1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Help! Do I have a virus?

Discussion in 'Networking' started by Yelsa11, Jan 23, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. Yelsa11

    Yelsa11 Thread Starter

    Joined:
    Jan 2, 2011
    Messages:
    21
    My problem is that my wireless internet on my laptop won't connect. It's like it starts to connect and gets hung up, and gives the error "connected with limited access." Doing a a system restore temporarily fixed the problem, but I got a virus on my computer. I think I removed the virus, but now I can't connect to the internet again, so I was wondering if they are related?

    OS: Vista 64 bit

    GMER just came back with a message that it didn't find anything.

    HijackThis:
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:31:12 AM, on 1/20/2011
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18999)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Users\Elise\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Program Files (x86)\Desktop-Reminder\DesktopReminder.exe
    C:\Users\Elise\AppData\Local\Flock\Update\FlockUpdate.exe
    C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files (x86)\OnlyWire\OnlyWireWindows.exe
    C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
    C:\Program Files (x86)\Java\jre6\bin\javaw.exe
    C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
    C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
    C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe
    C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe
    C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files (x86)\Java\jre6\bin\jusched.exe
    C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
    C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
    C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\SysWOW64\java.exe
    C:\Users\Elise\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1561552
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8074
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll
    F2 - REG:system.ini: UserInit=userinit.exe,
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
    O2 - BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
    O3 - Toolbar: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
    O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
    O4 - HKLM\..\Run: [cfFncEnabler.exe] cfFncEnabler.exe
    O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
    O4 - HKLM\..\Run: [SVPWUTIL] "C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" SVPwUTIL
    O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
    O4 - HKLM\..\Run: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TSS.exe /hide
    O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe"
    O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe"
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [osCheck] "C:\Program Files (x86)\Norton 360\osCheck.exe"
    O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [ANIWZCS2Service] "C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe"
    O4 - HKLM\..\Run: [D-Link D-Link RangeBooster N DWA-140] "C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe"
    O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Elise\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [DesktopReminderByPolenter] "C:\Program Files (x86)\Desktop-Reminder\DesktopReminder.exe" -silent
    O4 - HKCU\..\Run: [Flock Update] "C:\Users\Elise\AppData\Local\Flock\Update\FlockUpdate.exe" /c
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Startup: Seagate 2GE3VQ9S Product Registration.lnk = C:\Users\Elise\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GE3VQ9S Product Registration.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O4 - Global Startup: OnlyWire.LNK = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\Windows\system32\ANIWConnService.exe
    O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files (x86)\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\VAScanner\comHost.exe
    O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
    O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE
    O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
    O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 14644 bytes


    DDS


    DDS (Ver_10-12-12.02) - NTFS_AMD64
    Run by Elise at 11:31:56.00 on Thu 01/20/2011
    Internet Explorer: 8.0.6001.18999 BrowserJavaVersion: 1.6.0_13
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3960.2505 [GMT -5:00]

    AV: avast! Antivirus *Enabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6}
    AV: Norton 360 *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
    SP: avast! Antivirus *Enabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
    SP: Norton 360 *Disabled/Outdated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
    FW: Norton 360 *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

    ============== Running Processes ===============

    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    C:\Windows\system32\agr64svc.exe
    C:\Windows\SysWOW64\ANIWConnService.exe
    C:\Program Files (x86)\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
    C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
    C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
    C:\Windows\system32\TODDSrv.exe
    C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
    C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
    C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\ehome\ehtray.exe
    C:\Users\Elise\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Program Files (x86)\Desktop-Reminder\DesktopReminder.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Users\Elise\AppData\Local\Flock\Update\FlockUpdate.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files (x86)\OnlyWire\OnlyWireWindows.exe
    C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
    C:\Program Files (x86)\Java\jre6\bin\javaw.exe
    C:\Windows\system32\igfxext.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
    C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
    C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TSS.exe
    C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe
    C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe
    C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files (x86)\Java\jre6\bin\jusched.exe
    C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
    C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
    C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
    C:\Windows\SysWOW64\java.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\taskeng.exe
    \\?\C:\Windows\system32\wbem\WMIADAP.EXE
    C:\Windows\system32\wbem\wmiprvse.exe
    c:\program files\windows defender\MpCmdRun.exe
    C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Users\Elise\Desktop\dds.scr

