Ping.exe

L

livinginmtn

New member
Hi,
I would be grateful for any help you can offer. Ping.exe keeps starting up and is consuming system resources. Here is my DDS log


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.5.0_12
Run by tfarrell at 10:46:12 on 2011-12-07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.821 [GMT -7:00]
.
AV: ESET NOD32 Antivirus 4.2 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
svchost.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\ColdFusion9\solr\solr.exe
C:\ColdFusion9\jnbridge\CFDotNetsvc.exe
C:\ColdFusion9\runtime\jre\bin\java.exe
C:\ColdFusion9\jnbridge\JNBDotNetSide.exe
C:\ColdFusion9\runtime\bin\jrunsvc.exe
C:\ColdFusion9\db\slserver54\bin\swagent.exe
C:\ColdFusion9\runtime\bin\jrun.exe
C:\ColdFusion9\db\slserver54\bin\swstrtr.exe
C:\ColdFusion9\db\slserver54\bin\swsoc.exe
C:\ColdFusion9\verity\k2\_nti40\bin\k2admin.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\system32\ifxspmgt.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
C:\WINDOWS\system32\IfxPsdSv.exe
C:\WINDOWS\System32\svchost.exe -k Sqlses
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\ColdFusion9\verity\k2\_nti40\bin\k2server.exe
C:\ColdFusion9\verity\k2\_nti40\bin\k2index.exe
C:\Program Files\Citrix\ICA Client\ssonsvr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\Microsoft Office 2010\Office14\ONENOTEM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
svchost.exe -m
C:\Program Files\Safari\Safari.exe
C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Safari\Safari.exe
C:\Program Files\Microsoft Office 2010\Office14\OUTLOOK.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\ping.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
mWindow Title =
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\progra~1\yahoo!\companion\installs\cpn0\YTNavAssist.dll
mURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\progra~1\yahoo!\companion\installs\cpn0\YTNavAssist.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_12\bin\ssv.dll
BHO: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7018.1622\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mi7967~1\office14\URLREDIR.DLL
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: pdfforge Toolbar: {b922d405-6d13-4a2b-ae89-08a030da4402} - c:\program files\pdfforge toolbar\ie\4.3\pdfforgeToolbarIE.dll
TB: Easy Photo Print: {9421dd08-935f-4701-a9ca-22df90ac4ea6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn0\yt.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [Cpqset] c:\program files\hpq\default settings\cpqset.exe
mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [FRYMXINS] "c:\program files\ati technologies\fire gl 3d studio max\atiimxgl"
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [PTHOSTTR] c:\program files\hewlett-packard\hp protecttools security manager\PTHOSTTR.EXE /Start
mRun: [IFXSPMGT] c:\windows\system32\ifxspmgt.exe /NotifyLogon
mRun: [Recguard] c:\windows\sminst\Recguard.exe
mRun: [Reminder] c:\windows\creator\Remind_XP.exe
mRun: [Scheduler] c:\windows\sminst\Scheduler.exe
mRun: [BSDAppUpdater] c:\program files\common files\bsd\appupdater\BSDChecker.exe
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [Sprint SmartView] "c:\program files\sprint\sprint smartview\SprintSV.exe" -a
mRun: [RDVCHG] "c:\program files\sprint\sprint smartview\RDVCHG.exe"
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.5.0_12\bin\jusched.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [BCSSync] "c:\program files\microsoft office 2010\office14\BCSSync.exe" /DelayServices
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [Nikon Message Center 2] c:\program files\nikon\nikon message center 2\NkMC2.exe -s
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
mRunOnce: [SpybotDeletingA1528] command.com /c del "c:\program files\free offers from freeze.com\control.txt"
mRunOnce: [SpybotDeletingC333] cmd.exe /c del "c:\program files\free offers from freeze.com\control.txt"
mRunOnce: [SpybotDeletingA6697] command.com /c del "c:\program files\free offers from freeze.com\dolphinico.ico"
mRunOnce: [SpybotDeletingC3713] cmd.exe /c del "c:\program files\free offers from freeze.com\dolphinico.ico"
StartupFolder: c:\docume~1\tfarre~1.lt-\startm~1\programs\startup\everno~1.lnk - c:\program files\evernote\evernote\EvernoteClipper.exe
StartupFolder: c:\docume~1\tfarre~1.lt-\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office 2010\office14\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
mPolicies-explorer: DisableLocalMachineRunOnce = 1 (0x1)
mPolicies-explorer: DisableLocalMachineRun = 1 (0x1)
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\evernote\evernote\EvernoteIE.dll/204
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_12\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office 2010\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office 2010\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: mswsock.dll
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1297226283656
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1312306304906
DPF: {707ABFC2-1D27-4A10-A6E4-6BE6BDF9FB11} - hxxp://dscmtn4/vc/UltraMJCamX.ocx
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA} - hxxp://dscmtn4/vc/jinstall-1_5_0_12-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_12-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.2.1 75.75.75.75
TCP: Interfaces\{5179EC27-0321-4423-852A-713092ABFA0D} : DhcpNameServer = 192.168.2.1 75.75.75.75
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: Asynchronous - sqlesw32.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: sqlesw32 - sqlesw32.dll
Notify: Sqlseses - sqlesw32.dll
Notify: }{|·¦w71@ÚºÿÁ - sqlesw32.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-7-29 115008]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2010-8-3 95896]
