TheTechGuide Forum

General Category => Tech Clinic => Topic started by: kota123 on October 31, 2008, 08:24:43 AM

Title: cannot connect to the internet
Post by: kota123 on October 31, 2008, 08:24:43 AM

I get access to the internet through a small local service provider.  I cannot access the internet from my other computer, a laptop, and my service provider tells me that the reason I cannot do it is because the laptop "starts broadcasting" as soon as it tries to connect, effectively blocking out my connection.  I do not know what this means.  Is there a way for me to get rid of this virus?  Thank you for your help.

Title: cannot connect to the internet
Post by: guestolo on October 31, 2008, 01:56:41 PM

Can you do the following
Post a Hijackthis log,

You will have to do the following if you don't have Internet connection right now on the laptop
Download Hijackthis Installer from [color=\"#FF0000\"]HERE[/color] (http://\"http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe\")
For an alternate download location, you can try HERE  (http://\"http://fileforum.betanews.com/detail/HijackThis/1071179190/1\")
SAVE this installer to a CDRW or USB thumbdrive or similiar

Transfer it to the desktop of the Laptop
Double click on HJTInstall.exe to run it
Choose Install

Hijackthis v2.0.2 will open

Under Main Menu, Select
Do a system scan and save a Log file
A log will open in Notepad
Copy and Paste the Whole log back here to the forum----It is all important!

You will have to transfer that log to a computer with working Internet connection
A copy of the log should also be found in
C:\Program Files\trend micro folder

Title: cannot connect to the internet
Post by: kota123 on November 02, 2008, 05:48:52 AM

Thank you for getting back to me. Sorry for the delay in replying, I was travelling. Here is the hijack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:56:23, on 02-11-2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rediff.com/index.html (http://\"http://www.rediff.com/index.html\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...O&pf=laptop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=73&bd=PRESARIO&pf=laptop\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...O&pf=laptop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=73&bd=PRESARIO&pf=laptop\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B6DB833-A2D2-4AD0-B6E2-E79925B310B9}: NameServer = 192.168.0.1,202.88.130.67,202.88.130.15,202.88.130.5
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Venturi Client (VenturiClient) - Venturi Wireless - C:\Program Files\Netbooster Client\Client\ventc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6320 bytes

Thanks!

Title: cannot connect to the internet
Post by: guestolo on November 02, 2008, 10:30:42 AM

You don't show as a Virus showing
But you have Items disabled with msconfig that prevents me from seeing everything
Can you go back to msconfig
1. Click on the Vista start icon in the bottom left corner of your screen.

2. Type MSCONFIG in the search box and then either press enter on your keyboard or double-click on the MSCONFIG program that appears in the search results.

3. Approve the prompt to continue
follow the on-screen prompts to give Vista permission to continue.

4. Under the General tab select Normal Startup
Apply it and Restart the computer when prompted

Are you then back online?


Can you do the following
Download [color=\"blue\"]random's system information tool (RSIT)[/color] by [color=\"#6600cc\"]random/random[/color] from >>[color=\"red\"]here[/color]<< (http://\"http://images.malwareremoval.com/random/RSIT.exe\") and save it to your desktop.

• RIGHT click on RSIT.exe and "Run as Administrator"
  
• Click Continue at the disclaimer screen.
  
• Your firewall may alert you that RSIT is requesting Internet access. Please allow it.
  
• Once it has finished, two logs will open:  log.txt[color=\"red\"]<-- this will be maximized[/color] and info.txt[color=\"red\"]<-- this will be minimized[/color].
  

Post both those logs please

NOTE: I see the following installed on your computer
Venturi Wireless

I'm not familiar with the client, whether you can try and disable it and use Windows wireless instead?
Is this something you installed, or was it provided by your Internet Service Provider?
Is the problem your having only Wireless?
Have you tried connecting Wired and see if you have connection
System Req. at their website recommends Service pack 1 for Vista

Additionally: I see remnants of Symantec's on your computer
Did you recently unininstall Norton's AV from your computer and install AVG
Is this when the problems started?
I'm going to suspect a problem with Winsock, but let's see the logs first
Let me know about Venturi also

Title: cannot connect to the internet
Post by: kota123 on November 02, 2008, 11:53:43 AM

Thank you for your response again! I will try the MSconfig and get back to you.

Regarding venturi wireless, the only active wireless component on the laptop is what was provided with it, intel r pro wireless 3945BG network connection and that shows up under the HP wireless assistant.

Here I am using a cable to connect to the internet, I do not have a wireless connection. I had Norton on the system but the problems had started even when I used this anti virus, i recently installed AVG and it found some tracking cookies and nothing else.

I use the same cable to access the internet on my other laptop and it has been working perfectly fine. When i try to connect it on the other laptop though, it does connect but when i use firefox or explorer to open any sites it does not work, the number of bytes received and sent stays in the 20k range and does not move at all. I have also noticed the system is hanging a lot and takes a lot of time to respond to any commands.

I will try out the config now and get back to you soon.

Thanks again!

Title: cannot connect to the internet
Post by: kota123 on November 02, 2008, 12:08:27 PM

Here is the info:

info.txt logfile of random's system information tool 1.04 2008-11-02 23:14:13

======Uninstall list======

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C080B57-0D1E-4C73-B03B-68A9EF9F23F3}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3C080B57-0D1E-4C73-B03B-68A9EF9F23F3}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4095E277-3005-42E9-8D84-DE6EB8704CEC}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4095E277-3005-42E9-8D84-DE6EB8704CEC}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4F2F3E0C-2025-4F5E-9583-AB8CD5AA88A6}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4F2F3E0C-2025-4F5E-9583-AB8CD5AA88A6}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66BCC50C-22D9-4927-9251-27FA88A32214}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66BCC50C-22D9-4927-9251-27FA88A32214}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7550D6AA-CCF3-4FDA-87D6-C2C1B2E5358D}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7550D6AA-CCF3-4FDA-87D6-C2C1B2E5358D}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB14DF5-3B04-4E3B-9969-695DBA7F2008}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB14DF5-3B04-4E3B-9969-695DBA7F2008}\setup.exe" -l0x9  /remove
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002}
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_HDAUDIO\UIU32a.EXE -U -IwisR30B7.inf
Creative Jukebox Driver-->C:\Windows\UNWISE.EXE C:\Windows\JB3DRV.LOG
Creative MediaSource-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\SETUP.EXE" -l0x9 /remove
Creative NOMAD Jukebox Zen Xtra-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66F324A1-BDC0-11D7-9E5C-00D0B76A8705}\SETUP.EXE" -l0x9
Creative Removable Disk Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x9  /remove
Creative System Information-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9  /remove
Creative Zen Vision M-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC3065BF-95B4-42C5-B47D-0B713CDA75D0}\SETUP.EXE" -l0x9  /remove
ESU for Microsoft Vista-->MsiExec.exe /X{88A548E6-4B09-43E7-AD55-3C7D1B37706D}
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7\UIU32m.EXE -U -IwqcVenz.inf
Hewlett-Packard Active Check-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Hewlett-Packard Asset Agent-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
HP Active Support Library 32 bit components-->MsiExec.exe /I{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{290B83AA-093A-45BF-A917-D1C4A1E8D917}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9  -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP DVD Play 3.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\setup.exe"  -uninstall
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9  -removeonly
HP Help and Support-->MsiExec.exe /I{9061CEF2-51F5-42C9-8A70-9ED351C6597A}
HP Photosmart Essential 2.0-->C:\Program Files\Hewlett-Packard\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Quick Launch Buttons 6.20 B1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 uninst
HP Update-->MsiExec.exe /X{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}
HP User Guides 0082-->MsiExec.exe /I{FCCC555E-166C-426A-A98C-39C80AE7C081}
HP Wireless Assistant-->MsiExec.exe /I{D32067CD-7409-4792-BFA0-1469BCD8F0C8}
Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel® Network Connections Drivers-->Prounstl.exe
Java(tm) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
LG USB Modem driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\Setup.exe" -l0x9
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Administration Utility-->C:\Windows\IsUninst.exe -f"C:\Program Files\LiveUpdate Administration\Uninst.isu" -c"C:\Program Files\LiveUpdate Administration\ISLUA.DLL"
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mozilla Firefox (2.0.0.15)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSCU for Microsoft Vista-->MsiExec.exe /X{3FFB3B34-D639-4384-9AE9-DDE58430D86F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
Need For Speed III-->C:\Windows\UNINST.EXE -f"C:\Program Files\Electronic Arts\Need For Speed III\DeIsL1.isu" -c"C:\Program Files\Electronic Arts\Need For Speed III\eauninst.dll"
Netbooster-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C59FA2E-EEDA-41FA-90AC-F8FCBD032E85}\setup.exe" -l0x9  -vuninstall -removeonly
Nokia Connectivity Cable Driver-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{3D249F10-79EC-48D4-93E5-C470ABE523FA}
PL-2303 USB-to-Serial-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}\Setup.exe" -l0x9 Installed
Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator EasyArchive-->MsiExec.exe /I{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Basic v9-->MsiExec.exe /I{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
USB to Serial Cable Driver-->C:\Windows\unvise32.exe C:\Program Files\ArkMicro\uninstal.log
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
ZTE CDMA1X MODEM-->"C:\Program Files\ZTE CDMA1X MODEM\unins000.exe"