    ============== Pseudo HJT Report ===============

    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1561552
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
    mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
    uInternet Settings,ProxyServer = http=127.0.0.1:8074
    uInternet Settings,ProxyOverride = <local>
    uURLSearchHooks: Hotspot Shield Toolbar: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll
    mURLSearchHooks: Hotspot Shield Toolbar: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
    BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\PROGRA~2\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
    BHO: Hotspot Shield Toolbar: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
    TB: Hotspot Shield Toolbar: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\tbHots.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    uRun: [Google Update] "C:\Users\Elise\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    uRun: [DesktopReminderByPolenter] "C:\Program Files (x86)\Desktop-Reminder\DesktopReminder.exe" -silent
    uRun: [Flock Update] "C:\Users\Elise\AppData\Local\Flock\Update\FlockUpdate.exe" /c
    uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    mRun: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
    mRun: [NDSTray.exe] NDSTray.exe
    mRun: [cfFncEnabler.exe] cfFncEnabler.exe
    mRun: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
    mRun: [SVPWUTIL] "C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" SVPwUTIL
    mRun: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe"
    mRun: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TSS.exe /hide
    mRun: [PCMAgent] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe"
    mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe"
    mRun: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"
    mRun: [osCheck] "C:\Program Files (x86)\Norton 360\osCheck.exe"
    mRun: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
    mRun: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
    mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
    mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
    mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    mRun: [ANIWZCS2Service] "C:\Program Files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe"
    mRun: [D-Link D-Link RangeBooster N DWA-140] "C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe"
    StartupFolder: C:\Users\Elise\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SEAGAT~1.LNK - C:\Users\Elise\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GE3VQ9S Product Registration.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\OnlyWire.LNK - C:\Program Files (x86)\OnlyWire\OnlyWireWindows.exe
    mPolicies-explorer: NoActiveDesktop = 1 (0x1)
    mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll
    BHO-X64: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
    TB-X64: Show Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -
    TB-X64: {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - No File
    mRun-x64: [IgfxTray] C:\Windows\system32\igfxtray.exe
    mRun-x64: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    mRun-x64: [Persistence] C:\Windows\system32\igfxpers.exe
    mRun-x64: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    mRun-x64: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    mRun-x64: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
    mRun-x64: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    mRun-x64: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun-x64: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

    ================= FIREFOX ===================

    FF - ProfilePath - C:\Users\Elise\AppData\Roaming\Mozilla\Firefox\Profiles\69oi1jn8.default\
    FF - prefs.js: network.proxy.type - 0
    FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll
    FF - component: C:\Users\Elise\AppData\Roaming\Mozilla\Firefox\Profiles\69oi1jn8.default\extensions\{7787245d-9f00-4580-b8c7-a46a5029f66b}\components\FFExternalAlert.dll
    FF - component: C:\Users\Elise\AppData\Roaming\Mozilla\Firefox\Profiles\69oi1jn8.default\extensions\{7787245d-9f00-4580-b8c7-a46a5029f66b}\components\RadioWMPCore.dll
    FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
    FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    FF - plugin: C:\Users\Elise\AppData\Local\Flock\Update\1.2.213.0\npFlockOneClick8.dll
    FF - plugin: C:\Users\Elise\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
    FF - Ext: Ghostery: [email protected] - %profile%\extensions\[email protected]
    FF - Ext: Ghost Trappers Toolbar: {7787245d-9f00-4580-b8c7-a46a5029f66b} - %profile%\extensions\{7787245d-9f00-4580-b8c7-a46a5029f66b}
    FF - Ext: Session Manager: {1280606b-2510-4fe0-97ef-9b5a22eafe30} - %profile%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}
    FF - Ext: webmaster2: [email protected] - %profile%\extensions\[email protected]

    ---- FIREFOX POLICIES ----
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.homepage.dontask, true
    ============= SERVICES / DRIVERS ===============

    R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2010-11-27 69152]
    R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\Windows\System32\drivers\tos_sps64.sys [2009-2-24 504912]
    R1 anodlwf;ANOD Network Security Filter driver;C:\Windows\System32\drivers\anodlwfx.sys [2011-1-19 15872]
    R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-1-2 121936]
    R1 IDSvia64;Symantec Intrusion Prevention Driver;C:\PROGRA~3\Symantec\DEFINI~1\SymcData\ipsdefs\20090923.001\IDSvia64.sys [2009-10-3 370224]
    R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
    R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
    R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
    R2 ANIWConnService;ANIWConn Service;C:\Windows\system32\ANIWConnService.exe --> C:\Windows\system32\ANIWConnService.exe [?]
    R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-1-2 20048]
    R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-1-2 61008]
    R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-1-2 40384]
    R2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe [2008-6-27 36864]
    R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2008-7-10 40960]
    R2 FreeAgentGoNext Service;Seagate Service;C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-5-1 181544]
    R2 LiveUpdate Notice;LiveUpdate Notice;C:\Program Files (x86)\Common Files\Symantec Shared\CCSVCHST.EXE [2008-2-18 149352]
    R2 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2008-9-1 46392]
    R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2008-7-17 139776]
    R3 avast! Mail Scanner;avast! Mail Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-1-2 40384]
    R3 avast! Web Scanner;avast! Web Scanner;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2011-1-2 40384]
    R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2008-8-7 143360]
    R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [2008-8-25 89600]
    R3 Symantec Core LC;Symantec Core LC;C:\PROGRA~2\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2008-9-1 1245064]
    R3 SYMNDISV;SYMNDISV;C:\Windows\System32\drivers\symndisv.sys [2009-2-19 47664]
    S1 vflt;Shrew Soft Lightweight Filter;C:\Windows\System32\drivers\vfilter.sys [2008-10-23 20480]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-2 135664]
    S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-9-23 1375992]
    S3 COH_Mon;COH_Mon;C:\Windows\System32\drivers\COH_Mon.sys [2009-8-24 25424]
    S3 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
    S3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2010-9-23 17440]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
    S3 netr28ux;D-Link USB Wireless LAN Card Driver for Vista;C:\Windows\System32\drivers\netr28ux.sys [2011-1-19 886272]
    S3 NETw5v64;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit ;C:\Windows\System32\drivers\NETw5v64.sys [2008-4-28 4730368]
    S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
    S3 vnet;Shrew Soft Virtual Adapter;C:\Windows\System32\drivers\virtualnet.sys [2008-10-16 12800]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
    S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-4-2 89920]
    S4 KR10I64;KR10I64;C:\Windows\System32\drivers\KR10I64.sys [2008-9-1 248320]
    S4 KR10N64;KR10N64;C:\Windows\System32\drivers\KR10N64.sys [2008-9-1 237568]

