maitai11

Hi Larry, Thanks for all the help! Everything seems to be working again... I have a couple questions: 1. Any follow-up? 2. How do I prevent this from happening again? Again, thank you very much for your time and talents. Maitai

Yes, I do

SystemLook 30.07.11 by jpshortstuff Log created at 11:58 on 20/06/2012 by mytai11 Administrator - Elevation successful ========== filefind ========== Searching for "wininet.dll" C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16443_none_1a54f6f7bc27cdeb\wininet.dll --a---- 1127424 bytes [08:32 12/04/2012] [01:11 28/02/2012] 44465367256D1C72B58F5ABAA19E7016 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll --a---- 977920 bytes [23:47 13/07/2009] [01:16 14/07/2009] 0D874F3BC751CC2198AF2E6783FB8B35 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16535_none_1cafa4407a000e6d\wininet.dll --a---- 977920 bytes [07:35 24/04/2010] [07:56 23/02/2010] 99A6F1253A886C4A9C1F8E1822B10A80 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16596_none_1c6fc5027a2fcf6a\wininet.dll --a---- 977920 bytes [19:11 08/06/2010] [05:18 21/05/2010] ABE73A2F762A74B6AD2C9BE636915595 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16625_none_1cba761279f7efa3\wininet.dll --a---- 978432 bytes [21:13 11/08/2010] [06:25 30/06/2010] 250267CE6217C1AB4517F22FB7EA13E8 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16671_none_1c80654e7a2415fc\wininet.dll --a---- 978432 bytes [23:21 14/10/2010] [04:30 08/09/2010] 3D6AA6DD4D0F3BB41B804747EB489831 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16700_none_1ccb165e79ec3635\wininet.dll --a---- 978944 bytes [20:35 15/12/2010] [05:52 04/11/2010] A7360A3B20B38F1D6A09402FB6E9E2C3 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16722_none_1cb7771a79faa0c5\wininet.dll --a---- 981504 bytes [04:11 16/02/2011] [05:32 18/12/2010] F019FCA21F609E34B79AE130681D08F7 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16723_none_1cb8776479f9ba1c\wininet.dll --a---- 981504 bytes [04:10 16/02/2011] [05:38 21/12/2010] 78B9ADA2BC8946AF7B17678E0D07A773 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16766_none_1c9038927a1775e5\wininet.dll --a---- 981504 bytes [23:28 13/04/2011] [05:32 24/02/2011] 214605C48AE416BC067C39D227CFCC57 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16800_none_1ccb184479ec335c\wininet.dll --a---- 981504 bytes [21:42 17/06/2011] [19:31 22/04/2011] 27CDAF355CCE3762C7F13719E814418B C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16839_none_1cb3ab1a79fc6b3e\wininet.dll --a---- 981504 bytes [20:21 10/08/2011] [05:36 21/06/2011] EE0D7471EBF9CE40CC4A203B1F90F028 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16869_none_1c933b567a14bf11\wininet.dll --a---- 981504 bytes [00:43 12/10/2011] [04:38 20/08/2011] 1DBC7303366C0C9B80E51C4B4BECB7ED C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20651_none_1d1fa00b933180bd\wininet.dll --a---- 980480 bytes [07:35 24/04/2010] [07:30 23/02/2010] 0962CB2A9E6B4363C74249A4A5CCDBBF C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20716_none_1d4fe313930c8cd3\wininet.dll --a---- 980480 bytes [19:11 08/06/2010] [05:09 21/05/2010] 5FF3118C688D43ED77DEADC6F4895EF9 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20745_none_1d2e73059325c74f\wininet.dll --a---- 980480 bytes [21:13 11/08/2010] [06:18 30/06/2010] 91A9CCAD9829A89C840899932B9EC2DF C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20795_none_1cf86369934e5304\wininet.dll --a---- 980480 bytes [23:21 14/10/2010] [04:34 08/09/2010] 84795F28EB2E942951138827B8704819 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20831_none_1d3543af93214329\wininet.dll --a---- 981504 bytes [20:35 15/12/2010] [05:53 04/11/2010] 749A4DDB8915066566E2BB38C2618048 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20861_none_1d14d3eb933996fc\wininet.dll --a---- 981504 bytes [04:11 16/02/2011] [05:31 18/12/2010] 025031C16D3A486F6AFE1C9B2FB1ADE0 