======Security center information======

AV: AVG Anti-Virus Free (outdated)
AV: Norton Internet Security (outdated)
FW: Norton Internet Security
AS: AVG Anti-Virus Free (disabled) (outdated)
AS: Windows Defender (outdated)
AS: Norton Internet Security (outdated)

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OnlineServices"=Online Services
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PCBRAND"=PRESARIO
"PLATFORM"=MCD
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 12, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=0e0c
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"USERPART"=E:
"windir"=%SystemRoot%

-----------------EOF-----------------

Title: cannot connect to the internet
Post by: kota123 on November 02, 2008, 12:11:20 PM

Here is the log file:

Logfile of random's system information tool 1.04 (written by random/random)
Run by sunil at 2008-11-02 23:13:47
Microsoft® Windows Vistaâ„¢ Home Premium  
System drive C: has 103 GB (71%) free of 146 GB
Total RAM: 1013 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:14:10, on 02-11-2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Netbooster Client\Configurator\ventcfg.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\mobsync.exe
C:\Users\sunil\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\sunil.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rediff.com/index.html (http://\"http://www.rediff.com/index.html\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...O&pf=laptop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=73&bd=PRESARIO&pf=laptop\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...O&pf=laptop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=73&bd=PRESARIO&pf=laptop\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [Venturi Configurator] C:\Program Files\Netbooster Client\Configurator\ventcfg.exe -nomsgbox
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B6DB833-A2D2-4AD0-B6E2-E79925B310B9}: NameServer = 192.168.0.1,202.88.130.67,202.88.130.15,202.88.130.5
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Venturi Client (VenturiClient) - Venturi Wireless - C:\Program Files\Netbooster Client\Client\ventc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7939 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{C203164B-CEC6-402C-8F72-1989ACCBF56A}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-10-31 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-05-07 501384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-10-31 2055960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-10-31 2055960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-13 827392]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-10-31 1234712]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-09-13 1006264]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-11 317128]
"Venturi Configurator"=C:\Program Files\Netbooster Client\Configurator\ventcfg.exe [2007-02-05 923272]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0\bin\jusched.exe [2007-05-07 77824]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-14 159744]
"Persistence"=C:\Windows\system32\igfxpers.exe [2007-02-26 133912]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-02-26 138008]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-02 472776]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-13 50696]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-02-26 154392]
"ccApp"=c:\Program Files\Common Files\Symantec Shared\ccApp.exe []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-08 44128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-02-22 200704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1093926c-a184-11dc-ba3a-001a6bbe6591}]
shell\Open(&O)\command - RECYCLED\appmgmt.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56917166-6fdc-11dc-8b68-001a6bbe6591}]
shell\Open(&O)\command - RECYCLED\appmgmt.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{60aabc97-87ae-11dc-bb23-001a6bbe6591}]
shell\Open(&O)\command - RECYCLED\appmgmt.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fa18d71-ee82-11dc-ae21-001a6bbe6591}]
shell\AutoRun\command - u18vxqle.com
shell\explore\command - u18vxqle.com
shell\open\command - u18vxqle.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c73a9a6-57a1-11dd-bb70-001b2483eae6}]
shell\Auto\command - F:\TunerSetup.exe
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\TunerSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8f89697-d18a-11dc-9559-001a6bbe6591}]
shell\AutoRun\command - F:\1wod1.com
shell\explore\command - F:\1wod1.com
shell\open\command - F:\1wod1.com


======List of files/folders created in the last 1 months======

2008-11-02 23:13:47 ----D---- C:\rsit
2008-11-02 16:55:44 ----D---- C:\Program Files\Trend Micro
2008-11-02 01:00:00 ----D---- C:\Program Files\Electronic Arts
2008-11-02 00:59:49 ----A---- C:\Windows\uninst.exe
2008-10-31 18:09:14 ----HD---- C:\$AVG8.VAULT$
2008-10-31 17:23:12 ----A---- C:\Windows\system32\avgrsstx.dll
2008-10-31 17:21:52 ----D---- C:\ProgramData\avg8
2008-10-31 17:21:52 ----D---- C:\Program Files\AVG
2008-10-31 17:14:21 ----SHD---- C:\Config.Msi
2008-10-15 00:25:39 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-15 00:25:38 ----A---- C:\Windows\system32\ntoskrnl.exe

======List of files/folders modified in the last 1 months======

2008-11-02 23:14:10 ----D---- C:\Windows\Temp
2008-11-02 23:14:06 ----D---- C:\Windows\Prefetch
2008-11-02 23:11:42 ----D---- C:\Windows\SMINST
2008-11-02 23:08:28 ----D---- C:\Windows\pss
2008-11-02 22:11:36 ----SHD---- C:\System Volume Information
2008-11-02 18:21:58 ----D---- C:\Windows\System32
2008-11-02 18:21:58 ----D---- C:\Windows\inf
2008-11-02 18:21:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-02 16:55:44 ----RD---- C:\Program Files
2008-11-02 16:52:49 ----D---- C:\Windows\system32\catroot2
2008-11-02 02:55:52 ----D---- C:\Windows
2008-10-31 19:15:05 ----D---- C:\ProgramData\Symantec
2008-10-31 17:22:44 ----D---- C:\Windows\system32\drivers
2008-10-31 17:21:52 ----HD---- C:\ProgramData
2008-10-31 17:21:16 ----SHD---- C:\Windows\Installer
2008-10-31 17:21:16 ----D---- C:\Windows\winsxs
2008-10-31 17:20:56 ----D---- C:\Program Files\Common Files\microsoft shared
2008-10-31 17:20:15 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-10-31 17:19:13 ----D---- C:\Program Files\Symantec
2008-10-31 17:19:09 ----D---- C:\Program Files\Common Files
2008-10-31 17:17:45 ----RSD---- C:\Windows\assembly
2008-10-31 17:15:18 ----D---- C:\Windows\Tasks
2008-10-31 17:11:57 ----SD---- C:\Users\sunil\AppData\Roaming\Microsoft
2008-10-28 04:44:39 ----D---- C:\Windows\system32\catroot
2008-10-14 23:58:01 ----D---- C:\Users\sunil\AppData\Roaming\LimeWire
2008-10-08 00:49:40 ----A---- C:\Windows\system32\mrt.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2008-10-31 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2008-10-31 26824]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2007-09-11 395312]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-16 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-16 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-16 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-28 8192]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-04-29 19456]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2007-01-02 80688]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-03-07 14208]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2006-12-12 148992]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-07 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-07 207360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-02-22 1662464]
R3 NETw4v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-09-13 82432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-01-13 181432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-07 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-03-07 11264]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-03 182272]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 E100B;Intel® PRO Network Connection Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2007-11-16 165496]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-02-22 1662464]
S3 Jukebox3;Jukebox3; C:\Windows\system32\DRIVERS\ctpdusb.sys [2003-10-23 16848]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 NETw3v32;Intel® PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2007-02-08 1786880]
S3 Nokia USB Generic;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2005-05-27 7288]
S3 Nokia USB Modem;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2005-05-27 11001]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2005-05-27 128295]
S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 zteusbser;ZTE USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\zteusbser.sys [2007-08-20 98432]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 554352]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-31 231704]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-15 62984]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-03 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-15 61440]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 VenturiClient;Venturi Client; C:\Program Files\Netbooster Client\Client\ventc.exe [2007-02-05 2410080]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-28 386560]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-10 110592]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

Title: cannot connect to the internet
Post by: guestolo on November 02, 2008, 12:20:46 PM

So if I understand correctly, Venturi Client was not installed by yourself?
And right now you are wired connection to the laptop?