    =============== File Associations ===============

    JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

    =============== Created Last 30 ================

    2011-01-19 19:17:07 303616 ----a-w- C:\Windows\System32\RaCoInstx.dll
    2011-01-19 19:15:59 886272 ----a-w- C:\Windows\System32\drivers\netr28ux.sys
    2011-01-19 19:15:59 15872 ----a-w- C:\Windows\System32\drivers\anodlwfx.sys
    2011-01-19 19:15:50 -------- d-----w- C:\Program Files (x86)\D-Link
    2011-01-03 04:58:13 61008 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
    2011-01-03 04:57:51 38848 ----a-w- C:\Windows\avastSS.scr
    2011-01-02 03:15:41 -------- d-----w- C:\Users\Elise\AppData\Roaming\SUPERAntiSpyware.com
    2011-01-02 03:15:41 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com
    2011-01-02 03:15:38 -------- d-----w- C:\PROGRA~3\!SASCORE
    2011-01-02 03:15:36 -------- d-----w- C:\Program Files\SUPERAntiSpyware
    2011-01-02 03:14:05 -------- d-----w- C:\PROGRA~3\Hitman Pro
    2011-01-02 03:04:35 -------- d-----w- C:\Users\Elise\AppData\Roaming\Malwarebytes
    2011-01-02 03:04:30 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
    2011-01-02 03:04:29 -------- d-----w- C:\PROGRA~3\Malwarebytes
    2011-01-02 03:04:26 24152 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-01-02 03:04:26 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-01-02 01:00:01 316928 ----a-w- C:\Windows\System32\msshsq.dll
    2011-01-02 01:00:01 231424 ----a-w- C:\Windows\SysWow64\msshsq.dll
    2011-01-02 01:00:00 96256 ----a-w- C:\Windows\System32\fontsub.dll
    2011-01-02 01:00:00 72704 ----a-w- C:\Windows\SysWow64\fontsub.dll
    2011-01-02 01:00:00 48128 ----a-w- C:\Windows\System32\atmlib.dll
    2011-01-02 01:00:00 367104 ----a-w- C:\Windows\System32\atmfd.dll
    2011-01-02 01:00:00 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
    2011-01-02 01:00:00 292352 ----a-w- C:\Windows\SysWow64\atmfd.dll
    2011-01-02 00:58:38 68096 ----a-w- C:\Program Files\Windows Mail\wabmig.exe
    2011-01-02 00:58:38 66048 ----a-w- C:\Program Files (x86)\Windows Mail\wabmig.exe
    2011-01-02 00:58:38 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe
    2011-01-02 00:58:38 515584 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe
    2011-01-02 00:58:38 35328 ----a-w- C:\Program Files\Windows Mail\wabfind.dll
    2011-01-02 00:58:38 33280 ----a-w- C:\Program Files (x86)\Windows Mail\wabfind.dll
    2011-01-02 00:57:35 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
    2011-01-02 00:57:35 2048 ----a-w- C:\Windows\System32\tzres.dll
    2011-01-02 00:57:18 855040 ----a-w- C:\Windows\System32\schedsvc.dll
    2011-01-02 00:57:18 655872 ----a-w- C:\Windows\System32\taskschd.dll
    2011-01-02 00:57:18 500224 ----a-w- C:\Windows\System32\wmicmiplugin.dll
    2011-01-02 00:57:18 410112 ----a-w- C:\Windows\System32\taskcomp.dll
    2011-01-02 00:57:18 352768 ----a-w- C:\Windows\SysWow64\taskschd.dll
    2011-01-02 00:57:18 267776 ----a-w- C:\Windows\System32\taskeng.exe
    2011-01-02 00:57:17 270336 ----a-w- C:\Windows\SysWow64\taskcomp.dll
    2011-01-02 00:57:17 171520 ----a-w- C:\Windows\SysWow64\taskeng.exe
    2010-12-26 21:01:26 -------- d-----w- C:\Program Files (x86)\Market Samurai(7)

