Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 22

Thread: Internet Connection Freezes Up

  1. #11
    Security Expert-Emeritus
    Join Date
    Oct 2005
    Posts
    5,025

    Default

    Yes try combofix again but re-download first please
    ~~~~~~~~~~~~~~~~~~~~~~~
    Microsoft MVP Windows-Security 2006

  2. #12
    Junior Member
    Join Date
    Aug 2006
    Posts
    12

    Default Here is the new combofix.txt

    Start Time= 10/08/2006 23:20:50.85
    Running from: C:\Documents and Settings\Happy Lappy\Desktop

    QuickScan did not find any signs of infected files

    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2006-08-10 09:59:58 40960 ( A.... ) "C:\Look2Me-Destroyer.exe"
    2006-08-07 20:58:32 ( .D... ) "C:\Documents and Settings\Happy Lappy\Application Data\3M"
    2006-08-07 20:58:08 ( .D... ) "C:\Program Files\3M"
    2006-08-04 02:52:14 ( .D... ) "C:\Program Files\SpywareBlaster"
    2006-08-04 02:07:54 ( .D... ) "C:\Program Files\NoAdware4"
    2006-08-02 16:15:00 ( .D... ) "C:\Program Files\Spybot - Search & Destroy"
    2006-08-02 16:07:18 1167 ( A.... ) "C:\WINDOWS\system32\ktu7bba2.sys"
    2006-08-02 16:07:18 1167 ( A.... ) "C:\WINDOWS\system32\ktu7bba2.sys"
    2006-08-02 15:37:34 61952 ( A.... ) "C:\WINDOWS\system32\ktu7bba2.dll"
    2006-06-12 23:18:24 ( .D... ) "C:\Documents and Settings\Happy Lappy\Application Data\vlc"
    2006-06-12 20:30:48 ( .D... ) "C:\Program Files\TVU Player"


    (((((((((((((((((((((((((((((((((((((( Files Created - Last 30days )))))))))))))))))))))))))))))))))))))))))))


    2006-08-10 09:59 40,960 C:\Look2Me-Destroyer.exe
    2006-08-02 15:37 61,952 C:\WINDOWS\system32\ktu7bba2.dll
    2006-08-02 15:37 1,167 C:\WINDOWS\system32\ktu7bba2.sys


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "ATIModeChange"="Ati2mdxx.exe"
    "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
    "SoundMan"="SOUNDMAN.EXE"
    "SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
    "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
    "AVWLPSTA.exe"="AVWLPSTA.EXE START"
    "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
    "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000005

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="My Current Home Page"
    "Flags"=dword:00000002
    "Position"=hex:2c,00,00,00,18,01,00,00,00,00,00,00,60,04,00,00,fe,03,00,00,00,\
    00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
    "CurrentState"=hex:04,00,00,40
    "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
    ff,ff,04,00,00,00
    "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
    00,00,01,00,00,00

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""




    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\At1.job
    C:\WINDOWS\tasks\At2.job
    C:\WINDOWS\tasks\XoftSpy.job

    Completion time: 10/08/2006 23:20:59.18
    ComboFix ver 06.07.15/30 - This logfile is located at C:\ComboFix.txt

    ComboFix.2006-08-10.020213.txt
    ComboFix.2006-08-10.020252.txt
    ComboFix.2006-08-10.020733.txt
    ComboFix.2006-08-10.232050.txt

  3. #13
    Junior Member
    Join Date
    Aug 2006
    Posts
    12

    Default

    I'm not sure if the above report means that I'm clean or not, or if there are any/no errors, so there it is anyways...

  4. #14
    Security Expert-Emeritus
    Join Date
    Oct 2005
    Posts
    5,025

    Default

    Are you still having connection problems ?
    If so who is your provider and what type is it ?

    go here and submit these files
    http://www.virustotal.com/flash/index_en.html
    C:\WINDOWS\system32\ktu7bba2.dll
    C:\WINDOWS\system32\ktu7bba2.sys
    Let us know what if anything is found

    It doesnt appear your running either a antiviurs or firewall programs, why is that ?
    ~~~~~~~~~~~~~~~~~~~~~~~
    Microsoft MVP Windows-Security 2006

  5. #15
    Junior Member
    Join Date
    Aug 2006
    Posts
    12

    Default

    from the ktu7bba2.dll file, the following was found
    Fortinet 2.77.0.0 08.11.2006 W32/AXF!tr.dldr
    McAfee 4826 08.10.2006 Downloader-AXF

  6. #16
    Security Expert-Emeritus
    Join Date
    Oct 2005
    Posts
    5,025

    Default

    Its safe to Delete both then
    ~~~~~~~~~~~~~~~~~~~~~~~
    Microsoft MVP Windows-Security 2006

  7. #17
    Junior Member
    Join Date
    Aug 2006
    Posts
    12

    Default

    argh...

    still having connection problems, btw I'm on broadband cable...

  8. #18
    Security Expert-Emeritus
    Join Date
    Oct 2005
    Posts
    5,025

    Default

    Have you tried reseting your modem ?

    Turn the PC off unplug your modem's power source and router's if you have one, wait about four minutes plug in the modem wait a few minutes plug in the router (again wait a few moments) then turn the pc on.
    ~~~~~~~~~~~~~~~~~~~~~~~
    Microsoft MVP Windows-Security 2006

  9. #19
    Junior Member
    Join Date
    Aug 2006
    Posts
    12

    Default

    turning the power off then back on doesn't work... the internet connection still freezes up for a while before coming back to normal...

    I guess that I'ma gonna hafta live with this then...

  10. #20
    Junior Member
    Join Date
    Aug 2006
    Posts
    12

    Default

    Just wondering if you know of any other idea of what this could be attributted to or of another site that may help me fix this up...

    at this point it seems to be something else other then malware since I look to be clean of all exsisting problems according to S&D and etc...

    thank you for all the help!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •