Internet problem

[mcterray]

Hi my computer has been running slowly lately for the past week and when I search the web,
the internet goes very slow or the internet isn't working at all.
I have Comcast and this doesn't usually happen. The router I am using is Dlink and I've never had a problem with it.
I have several computers connecting to the router and they all work besides this computer. The computer has a ethernet cable connected to the router and it says i have internet access.
I have scanned my computer with superantispyware, malwarebytes and avast. None of these have helped my situation.

Here are my logs,

Malwarebytes

Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.12.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Administrator :: Terry

1/12/2012 9:08:37 AM
mbam-log-2012-01-12 (09-08-37).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 172445
Time elapsed: 3 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



DDS


.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514
Run by Administrator at 9:49:41 on 2012-01-12
State of Independence Windows 7 Ultimate  6.1.7601.1.1252.1.1033.18.2014.581 [GMT -5:00]
.
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.45\deploy\LoLLauncher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.117\deploy\LolClient.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Google Update] "C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
uPolicies-explorer: NoResolveTrack = 1 (0x1)
dPolicies-explorer: NoResolveTrack = 1 (0x1)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{88DE87A4-325A-4D0D-B4D0-56A8D54E695A} : DhcpNameServer = 192.168.0.1
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64:     AcroIEHelperStub - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdis;avast! Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\aswNdis.sys --> C:\Windows\system32\DRIVERS\aswNdis.sys [?]
R0 aswNdis2;avast! Firewall Core Firewall Service;C:\Windows\system32\drivers\aswNdis2.sys --> C:\Windows\system32\drivers\aswNdis2.sys [?]
R1 aswFW;avast! TDI Firewall driver;C:\Windows\system32\drivers\aswFW.sys --> C:\Windows\system32\drivers\aswFW.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-12-7 44768]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
S2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2011-12-7 127192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-29 652872]
.
=============== Created Last 30 ================
.
2012-01-11 18:03:20   --------   d-----w-   C:\Windows\System32\appmgmt
2012-01-11 17:46:42   69000   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{394CF372-58EC-4940-A21D-CF0B94603057}\offreg.dll
2012-01-11 17:18:11   8822856   ----a-w-   C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{394CF372-58EC-4940-A21D-CF0B94603057}\mpengine.dll
2012-01-11 17:15:05   77312   ----a-w-   C:\Windows\System32\packager.dll
2012-01-11 17:15:04   67072   ----a-w-   C:\Windows\SysWow64\packager.dll
2012-01-11 17:15:02   1572864   ----a-w-   C:\Windows\System32\quartz.dll
2012-01-11 17:15:02   1328128   ----a-w-   C:\Windows\SysWow64\quartz.dll
2012-01-11 17:15:01   514560   ----a-w-   C:\Windows\SysWow64\qdvd.dll
2012-01-11 17:15:01   366592   ----a-w-   C:\Windows\System32\qdvd.dll
2012-01-09 10:26:00   --------   d-----w-   C:\38a36032fd9be72967
2012-01-03 01:26:30   --------   d-----w-   C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2011-12-27 22:11:20   414368   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-27 07:27:22   --------   d-----w-   C:\Users\Administrator\AppData\Roaming\LockHunter
2011-12-20 10:46:38   --------   d-----w-   C:\Users\Administrator\AppData\Local\AOL
2011-12-20 10:46:25   --------   d-----w-   C:\Program Files (x86)\Common Files\AOL
2011-12-20 10:40:11   --------   d-----w-   C:\Users\Administrator\AppData\Local\Apple Computer
2011-12-20 10:40:03   34152   ----a-w-   C:\Windows\System32\drivers\GEARAspiWDM.sys
2011-12-20 10:40:03   126312   ----a-w-   C:\Windows\System32\GEARAspi64.dll
