internet almost dead -help pls

S

sritcs

New member
Local time
4:07 AM
Messages
8
Hi,
My internet is almost dead..takes hell lot of time to open even Google.com...many sites wont open... let me tell you , i got this problem sometimes back,no solution and i reformatted my OS ,then everything worked fine until yesterday..Am pretty sure this is not caused by any virus or malware ..and also this is not caused by any software because the net is almost down in safe mode too.my drivers are all up to date.router is fine,i tried it with my lap ,it worked so smooth..so i guess problem is only with my OS .
this problem started because of the following scenario,

when my c: drive is almost FULL.this is where problem started..then i deleted some 10GB but still problem exist...could some body help me on this to get rid of this issue..Am sure problem with my OS ..Thanks ...
 

My Computer

OS
windows 7
Sounds viral to me. Run Malwarebytes (malwarebytes.org) and if that doesn't fix it try Combofix (bleepingcomputer.net)

If those don't work then its defiantly not viral.
 

My Computer

Computer Manufacturer/Model Number
Custom
OS
Windows 8 Professional
CPU
AMD Phenom II X6
Motherboard
ASUS
Memory
8 GB
Graphics Card(s)
XFX ATI Radeon 4890
Monitor(s) Displays
Dual 22" LCD
Screen Resolution
1680x1050
Hard Drives
PC Drives

HD0 = Crucial SSD 128gb Sata III
HD1 = 300gb (Seagate Barracuda)

NAS

HD0 = 1.5TB (Maxtor) Raid1
HD1 = 1.5TB (Maxtor) Raid1
HD2 = 1TB (Segate) Raid5
HD3 = 1TB (Segate) Raid5
HD4 = 1TB (Segate) Raid5
HD5 = 1TB (Segate) Raid5
PSU
750 watt
Mouse
Razr Mamba
Internet Speed
50 down 35 up FIOS
Lunarpancake said:
Sounds viral to me. Run Malwarebytes (malwarebytes.org) and if that doesn't fix it try Combofix (bleepingcomputer.net)

If those don't work then its defiantly not viral.
Click to expand...

hi,
I did complete scan using malwarebytes,combofix and eset ...no defects...i believe this got nothing to do with application or virus..
thanks,
sri
 

My Computer

OS
windows 7

My Computer

Computer Manufacturer/Model Number
Compaq Desktop
OS
Windows 7 Ultimate x64
CPU
AMD Sempron Dual Core
Memory
3GB
Graphics Card(s)
NVIDIA GeForce 6150SE nForce 430
Screen Resolution
1024x768
Hard Drives
150GB Sata

My Computer

OS
windows 7
Hi ,
problem solved..i scanned with combofix..now internet working fine..i will post the log here..kindly say me what is cause for this problem..

Code: 
ComboFix 10-11-14.04 - sri 11/15/2010 23:45:04.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.3070.2095 [GMT 5.5:30]
Running from: c:\users\sri\Desktop\ComboFix.exe
* Resident AV is active
 
.
 
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
c:\windows\system32\secustat.dat
 
.
((((((((((((((((((((((((( Files Created from 2010-10-15 to 2010-11-15 )))))))))))))))))))))))))))))))
.
 