    ==================== Find3M ====================

    2010-11-28 04:26:07 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
    2010-11-02 06:27:41 1147904 ----a-w- C:\Windows\System32\wininet.dll
    2010-11-02 06:24:01 56832 ----a-w- C:\Windows\System32\licmgr10.dll
    2010-11-02 06:23:47 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl
    2010-11-02 06:23:35 77312 ----a-w- C:\Windows\System32\iesetup.dll
    2010-11-02 06:23:35 132096 ----a-w- C:\Windows\System32\iesysprep.dll
    2010-11-02 06:01:54 916480 ----a-w- C:\Windows\SysWow64\wininet.dll
    2010-11-02 05:57:41 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll
    2010-11-02 05:57:27 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2010-11-02 05:57:11 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2010-11-02 05:57:11 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
    2010-11-02 05:25:33 479232 ----a-w- C:\Windows\System32\html.iec
    2010-11-02 05:01:31 385024 ----a-w- C:\Windows\SysWow64\html.iec
    2010-11-02 04:45:37 162816 ----a-w- C:\Windows\System32\ieUnatt.exe
    2010-11-02 04:44:24 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2010-11-02 04:26:10 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2010-11-02 04:24:44 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

    ============= FINISH: 11:32:36.10 ===============
     

    Attached Files:

  2. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    first
    Run tdss killer from http://support.kaspersky.com/viruses/solutions?qid=208280684

    let it cure anything it fnds & then reboot

    post back with its log

    then
    Delete any existing version of ComboFix you have sitting on your desktop
    Please read and follow all these instructions very carefully
    Do not edit or remove any information or user names etc, otherwise we cannot fix the problem. If you insist on editing out anything then I will close the topic & refuse to offer any help.

    Download ComboFix from Here or Hereto your Desktop.
    As you download it rename it to username123.exe


    **Note: It is important that it is saved directly to your desktop and run from the desktop and not any other folder on your computer**
    --------------------------------------------------------------------
    1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    • Very Important! Temporarily disable your anti-virus and anti-malware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results" or stop combofix running at all
    • Click on THIS LINK to see instructions on how to temporarily disable many security programs while running combofix. The list does not cover every program. If yours is not listed and you don't know how to disable it, please ask.
    • Remember to re enable the protection again after combofix has finished
    --------------------------------------------------------------------
    2. Close any open browsers and any other programs you might have running
    Double click on combofix.exe & follow the prompts.​
    If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?"
    Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
    When finished, it will produce a report for you.
    Please post the "C:\ComboFix.txt" for further review


    ****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

    Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
    Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read HERE why we disable autoruns

    Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

    Please tell us if it has cured the problems or if there are any outstanding issues
     
  3. Yelsa11

    Yelsa11 Thread Starter

    Joined:
    Jan 2, 2011
    Messages:
    21
    OK, I ran tdss killer and it did not find anything, but when it finished I got a blue screen Pagefault in Nonpaged Area. After restarting, my comp seems to be working OK.

    I was trying to disable Ad-Aware to run ComboFix, but it wouldn't start giving the error that it couldn't load resource manager. I tried to uninstall but it gives the error this application failed to start because mia.lib was not found.

    I also have MalwareBytes and SuperAntiSpyware and don't know how to disable them.
     
  4. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    no need to disable super antispyware or MBAM
     
  5. Yelsa11

    Yelsa11 Thread Starter

    Joined:
    Jan 2, 2011
    Messages:
    21
    OK, should I run combofix then? and ignore ad-aware? i disabled my other programs.
     
  6. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    yes just run combofix
     
  7. Yelsa11

    Yelsa11 Thread Starter

    Joined:
    Jan 2, 2011
    Messages:
    21
    Here is the combofix log

    ComboFix 11-01-24.02 - Elise 01/25/2011 13:52:14.1.2 - x64
    Microsoft® Windows Vista&#8482; Home Premium 6.0.6002.2.1252.1.1033.18.3960.2397 [GMT -5:00]
    Running from: c:\users\Elise\Desktop\username123.exe.exe
    AV: avast! Antivirus *Disabled/Outdated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
    AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {DAAC1C79-1A96-9DFE-FC4C-6940214C33E6}
    AV: Norton 360 *Disabled/Outdated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
    FW: Norton 360 *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
    SP: avast! Antivirus *Disabled/Outdated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
    SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
    SP: Norton 360 *Disabled/Outdated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .

    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Install.exe
    c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
    c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
    c:\programdata\xp
    c:\programdata\xp\EBLib.dll
    c:\programdata\xp\TPwSav.sys
    c:\users\Elise\g2mdlhlpx.exe

    ----- BITS: Possible infected sites -----

    hxxp://update.flock.com
    .
    ((((((((((((((((((((((((( Files Created from 2010-12-25 to 2011-01-25 )))))))))))))))))))))))))))))))
    .

