Program Files\Trading\MetaTrader Data Center\mtdcsrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Tools\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 13770 bytes
My host file is clean.
Please help me, Thank You in advance.
Last edited by bakuryu; 21-01-2009 at 01:33 PM..
kenzie is offline   Reply With Quote
Old 21-01-2009, 01:32 PM   #174
ƒ(ψ)=ΘΊΧφ
 
bakuryu's Avatar
 
Join Date: May 2006
Location: India
Age: 23
Posts: 6,621
Thanks: 19
Thanked 645 Times in 603 Posts
Rep Power: 87 bakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant future


OS: Windows XP Windows Vista Windows 7


Send a message via Yahoo to bakuryu
Re: Cannot access Antivirus Sites/Google/Avast etc.
@Speedgraphic :::

Your HijackThis file still has the entries :
O4 - HKLM\..\Policies\Explorer\Run: [ishost.exe] ishost.exe
O4 - HKLM\..\Policies\Explorer\Run: [kernel32.dll] C:\WINDOWS\System32\isnotify.exe

Fix those 2 entries in HijackThis and also make sure the two files are deleted.
C:\WINDOWS\System32\ishost.exe
C:\WINDOWS\System32\isnotify.exe

Did you run ComboFix ? Post your ComboFix log file too.
__________________
Please don't click here
bakuryu is offline   Reply With Quote
Old 21-01-2009, 01:40 PM   #175
ƒ(ψ)=ΘΊΧφ
 
bakuryu's Avatar
 
Join Date: May 2006
Location: India
Age: 23
Posts: 6,621
Thanks: 19
Thanked 645 Times in 603 Posts
Rep Power: 87 bakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant futurebakuryu has a brilliant future


OS: Windows XP Windows Vista Windows 7


Send a message via Yahoo to bakuryu
Re: Cannot access Antivirus Sites/Google/Avast etc.
@kenzie :::

Post your combofix log file too.

For HijackThis, run HijackTHis again, select and fix the following entries :
Quote:
O4 - HKLM\..\Run: [WinLog] C:\WINDOWS\winsis.exe
O4 - HKCU\..\Run: [UsrSys] C:\WINDOWS\system32\drvsck.exe
Delete the following files (use Killbox if you can't delete them manually)
Quote:
C:\WINDOWS\winsis.exe
C:\WINDOWS\system32\drvsck.exe
Disable System Restore and run your Antivirus and Spybot S&D scans again and fix the entries found.
bakuryu is offline   Reply With Quote
Old 21-01-2009, 04:02 PM   #176
Newbie
 
Join Date: Jan 2009
Posts: 12
Thanks: 4
Thanked 0 Times in 0 Posts
Rep Power: 0 kenzie is an unknown quantity at this point


OS: Windows XP


Re: Cannot access Antivirus Sites/Google/Avast etc.
Thanks bakuryu
I'm updating AVG now
AVG check no virus, Spybot deleted c:\windows\winlogon.exe

This is my combofix's log

Code:
ComboFix 09-01-08.04 - Admin 2009-01-21 17:11:28.5 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1033.18.766.429 [GMT 7:00]
Running from: c:\documents and settings\Admin\Desktop\can't update avg\Fix.exe
AV: AVG Anti-Virus *On-access scanning disabled* (Updated)
.
- REDUCED FUNCTIONALITY MODE -
.

(((((((((((((((((((((((((   Files Created from 2008-12-21 to 2009-01-21  )))))))))))))))))))))))))))))))
.