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20862_none_1d15d4359338b053\wininet.dll --a---- 981504 bytes [04:10 16/02/2011] [05:29 21/12/2010] 1B3DD46BC6396143A205EAAF05F38039 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20908_none_1d5cb75f93029dde\wininet.dll --a---- 982016 bytes [23:28 13/04/2011] [05:46 24/02/2011] DA2950BAD7306006EBA77DD93CC42690 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20949_none_1d3277f9932226f9\wininet.dll --a---- 982016 bytes [21:42 17/06/2011] [19:13 22/04/2011] E391DB6E8CA3638B9772A990E6D280FF C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20992_none_1cf566579351014d\wininet.dll --a---- 982016 bytes [20:21 10/08/2011] [05:26 21/06/2011] 6DC5A5F57FACFF20149F04440BB4523C C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21033_none_1d371e4b931fa640\wininet.dll --a---- 982016 bytes [00:43 12/10/2011] [04:35 20/08/2011] 79FFA6C81F9F5B2244C5668D08387EA6 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll --a---- 980992 bytes [01:53 23/02/2011] [12:21 20/11/2010] 44214C94911C7CFB1D52CB64D5E8368D C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17573_none_1e68c4ce7748b1bd\wininet.dll --a---- 981504 bytes [23:28 13/04/2011] [05:33 07/03/2011] A5B19B240901CAB0C8E7767D2873613E C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17601_none_1eb275947711b89f\wininet.dll --a---- 981504 bytes [21:42 17/06/2011] [19:10 22/04/2011] 2CA020EACDC6DDB2BEA89FEA02C90945 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17638_none_1e9907d67723bdd3\wininet.dll --a---- 981504 bytes [20:21 10/08/2011] [05:28 21/06/2011] 748FD4CAB1AFFD90A9556EB7D5AA1FEB C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17671_none_1e66c620774a7c36\wininet.dll --a---- 981504 bytes [00:43 12/10/2011] [04:31 20/08/2011] DBF24E87CB605A4F6E7424DD86F7A62C C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21676_none_1ef5627790639d8c\wininet.dll --a---- 981504 bytes [23:28 13/04/2011] [05:22 07/03/2011] EDEB2904636B657782F824D8FF97D0B8 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21710_none_1f30422990385b03\wininet.dll --a---- 981504 bytes [21:42 17/06/2011] [19:51 22/04/2011] 7A11DB452989040AD8570A3DCE2E9DE2 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21754_none_1f0903a190553023\wininet.dll --a---- 981504 bytes [20:21 10/08/2011] [06:49 21/06/2011] D1E7C4FA045B34C32D12BFBB415EBE1B C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21795_none_1edec43b9074b93e\wininet.dll --a---- 981504 bytes [00:43 12/10/2011] [05:53 20/08/2011] 7570FA3FC82E08FB637E32D2D95DB41D C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16437_none_1a63c80bbc1c1756\wininet.dll --a---- 1126912 bytes [01:20 12/10/2011] [01:20 12/10/2011] D3788D91530CFA005BD516189A4C676E C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16440_none_1a51f619bc2a81e6\wininet.dll --a---- 1127424 bytes [03:30 19/12/2011] [22:39 03/11/2011] 02F98B5C0E397AD06124D84428CF8F1A C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_1a52f663bc299b3d\wininet.dll --a---- 1127424 bytes [07:17 15/02/2012] [02:57 14/12/2011] 1D94FA7C81D2FFE494AF094619BA706F C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16443_none_1a54f6f7bc27cdeb\wininet.dll --a---- 1127424 bytes [08:32 12/04/2012] [01:11 28/02/2012] 44465367256D1C72B58F5ABAA19E7016 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20544_none_1adf940cd544870c\wininet.dll --a---- 1127424 bytes [03:30 19/12/2011] [23:07 03/11/2011] 32569DF2F9BEF05DD7D56E30590EDFD9 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20546_none_1ae194a0d542b9ba\wininet.dll --a---- 1127424 bytes [07:17 15/02/2012] [02:28 14/12/2011] 022A78194E2C7106F5AF9F2BC6AC8774 C:\Windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20548_none_1ae39534d540ec68\wininet.dll --a---- 1127424 bytes [08:32 12/04/2012] [00:58 28/02/2012] 11A34DCA08EB2A586246F2D6C2A81D58 -= EOF =-

OK, will use System Look

