« previous next »
Pages: [1] 2   Go Down

Author Topic: [Resolved] No internet connection sometimes  (Read 804 times)

0 Members and 1 Guest are viewing this topic.

Offline schafer000

  • Bronze Member
  • Posts: 24
[Resolved] No internet connection sometimes
« on: May 30, 2012, 11:09:07 AM »
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 7/4/2009 12:27:01 AM
System Uptime: 5/29/2012 12:44:22 PM (25 hours ago)
.
Motherboard: Dell Inc. |  | 0U880P
Processor: Intel(R) Core(TM)2 Duo CPU     E7400  @ 2.80GHz | CPU 1 | 2793/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 283 GiB total, 185.474 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 8.08 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP997: 5/11/2012 12:21:31 AM - Scheduled Checkpoint
RP998: 5/12/2012 12:59:26 AM - Scheduled Checkpoint
RP999: 5/13/2012 12:00:01 AM - Scheduled Checkpoint
RP1000: 5/16/2012 1:16:56 AM - Scheduled Checkpoint
RP1001: 5/17/2012 2:22:25 AM - Scheduled Checkpoint
RP1002: 5/18/2012 2:12:20 AM - Scheduled Checkpoint
RP1003: 5/19/2012 - Scheduled Checkpoint
RP1004: 5/20/2012 12:00:01 AM - Scheduled Checkpoint
RP1005: 5/22/2012 1:54:18 AM - Scheduled Checkpoint
RP1006: 5/23/2012 12:15:28 AM - Scheduled Checkpoint
RP1007: 5/24/2012 3:25:48 AM - Scheduled Checkpoint
RP1008: 5/25/2012 3:32:33 AM - Scheduled Checkpoint
RP1009: 5/25/2012 11:37:11 AM - Windows Update
RP1010: 5/26/2012 - Scheduled Checkpoint
RP1011: 5/26/2012 4:33:22 PM - Scheduled Checkpoint
RP1012: 5/27/2012 3:31:48 PM - Scheduled Checkpoint
RP1013: 5/28/2012 12:25:12 PM - Installed HiJackThis
RP1014: 5/28/2012 2:09:14 PM - Windows Update
RP1015: 5/29/2012 2:29:08 PM - Scheduled Checkpoint
RP1016: 5/30/2012 2:54:06 AM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
.
µTorrent
Acrobat.com
Adobe AIR
Adobe Anchor Service CS4
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Extra Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Recommended Settings CS4
Adobe Color Video Profiles CS CS4
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Drive CS4
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Fonts All
Adobe Linguistics CS4
Adobe Media Player
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Reader 9.5.1
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
AIM 6
AIO_Scan
Apple Application Support
ArcSoft Panorama Maker 5
ATI Catalyst Control Center
BufferChm
C4200
C4200_doccd
c4200_Help
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-core-static
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help English
CCC Help French
CCC Help German
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Portuguese
CCC Help Spanish
CCC Help Turkish
Compatibility Pack for the 2007 Office system
Connect
Copy
CustomerResearchQFolder
D3DX10
Dell Getting Started Guide
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DocProc
DocProcQFolder
eSupportQFolder
FileZilla Client 3.3.3
Google Earth
Google Quick Search Box
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Photosmart Essential2.01
HP Product Assistant
HP Update
HPDiagnosticAlert
HPProductAssistant
HPSSupply
iSEEK AnswerWorks English Runtime
Java Auto Updater
Java(TM) 6 Update 31
JPEG to PDF 1.0
Junk Mail filter update
kuler
Malwarebytes Anti-Malware version 1.61.0.1400
MarketResearch
Media Player Codec Pack 3.7.0
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
mIRC
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nikon Message Center 2
PDF Settings CS4
Photoshop Camera Raw
Picture Control Utility
PowerDVD
PS_AIO_ProductContext
PS_AIO_Software
PS_AIO_Software_min
PSSWCORE
QuickTime
Realtek High Definition Audio Driver
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Segoe UI
Skins
SolutionCenter
Spybot - Search & Destroy
Status
Suite Shared Configuration CS4
Toolbox
TrayApp
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wohiper
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 winiper
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wohiper
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 winiper
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wohiper
TurboTax 2011 wrapper
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Veetle TV 0.9.15
VideoToolkit01
ViewNX 2
Viewpoint Media Player
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
WebReg
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR archiver
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
5/29/2012 12:46:20 PM, Error: Service Control Manager [7022]  - The HP CUE DeviceDiscovery Service service hung on starting.
5/28/2012 9:55:09 PM, Error: Microsoft-Windows-Dhcp-Client [1002]  - The IP address lease 192.168.2.2 for the Network Card with network address 0025640293A2 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
5/28/2012 9:47:07 PM, Error: Microsoft-Windows-Dhcp-Client [1002]  - The IP address lease 10.0.0.2 for the Network Card with network address 0025640293A2 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
5/28/2012 2:10:58 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8024002d: Security Update for Microsoft Works 9 (KB2680317).
5/28/2012 10:04:11 PM, Error: Microsoft-Windows-Dhcp-Client [1002]  - The IP address lease 192.168.2.2 for the Network Card with network address 0025640293A2 has been denied by the DHCP server 10.0.0.1 (The DHCP Server sent a DHCPNACK message).
5/27/2012 2:15:49 PM, Error: Server [2505]  - The server could not bind to the transport \Device\NetBT_Tcpip_{5E26E4A8-43D5-4D5B-9780-D2DCBAC72476} because another computer on the network has the same name.  The server could not start.
5/27/2012 2:15:49 PM, Error: netbt [4321]  - The name "JOHN-PC        :20" could not be registered on the interface with IP address 10.0.0.2. The computer with the IP address 10.0.0.7 did not allow the name to be claimed by this computer.
5/27/2012 2:15:49 PM, Error: netbt [4321]  - The name "JOHN-PC        :0" could not be registered on the interface with IP address 10.0.0.2. The computer with the IP address 10.0.0.7 did not allow the name to be claimed by this computer.
.
==== End Of File ===========================
« Last Edit: May 30, 2012, 11:15:35 AM by 1972vet »
Logged


Offline schafer000

  • Bronze Member
  • Posts: 24
Re: [Resolved] No internet connection sometimes
« Reply #1 on: May 30, 2012, 11:13:44 AM »
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by j-cash at 13:11:59 on 2012-05-30
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.4094.1372 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG10\avgchsva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Ati2evxx.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\AVG\AVG10\avgnsa.exe
C:\Program Files (x86)\AVG\AVG10\avgemca.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Windows\system32\wuauclt.exe
C:\PROGRA~2\AVG\AVG10\avgrsa.exe
C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11g_ActiveX.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Aim6]
uRun: [AdobeBridge]
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11g_ActiveX.exe -update activex
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe"  /autorun
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
mRun: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
Trusted Zone: intuit.com\ttlc
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{5E26E4A8-43D5-4D5B-9780-D2DCBAC72476} : DhcpNameServer = 10.0.0.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64:     AcroIEHelperStub - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
BHO-X64:     WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO-X64:     Search Helper - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [Google Quick Search Box] "C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe"  /autorun
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
mRun-x64: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
mRun-x64: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-7-4 88576]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-1-31 7391072]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-6-15 517632]
R2 Viewpoint Manager Service;Viewpoint Manager Service;C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe [2009-7-21 24652]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-31 135664]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-7-27 1038088]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-31 135664]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-2 89920]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-05-30 16:47:14   --------   d-----w-   C:\Users\j-cash\AppData\Local\{09527B5F-E639-4571-9417-E62DABB6C824}
2012-05-30 16:47:13   --------   d-----w-   C:\Users\j-cash\AppData\Local\{992EAC77-CAFD-40AA-A501-529BCACF01C3}
2012-05-30 04:47:11   --------   d-----w-   C:\Users\j-cash\AppData\Local\{0A33B4E7-909F-4AD3-BE19-E895EFD3DE21}
2012-05-30 04:47:09   --------   d-----w-   C:\Users\j-cash\AppData\Local\{1CAB8B87-13BF-4B8E-B6BB-40AA9A5482CD}
2012-05-29 16:46:29   --------   d-----w-   C:\Users\j-cash\AppData\Local\{1FBED34E-8751-49E2-BB9A-79A84B6B1D1B}
2012-05-29 16:45:19   --------   d-----w-   C:\Users\j-cash\AppData\Local\{75980580-DDB7-4F05-AE32-8A71BD562267}
2012-05-29 00:27:42   --------   d-----w-   C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2012-05-28 17:29:54   --------   d-----w-   C:\Users\j-cash\AppData\Local\{1D939FF2-391E-47DA-97E9-DB2AF6609F4B}
2012-05-28 17:29:51   --------   d-----w-   C:\Users\j-cash\AppData\Local\{9BEBB0AA-B054-421E-A53F-4DB025056FBC}
2012-05-28 16:26:07   388096   ----a-r-   C:\Users\j-cash\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-05-28 16:26:06   --------   d-----w-   C:\Program Files (x86)\Trend Micro
2012-05-28 16:15:44   200976   ----a-w-   C:\Windows\SysWow64\drivers\tmcomm.sys
2012-05-28 05:29:34   --------   d-----w-   C:\Users\j-cash\AppData\Local\{AB418BF5-EBD8-4115-9149-C0FB646E4E62}
2012-05-27 17:29:43   --------   d-----w-   C:\Users\j-cash\AppData\Local\{900D9F12-EC4B-45FD-BCC1-CA3EBAD60D4F}