And you have no Internet connection at all with this laptop, correct?

I see some problems in the RSIT logs, may very well be why you are having connection issues
But answer the above first, so I know what route to take here

Title: cannot connect to the internet
Post by: kota123 on November 02, 2008, 12:24:20 PM

Just to clarify..I am in India and venturi wireless maybe a part of the wireless data card I use here to connect to the internet at times. When I am not travelling I use the wire to connect to the internet. Venturi wireless shows up under net booster which i think is a part of the data card i use to connect wireless.

Title: cannot connect to the internet
Post by: kota123 on November 02, 2008, 12:32:12 PM

Well like i mentioned venturi wireless may very well be a part of the data card used for wireless connection. The laptop i am using now has no problem at all connecting to the net but if i use this cable to connect with the other laptop it does connect but does not open any sites at all. So the internet connection is established but thats it, you cannot surf at all. So one laptop connects and i am able to surf and the other problematic one also connects but you cannot surf.

Title: cannot connect to the internet
Post by: guestolo on November 02, 2008, 12:42:08 PM

I see Netbooster in your uninstall list, I'm hoping it's not the reason you can't get online wired

But for now, I see other problems in your log
Can you do the following
You will need to download and transfer the following to your laptop

First can you download download Malwarebytes' Anti-Malware from Here (http://\"http://www.besttechie.net/tools/mbam-setup.exe\") or Here (http://\"http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html\")
Save the installer to transfer to the laptop without connection

Also, let's ensure MBAM has the latest updates
Go to the following link
http://www.gt500.org/malwarebytes/database.jsp (http://\"http://www.gt500.org/malwarebytes/database.jsp\")
Download the latest database files >>mbam-rules.exe
save them to tranfer to the laptop

Transfer both installers to your Desktop of the laptop
First Install Malwarebytes' Anti-Malware
At the prompt, Uncheck Both
Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware

I want to ensure MBAM is closed for the next step
Now install mbam-rules.exe

Afterwards: It's possible that an external flash drive(s) you are using
Such as an external thumbdrive are infected
Can you insert any thumbdrive into your laptop, close out any autostart, just leave it inserted for now

RIGHT CLICK on Malwarebytes' Anti-Malware shortcut on your desktop t
Choose to "Run as Administrtator"

• Once the program has loaded, select "Perform Full Scan", then click Scan.
     
  
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
     
  
• Make sure that everything is checked, and click Remove Selected.
      * When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
     
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Also, can you run RSIT.exe again and post the log that opens
I don't need to see the minimized one

Title: cannot connect to the internet
Post by: kota123 on November 02, 2008, 03:58:40 PM

I have installed the malware applications and am running the scan now. Since its almost 2 AM here I will send you the results tomorrow.

Thanks!

Title: cannot connect to the internet
Post by: kota123 on November 02, 2008, 05:13:02 PM

The scan using malware just finished, no infections were found. I have attached the log for this and RSIT below. Regarding net booster, i confirmed now that is a part of the software for the data card for wireless internet, Venturi Wireless is a part of that as well. But right now I am only using the wired connection and not wireless.

Log for mbam:

Malwarebytes' Anti-Malware 1.30
Database version: 1348
Windows 6.0.6000

03-11-2008 03:33:45
mbam-log-2008-11-03 (03-33-45).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|)
Objects scanned: 139794
Time elapsed: 1 hour(s), 43 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Log for RSIT:

Logfile of random's system information tool 1.04 (written by random/random)
Run by sunil at 2008-11-03 03:36:40
Microsoft® Windows Vistaâ„¢ Home Premium  
System drive C: has 103 GB (71%) free of 146 GB
Total RAM: 1013 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:37:05, on 03-11-2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Netbooster Client\Configurator\ventcfg.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\sunil\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\sunil.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rediff.com/index.html (http://\"http://www.rediff.com/index.html\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...O&pf=laptop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=73&bd=PRESARIO&pf=laptop\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...O&pf=laptop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=73&bd=PRESARIO&pf=laptop\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [Venturi Configurator] C:\Program Files\Netbooster Client\Configurator\ventcfg.exe -nomsgbox
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B6DB833-A2D2-4AD0-B6E2-E79925B310B9}: NameServer = 192.168.0.1,202.88.130.67,202.88.130.15,202.88.130.5
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Venturi Client (VenturiClient) - Venturi Wireless - C:\Program Files\Netbooster Client\Client\ventc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7906 bytes

======Scheduled tasks folder======

C:\Windows\tasks\User_Feed_Synchronization-{C203164B-CEC6-402C-8F72-1989ACCBF56A}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-10-31 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0\bin\ssv.dll [2007-05-07 501384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-10-31 2055960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-10-31 2055960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-13 827392]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-10-31 1234712]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2007-09-13 1006264]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-11 317128]
"Venturi Configurator"=C:\Program Files\Netbooster Client\Configurator\ventcfg.exe [2007-02-05 923272]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0\bin\jusched.exe [2007-05-07 77824]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-14 159744]
"Persistence"=C:\Windows\system32\igfxpers.exe [2007-02-26 133912]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-02-26 138008]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-02 472776]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"HP Health Check Scheduler"=C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-13 50696]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-02-26 154392]
"ccApp"=c:\Program Files\Common Files\Symantec Shared\ccApp.exe []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-08 44128]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-10-22 399504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2006-11-02 125440]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-11-02 201728]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-02-22 200704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1093926c-a184-11dc-ba3a-001a6bbe6591}]
shell\Open(&O)\command - RECYCLED\appmgmt.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56917166-6fdc-11dc-8b68-001a6bbe6591}]
shell\Open(&O)\command - RECYCLED\appmgmt.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{60aabc97-87ae-11dc-bb23-001a6bbe6591}]
shell\Open(&O)\command - RECYCLED\appmgmt.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fa18d71-ee82-11dc-ae21-001a6bbe6591}]
shell\AutoRun\command - u18vxqle.com
shell\explore\command - u18vxqle.com
shell\open\command - u18vxqle.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c73a9a6-57a1-11dd-bb70-001b2483eae6}]
shell\Auto\command - F:\TunerSetup.exe
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\TunerSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8f89697-d18a-11dc-9559-001a6bbe6591}]
shell\AutoRun\command - F:\1wod1.com
shell\explore\command - F:\1wod1.com
shell\open\command - F:\1wod1.com


