Our November Competition
 User Reviews - Add Yours!
The PCHF Lounge
Go Back   PC Help Forum » Security & Safety » [Fixed] Hijackthis! Logs
Reload this Page Broken links time and again
Register for a Free Account

[Fixed] Hijackthis! Logs - Broken links time and again posted in the Security & Safety forums; DDS (Ver_09-10-26.01) - NTFSx86 MINIMAL Run by ****** at 20:29:04.50 on Fri 06/11/2009 Internet Explorer: 7.0.6000.16916 BrowserJavaVersion: 1.6.0_05 Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.65.1033.18.3062.2667 [GMT 8:00] AV: Norton Internet Security ...


Reply
Recommended Driver Scanner
Page 3 of 3 12 3
Old 2 Weeks Ago   #15
Bronze Member
 
Join Date: Nov 2009
Posts: 14
PC Experience: Some Experience
Default Re: Broken links time and again
DDS (Ver_09-10-26.01) - NTFSx86 MINIMAL
Run by ****** at 20:29:04.50 on Fri 06/11/2009
Internet Explorer: 7.0.6000.16916 BrowserJavaVersion: 1.6.0_05
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.65.1033.18.3062.2667 [GMT 8:00]
AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Norton Internet Security *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Users\******\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.lenovo.com
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - c:\program files\winamp toolbar\winamptb.dll
BHO: D: {344410c8-d36e-30bc-9c9e-cb115cfef2f8} - c:\windows\system32\xwr69330.dll
BHO: IEMenuObject Class: {35948964-1ba1-4636-a99d-aaf62ab97268} - c:\program files\lenovo\anycomm\ACIEContextMenu.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\norton internet security\engine\16.7.2.11\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\norton internet security\engine\16.7.2.11\IPSBHO.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.3.4501.1418\s wg.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - d:\program files\free download manager\iefdm2.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\norton internet security\engine\16.7.2.11\coIEPlg.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNo tifier.exe
uRun: [Orb] "c:\program files\winamp remote\bin\OrbTray.exe" /background
uRun: [CTSyncU.exe] "c:\program files\creative\sync manager unicode\CTSyncU.exe"
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"
uRun: [fsm]
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Free Download Manager] d:\program files\free download manager\fdm.exe -autorun
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [DAEMON Tools Lite] "d:\program files\daemon tools lite\daemon.exe" -autorun
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Unattend0000000001{CE1C30CE-8390-4E54-A1C0-A091EBC35790}] c:\windows\test.bat
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [snp2uvc] c:\windows\vsnp2uvc.exe
mRun: [SMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe
mRun: [EzButton] c:\progra~1\ezbutton\EzButton.EXE
mRun: [EnergyUtility] c:\program files\lenovo\energycut\utilty.exe
mRun: [EnergyCut] c:\program files\lenovo\energycut\EnergyCut.exe
mRun: [Apoint] c:\program files\apoint2k\Apoint.exe
mRun: [LenovoTheme] c:\program files\lenovo\lenovothemefactory\LenovoThemeVista.e xe
mRun: [<NO NAME>]
mRun: [VeriFacePassManager] c:\program files\lenovo\veriface\PManage.exe
mRun: [PCMService] "c:\program files\lenovo\shuttlecenter\PCMService.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0_05\bin\jusched.exe"
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [ALUAlert] "c:\program files\symantec\liveupdate\ALuNotify.exe" "/LOWDISKSPACE C"
mRun: [Microsoft WinUpdate] c:\windows\system32\msupdte.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\users\******~1\appdata\roaming\micros~1\windows \startm~1\programs\startup\magicd~1.lnk - d:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\sta rtup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\sta rtup\blueto~1.lnk - c:\program files\lenovo\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\sta rtup\ea_res~1.lnk - c:\users\******\appdata\local\temp\AutoRun.exe
IE: &Winamp Search - c:\programdata\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Download all with Free Download Manager - file://d:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - file://d:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - file://d:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - file://d:\program files\free download manager\dllink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\lenovo\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\lenovo\bluetooth software\btsendto_ie.htm
IE: {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - c:\program files\lenovo\veriface\OpenWnd.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\lenovo\bluetooth software\btsendto_ie.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_05\bin\ssv.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
Handler: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - c:\program files\norton internet security\norton internet security\engine\16.7.2.11\CoIEPlg.dll
Notify: igfxcui - igfxdev.dll
============= SERVICES / DRIVERS ===============
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1007020 .00b\SymEFA.sys [2009-9-9 310320]
R0 Wdkbdmou;Lenovo RMCT KbdMou Service;c:\windows\system32\drivers\Wdkbdmou.sys [2007-2-6 5120]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\drivers\AcpiVpc.sys [2008-3-2 11776]
S1 BHDrvx86;Symantec Heuristics Driver;c:\windows\system32\drivers\nis\1007020.00b \BHDrvx86.sys [2009-9-9 259632]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1007020.0 0b\cchpx86.sys [2009-9-9 482432]
S1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\norton\definitions\ipsdefs\20091102. 002\IDSvix86.sys [2009-10-29 343088]
S2 AnyComm.DirectRouter;AnyComm.DirectRouter;c:\windo ws\system32\igrssvcs.exe -k igrssvcs --> c:\windows\system32\IgrsSvcs.exe -k IgrsSvcs [?]