2012-05-27 17:29:35   --------   d-----w-   C:\Users\j-cash\AppData\Local\{63AEA746-04B3-4475-8E72-5DE15D8855BD}
2012-05-27 07:58:34   --------   d-----w-   C:\Users\j-cash\AppData\Local\{67A5A8AC-5699-4C98-AAFF-712F453ACF2D}
2012-05-26 19:58:10   --------   d-----w-   C:\Users\j-cash\AppData\Local\{932CA33D-2DA5-4E4E-9377-040BB5D1ACF5}
2012-05-26 19:57:04   --------   d-----w-   C:\Users\j-cash\AppData\Local\{9AB8B99D-43F8-4EB9-AE1C-486BB8BF2E4A}
2012-05-26 05:47:35   --------   d-----w-   C:\Users\j-cash\AppData\Local\{831262A4-E347-4A6A-8493-0977ACDE27E7}
2012-05-26 05:47:34   --------   d-----w-   C:\Users\j-cash\AppData\Local\{C2DAD6A7-C05D-4F97-9AF6-0E67BBDF18A3}
2012-05-25 15:51:35   --------   d-----w-   C:\Users\j-cash\AppData\Local\{1D60C3C8-8273-46AE-BED8-BD0CEF3E5D6D}
2012-05-25 15:51:34   --------   d-----w-   C:\Users\j-cash\AppData\Local\{A9668391-F3C8-492B-B8A7-8684D0100C2D}
2012-05-25 03:51:19   --------   d-----w-   C:\Users\j-cash\AppData\Local\{2721B66C-01F1-44FB-BC38-19C83D9451F0}
2012-05-25 03:51:17   --------   d-----w-   C:\Users\j-cash\AppData\Local\{F80295A6-80B5-4D28-84B8-AC3DF16C3637}
2012-05-24 05:32:03   --------   d-----w-   C:\Users\j-cash\AppData\Local\{2C41D5CB-7AF0-4EB4-8E66-992E3377FBB3}
2012-05-24 05:32:01   --------   d-----w-   C:\Users\j-cash\AppData\Local\{5996E507-4ADA-4E46-BAEC-92549B113C34}
2012-05-23 15:24:26   --------   d-----w-   C:\Users\j-cash\AppData\Local\{7FCE07E0-5662-46AC-B08C-11FFABCAE558}
2012-05-23 15:24:24   --------   d-----w-   C:\Users\j-cash\AppData\Local\{D9F997BC-5E1C-4031-BCBE-EFF12272A17D}
2012-05-22 16:06:12   --------   d-----w-   C:\Users\j-cash\AppData\Local\{DEDC7E40-9DDD-4767-AF1E-346958BDE757}
2012-05-22 16:05:36   --------   d-----w-   C:\Users\j-cash\AppData\Local\{C01F7136-4353-41E0-84C5-51CE02666D39}
2012-05-22 04:36:56   --------   d-----w-   C:\Users\j-cash\AppData\Local\{9C578CEF-5F13-425F-B734-C7326EBAC2A3}
2012-05-21 13:46:54   --------   d-----w-   C:\Users\j-cash\AppData\Local\{410E3BD1-97D2-4A08-9877-CAB3E582B954}
2012-05-21 13:46:53   --------   d-----w-   C:\Users\j-cash\AppData\Local\{89AFB9B9-A0E5-4838-9F0F-B1B7AB651A50}
2012-05-21 01:46:50   --------   d-----w-   C:\Users\j-cash\AppData\Local\{6C5BC097-EF34-41E7-A64F-EE94036D1E28}
2012-05-21 01:46:49   --------   d-----w-   C:\Users\j-cash\AppData\Local\{247571F7-F42E-4CBA-B407-10017185E1AA}
2012-05-20 13:46:35   --------   d-----w-   C:\Users\j-cash\AppData\Local\{FCA4C7CD-8D18-438D-A015-908BC066DFC6}
2012-05-20 13:46:34   --------   d-----w-   C:\Users\j-cash\AppData\Local\{4AF5319E-64F7-491B-B502-E78437319832}
2012-05-19 16:54:27   --------   d-----w-   C:\Users\j-cash\AppData\Local\{72911174-1CB7-4E6B-9BFB-AE90D0A5AAE1}
2012-05-19 16:54:25   --------   d-----w-   C:\Users\j-cash\AppData\Local\{3F8533BF-F438-49CA-A8EE-C91D6E2752CD}
2012-05-19 04:39:37   --------   d-----w-   C:\Users\j-cash\AppData\Local\{31D32C29-36AE-4FA8-8E86-CC59C0E517A0}
2012-05-19 04:39:36   --------   d-----w-   C:\Users\j-cash\AppData\Local\{FA5B1B5B-7D3F-4F83-9D8D-48CDD14B243C}
2012-05-18 16:02:50   --------   d-----w-   C:\Users\j-cash\AppData\Local\{7F6EA3EA-3314-4A0F-9DFC-816E5E685080}
2012-05-18 16:02:49   --------   d-----w-   C:\Users\j-cash\AppData\Local\{F2B4C5FE-4480-4C36-99DD-67C04380CAD1}
2012-05-18 04:02:47   --------   d-----w-   C:\Users\j-cash\AppData\Local\{FA6035B5-298E-4407-8AE0-CD77A19E95BD}
2012-05-18 04:02:46   --------   d-----w-   C:\Users\j-cash\AppData\Local\{62F1476E-256B-48A0-810F-121B1D14E912}
2012-05-17 16:02:30   --------   d-----w-   C:\Users\j-cash\AppData\Local\{3B438CDB-BDA6-4AAE-9449-5231424826A2}
2012-05-17 16:02:29   --------   d-----w-   C:\Users\j-cash\AppData\Local\{E6487D83-BA43-4156-AE84-2B1AECB8A82F}
2012-05-17 04:02:16   --------   d-----w-   C:\Users\j-cash\AppData\Local\{6146AEBB-6BDC-4A8F-8190-C97E797611CF}
2012-05-17 04:02:15   --------   d-----w-   C:\Users\j-cash\AppData\Local\{5D0790DE-97AF-4471-8150-5A86712D823E}
2012-05-16 16:02:01   --------   d-----w-   C:\Users\j-cash\AppData\Local\{348840A9-2953-40D9-9FFE-6FE49CB3A184}
2012-05-16 16:02:00   --------   d-----w-   C:\Users\j-cash\AppData\Local\{3BAC2FEB-0DDD-4040-9555-D8A78DE6C2B2}
2012-05-16 04:01:41   --------   d-----w-   C:\Users\j-cash\AppData\Local\{6143790A-1813-4D60-AB5C-23E8590CAF0C}
2012-05-16 04:01:36   --------   d-----w-   C:\Users\j-cash\AppData\Local\{F237BE9D-A540-4A3B-AAC5-C2F7B26229D7}
2012-05-15 15:56:28   --------   d-----w-   C:\Users\j-cash\AppData\Local\{5BAEC0A9-CE47-4C4F-9F1B-5B2AD872FE98}
2012-05-15 15:56:27   --------   d-----w-   C:\Users\j-cash\AppData\Local\{16F6576E-E7B9-405E-8928-D92643D959DE}
2012-05-15 03:56:25   --------   d-----w-   C:\Users\j-cash\AppData\Local\{AE7B098C-F876-4076-924B-4DA531CAFCDA}
2012-05-15 03:56:23   --------   d-----w-   C:\Users\j-cash\AppData\Local\{7BD37CDB-5CA7-41ED-ACEC-90A814928B70}
2012-05-14 15:51:51   --------   d-----w-   C:\Users\j-cash\AppData\Local\{CE4C5D2F-8BAB-455B-9A94-3AF3478551BE}
2012-05-14 15:51:50   --------   d-----w-   C:\Users\j-cash\AppData\Local\{276AA891-1D81-46CF-B0E6-B4951055F633}
2012-05-14 03:51:48   --------   d-----w-   C:\Users\j-cash\AppData\Local\{1EF7E58F-8B2A-436B-B4F1-99CAE086F2D4}
2012-05-14 03:51:46   --------   d-----w-   C:\Users\j-cash\AppData\Local\{B05DFB0B-A38F-4931-80FE-9BFEBB25B4A8}
2012-05-13 15:51:44   --------   d-----w-   C:\Users\j-cash\AppData\Local\{486F8FA0-27C8-4856-9CE6-DDFD1E3A8771}
2012-05-13 15:51:43   --------   d-----w-   C:\Users\j-cash\AppData\Local\{AA2240F5-E3A4-4689-9649-33B814F7FDDB}
2012-05-13 03:51:41   --------   d-----w-   C:\Users\j-cash\AppData\Local\{F5CB5BA3-052E-4748-AECD-98C79E66B867}
2012-05-13 03:51:39   --------   d-----w-   C:\Users\j-cash\AppData\Local\{364F90F1-87B8-49AE-8387-A1A67AFD06FB}
2012-05-12 15:51:37   --------   d-----w-   C:\Users\j-cash\AppData\Local\{D84B4E47-69B0-40D2-B670-C283732DE86E}
2012-05-12 15:51:36   --------   d-----w-   C:\Users\j-cash\AppData\Local\{9F9039D9-4F8F-4FA7-A489-DD3F915B9BC0}
2012-05-12 03:51:33   --------   d-----w-   C:\Users\j-cash\AppData\Local\{7DCB788E-F5E4-401D-B294-B7F7735EF167}
2012-05-12 03:51:32   --------   d-----w-   C:\Users\j-cash\AppData\Local\{5B4A6AA8-650A-4765-BE95-19F7E82D6B91}
2012-05-11 15:51:30   --------   d-----w-   C:\Users\j-cash\AppData\Local\{E913F4ED-75A0-4522-9398-D49A4A324FBB}
2012-05-11 15:51:28   --------   d-----w-   C:\Users\j-cash\AppData\Local\{5C9B9F86-F542-47EC-B396-A6D2DC4F1C7C}
2012-05-11 03:51:26   --------   d-----w-   C:\Users\j-cash\AppData\Local\{B2AD92CB-3BB5-4004-8E37-836E444E374A}
2012-05-11 03:51:25   --------   d-----w-   C:\Users\j-cash\AppData\Local\{E05FD29F-0795-44E3-AC07-181C184A15B3}
2012-05-10 03:43:53   --------   d-----w-   C:\Users\j-cash\AppData\Local\{FF8FCD44-8825-4258-89C8-63E79186EEE6}
2012-05-10 03:43:51   --------   d-----w-   C:\Users\j-cash\AppData\Local\{BDFB87E1-8AD5-4FF1-8BFD-528D98598145}
2012-05-09 05:56:31   --------   d-----w-   C:\Users\j-cash\AppData\Local\{7051391F-7454-4CAC-BF6E-0593130EBED7}
2012-05-09 05:56:30   --------   d-----w-   C:\Users\j-cash\AppData\Local\{0EEA31F2-DD0D-41A4-A894-5DE12F68C151}
2012-05-08 18:42:50   4699520   ----a-w-   C:\Windows\System32\ntoskrnl.exe
2012-05-08 18:42:50   2766848   ----a-w-   C:\Windows\System32\win32k.sys
2012-05-08 17:56:15   --------   d-----w-   C:\Users\j-cash\AppData\Local\{14B6E50F-82C5-4F08-AE33-A815114F058D}
2012-05-08 17:56:14   --------   d-----w-   C:\Users\j-cash\AppData\Local\{D14137C1-FBC6-495B-8715-089B90E1D0F4}
2012-05-08 05:56:11   --------   d-----w-   C:\Users\j-cash\AppData\Local\{A81B83C0-3FA0-459A-AC11-830E1A224832}