======List of files/folders created in the last 3 months======

2008-11-03 01:29:38 ----D---- C:\Users\sunil\AppData\Roaming\Malwarebytes
2008-11-03 01:29:31 ----D---- C:\ProgramData\Malwarebytes
2008-11-03 01:29:31 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-11-02 23:13:47 ----D---- C:\rsit
2008-11-02 16:55:44 ----D---- C:\Program Files\Trend Micro
2008-11-02 01:00:00 ----D---- C:\Program Files\Electronic Arts
2008-11-02 00:59:49 ----A---- C:\Windows\uninst.exe
2008-10-31 18:09:14 ----HD---- C:\$AVG8.VAULT$
2008-10-31 17:23:12 ----A---- C:\Windows\system32\avgrsstx.dll
2008-10-31 17:21:52 ----D---- C:\ProgramData\avg8
2008-10-31 17:21:52 ----D---- C:\Program Files\AVG
2008-10-31 17:14:21 ----SHD---- C:\Config.Msi
2008-10-15 00:25:39 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-15 00:25:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-09-25 22:29:15 ----A---- C:\Windows\system32\wups2.dll
2008-09-25 22:29:15 ----A---- C:\Windows\system32\wuauclt.exe
2008-09-25 22:29:14 ----A---- C:\Windows\system32\wucltux.dll
2008-09-25 22:29:14 ----A---- C:\Windows\system32\wuaueng.dll
2008-09-25 22:28:13 ----A---- C:\Windows\system32\wups.dll
2008-09-25 22:28:13 ----A---- C:\Windows\system32\wudriver.dll
2008-09-25 22:28:13 ----A---- C:\Windows\system32\wuapi.dll
2008-09-25 22:27:54 ----A---- C:\Windows\system32\wuwebv.dll
2008-09-25 22:27:54 ----A---- C:\Windows\system32\wuapp.exe
2008-09-21 00:37:35 ----A---- C:\Windows\system32\gameux.dll
2008-09-21 00:37:33 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-09-21 00:37:31 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-09-13 22:23:58 ----A---- C:\Windows\system32\wmpeffects.dll
2008-09-06 00:44:04 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-09-06 00:44:02 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-09-06 00:43:37 ----A---- C:\Windows\system32\NlsData0009.dll
2008-09-06 00:43:37 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-09-06 00:43:36 ----A---- C:\Windows\system32\NlsData000c.dll
2008-09-06 00:43:35 ----A---- C:\Windows\system32\NlsData000a.dll
2008-09-06 00:43:34 ----A---- C:\Windows\system32\NlsData000d.dll
2008-09-06 00:43:33 ----A---- C:\Windows\system32\NlsData0027.dll
2008-09-06 00:43:33 ----A---- C:\Windows\system32\NlsData0011.dll
2008-09-06 00:43:33 ----A---- C:\Windows\system32\NlsData0001.dll
2008-09-06 00:43:30 ----A---- C:\Windows\system32\NlsData0007.dll
2008-09-06 00:43:29 ----A---- C:\Windows\system32\NlsData003e.dll
2008-09-06 00:43:28 ----A---- C:\Windows\system32\NlsData002a.dll
2008-09-06 00:43:28 ----A---- C:\Windows\system32\NlsData0022.dll
2008-09-06 00:43:28 ----A---- C:\Windows\system32\NlsData0021.dll
2008-09-06 00:43:28 ----A---- C:\Windows\system32\NlsData0002.dll
2008-09-06 00:43:27 ----A---- C:\Windows\system32\NlsData0024.dll
2008-09-06 00:43:27 ----A---- C:\Windows\system32\NlsData001a.dll
2008-09-06 00:43:27 ----A---- C:\Windows\system32\NlsData0018.dll
2008-09-06 00:43:27 ----A---- C:\Windows\system32\NlsData000f.dll
2008-09-06 00:43:26 ----A---- C:\Windows\system32\NlsData0019.dll
2008-09-06 00:43:25 ----A---- C:\Windows\system32\NlsData001d.dll
2008-09-06 00:43:25 ----A---- C:\Windows\system32\NlsData0010.dll
2008-09-06 00:43:24 ----A---- C:\Windows\system32\NlsData0816.dll
2008-09-06 00:43:23 ----A---- C:\Windows\system32\NlsData0013.dll
2008-09-06 00:43:21 ----A---- C:\Windows\system32\NlsData0049.dll
2008-09-06 00:43:21 ----A---- C:\Windows\system32\NlsData0039.dll
2008-09-06 00:43:20 ----A---- C:\Windows\system32\NlsData0020.dll
2008-09-06 00:43:19 ----A---- C:\Windows\system32\NlsData0416.dll
2008-09-06 00:43:18 ----A---- C:\Windows\system32\NlsData0414.dll
2008-09-06 00:43:17 ----A---- C:\Windows\system32\NlsData004c.dll
2008-09-06 00:43:17 ----A---- C:\Windows\system32\NlsData004a.dll
2008-09-06 00:43:17 ----A---- C:\Windows\system32\NlsData0047.dll
2008-09-06 00:43:16 ----A---- C:\Windows\system32\NlsData081a.dll
2008-09-06 00:43:15 ----A---- C:\Windows\system32\NlsData0c1a.dll
2008-09-06 00:43:15 ----A---- C:\Windows\system32\NlsData001b.dll
2008-09-06 00:43:15 ----A---- C:\Windows\system32\NlsData0000.dll
2008-09-06 00:43:14 ----A---- C:\Windows\system32\NlsData004b.dll
2008-09-06 00:43:14 ----A---- C:\Windows\system32\NlsData0046.dll
2008-09-06 00:43:14 ----A---- C:\Windows\system32\NlsData0045.dll
2008-09-06 00:43:13 ----A---- C:\Windows\system32\NlsData004e.dll
2008-09-06 00:43:13 ----A---- C:\Windows\system32\NlsData0026.dll
2008-09-06 00:43:13 ----A---- C:\Windows\system32\NlsData0003.dll
2008-09-06 00:42:44 ----A---- C:\Windows\system32\NlsModels0011.dll
2008-09-06 00:42:43 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2008-09-06 00:42:42 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2008-09-06 00:42:41 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2008-09-06 00:42:40 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2008-09-06 00:42:38 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2008-09-06 00:42:37 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2008-09-06 00:42:36 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2008-09-06 00:42:35 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2008-09-06 00:42:33 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2008-09-06 00:42:32 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2008-09-06 00:42:31 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2008-09-06 00:42:29 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2008-09-06 00:42:29 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2008-09-06 00:42:28 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2008-09-06 00:42:27 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2008-09-06 00:42:26 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2008-09-06 00:42:25 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2008-09-06 00:42:23 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2008-09-06 00:42:22 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2008-09-06 00:42:21 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2008-09-06 00:42:21 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2008-09-06 00:42:20 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2008-09-06 00:42:18 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2008-09-06 00:42:17 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2008-09-06 00:42:15 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2008-09-06 00:42:14 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2008-09-06 00:42:13 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2008-09-06 00:42:12 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2008-09-06 00:42:12 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2008-09-06 00:42:12 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2008-09-06 00:42:11 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2008-09-06 00:42:11 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2008-09-06 00:42:11 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2008-09-06 00:42:10 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2008-09-06 00:42:10 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2008-09-06 00:42:09 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2008-09-06 00:42:09 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2008-09-02 17:09:26 ----A---- C:\Windows\system32\tzres.dll
2008-09-02 16:51:28 ----A---- C:\Windows\system32\mshtml.dll
2008-09-02 16:51:26 ----A---- C:\Windows\system32\ieframe.dll
2008-09-02 16:51:25 ----A---- C:\Windows\system32\urlmon.dll
2008-09-02 16:51:24 ----A---- C:\Windows\system32\wininet.dll
2008-09-02 16:51:23 ----A---- C:\Windows\system32\mshtmled.dll
2008-09-02 16:51:22 ----A---- C:\Windows\system32\mstime.dll
2008-09-02 16:51:22 ----A---- C:\Windows\system32\ieui.dll
2008-09-02 16:51:22 ----A---- C:\Windows\system32\ieapfltr.dll
2008-09-02 16:51:22 ----A---- C:\Windows\system32\ie4uinit.exe
2008-09-02 16:51:22 ----A---- C:\Windows\system32\advpack.dll
2008-09-02 16:51:21 ----A---- C:\Windows\system32\pngfilt.dll
2008-09-02 16:51:21 ----A---- C:\Windows\system32\jsproxy.dll
2008-09-02 16:51:21 ----A---- C:\Windows\system32\ieUnatt.exe
2008-09-02 16:51:21 ----A---- C:\Windows\system32\iesetup.dll
2008-09-02 16:51:21 ----A---- C:\Windows\system32\iernonce.dll
2008-09-02 16:51:21 ----A---- C:\Windows\system32\icardie.dll
2008-09-02 16:51:21 ----A---- C:\Windows\system32\dxtrans.dll
2008-09-02 16:51:21 ----A---- C:\Windows\system32\dxtmsft.dll
2008-09-02 16:46:34 ----A---- C:\Windows\system32\winipsec.dll
2008-09-02 16:46:34 ----A---- C:\Windows\system32\polstore.dll
2008-09-02 16:46:34 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-09-02 16:46:34 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2008-09-02 16:46:28 ----A---- C:\Windows\system32\INETRES.dll
2008-09-02 16:46:28 ----A---- C:\Windows\system32\inetcomm.dll
2008-09-02 16:39:28 ----A---- C:\Windows\system32\es.dll