2009-01-21 15:40 . 2009-01-21 15:40    <DIR>    d--------    C:\!KillBox
2009-01-19 16:03 . 2009-01-19 16:03    144    --a------    c:\windows\wininit.ini
2009-01-19 14:54 . 2009-01-19 17:28    <DIR>    d--------    c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-18 13:59 . 2009-01-18 13:59    <DIR>    d--------    C:\TempDVD
2009-01-18 13:59 . 2009-01-18 14:00    <DIR>    d--------    C:\dvdsanta
2009-01-18 13:58 . 2007-04-22 22:09    921,600    --a------    c:\windows\system32\vorbisenc.dll
2009-01-18 13:58 . 2006-10-28 11:11    516,096    --a------    c:\windows\system32\ac3filter.ax
2009-01-18 13:58 . 2004-09-23 19:20    290,304    --a------    c:\windows\system32\divxdec.ax
2009-01-18 13:58 . 2004-01-10 18:02    258,048    --a------    c:\windows\system32\GplMpgDec.ax
2009-01-18 13:58 . 2007-04-22 22:10    237,568    --a------    c:\windows\system32\OggDS.dll
2009-01-18 13:58 . 2007-04-22 22:09    188,416    --a------    c:\windows\system32\vorbis.dll
2009-01-18 13:58 . 2004-03-26 16:32    116,224    --a------    c:\windows\system32\rmalt.ax
2009-01-18 13:58 . 2007-04-22 22:11    61,440    --a------    c:\windows\system32\xvid.ax
2009-01-18 13:58 . 2007-04-22 22:09    45,056    --a------    c:\windows\system32\ogg.dll
2009-01-18 13:58 . 2004-04-30 21:46    28,672    --a------    c:\windows\system32\qtalt.ax
2009-01-17 07:50 . 2009-01-19 17:35    <DIR>    d--------    c:\program files\Pet Playground
2009-01-17 07:43 . 2009-01-18 08:33    <DIR>    d--------    c:\windows\Pet Playground
2009-01-16 07:22 . 2009-01-16 07:22    <DIR>    d--------    c:\documents and settings\Admin\Application Data\SPORE
2009-01-11 21:32 . 2009-01-11 21:32    <DIR>    d--------    c:\documents and settings\Admin\Bluetooth Software
2009-01-11 21:29 . 2009-01-11 21:29    <DIR>    d--------    c:\program files\WIDCOMM
2009-01-10 22:41 . 2009-01-10 22:41    <DIR>    d--------    c:\documents and settings\Admin\savegames
2009-01-10 22:41 . 2009-01-10 22:41    <DIR>    d--------    c:\documents and settings\Admin\movies
2009-01-10 22:41 . 2009-01-10 22:41    <DIR>    d--------    c:\documents and settings\Admin\battery
2009-01-10 22:41 . 2009-01-11 20:03    320    --a------    c:\documents and settings\Admin\rockconfig.dat
2009-01-10 22:20 . 2009-01-10 22:21    117,545    --a------    C:\vnes-070714.jar
2009-01-10 04:53 . 2009-01-10 04:53    <DIR>    d--------    c:\documents and settings\Admin\Application Data\Youdagames
2009-01-08 17:22 . 2009-01-08 17:22    <DIR>    d--------    c:\program files\Opera
2009-01-04 14:03 . 2004-08-04 00:56    79,360    --a------    c:\windows\system32\CNBJMON2.DLL
2009-01-04 14:03 . 2001-07-21 18:52    33,489    --a------    c:\windows\system32\CNBJHLP2.HLP
2009-01-04 14:03 . 2001-07-21 18:52    1,075    --a------    c:\windows\system32\CNBJHLP2.CNT
2009-01-01 17:33 . 2009-01-11 21:22    <DIR>    d--------    c:\documents and settings\Admin\Application Data\BSplayer PRO
2008-12-28 11:12 . 2008-12-28 11:12    410,984    --a------    c:\windows\system32\deploytk.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-21 09:17    ---------    d-----w    c:\documents and settings\Admin\Application Data\DMCache
2009-01-21 05:50    ---------    d-----w    c:\program files\Tools
2009-01-21 05:49    ---------    d-----w    c:\program files\Games
2009-01-21 05:45    ---------    d-----w    c:\program files\Java
2009-01-21 05:44    ---------    d-----w    c:\program files\Game Graphic Studio
2009-01-21 05:43    ---------    d-----w    c:\program files\Trading
2009-01-17 03:32    ---------    d-----w    c:\documents and settings\Admin\Application Data\CaribbeanHideaway
2009-01-16 00:19    107,888    ----a-w    c:\windows\system32\CmdLineExt.dll
2009-01-16 00:04    ---------    d--h--w    c:\program files\InstallShield Installation Information
2009-01-12 10:37    ---------    d-----w    c:\program files\RealArcade
2009-01-10 17:05    ---------    d-----w    c:\documents and settings\Admin\Application Data\IDM
2008-12-30 16:22    ---------    d-----w    c:\program files\Magic Video Converter
2008-12-25 05:57    ---------    d-----w    c:\program files\mProjector V3.1.1b
2008-12-18 06:59    ---------    d-----w    c:\documents and settings\All Users\Application Data\rionix
2008-12-18 05:39    ---------    d-----w    c:\documents and settings\All Users\Application Data\Reflexive
2008-12-18 02:55    ---------    d-----w    c:\documents and settings\All Users\Application Data\JollyBear
2008-12-16 09:35    ---------    d-----w    c:\documents and settings\Admin\Application Data\BitTorrent
2008-12-13 21:31    ---------    d-----w    c:\documents and settings\All Users\Application Data\Playrix Entertainment
2008-12-12 05:54    ---------    d-----w    c:\program files\GameHouse
2008-12-12 05:54    ---------    d-----w    c:\documents and settings\Admin\Application Data\GameHouse
2008-12-10 22:14    ---------    d-----w    c:\documents and settings\Admin\Application Data\World-LooM
2008-12-05 21:19    ---------    d-----w    c:\documents and settings\All Users\Application Data\Legendo
2008-11-30 10:56    ---------    d-----w    c:\program files\Caribbean Hideaway
2008-11-29 11:13    ---------    d-----w    c:\documents and settings\Admin\Application Data\Skunk Studios
2008-11-24 15:02    ---------    d-----w    c:\documents and settings\Admin\Application Data\LimeWire
2008-07-30 05:31    53,248    ----a-w    c:\documents and settings\Admin\lametritonus_en.dll
2008-07-30 05:31    162,304    ----a-w    c:\documents and settings\Admin\lame_enc_en.dll
2008-07-18 14:30    22,328    ----a-w    c:\documents and settings\Admin\Application Data\PnkBstrK.sys
2008-06-26 13:27    0    -c--a-w    c:\program files\temp01
2008-06-24 10:44    100    ----a-w    c:\documents and settings\All Users\Application Data\{0xffcc220x45aaff}.dat
2008-12-30 15:30    67,688    ----a-w    c:\program files\mozilla firefox\components\jar50.dll
2008-12-30 15:30    54,368    ----a-w    c:\program files\mozilla firefox\components\jsd3250.dll
2008-12-30 15:30    34,944    ----a-w    c:\program files\mozilla firefox\components\myspell.dll
2008-12-30 15:30    46,712    ----a-w    c:\program files\mozilla firefox\components\spellchk.dll
2008-12-30 15:30    172,136    ----a-w    c:\program files\mozilla firefox\components\xpinstal.dll
2007-03-09 08:12    27,648    --sha-w    c:\windows\system32\AVSredirect.dll
2004-09-01 00:00    162,516    --sha-r    c:\windows\system32\lrrxb.dll
.