2012-05-08 05:56:09   --------   d-----w-   C:\Users\j-cash\AppData\Local\{BAD6A3DB-DD74-4A08-8FC4-C31FC5CCF4A3}
2012-05-07 17:55:54   --------   d-----w-   C:\Users\j-cash\AppData\Local\{8AAF18CA-10E1-43D9-9DDB-36825B2AADCF}
2012-05-07 17:55:53   --------   d-----w-   C:\Users\j-cash\AppData\Local\{058863FF-BB46-48ED-8024-64EF32D684EC}
2012-05-07 05:55:51   --------   d-----w-   C:\Users\j-cash\AppData\Local\{B8021B87-B83E-4F7A-85D9-253ABA0994B9}
2012-05-07 05:55:49   --------   d-----w-   C:\Users\j-cash\AppData\Local\{547540AD-04D1-440B-83CB-9A17F87B49FD}
2012-05-06 17:55:47   --------   d-----w-   C:\Users\j-cash\AppData\Local\{DBE89F74-CF23-47F7-8D5C-C5C81868F466}
2012-05-06 17:55:46   --------   d-----w-   C:\Users\j-cash\AppData\Local\{8EAF9C6E-8283-4664-A8B7-AA5F6A239172}
2012-05-06 05:55:43   --------   d-----w-   C:\Users\j-cash\AppData\Local\{14EFBB56-9425-4D19-A518-C5DFAC4E7D7E}
2012-05-06 05:55:42   --------   d-----w-   C:\Users\j-cash\AppData\Local\{D36F1ED6-23FD-4FBF-9EDA-5796AED5370B}
2012-05-05 17:55:39   --------   d-----w-   C:\Users\j-cash\AppData\Local\{5AF9F872-4867-4F3F-9057-ED492A7D5DD0}
2012-05-05 17:55:38   --------   d-----w-   C:\Users\j-cash\AppData\Local\{C2BD8057-BC73-4395-BD2B-EFB4ECC39A5B}
2012-05-05 05:55:36   --------   d-----w-   C:\Users\j-cash\AppData\Local\{DDA46BB7-065E-4372-B0EF-51D23003231D}
2012-05-05 05:55:35   --------   d-----w-   C:\Users\j-cash\AppData\Local\{D54C7CF5-582A-4F13-887C-FFCD22BF1ACD}
2012-05-04 17:55:20   --------   d-----w-   C:\Users\j-cash\AppData\Local\{6922290A-C121-4D74-BF8B-DBD16509E991}
2012-05-04 17:55:19   --------   d-----w-   C:\Users\j-cash\AppData\Local\{A10A76C4-FF90-4D11-9D2C-5B8425F71EB5}
2012-05-04 04:13:26   --------   d-----w-   C:\Users\j-cash\AppData\Local\{54C7F174-3D1C-45D7-AD87-34E6D6B17A10}
2012-05-04 04:13:24   --------   d-----w-   C:\Users\j-cash\AppData\Local\{C209B820-1F98-43DB-AAB8-A37FEDD36BED}
2012-05-03 16:13:09   --------   d-----w-   C:\Users\j-cash\AppData\Local\{38D0D3F8-3EDF-4E5E-B7B5-6D8F0C996291}
2012-05-03 16:13:08   --------   d-----w-   C:\Users\j-cash\AppData\Local\{06E4EA27-B991-4923-8332-F4A954541EFD}
2012-05-03 03:59:58   --------   d-----w-   C:\Users\j-cash\AppData\Local\{48554B83-5280-402C-A553-591485A63948}
2012-05-03 03:59:57   --------   d-----w-   C:\Users\j-cash\AppData\Local\{E316DB13-DA44-4B99-AF62-CBC5CB22B610}
2012-05-02 15:59:42   --------   d-----w-   C:\Users\j-cash\AppData\Local\{2DB035E1-DD33-4668-9882-8D69AEDD8712}
2012-05-02 15:59:41   --------   d-----w-   C:\Users\j-cash\AppData\Local\{A2125CBD-0855-4D7E-9E4D-8C000A263F9B}
2012-05-02 03:59:15   --------   d-----w-   C:\Users\j-cash\AppData\Local\{3C03FFEB-FC76-4ECC-BCFB-77180DFD15CC}
2012-05-02 03:59:13   --------   d-----w-   C:\Users\j-cash\AppData\Local\{EC7B2227-28B7-4CDE-9D49-3EADA2F0909B}
2012-05-01 15:50:41   --------   d-----w-   C:\Users\j-cash\AppData\Local\{8BBE44A1-CC91-48F8-838B-7D2FC1A9B888}
2012-05-01 15:50:39   --------   d-----w-   C:\Users\j-cash\AppData\Local\{82C43B4D-4D2C-4AAD-B78A-9EFC467A1635}
2012-05-01 03:50:37   --------   d-----w-   C:\Users\j-cash\AppData\Local\{62DFD6C4-84C1-4857-A352-645796BFCC5E}
2012-05-01 03:50:36   --------   d-----w-   C:\Users\j-cash\AppData\Local\{B8E706EC-A63F-4EFD-A441-F684C4B8068E}
.
==================== Find3M  ====================
.
2012-04-04 19:56:40   24904   ----a-w-   C:\Windows\System32\drivers\mbam.sys
2012-03-30 12:45:03   1423744   ----a-w-   C:\Windows\System32\drivers\tcpip.sys
2012-03-27 13:33:47   414368   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-20 23:34:30   72576   ----a-w-   C:\Windows\System32\drivers\partmgr.sys
2012-03-08 22:50:28   49016   ----a-w-   C:\Windows\SysWow64\sirenacm.dll
2012-03-08 22:37:20   302448   ----a-w-   C:\Windows\WLXPGSS.SCR
.
============= FINISH: 13:12:18.68 ===============
Logged