======List of files/folders modified in the last 3 months======

2008-11-03 03:37:04 ----D---- C:\Windows\Temp
2008-11-03 02:26:52 ----D---- C:\Windows\Prefetch
2008-11-03 01:30:51 ----D---- C:\Windows\system32\drivers
2008-11-03 01:29:31 ----RD---- C:\Program Files
2008-11-03 01:29:31 ----HD---- C:\ProgramData
2008-11-03 01:28:55 ----D---- C:\Windows\System32
2008-11-03 01:28:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-03 01:28:54 ----D---- C:\Windows\inf
2008-11-03 01:24:25 ----D---- C:\Windows\SMINST
2008-11-02 23:08:28 ----D---- C:\Windows\pss
2008-11-02 22:11:36 ----SHD---- C:\System Volume Information
2008-11-02 16:52:49 ----D---- C:\Windows\system32\catroot2
2008-11-02 02:55:52 ----D---- C:\Windows
2008-10-31 19:15:05 ----D---- C:\ProgramData\Symantec
2008-10-31 17:21:16 ----SHD---- C:\Windows\Installer
2008-10-31 17:21:16 ----D---- C:\Windows\winsxs
2008-10-31 17:20:56 ----D---- C:\Program Files\Common Files\microsoft shared
2008-10-31 17:20:15 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-10-31 17:19:13 ----D---- C:\Program Files\Symantec
2008-10-31 17:19:09 ----D---- C:\Program Files\Common Files
2008-10-31 17:17:45 ----RSD---- C:\Windows\assembly
2008-10-31 17:15:18 ----D---- C:\Windows\Tasks
2008-10-31 17:11:57 ----SD---- C:\Users\sunil\AppData\Roaming\Microsoft
2008-10-28 04:44:39 ----D---- C:\Windows\system32\catroot
2008-10-14 23:58:01 ----D---- C:\Users\sunil\AppData\Roaming\LimeWire
2008-10-08 00:49:40 ----A---- C:\Windows\system32\mrt.exe
2008-10-01 19:39:09 ----D---- C:\Windows\system32\en-US
2008-09-21 01:30:19 ----D---- C:\Windows\AppPatch
2008-09-06 22:40:00 ----D---- C:\Windows\ehome
2008-09-04 23:22:50 ----D---- C:\Program Files\Mozilla Firefox
2008-09-02 22:51:54 ----D---- C:\Program Files\Internet Explorer
2008-09-02 22:51:53 ----D---- C:\Windows\system32\migration
2008-09-02 17:07:46 ----D---- C:\Program Files\Windows Mail
2008-09-01 18:05:30 ----D---- C:\Users\sunil\AppData\Roaming\Creative
2008-09-01 17:59:06 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-01 17:55:45 ----D---- C:\Program Files\Creative

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2008-10-31 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2008-10-31 26824]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2007-09-11 395312]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-16 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-16 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-16 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-28 8192]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-04-29 19456]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2007-01-02 80688]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-03-07 14208]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2006-12-12 148992]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-07 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-07 207360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-02-22 1662464]
R3 NETw4v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-10-31 2252800]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2007-09-13 82432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-01-13 181432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-07 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-03-07 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-03 182272]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 E100B;Intel® PRO Network Connection Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2007-11-16 165496]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-02-22 1662464]
S3 Jukebox3;Jukebox3; C:\Windows\system32\DRIVERS\ctpdusb.sys [2003-10-23 16848]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 NETw3v32;Intel® PRO/Wireless 3945BG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2007-02-08 1786880]
S3 Nokia USB Generic;Nokia USB Generic; C:\Windows\system32\drivers\nmwcdc.sys [2005-05-27 7288]
S3 Nokia USB Modem;Nokia USB Modem; C:\Windows\system32\drivers\nmwcdcm.sys [2005-05-27 11001]
S3 Nokia USB Phone Parent;Nokia USB Phone Parent; C:\Windows\system32\drivers\nmwcd.sys [2005-05-27 128295]
S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2006-11-02 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S3 zteusbser;ZTE USB Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\zteusbser.sys [2007-08-20 98432]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2007-09-12 554352]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-31 231704]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-03-15 62984]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-03 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-15 61440]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 VenturiClient;Venturi Client; C:\Program Files\Netbooster Client\Client\ventc.exe [2007-02-05 2410080]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-28 386560]
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-10 110592]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------

Title: cannot connect to the internet
Post by: guestolo on November 02, 2008, 07:00:03 PM

Can you try the following

Download a couple tools and transfer them to the laptop's desktop
Don't run them from a USB thumbdrive, etc

Download the Norton Removal tool from Step 3
from the following link
http://service1.symantec.com/SUPPORT/norto...&view=docid (http://\"http://service1.symantec.com/SUPPORT/norton2008.nsf/docid/2007082908475279?Open&docid=2005033108162039&nsf=tsgeninfo.nsf&view=docid\")

Transfer it to the desktop of the laptop

In addition:
Download this file - Combofix.exe (http://\"http://download.bleepingcomputer.com/sUBs/ComboFix.exe\") and tranfer it  ONLY to your desktop of the laptop

Right click on the Norton Removal tool on desktop and "run as Administrator"
Follow the prompts, reboot when prompted

Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix
open the AVG Control Center program -> double-click on the "AVG Resident Shield" component by the clock -> deselect the "Turn on AVG Resident Shield" checkmark and save the setting.

Double click combofix.exe & follow the prompts.
When finished, it shall produce a log for you.
By default it will save a copy to C:\Combofix.txt
I'll need to see this log later
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Post the log from ComboFix and include a fresh Hijackthis log
Let me know if your now back online, this may help narrow it down

Title: cannot connect to the internet
Post by: kota123 on November 03, 2008, 04:47:26 AM

Here is the log for combofix:

ComboFix 08-11-02.04 - sunil 2008-11-03 15:00:10.1 - NTFSx86
Microsoft® Windows Vistaâ„¢ Home Premium   6.0.6000.0.1252.1.1033.18.364 [GMT 5.5:30]
Running from: C:\Users\sunil\Desktop\ComboFix.exe
 * Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\x64

.
(((((((((((((((((((((((((   Files Created from 2008-10-03 to 2008-11-03  )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-03 09:16    ---------    d-----w    C:\Program Files\Common Files\Symantec Shared
2008-11-03 09:13    ---------    d-----w    C:\ProgramData\NortonInstaller
2008-11-02 20:00    ---------    d-----w    C:\Program Files\Malwarebytes' Anti-Malware
2008-11-02 19:59    ---------    d-----w    C:\Users\sunil\AppData\Roaming\Malwarebytes
2008-11-02 19:59    ---------    d-----w    C:\ProgramData\Malwarebytes
2008-11-02 11:25    ---------    d-----w    C:\Program Files\Trend Micro
2008-11-01 19:30    ---------    d-----w    C:\Program Files\Electronic Arts
2008-10-31 11:53    10,520    ----a-w    C:\Windows\System32\avgrsstx.dll
2008-10-31 11:52    97,928    ----a-w    C:\Windows\system32\drivers\avgldx86.sys
2008-10-31 11:51    ---------    d-----w    C:\ProgramData\avg8
2008-10-31 11:51    ---------    d-----w    C:\Program Files\AVG
2008-10-22 10:40    38,496    ----a-w    C:\Windows\system32\drivers\mbamswissarmy.sys
2008-10-22 10:40    15,504    ----a-w    C:\Windows\system32\drivers\mbam.sys
2008-10-14 18:28    ---------    d-----w    C:\Users\sunil\AppData\Roaming\LimeWire
2008-09-18 04:35    3,505,208    ----a-w    C:\Windows\System32\ntkrnlpa.exe
2008-09-18 04:35    3,470,904    ----a-w    C:\Windows\System32\ntoskrnl.exe
2008-07-17 17:07    174    --sha-w    C:\Program Files\desktop.ini
2008-03-14 17:07    4,506,256    ----a-w    C:\Users\sunil\LimeWireWin.exe
2008-04-27 16:47    16,384    --sha-w    C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-04-27 16:47    32,768    --sha-w    C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-04-27 16:47    16,384    --sha-w    C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2007-09-27 17:34    22    --sha-w    C:\Windows\SMINST\HPCD.sys
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 125440]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-10-31 1234712]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-11 317128]
"Venturi Configurator"="C:\Program Files\Netbooster Client\Configurator\ventcfg.exe" [2007-02-05 923272]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-05-07 77824]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-14 159744]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-02-26 133912]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-02-26 138008]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-02 472776]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-13 50696]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-02-26 154392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="C:\Windows\SMINST\launcher.exe" [2006-11-08 44128]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{CB3978FB-F35C-46AC-A5A6-B4E668379EBB}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{C20B22A1-85AA-4701-8F7D-E3433BF407B0}"= C:\Program Files\HP\QuickPlay\QP.exe:Quick Play
"{114D994F-2081-4DD3-95FC-661AC929A3A4}"= C:\Program Files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{B86011A9-F95C-4F7C-8372-ABCBF00E3DD8}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{5DDD1ED1-51C5-4344-92EB-B98098202725}"= UDP:C:\Users\sunil\Desktop\LimeWire\LimeWire.exe:LimeWire
"{0106340B-7AC4-4543-A7F8-C3D2F891E7C1}"= TCP:C:\Users\sunil\Desktop\LimeWire\LimeWire.exe:LimeWire
"{F5BDE7C9-41AE-4097-94DE-5361C16F93E9}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{8ADD27E4-6B37-4E69-A854-96A4AECE6F2B}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{4C46E6C7-675A-425A-8686-29D2E5E8A3C1}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{B284396E-7480-4B47-8636-DF412D59DB76}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{61532E5F-9C12-4281-BE4C-C9EE48F331D5}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe
"{5CFD0BB4-7DA6-4613-B1D0-75264F1C39AE}"= UDP:C:\Users\sunil\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
"{7FF742D7-1BC0-4D79-ACA1-F87D82CF5806}"= TCP:C:\Users\sunil\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-10-31 97928]
R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-31 231704]
R2 VenturiClient;Venturi Client;C:\Program Files\Netbooster Client\Client\ventc.exe [2007-02-05 2410080]
R3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\DRIVERS\btwavdt.sys [2007-01-02 80688]
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service;C:\Windows\system32\drivers\CHDRT32.sys [2008-03-03 182272]
S3 zteusbser;ZTE USB Device for Legacy Serial Communication;C:\Windows\system32\DRIVERS\zteusbser.sys [2007-08-20 98432]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs    REG_MULTI_SZ       BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1093926c-a184-11dc-ba3a-001a6bbe6591}]
\Shell\Open(&O)\command - RECYCLED\appmgmt.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56917166-6fdc-11dc-8b68-001a6bbe6591}]
\Shell\Open(&O)\command - RECYCLED\appmgmt.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{60aabc97-87ae-11dc-bb23-001a6bbe6591}]
\Shell\Open(&O)\command - RECYCLED\appmgmt.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fa18d71-ee82-11dc-ae21-001a6bbe6591}]
\shell\AutoRun\command - u18vxqle.com
\shell\explore\Command - u18vxqle.com
\shell\open\Command - u18vxqle.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c73a9a6-57a1-11dd-bb70-001b2483eae6}]
\shell\Auto\command - F:\TunerSetup.exe
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\TunerSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8f89697-d18a-11dc-9559-001a6bbe6591}]
\shell\AutoRun\command - F:\1wod1.com
\shell\explore\Command - F:\1wod1.com
\shell\open\Command - F:\1wod1.com