And, sorry, last post on this one...my laptop is still acting the same way without wininet.dll. Thanks

OK, Combofix ran even though AVG didn't want to coorperate...here's the log: ComboFix 12-06-20.02 - mytai11 06/20/2012 11:27:29.1.2 - x86 Microsoft Windows 7 Enterprise 6.1.7601.1.1252.1.1033.18.3070.2169 [GMT -10:00] Running from: H:\ComboFix.iexplore.exe AV: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} FW: ZoneAlarm Free Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B} SP: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\SPL6851.tmp c:\programdata\SPL9C12.tmp c:\users\mytai11\AppData\Roaming\Microsoft\Windows\Recent\8. ELOAN Savings & CDs.url c:\users\mytai11\g2mdlhlpx.exe . . ((((((((((((((((((((((((( Files Created from 2012-05-20 to 2012-06-20 ))))))))))))))))))))))))))))))) . . 2012-06-20 21:35 . 2012-06-20 21:36 -------- d-----w- c:\users\mytai11\AppData\Local\temp 2012-06-20 21:35 . 2012-06-20 21:35 -------- d-----w- c:\users\Default\AppData\Local\temp . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-18 21:36 . 2012-04-15 03:47 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-18 21:36 . 2011-06-26 22:13 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-19 14:50 . 2012-04-19 14:50 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys 2012-03-31 04:39 . 2012-05-10 23:55 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-03-31 04:39 . 2012-05-10 23:55 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-31 02:36 . 2012-05-10 23:55 2343424 ----a-w- c:\windows\system32\win32k.sys 2012-03-30 10:23 . 2012-05-10 23:56 1291632 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-17 23:56 . 2011-08-08 20:21 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2012-02-28 . 44465367256D1C72B58F5ABAA19E7016 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16443_none_1a54f6f7bc27cdeb\wininet.dll [7] 2012-02-28 . 11A34DCA08EB2A586246F2D6C2A81D58 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20548_none_1ae39534d540ec68\wininet.dll [7] 2011-12-14 . 1D94FA7C81D2FFE494AF094619BA706F . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_1a52f663bc299b3d\wininet.dll [7] 2011-12-14 . 022A78194E2C7106F5AF9F2BC6AC8774 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20546_none_1ae194a0d542b9ba\wininet.dll [7] 2011-11-03 . 32569DF2F9BEF05DD7D56E30590EDFD9 . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20544_none_1adf940cd544870c\wininet.dll [7] 2011-11-03 . 02F98B5C0E397AD06124D84428CF8F1A . 1127424 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16440_none_1a51f619bc2a81e6\wininet.dll [7] 2011-10-12 . D3788D91530CFA005BD516189A4C676E . 1126912 . . [9.00.8112.16421] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16437_none_1a63c80bbc1c1756\wininet.dll [7] 2011-08-20 . 7570FA3FC82E08FB637E32D2D95DB41D . 981504 . . [8.00.7601.21795] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21795_none_1edec43b9074b93e\wininet.dll [7] 2011-08-20 . 1DBC7303366C0C9B80E51C4B4BECB7ED . 981504 . . [8.00.7600.16869] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16869_none_1c933b567a14bf11\wininet.dll [7] 2011-08-20 . 79FFA6C81F9F5B2244C5668D08387EA6 . 982016 . . [8.00.7600.21033] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.21033_none_1d371e4b931fa640\wininet.dll [7] 2011-08-20 . DBF24E87CB605A4F6E7424DD86F7A62C . 981504 . . [8.00.7601.17671] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17671_none_1e66c620774a7c36\wininet.dll [7] 2011-06-21 . D1E7C4FA045B34C32D12BFBB415EBE1B . 981504 . . [8.00.7601.21754] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21754_none_1f0903a190553023\wininet.dll [7] 2011-06-21 . EE0D7471EBF9CE40CC4A203B1F90F028 . 981504 . . [8.00.7600.16839] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16839_none_1cb3ab1a79fc6b3e\wininet.dll [7] 2011-06-21 . 748FD4CAB1AFFD90A9556EB7D5AA1FEB . 981504 . . [8.00.7601.17638] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17638_none_1e9907d67723bdd3\wininet.dll [7] 2011-06-21 . 6DC5A5F57FACFF20149F04440BB4523C . 982016 . . [8.00.7600.20992] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20992_none_1cf566579351014d\wininet.dll [7] 2011-04-22 . 7A11DB452989040AD8570A3DCE2E9DE2 . 981504 . . [8.00.7601.21710] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21710_none_1f30422990385b03\wininet.dll [7] 2011-04-22 . 27CDAF355CCE3762C7F13719E814418B . 981504 . . [8.00.7600.16800] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16800_none_1ccb184479ec335c\wininet.dll [7] 2011-04-22 . E391DB6E8CA3638B9772A990E6D280FF . 982016 . . [8.00.7600.20949] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20949_none_1d3277f9932226f9\wininet.dll [7] 2011-04-22 . 2CA020EACDC6DDB2BEA89FEA02C90945 . 981504 . . [8.00.7601.17601] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17601_none_1eb275947711b89f\wininet.dll [7] 2011-03-07 . A5B19B240901CAB0C8E7767D2873613E . 981504 . . [8.00.7601.17573] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17573_none_1e68c4ce7748b1bd\wininet.dll [7] 2011-03-07 . EDEB2904636B657782F824D8FF97D0B8 . 981504 . . [8.00.7601.21676] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21676_none_1ef5627790639d8c\wininet.dll [7] 2011-02-24 . DA2950BAD7306006EBA77DD93CC42690 . 982016 . . [8.00.7600.20908] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20908_none_1d5cb75f93029dde\wininet.dll [7] 2011-02-24 . 214605C48AE416BC067C39D227CFCC57 . 981504 . . [8.00.7600.16766] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16766_none_1c9038927a1775e5\wininet.dll [7] 2010-12-21 . 78B9ADA2BC8946AF7B17678E0D07A773 . 981504 . . [8.00.7600.16723] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16723_none_1cb8776479f9ba1c\wininet.dll [7] 2010-12-21 . 1B3DD46BC6396143A205EAAF05F38039 . 981504 . . [8.00.7600.20862] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20862_none_1d15d4359338b053\wininet.dll [7] 2010-12-18 . F019FCA21F609E34B79AE130681D08F7 . 981504 . . [8.00.7600.16722] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16722_none_1cb7771a79faa0c5\wininet.dll [7] 2010-12-18 . 025031C16D3A486F6AFE1C9B2FB1ADE0 . 981504 . . [8.00.7600.20861] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20861_none_1d14d3eb933996fc\wininet.dll [7] 2010-11-20 . 44214C94911C7CFB1D52CB64D5E8368D . 980992 . . [8.00.7601.17514] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll [7] 2010-11-04 . 749A4DDB8915066566E2BB38C2618048 . 981504 . . [8.00.7600.20831] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20831_none_1d3543af93214329\wininet.dll [7] 2010-11-04 . A7360A3B20B38F1D6A09402FB6E9E2C3 . 978944 . . [8.00.7600.16700] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16700_none_1ccb165e79ec3635\wininet.dll [7] 2010-09-08 . 84795F28EB2E942951138827B8704819 . 980480 . . [8.00.7600.20795] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20795_none_1cf86369934e5304\wininet.dll [7] 2010-09-08 . 3D6AA6DD4D0F3BB41B804747EB489831 . 978432 . . [8.00.7600.16671] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16671_none_1c80654e7a2415fc\wininet.dll [7] 2010-06-30 . 250267CE6217C1AB4517F22FB7EA13E8 . 978432 . . [8.00.7600.16625] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16625_none_1cba761279f7efa3\wininet.dll [7] 2010-06-30 . 91A9CCAD9829A89C840899932B9EC2DF . 980480 . . [8.00.7600.20745] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20745_none_1d2e73059325c74f\wininet.dll [7] 2010-05-21 . ABE73A2F762A74B6AD2C9BE636915595 . 977920 . . [8.00.7600.16596] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16596_none_1c6fc5027a2fcf6a\wininet.dll [7] 2010-05-21 . 5FF3118C688D43ED77DEADC6F4895EF9 . 980480 . . [8.00.7600.20716] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20716_none_1d4fe313930c8cd3\wininet.dll [7] 2010-02-23 . 99A6F1253A886C4A9C1F8E1822B10A80 . 977920 . . [8.00.7600.16535] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16535_none_1cafa4407a000e6d\wininet.dll [7] 2010-02-23 . 0962CB2A9E6B4363C74249A4A5CCDBBF . 980480 . . [8.00.7600.20651] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.20651_none_1d1fa00b933180bd\wininet.dll [7] 2009-07-14 . 0D874F3BC751CC2198AF2E6783FB8B35 . 977920 . . [8.00.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7600.16385_none_1c7990d87a289fd4\wininet.dll . c:\windows\System32\wininet.dll ... is missing !! . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2012-02-23 6591800] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016] "igndlm.exe"="c:\program files\Download Manager\DLM.exe" [2009-10-27 1103216] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2012-03-27 40376] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176] "SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-10-27 1458176] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "Mobile Connectivity Suite"="c:\program files\HTC\HTC Sync\Application Launcher\Application Launcher.exe" [2009-11-20 598016] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-08-09 81920] "LXCCCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2007-02-22 73728] "lxccmon.exe"="c:\program files\Lexmark 3300 Series\lxccmon.exe" [2007-05-11 205744] "EzPrint"="c:\program files\Lexmark 3300 Series\ezprint.exe" [2007-05-11 103344] "masqform.exe"="c:\program files\PureEdge\Viewer 6.5\masqform.exe" [2005-07-04 643072] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-19 254696] "ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2012-03-16 738944] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . [HKLM\~\startupfolder\C:^Users^mytai11^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk] path=c:\users\mytai11\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk backup=c:\windows\pss\LimeWire On Startup.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] 2012-03-26 19:00 640440 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY] 2012-04-05 15:12 2587008 ----a-w- c:\program files\AVG\AVG2012\avgtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] 2010-11-25 19:35 2424560 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZoneAlarm] 2012-03-20 05:32 73360 ----a-w- c:\program files\CheckPoint\ZoneAlarm\zatray.exe . R1 SABKUTIL;SABKUTIL;c:\program files\SUPERAntiSpyware\SABKUTIL.sys [x] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [2012-04-30 5106744] R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2012-05-26 2152720] R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-10-26 25088] R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-11-03 15232] R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 20992] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-04-24 1343400] R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920] S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896] S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2011-11-03 64512] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2012-02-22 235216] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2012-03-19 301248] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-06-22 85560] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264] S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-03-16 27016] S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-03-16 497280] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144] S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232] S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-06-23 275048] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] getPlusHelper REG_MULTI_SZ getPlusHelper nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper . Contents of the 'Scheduled Tasks' folder . 2012-06-11 c:\windows\Tasks\HPCeeScheduleFormytai11.job - c:\program files\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 14:22] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 Trusted Zone: bankofamerica.com\www Trusted Zone: redcross.org TCP: DhcpNameServer = 72.235.80.12 72.235.80.4 TCP: Interfaces\{70B2BF1C-24A0-449D-B161-7CEB45C00572}: DhcpNameServer = 72.235.80.12 72.235.80.4 TCP: Interfaces\{70B2BF1C-24A0-449D-B161-7CEB45C00572}\0514251424F4C414: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{70B2BF1C-24A0-449D-B161-7CEB45C00572}\34C455246454441343: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{70B2BF1C-24A0-449D-B161-7CEB45C00572}\3547164796F6E663: DhcpNameServer = 66.75.160.15 205.172.19.193 TCP: Interfaces\{70B2BF1C-24A0-449D-B161-7CEB45C00572}\4575344374D4F62696C656D2332303: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{70B2BF1C-24A0-449D-B161-7CEB45C00572}\4656661657C647: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{70B2BF1C-24A0-449D-B161-7CEB45C00572}\D416964716961313: DhcpNameServer = 72.235.80.12 72.235.80.4 TCP: Interfaces\{70B2BF1C-24A0-449D-B161-7CEB45C00572}\E4F6274786023586F62756: DhcpNameServer = 66.75.160.15 205.172.19.193 TCP: Interfaces\{73EE6E54-AAF2-4DBD-9228-2E8582452741}: DhcpNameServer = 10.32.123.43 10.32.123.41 DPF: {3DC87637-DE84-4C2C-A75F-7F5398F15670} - hxxps://crossnet.redcross.org/register/CAS/SiebelAx_HI_Client.cab FF - ProfilePath - c:\users\mytai11\AppData\Roaming\Mozilla\Firefox\Profiles\03hnappx.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . AddRemove-{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226} - c:\program files\InstallShield Installation Information\{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}\setup.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1916026529-1789507581-626839881-1001\Software\SecuROM\License information*] "datasecu"=hex:70,06,4f,2e,c6,22,5b,02,0e,65,a3,56,cb,7c,f1,ab,9c,f4,54,0c,9c, 45,2a,43,54,b0,cf,d4,ba,57,b6,79,44,dc,ac,14,aa,76,8a,ce,dc,ec,f9,73,f9,1e,\ "rkeysecu"=hex:52,47,6d,5f,0b,6e,3e,55,2c,41,6a,23,0c,03,36,cb . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-06-20 11:38:51 ComboFix-quarantined-files.txt 2012-06-20 21:38 ComboFix2.txt 2009-05-27 22:14 . Pre-Run: 103,077,249,024 bytes free Post-Run: 103,076,204,544 bytes free . - - End Of File - - CA6DFE4E44230A78B24E91AAAE6C874E

Unable to run Combofix due to AVG running in the background: - Cannot shut down in Task Manger - Cannot deactivate in CCleaner - Cannot shutdown in Safe Mode - Unable to uninstall due to wininet.dll missing Thank you for your time... What would be my next step, please? Kind regards, Maitai

Thank you for your response. I get a message back stating that system restore could not complete, and that I should shut off any antivirus software programs - but, here's the thing - my avg is not running in the background, and I can't even uninstall it. Restore ultimately failed numerous times. What would be the next step, please?

Merged post Hello everyone, Thank you in advance for the great help I know you'll give me. I've used forums such as this on a couple different occasions, and, well, I'm just very thankful for all the folks who help us "less informed" folks. I have a laptop (not the one I'm using now to do this - using my desktop to post) It's an HP Pavillion Entertainment PC. I'm using Windows 7 OS. Recently, I started receiving "Wininet.dll missing" message. I cannot do anything that requires internet connectivity. I think I've been hijacked. I have Hijackthis loaded on the laptop, and ready to do this. Would any of you helpful folks be able to help me on this? Best regards, Maitai I'm sorry, but is there anyone who might be able to point me in the right direction? Trying to be patient, and I know the folks who help do so on a volunteer basis...I'm a Red Cross volunteer myself, often getting up after midnight to attend to the needs of fire victims...so I know how it is to volunteer and not have a lot of free time. Would anyone be available to help with my problem, please? Kind regards, Maitai