S2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service;c:\program files\microsoft small business\business contact manager\BcmSqlStartupSvc.exe [2008-1-11 30312]
S2 IGRS;IGRS;c:\program files\lenovo\anycomm\common\IGRS.exe [2007-4-13 31744]
S2 Norton Internet Security;Norton Internet Security;c:\program files\norton internet security\norton internet security\engine\16.7.2.11\ccSvcHst.exe [2009-9-9 117640]
S2 SheSvc;AnyComm Software Update;c:\windows\system32\igrssvcs.exe -k igrssvcs --> c:\windows\system32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-2-9 179712]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2009-8-26 102448]
S3 IncSvc;AnyComm Network Monitor and Configuration;c:\windows\system32\igrssvcs.exe -k igrssvcs --> c:\windows\system32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\system32\drivers\Mkd2 kfNT.sys [2009-6-18 131072]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2 Nadr.sys [2009-6-18 79104]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ);c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe [2009-5-27 29262680]
S3 PS_MDP;AnyComm Presentation Space Helper Service;c:\windows\system32\igrssvcs.exe -k igrssvcs --> c:\windows\system32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 SHE.WEB;AnyComm Software Update Mini Web Server;c:\windows\system32\igrssvcs.exe -k igrssvcs --> c:\windows\system32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 SYMNDISV;Symantec Network Filter Driver;c:\windows\system32\drivers\nis\1007020.00b \symndisv.sys [2009-9-9 48688]
S3 wdmirror;wdmirror;c:\windows\system32\drivers\WDMi rror.sys [2007-2-3 5120]
=============== Created Last 30 ================
2009-11-05 00:49:18 1383424 ----a-w- c:\windows\system32\mshtml.tlb
2009-10-31 14:31:49 0 d-----w- c:\programdata\DAEMON Tools Lite
2009-10-31 14:31:46 0 d-----w- c:\program files\DAEMON Tools Toolbar
2009-10-31 14:15:16 0 d-----w- c:\users\******~1\appdata\roaming\DAEMON Tools Lite
2009-10-28 00:26:26 311296 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-28 00:26:23 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-10-28 00:26:23 4096 ----a-w- c:\windows\system32\msdxm.ocx
2009-10-28 00:26:23 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-10-28 00:26:21 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-27 05:24:46 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-16 19:04:09 0 d-----w- c:\windows\SQL9_KB970892_ENU
2009-10-16 09:46:12 56320 ----a-w- c:\windows\system32\iesetup.dll
2009-10-16 09:46:00 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-10-14 05:01:37 216576 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-14 04:59:18 3467864 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-14 04:59:17 3502152 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-14 04:57:57 428032 ----a-w- c:\windows\system32\EncDec.dll
2009-10-14 04:57:56 292352 ----a-w- c:\windows\system32\psisdecd.dll
2009-10-14 04:57:56 217088 ----a-w- c:\windows\system32\psisrndr.ax
2009-10-14 04:57:46 80896 ----a-w- c:\windows\system32\MSNP.ax
2009-10-14 04:57:46 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2009-10-14 04:57:46 1244672 ----a-w- c:\windows\system32\mcmde.dll
2009-10-14 04:57:44 68608 ----a-w- c:\windows\system32\Mpeg2Data.ax
2009-10-14 04:57:44 177152 ----a-w- c:\windows\system32\mpg2splt.ax
2009-10-14 04:57:26 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-14 04:57:15 130048 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-14 04:57:06 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
==================== Find3M ====================
2009-10-31 14:32:45 51200 ----a-w- c:\windows\inf\infpub.dat
2009-10-31 14:32:41 86016 ----a-w- c:\windows\inf\infstrng.dat
2009-10-31 14:15:47 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-05 11:54:40 86016 ----a-w- c:\windows\inf\infstor.dat
2009-08-29 03:41:42 1686528 ----a-w- c:\windows\system32\gameux.dll