(((((((((((((((((((((((((((((   snapshot@2009-01-21_12.01.08.21   )))))))))))))))))))))))))))))))))))))))))
.
- 2009-01-21 03:56:19    63,674    ----a-w    c:\windows\system32\perfc009.dat
+ 2009-01-21 07:31:18    63,674    ----a-w    c:\windows\system32\perfc009.dat
- 2009-01-21 03:56:19    406,218    ----a-w    c:\windows\system32\perfh009.dat
+ 2009-01-21 07:31:18    406,218    ----a-w    c:\windows\system32\perfh009.dat
+ 2009-01-21 07:30:26    16,384    ----atw    c:\windows\Temp\Perflib_Perfdata_748.dat
+ 2009-01-21 07:27:03    16,384    ----atw    c:\windows\Temp\Perflib_Perfdata_f8.dat
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"ABIT uGuruIII"="c:\program files\U-ABIT\abitEQ\ABITEQ.exe" [2007-02-01 421888]
"Yahoo! Pager"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2006-08-29 4621816]
"H/PC Connection Agent"="c:\program files\Tools\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]
"IDMan"="c:\program files\Tools\Internet Download Manager\IDMan.exe" [2009-01-09 932864]
"SpybotSD TeaTimer"="c:\program files\Tools\Spybot - Search & Destroy\TeaTimer.exe" [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"CorelDRAW Graphics Suite 11b"="c:\program files\Corel\Corel Graphics 12\Languages\EN\Programs\Registration.exe" [2003-11-25 729088]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-04-13 69632]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-03 1261336]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 455168]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-28 136600]
"MSConfig"="c:\windows\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-09-01 158208]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 c:\windows\RTHDCPL.exe]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe [2008-03-07 25214]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\windows\system32\logonuiX.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages    REG_MULTI_SZ       msv1_0 c:\windows\system32\ssqPfDSi