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Resolved] No internet connection sometimes
« Reply #2 on: May 30, 2012, 11:17:24 AM »
Greetings schafer000 and Welcome to our Forums,

Please uninstall uTorrent...and let me know when you finish so we can continue. Thanks!
Logged
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline schafer000

  • Bronze Member
  • Posts: 24
Re: [Resolved] No internet connection sometimes
« Reply #3 on: May 30, 2012, 11:28:14 AM »
Done..   :)1

Should also state that we have centurylink for our dsl. they told us we have a virus so ive ran virus/malware scans and came up with nothing. my router seems to be ok now for a day but im just wondering if theres something else wrong.
Logged

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Resolved] No internet connection sometimes
« Reply #4 on: May 30, 2012, 03:27:41 PM »
Did they tell you what type of issue it was or name anything about it? Do you have the log(s) from whatever scans you ran?

For now, please disable the active protection component of your antivirus and antispyware programs by following the directions that apply Here.
...of those, many people overlook the Windows Defender since, for most, there is no icon for it in the system tray. Scroll through those directives above and look for this application specifically, to make certain it is disabled.

Please download combofix from This Webpage...and read through the instructions there for running the tool.

***Important Note***
Please read through the guidance on that web page carefully and thoroughly...and install the Recovery Console. Using this tool without the Recovery Console installed is NOT RECOMMENDED.

If you have Windows Vista or Windows 7, you can skip the recovery console step...in Vista/7 it's in the System Recovery Options menu. The System Recovery Options menu is on the Windows Vista or Windows 7 installation disc. If Windows doesn't start correctly, you can use these tools to repair startup problems.


The Windows Recovery Console will allow you to boot into a special recovery (repair) mode that is not otherwise available. This allows us to more easily help you should your computer have a problem after an attempted removal of malware.  It's a simple procedure that will only take a few moments.

Once installed, a blue screen prompt should appear that reads as follows:

The Recovery Console was successfully installed.

When you see that screen, please continue as follows:

  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Click Yes to allow ComboFix to continue scanning for malware.
When the tool is finished, it will produce a log file for you. Please post that log back here on your next reply. Thanks!

Note:
Do not mouseclick combofix's window while it's running....that may cause the scan to stall
Logged
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline schafer000

  • Bronze Member
  • Posts: 24
Re: [Resolved] No internet connection sometimes
« Reply #5 on: May 31, 2012, 11:27:28 AM »
Nope, they never said what it could be... just stated i "had" a virus causing the internet not to connect.  I even had a laptop that connected wirelessly to the router and that didnt connect as well.   Didnt save my scans since it didnt contain anything.

i used AVG, housecall, hijackthis, and malwarebytes.   Ill try what you said when i get the chance too..been working to many hours lately.. haha
Logged

Offline schafer000

  • Bronze Member
  • Posts: 24
Re: [Resolved] No internet connection sometimes
« Reply #6 on: June 02, 2012, 12:13:48 AM »
ComboFix 12-06-02.01 - j-cash 06/02/2012   1:54.1.2 - x64
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.4094.2178 [GMT -4:00]
Running from: c:\users\j-cash\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\j-cash\AppData\Roaming\Microsoft\Windows\Recent\ANTIGEN.tmp
c:\users\j-cash\AppData\Roaming\Microsoft\Windows\Recent\snl2w.tmp
c:\users\j-cash\AppData\Roaming\Microsoft\Windows\Recent\std.tmp
c:\windows\system32\AutoRun.inf
.
.
(((((((((((((((((((((((((   Files Created from 2012-05-02 to 2012-06-02  )))))))))))))))))))))))))))))))
.
.
2012-06-02 06:00 . 2012-06-02 06:00   --------   d-----w-   c:\users\Default\AppData\Local\temp
2012-05-29 00:27 . 2012-05-29 00:27   --------   d-----w-   c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2012-05-28 16:26 . 2012-05-28 16:26   388096   ----a-r-   c:\users\j-cash\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-05-28 16:26 . 2012-05-28 16:26   --------   d-----w-   c:\program files (x86)\Trend Micro
2012-05-28 16:15 . 2011-06-21 04:09   200976   ----a-w-   c:\windows\SysWow64\drivers\tmcomm.sys
2012-05-08 18:42 . 2012-04-03 08:22   4699520   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-05-08 18:42 . 2012-04-02 13:59   2766848   ----a-w-   c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-04 19:56 . 2011-01-17 04:15   24904   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-03-27 13:33 . 2011-05-16 14:45   414368   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-08 22:50 . 2012-03-08 22:50   49016   ----a-w-   c:\windows\SysWow64\sirenacm.dll
2012-03-08 22:37 . 2012-03-08 22:37   302448   ----a-w-   c:\windows\WLXPGSS.SCR
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-14 61440]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296]
"Google Quick Search Box"="c:\program files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-07-21 122368]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG10\avgtray.exe" [2012-01-18 2339168]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-26 619008]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ      autocheck autochk *\0c:\progra~2\AVG\AVG10\avgchsva.exe /sync\0c:\progra~2\AVG\AVG10\avgrsa.exe /sync /restart
.
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-03-05 88576]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt   REG_MULTI_SZ      hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-31 22:01]
.
2012-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-31 22:01]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-03-05 6963744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yahoo.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 10.0.0.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-Aim6 - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
HKLM-Run-Skytel - c:\program files\Realtek\Audio\HDA\Skytel.exe
AddRemove-uTorrent - c:\program files (x86)\uTorrent\uTorrent.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\AVG\AVG10\avgwdsvc.exe
c:\program files (x86)\Common Files\Motive\McciCMService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Viewpoint\Common\ViewpointService.exe
c:\program files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\program files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
.
**************************************************************************
.
Completion time: 2012-06-02  02:09:49 - machine was rebooted
ComboFix-quarantined-files.txt  2012-06-02 06:09
.
Pre-Run: 198,751,887,360 bytes free
Post-Run: 198,976,634,880 bytes free
.
- - End Of File - - 4BC272D58531C354F0B0895375DB90DC
Logged

Offline schafer000

  • Bronze Member
  • Posts: 24
Re: [Resolved] No internet connection sometimes
« Reply #7 on: June 02, 2012, 12:16:39 AM »
should i go ahead and delete combofix now?
Logged

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Resolved] No internet connection sometimes
« Reply #8 on: June 02, 2012, 07:12:27 AM »
No...I'll let you know when we are finished. Tell me how the system behaves now. Thanks!
Logged
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline schafer000

  • Bronze Member
  • Posts: 24
Re: [Resolved] No internet connection sometimes
« Reply #9 on: June 02, 2012, 09:24:39 AM »
SO far its been pretty good, the connection has stayed up and the speed as well.....maybe it wasnt a virus after all?
Logged

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Resolved] No internet connection sometimes
« Reply #10 on: June 02, 2012, 07:07:53 PM »
Please uninstall these:
iSEEK AnswerWorks English Runtime
Viewpoint Media Player