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [2007-7-24 38816]
R2 CF9Solr;ColdFusion 9 Solr Service;c:\coldfusion9\solr\solr.exe -zglaxservice cf9solr --> c:\coldfusion9\solr\solr.exe -zglaxservice CF9Solr [?]
R2 ColdFusion 9 .NET Service;ColdFusion 9 .NET Service;c:\coldfusion9\jnbridge\CFDotNetsvc.exe [2011-5-10 77824]
R2 ColdFusion 9 Application Server;ColdFusion 9 Application Server;c:\coldfusion9\runtime\bin\jrunsvc.exe [2011-5-10 58880]
R2 ColdFusion 9 ODBC Agent;ColdFusion 9 ODBC Agent;c:\coldfusion9\db\slserver54\bin\swagent.exe "coldfusion 9 odbc agent" --> c:\coldfusion9\db\slserver54\bin\swagent.exe ColdFusion 9 ODBC Agent [?]
R2 ColdFusion 9 ODBC Server;ColdFusion 9 ODBC Server;c:\coldfusion9\db\slserver54\bin\swstrtr.exe "coldfusion 9 odbc server" --> c:\coldfusion9\db\slserver54\bin\swstrtr.exe ColdFusion 9 ODBC Server [?]
R2 ColdFusion 9 Search Server;ColdFusion 9 Search Server;c:\coldfusion9\verity\k2\_nti40\bin\k2admin.exe [2011-5-10 3677616]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-8-12 810144]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-6-13 366152]
R2 NvtlService;NovaCore SDK Service;c:\program files\novatel wireless\novacore\server\NvtlSrvr.exe [2010-1-11 82944]
R2 SqlCSS;SQL Server EXPRESS;c:\windows\system32\svchost.exe -k Sqlses [2006-2-28 14336]
R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2011-8-19 450848]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [2011-2-8 97280]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2007-7-24 41216]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-6-13 22216]
R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S0 SMR210;Symantec SMR Utility Service 2.1.0;c:\windows\system32\drivers\smr210.sys --> c:\windows\system32\drivers\SMR210.SYS [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-14 136176]
S3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [2011-8-19 22176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-14 136176]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [2010-12-15 174720]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2006-2-28 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-12-04 17:31:29 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-12-04 17:31:29 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2011-12-03 23:57:53 -------- d-----w- c:\documents and settings\tfarrell.lt-0603\application data\Tific
2011-12-03 23:57:52 -------- d-----w- c:\documents and settings\tfarrell.lt-0603\local settings\application data\Symantec
2011-12-03 20:18:50 14744 ----a-w- c:\documents and settings\tfarrell.lt-0603\application data\microsoft\identitycrl\production\ppcrlconfig.dll
2011-12-03 20:17:34 -------- d-----w- c:\program files\MSECache
2011-12-03 19:53:05 -------- d-----w- c:\documents and settings\tfarrell.lt-0603\local settings\application data\NPE
2011-12-03 19:52:25 -------- d-----w- c:\program files\Norton Power Eraser
2011-12-03 19:15:22 -------- d-----w- c:\program files\SpyBot
2011-12-03 19:12:18 388096 ----a-r- c:\documents and settings\tfarrell.lt-0603\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-12-03 19:12:18 -------- d-----w- c:\program files\Trend Micro
2011-12-03 19:11:49 1402880 ----a-w- C:\HiJackThis.msi
2011-12-03 18:27:51 -------- d--h--w- c:\windows\PIF
2011-12-03 17:56:43 53248 ----a-w- c:\windows\system32\6to4v32.dll
2011-12-03 17:56:42 37888 ----a-w- c:\windows\system32\sqlesw32.dll
2011-12-03 17:56:42 156672 ----a-w- c:\windows\system32\sqlcsw32.dll
2011-12-03 10:11:22 116224 ----a-w- c:\windows\system32\5T740.com
2011-12-03 07:39:45 -------- d-----w- c:\documents and settings\all users\application data\IObit
2011-12-03 07:39:41 -------- d-----w- c:\program files\IObit
2011-12-02 17:13:53 116224 ----a-w- c:\windows\system32\5T740.com_
2011-12-01 21:08:35 751616 ----a-w- C:\roguekiller.exe
2011-12-01 21:02:33 -------- d-----w- C:\RK_Quarantine
2011-12-01 20:32:59 709968 ----a-w- c:\windows\is-BVQM3.exe
2011-11-30 23:38:39 -------- d-----w- c:\documents and settings\tfarrell.lt-0603\application data\pdfforge
2011-11-30 23:38:34 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2011-11-30 23:38:34 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2011-11-30 23:38:34 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2011-11-30 23:38:33 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2011-11-29 21:27:08 -------- d-----w- c:\documents and settings\tfarrell.lt-0603\Bluetooth Software
2011-11-19 20:44:44 -------- d-----w- c:\program files\File Type Assistant
2011-11-19 20:40:18 -------- d-----w- C:\Torrent
2011-11-17 19:21:52 -------- d-----w- C:\Vail Resorts
2011-11-15 16:27:05 -------- d-----w- C:\e
2011-11-15 16:27:05 -------- d-----w- C:\Data
2011-11-15 00:15:29 -------- d-----w- c:\program files\iPod
2011-11-15 00:15:24 -------- d-----w- c:\program files\iTunes
2011-11-07 21:17:13 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2011-11-07 21:17:13 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2011-11-07 21:17:13 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2011-11-07 21:17:13 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2011-11-07 21:17:13 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2011-11-07 21:17:13 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2011-11-07 21:17:13 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2011-11-07 21:03:43 -------- d-----w- c:\program files\Bonjour
.
==================== Find3M ====================
.
2011-11-12 22:12:18 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-24 21:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 21:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-09-27 19:21:33 106496 ----a-w- c:\windows\system32\ATL71.DLL
.
============= FINISH: 10:48:23.57 ===============
 