[HKLM\~\startupfolder\C:^Documents and Settings^Admin^Start Menu^Programs^Startup^Metacafe.lnk]
backup=c:\windows\pss\Metacafe.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma.lnk]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Metacafe.lnk]
backup=c:\windows\pss\Metacafe.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Orbit.lnk]
backup=c:\windows\pss\Orbit.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Thoosje Sidebar .lnk]
backup=c:\windows\pss\Thoosje Sidebar .lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Yahoo! Widgets.lnk]
backup=c:\windows\pss\Yahoo! Widgets.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\74232]
--a------ 2007-12-13 00:38 51712 c:\windows\74232.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
--a------ 2008-04-23 02:08 483328 c:\program files\Adobe\Acrobat 7.0\Distillr\acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent]
--a------ 2006-09-29 03:02 43520 c:\program files\BitTorrent\bittorrent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-08-29 22:09 171464 c:\program files\Tools\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-09-04 07:11 133104 c:\documents and settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-04-20 20:32 8429568 c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-04-20 20:32 81920 c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
--a------ 2006-08-29 19:54 4621816 c:\program files\Yahoo!\Messenger\YahooMessenger.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-04-20 20:32 1626112 c:\windows\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\Tools\\Camfrog\\Camfrog Video Chat\\Camfrog Video Chat.exe"=
"c:\\Program Files\\Tools\\Microsoft ActiveSync\\rapimgr.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"6834:TCP"= 6834:TCP:rjxlfwq

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2008-04-07 12936]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-04-07 98440]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-04-07 90632]
R3 ABIT-IO;ABIT-IO;c:\program files\U-ABIT\abitEQ\ABIT-IO.sys [2008-03-12 4608]
R4 avg8emc;AVG8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2008-10-23 874776]
R4 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-04-07 231704]
R4 mtdcsrv;MetaTrader Data Center;c:\program files\Trading\MetaTrader Data Center\mtdcsrv.exe [2008-04-24 193776]
S3 Memctl;Memctl;c:\program files\U-ABIT\FlashMenu\MEMCTL.SYS [2008-03-12 4047]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;d:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 xzjnu;Time Config;c:\windows\system32\svchost.exe -k netsvcs [2004-09-01 14336]
S4 zbpqof;Update Config;c:\windows\system32\svchost.exe -k netsvcs [2004-09-01 14336]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
xzjnu
zbpqof

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\autorun.exe
\Shell\directx\command - g:\directx9\dxsetup.exe
\Shell\setup\command - G:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1fb6abc1-03a6-11dd-a217-00508db4622c}]
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript lz32.dll.vbs
.
Contents of the 'Scheduled Tasks' folder

2009-01-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-790525478-839522115-1003.job
- c:\documents and settings\Admin\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-04 07:11]

2009-01-21 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\tools\RegCure\RegCure.exe [2008-11-03 04:00]

2009-01-07 c:\windows\Tasks\RegCure.job
- c:\program files\tools\RegCure\RegCure.exe [2008-11-03 04:00]
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-WinLog - c:\windows\winsis.exe


.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: &Download All by FlashGet - c:\program files\Tools\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
IE: &Download by FlashGet - c:\program files\Tools\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
IE: &Google Search - c:\program files\Google\googletoolbar.dll/cmsearch.html
IE: Backward &Links - c:\program files\Google\googletoolbar.dll/cmbacklinks.html
IE: Cac&hed Snapshot of Page - c:\program files\Google\googletoolbar.dll/cmcache.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Download all links with IDM - c:\program files\Tools\Internet Download Manager\IEGetAll.htm
IE: Download FLV video content with IDM - c:\program files\Tools\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Tools\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Si&milar Pages - c:\program files\Google\googletoolbar.dll/cmsimilar.html
IE: Translate into English - c:\program files\Google\googletoolbar.dll/cmtrans.html
TCP: {A387C73F-6876-4BAE-A947-9FAC07FF00C8} = 192.168.0.0
FF - ProfilePath - c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\4lkskwfy.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/Result***t.aspx?ctid=CT530735&SearchSource=3&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://en-GB.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-GB:official
FF - prefs.js: keyword.URL - hxxp://id.search.yahoo.com/search?ei=utf-8&fr=megaup&p=
FF - component: c:\documents and settings\Admin\Application Data\IDM\idmmzcc2\components\idmmzcc.dll
FF - component: c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\4lkskwfy.default\extensions\{7f57cf46-4467-4c2d-adfa-0cba7c507e54}\components\ZipWriterComponent.dll
FF - component: c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\4lkskwfy.default\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}\components\mpint.dll
FF - component: c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\4lkskwfy.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}\components\nsCatcher.dll
FF - component: c:\program files\Mozilla Firefox\components\xpinstal.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-21 17:11:55
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 