Please open a blank Notepad by clicking start-->run...Then, in the run box type Notepad.exe and click "OK".
Copy the below text in Bold and paste it into the blank Notepad. Save it as CFScript.txt...Change the "Save as type" to All Files and save it to your desktop. Now drag the text document over to your Combofix.exe

Combofix will run again automatically. Please post back the new log that will be generated. Thanks!
Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall


KILLALL::

driver::
tmcomm
Viewpoint Manager Service

file::
c:\windows\SysWow64\drivers\tmcomm.sys

folder::
C:\Program Files (x86)\Viewpoint
C:\Users\j-cash\AppData\Roaming\uTorrent

dds::
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} -
BHO-X64:     AcroIEHelperStub -
BHO-X64:     WormRadar.com IESiteBlocker.NavFilter -
BHO-X64:     Search Helper -
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} -
uRun: [uTorrent]

reglock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
Logged
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline schafer000

  • Bronze Member
  • Posts: 24
Re: [Resolved] No internet connection sometimes
« Reply #11 on: June 02, 2012, 11:15:37 PM »
ComboFix 12-06-02.03 - j-cash 06/03/2012   0:58.2.2 - x64
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.4094.2137 [GMT -4:00]
Running from: c:\users\j-cash\Desktop\ComboFix.exe
Command switches used :: c:\users\j-cash\Desktop\CFscript.txt
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\SysWow64\drivers\tmcomm.sys"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\j-cash\AppData\Roaming\uTorrent
c:\users\j-cash\AppData\Roaming\uTorrent\(2008) The Sound of Madness.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\3 Doors Down - Kryptonite(1).mp3.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Adobe Photoshop CS4 Extended + Activation.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Alice with dog 2.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Alkaline Trio - Agony and Irony [2008].torrent
c:\users\j-cash\AppData\Roaming\uTorrent\babysitter 23.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Black Eyed Peas - Imma be.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Black Eyed Peas - Imma Bee (DJ Smoob).mp3.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\BS1.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Chevelle-Singles-2009-18MB-@320-gR1m.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Chevelle - Greatest Hits (2009) - [kn0wnunkn0wn].torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Clutch-Strange_Cousins_From_The_West-(RETAIL)-2009-h8me.rar.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\College Teens Bookbang - Samantha.wmv.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Deftones - Diamond Eyes [mp3-320-2010].torrent
c:\users\j-cash\AppData\Roaming\uTorrent\dht.dat
c:\users\j-cash\AppData\Roaming\uTorrent\dht.dat.old
c:\users\j-cash\AppData\Roaming\uTorrent\Disturbed - Indestructible 2008 (320k) Heavy Metal.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Drake-Thank.Me.Later-(Retail)-2010-[NoFS].torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Eminem - Relapse (2009) (320 Kbps).torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Explicit Voyeurs College Dorm.wmv.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Five Finger Death Punch - War Is The Answer.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Five_Finger_Death_Punch-The_Way_Of_The_Fist-(Retail)-2008-HHI.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Flight 187.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\framing hanley - lollipop.mp3.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Hollywood Undead-Never Going Down.zip.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Intuit TurboTax Home and Business 2011 @ Only By THE RAIN.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Killswitch Engage - Killswitch Engage (2009) - Metal [www.torrentazos.com].torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Lifehouse - Broken (Radio Remix).mp3.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\LiL Wayne- Lollipop Remastered Remix feat. T-pain, Gabriel, Antonio, DICE & Gorilla Zoe.mp3.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Lil Wayne - Tha Carter III [EAC Rip]-TNas11.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Lil_Wayne-Lollipop__Ft._Static_Major___DIRTY_-_www.dj-emi.blogspot.com_.mp3.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\MOV00125.MP4.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Mudvayne-The_New_Game-2008-MUDVAYNE.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Mudvayne - The new Game.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Nickleback - dark horse(split tracks+covers).torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Paranormal.Activity.Theatrical.Ending PBM.avi.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Pitbull - I Know You Want Me  [2156].mp3.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\resume.dat
c:\users\j-cash\AppData\Roaming\uTorrent\resume.dat.old
c:\users\j-cash\AppData\Roaming\uTorrent\rss.dat
c:\users\j-cash\AppData\Roaming\uTorrent\rss.dat.old
c:\users\j-cash\AppData\Roaming\uTorrent\Seether.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\settings.dat
c:\users\j-cash\AppData\Roaming\uTorrent\settings.dat.old
c:\users\j-cash\AppData\Roaming\uTorrent\Sex Drive (unrated edition) [Elite078].torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Sick Puppies - Tri-Polar 2009 (320@kbps) - lllSCOOPlll.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Skillet - Awake [Album 2009] [320kpbs].torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Slipknot - All Hope Is Gone.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Soulja boy - crank that travis barker remix.mp3.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\T.I. - Paper Trail [EAC Rip]-TNas11.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\The Hangover [2009-MP3-VBR-320Kbps] - [AJ].torrent
c:\users\j-cash\AppData\Roaming\uTorrent\THE_HANGOVER_2.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\Trey Songz - Bottoms Up (feat. Nicki Minaj) [2010-Single][MJN].torrent
c:\users\j-cash\AppData\Roaming\uTorrent\TTax2010Dlx.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\V.I.C. & Soulja Boy ft. Black Lungz - Get Silly.mp3.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\VA - 100 Tracks From The Swinging 60's (2009) [5CD].1.torrent
c:\users\j-cash\AppData\Roaming\uTorrent\VA - 100 Tracks From The Swinging 60's (2009) [5CD].torrent