2011-12-20 10:40:03   107368   ----a-w-   C:\Windows\SysWow64\GEARAspi.dll
2011-12-20 10:39:41   --------   d-----w-   C:\Program Files\iPod
2011-12-20 10:39:40   --------   d-----w-   C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-12-20 10:39:40   --------   d-----w-   C:\Program Files\iTunes
2011-12-20 10:39:40   --------   d-----w-   C:\Program Files (x86)\iTunes
2011-12-20 10:39:31   --------   d-----w-   C:\Users\Administrator\AppData\Local\Apple
2011-12-20 10:38:59   --------   d-----w-   C:\Program Files\Bonjour
2011-12-20 10:38:59   --------   d-----w-   C:\Program Files (x86)\Bonjour
2011-12-15 12:29:52   2048   ----a-w-   C:\Windows\SysWow64\tzres.dll
2011-12-15 12:29:52   2048   ----a-w-
   C:\Windows\System32\tzres.dll
2011-12-14 12:09:11   --------   d-----w-   C:\Users\Administrator\AppData\Roaming\Malwarebytes
2011-12-14 12:09:02   --------   d-----w-   C:\ProgramData\Malwarebytes
2011-12-14 12:08:58   23152   ----a-w-   C:\Windows\System32\drivers\mbam.sys
2011-12-14 12:08:57   --------   d-----w-   C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-14 11:22:45   --------   d-----w-   C:\Users\Administrator\AppData\Roaming\SUPERAntiSpyware.com
2011-12-14 11:22:26   --------   d-----w-   C:\ProgramData\SUPERAntiSpyware.com
2011-12-14 11:22:26   --------   d-----w-   C:\Program Files\SUPERAntiSpyware
.
==================== Find3M  ====================
.
2011-12-09 00:06:55   152576
   ----a-w-   C:\Windows\SysWow64\msclmd.dll
2011-12-09 00:06:54   175616   ----a-w-   C:\Windows\System32\msclmd.dll
2011-12-08 01:31:18   0   ----a-w-   C:\Windows\ativpsrm.bin
2011-12-08 00:40:12   270720
   ------w-   C:\Windows\System32\MpSigStub.exe
2011-11-28 18:01:25   41184   ----a-w-   C:\Windows\avastSS.scr
2011-11-28 17:54:44   140120   ----a-w-   C:\Windows\System32\drivers\aswFW.sys
2011-11-28 17:54:06   591192
   ----a-w-   C:\Windows\System32\drivers\aswSnx.sys
2011-11-28 17:53:28   258392   ----a-w-   C:\Windows\System32\drivers\aswNdis2.sys
2011-11-28 17:52:11   66904   ----a-w-   C:\Windows\System32\drivers\aswMonFlt.sys
2011-11-28 17:26:19   12368   ----a-w-   C:\Windows\System32\drivers\aswNdis.sys
2011-11-24 04:52:09   3145216   ----a-w-   C:\Windows\System32\win32k.sys
2011-11-17 06:49:14   95600   ----a-w-   C:\Windows\System32\drivers\ksecdd.sys
2011-11-17 06:49:14   152432   ----a-w-   C:\Windows\System32\drivers\ksecpkg.sys
2011-11-17 06:44:43   459232   ----a-w-   C:\Windows\System32\drivers\cng.sys
2011-11-17 06:41:18   1731920   ----a-w-   C:\Windows\System32\ntdll.dll
2011-11-17 06:35:28
   395776   ----a-w-   C:\Windows\System32\webio.dll
2011-11-17 06:35:26   29184   ----a-w-   C:\Windows\System32\sspisrv.dll
2011-11-17 06:35:26   136192   ----a-w-   C:\Windows\System32\sspicli.dll
2011-11-17 06:35:25
   340992   ----a-w-   C:\Windows\System32\schannel.dll
2011-11-17 06:35:25   28160   ----a-w-   C:\Windows\System32\secur32.dll
2011-11-17 06:35:19   1447936   ----a-w-   C:\Windows\System32\lsasrv.dll
2011-11-17 06:33:55
   31232   ----a-w-   C:\Windows\System32\lsass.exe
2011-11-17 05:38:39   1292080   ----a-w-   C:\Windows\SysWow64\ntdll.dll
2011-11-17 05:35:02   314880   ----a-w-   C:\Windows\SysWow64\webio.dll
2011-11-17 05:34:52
   224768   ----a-w-   C:\Windows\SysWow64\schannel.dll
2011-11-17 05:34:52   22016   ----a-w-   C:\Windows\SysWow64\secur32.dll
2011-11-17 05:28:48   96768   ----a-w-   C:\Windows\SysWow64\sspicli.dll
2011-11-10 09:54:13
   472808   ----a-w-   C:\Windows\SysWow64\deployJava1.dll
2011-11-05 05:41:43   1188864   ----a-w-   C:\Windows\System32\wininet.dll
2011-11-05 04:35:00   981504   ----a-w-   C:\Windows\SysWow64\wininet.dll
2011-11-05 03:32:47   1638912   ----a-w-   C:\Windows\System32\mshtml.tlb
2011-11-05 02:48:51   1638912   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2011-10-26 05:21:20   43520   ----a-w-   C:\Windows\System32\csrsrv.dll
2011-10-15 06:31:56   723456   ----a-w-   C:\Windows\System32\EncDec.dll
2011-10-15 05:38:59   534528   ----a-w-   C:\Windows\SysWow64\EncDec.dll
.
============= FINISH:  9:50:54.65 ===============


PAGE 2

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
State of Independence Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 12/7/2011 5:53:12 AM
System Uptime: 1/12/2012 8:42:50 AM (1 hours ago)
.
Motherboard: Dell Inc. |  | 0PU052
Processor: Intel(R) Core(TM)2 Duo CPU     E4500  @ 2.20GHz | CPU | 2200/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 161.351 GiB free.
D: is FIXED (NTFS) - 0 GiB total, 0.068 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_8086&DEV_29B4&SUBSYS_02111028&REV_02\3&172E68DD&0&18
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_8086&DEV_29B4&SUBSYS_02111028&REV_02\3&172E68DD&0&18
Service:
.
Class GUID:
Description: PCI Serial Port
Device ID: PCI\VEN_8086&DEV_29B7&SUBSYS_02111028&REV_02\3&172E68DD&0&1B
Manufacturer:
Name: PCI Serial Port
PNP Device ID: PCI\VEN_8086&DEV_29B7&SUBSYS_02111028&REV_02\3&172E68DD&0&1B
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.1)
Adobe Shockwave Player 11.5
Apple Application Support
Apple Software Update
avast! Internet Security
Driver Magician 3.51
GIMP 2.6.11
Google Chrome
Java(TM) 6 Update 30
K-Lite Mega Codec Pack 6.5.0
League of Legends
Malwarebytes Anti-Malware version 1.60.0.1800
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Silverlight
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
Pando Media Booster
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
SFXMaker
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Windows Style Builder 1.5
.
==== Event Viewer Messages From Past Week ========
.
1/9/2012 5:26:29 AM, Error: Service Control Manager [7034]  - The MBAMService service terminated unexpectedly.  It has done this 1 time(s).
1/12/2012 9:00:31 AM, Error: Service Control Manager [7031]  - The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
1/11/2012 12:41:38 PM, Error: Service Control Manager [7034]  - The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).
1/11/2012 12:41:22 PM, Error: Service Control Manager [7031]  - The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
.
==== End Of File ===========================


Superantispyware log


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/12/2012 at 11:50 AM

Application Version : 5.0.1142

Core Rules Database Version : 8122
Trace Rules Database Version: 5934

Scan type       : Complete Scan
Total Scan Time : 02:18:26

Operating System Information
Windows 7 Ultimate 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned      : 535
Memory threats detected   : 0
Registry items scanned    : 68733
Registry threats detected : 0
File items scanned        : 396538
File threats detected     : 0

[SuperDave]

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
To set a new Restore Point.

Click Start button , click Control Panel, click System and Maintenance, and then clicking System. In the left pane, click System Protection.  If you are prompted for an administrator password or confirmation, type the password or provide confirmation. To turn off System Protection for a hard disk, clear the check box next to the disk, and then click OK. Reboot to Normal Mode.
Click the Start button , click Control Panel, click System and Maintenance, and then click System.
In the left pane, click System Protection.  If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
To turn on System Protection for a hard disk, select the check box next to the disk, and then click OK.
This will give you a new, Restore Point.
************************************************************
Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
*************************************************************
Download ComboFix by sUBs from one of the below links.  Be sure to save it to the Desktop.

link # 1
Link # 2
If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Right-click combofix.exe and select Run as Administrator and follow the prompts.
When finished, ComboFix will produce a log for you.
Post the ComboFix login your next reply.

NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.

[mcterray]

Hi thank you so much for the reply, I've also had a problem with the system restore too and it's now fixed. My internet problem is very strange. It stops working and starts working in different patterns. As of today it was working but yesterday it didn't and two days before that. So far my internet hasn't shut down yet but here is my log.