2010-11-15 18:21 . 2010-11-15 18:21    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-11-15 18:03 . 2010-11-15 18:03    301568    ----a-w-    c:\windows\system32\cmd.execf
2010-11-15 05:27 . 2010-11-15 15:51    --------    d-----w-    c:\users\sss
2010-11-14 18:42 . 2010-11-14 18:42    --------    d-----w-    c:\program files\Switch Off
2010-11-13 05:18 . 2010-11-13 05:18    --------    d-----w-    c:\users\Default\AppData\Local\Microsoft Help
2010-11-13 01:54 . 2010-11-13 01:54    --------    d-----w-    c:\programdata\Office Genuine Advantage
2010-11-12 15:12 . 2010-11-12 15:12    --------    d-----w-    c:\program files\FlashGet Network
2010-11-12 13:49 . 2010-11-12 13:49    --------    d-----w-    c:\program files\WinPcap
2010-11-12 13:49 . 2010-11-12 13:49    --------    d-----w-    c:\program files\URLSnooper2
2010-11-12 13:49 . 2010-11-12 13:49    --------    d-----w-    c:\programdata\DonationCoder
2010-11-12 12:58 . 2010-10-18 04:11    6146896    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{EE4859BC-26EC-443A-A815-66EC6FC04319}\mpengine.dll
2010-11-11 04:24 . 2010-11-11 04:24    --------    d-----w-    c:\programdata\PDF Writer
2010-11-11 04:23 . 2009-07-14 01:15    90624    ----a-w-    c:\windows\system32\Spool\prtprocs\w32x86\HPZPPWN7.DLL
2010-11-11 04:21 . 2010-11-11 04:21    --------    d-----w-    c:\program files\Common Files\Bullzip
2010-11-11 04:21 . 2008-10-30 17:45    227840    ----a-w-    c:\windows\system32\bzFlRdr.dll
2010-11-11 04:21 . 2008-07-09 18:49    103424    ----a-w-    c:\windows\system32\bzDCT.dll
2010-11-11 04:21 . 2010-09-27 09:57    135168    ----a-w-    c:\windows\system32\bzpdfc.dll
2010-11-11 04:21 . 2010-09-27 09:58    196096    ----a-w-    c:\windows\system32\bzpdf.dll
2010-11-11 04:21 . 2010-11-11 04:21    --------    d-----w-    c:\program files\Bullzip
2010-11-11 04:21 . 1999-05-06 18:30    140288    ----a-w-    c:\windows\system32\comdlg32.OCX
2010-11-10 15:54 . 2010-11-10 15:54    --------    d-----w-    c:\program files\TeamViewer
2010-11-10 15:13 . 2010-11-14 15:31    --------    d-----w-    c:\program files\Garena
2010-11-10 14:58 . 2009-11-03 08:37    679936    ----a-w-    c:\windows\system32\D3DX81ab.dll
2010-11-10 14:58 . 2009-11-03 08:37    1970176    ----a-w-    c:\windows\system32\d3dx9.dll
2010-11-09 17:34 . 2010-11-09 17:34    --------    d-----w-    c:\program files\Conduit
2010-11-09 17:34 . 2010-11-09 17:34    --------    d-----w-    C:\extensions
2010-11-09 17:33 . 2010-11-09 17:33    --------    d-----w-    c:\program files\UseNeXT
2010-11-09 17:32 . 2010-11-09 17:34    --------    d-----w-    c:\program files\uTorrent
2010-11-09 16:17 . 2010-11-14 13:31    --------    d-----w-    c:\program files\Cheat Engine
2010-10-31 08:11 . 2010-10-31 08:11    --------    d-----w-    c:\program files\GRETECH
2010-10-31 07:59 . 2010-10-31 07:59    --------    d-----w-    c:\windows\Sun
2010-10-30 09:15 . 2010-10-30 09:16    --------    d-----w-    C:\Downloads
2010-10-30 07:27 . 2010-01-25 21:18    13952    ----a-w-    c:\windows\system32\drivers\urfltwlh.sys
2010-10-29 16:45 . 2010-11-14 14:23    --------    d-----w-    c:\program files\ESET
2010-10-28 17:25 . 2010-10-28 17:25    --------    d-----w-    c:\program files\VideoLAN
2010-10-28 16:10 . 2010-10-28 16:10    --------    d-----w-    c:\program files\EA GAMES
2010-10-28 15:31 . 2010-10-28 15:31    --------    d-----w-    c:\programdata\Kaspersky Lab Setup Files
2010-10-28 14:54 . 2010-10-28 15:34    --------    d-----w-    c:\program files\EA SPORTS