2009-08-29 03:40:31 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-28 23:31:54 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-27 14:02:34 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 13:57:36 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-27 13:56:05 72704 ----a-w- c:\windows\system32\admparse.dll
2009-08-27 09:51:45 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-08-17 15:33:52 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-14 16:42:08 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2009-08-14 16:40:56 103936 ----a-w- c:\windows\system32\netiohlp.dll
2009-08-14 16:40:52 15360 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 14:25:18 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 14:25:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 14:25:15 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 14:25:14 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 14:25:10 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 14:25:10 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 14:25:10 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 14:23:53 22016 ----a-w- c:\windows\system32\netiougc.exe
2008-12-14 07:02:53 174 --sha-w- c:\program files\desktop.ini
2008-09-21 06:37:19 0 ----a-w- c:\program files\codecpack.v.1.0.2021.exe
2008-09-21 06:36:38 0 ----a-w- c:\program files\codecpack.v.1.0.202.exe
2008-06-12 01:10:38 665600 ----a-w- c:\windows\inf\drvindex.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2008-03-02 11:23:28 8192 --sha-w- c:\windows\users\default\NTUSER.DAT
============= FINISH: 20:31:19.21 ===============


Results of screen317's Security Check version 0.99.0
Windows Vista (UAC is enabled)
Out of date service pack!!
``````````````````````````````
Antivirus/Firewall Check:
Windows Security Center service is not running! This report may not be accurate!
Norton Internet Security
Antivirus up to date!
``````````````````````````````
Anti-malware/Other Utilities Check:
Java(TM) 6 Update 5
Out of date Java installed!
Adobe Flash Player 10
Adobe Reader 9
``````````````````````````````
Process Check:
objlist.exe by Laurent
``````````````````````````````
DNS Vulnerability Check:
Unknown. This method cannot test your vulnerability to DNS cache poisoning.
`````````End of Log```````````



Comments: The rest except for the RootRepeal step ran really smooth. Very user friendly for the average PC user. The protect user information guide with the Ctrl+A Ctrl+H thing was very helpful. But I think my previous Norton logs already have my personal information but I don't they're just names so I don't think it really matters.

Attached: Attach.txt
Attached Files
File Type: txt Attach.txt (9.7 KB, 0 views)
Last edited by alqx; 2 Weeks Ago at 12:55 PM.
alqx is offline   Reply With Quote
Advertisement - Register to Remove

Old 2 Weeks Ago   #16
Senior Security Analyst
 
Pancake's Avatar
 
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 6,862
PC Experience: Elite PC Guru
Default Re: Broken links time and again
You will need to download ComboFix.exe. Download Combofix from any of the links below. You must rename it before saving it. Name it ComFx, and Save it to your desktop.


http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe


* IMPORTANT !!! Save ComboFix.exe to your Desktop
It is important that it is saved and renamed following this process directly to your desktop**


Disable your AntiVirus and AntiSpyware applications, usually via a right-click on the System Tray icon. They may otherwise interfere with our tools. More help on your specific AV here: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Double click on ComFx.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.




Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes to continue scanning for malware.
When finished, it shall produce a log for you. Please include the ComboFix.txt in your reply.

Caution.....
Never use this program to remove files.Only use it with help from an experienced user.Wrongful use can damage your computer.
__________________
  • An Australian Member of
  • and
My real name is Eddy
Pancake is offline   Reply With Quote
Old 2 Weeks Ago   #17
Bronze Member
 
Join Date: Nov 2009
Posts: 14
PC Experience: Some Experience
Default Re: Broken links time and again
Attached: ComboFix.txt (Originally named log.txt but renamed to ComboFix.txt)

ComboFix 09-11-05.05 - ****** 07/11/2009 9:14.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.65.1033.18.3062.1894 [GMT 8:00]
Running from: c:\users\******\Desktop\ComFx.exe
AV: Norton Internet Security *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Norton Internet Security *disabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\$recycle.bin\S-1-5-21-4106996838-825450678-1481988376-1000
c:\$recycle.bin\S-1-5-21-4106996838-825450678-1481988376-500
c:\$recycle.bin\S-1-5-21-690173381-2085086516-3594547541-1004
c:\$recycle.bin\S-1-5-21-690173381-2085086516-3594547541-1005
c:\$recycle.bin\S-1-5-21-690173381-2085086516-3594547541-1007
c:\$recycle.bin\S-1-5-21-690173381-2085086516-3594547541-500
.
((((((((((((((((((((((((( Files Created from 2009-10-07 to 2009-11-07 )))))))))))))))))))))))))))))))
.
2009-11-07 01:23 . 2009-11-07 01:23 -------- d-----w- c:\users\******\AppData\Local\temp
2009-11-07 01:23 . 2009-11-07 01:23 -------- d-----w- c:\users\Wai Mey\AppData\Local\temp
2009-11-07 01:23 . 2009-11-07 01:23 -------- d-----w- c:\users\Wai Mey.******-PC\AppData\Local\temp
2009-11-07 01:23 . 2009-11-07 01:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-11-07 00:14 . 2009-10-16 03:30 84912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009110 6.003\NAVENG.SYS
2009-11-07 00:14 . 2009-10-16 03:30 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009110 6.003\NAVENG32.DLL
2009-11-07 00:14 . 2009-10-16 03:30 1647984 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009110 6.003\NAVEX32A.DLL
2009-11-07 00:14 . 2009-10-16 03:30 1323568 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009110 6.003\NAVEX15.SYS
2009-11-07 00:14 . 2009-10-16 03:30 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009110 6.003\EECTRL.SYS
2009-11-07 00:14 . 2009-10-16 03:30 2747952 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009110 6.003\CCERASER.DLL
2009-11-07 00:14 . 2009-10-16 03:30 259440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009110 6.003\ECMSVR32.DLL
2009-11-07 00:14 . 2009-10-16 03:30 102448 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\2009110 6.003\ERASER.SYS
2009-11-07 00:14 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105. 001\IDSvix86.sys
2009-11-07 00:14 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105. 001\IDSXpx86.sys
2009-11-07 00:14 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105. 001\Scxpx86.dll
2009-11-07 00:14 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105. 001\IDSxpx86.dll
2009-11-07 00:14 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105. 001\IDSviA64.sys
2009-10-31 14:31 . 2009-10-31 14:31 -------- d-----w- c:\programdata\DAEMON Tools Lite
2009-10-31 14:31 . 2009-10-31 14:31 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2009-10-31 14:15 . 2009-10-31 14:33 -------- d-----w- c:\users\******\AppData\Roaming\DAEMON Tools Lite
2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\ID Svix86.sys
2009-10-28 22:37 . 2009-10-28 22:37 343088 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091102. 002\IDSvix86.sys
2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\ID SXpx86.sys
2009-10-28 22:37 . 2009-10-28 22:37 329592 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091102. 002\IDSXpx86.sys
2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\Sc xpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 811896 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091102. 002\Scxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\ID Sxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 488312 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091102. 002\IDSxpx86.dll
2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\BinHub\ID SviA64.sys
2009-10-28 22:37 . 2009-10-28 22:37 466992 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091102. 002\IDSviA64.sys
2009-10-28 00:26 . 2009-09-10 15:29 311296 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-28 00:26 . 2009-09-10 17:40 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-10-28 00:26 . 2009-09-10 17:39 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-10-28 00:26 . 2009-09-10 15:29 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-27 05:24 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll
2009-10-27 05:24 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-10-27 05:24 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-10-27 05:24 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-10-20 06:18 . 2009-10-20 06:18 -------- d-----w- c:\users\Wai Mey.******-PC\AppData\Local\Google
2009-10-20 06:18 . 2009-10-20 06:18 -------- d-----w- c:\users\Wai Mey.******-PC\AppData\Local\Winamp Toolbar
2009-10-20 05:59 . 2009-10-20 06:00 114360 ----a-w- c:\users\Wai Mey.******-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2009-10-20 05:59 . 2009-10-20 06:00 -------- d-----w- c:\users\Wai Mey.******-PC\AppData\Local\PowerCinema
2009-10-16 19:04 . 2009-10-16 19:04 8192 d-----w- c:\windows\SQL9_KB970892_ENU
2009-10-16 09:46 . 2009-08-27 13:57 56320 ----a-w- c:\windows\system32\iesetup.dll
2009-10-16 09:46 . 2009-08-27 11:24 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-10-14 05:01 . 2009-09-10 17:38 216576 ----a-w- c:\windows\system32\msv1_0.dll
2009-10-14 04:59 . 2009-08-05 14:28 3467864 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-10-14 04:59 . 2009-08-05 14:28 3502152 ----a-w- c:\windows\system32\ntkrnlpa.exe
2009-10-14 04:57 . 2009-08-31 15:16 428032 ----a-w- c:\windows\system32\EncDec.dll
2009-10-14 04:57 . 2009-08-31 15:21 292352 ----a-w- c:\windows\system32\psisdecd.dll
2009-10-14 04:57 . 2009-08-31 15:17 1244672 ----a-w- c:\windows\system32\mcmde.dll
2009-10-14 04:57 . 2009-09-04 12:38 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-10-14 04:57 . 2009-09-14 09:50 130048 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-10-14 04:57 . 2009-04-02 11:50 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-11-07 01:12 . 2009-03-22 13:10 4096 d-----w- c:\users\******\AppData\Roaming\Free Download Manager
2009-11-07 01:09 . 2008-12-02 07:30 -------- d-----w- c:\users\******\AppData\Roaming\gtk-2.0
2009-11-07 00:49 . 2008-07-24 14:02 49152 d-----w- c:\users\******\AppData\Roaming\uTorrent
2009-11-07 00:46 . 2008-03-02 07:55 12 ----a-w- c:\windows\bthservsdp.dat
2009-11-06 12:14 . 2008-05-18 05:07 5972 ----a-w- c:\users\******\AppData\Local\d3d9caps.dat
2009-10-31 14:33 . 2008-10-16 14:05 -------- d-----w- c:\users\******\AppData\Roaming\DAEMON Tools
2009-10-31 14:15 . 2008-10-16 14:06 721904 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-16 23:14 . 2008-05-04 13:41 4096 d-----w- c:\program files\Ahead
2009-10-16 19:09 . 2008-03-02 08:16 12288 d-----w- c:\programdata\Microsoft Help
2009-10-16 19:04 . 2008-03-02 08:31 -------- d-----w- c:\program files\Microsoft SQL Server
2009-10-15 19:10 . 2006-11-02 11:18 4096 d-----w- c:\program files\Windows Mail
2009-10-12 10:51 . 2008-03-02 07:54 12288 d--h--w- c:\program files\InstallShield Installation Information
2009-09-30 07:36 . 2008-12-12 12:40 4096 d-----w- c:\users\Wai Mey\AppData\Roaming\Free Download Manager
2009-09-24 04:27 . 2008-04-03 00:13 5972 ----a-w- c:\users\Wai Mey\AppData\Local\d3d9caps.dat
2009-09-10 16:12 . 2008-07-04 06:18 4096 d-----w- c:\program files\Microsoft Silverlight
2009-08-29 03:41 . 2009-09-03 05:50 1686528 ----a-w- c:\windows\system32\gameux.dll
2009-08-29 03:40 . 2009-09-03 05:50 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-28 23:31 . 2009-09-03 05:50 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-27 14:02 . 2009-10-16 09:45 832512 ----a-w- c:\windows\system32\wininet.dll
2009-08-27 13:57 . 2009-10-16 09:45 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-08-27 13:56 . 2009-10-16 09:45 72704 ----a-w- c:\windows\system32\admparse.dll
2009-08-27 09:51 . 2009-10-16 09:45 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-08-26 13:07 . 2009-08-26 13:07 471664 ----a-w- c:\programdata\Google\Google Toolbar\Update\gtbC5D0.tmp.exe
2009-08-21 14:12 . 2009-04-11 11:38 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2009-08-18 19:11 . 2009-08-22 02:02 25648 ----a-r- c:\windows\system32\drivers\SymIMV.sys
2009-08-17 15:33 . 2009-08-17 15:33 1193832 ----a-w- c:\windows\system32\FM20.DLL
2009-08-14 17:16 . 2009-09-09 12:31 213592 ----a-w- c:\windows\system32\drivers\netio.sys
2009-08-14 16:42 . 2009-09-09 12:31 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2009-08-14 16:40 . 2009-09-09 12:31 103936 ----a-w- c:\windows\system32\netiohlp.dll
2009-08-14 16:40 . 2009-09-09 12:31 15360 ----a-w- c:\windows\system32\netevent.dll
2009-08-14 14:25 . 2009-09-09 12:31 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-08-14 14:25 . 2009-09-09 12:31 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-08-14 14:25 . 2009-09-09 12:31 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-08-14 14:25 . 2009-09-09 12:31 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-08-14 14:25 . 2009-09-09 12:31 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-08-14 14:25 . 2009-09-09 12:31 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-08-14 14:25 . 2009-09-09 12:31 10240 ----a-w- c:\windows\system32\finger.exe
2009-08-14 14:24 . 2009-09-09 12:31 813568 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-08-14 14:23 . 2009-09-09 12:31 22016 ----a-w- c:\windows\system32\netiougc.exe
2008-09-21 06:37 . 2008-09-21 06:37 0 ----a-w- c:\program files\codecpack.v.1.0.2021.exe
2008-09-21 06:36 . 2008-09-21 06:36 0 ----a-w- c:\program files\codecpack.v.1.0.202.exe
2008-03-02 11:23 . 2008-03-02 11:19 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-03-09 1232896]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe" [2009-02-10 39408]
"Orb"="c:\program files\Winamp Remote\bin\OrbTray.exe" [2008-04-01 507904]
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-02-09 270128]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Free Download Manager"="d:\program files\Free Download Manager\fdm.exe" [2008-05-20 2474031]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656]
"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2006-11-02 2159104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2007-05-23 1006264]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2006-12-29 569344]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784]
"EzButton"="c:\progra~1\EzButton\EzButton.EXE" [2007-04-14 502544]
"EnergyUtility"="c:\program files\Lenovo\EnergyCut\utilty.exe" [2007-04-28 1581056]
"EnergyCut"="c:\program files\Lenovo\EnergyCut\EnergyCut.exe" [2007-03-10 1167360]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-21 159744]
"LenovoTheme"="c:\program files\Lenovo\LenovoThemeFactory\LenovoThemeVista.e xe" [2007-04-25 424960]
"PCMService"="c:\program files\Lenovo\ShuttleCenter\PCMService.exe" [2007-05-25 417792]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-01-02 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-01-02 166424]
"Persistence"="c:\windows\system32\igfxpers.ex e" [2008-01-02 133656]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-21 144784]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.e xe" [2001-07-09 155648]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-11 34672]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-07-09 36352]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-10-12 413696]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-12-05 4710400]
c:\users\******\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup\
MagicDisc.lnk - d:\program files\MagicDisc\MagicDisc.exe [2009-6-17 576000]
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-5-4 113664]
Bluetooth.lnk - c:\program files\Lenovo\Bluetooth Software\BTTray.exe [2007-3-30 719664]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\session manager]
SetupExecute REG_MULTI_SZ \0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\rootrepeal.sys]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\SymEFA.sys]
@="FSFilter Activity Monitor"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
R0 SymEFA;Symantec Extended File Attributes;c:\windows\System32\drivers\NIS\1007020 .00B\SymEFA.sys [9/9/2009 8:21 PM 310320]
R0 Wdkbdmou;Lenovo RMCT KbdMou Service;c:\windows\System32\drivers\Wdkbdmou.sys [6/2/2007 3:00 AM 5120]
R1 BHDrvx86;Symantec Heuristics Driver;c:\windows\System32\drivers\NIS\1007020.00B \BHDrvx86.sys [9/9/2009 8:21 PM 259632]
R1 ccHP;Symantec Hash Provider;c:\windows\System32\drivers\NIS\1007020.0 0B\cchpx86.sys [9/9/2009 8:20 PM 482432]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20091105. 001\IDSvix86.sys [7/11/2009 8:14 AM 343088]
R2 AnyComm.DirectRouter;AnyComm.DirectRouter;c:\windo ws\System32\IgrsSvcs.exe -k IgrsSvcs --> c:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
R2 IGRS;IGRS;c:\program files\Lenovo\AnyComm\common\IGRS.exe [13/4/2007 12:29 AM 31744]
R2 Norton Internet Security;Norton Internet Security;c:\program files\Norton Internet Security\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe [9/9/2009 8:20 PM 117640]
R2 SheSvc;AnyComm Software Update;c:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> c:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\System32\drivers\AcpiVpc.sys [2/3/2008 4:11 PM 11776]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [9/2/2007 4:03 AM 179712]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [26/8/2009 11:57 AM 102448]
R3 SYMNDISV;Symantec Network Filter Driver;c:\windows\System32\drivers\NIS\1007020.00B \symndisv.sys [9/9/2009 8:21 PM 48688]
R3 wdmirror;wdmirror;c:\windows\System32\drivers\WDMi rror.sys [3/2/2007 3:14 AM 5120]
S3 IncSvc;AnyComm Network Monitor and Configuration;c:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> c:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 Mkd2kfNt;Mkd2kfNt;c:\windows\System32\drivers\Mkd2 kfNT.sys [18/6/2009 7:02 PM 131072]
S3 Mkd2Nadr;Mkd2Nadr;c:\windows\System32\drivers\Mkd2 Nadr.sys [18/6/2009 7:02 PM 79104]
S3 PS_MDP;AnyComm Presentation Space Helper Service;c:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> c:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
S3 SHE.WEB;AnyComm Software Update Mini Web Server;c:\windows\System32\IgrsSvcs.exe -k IgrsSvcs --> c:\windows\System32\IgrsSvcs.exe -k IgrsSvcs [?]
--- Other Services/Drivers In Memory ---
*NewlyCreated* - MBR
*Deregistered* - mbr
*Deregistered* - PROCEXP113
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
IgrsSvcs REG_MULTI_SZ AnyComm.DirectRouter SHE.WEB SheSvc IncSvc PS_MDP
<NO NAME> REG_SZ
.
Contents of the 'Scheduled Tasks' folder
2009-11-07 c:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-02-12 20:54]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
mDefault_Page_URL = hxxp://www.lenovo.com
IE: &Winamp Search - c:\programdata\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Download all with Free Download Manager - file://d:\program files\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://d:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://d:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://d:\program files\Free Download Manager\dllink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\Lenovo\Bluetooth Software\btsendto_ie.htm
.
.
------- File Associations -------
.
regedit=regedit.exe "%1"
.
- - - - ORPHANS REMOVED - - - -
BHO-{344410C8-D36E-30BC-9C9E-CB115CFEF2F8} - c:\windows\system32\xwr69330.dll
HKCU-Run-fsm - (no file)
HKLM-Run-Unattend0000000001{CE1C30CE-8390-4E54-A1C0-A091EBC35790} - c:\windows\test.bat
HKLM-Run-VeriFacePassManager - c:\program files\Lenovo\VeriFace\PManage.exe
HKLM-Run-ALUAlert - c:\program files\Symantec\LiveUpdate\ALuNotify.exe
HKLM-Run-Microsoft WinUpdate - c:\windows\system32\msupdte.exe
HKLM-Run-<NO NAME> - (no file)
AddRemove-AudibleManager - c:\program files\Audible\Bin\Upgrade.exe
AddRemove-Business Contact Manager - c:\program files\Microsoft Small Business\Business Contact Manager\SetupBootstrap\Setup.exe
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-Little Fighter 2 - c:\program files\LittleFighter2\LF2_v1.9c\uninst.exe
AddRemove-Matroska Pack - c:\program files\Matroska Pack\uninstall.exe
AddRemove-Winamp Toolbar for Firefox - c:\users\******\AppData\Roaming\Mozilla\Firefox\Pr ofiles\sgrnyxd8.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}\uninstall.exe
AddRemove-{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} - c:\program files\Apoint2K\Uninstap.exe

************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-11-07 09:23
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
************************************************** ************************
Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net
device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll sfsync02.sys >>UNKNOWN [0x85B231F8]<<
kernel: MBR read successfully
user & kernel MBR OK
************************************************** ************************
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\N orton Internet Security]
"ImagePath"="\"c:\program files\Norton Internet Security\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files\Norton Internet Security\Norton Internet Security\Engine\16.7.2.11\diMaster.dll\" /prefetch:1"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\G arenaPEngine]
"ImagePath"="\??\c:\users\******\AppData\Local\Tem p\CAQE658.tmp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\m siserver]
"ImagePath"="%systemroot%\system32\msiexec /V"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-690173381-2085086516-3594547541-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ***\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ***\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ***\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ***\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'explorer.exe'(2960)
c:\windows\system32\btmmhook.dll
.
Completion time: 2009-11-07 9:26
ComboFix-quarantined-files.txt 2009-11-07 01:26
Pre-Run: 1,181,655,040 bytes free
Post-Run: 2,934,829,056 bytes free
- - End Of File - - 239886614304C6C38A3852FC568D9B7C
Attached Files
File Type: txt ComboFix.txt (23.5 KB, 1 views)
Last edited by Pancake; 2 Weeks Ago at 09:41 AM. Reason: Copied and pasted for better viewing....
alqx is offline   Reply With Quote
Old 2 Weeks Ago   #18
Senior Security Analyst
 
Pancake's Avatar
 
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 6,862
PC Experience: Elite PC Guru
Default Re: Broken links time and again
That looks fine.I see no more malware.
__________________
  • An Australian Member of
  • and
My real name is Eddy
Pancake is offline   Reply With Quote
Old 2 Weeks Ago   #19
Bronze Member
 
Join Date: Nov 2009
Posts: 14
PC Experience: Some Experience
Default Re: Broken links time and again
Okay, thanks for analysing all of that anyway. I guess I got paranoid and lost my trust in my Norton Internet Security. Or maybe it got resolved after a while or something. It was originally an internet connection problem, not a malware problem. But my internet is working fine now so well, I guess this is resolved. Thanks for the trouble really.
alqx is offline   Reply With Quote
Old 1 Week Ago   #20
Senior Security Analyst
 
Pancake's Avatar
 
Join Date: Jun 2006
Location: Victoria, Australia
Posts: 6,862
PC Experience: Elite PC Guru
Default Re: Broken links time and again
Ok.Good.
__________________
  • An Australian Member of
  • and
My real name is Eddy
Pancake is offline   Reply With Quote

Reply
Page 3 of 3 12 3

Bookmarks

Tags
broken, links, time
Similar discussions...
Thread Thread Starter Forum Replies Last Post
Pending: links macca Windows XP/2000 1 08-14-2009 04:59 AM
Links Redirect - Certain page time out scrabble [Pending] HJT Logs 2 04-03-2009 07:08 AM
Pending: its broken but why? mr p Hard Drives 4 11-27-2008 01:36 PM
Links Starlite Internet Help 6 11-28-2007 07:33 PM
Hi Guys - I may need IT help from time to time landofshadows Introduce Yourself 4 07-06-2005 12:10 AM

« calc.dll | fun.exe dc.exe - need help!!! »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are On


Site Map - Top

All times are GMT. The time now is 08:52 PM.
Powered by vBulletin
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
SEO by vBSEO 3.3.2