c:\windows\SysWow64\drivers\tmcomm.sys
.
.
(((((((((((((((((((((((((   Files Created from 2012-05-03 to 2012-06-03  )))))))))))))))))))))))))))))))
.
.
2012-06-03 05:03 . 2012-06-03 05:03   --------   d-----w-   c:\users\Default\AppData\Local\temp
2012-05-29 00:27 . 2012-05-29 00:27   --------   d-----w-   c:\program files (x86)\MALWAREBYTES ANTI-MALWARE
2012-05-28 16:26 . 2012-05-28 16:26   388096   ----a-r-   c:\users\j-cash\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-05-28 16:26 . 2012-05-28 16:26   --------   d-----w-   c:\program files (x86)\Trend Micro
2012-05-08 18:42 . 2012-04-03 08:22   4699520   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-05-08 18:42 . 2012-04-02 13:59   2766848   ----a-w-   c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-04 19:56 . 2011-01-17 04:15   24904   ----a-w-   c:\windows\system32\drivers\mbam.sys
2012-03-27 13:33 . 2011-05-16 14:45   414368   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-08 22:50 . 2012-03-08 22:50   49016   ----a-w-   c:\windows\SysWow64\sirenacm.dll
2012-03-08 22:37 . 2012-03-08 22:37   302448   ----a-w-   c:\windows\WLXPGSS.SCR
.
.
(((((((((((((((((((((((((((((   SnapShot@2012-06-02_06.04.42   )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 02:23 . 2012-06-03 05:08   53116              c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 15:45 . 2012-06-03 05:08   72486              c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-20 22:13 . 2012-06-03 05:08   12354              c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1517543764-884281664-660548895-1000_UserData.bin
+ 2012-06-03 05:05 . 2012-06-03 05:05   2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-06-02 06:02 . 2012-06-02 06:02   2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-06-03 05:05 . 2012-06-03 05:05   2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-06-02 06:02 . 2012-06-02 06:02   2048              c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2006-11-02 12:46 . 2012-06-02 06:08   604502              c:\windows\system32\perfh009.dat
- 2006-11-02 12:46 . 2012-05-29 16:50   604502              c:\windows\system32\perfh009.dat
+ 2006-11-02 12:46 . 2012-06-02 06:08   104202              c:\windows\system32\perfc009.dat
- 2006-11-02 12:46 . 2012-05-29 16:50   104202              c:\windows\system32\perfc009.dat
+ 2010-10-27 07:16 . 2012-06-03 05:04   348072              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2010-10-27 07:16 . 2012-06-02 06:01   348072              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2010-10-27 07:16 . 2012-06-03 05:04   6066971              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1517543764-884281664-660548895-1000-8192.dat
- 2010-10-27 07:16 . 2012-06-02 06:01   6066971              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1517543764-884281664-660548895-1000-8192.dat
+ 2011-05-16 14:38 . 2012-06-03 05:04   39764032              c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1517543764-884281664-660548895-1000-4096.dat
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-02-14 61440]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296]
"Google Quick Search Box"="c:\program files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-07-21 122368]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-03-12 49152]
"AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG10\avgtray.exe" [2012-01-18 2339168]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-26 619008]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ      autocheck autochk *\0c:\progra~2\AVG\AVG10\avgchsva.exe /sync\0c:\progra~2\AVG\AVG10\avgrsa.exe /sync /restart
.
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-03-05 88576]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt   REG_MULTI_SZ      hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-31 22:01]
.
2012-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-31 22:01]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-03-05 6963744]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [BU]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.yahoo.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 10.0.0.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\JSXFile\shell\Edit]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\JSXFile\shell\Open]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Photoshop.Image.11\protocol\StdFileEditing\server]
@DACL=(02 0000)
@="c:\\Program Files\\Adobe\\Adobe Photoshop CS4 (64 Bit)\\Photoshop.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\AVG\AVG10\avgwdsvc.exe
c:\program files (x86)\Common Files\Motive\McciCMService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
c:\program files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
.
**************************************************************************
.
Completion time: 2012-06-03  01:12:52 - machine was rebooted
ComboFix-quarantined-files.txt  2012-06-03 05:12
ComboFix2.txt  2012-06-02 06:09
.
Pre-Run: 203,048,206,336 bytes free
Post-Run: 202,809,835,520 bytes free
.
- - End Of File - - 8146B7DDB0A963223F06F3AE32831D64
« Last Edit: June 02, 2012, 11:21:41 PM by schafer000 »
Logged

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Resolved] No internet connection sometimes
« Reply #12 on: June 03, 2012, 07:20:38 AM »
Update mbam and run a full scan. Post back THAT log. Thanks!
Logged
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven

Offline schafer000

  • Bronze Member
  • Posts: 24
Re: [Resolved] No internet connection sometimes
« Reply #13 on: June 03, 2012, 10:37:01 AM »
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.03.04

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
j-cash :: JOHN-PC [administrator]

6/3/2012 11:41:26 AM
mbam-log-2012-06-03 (11-41-26).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 376431
Time elapsed: 45 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
Logged

Offline 1972vet

  • Microsoft® MVP
  • Malware Removal Staff
  • Diamond Member
  • Posts: 8290
  • Patience is bitter indeed, but its fruit is sweet.
Re: [Resolved] No internet connection sometimes
« Reply #14 on: June 03, 2012, 05:53:53 PM »
K, thanks. By all appearances now, it seems to me you should not be experiences any difficulty. Are you having any other issues at all?
Logged
Disabled Veteran
U.S.C.G. 1972 - 1978
Membership: U.N.I.T.E., A.S.A.P.

2009-12

Performance and Maintenance for Windows XP, Windows Vista and Windows Seven
Pages: [1] 2   Go Up
« previous next »