    2011-01-25 18:59 . 2011-01-25 18:59 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-01-19 19:18 . 2009-02-26 18:46 147456 ----a-w- c:\windows\SysWow64\ANIWConnService.exe
    2011-01-19 19:17 . 2009-04-17 16:26 303616 ----a-w- c:\windows\system32\RaCoInstx.dll
    2011-01-19 19:15 . 2009-04-17 16:27 886272 ----a-w- c:\windows\system32\drivers\netr28ux.sys
    2011-01-19 19:15 . 2009-03-06 23:10 15872 ----a-w- c:\windows\system32\drivers\anodlwfx.sys
    2011-01-19 19:15 . 2011-01-19 19:15 -------- d-----w- c:\program files (x86)\D-Link
    2011-01-19 19:15 . 2011-01-19 19:15 -------- d-----w- c:\users\Elise\AppData\Roaming\InstallShield
    2011-01-03 04:58 . 2010-09-07 15:52 121936 ----a-w- c:\windows\system32\drivers\aswSP.sys
    2011-01-03 04:58 . 2010-09-07 15:47 20048 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
    2011-01-03 04:58 . 2010-09-07 15:47 28752 ----a-w- c:\windows\system32\drivers\aswRdr.sys
    2011-01-03 04:58 . 2010-09-07 15:52 51280 ----a-w- c:\windows\system32\drivers\aswTdi.sys
    2011-01-03 04:58 . 2010-09-07 15:47 61008 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
    2011-01-03 04:57 . 2010-09-07 16:12 38848 ----a-w- c:\windows\avastSS.scr
    2011-01-03 04:57 . 2010-09-07 16:11 167592 ----a-w- c:\windows\SysWow64\aswBoot.exe
    2011-01-02 03:15 . 2011-01-02 03:15 -------- d-----w- c:\users\Elise\AppData\Roaming\SUPERAntiSpyware.com
    2011-01-02 03:15 . 2011-01-02 03:15 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2011-01-02 03:15 . 2011-01-02 03:15 -------- d-----w- c:\programdata\!SASCORE
    2011-01-02 03:15 . 2011-01-02 03:15 -------- d-----w- c:\program files\SUPERAntiSpyware
    2011-01-02 03:14 . 2011-01-02 03:14 -------- d-----w- c:\programdata\Hitman Pro
    2011-01-02 03:04 . 2011-01-02 03:04 -------- d-----w- c:\users\Elise\AppData\Roaming\Malwarebytes
    2011-01-02 03:04 . 2010-12-20 23:09 38224 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-01-02 03:04 . 2011-01-02 03:04 -------- d-----w- c:\programdata\Malwarebytes
    2011-01-02 03:04 . 2011-01-02 03:04 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-01-02 03:04 . 2010-12-20 23:08 24152 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-01-02 01:00 . 2010-05-04 19:40 316928 ----a-w- c:\windows\system32\msshsq.dll
    2011-01-02 01:00 . 2010-05-04 19:13 231424 ----a-w- c:\windows\SysWow64\msshsq.dll
    2011-01-02 01:00 . 2010-10-28 16:29 48128 ----a-w- c:\windows\system32\atmlib.dll
    2011-01-02 01:00 . 2010-10-28 15:44 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
    2011-01-02 01:00 . 2010-10-28 14:05 367104 ----a-w- c:\windows\system32\atmfd.dll
    2011-01-02 01:00 . 2010-10-28 13:27 292352 ----a-w- c:\windows\SysWow64\atmfd.dll
    2011-01-02 01:00 . 2010-06-16 16:30 96256 ----a-w- c:\windows\system32\fontsub.dll
    2011-01-02 01:00 . 2010-06-16 15:30 72704 ----a-w- c:\windows\SysWow64\fontsub.dll
    2011-01-02 00:58 . 2010-10-12 17:43 35328 ----a-w- c:\program files\Windows Mail\wabfind.dll
    2011-01-02 00:58 . 2010-10-12 15:53 33280 ----a-w- c:\program files (x86)\Windows Mail\wabfind.dll
    2011-01-02 00:58 . 2010-10-12 15:19 516096 ----a-w- c:\program files\Windows Mail\wab.exe
    2011-01-02 00:58 . 2010-10-12 15:19 68096 ----a-w- c:\program files\Windows Mail\wabmig.exe
    2011-01-02 00:58 . 2010-10-12 13:41 66048 ----a-w- c:\program files (x86)\Windows Mail\wabmig.exe
    2011-01-02 00:58 . 2010-10-12 13:41 515584 ----a-w- c:\program files (x86)\Windows Mail\wab.exe
    2011-01-02 00:57 . 2010-10-28 13:56 2048 ----a-w- c:\windows\system32\tzres.dll
    2011-01-02 00:57 . 2010-10-28 13:20 2048 ----a-w- c:\windows\SysWow64\tzres.dll
    2011-01-02 00:57 . 2010-11-06 11:18 500224 ----a-w- c:\windows\system32\wmicmiplugin.dll
    2011-01-02 00:57 . 2010-11-06 11:18 655872 ----a-w- c:\windows\system32\taskschd.dll
    2011-01-02 00:57 . 2010-11-06 11:18 410112 ----a-w- c:\windows\system32\taskcomp.dll
    2011-01-02 00:57 . 2010-11-06 11:18 855040 ----a-w- c:\windows\system32\schedsvc.dll
    2011-01-02 00:57 . 2010-11-04 23:58 267776 ----a-w- c:\windows\system32\taskeng.exe
    2011-01-02 00:57 . 2010-11-04 18:55 352768 ----a-w- c:\windows\SysWow64\taskschd.dll
    2011-01-02 00:57 . 2010-11-04 18:55 270336 ----a-w- c:\windows\SysWow64\taskcomp.dll
    2011-01-02 00:57 . 2010-11-04 16:34 171520 ----a-w- c:\windows\SysWow64\taskeng.exe
    2010-12-26 21:01 . 2010-12-26 21:01 -------- d-----w- c:\program files (x86)\Market Samurai(7)