ComboFix 12-01-13.05 - Administrator 01/14/2012   0:03.2.2 - x64
State of Independence Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.2014.1165 [GMT -5:00]
Running from: c:\users\Administrator\Downloads\ComboFix.exe
AV: avast! Internet Security *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2011-12-14 to 2012-01-14  )))))))))))))))))))))))))))))))
.
.
2012-01-14 05:09 . 2012-01-14 05:09   --------   d-----w-   c:\users\Default\AppData\Local\temp
2012-01-13 18:00 . 2011-12-08 00:40   8822856   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{8B0FB05E-CE0F-4B3A-A8B5-D31308CEFDD9}\mpengine.dll
2012-01-12 16:35 . 2009-12-15 06:01   286208   ----a-w-   c:\windows\system32\w32tmdt.cpl
2012-01-12 14:46 . 2012-01-12 14:46   --------   d-----w-   c:\windows\Sun
2012-01-11 18:52 . 2012-01-11 18:52   --------   d-----w-   c:\program files (x86)\Common Files\Java
2012-01-11 18:03 . 2012-01-11 18:03   --------   d-----w-   c:\windows\system32\appmgmt
2012-01-11 17:15 . 2011-11-19 14:58   77312   ----a-w-   c:\windows\system32\packager.dll
2012-01-11 17:15 . 2011-11-19 14:01   67072   ----a-w-   c:\windows\SysWow64\packager.dll
2012-01-11 17:15 . 2011-10-26 05:25   1572864   ----a-w-   c:\windows\system32\quartz.dll
2012-01-11 17:15 . 2011-10-26 04:32   1328128   ----a-w-   c:\windows\SysWow64\quartz.dll
2012-01-11 17:15 . 2011-10-26 05:25   366592   ----a-w-   c:\windows\system32\qdvd.dll
2012-01-11 17:15 . 2011-10-26 04:32   514560   ----a-w-   c:\windows\SysWow64\qdvd.dll
2012-01-09 10:26 . 2012-01-09 10:26   --------   d-----w-   C:\38a36032fd9be72967
2012-01-03 01:26 . 2012-01-03 01:26   --------   d-----w-   c:\users\Administrator\AppData\Local\ElevatedDiagnostics
2011-12-27 22:11 . 2011-12-27 22:11   414368   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-27 07:27 . 2011-12-27 07:27   --------   d-----w-   c:\users\Administrator\AppData\Roaming\LockHunter
2011-12-20 10:46 . 2011-12-20 10:46   --------   d-----w-   c:\users\Administrator\AppData\Local\AOL
2011-12-20 10:46 . 2012-01-11 17:58   --------   d-----w-   c:\program files (x86)\Common Files\AOL
2011-12-20 10:40 . 2011-12-20 10:42   --------   d-----w-   c:\users\Administrator\AppData\Roaming\Apple Computer
2011-12-20 10:40 . 2011-12-20 10:40   --------   d-----w-   c:\users\Administrator\AppData\Local\Apple Computer
2011-12-20 10:40 . 2011-12-20 10:40   --------   dc----w-   c:\windows\system32\DRVSTORE
2011-12-20 10:40 . 2009-05-18 17:17   34152   ----a-w-   c:\windows\system32\drivers\GEARAspiWDM.sys
2011-12-20 10:40 . 2008-04-17 16:12   126312   ----a-w-   c:\windows\system32\GEARAspi64.dll
2011-12-20 10:40 . 2008-04-17 16:12   107368   ----a-w-   c:\windows\SysWow64\GEARAspi.dll
2011-12-20 10:39 . 2011-12-20 10:39   --------   d-----w-   c:\program files\iPod
2011-12-20 10:39 . 2011-12-20 10:40   --------   d-----w-   c:\programdata\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2011-12-20 10:39 . 2011-12-20 10:40   --------   d-----w-   c:\program files\iTunes
2011-12-20 10:39 . 2011-12-20 10:39   --------   d-----w-   c:\program files (x86)\iTunes
2011-12-20 10:39 . 2011-12-20 10:39   --------   d-----w-   c:\programdata\Apple Computer
2011-12-20 10:39 . 2011-12-20 10:39   --------   d-----w-   c:\users\Administrator\AppData\Local\Apple
2011-12-20 10:39 . 2011-12-20 10:39   --------   d-----w-   c:\program files (x86)\Apple Software Update
2011-12-20 10:39 . 2011-12-20 10:39   --------   d-----w-   c:\program files\Common Files\Apple
2011-12-20 10:38 . 2011-12-20 10:39   --------   d-----w-   c:\program files\Bonjour
2011-12-20 10:38 . 2011-12-20 10:39   --------   d-----w-   c:\program files (x86)\Bonjour
2011-12-20 10:38 . 2011-12-20 10:39   --------   d-----w-   c:\program files (x86)\Common Files\Apple
2011-12-20 10:38 . 2011-12-20 10:39   --------   d-----w-   c:\programdata\Apple
2011-12-18 21:57 . 2011-12-18 21:57   --------   d-----w-   c:\programdata\McAfee
2011-12-18 21:56 . 2011-12-18 21:56   --------   d-----w-   c:\program files (x86)\Common Files\Adobe
2011-12-15 12:29 . 2011-11-05 05:32   2048   ----a-w-   c:\windows\system32\tzres.dll
2011-12-15 12:29 . 2011-11-05 04:26   2048   ----a-w-   c:\windows\SysWow64\tzres.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-10 19:24 . 2011-12-14 12:08   23152   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-12-09 00:06 . 2009-07-14 02:36   152576   ----a-w-   c:\windows\SysWow64\msclmd.dll
2011-12-09 00:06 . 2009-07-14 02:36   175616   ----a-w-   c:\windows\system32\msclmd.dll
2011-12-08 00:40 . 2011-12-07 11:02   270720   ------w-   c:\windows\system32\MpSigStub.exe
2011-11-28 18:01 . 2011-12-08 00:25   41184   ----a-w-   c:\windows\avastSS.scr
2011-11-28 18:01 . 2011-12-08 00:25   199816   ----a-w-   c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-12-08 00:26   256960   ----a-w-   c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2011-12-08 00:26   140120   ----a-w-   c:\windows\system32\drivers\aswFW.sys
2011-11-28 17:54 . 2011-12-08 00:26   591192   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2011-12-08 00:26   304472   ----a-w-   c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:53 . 2011-12-08 00:26   258392   ----a-w-   c:\windows\system32\drivers\aswNdis2.sys
2011-11-28 17:52 . 2011-12-08 00:26   42328   ----a-w-   c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2011-12-08 00:26   58712   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2011-12-08 00:26   66904   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2011-12-08 00:26   24408   ----a-w-   c:\windows\system32\drivers\aswFsBlk.sys
2011-11-28 17:26 . 2011-12-08 00:25   12368   ----a-w-   c:\windows\system32\drivers\aswNdis.sys
2011-11-10 09:54 . 2011-12-07 10:54   472808   ----a-w-   c:\windows\SysWow64\deployJava1.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-07-14 . 1A47D52E303B7543E4E6026595B95422 . 1297408 . . [2001.12.8530.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_88a5cc7effe2dfca\comres.dll
[-] 2010-11-17 . B90F84285138A03ECAC468250713FC2D . 1312768 . . [2001.12.8530.16385] .. c:\windows\system32\comres.dll
.
[-] 2010-11-17 . 9B84BDA01CEFB3F1A06158D0E59194F2 . 614912 . . [6.1.7600.16385] .. c:\windows\regedit.exe
[7] 2009-07-14 . 2E2C937846A0B8789E5E91739284D17A . 427008 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-12-08 421736]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ      PDBoot.exe\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys

R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe

R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys

S0 aswNdis2;avast! Firewall Core Firewall Service;

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys

S1 aswFW;avast! TDI Firewall driver;

S1 aswSnx;aswSnx;

S1 aswSP;aswSP;

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe

S2 aswFsBlk;aswFsBlk;

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys

S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2011-11-28 127192]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys

.
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3518668519-632630365-4049429912-500Core.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-07 21:28]
.
2012-01-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3518668519-632630365-4049429912-500UA.job
- c:\users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-07 21:28]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01   134384   ----a-w-   c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.0.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5 977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8d,18,67,a9,c2,2a,2d,41,b4,78,0a,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839 E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,8d,18,67,a9,c2,2a,2d,41,b4,78,0a,\
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3G2"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.3GP"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AAC\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ac3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.ac3"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADT\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ADTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ADTS"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AVI"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.CDA"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.divx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.divx"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dts\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.dts"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.flv"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdmov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.hdmov"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2T\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.m3u"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4a\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M4A"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mka\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.mka"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.mkv"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MOV"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4v\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP4"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpe\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpls\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.mpls"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv4\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.mpv4"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M2TS"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.oga\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.oga"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogg\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.ogg"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.ogm"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.ogv"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ra\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.ra"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.rm"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmvb\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.rmvb"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TTS\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.TTS"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="KLCP64.WMP.webm"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMV"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-3518668519-632630365-4049429912-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
.
**************************************************************************
.
Completion time: 2012-01-14  00:14:09 - machine was rebooted
ComboFix-quarantined-files.txt  2012-01-14 05:14
.
Pre-Run: 173,345,091,584 bytes free
Post-Run: 173,196,963,840 bytes free
.
- - End Of File - - CAD3317023E51D8B236B46A0BC13CDCC

[SuperDave]

Please download Rooter and Save it to your desktop.

• Double click it to start the tool.Vista and Windows7 run as administrator.
• Click Scan.
  
• Eventually, a Notepad file containing the report will open, also found at C:\Rooter.txt. Post that log in your next reply.
  

*************************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

[mcterray]

Hi I did as you asked and here you go.


 Results of screen317's Security Check version 0.99.30 
 Windows 7  x64   
 Internet Explorer 8 Out of date!
``````````````````````````````
Antivirus/Firewall Check:
 Windows Firewall Enabled! 
 avast! Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
 Java(TM) 6 Update 30 
  Adobe Flash Player    10.1.102.64 Flash Player out of Date! 
 Adobe Reader X (10.1.2)
````````````````````````````````
Process Check: 
objlist.exe by Laurent
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast afwServ.exe 
 AVAST Software Avast AvastUI.exe 
``````````End of Log````````````

[SuperDave]

Where is the log from Rooter?

[mcterray]

Sorry, I didnt realize not posting it. Here you go.




 Rooter.exe (v1.0.2) by Eric_71
.
SeDebugPrivilege granted successfully ...
.
Windows 7 . (6.1.7601) Service Pack 1
[32_bits] - Intel64 Family 6 Model 15 Stepping 13, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Enabled
Windows Defender -> Enabled
.
Internet Explorer 8.0.7601.17514
.
C:\  [Fixed-NTFS] .. ( Total:232 Go - Free:159 Go )
D:\  [Fixed-NTFS] .. ( Total:0 Go - Free:0 Go )
E:\  [CD_Rom]
.
Scan : 12:37.21
Path : C:\Users\Administrator\Downloads\Rooter.exe
User : Administrator ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ \ (444)
______ \ (540)
______ \ (620)
______ \ (632)
______ \ (680)
______ \ (692)
______ \ (700)
______ \ (756)
______ \ (860)
______ \ (948)
______ \ (996)
______ \ (556)
______ \ (612)
______ \ (876)
______ \ (1152)
______ \ (1232)
______ C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1300)
______ \ (1332)
______ \ (1516)
______ \ (1612)
______ C:\Program Files\AVAST Software\Avast\AvastUI.exe (1996)
______ \ (1868)
______ \ (2056)
______ \ (2144)
______ \ (2216)
______ C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (2268)
______ C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (2292)
______ \ (2376)
______ \ (2404)
______ \ (2500)
______ \ (2556)
______ \ (2316)
______ \ (1204)
______ \ (3540)
______ \ (3640)
______ \ (1408)
Locked audiodg.exe (3152)
______ C:\Windows\SysWOW64\ctfmon.exe (1052)
______ C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe (3220)
______ C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.45\deploy\LoLLauncher.exe (4028)
______ C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.117\deploy\LolClient.exe (3824)
______ C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe (2928)
______ C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe (1536)
______ C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe (3788)
______ C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe (3076)
______ \ (676)
______ C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe (3188)
______ C:\Users\Administrator\Downloads\Rooter.exe (1804)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 19 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:1048576 | Length:104857600)
\Device\Harddisk0\Partition2 (Start_Offset:105906176 | Length:249892438016)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3518668519-632630365-4049429912-500Core.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3518668519-632630365-4049429912-500UA.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 12:37.24
.
C:\Rooter$\Rooter_1.txt - (15/01/2012 | 12:37.24)

[SuperDave]

Please give me an update about your computer.

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

[mcterray]

Recently my computer has been able to access the internet every time I restart after my first time turning it on in the morning.

[year+ old attachment deleted by admin]

[SuperDave]

That looks good. If there are no other issues, we can do some cleanup.

Please download the newest version of Adobe Acrobat Reader from Adobe.com

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.
*****************************************************
You can uninstall ComboFix.

To set a new Restore Point.

Click Start button , click Control Panel, click System and Maintenance, and then clicking System. In the left pane, click System Protection.  If you are prompted for an administrator password or confirmation, type the password or provide confirmation. To turn off System Protection for a hard disk, clear the check box next to the disk, and then click OK. Reboot to Normal Mode.
Click the Start button , click Control Panel, click System and Maintenance, and then click System.
In the left pane, click System Protection.  If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
To turn on System Protection for a hard disk, select the check box next to the disk, and then click OK.
This will give you a new, clean Restore Point.
***************************************************
Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
******************************************************
Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

[mcterray]

Thank you so much for your time and help. My computer is running much more efficient then it was before.  

[SuperDave]

You're welcome. I will lock this thread. If you need it re-opened, please send me a pm.