2010-10-28 14:54 . 2010-10-28 14:54    --------    d-----w-    c:\windows\system32\Macromed
2010-10-28 14:22 . 2010-10-30 11:09    --------    d-----w-    c:\program files\Internet Download Manager
2010-10-28 14:21 . 2010-10-30 08:35    --------    d-----w-    c:\program files\Ask.com
2010-10-28 14:13 . 2010-10-28 14:13    --------    d-----w-    c:\program files\Common Files\Adobe
2010-10-28 14:08 . 2008-11-10 06:11    32656    ----a-w-    c:\windows\system32\msonpmon.dll
2010-10-28 14:08 . 2006-10-26 14:26    33104    ----a-w-    c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2010-10-28 14:07 . 2010-11-14 18:45    --------    d-----w-    c:\program files\Microsoft Works
2010-10-28 14:06 . 2010-10-28 14:06    --------    d-----w-    c:\windows\PCHEALTH
2010-10-28 14:06 . 2010-10-28 14:06    --------    d-----w-    c:\program files\Microsoft.NET
2010-10-28 14:04 . 2010-10-28 14:04    --------    d-----w-    c:\program files\Microsoft Visual Studio 8
2010-10-28 14:04 . 2010-11-14 18:47    --------    d-----w-    c:\programdata\Microsoft Help
2010-10-28 14:02 . 2010-10-28 14:02    --------    d-----r-    C:\MSOCache
2010-10-28 13:57 . 2010-10-28 13:57    --------    d-----w-    c:\program files\PowerISO
2010-10-28 13:55 . 2010-10-28 13:55    --------    d-----w-    c:\program files\CCleaner
2010-10-28 13:18 . 2010-10-28 13:18    --------    d-----w-    c:\program files\LogMeIn Hamachi
2010-10-28 06:10 . 2010-10-27 16:57    --------    d-----w-    c:\windows\Panther
2010-10-27 18:34 . 2010-10-27 18:34    --------    d-----w-    c:\windows\system32\Wat
2010-10-27 18:30 . 2010-10-27 18:30    --------    d-----w-    c:\program files\Common Files\Java
2010-10-27 18:25 . 2010-10-27 18:25    472808    ----a-w-    c:\windows\system32\deployJava1.dll
2010-10-27 18:25 . 2010-10-27 18:25    --------    d-----w-    c:\program files\Java
2010-10-27 17:57 . 2009-09-10 05:52    257024    ----a-w-    c:\windows\system32\msv1_0.dll
2010-10-27 17:56 . 2009-11-25 07:17    99176    ----a-w-    c:\windows\system32\PresentationHostProxy.dll
2010-10-27 17:56 . 2009-11-25 07:17    49472    ----a-w-    c:\windows\system32\netfxperf.dll
2010-10-27 17:56 . 2009-11-25 07:17    297808    ----a-w-    c:\windows\system32\mscoree.dll
2010-10-27 17:56 . 2009-11-25 07:17    295264    ----a-w-    c:\windows\system32\PresentationHost.exe
2010-10-27 17:56 . 2009-11-25 07:17    1130824    ----a-w-    c:\windows\system32\dfshim.dll
2010-10-27 17:49 . 2010-03-04 03:57    190976    ----a-w-    c:\windows\system32\drivers\ks.sys
2010-10-27 17:49 . 2010-06-29 04:57    4247040    ----a-w-    c:\program files\Windows NT\Accessories\wordpad.exe
2010-10-27 17:49 . 2010-06-29 05:02    1413632    ----a-w-    c:\windows\system32\ole32.dll
2010-10-27 17:47 . 2010-08-21 05:36    224256    ----a-w-    c:\windows\system32\schannel.dll
2010-10-27 17:47 . 2010-06-19 06:23    37376    ----a-w-    c:\windows\system32\rtutils.dll
2010-10-27 17:46 . 2010-02-27 07:32    221696    ----a-w-    c:\windows\system32\drivers\mrxsmb10.sys
2010-10-27 17:46 . 2010-02-27 07:32    95744    ----a-w-    c:\windows\system32\drivers\mrxsmb20.sys
2010-10-27 17:46 . 2010-02-27 07:32    123392    ----a-w-    c:\windows\system32\drivers\mrxsmb.sys
2010-10-27 17:46 . 2010-08-27 05:30    13312    ----a-w-    c:\program files\Internet Explorer\iecompat.dll
2010-10-27 17:43 . 2010-05-27 07:24    34304    ----a-w-    c:\windows\system32\atmlib.dll
2010-10-27 17:43 . 2010-05-27 03:49    293888    ----a-w-    c:\windows\system32\atmfd.dll
2010-10-27 17:43 . 2009-10-19 14:10    70656    ----a-w-    c:\windows\system32\fontsub.dll
2010-10-27 17:43 . 2010-01-09 06:52    132608    ----a-w-    c:\windows\system32\cabview.dll
2010-10-27 17:43 . 2010-04-29 10:09    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-10-27 17:43 . 2010-11-15 15:51    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-10-27 17:43 . 2010-11-15 15:50    --------    d-----w-    c:\programdata\Malwarebytes
2010-10-27 17:43 . 2010-04-29 10:09    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-10-27 17:35 . 2010-10-27 17:35    --------    d-----w-    c:\program files\Show Desktop
2010-10-27 17:27 . 2010-10-27 17:27    --------    d-----w-    c:\programdata\SRS Labs
2010-10-27 17:26 . 2010-10-27 17:26    --------    d-----w-    c:\program files\SRS Labs
2010-10-27 17:25 . 2010-10-27 17:25    --------    d-----w-    c:\program files\NVIDIA Corporation
2010-10-27 17:25 . 2010-11-15 15:57    --------    d-----w-    c:\programdata\NVIDIA
2010-10-27 17:24 . 2010-10-27 17:24    --------    d-----w-    c:\program files\AGEIA Technologies
2010-10-27 17:24 . 2010-10-27 17:24    --------    d-----w-    c:\windows\system32\AGEIA
2010-10-27 17:24 . 2010-10-27 17:24    --------    d-----w-    c:\program files\Common Files\Wise Installation Wizard
2010-10-27 17:23 . 2009-07-10 01:31    485920    ----a-w-    c:\windows\system32\NVUNINST.EXE
2010-10-27 17:23 . 2009-07-14 18:54    485920    ----a-w-    c:\windows\system32\nvudisp.exe
2010-10-27 17:22 . 2009-07-14 18:54    795104    ----a-w-    c:\windows\system32\dpinst.exe
2010-10-27 17:22 . 2009-07-14 18:54    252448    ----a-w-    c:\windows\system32\nvdecodemft.dll
2010-10-27 17:22 . 2009-07-14 18:54    1919520    ----a-w-    c:\windows\system32\nvencodemft.dll
2010-10-27 17:22 . 2009-07-14 18:54    10854400    ----a-w-    c:\windows\system32\nvoglv32.dll
2010-10-27 17:22 . 2009-07-14 18:54    7565824    ----a-w-    c:\windows\system32\nvd3dum.dll
2010-10-27 17:22 . 2009-07-14 18:54    2169376    ----a-w-    c:\windows\system32\nvcuvid.dll
2010-10-27 17:22 . 2009-07-14 18:54    1983488    ----a-w-    c:\windows\system32\nvcuda.dll
2010-10-27 17:22 . 2009-07-14 18:54    1706528    ----a-w-    c:\windows\system32\nvcuvenc.dll
2010-10-27 17:22 . 2009-07-14 18:54    151552    ----a-w-    c:\windows\system32\nvcod157.dll
2010-10-27 17:22 . 2009-07-14 18:54    151552    ----a-w-    c:\windows\system32\nvcod.dll
2010-10-27 17:22 . 2009-07-14 18:54    1044992    ----a-w-    c:\windows\system32\nvapi.dll
2010-10-27 17:22 . 2010-10-27 17:22    --------    d-----w-    C:\NVIDIA
2010-10-27 17:16 . 2010-10-19 06:11    222080    ------w-    c:\windows\system32\MpSigStub.exe
2010-10-27 17:05 . 2006-11-11 08:32    274432    ----a-w-    c:\windows\system32\IASDLL.dll
2010-10-27 17:05 . 2005-11-18 08:27    40960    ----a-w-    c:\windows\system32\SFIMLARK.dll
2010-10-27 17:05 . 2005-07-21 13:58    53248    ----a-w-    c:\windows\system32\IASBB.dll
2010-10-27 17:05 . 2010-10-27 17:05    --------    d-----w-    c:\program files\Intel Audio Studio 2.7
2010-10-27 17:02 . 2010-10-27 17:02    --------    d-----w-    c:\program files\Common Files\InstallShield
2010-10-27 17:00 . 2010-11-15 15:59    --------    d-----w-    c:\windows\system32\wbem\Performance
2010-10-27 17:00 . 2010-11-14 18:47    --------    d-sh--w-    c:\windows\Installer
2010-10-27 16:57 . 2010-11-15 15:57    --------    d-----w-    c:\users\sri
2010-10-27 16:57 . 2010-10-27 16:57    --------    d-----w-    C:\Recovery
 
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-29 20:53 . 2010-09-29 18:56    71336    ----a-w-    c:\windows\system32\drivers\idmwfp.sys
.
 
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-10-10 3906656]
 
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
 
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2010-10-10 10:21    3906656    ----a-w-    c:\program files\ConduitEngine\ConduitEngine.dll
 
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
2010-10-10 10:21    3906656    ----a-w-    c:\program files\uTorrentBar\tbuTor.dll
 
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2010-09-28 17:14    1400712    ----a-w-    c:\program files\Ask.com\GenericAskToolbar.dll
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-10-10 3906656]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-10-10 3906656]
 
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
 
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
 
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-09-28 1400712]
"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}"= "c:\program files\uTorrentBar\tbuTor.dll" [2010-10-10 3906656]
 
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
 
[HKEY_CLASSES_ROOT\clsid\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2010-09-29 20:53    72336    ----a-w-    c:\program files\Internet Download Manager\IDMShellExt.dll
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SRS Audio Sandbox"="c:\program files\SRS Labs\Audio Sandbox\SRSSSC.exe" [2010-01-07 3216664]
"IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2010-10-28 3249504]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-11-09 328056]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2010-04-29 437584]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-05-14 2029640]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-20 17:37    932288    ----a-r-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-09-22 23:17    35760    ----a-w-    c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashGet 3]
2009-12-22 08:48    2127408    ----a-w-    c:\program files\FlashGet Network\FlashGet 3\Flashget3.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-10-27 17:01    136176    ----atw-    c:\users\sri\AppData\Local\Google\Update\GoogleUpdate.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 06:14    31072    ----a-w-    c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan]
2010-10-28 15:28    3249504    ----a-w-    c:\program files\Internet Download Manager\IDMan.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2008-05-27 03:40    8003584    ----a-w-    c:\program files\Intel Audio Studio 2.7\IntelAudioStudio.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2010-03-30 05:46    1820040    ----a-w-    c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-01-20 07:05    217088    ----a-w-    c:\program files\PowerISO\PWRISOVM.EXE
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 06:14    248552    ----a-w-    c:\program files\Common Files\Java\Java Update\jusched.exe
 
R3 f5ipfw;F5 Networks StoneWall Filter;c:\windows\system32\drivers\urfltwlh.sys [2010-01-25 13952]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files\Garena\safedrv.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-27 1343400]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-05-14 107256]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-05-14 731840]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2009-05-14 93312]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2010-09-29 71336]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2010-04-29 304464]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2009-07-14 239648]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-19 2011944]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-04-29 20952]
S3 urvpndrv;F5 Networks VPN Adapter;c:\windows\system32\DRIVERS\covpnwlh.sys [2010-01-25 34944]
 
.
Contents of the 'Scheduled Tasks' folder
 
2010-11-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4011064965-1581801092-1242194099-1000Core.job
- c:\users\sri\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-27 17:01]
 
2010-11-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4011064965-1581801092-1242194099-1000UA.job
- c:\users\sri\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-27 17:01]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: Download All By FlashGet3 - c:\users\sri\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download all links with IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: Download By FlashGet3 - c:\users\sri\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: Download FLV video content with IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Download with IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: kuaiche.com\software
FF - ProfilePath - c:\users\sri\AppData\Roaming\Mozilla\Firefox\Profiles\yd7m4oub.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\users\sri\AppData\Roaming\IDM\idmmzcc3\components\idmmzcc.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\users\sri\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
 
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); 
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true); // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
 
[HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info]
@Denied: (2) (LocalSystem)
"AppDataDir"="c:\\ProgramData\\ESET\\ESET NOD32 Antivirus\\"
"DataDir"="ESET\\ESET NOD32 Antivirus\\"
"EditionName"=" "
"InstallDir"="c:\\Program Files\\ESET\\ESET NOD32 Antivirus\\"
"LanguageId"=dword:00000409
"PackageTag"=dword:6090e758
"ProductBase"=dword:00000000
"ProductCode"="{2EEBAC31-3EEF-4118-91CB-1A286A507DB2}"
"ProductName"="ESET NOD32 Antivirus"
"ProductType"="eav"
"ProductVersion"="4.0.437.0"
"UniqueId"="00CFC91C4CCAFA5B"
"ScannerBuild"=dword:00001329
"ScannerVersionId"=dword:00000feb
"ScannerVersion"="Locked/open ESET for status."
"FixId"=dword:00000007
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2010-11-15 23:55:09
ComboFix-quarantined-files.txt 2010-11-15 18:25
 
Pre-Run: 9,410,048,000 bytes free
Post-Run: 9,343,971,328 bytes free
 
- - End Of File - - EF18D597C0757CC086B7051A317C6071
 

My Computer

OS
windows 7
You must log in or register to reply here.
Back
Top