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-11-28 04:26 . 2010-11-28 04:26 49752 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
    "{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "c:\program files (x86)\Hotspot_Shield\tbHots.dll" [2009-07-02 2215960]

    [HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]

    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]
    2009-07-02 14:18 2215960 ----a-w- c:\program files (x86)\Hotspot_Shield\tbHots.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{c95a4e8e-816d-4655-8c79-d736da1adb6d}"= "c:\program files (x86)\Hotspot_Shield\tbHots.dll" [2009-07-02 2215960]

    [HKEY_CLASSES_ROOT\clsid\{c95a4e8e-816d-4655-8c79-d736da1adb6d}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "TOSCDSPD"="c:\program files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe" [2008-05-19 432640]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-24 39408]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
    "Google Update"="c:\users\Elise\AppData\Local\Google\Update\GoogleUpdate.exe" [2010-04-08 136176]
    "DesktopReminderByPolenter"="c:\program files (x86)\Desktop-Reminder\DesktopReminder.exe" [2010-06-21 936960]
    "Flock Update"="c:\users\Elise\AppData\Local\Flock\Update\FlockUpdate.exe" [2010-10-10 136312]
    "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-12-14 2988784]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "NDSTray.exe"="NDSTray.exe" [BU]
    "HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2007-04-16 422400]
    "SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2007-09-19 438272]
    "KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2006-11-07 34352]
    "ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TSS.exe" [2008-08-04 1242424]
    "PCMAgent"="c:\program files (x86)\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe" [2007-12-14 143360]
    "CLMLServer"="c:\program files (x86)\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe" [2008-07-11 188416]
    "ccApp"="c:\program files (x86)\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
    "osCheck"="c:\program files (x86)\Norton 360\osCheck.exe" [2008-02-26 988512]
    "Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-08-14 417792]
    "SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2009-08-14 148888]
    "MaxMenuMgr"="c:\program files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-05-01 185640]
    "TkBellExe"="c:\program files (x86)\Common Files\Real\Update_OB\realsched.exe" [2010-06-25 202256]
    "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584]
    "ANIWZCS2Service"="c:\program files (x86)\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2009-05-07 98304]
    "D-Link D-Link RangeBooster N DWA-140"="c:\program files (x86)\D-Link\DWA-140 revB\AirNCFG.exe" [2009-05-21 1683456]

    c:\users\Elise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Seagate 2GE3VQ9S Product Registration.lnk - c:\users\Elise\AppData\Roaming\Leadertech\PowerRegister\Seagate 2GE3VQ9S Product Registration.exe [2010-3-16 1731736]

    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
    OnlyWire.LNK - c:\program files (x86)\OnlyWire\OnlyWireWindows.exe [2010-11-4 622504]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
    @="Service"

    R1 vflt;Shrew Soft Lightweight Filter;c:\windows\system32\DRIVERS\vfilter.sys [2008-10-23 20480]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-02 135664]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2010-11-28 1375992]
    R3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [2008-07-30 25424]
    R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-08-08 143360]
    R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [2010-11-28 17440]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
    R3 netr28ux;D-Link USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28ux.sys [2009-04-17 886272]
    R3 NETw5v64;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit ;c:\windows\system32\DRIVERS\NETw5v64.sys [2008-04-28 4730368]
    R3 TpChoice;Touch Pad Detection Filter driver;c:\windows\system32\DRIVERS\TpChoice.sys [x]
    R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys [2008-10-16 12800]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
    R4 KR10I64;KR10I64;c:\windows\system32\drivers\kr10i64.sys [2006-11-09 248320]
    R4 KR10N64;KR10N64;c:\windows\system32\drivers\kr10n64.sys [2006-11-09 237568]
    S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2010-09-23 69152]
    S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2008-08-20 504912]
    S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys [2009-03-06 15872]
    S1 aswSP;aswSP; [x]
    S1 IDSvia64;Symantec Intrusion Prevention Driver;c:\progra~3\Symantec\DEFINI~1\SymcData\ipsdefs\20090923.001\IDSvia64.sys [2009-07-22 370224]
    S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
    S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
    S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
    S2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [x]
    S2 aswFsBlk;aswFsBlk; [x]
    S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-09-07 61008]
    S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [2008-06-28 36864]
    S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2008-07-11 40960]
    S2 FreeAgentGoNext Service;Seagate Service;c:\program files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe [2009-05-01 181544]
    S2 LiveUpdate Notice;LiveUpdate Notice;c:\program files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
    S2 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2008-08-04 46392]
    S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2008-07-17 139776]
    S3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [2008-08-25 89600]
    S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 47664]


