I have made a subject befor but not all my problems went away...
halo2_god
New York state
i have to run open windows task manager. click file. New Task (Run...). explorer
and a window opens evry startup named "RUNDLL" it seys
Error loading w81e9966.dll
The specified module could not be found.
ok
this is the only opition i have i ran vundo fix to try to get rid of the explorer problem but did not come up with any thing
and a window opens evry startup named "RUNDLL" it seys
Error loading w81e9966.dll
The specified module could not be found.
ok
this is the only opition i have i ran vundo fix to try to get rid of the explorer problem but did not come up with any thing
0
Comments
Patrick - 06-11-24 19:29:56.39 Service Pack 2
ComboFix 06.09.28 - Running from: "C:\Documents and Settings\Patrick\Desktop"
((((((((((((((((((((((((((((((( Files Created from 2006-10-24 to 2006-11-24 ))))))))))))))))))))))))))))))))))
2006-11-24 19:28 17,920 --a
C:\WINDOWS\system32\drivers\ts_lb.sys
2006-11-24 19:27 12,800 --a
C:\WINDOWS\system32\drivers\cv2k1.sys
2006-11-23 22:54 77,824 --a
C:\WINDOWS\system32\driverif.dll
2006-11-23 22:54 75,776 --a
C:\WINDOWS\zllsputility.exe
2006-11-23 22:54 733,236 --a
C:\WINDOWS\system32\vete.dll
2006-11-23 22:54 541,733 --a
C:\WINDOWS\system32\drivers\vetmonnt.sys
2006-11-23 22:54 21,605 --a
C:\WINDOWS\system32\drivers\vet-filt.sys
2006-11-23 22:54 15,668 --a
C:\WINDOWS\system32\drivers\vet-rec.sys
2006-11-23 22:54 12,288 --a
C:\WINDOWS\system32\vetntmsg.dll
2006-11-23 22:54 108,453 --a
C:\WINDOWS\system32\drivers\vetfddnt.sys
2006-11-16 15:11 171,008 --a
C:\WINDOWS\system32\LXAESUI.DLL
2006-11-16 14:24 48,640
C:\WINDOWS\system32\Lexunst1.exe
2006-11-16 14:20 299,520 --a
C:\WINDOWS\uninst.exe
2006-11-11 21:31 679,936 --a
C:\WINDOWS\system32\D3DX81ab.dll
2006-11-11 21:31 1,970,176 --a
C:\WINDOWS\system32\d3dx9.dll
2006-11-04 14:14 1,245,696 --a
C:\WINDOWS\system32\msxml4.dll
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-11-24 19:22
d
C:\Program Files\Cain
2006-11-24 18:45
d
C:\Program Files\WinPcap
2006-11-24 15:04
d
C:\Program Files\Warcraft III
2006-11-24 08:03
d
C:\Documents and Settings\Patrick\Application Data\MailFrontier
2006-11-23 22:54
d
C:\Program Files\Zone Labs
2006-11-23 22:51
d
C:\Program Files\AIOv2 ProgramFiles
2006-11-21 20:30
d
C:\Program Files\Cheat Engine
2006-11-21 17:12
d
C:\Program Files\RADVideo
2006-11-21 16:43
d
C:\Program Files\Internet Explorer
2006-11-21 16:43
d
C:\Program Files\Common Files\Microsoft Shared
2006-11-21 16:31
d
C:\Program Files\Java
2006-11-19 01:03
d
C:\Program Files\MSXML 4.0
2006-11-08 05:35
d
C:\Program Files\Novatel Wireless
2006-11-06 17:11
d
C:\Program Files\Symantec
2006-11-06 17:11
d
C:\Program Files\Common Files\Symantec Shared
2006-11-01 17:04
d
C:\Program Files\Common Files
2006-11-01 16:57
d
C:\Program Files\Norton AntiVirus
2006-10-21 14:53
d
C:\Program Files\BitTorrent
2006-10-21 13:17
d
C:\Documents and Settings\Patrick\Application Data\BitTorrent
2006-10-17 16:30
d--h
C:\Program Files\InstallShield Installation Information
2006-10-15 17:53
d
C:\Program Files\CCleaner
2006-10-15 11:51
d
C:\Program Files\Microsoft.NET
2006-10-15 11:50
d
C:\Program Files\WinRAR
2006-10-13 04:35 142336 --a
C:\WINDOWS\system32\nwprovau.dll
2006-10-12 12:28
d
C:\Program Files\VirtuallTek
2006-10-05 17:17
d
C:\Program Files\Yahoo!