*Newly Created Service* - CATCHME
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder

2008-11-03 C:\Windows\Tasks\User_Feed_Synchronization-{C203164B-CEC6-402C-8F72-1989ACCBF56A}.job
- C:\Windows\system32\msfeedssync.exe [2006-11-02 15:15]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\sunil\AppData\Roaming\Mozilla\Firefox\Profiles\usdxb4q5.default\
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net (http://\"http://www.gmer.net\")
Rootkit scan 2008-11-03 15:04:56
Windows 6.0.6000  NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-11-03 15:07:09
ComboFix-quarantined-files.txt  2008-11-03 09:37:02

Pre-Run: The system cannot find message text for message number 0x2379 in the message file for Application.
Post-Run: 108,721,770,496 bytes free

146    --- E O F ---    2008-10-27 23:14:43

Title: cannot connect to the internet
Post by: kota123 on November 03, 2008, 04:48:53 AM

Here is the new log for hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:13:00, on 03-11-2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Netbooster Client\Configurator\ventcfg.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rediff.com/index.html (http://\"http://www.rediff.com/index.html\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 (http://\"http://go.microsoft.com/fwlink/?LinkId=69157\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...O&pf=laptop (http://\"http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_IN&c=73&bd=PRESARIO&pf=laptop\")
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [Venturi Configurator] C:\Program Files\Netbooster Client\Configurator\ventcfg.exe -nomsgbox
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O10 - Unknown file in Winsock LSP: vwlsp.dll
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B6DB833-A2D2-4AD0-B6E2-E79925B310B9}: NameServer = 192.168.0.1,202.88.130.67,202.88.130.15,202.88.130.5
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Venturi Client (VenturiClient) - Venturi Wireless - C:\Program Files\Netbooster Client\Client\ventc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6492 bytes

Title: cannot connect to the internet
Post by: kota123 on November 03, 2008, 06:38:09 AM

I tried to connect to the internet today after all the scans but again same problem, the connection is established but I am unable to surf. It does not open any websites. i also noticed that LAN was disabled but after enabling it the connection got established and thats it. The bytes sent and received were between 16-17k.

Title: cannot connect to the internet
Post by: guestolo on November 03, 2008, 09:50:03 AM

Can you do the following
    * Please download Flash_Disinfector  (http://\"http://download.bleepingcomputer.com/sUBs/Flash_Disinfector.exe\") and save it to the laptops desktop
   
Copy ALL the BLUE text below and Paste to notepad
Don't use anything else than notepad or the script will not work

[color=\"#0000FF\"]File::
F:\TunerSetup.exe
F:\1wod1.com
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000000
"InternetSettingsDisableNotify"=dword:00000000
"AutoUpdateDisableNotify"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=-
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=-
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{5CFD0BB4-7DA6-4613-B1D0-75264F1C39AE}"=-
"{7FF742D7-1BC0-4D79-ACA1-F87D82CF5806}"=-
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1093926c-a184-11dc-ba3a-001a6bbe6591}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{56917166-6fdc-11dc-8b68-001a6bbe6591}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{60aabc97-87ae-11dc-bb23-001a6bbe6591}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6fa18d71-ee82-11dc-ae21-001a6bbe6591}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7c73a9a6-57a1-11dd-bb70-001b2483eae6}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d8f89697-d18a-11dc-9559-001a6bbe6591}]

[/color]
Save this as txtfile on your laptops desktop, with the exact name of
CFScript

* Right click on Flash_Disinfector.exe and select Run As Administrator to run it. If you receive a prompt, please allow it.
    * You will be prompted to plug in your flash drive. Plug it in.
    * Flash_Disinfector will start disinfecting your flash and hard drives. This takes a few seconds. Your desktop will disappear in the meantime.
    * When done, a message box will appear. Click OK. Your desktop should now appear. If it doesn't, press Ctrl + Shift + Esc to open Task Manager.
    * Click on File > New Task (Run...). Type in explorer.exe and press Enter. Your desktop should now appear.

Leave any flash drive or external harddrives connected
Then
(http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif)
Drag CFScript.txt into ComboFix.exe
Combofix will start>>Follow the prompts
Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

When finished, it shall produce a log for you  with the same name C:\ComboFix.txt..

I'll need to see that log again later

A troubleshooting step
Can you boot to "Safe Mode with Networking"
Tap the F8 key as the system is restarting to get you to the Advanced options menu
and select "Safe mode with Networking"
are you able to access the Net?

Another troubleshooting step, just to help narrow it down
Can you uninstall AVG8, as it didn't appear to be running properly from your first logs
After removal, reboot the computer
Any luck?
If not, we'll check DNS server addy's and possibly a conflict with Netbooster

Please post the new Combofix log

Title: cannot connect to the internet
Post by: kota123 on November 03, 2008, 12:25:04 PM

I tried to run the flash disinfector on the laptop but the program does not run. Each time I click on it and allow the program, a few minutes later a window pops up saying program may not have installed correctly and gives me 2 options: 1. to re install and 2nd says program is installed correctly. But if i choose the 2nd option it does not work.

Also today I tried working on that laptop using my data card and I was able to connect and surf without any problems! But when i tried using the cable I had the same problem, connection established but no surfing was possible. My ISP customer service person also came today for a regular check and said the same thing , laptop has a problem and is broadcasting. And then i did see, when the connection to the net is established using the cable even though no programs are running, the number of bytes sent and received keeps going up. So he says thats what shows some program is sending data each time you connect to the internet and is choking the connection.

I also downloaded the flash disinfector using the data card directly onto the problematic laptop but still the flash disinfector did not work and gave the same error.

I have removed AVG and then tried connecting but had the same problem.

I started the laptop in safe mode with networking but i cant even connect to the internet in it as it says no broadband connection found and it does not let me set up a connection either.

Let me know what to do since flash disinfectant is not working on it.

I have a desktop as well and have problems on that as well. I will start a new thread for it. Would be great if you could help me clean that up as well!

Thanks a ton for all your help!