**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\xzjnu]
"ServiceDll"="c:\windows\system32\lrrxb.dll"

[HKEY_LOCAL_MACHINE\System\ControlSet002\Services\zbpqof]
"ServiceDll"="c:\program files\Internet Explorer\lrrxb.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2000478354-790525478-839522115-1003\Software\SecuROM\License information*NULL*]
"datasecu"=hex:2d,98,1b,da,43,75,f0,30,33,5c,6f,72,79,ce,28,97,bb,a3,9e,91,e8,\
  6c,fa,36,db,e3,35,94,aa,81,5b,56,d0,5a,cd,59,6d,53,83,0c,a6,80,1e,14,40,23,\
  60,17,51,ac,6a,0e,29,00,05,a8,7b,fa,c1,d6,39,0b,15,7e,37,a5,cc,d1,b3,00,3a,\
  71,32,9f,ae,86,1c,26,0e,f7,29,97,42,dd,87,78,06,bd,8f,bd,95,3b,fe,de,fa,19,\
  df,0b,9a,a5,ac,e7,6b,2d,04,f0,c2,5f,ad,52,c4,af,2c,59,2c,05,52,d8,e4,a9,e1,\
  79,67,28,94,35,7f,94,a8,e9,0d,2a,f1,e9,be,11,54,bf,e9,22,e3,8b,ab,9b,a1,cb,\
  fc,57,a4,8d,1f,c9,e3,9d,52,aa,b1,84,76,ce,ac,1c,e1,c4,dc,90,87,6e,62,5a,9b,\
  fd,66,10,83,30,7a,92,eb,2b,e5,3b,c8,34,5d,2a,ab,27,1f,30,46,c9,72,8d,76,de,\
  87,44,f5,91,ee,bf,6e,04,8e,e7,45,7d,0b,6a,87,06,7e,be,69,32,dc,b2,1f,34,f1,\
  c8,97,e0,77,cf,ce,80,e3,97,cc,3a,07,c0,40,22,11,b9,77,0a,c6,4a,32,e3,97,89,\
  0b,ce,35,86,06,e0,7c,50,08,35,71,a3,66,f5,7b,49,40,38,f3,12,41,9f,e6,3a,d6,\
  e3,70,74,66,c1,8e,33,2d,41,22,5c,fc,c4,61,a2,9d,ae,7d,23,6f,42,db,ee,aa,9d,\
  01,92,9f,c5,42,c1,b1,06,99,b8,45,2c,cf,2d,87,0f,b2,64,cd,1b,8d,d6,ec,28,f0,\
  0e,fd,9e,2a,9b,13,6d,8e,e9,ba,84,d9,c8,c2,92,c2,79,91,a0,cc,23,1b,b0,bc,50,\
  f8,8d,04,6e,88,6a,49,71,57,cd,9a,6a,92,f8,3c,1d,b0,48,85,1a,8c,86,f3,bb,23,\
  33,a2,49,06,2f,ec,ce,4e,df,55,98,0b,3b,ee,52,55,13,2d,11,82,e6,9f,1b,4c,44,\
  16,fe,27,93,53,9e,58,f3,7a,3f,62,60,22,38,f3,f2,5f,fd,65,20,b2,40,c5,12,2d,\
  e5,7f,11,29,e7,b4,9d,cd,05,d8,97,e8,fe,39,bf,98,f6,39,b7,98,ee,da,58
"rkeysecu"=hex:2e,90,5b,19,b2,d9,3c,7d,ab,bd,62,d6,82,d1,9e,fc

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):df,5a,b0,91,19,78,9e,f7,36,c7,51,4e,69,52,9b,b1,6f,e1,a0,c2,f3,\
  29,fe,b0,18,a6,58,b9,8f,1b,d1,df,08,ce,21,f0,6d,aa,8e,5d,00,00,00,00,00,00,\
  00,00,00,00

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):04,7a,45,a5,37,5f,a6,b3,b8,14,0f,d2,14,55,03,9a,f5,64,1f,34,3a,\
  ce,70,5f,89,0f,9a,86,e0,8c,82,63,a0,5b,81,13,3a,ba,b4,f9,00,00,00,00,00,00,\
  00,00,00,00

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{b05ecb1d-0758-4a8f-8aeb-223952cf1f11}]
@Denied: (Full) (Everyone)
"Model"=dword:00000108
"Therad"=dword:0000000f
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,\
  38,95,44,85,b1,12,f9,90,dd,23,a1,49,8c,bf,1a,9d,fe,41,71,cb,3f,46,a4,7c,ab,\
  3f,ce,46,8f,3c,f2,5c,68,ee,21,45,f3,e3,c8,aa,ca,d5,dd,46,8f,3c,f2,5c,68,ee,\
  21,70,9a,6f,2d,48,c9,e4,73,1a,bd,a2,1a,ee,3c,8c,b9,0b,6c,58,11,ff,d0,e7,77,\
  da,2f,1e,6b,48,af,36,85,05,6d,52,bd,c2,36,1b,25,b5,66,4a,d0,23,02,d0,61,e7,\
  38,2e,98,d8,aa,db,af,30,25,78,3a,39,36,81,01,ad,5a,c0,d0,d3,89,6b,8f,92,0d,\
  09,15,c9,7c,db,ce,36,5c,e8,39,70,3f,95,25,6b,ac,ab,ca,c1,88,2c,b2,b9,f0,43,\
  56,ff,e4,48,eb,25,4d,90,ab,1b,0c,d4,9f,50,c5,8b,69,6b,85,5e,72,b5,c7,42,82,\
  5d,74,68,35,f3,38,af,d8,2f,a8,d4,93,2c,fd,f1,78,d9,1d,5a,42,49,8c,bf,1a,9d,\
  fe,41,71,cb,3f,46,a4,7c,ab,3f,ce,ab,65,1b,44,9b,13,ac,7b,3f,28,0b,09,13,e7,\
  c6,ae,46,8f,3c,f2,5c,68,ee,00

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{d61981aa-6cb0-4d13-b935-8c7cdbeef860}]
@Denied: (Full) (Everyone)
"Model"=dword:000000df
"Therad"=dword:0000001e
"MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26,\
  38,95,44,85,b1,12,f9,90,dd,23,a1,de,1a,92,62,91,09,2e,04,df,69,ae,6f,30,fa,\
  db,a6,b9,f0,43,56,ff,e4,48,eb,20,ef,c6,db,b8,20,0e,dd,bc,2b,e1,f8,39,f5,77,\
  14,46,ea,f6,99,91,76,e4,16,1b,51,07,c2,0f,b2,ca,a7,9f,30,93,01,3b,e0,da,27,\
  94,2e,56,36,b0,94,4a,b9,76,15,da,c2,a5,ca,c9,7f,61,e6,f0,ae,38,d0,27,8e,01,\
  88,18,e2,a0,95,6f,6e,3f,cc,5d,2e,da,76,f2,89,5b,e1,76,93,a7,73,c3,72,61,e6,\
  f0,ae,38,d0,27,8e,49,de,0c,74,df,76,15,b5,9c,fc,b3,b8,e0,ab,44,5e,27,c8,89,\
  4a,24,84,be,a3,01,02,a1,bd,00,0f,db,d7,9d,da,ed,1e,ea,b4,88,e6,b7,af,97,f5,\
  5b,cb,e2,39,5d,13,6c,e1,ed,e1,e9,33,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,\
  68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
  ee,21,46,8f,3c,f2,5c,68,ee,00
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(772)
c:\windows\system32\avgrsstx.dll

- - - - - - - > 'lsass.exe'(884)
c:\windows\system32\avgrsstx.dll
.
Completion time: 2009-01-21 17:15:48
ComboFix-quarantined-files.txt  2009-01-21 10:14:30
ComboFix2.txt  2009-01-21 05:05:31
ComboFix3.txt  2009-01-21 04:03:30
ComboFix4.txt  2009-01-19 12:33:29

Pre-Run: 2,928,672,768 bytes free
Post-Run: 2,913,746,944 bytes free

Current=2 Default=2 Failed=3 LastKnownGood=4 Sets=1,2,3,4
326
Is this good now?
(PS. Sorry for the messy post )
Last edited by Strider; 21-01-2009 at 06:00 PM.. Reason: AVG check and Spybot
kenzie is offline   Reply With Quote
Old 21-01-2009, 05:54 PM   #177
Newbie
 
Join Date: Jan 2009
Posts: 16
Thanks: 5
Thanked 0 Times in 0 Posts
Rep Power: 0 earthchild57 is an unknown quantity at this point


OS: Windows XP


Re: Cannot access Antivirus Sites/Google/Avast etc.
Quote:
Originally Posted by bakuryu View Post
Switch to OpenDNS and see and clear your DNS cache.
if it still doesn't help, post your new combofix log file.
I'm not sure I understand the OpenDNS. It says it has no stats for me. I clicked where it says purge data. Is that what you meant for me to do? Thanks. Vicki
earthchild57 is offline   Reply With Quote
Old 21-01-2009, 06:02 PM   #178
Founder
 
Strider's Avatar
 
Join Date: Nov 2005
Location: The Last City Zion!
Posts: 3,539
Thanks: 287
Thanked 345 Times in 298 Posts
Rep Power: 62 Strider is just GreatStrider is just GreatStrider is just GreatStrider is just GreatStrider is just GreatStrider is just GreatStrider is just GreatStrider is just GreatStrider is just GreatStrider is just GreatStrider is just Great


OS: Windows XP Windows Server 2003 / Windows Server 2008 Windows Vista Windows 7 Linux


Re: Cannot access Antivirus Sites/Google/Avast etc.
Quote:
clear your DNS cache.
It mean clear your current DNS cache using ipconfig /flushdns. Then use the dns servers from OpenDNS.
Strider is offline   Reply With Quote
Old 21-01-2009, 06:07 PM   #179
Founder
 
Strider's Avatar
 
Join Date: Nov 2005
Location: The Last City Zion!
Posts: 3,539
Thanks: 287
Thanked 345 Times in 298 Posts
Rep Power: 62 Strider is just GreatStrider is just GreatStrider is just GreatStrider is just GreatStrider is just GreatStrider is just GreatStrider is just GreatStrider is just GreatStrider is just GreatStrider is just GreatStrider is just Great


OS: Windows XP Windows Server 2003 / Windows Server 2008 Windows Vista Windows 7 Linux


Re: Cannot access Antivirus Sites/Google/Avast etc.
Quote:
Is this good now?
Hi kenzie,

It looks like you PC is clean now. Keep AVG up to date and install all Windows updates via Automatic updates. Also use Spybot S&D once in a week after updating it.

Quote:
(PS. Sorry for the messy post )
No need of that. We are here to help.
Strider is offline   Reply With Quote
Old 21-01-2009, 06:22 PM   #180
Newbie
 
Join Date: Jan 2009
Posts: 12
Thanks: 4
Thanked 0 Times in 0 Posts
Rep Power: 0 kenzie is an unknown quantity at this point


OS: Windows XP


Re: Cannot access Antivirus Sites/Google/Avast etc.
Errrr. Sorry again, it seem like I have another problem. I can connect to AV sites now, but those deleted files comes back ( C:\WINDOWS\system32\drvsck.exe and C:\windows\winlogon.exe )
What are those actually???
kenzie is offline   Reply With Quote
Reply
Page 18 of 80 « First 81617 18 19202868 Last »

Tags
antivirus, cleanup, infection, virus, virus removal

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode



< Windows Help - MS Office Help - Hardware Support >


New To Site? Need Help?

All times are GMT +5.5. The time now is 04:31 AM.

Contact Us - TechTalkz.com Technology & Computer Troubleshooting Forums - Top

vBulletin, Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO
Copyright © 2005-2009, TechTalkz.com. All Rights Reserved - Privacy Policy
Valid XHTML 1.0 Transitional