Hi, i have been travelling. Yes, I still need help. My situation is that i became infected with the 2012 Xp security virus. I downloaded spybot and hijack this. I was successful in removing the security virus but I bel;ieve that it was masking my real problem. I think i have a hijack virus. Some of my hotmail contacts have received spurious emails from that account. Now ping.exe is continually launching, gradually consuming memory and system resources until my laptop ginnds to a halt. Spybot seems to be blocking the access to the internet.
 
The last statement may be misleading. Spybot is preventing the virus from access the internet. I have just removed ping.exe with taskmgr and it was over 400k in resources after being connected via wifi for 5 minutes.

Thanks for any help you can offer.
 
This is what netstat show after 10 minutes of connection.

TCP lt-0603:30606 www.007guard.com:2449 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2455 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2459 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2461 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2463 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2467 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2473 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2477 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2479 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2481 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2483 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2485 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2487 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2491 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2493 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2501 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2503 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2509 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2511 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2513 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2515 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2519 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2521 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2524 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2526 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2530 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2532 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2536 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2538 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2542 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2544 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2546 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2548 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2550 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2552 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2554 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2556 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2558 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2560 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2562 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2564 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2566 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2568 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2570 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2572 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2574 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2576 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2578 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2580 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2586 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2588 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2590 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2592 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2594 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2596 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2598 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2606 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2608 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2610 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2612 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2614 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2616 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2618 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2624 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2626 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2628 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2630 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2634 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2638 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2642 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2644 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2646 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2648 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2654 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2656 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2660 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2662 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2664 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2666 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2668 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2670 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2672 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2678 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2680 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2682 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2684 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2688 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2690 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2692 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2694 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2696 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2698 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2700 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2706 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2712 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2714 FIN_WAIT_2
TCP lt-0603:30606 www.007guard.com:2716 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2718 FIN_WAIT_2
TCP lt-0603:30606 www.007guard.com:2720 FIN_WAIT_2
TCP lt-0603:30606 www.007guard.com:2726 FIN_WAIT_2
TCP lt-0603:30606 www.007guard.com:2728 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2730 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2732 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2734 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2736 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2738 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2742 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2744 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2758 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2760 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2766 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2772 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2774 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2776 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2778 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2780 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2782 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2784 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2786 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2788 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2790 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2792 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2798 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2802 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2804 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2808 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2810 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2812 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2814 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2816 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2818 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2820 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2822 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2824 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2826 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2828 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2830 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2832 FIN_WAIT_2