    --- Other Services/Drivers In Memory ---

    *NewlyCreated* - COMHOST
    .
    Contents of the 'Scheduled Tasks' folder

    2011-01-19 c:\windows\Tasks\Ad-Aware Update (Weekly).job
    - c:\program files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-09-23 04:25]

    2011-01-25 c:\windows\Tasks\FlockUpdateTaskUserS-1-5-21-3885992835-1206393517-2672882245-1000Core.job
    - c:\users\Elise\AppData\Local\Flock\Update\FlockUpdate.exe [2010-10-10 17:55]

    2011-01-25 c:\windows\Tasks\FlockUpdateTaskUserS-1-5-21-3885992835-1206393517-2672882245-1000UA.job
    - c:\users\Elise\AppData\Local\Flock\Update\FlockUpdate.exe [2010-10-10 17:55]

    2011-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-02 19:53]

    2011-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-02 19:53]

    2011-01-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3885992835-1206393517-2672882245-1000Core.job
    - c:\users\Elise\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-13 20:11]

    2011-01-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3885992835-1206393517-2672882245-1000UA.job
    - c:\users\Elise\AppData\Local\Google\Update\GoogleUpdate.exe [2010-06-13 20:11]
    .

    --------- x86-64 -----------


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [X]
    "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-13 151064]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-13 209432]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-13 181784]
    "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-12-15 237056]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-24 8081952]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1561552
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyServer = http=127.0.0.1:8074
    uInternet Settings,ProxyOverride = <local>
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    FF - ProfilePath - c:\users\Elise\AppData\Roaming\Mozilla\Firefox\Profiles\69oi1jn8.default\
    FF - prefs.js: network.proxy.type - 0
    FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    FF - Ext: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
    FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
    FF - Ext: Ghostery: [email protected] - %profile%\extensions\[email protected]
    FF - Ext: Ghost Trappers Toolbar: {7787245d-9f00-4580-b8c7-a46a5029f66b} - %profile%\extensions\{7787245d-9f00-4580-b8c7-a46a5029f66b}
    FF - Ext: Session Manager: {1280606b-2510-4fe0-97ef-9b5a22eafe30} - %profile%\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}
    FF - Ext: webmaster2: [email protected] - %profile%\extensions\[email protected]
    FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(yahoo.homepage.dontask, true
    .
    - - - - ORPHANS REMOVED - - - -

    Wow6432Node-HKLM-Run-ITSecMng - %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
    Wow6432Node-HKLM-Run-cfFncEnabler.exe - cfFncEnabler.exe
    BHO-{F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
    WebBrowser-{C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - (no file)
    HKLM-Run-TPwrMain - %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    HKLM-Run-HSON - %ProgramFiles%\TOSHIBA\TBS\HSON.exe
    HKLM-Run-SmoothView - %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    HKLM-Run-00TCrdMain - %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe


    .
    --------------------- LOCKED REGISTRY KEYS ---------------------

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
    "ThreadingModel"="Apartment"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx"
    "ThreadingModel"="Apartment"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
    @Denied: (A 2) (Everyone)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
    @="Shockwave Flash"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
    @Denied: (A 2) (Everyone)
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
    @="FlashBroker"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
    "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    "MSCurrentCountry"=dword:000000b5
    .
    Completion time: 2011-01-25 14:01:16
    ComboFix-quarantined-files.txt 2011-01-25 19:01

    Pre-Run: 195,365,781,504 bytes free
    Post-Run: 195,279,261,696 bytes free

    - - End Of File - - 57F5ECA4D66C148032B20ACEB1B4614F
     
  8. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    next

    Run hijackthis, put a tick in the box beside these entries listed below and ONLY these entries, double check to make sure, then make sure all browser & email windows are closed and press fix checked

    uInternet Settings,ProxyServer = http=127.0.0.1:8074

    tell us if that has cured all your problems
     
  9. Yelsa11

    Yelsa11 Thread Starter

    Joined:
    Jan 2, 2011
    Messages:
    21
    Sorry, I don't see that line in HJT. I think that
    uInternet Settings,ProxyServer = http=127.0.0.1:8074
    shows up in DDS.
    Anyway, I'm not sure what to delete.
     
  10. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    sorry, it should be fix this line in HJT
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8074
     
  11. Yelsa11

    Yelsa11 Thread Starter

    Joined:
    Jan 2, 2011
    Messages:
    21
    I fixed that line, but it is still the same, no internet connection.
     
  12. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    I have moved this to networkig so one Of the gurus there can walk you through troubleshooting steps
     
  13. etaf

    etaf Moderator

    Joined:
    Oct 2, 2003
    Messages:
    65,252
    First Name:
    Wayne
    can we see the following information
    Device manager, xirrus, ipconfig /all , do a tcp/ip reset , also whats in control panel>internet options>connection tab > lan settings > whats there


    ------------------------------------------------------------------------
    {Device Manager}
    Post back the results in device manager
    If you cannot access the internet with this PC, then you will need to copy the program across to the faulty PC
    Start > control Panel {Vista set to classic view}> system > {Vista, device manager on left hand side} {XP hardware Tab, device manager button} >
    windows 7
    start > control panel> System and Security> Device Manager

    network adaptors, click on the + > post back the devices listed there
    are there any ! ? or X


    post a screen shot of the device manager - network adapters

    To post a screen shot of the active window, hold the Alt key and press the PrtScn key. Open the Windows PAINT application and Paste the screen shot. You can then use PAINT to trim to suit, and save it as a JPG format file.
    To upload it to the forum, open the full reply window and use the Manage Attachments button to upload it here
    ------------------------------------------------------------------------

    ------------------------------------------------------------------------
    {run Xirrus Wi-Fi Inspector} Download and install
    If you cannot access the internet with this PC, then you will need to copy the program across to the faulty PC

    http://www.xirrus.com/library/wifitools.php
    Direct link to the program is here http://www.xirrus.com/library/wifi_download_redirect.php
    Then run and install the program
    if you get an error - You need NET Framework installed for the WiFi Inspector to function.

    Run the program

    post a screen shot of the program running - if there are a lot of networks showing can you click on "networks" top lefthand area - so we can see all the network information, and also post which network "Adapter Name" (1st column) is yours on the list

    To post a screen shot of the active window, hold the Alt key and press the PrtScn key. Open the Windows PAINT application and Paste the screen shot. You can then use PAINT to trim to suit, and save it as a JPG format file.
    To upload it to the forum, open the full reply window and use the Manage Attachments button to upload it here.
    ------------------------------------------------------------------------

    ------------------------------------------------------------------------
    {ipconfig /all}
    If you cannot access the internet with this PC, then you will need to paste the results into something like notepad and then copy onto a machine that can access the internet and post results here
    We would like to see the results from ipconfig /all post back the results here
    -> Start
    -> (XP - enter the following in the RUN box)
    cmd /k ipconfig /all
    -> (Vista or Windows 7 - enter the following in the Search box)
    cmd /k ipconfig /all

    A black box will appear on the screen -
    rightclick in the box
    select all
    enter
    control key + C key - to copy

    then reply here and
    control key + V to paste
    ------------------------------------------------------------------------

    ------------------------------------------------------------------------

    TCP/IP stack repair options for use with Vista/Windows 7.

    Start, Programs\Accessories and right click on Command Prompt, select "Run as Administrator" to open a command prompt.

    Note: Type only the text in bold for the following commands.

    Reset WINSOCK entries to installation defaults: netsh winsock reset catalog

    Reset IPv4 TCP/IP stack to installation defaults. netsh int ipv4 reset reset.log

    Reset IPv6 TCP/IP stack to installation defaults. netsh int ipv6 reset reset.log

    Reboot the machine.

    If you receive the message
    The requested operation requires elevation.
    The please open the command prompt as administrator - as requested above
    Start, Programs\Accessories and right click on Command Prompt, select "Run as Administrator" to open a command prompt.


    Post back the results here - we need to know these commands worked correctly
    rightclick in the box
    select all
    enter
    control key + C key - to copy
    then reply here and
    control key + V to paste

    ------------------------------------------------------------------------
     
  14. Yelsa11

    Yelsa11 Thread Starter

    Joined:
    Jan 2, 2011
    Messages:
    21
    I am attaching pictures of the network adapters and Xirrus screen. There is a ! by my built in wifi card, but I disabled it when I got a D-Link USB adapter.

    ipconfig/all


    Windows IP Configuration

    Host Name . . . . . . . . . . . . : My-PC
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Broadcast
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No

    Tunnel adapter Local Area Connection* 11:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
    Physical Address. . . . . . . . . : 02-00-54-55-4E-01
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes

    Tunnel adapter Local Area Connection* 12:

    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : 6TO4 Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes


    I did the reset commands and it looked like this before I restarted

    Microsoft Windows [Version 6.0.6002]
    Copyright (c) 2006 Microsoft Corporation. All rights reserved.

    C:\Windows\system32>netsh winsock reset catalog

    Sucessfully reset the Winsock Catalog.
    You must restart the computer in order to complete the reset.


    C:\Windows\system32>netsh int ipv4 reset reset.log
    Reseting Echo Request, OK!
    Reseting Global, OK!
    Reseting Interface, OK!
    A reboot is required to complete this action.


    C:\Windows\system32>netsh int ipv6 reset reset.log
    Reseting Echo Request, OK!
    A reboot is required to complete this action.
     

    Attached Files:

  15. Yelsa11

    Yelsa11 Thread Starter

    Joined:
    Jan 2, 2011
    Messages:
    21
    in the LAN settings box there are 3 boxes, none of them are checked.
    Automtically detect settings, use automatic configuration script, and use a proxy
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/976483

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice