internet almost dead -help pls

Hi,
My internet is almost dead..takes hell lot of time to open even Google.com...many sites wont open... let me tell you , i got this problem sometimes back,no solution and i reformatted my OS ,then everything worked fine until yesterday..Am pretty sure this is not caused by any virus or malware ..and also this is not caused by any software because the net is almost down in safe mode too.my drivers are all up to date.router is fine,i tried it with my lap ,it worked so smooth..so i guess problem is only with my OS .
this problem started because of the following scenario,

when my c: drive is almost FULL.this is where problem started..then i deleted some 10GB but still problem exist...could some body help me on this to get rid of this issue..Am sure problem with my OS ..Thanks ...

Sounds viral to me. Run Malwarebytes (malwarebytes.org) and if that doesn't fix it try Combofix (bleepingcomputer.net)

If those don't work then its defiantly not viral.

Lunarpancake said:

Sounds viral to me. Run Malwarebytes (malwarebytes.org) and if that doesn't fix it try Combofix (bleepingcomputer.net)

If those don't work then its defiantly not viral.

hi,
I did complete scan using malwarebytes,combofix and eset ...no defects...i believe this got nothing to do with application or virus..
thanks,
sri

Orbital Shark said:

Hi,

If you're connected wirelesly then you may want to try removing the Wireless network, it's been known to resolve several connectivity issues.

Wireless Network - Remove


OS

Hi,
Thanks for the quick reply..this forums is really cool..and regarding issue, mine is PC connected directly though LAN...same router tried with another system,works perfect..so problem is not with my router..

Hi ,
problem solved..i scanned with combofix..now internet working fine..i will post the log here..kindly say me what is cause for this problem..

Code:

 
ComboFix 10-11-14.04 - sri 11/15/2010 23:45:04.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3070.2095 [GMT 5.5:30]
Running from: c:\users\sri\Desktop\ComboFix.exe
* Resident AV is active
 
.
 
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
c:\windows\system32\secustat.dat
 
.
((((((((((((((((((((((((( Files Created from 2010-10-15 to 2010-11-15 )))))))))))))))))))))))))))))))
.
 
2010-11-15 18:21 . 2010-11-15 18:21    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-11-15 18:03 . 2010-11-15 18:03    301568    ----a-w-    c:\windows\system32\cmd.execf
2010-11-15 05:27 . 2010-11-15 15:51    --------    d-----w-    c:\users\sss
2010-11-14 18:42 . 2010-11-14 18:42    --------    d-----w-    c:\program files\Switch Off
2010-11-13 05:18 . 2010-11-13 05:18    --------    d-----w-    c:\users\Default\AppData\Local\Microsoft Help
2010-11-13 01:54 . 2010-11-13 01:54    --------    d-----w-    c:\programdata\Office Genuine Advantage
2010-11-12 15:12 . 2010-11-12 15:12    --------    d-----w-    c:\program files\FlashGet Network
2010-11-12 13:49 . 2010-11-12 13:49    --------    d-----w-    c:\program files\WinPcap
2010-11-12 13:49 . 2010-11-12 13:49    --------    d-----w-    c:\program files\URLSnooper2
2010-11-12 13:49 . 2010-11-12 13:49    --------    d-----w-    c:\programdata\DonationCoder
2010-11-12 12:58 . 2010-10-18 04:11    6146896    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE4859BC-26EC-443A-A815-66EC6FC04319}\mpengine.dll
2010-11-11 04:24 . 2010-11-11 04:24    --------    d-----w-    c:\programdata\PDF Writer
2010-11-11 04:23 . 2009-07-14 01:15    90624    ----a-w-    c:\windows\system32\Spool\prtprocs\w32x86\HPZPPWN7.DLL
2010-11-11 04:21 . 2010-11-11 04:21    --------    d-----w-    c:\program files\Common Files\Bullzip
2010-11-11 04:21 . 2008-10-30 17:45    227840    ----a-w-    c:\windows\system32\bzFlRdr.dll
2010-11-11 04:21 . 2008-07-09 18:49    103424    ----a-w-    c:\windows\system32\bzDCT.dll
2010-11-11 04:21 . 2010-09-27 09:57    135168    ----a-w-    c:\windows\system32\bzpdfc.dll
2010-11-11 04:21 . 2010-09-27 09:58    196096    ----a-w-    c:\windows\system32\bzpdf.dll
2010-11-11 04:21 . 2010-11-11 04:21    --------    d-----w-    c:\program files\Bullzip
2010-11-11 04:21 . 1999-05-06 18:30    140288    ----a-w-    c:\windows\system32\comdlg32.OCX
2010-11-10 15:54 . 2010-11-10 15:54    --------    d-----w-    c:\program files\TeamViewer
2010-11-10 15:13 . 2010-11-14 15:31    --------    d-----w-    c:\program files\Garena
2010-11-10 14:58 . 2009-11-03 08:37    679936    ----a-w-    c:\windows\system32\D3DX81ab.dll
2010-11-10 14:58 . 2009-11-03 08:37    1970176    ----a-w-    c:\windows\system32\d3dx9.dll
2010-11-09 17:34 . 2010-11-09 17:34    --------    d-----w-    c:\program files\Conduit
2010-11-09 17:34 . 2010-11-09 17:34    --------    d-----w-    C:\extensions
2010-11-09 17:33 . 2010-11-09 17:33    --------    d-----w-    c:\program files\UseNeXT
2010-11-09 17:32 . 2010-11-09 17:34    --------    d-----w-    c:\program files\uTorrent
2010-11-09 16:17 . 2010-11-14 13:31    --------    d-----w-    c:\program files\Cheat Engine
2010-10-31 08:11 . 2010-10-31 08:11    --------    d-----w-    c:\program files\GRETECH
2010-10-31 07:59 . 2010-10-31 07:59    --------    d-----w-    c:\windows\Sun
2010-10-30 09:15 . 2010-10-30 09:16    --------    d-----w-    C:\Downloads
2010-10-30 07:27 . 2010-01-25 21:18    13952    ----a-w-    c:\windows\system32\drivers\urfltwlh.sys
2010-10-29 16:45 . 2010-11-14 14:23    --------    d-----w-    c:\program files\ESET
2010-10-28 17:25 . 2010-10-28 17:25    --------    d-----w-    c:\program files\VideoLAN
2010-10-28 16:10 . 2010-10-28 16:10    --------    d-----w-    c:\program files\EA GAMES
2010-10-28 15:31 . 2010-10-28 15:31    --------    d-----w-    c:\programdata\Kaspersky Lab Setup Files
2010-10-28 14:54 . 2010-10-28 15:34    --------    d-----w-    c:\program files\EA SPORTS
2010-10-28 14:54 . 2010-10-28 14:54    --------    d-----w-    c:\windows\system32\Macromed
2010-10-28 14:22 . 2010-10-30 11:09    --------    d-----w-    c:\program files\Internet Download Manager
2010-10-28 14:21 . 2010-10-30 08:35    --------    d-----w-    c:\program files\Ask.com
2010-10-28 14:13 . 2010-10-28 14:13    --------    d-----w-    c:\program files\Common Files\Adobe
2010-10-28 14:08 . 2008-11-10 06:11    32656    ----a-w-    c:\windows\system32\msonpmon.dll
2010-10-28 14:08 . 2006-10-26 14:26    33104    ----a-w-    c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-10-28 14:07 . 2010-11-14 18:45    --------    d-----w-    c:\program files\Microsoft Works
2010-10-28 14:06 . 2010-10-28 14:06    --------    d-----w-    c:\windows\PCHEALTH
2010-10-28 14:06 . 2010-10-28 14:06    --------    d-----w-    c:\program files\Microsoft.NET
2010-10-28 14:04 . 2010-10-28 14:04    --------    d-----w-    c:\program files\Microsoft Visual Studio 8
2010-10-28 14:04 . 2010-11-14 18:47    --------    d-----w-    c:\programdata\Microsoft Help
2010-10-28 14:02 . 2010-10-28 14:02    --------    d-----r-    C:\MSOCache
2010-10-28 13:57 . 2010-10-28 13:57    --------    d-----w-    c:\program files\PowerISO
2010-10-28 13:55 . 2010-10-28 13:55    --------    d-----w-    c:\program files\CCleaner
2010-10-28 13:18 . 2010-10-28 13:18    --------    d-----w-    c:\program files\LogMeIn Hamachi
2010-10-28 06:10 . 2010-10-27 16:57    --------    d-----w-    c:\windows\Panther
2010-10-27 18:34 . 2010-10-27 18:34    --------    d-----w-    c:\windows\system32\Wat
2010-10-27 18:30 . 2010-10-27 18:30    --------    d-----w-    c:\program files\Common Files\Java
2010-10-27 18:25 . 2010-10-27 18:25    472808    ----a-w-    c:\windows\system32\deployJava1.dll
2010-10-27 18:25 . 2010-10-27 18:25    --------    d-----w-    c:\program files\Java
2010-10-27 17:57 . 2009-09-10 05:52    257024    ----a-w-    c:\windows\system32\msv1_0.dll
2010-10-27 17:56 . 2009-11-25 07:17    99176    ----a-w-    c:\windows\system32\PresentationHostProxy.dll
2010-10-27 17:56 . 2009-11-25 07:17    49472    ----a-w-    c:\windows\system32\netfxperf.dll
2010-10-27 17:56 . 2009-11-25 07:17    297808    ----a-w-    c:\windows\system32\mscoree.dll
2010-10-27 17:56 . 2009-11-25 07:17    295264    ----a-w-    c:\windows\system32\PresentationHost.exe
2010-10-27 17:56 . 2009-11-25 07:17    1130824    ----a-w-    c:\windows\system32\dfshim.dll
2010-10-27 17:49 . 2010-03-04 03:57    190976    ----a-w-    c:\windows\system32\drivers\ks.sys
2010-10-27 17:49 . 2010-06-29 04:57    4247040    ----a-w-    c:\program files\Windows NT\Accessories\wordpad.exe
2010-10-27 17:49 . 2010-06-29 05:02    1413632    ----a-w-    c:\windows\system32\ole32.dll
2010-10-27 17:47 . 2010-08-21 05:36    224256    ----a-w-    c:\windows\system32\schannel.dll
2010-10-27 17:47 . 2010-06-19 06:23    37376    ----a-w-    c:\windows\system32\rtutils.dll
2010-10-27 17:46 . 2010-02-27 07:32    221696    ----a-w-    c:\windows\system32\drivers\mrxsmb10.sys
2010-10-27 17:46 . 2010-02-27 07:32    95744    ----a-w-    c:\windows\system32\drivers\mrxsmb20.sys
2010-10-27 17:46 . 2010-02-27 07:32    123392    ----a-w-    c:\windows\system32\drivers\mrxsmb.sys
2010-10-27 17:46 . 2010-08-27 05:30    13312    ----a-w-    c:\program files\Internet Explorer\iecompat.dll
2010-10-27 17:43 . 2010-05-27 07:24    34304    ----a-w-    c:\windows\system32\atmlib.dll
2010-10-27 17:43 . 2010-05-27 03:49    293888    ----a-w-    c:\windows\system32\atmfd.dll
2010-10-27 17:43 . 2009-10-19 14:10    70656    ----a-w-    c:\windows\system32\fontsub.dll
2010-10-27 17:43 . 2010-01-09 06:52    132608    ----a-w-    c:\windows\system32\cabview.dll
2010-10-27 17:43 . 2010-04-29 10:09    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-27 17:43 . 2010-11-15 15:51    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-10-27 17:43 . 2010-11-15 15:50    --------    d-----w-    c:\programdata\Malwarebytes
2010-10-27 17:43 . 2010-04-29 10:09    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-10-27 17:35 . 2010-10-27 17:35    --------    d-----w-    c:\program files\Show Desktop
2010-10-27 17:27 . 2010-10-27 17:27    --------    d-----w-    c:\programdata\SRS Labs
2010-10-27 17:26 . 2010-10-27 17:26    --------    d-----w-    c:\program files\SRS Labs
2010-10-27 17:25 . 2010-10-27 17:25    --------    d-----w-    c:\program files\NVIDIA Corporation
2010-10-27 17:25 . 2010-11-15 15:57    --------    d-----w-    c:\programdata\NVIDIA
2010-10-27 17:24 . 2010-10-27 17:24    --------    d-----w-    c:\program files\AGEIA Technologies
2010-10-27 17:24 . 2010-10-27 17:24    --------    d-----w-    c:\windows\system32\AGEIA
2010-10-27 17:24 . 2010-10-27 17:24    --------    d-----w-    c:\program files\Common Files\Wise Installation Wizard
2010-10-27 17:23 . 2009-07-10 01:31    485920    ----a-w-    c:\windows\system32\NVUNINST.EXE
2010-10-27 17:23 . 2009-07-14 18:54    485920    ----a-w-    c:\windows\system32\nvudisp.exe
2010-10-27 17:22 . 2009-07-14 18:54    795104    ----a-w-    c:\windows\system32\dpinst.exe
2010-10-27 17:22 . 2009-07-14 18:54    252448    ----a-w-    c:\windows\system32\nvdecodemft.dll
2010-10-27 17:22 . 2009-07-14 18:54    1919520    ----a-w-    c:\windows\system32\nvencodemft.dll
2010-10-27 17:22 . 2009-07-14 18:54    10854400    ----a-w-    c:\windows\system32\nvoglv32.dll
2010-10-27 17:22 . 2009-07-14 18:54    7565824    ----a-w-    c:\windows\system32\nvd3dum.dll
2010-10-27 17:22 . 2009-07-14 18:54    2169376    ----a-w-    c:\windows\system32\nvcuvid.dll
2010-10-27 17:22 . 2009-07-14 18:54    1983488    ----a-w-    c:\windows\system32\nvcuda.dll
2010-10-27 17:22 . 2009-07-14 18:54    1706528    ----a-w-    c:\windows\system32\nvcuvenc.dll
2010-10-27 17:22 . 2009-07-14 18:54    151552    ----a-w-    c:\windows\system32\nvcod157.dll
2010-10-27 17:22 . 2009-07-14 18:54    151552    ----a-w-    c:\windows\system32\nvcod.dll
2010-10-27 17:22 . 2009-07-14 18:54    1044992    ----a-w-    c:\windows\system32\nvapi.dll
2010-10-27 17:22 . 2010-10-27 17:22    --------    d-----w-    C:\NVIDIA
2010-10-27 17:16 . 2010-10-19 06:11    222080    ------w-    c:\windows\system32\MpSigStub.exe
2010-10-27 17:05 . 2006-11-11 08:32    274432    ----a-w-    c:\windows\system32\IASDLL.dll
2010-10-27 17:05 . 2005-11-18 08:27    40960    ----a-w-    c:\windows\system32\SFIMLARK.dll
2010-10-27 17:05 . 2005-07-21 13:58    53248    ----a-w-    c:\windows\system32\IASBB.dll
2010-10-27 17:05 . 2010-10-27 17:05    --------    d-----w-    c:\program files\Intel Audio Studio 2.7
2010-10-27 17:02 . 2010-10-27 17:02    --------    d-----w-    c:\program files\Common Files\InstallShield
2010-10-27 17:00 . 2010-11-15 15:59    --------    d-----w-    c:\windows\system32\wbem\Performance
2010-10-27 17:00 . 2010-11-14 18:47    --------    d-sh--w-    c:\windows\Installer
2010-10-27 16:57 . 2010-11-15 15:57    --------    d-----w-    c:\users\sri
2010-10-27 16:57 . 2010-10-27 16:57    --------    d-----w-    C:\Recovery
 
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-29 20:53 . 2010-09-29 18:56    71336    ----a-w-    c:\windows\system32\drivers\idmwfp.sys
.
 
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-10-10 3906656]
 
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
 
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-10 10:21    3906656    ----a-w-    c:\program files\ConduitEngine\ConduitEngine.dll
 
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-10-10 10:21    3906656    ----a-w-    c:\program files\uTorrentBar\tbuTor.dll
 
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 17:14    1400712    ----a-w-    c:\program files\Ask.com\GenericAskToolbar.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-10-10 3906656]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
 
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
 
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
 
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-10-10 3906656]
 
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
 
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-09-29 20:53    72336    ----a-w-    c:\program files\Internet Download Manager\IDMShellExt.dll
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2010-01-07 3216664]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-10-28 3249504]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-11-09 328056]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 17:37    932288    ----a-r-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-22 23:17    35760    ----a-w-    c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet 3]
2009-12-22 08:48    2127408    ----a-w-    c:\program files\FlashGet Network\FlashGet 3\Flashget3.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-10-27 17:01    136176    ----atw-    c:\users\sri\AppData\Local\Google\Update\GoogleUpdate.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 06:14    31072    ----a-w-    c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2010-10-28 15:28    3249504    ----a-w-    c:\program files\Internet Download Manager\IDMan.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2008-05-27 03:40    8003584    ----a-w-    c:\program files\Intel Audio Studio 2.7\IntelAudioStudio.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2010-03-30 05:46    1820040    ----a-w-    c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-01-20 07:05    217088    ----a-w-    c:\program files\PowerISO\PWRISOVM.EXE
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 06:14    248552    ----a-w-    c:\program files\Common Files\Java\Java Update\jusched.exe
 
R3 f5ipfw;F5 Networks StoneWall Filter;c:\windows\system32\drivers\urfltwlh.sys [2010-01-25 13952]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena\safedrv.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-27 1343400]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-05-14 93312]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2010-09-29 71336]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-07-14 239648]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-19 2011944]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 urvpndrv;F5 Networks VPN Adapter;c:\windows\system32\DRIVERS\covpnwlh.sys [2010-01-25 34944]
 
.
Contents of the 'Scheduled Tasks' folder
 
2010-11-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4011064965-1581801092-1242194099-1000Core.job
- c:\users\sri\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-27 17:01]
 
2010-11-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4011064965-1581801092-1242194099-1000UA.job
- c:\users\sri\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-27 17:01]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: Download All By FlashGet3 - c:\users\sri\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download By FlashGet3 - c:\users\sri\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: kuaiche.com\software
FF - ProfilePath - c:\users\sri\AppData\Roaming\Mozilla\Firefox\Profiles\yd7m4oub.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\users\sri\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\users\sri\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
 
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\ProgramData\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000409
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{2EEBAC31-3EEF-4118-91CB-1A286A507DB2}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.0.437.0"
"UniqueId"="00CFC91C4CCAFA5B"
"ScannerBuild"=dword:00001329
"ScannerVersionId"=dword:00000feb
"ScannerVersion"="Locked/open ESET for status."
"FixId"=dword:00000007
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-11-15 23:55:09
ComboFix-quarantined-files.txt 2010-11-15 18:25
 
Pre-Run: 9,410,048,000 bytes free
Post-Run: 9,343,971,328 bytes free
 
- - End Of File - - EF18D597C0757CC086B7051A317C6071