TCP lt-0603:30606 www.007guard.com:2834 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2836 FIN_WAIT_2
TCP lt-0603:30606 www.007guard.com:2838 FIN_WAIT_2
TCP lt-0603:30606 www.007guard.com:2846 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2848 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2850 TIME_WAIT
TCP lt-0603:30606 www.007guard.com:2854 FIN_WAIT_2
TCP lt-0603:30606 www.007guard.com:2858 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2860 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2862 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2868 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2870 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2872 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2880 ESTABLISHED
TCP lt-0603:30606 www.007guard.com:2890 ESTABLISHED
TCP lt-0603:2268 72.32.153.177:http LAST_ACK
TCP lt-0603:2319 211-111-162-69.static.reverse.lstn.net:http CLO
SE_WAIT
TCP lt-0603:2328 .:http TIME_WAIT
TCP lt-0603:2330 199.59.241.250:http TIME_WAIT
TCP lt-0603:2334 68.169.92.55:http TIME_WAIT
TCP lt-0603:2342 ec2-50-19-109-125.compute-1.amazonaws.com:http
ESTABLISHED
TCP lt-0603:2344 ec2-107-20-156-112.compute-1.amazonaws.com:http
ESTABLISHED
TCP lt-0603:2346 .:http TIME_WAIT
TCP lt-0603:2350 pz-in-f95.1e100.net:http ESTABLISHED
TCP lt-0603:2354 nuq04s06-in-f13.1e100.net:http ESTABLISHED
TCP lt-0603:2356 nuq04s06-in-f13.1e100.net:http ESTABLISHED
TCP lt-0603:2358 www-da1.adobe.com:http ESTABLISHED
TCP lt-0603:2360 a23-3-68-107.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2366 .:http TIME_WAIT
TCP lt-0603:2368 199.59.241.250:http TIME_WAIT
TCP lt-0603:2376 a96-17-239-139.deploy.akamaitechnologies.com:htt
ps ESTABLISHED
TCP lt-0603:2378 www-11-05-prn1.facebook.com:https ESTABLISHED
TCP lt-0603:2410 208.81.191.113:http ESTABLISHED
TCP lt-0603:2428 a23-3-68-107.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2450 a23-3-68-114.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2460 74.114.28.200:http ESTABLISHED
TCP lt-0603:2462 nuq04s07-in-f27.1e100.net:http ESTABLISHED
TCP lt-0603:2464 www-11-05-prn1.facebook.com:http ESTABLISHED
TCP lt-0603:2478 nuq04s07-in-f27.1e100.net:http ESTABLISHED
TCP lt-0603:2480 208.81.191.113:http ESTABLISHED
TCP lt-0603:2482 nuq04s06-in-f27.1e100.net:http ESTABLISHED
TCP lt-0603:2484 nuq04s06-in-f27.1e100.net:http ESTABLISHED
TCP lt-0603:2486 a96-17-227-24.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2492 ec2-184-73-247-213.compute-1.amazonaws.com:http
ESTABLISHED
TCP lt-0603:2494 a23-3-68-136.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2496 .:http TIME_WAIT
TCP lt-0603:2498 parkwebwin-v02.prod.mesa1.secureserver.net:http
CLOSING
TCP lt-0603:2504 66.150.149.23:http ESTABLISHED
TCP lt-0603:2510 66.150.149.23:http ESTABLISHED
TCP lt-0603:2512 98.129.232.76:http ESTABLISHED
TCP lt-0603:2514 ec2-184-73-170-119.compute-1.amazonaws.com:http
ESTABLISHED
TCP lt-0603:2516 a23-3-68-136.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2539 a23-3-68-114.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2551 a23-3-68-112.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2553 a23-3-68-112.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2565 ec2-107-22-189-186.compute-1.amazonaws.com:http
ESTABLISHED
TCP lt-0603:2567 a23-3-68-123.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2569 a23-3-68-123.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2575 ec2-107-22-189-186.compute-1.amazonaws.com:http
ESTABLISHED
TCP lt-0603:2587 a23-3-68-145.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2591 74.200.209.252:http ESTABLISHED
TCP lt-0603:2599 a23-3-68-146.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2607 a23-3-68-113.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2627 a23-3-68-145.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2637 .:http TIME_WAIT
TCP lt-0603:2641 213.174.148.3:http TIME_WAIT
TCP lt-0603:2655 ec2-50-19-225-159.compute-1.amazonaws.com:http
ESTABLISHED
TCP lt-0603:2665 76.74.136.93:http ESTABLISHED
TCP lt-0603:2673 76.74.136.96:http ESTABLISHED
TCP lt-0603:2679 a23-3-68-99.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2681 a23-3-68-145.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2683 a23-3-68-145.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2685 a23-3-68-99.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2689 a23-3-68-99.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2693 a23-3-68-145.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2695 a23-3-68-99.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2697 a23-3-68-130.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2699 a23-3-68-130.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2707 a23-3-68-115.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2713 a23-3-12-202.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2715 64.210.61.140:http CLOSE_WAIT
TCP lt-0603:2717 mpr2.ngd.vip.bf1.yahoo.com:http ESTABLISHED
TCP lt-0603:2719 64.210.61.140:http CLOSE_WAIT
TCP lt-0603:2723 64.210.61.136:http CLOSE_WAIT
TCP lt-0603:2727 64.210.61.136:http CLOSE_WAIT
TCP lt-0603:2729 mpr2.ngd.vip.bf1.yahoo.com:http ESTABLISHED
TCP lt-0603:2731 ec2-174-129-203-211.compute-1.amazonaws.com:http
ESTABLISHED
TCP lt-0603:2735 js-pd03.revsci.net:http ESTABLISHED
TCP lt-0603:2737 a23-3-68-138.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2739 a23-3-68-145.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2741 208.71.125.1:http TIME_WAIT
TCP lt-0603:2759 cust-69.194.143.60.switchnap.com:http ESTABLISH
ED
TCP lt-0603:2761 cust-69.194.143.60.switchnap.com:http ESTABLISH
ED
TCP lt-0603:2769 208.71.125.1:http TIME_WAIT
TCP lt-0603:2779 ec2-174-129-203-211.compute-1.amazonaws.com:http
ESTABLISHED
TCP lt-0603:2787 crispwireless.net:http ESTABLISHED
TCP lt-0603:2801 .:http TIME_WAIT
TCP lt-0603:2807 213.174.148.3:http TIME_WAIT
TCP lt-0603:2815 74.217.78.140:http ESTABLISHED
TCP lt-0603:2825 74.217.78.140:http ESTABLISHED
TCP lt-0603:2827 crispwireless.net:http ESTABLISHED
TCP lt-0603:2829 93.184.216.169:http ESTABLISHED
TCP lt-0603:2831 93.184.216.169:http ESTABLISHED
TCP lt-0603:2833 72.21.91.19:http CLOSE_WAIT
TCP lt-0603:2837 66.45.56.124:http CLOSE_WAIT
TCP lt-0603:2839 66.45.56.124:http CLOSE_WAIT
TCP lt-0603:2849 138.108.6.20:http ESTABLISHED
TCP lt-0603:2855 www.meebo.com:http CLOSE_WAIT
TCP lt-0603:2859 93.184.216.119:http ESTABLISHED
TCP lt-0603:2861 93.184.216.119:http ESTABLISHED
TCP lt-0603:2863 93.184.216.119:http ESTABLISHED
TCP lt-0603:2869 93.184.216.119:http ESTABLISHED
TCP lt-0603:2871 93.184.216.119:http ESTABLISHED
TCP lt-0603:2873 93.184.216.119:http ESTABLISHED
TCP lt-0603:2881 a23-3-68-136.deploy.akamaitechnologies.com:http
ESTABLISHED
TCP lt-0603:2891 216-18-215-4.hosted.static.webnx.com:http ESTAB
LISHED