2006-10-01 19:41
d
C:\Program Files\PSDream
2006-10-01 07:12
d
C:\Program Files\PartyPoker
2006-10-01 07:11 147456 --a
C:\InstallerC.exe
2006-10-01 07:11 1233 --a
C:\WINDOWS\system32\ewd2efe1.sys
2006-10-01 07:10 367616 --a
C:\919_133.exe
2006-10-01 07:10 339968 --a
C:\921_135.exe
2006-10-01 07:10 217276 --a
C:\WINDOWS\srveytjaxo.exe
2006-10-01 07:10 183478 --a
C:\WINDOWS\srvrjmfotn.exe
2006-09-29 21:16
d
C:\Program Files\World of Warcraft
2006-09-29 15:25
d
C:\Program Files\Google
2006-09-26 14:50
d
C:\Documents and Settings\Patrick\Application Data\Yahoo!
2006-09-26 14:08
d
C:\Program Files\WildTangent
2006-09-26 14:08
d
C:\Program Files\Common Files\Oem Common
2006-09-26 12:00
d
C:\Documents and Settings\Patrick\Application Data\Google
2006-09-24 19:29 138624 --a
C:\WINDOWS\system32\mod.dll
2006-09-24 19:29 124416 --a
C:\WINDOWS\system32\npmod32.dll
2006-09-24 06:54
d
C:\Program Files\Outlook Express
2006-09-24 06:54
d
C:\Program Files\Common Files\System
2006-09-15 13:16 53248 --a
C:\WINDOWS\uni_e6h.exe
2006-09-12 21:01 1084416 --a
C:\WINDOWS\system32\msxml3.dll
2006-08-25 07:45 617472 --a
C:\WINDOWS\system32\comctl32.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RecordNow!"=""
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"AIM"="C:\\Program Files\\AIM\\aim.exe -cnetwait.odl"
"AOLCC"="\"C:\\Program Files\\AOL Computer Check-Up\\ACCAgnt.exe\" /startup"
"Yahoo! Pager"="C:\\Program Files\\Yahoo!\\Messenger\\ypager.exe -quiet"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.0.720.3640\\GoogleToolbarNotifier.exe"
"PSDream"="\"C:\\Program Files\\PSDream\\PSDream.exe\""
"BitTorrent"="\"C:\\Program Files\\BitTorrent\\bittorrent.exe\" --force_start_minimized"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"HP Software Update"="\"C:\\Program Files\\HP\\HP Software Update\\HPWuSchd.exe\""
"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"DXDllRegExe"="dxdllreg.exe"
"HPHUPD05"="c:\\Program Files\\HP\\{45B6180B-DCAB-4093-8EE8-6164457517F0}\\hphupd05.exe"
"HPHmon05"="C:\\WINDOWS\\system32\\hphmon05.exe"
"Cpqset"="C:\\Program Files\\HPQ\\Default Settings\\cpqset.exe"
"Comedy-Planet"="C:\\Program Files\\Comedy-Planet\\comedy-planet.exe"
"sncuxpaw"="C:\\WINDOWS\\system32\\sncuxpaw.exe"
"Dell AIO Printer A940"="\"C:\\Program Files\\Dell AIO Printer A940\\dlbabmgr.exe\""
"fdelpmnt"="C:\\WINDOWS\\system32\\fdelpmnt.exe"
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1121838437\\ee\\AOLHostManager.exe"
"AOLDialer"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe"
"RealTray"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"Optimum Online net guide"="\"C:\\Program Files\\Optimum Online\\Netsurf.exe\" -trayicon"
"ewd2efe1"="RUNDLL32.EXE w81e9966.dll,n 0052efdc0000000381e9966"
"PrinTray"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\2\\printray.exe"
"Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,ed,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"AllowLegacyWebView"=dword:00000001
"AllowUnhashedWebView"=dword:00000001
"NoCDBurning"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\Low Battery Alarm Program.job
C:\WINDOWS\tasks\Symantec NetDetect.job
Completion time: 06-11-24 19:33:52.76
ComboFix.txt
ComboFix2.txt