Title: cannot connect to the internet
Post by: kota123 on November 03, 2008, 12:51:05 PM

I anyway ran a scan with combofix again after doing the drag and drop of that file. Here it is :

ComboFix 08-11-02.04 - sunil 2008-11-03 23:10:36.2 - NTFSx86
Microsoft® Windows Vistaâ„¢ Home Premium   6.0.6000.0.1252.1.1033.18.447 [GMT 5.5:30]
Running from: C:\Users\sunil\Desktop\ComboFix.exe
Command switches used :: C:\Users\sunil\Desktop\CFScript.txt
 * Created a new restore point

FILE ::
F:\1wod1.com
F:\TunerSetup.exe
.

(((((((((((((((((((((((((   Files Created from 2008-10-03 to 2008-11-03  )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-03 09:16    ---------    d-----w    C:\Program Files\Common Files\Symantec Shared
2008-11-03 09:13    ---------    d-----w    C:\ProgramData\NortonInstaller
2008-11-02 20:00    ---------    d-----w    C:\Program Files\Malwarebytes' Anti-Malware
2008-11-02 19:59    ---------    d-----w    C:\Users\sunil\AppData\Roaming\Malwarebytes
2008-11-02 19:59    ---------    d-----w    C:\ProgramData\Malwarebytes
2008-11-02 11:25    ---------    d-----w    C:\Program Files\Trend Micro
2008-11-01 19:30    ---------    d-----w    C:\Program Files\Electronic Arts
2008-10-31 11:51    ---------    d-----w    C:\Program Files\AVG
2008-10-22 10:40    38,496    ----a-w    C:\Windows\system32\drivers\mbamswissarmy.sys
2008-10-22 10:40    15,504    ----a-w    C:\Windows\system32\drivers\mbam.sys
2008-10-14 18:28    ---------    d-----w    C:\Users\sunil\AppData\Roaming\LimeWire
2008-09-18 04:35    3,505,208    ----a-w    C:\Windows\System32\ntkrnlpa.exe
2008-09-18 04:35    3,470,904    ----a-w    C:\Windows\System32\ntoskrnl.exe
2008-07-17 17:07    174    --sha-w    C:\Program Files\desktop.ini
2008-03-14 17:07    4,506,256    ----a-w    C:\Users\sunil\LimeWireWin.exe
2008-04-27 16:47    16,384    --sha-w    C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-04-27 16:47    32,768    --sha-w    C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-04-27 16:47    16,384    --sha-w    C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2007-09-27 17:34    22    --sha-w    C:\Windows\SMINST\HPCD.sys
.

(((((((((((((((((((((((((((((   snapshot@2008-11-03_15.06.26.84   )))))))))))))))))))))))))))))))))))))))))
.
- 2008-11-03 09:17:11    1,660    ----a-w    C:\Windows\bthservsdp.dat
+ 2008-11-03 17:16:18    1,660    ----a-w    C:\Windows\bthservsdp.dat
- 2008-11-01 21:26:26    51,200    ----a-w    C:\Windows\inf\infpub.dat
+ 2008-11-03 17:11:55    51,200    ----a-w    C:\Windows\inf\infpub.dat
- 2008-11-01 21:26:26    86,016    ----a-w    C:\Windows\inf\infstrng.dat
+ 2008-11-03 17:11:54    86,016    ----a-w    C:\Windows\inf\infstrng.dat
- 2008-11-03 09:18:05    2,048    --sha-w    C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-11-03 17:26:04    2,048    --sha-w    C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-11-03 09:18:05    2,048    --sha-w    C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-11-03 17:26:04    2,048    --sha-w    C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-11-03 09:20:26    262,144    --sha-w    C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-11-03 17:28:13    262,144    --sha-w    C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-11-03 17:28:13    262,144    ---ha-w    C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-11-03 09:20:57    262,144    --sha-w    C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-11-03 17:28:44    262,144    --sha-w    C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-11-03 17:28:44    262,144    ---ha-w    C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-11-02 12:47:33    16,384    --sha-w    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-11-03 13:42:08    16,384    --sha-w    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-11-02 12:47:33    32,768    --sha-w    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-11-03 13:42:08    32,768    --sha-w    C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-11-02 12:47:33    16,384    --sha-w    C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-11-03 13:42:08    16,384    --sha-w    C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-11-03 13:59:11    2,456    ----a-w    C:\Windows\System32\networklist\icons\{C7E7006D-6270-458A-90E3-EDEC83296DEE}_24.bin
+ 2008-11-03 13:59:11    4,280    ----a-w    C:\Windows\System32\networklist\icons\{C7E7006D-6270-458A-90E3-EDEC83296DEE}_32.bin
+ 2008-11-03 13:59:11    9,560    ----a-w    C:\Windows\System32\networklist\icons\{C7E7006D-6270-458A-90E3-EDEC83296DEE}_48.bin
+ 2008-11-03 13:33:16    2,456    ----a-w    C:\Windows\System32\networklist\icons\{CABB3DE3-FE77-4DDD-9F17-472F5B1646CB}_24.bin
+ 2008-11-03 13:33:16    4,280    ----a-w    C:\Windows\System32\networklist\icons\{CABB3DE3-FE77-4DDD-9F17-472F5B1646CB}_32.bin
+ 2008-11-03 13:33:16    9,560    ----a-w    C:\Windows\System32\networklist\icons\{CABB3DE3-FE77-4DDD-9F17-472F5B1646CB}_48.bin
- 2008-11-03 09:23:16    108,526    ----a-w    C:\Windows\System32\perfc009.dat
+ 2008-11-03 17:31:08    108,526    ----a-w    C:\Windows\System32\perfc009.dat
- 2008-11-03 09:23:16    623,342    ----a-w    C:\Windows\System32\perfh009.dat
+ 2008-11-03 17:31:08    623,342    ----a-w    C:\Windows\System32\perfh009.dat
- 2008-10-31 11:51:07    6,291,456    ----a-w    C:\Windows\System32\SMI\Store\Machine\schema.dat
+ 2008-11-03 15:35:54    6,291,456    ----a-w    C:\Windows\System32\SMI\Store\Machine\schema.dat
- 2008-11-03 09:20:29    9,346    ----a-w    C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2410051080-4086888286-96072662-1000_UserData.bin
+ 2008-11-03 17:28:32    9,672    ----a-w    C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2410051080-4086888286-96072662-1000_UserData.bin
- 2008-11-03 09:20:29    72,154    ----a-w    C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-11-03 17:28:32    72,408    ----a-w    C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-11-03 09:20:27    39,478    ----a-w    C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-11-03 17:28:31    40,206    ----a-w    C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
- 2008-11-02 16:12:16    286,186    ----a-w    C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
+ 2008-11-03 13:27:56    287,284    ----a-w    C:\Windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2008-10-31 11:51:16    127,229,525    ----a-w    C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2008-11-03 15:29:00    135,362,018    ----a-w    C:\Windows\winsxs\ManifestCache\6.0.6001.18000_001c50b5_blobs.bin
+ 2008-02-22 05:01:41    64,512    ----a-w    C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_6.0.6001.18148_none_01c5b803a1ec4989\WininetPlugin.dll
+ 2007-09-13 02:21:28    2,455,488    ----a-w    C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.16757_none_f97ccc016eba3585\ieapfltr.dat
+ 2007-09-13 02:21:28    2,455,488    ----a-w    C:\Windows\winsxs\x86_microsoft-windows-ie-antiphishfilter_31bf3856ad364e35_6.0.6000.20927_none_fa26da7687bf7ea3\ieapfltr.dat
+ 2008-01-19 07:34:31    180,736    ----a-w    C:\Windows\winsxs\x86_microsoft-windows-ieframe_31bf3856ad364e35_6.0.6001.18148_none_647f3125ae3840ec\ieui.dll
.
-- Snapshot reset to current date --
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 125440]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-13 827392]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-11 317128]
"Venturi Configurator"="C:\Program Files\Netbooster Client\Configurator\ventcfg.exe" [2007-02-05 923272]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-05-07 77824]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-14 159744]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-02-26 133912]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-02-26 138008]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-02 472776]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-13 50696]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-02-26 154392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="C:\Windows\SMINST\launcher.exe" [2006-11-08 44128]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 40048]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 734872]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{CB3978FB-F35C-46AC-A5A6-B4E668379EBB}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{C20B22A1-85AA-4701-8F7D-E3433BF407B0}"= C:\Program Files\HP\QuickPlay\QP.exe:Quick Play
"{114D994F-2081-4DD3-95FC-661AC929A3A4}"= C:\Program Files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{B86011A9-F95C-4F7C-8372-ABCBF00E3DD8}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{5DDD1ED1-51C5-4344-92EB-B98098202725}"= UDP:C:\Users\sunil\Desktop\LimeWire\LimeWire.exe:LimeWire
"{0106340B-7AC4-4543-A7F8-C3D2F891E7C1}"= TCP:C:\Users\sunil\Desktop\LimeWire\LimeWire.exe:LimeWire
"{F5BDE7C9-41AE-4097-94DE-5361C16F93E9}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{8ADD27E4-6B37-4E69-A854-96A4AECE6F2B}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{4C46E6C7-675A-425A-8686-29D2E5E8A3C1}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{B284396E-7480-4B47-8636-DF412D59DB76}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R2 VenturiClient;Venturi Client;C:\Program Files\Netbooster Client\Client\ventc.exe [2007-02-05 2410080]
R3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\DRIVERS\btwavdt.sys [2007-01-02 80688]
S3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service;C:\Windows\system32\drivers\CHDRT32.sys [2008-03-03 182272]
S3 zteusbser;ZTE USB Device for Legacy Serial Communication;C:\Windows\system32\DRIVERS\zteusbser.sys [2007-08-20 98432]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs    REG_MULTI_SZ       BthServ
.
Contents of the 'Scheduled Tasks' folder

2008-11-03 C:\Windows\Tasks\User_Feed_Synchronization-{C203164B-CEC6-402C-8F72-1989ACCBF56A}.job
- C:\Windows\system32\msfeedssync.exe [2006-11-02 15:15]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net (http://\"http://www.gmer.net\")
Rootkit scan 2008-11-03 23:15:12
Windows 6.0.6000  NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-11-03 23:17:29
ComboFix-quarantined-files.txt  2008-11-03 17:47:13
ComboFix2.txt  2008-11-03 09:37:10

Pre-Run: The system cannot find message text for message number 0x2379 in the message file for Application.
Post-Run: 108,401,790,976 bytes free

155    --- E O F ---    2008-10-27 23:14:43

Title: cannot connect to the internet
Post by: guestolo on November 04, 2008, 12:38:04 AM

Actually, if you can post a Hijackthis log from the the desktop that has Internet connection
That may be of some help

Title: cannot connect to the internet
Post by: kota123 on November 04, 2008, 07:02:59 AM

Here is the log from the laptop that is working:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:01:03, on 04-11-2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaio-online.sony.com/ (http://\"http://vaio-online.sony.com/\")
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vaio-online.sony.com/ (http://\"http://vaio-online.sony.com/\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 (http://\"http://go.microsoft.com/fwlink/?LinkId=69157\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 (http://\"http://go.microsoft.com/fwlink/?LinkId=54896\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 (http://\"http://go.microsoft.com/fwlink/?LinkId=69157\")
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe (User 'Default user')
O4 - Startup: Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://download.sopcast.com/download/SOPCORE.CAB (http://\"http://download.sopcast.com/download/SOPCORE.CAB\")
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2BDBB34-9498-47C8-9736-1F06466B065B}: NameServer = 59.163.209.2
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 3\IcVzMon.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\stacsv.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Content Collection (VAIOMediaPlatform-UCLS-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
O23 - Service: VAIO Media Content Collection (HTTP) (VAIOMediaPlatform-UCLS-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Content Collection (UPnP) (VAIOMediaPlatform-UCLS-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10616 bytes

Title: cannot connect to the internet
Post by: guestolo on November 04, 2008, 11:10:53 AM

On the laptop with working connection
Can you check out your TCPIP settings and compare it with the non connected one

If you make any changes, ensure to right down any settings beforehand, in case you must reverse it
Here's some info
http://windowshelp.microsoft.com/Windows/e...8b11e21033.mspx (http://\"http://windowshelp.microsoft.com/Windows/en-US/help/e070bf7b-6d5e-4f49-b4f7-10aa8d8b11e21033.mspx\")

Especially take note of the DNS server settings
Let me know if it's any help

Title: cannot connect to the internet
Post by: kota123 on November 04, 2008, 11:27:25 AM

All TCP/IP settings are the same on both laptops including the DNS info.

Title: cannot connect to the internet
Post by: guestolo on November 04, 2008, 11:29:57 AM

Are you positive, take a close look at IP settings

Title: cannot connect to the internet
Post by: guestolo on November 04, 2008, 11:34:22 AM

In addition, have you tried cycling off the router and modem
As in, shut down the laptop, pull the power plug on the Modem and Router

Wait a minute then replug in the Modem, let it connect
Then plug in the Router, let it connect
Restart the laptop and see if you can connect

If not, we might have to look at corrupt Winsock because of Netbooster

Title: cannot connect to the internet
Post by: kota123 on November 04, 2008, 03:47:39 PM

I re-checked everything its all same! I have tried several times to shut down, remove the cable and then try again later but it still does not let me surf. Connection is established and then the same thing happens, even though no sites or programs are running the bytes received and sent keeps on increasing. When i do try to open a site it stays at a blank page and says website found, waiting for reply. I tried to ping yahoo.com and it returned a time out message, 4 packets sent out of which 2 were lost.

Title: cannot connect to the internet
Post by: guestolo on November 04, 2008, 06:26:24 PM

I think there's only one way to know if it's Venturi Netbooster
You should close all other open windows and Uninstall Netbooster

Reboot the computer

Does that get you online?
If not, let's try and reset Winsock
   1. Click on Start button.
   2. Type Cmd in the Start Search text box.
   3. Press Ctrl-Shift-Enter keyboard shortcut to run Command Prompt as Administrator. Allow elevation request.
   4. Type
netsh winsock reset <--Note the single spaces after each word
 in the Command Prompt shell, and then press the Enter key.
   5. Restart the computer.

Does that help

Title: cannot connect to the internet
Post by: kota123 on November 04, 2008, 06:44:21 PM

Netbooster removal had no effect either.

I tried to do the winsock reset but pressing ctrl-shift-enter does not change anything or give any prompt to allow elevation. I even tried typing the reset message but was given an error saying requires elevation. I tried 3-4 times but the elevation or administrator window does not pop up after pressing ctrl-shift-enter. It opens the regular window.

Title: cannot connect to the internet
Post by: guestolo on November 04, 2008, 06:57:43 PM

Can you try the following
Open Start Menu.

Go to accessories Locate the command prompt under accessories.

Right Click on its shortcut then select Run as Administrator.

Title: cannot connect to the internet
Post by: kota123 on November 04, 2008, 07:09:56 PM

Ok that worked....i am going to try and connect to the internet now, will let you know what happens!

Title: cannot connect to the internet
Post by: kota123 on November 04, 2008, 08:04:43 PM

Well the internet connection was established and a site did open half way through...so some progress! Also when i opened cmd and pinged a few addresses the packet loss was either 0 or 1 which is also better than previous times so the problem seems to be resolving but not fully yet!

I will try again tomorrow and let you know how it goes, bedtime for me now.

Thanks!

Title: cannot connect to the internet
Post by: nath on November 05, 2008, 08:02:56 PM

Hi friend,
                    If your service provider told you it's your pc problem then you have to told you hardware engineer to solve your problem.

Title: cannot connect to the internet
Post by: guestolo on November 06, 2008, 11:04:59 PM

Quote

If your service provider told you it's your pc problem then you have to told you hardware engineer to solve your problem.

Again, you make a great statement
What the heck did you say???
Are you trying to help, or post ineligible comments?

Title: cannot connect to the internet
Post by: H3 Semipro on November 06, 2008, 11:48:02 PM

i dont know nearly as much as guestolo on computers here and i dont wanna look like a dumbass so ill just tell you what i did to fix my connection a while back...
go to network connections--> rite click on wireless and click properties then wireless networks tabs and remove all the preferred networks (make sure u can still get wep code or w/e it uses tho) then press ok, then open it back up to the wireless network tab and check off the 'use windows to configure wireless settings' then click ok then view wireless networks and re-enter wep and make sure u have it rite and see if that works...

plz dont flame me if this doesnt have anything to do with it but i couldnt connect to my wireless for a lil and thats what i did so im just trying to help

Title: cannot connect to the internet
Post by: guestolo on November 07, 2008, 06:53:47 AM

H3 Semipro, any real help is appreciated
Sorry I sounded so harsh to Nath, but I'm not sure if he/she is trying to help
Or just post for the heck of it