C:\Documents and Settings\tfarrell.LT-0603>
 
I believe your host file is missing a line. Those 007guard entries happen to be the first ones in Spybots host file. You can ignore it for now, we will come back to it. If you disable the feature in Spybot then you shoudnt see them.

You said you killed ping.exe in task manager, does it return on reboot? Is a updated malwarebytes coming up clean after a scan. Is your ESET AV up to date?
We will get download to use, its called combofix. There is a guide to read first, read through the guide then apply the directions on your own machine. Post the combofix log.

Guide to using Combofix
 
When I kill Ping.exe in taskMgr it comes back within 2 to 3 minutes. I will download combofix and send you the log. ESET does not prevent the ping.exe relaunching.
 
Hi shelf life,
I ran combo fix and it created the txt file. However now I cannot attach to the Internet. My wifi shows it is connected but the stats show that no data is transmitting. Ipconfig will not run. I connected by cable to my router same result. In both normal and safe mode same result. My wireless connection status shows no data for address type, ip address , subnet mask and default gateway.
Help!!!
 
Ping

I have rebooted my computer and verified that my router is connecting to the internet. I ran netsh to rebuild my TCP/IP stack as my laptop is showing that it is connected to the internet via wifi. However, no data is being transmitted. Netsh did not do any good. I have an old PC which I am now using connected through the same router which I am using to communicate with you.
I will transfer the combofix.txt file to you. I ran it twice so may not be what u want.

ComboFix 11-12-13.03 - tfarrell 12/14/2011 13:53:06.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2047.1286 [GMT -7:00]
Running from: c:\documents and settings\tfarrell.LT-0603\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\CSC\d6
.
.
((((((((((((((((((((((((( Files Created from 2011-11-14 to 2011-12-14 )))))))))))))))))))))))))))))))
.
.
2011-12-14 19:07 . 2011-12-14 19:07 -------- d-----w- c:\documents and settings\tfarrell.LT-0603\Application Data\ICAClient
2011-12-04 20:36 . 2011-12-04 20:36 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache
2011-12-04 17:31 . 2011-12-07 00:06 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-12-04 17:31 . 2011-12-04 17:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2011-12-03 23:57 . 2011-12-03 23:57 -------- d-----w- c:\documents and settings\tfarrell.LT-0603\Application Data\Tific
2011-12-03 23:57 . 2011-12-03 23:57 -------- d-----w- c:\documents and settings\tfarrell.LT-0603\Local Settings\Application Data\Symantec
2011-12-03 20:17 . 2011-12-03 20:17 -------- d-----w- c:\program files\MSECache
2011-12-03 19:53 . 2011-12-03 20:04 -------- d-----w- c:\documents and settings\tfarrell.LT-0603\Local Settings\Application Data\NPE
2011-12-03 19:52 . 2011-12-03 19:52 -------- d-----w- c:\program files\Norton Power Eraser
2011-12-03 19:19 . 2011-12-03 19:19 -------- d-----w- c:\program files\Windows Sidebar
2011-12-03 19:15 . 2011-12-06 22:25 -------- d-----w- c:\program files\SpyBot
2011-12-03 19:12 . 2011-12-03 19:12 388096 ----a-r- c:\documents and settings\tfarrell.LT-0603\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-12-03 19:12 . 2011-12-03 19:12 -------- d-----w- c:\program files\Trend Micro
2011-12-03 19:11 . 2011-12-03 19:12 1402880 ----a-w- C:\HiJackThis.msi
2011-12-03 18:27 . 2011-12-03 18:27 -------- d--h--w- c:\windows\PIF
2011-12-03 10:11 . 2011-12-02 16:35 116224 ----a-w- c:\windows\system32\5T740.com
2011-12-03 07:39 . 2011-12-03 07:39 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit
2011-12-03 07:39 . 2011-12-03 07:39 -------- d-----w- c:\program files\IObit
2011-12-02 17:13 . 2011-12-02 17:13 -------- d-sh--w- c:\documents and settings\NetworkService\PrivacIE
2011-12-02 17:11 . 2011-12-03 11:37 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\AskToolbar
2011-12-02 17:10 . 2011-12-02 17:10 -------- d-----w- c:\documents and settings\NetworkService\Application Data\Yahoo!
2011-12-01 21:08 . 2011-12-01 20:54 751616 ----a-w- C:\roguekiller.exe
2011-12-01 21:02 . 2011-12-01 21:02 -------- d-----w- C:\RK_Quarantine
2011-12-01 20:56 . 2011-12-01 20:56 -------- d-----w- c:\documents and settings\Administrator.LT-0603\Application Data\Windows Search
2011-12-01 20:40 . 2011-12-01 20:40 -------- d-----w- c:\documents and settings\Administrator.LT-0603\Local Settings\Application Data\Apple Computer
2011-12-01 20:40 . 2011-12-01 20:40 -------- d-----w- c:\documents and settings\Administrator.LT-0603\Application Data\Apple Computer
2011-12-01 20:32 . 2011-12-01 20:32 709968 ----a-w- c:\windows\is-BVQM3.exe
2011-12-01 20:32 . 2011-12-01 20:32 -------- d-----w- c:\documents and settings\Administrator.LT-0603\Application Data\Malwarebytes
2011-12-01 20:31 . 2011-12-01 20:31 -------- d-sh--w- c:\documents and settings\Administrator.LT-0603\IECompatCache
2011-12-01 20:29 . 2011-12-01 20:29 -------- d-----w- c:\documents and settings\Administrator.LT-0603\Local Settings\Application Data\Identities
2011-12-01 20:29 . 2011-12-01 20:29 -------- d-----w- c:\documents and settings\Administrator.LT-0603\Application Data\Windows Desktop Search
2011-11-30 23:38 . 2011-11-30 23:38 -------- d-----w- c:\documents and settings\tfarrell.LT-0603\Application Data\pdfforge
2011-11-30 23:38 . 2004-03-09 08:00 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2011-11-30 23:38 . 2001-10-29 00:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2011-11-30 23:38 . 1998-06-24 08:00 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2011-11-30 23:38 . 1998-07-06 08:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2011-11-29 21:27 . 2011-11-29 21:27 -------- d-----w- c:\documents and settings\tfarrell.LT-0603\Bluetooth Software
2011-11-19 20:44 . 2011-11-19 20:44 -------- d-----w- c:\program files\File Type Assistant
2011-11-19 20:40 . 2011-11-19 20:41 -------- d-----w- C:\Torrent
2011-11-17 19:21 . 2011-11-20 16:42 -------- d-----w- C:\Vail Resorts
2011-11-15 16:27 . 2011-11-15 16:27 -------- d-----w- C:\e
2011-11-15 00:15 . 2011-11-15 00:15 -------- d-----w- c:\program files\iPod
2011-11-15 00:15 . 2011-11-15 00:16 -------- d-----w- c:\program files\iTunes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-12 22:12 . 2011-06-05 23:54 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-24 21:29 . 2011-10-24 21:29 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 21:29 . 2011-10-24 21:29 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-09-27 19:22 . 2011-09-27 19:22 57344 ----a-r- c:\documents and settings\tfarrell.LT-0603\Application Data\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
2011-09-27 19:21 . 2003-03-19 02:05 106496 ----a-w- c:\windows\system32\ATL71.DLL
2011-09-21 22:31 . 2011-09-21 22:31 53248 ----a-r- c:\documents and settings\tfarrell.LT-0603\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-14_19.03.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-12-14 20:39 . 2011-12-14 20:39 16384 c:\windows\Temp\Perflib_Perfdata_6a0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\progra~1\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll" [2011-03-16 214840]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-02-19 39408]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FRYMXINS"="c:\program files\ATI Technologies\Fire GL 3D Studio Max\atiimxgl" [X]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-10-19 177456]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 1015808]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-01-06 872448]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-11-20 488752]
"PTHOSTTR"="c:\program files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE" [2006-06-08 131072]
"IFXSPMGT"="c:\windows\system32\ifxspmgt.exe" [2008-01-26 677144]
"Recguard"="c:\windows\Sminst\Recguard.exe" [2005-12-20 1187840]
"Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-10-09 697976]
"BSDAppUpdater"="c:\program files\Common Files\BSD\AppUpdater\BSDChecker.exe" [2010-11-24 1660232]
"Sprint SmartView"="c:\program files\Sprint\Sprint SmartView\SprintSV.exe" [2010-12-15 75072]
"RDVCHG"="c:\program files\Sprint\Sprint SmartView\RDVCHG.exe" [2010-12-15 316736]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-03-11 300400]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-03-21 1230704]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2009-12-03 976320]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"BCSSync"="c:\program files\Microsoft Office 2010\Office14\BCSSync.exe" [2010-03-13 91520]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-08-12 205336]
"Nikon Message Center 2"="c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-26 619008]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-26 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-11-13 421736]
.
c:\documents and settings\tfarrell.LT-0603\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files\Evernote\Evernote\EvernoteClipper.exe [2011-8-8 977408]
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office 2010\Office14\ONENOTEM.EXE [2010-3-29 227712]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Service Manager.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [2000-8-6 69632]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Asynchronous]
[BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sqlesw32]
[BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sqlseses]
[BU]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1482476501-2049760794-682003330-1202\Scripts\Logon\0\0]
"Script"=\\dmc-colorado.com\sysvol\dmc-colorado.com\scripts\DSC.bat
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1482476501-2049760794-682003330-1202\Scripts\Logon\1\0]
"Script"=MAS_90.bat
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Cpqset"=c:\program files\HPQ\Default Settings\cpqset.exe
"KernelFaultCheck"=%systemroot%\system32\dumprep 0 -k
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"Reminder"=c:\windows\Creator\Remind_XP.exe
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_12\bin\jusched.exe"
"UserFaultCheck"=%systemroot%\system32\dumprep 0 -u
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\system32\drivers\psd.sys [7/24/2007 8:21 AM 38816]
R2 CF9Solr;ColdFusion 9 Solr Service;c:\coldfusion9\solr\solr.exe -zglaxservice CF9Solr --> c:\coldfusion9\solr\solr.exe -zglaxservice CF9Solr [?]
R2 NvtlService;NovaCore SDK Service;c:\program files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [1/11/2010 2:10 PM 82944]
R2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [8/19/2011 2:26 AM 450848]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [2/8/2011 9:10 PM 97280]
R3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [7/24/2007 8:21 AM 41216]
S0 SMR210;Symantec SMR Utility Service 2.1.0;c:\windows\system32\drivers\SMR210.SYS --> c:\windows\system32\drivers\SMR210.SYS [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]
S2 ColdFusion 9 .NET Service;ColdFusion 9 .NET Service;c:\coldfusion9\jnbridge\CFDotNetsvc.exe [5/10/2011 8:06 AM 77824]
S2 ColdFusion 9 Application Server;ColdFusion 9 Application Server;c:\coldfusion9\runtime\bin\jrunsvc.exe [5/10/2011 8:05 AM 58880]
S2 ColdFusion 9 ODBC Agent;ColdFusion 9 ODBC Agent;c:\coldfusion9\db\slserver54\bin\swagent.exe "ColdFusion 9 ODBC Agent" --> c:\coldfusion9\db\slserver54\bin\swagent.exe ColdFusion 9 ODBC Agent [?]
S2 ColdFusion 9 ODBC Server;ColdFusion 9 ODBC Server;c:\coldfusion9\db\slserver54\bin\swstrtr.exe "ColdFusion 9 ODBC Server" --> c:\coldfusion9\db\slserver54\bin\swstrtr.exe ColdFusion 9 ODBC Server [?]
S2 ColdFusion 9 Search Server;ColdFusion 9 Search Server;c:\coldfusion9\verity\k2\_nti40\bin\k2admin.exe [5/10/2011 8:04 AM 3677616]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2/14/2011 9:29 AM 136176]
S3 CompFilter;UVCCompositeFilter;c:\windows\system32\drivers\lvbusflt.sys [8/19/2011 2:26 AM 22176]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2/14/2011 9:29 AM 136176]
S3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\drivers\nwusbser2.sys [12/15/2010 2:38 PM 174720]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 8:37 PM 4640000]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2/28/2006 5:00 AM 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - BMLoad
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM REG_MULTI_SZ WINRM
Sqlses REG_MULTI_SZ SqlCSS
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-08 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 23:57]
.
2011-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cc53d7f5ef9036.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-14 16:29]
.
2011-12-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA1cc53d7f5fb7bf8.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-02-14 16:29]
.
2011-09-27 c:\windows\Tasks\photostageDowngrade.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2011-09-08 18:23]
.
2011-09-27 c:\windows\Tasks\photostageShakeIcon.job
- c:\program files\NCH Software\PhotoStage\photostage.exe [2011-09-08 18:23]
.
2011-09-08 c:\windows\Tasks\prismShakeIcon.job
- c:\program files\NCH Software\Prism\prism.exe [2011-09-08 18:23]
.
2011-12-13 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
- c:\program files\Spybot - Search & Destroy\SDUpdate.exe [2011-12-04 22:31]
.
2011-09-08 c:\windows\Tasks\videopadShakeIcon.job
- c:\program files\NCH Software\VideoPad\videopad.exe [2011-09-08 18:22]
.
2011-12-02 c:\windows\Tasks\wavepadShakeIcon.job
- c:\program files\NCH Software\WavePad\wavepad.exe [2011-09-08 18:22]
.
.
------- Supplementary Scan -------
.
mWindow Title =
uInternet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
uInternet Settings,ProxyOverride = *.local
IE: {{A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://c:\program files\Evernote\Evernote\EvernoteIE.dll/204
TCP: DhcpNameServer = 192.168.2.1 75.75.75.75
DPF: {707ABFC2-1D27-4A10-A6E4-6BE6BDF9FB11} - hxxp://dscmtn4/vc/UltraMJCamX.ocx
.
- - - - ORPHANS REMOVED - - - -
.
Notify-}{|·¦w71@ÚºÿÁ - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-12-14 14:01
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,03,df,2a,61,69,74,e4,4e,8f,e0,23,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,03,df,2a,61,69,74,e4,4e,8f,e0,23,\
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,39,a2,c5,da,08,ec,48,45,bd,bd,a4,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,39,a2,c5,da,08,ec,48,45,bd,bd,a4,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(592)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(3068)
c:\windows\system32\WININET.dll
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\en-us\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\en-us\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2011-12-14 14:03:31
ComboFix-quarantined-files.txt 2011-12-14 21:03
ComboFix2.txt 2011-12-14 19:10
.
Pre-Run: 18,746,347,520 bytes free
Post-Run: 18,720,206,848 bytes free
.
- - End Of File - - 1D4D7CB8F54BC1AF56C79EDD18B9617A
 
Ping

BTW after 10 mins the wifi disconnects and will not reconnect. You have to reboot to get it to hook up, but no data packets are transmitting.
 
Go here and way down at the bottom are instruction for manually restoring the connection, although this pretty much does what you already did manually.
Also look in device manager for your network adapter and make sure its not disabled.
 
ping

My network adaptor is enabled. I have checked all the connections both cable and wifi. Did u see that Ipconfig does not run and I have no IP address.
Thanks
 
Ping

I have gone through all those steps and this is what I see in the wifi connection. I have attached two screenshots that show the status of the wifi connection. As you can see there are no packets being transmitted and no IP address.
 
ping

I stried to use net stop tcpip to stop my tcpip service. The response is "Service is not running".

When I use net start tcpip i get an error code 2.
 
You can try this:
Open a cmd (run>start>cmd) prompt and type in: ping localhost
to see if you get a reply

Start>settings>double click the connection icon which will open the Local area Connection Properties Window
Click on TCP/IP and select properties
Make sure Obtain an IP address automatically is checked
and
Obtain DNS server address automatically is checked

go to start>run and type in services.msc
Windows service panel will open
check the status of these: under Status it should say "started"

DHCP Client
DNS Client
Network Connections
Network Location Awareness
Remote Procedure Call (RPC)
TCP/IP Netbios helper
 
Ping

See answers below

You can try this:
Open a cmd (run>start>cmd) prompt and type in: ping localhost
to see if you get a reply. - Unable to contact IP Driver Error 2

Start>settings>double click the connection icon which will open the Local area Connection Properties Window
Click on TCP/IP and select properties
Make sure Obtain an IP address automatically is checked
and
Obtain DNS server address automatically is checked - Both checked...

go to start>run and type in services.msc
Windows service panel will open
check the status of these: under Status it should say "started"

DHCP Client - Automatic - Not started - when tried to start - Error 1068
DNS Client - Automatic - Not started - when tried to start - Error 1068Network Connections - Manual - started
Network Location Awareness - Manual - not started
Remote Procedure Call (RPC) - Automatic - Started
TCP/IP Netbios helper - Automatic - Started
 
You must log in or register to reply here.
Back
Top