Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Inactive Malware Help Topics

User Tag List

Internet Explorer won't show any pages, while firefox works perfectly

This is a discussion on Internet Explorer won't show any pages, while firefox works perfectly within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. Hello everybody. I'm no computer noob, and most computer problems I've encountered I've been able to solve myself or with


 
 
Thread Tools Search this Thread
Old 01-17-2008, 11:56 AM   #1
Guest
 
Join Date: Jan 2008
Posts: 2
OS:



Hello everybody.
I'm no computer noob, and most computer problems I've encountered I've been able to solve myself or with information from the Internet.

However, this one leaves me no choice but to humbly ask your help, since I've lost any clue on how to figure it out.

Here's The problem:
For a few months now, ineternet Explorer is not showing any pages.
Whatever page I ask it to show, it shows the "Internet Explorer cannot display the webpage" page instead.
I click "Diagnose Connection Problems", and it finds no connection problems.
The strangest part here, is that Firefox, and any other online programs work perfectly, with no problems at all.

I'm running Windows Vista Basic with Internet Explorer 7.0.6.16575. I'm not sure it's the latest version, but can't check for updates, since the update checker is IE-based, and doesn't work on firefox.

I have Kaspersky Internet Security installed and fully updated on my computer. Made a full scan and found nothing. Tryed turning off firewall, to see maybe it is causing the problem, but no success. IE still showing no signs of life.
I have tried restoring IE settings to default, but it didn't help either.
I have tried playing with the network setting, but nothing worked either.
I've tried connecting through other wireless networks, but nothing ever works.
IE can't even connect to my router.

I've run a DSS scan, and there's nothing there I can see.
extra.txt is attached.
Here's main.txt:
Deckard's System Scanner v20071014.68
Run by svarog on 2008-01-17 21:35:31
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 1 Restore Point(s) --
1: 2008-01-16 22:24:06 UTC - RP335 - Scheduled Checkpoint


Backed up registry hives.
Performed disk cleanup.

Total Physical Memory: 1014 MiB (1024 MiB recommended).
System Drive C: has 12.98 GiB (less than 15%) free.


-- HijackThis (run as svarog.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:41:59, on 17/01/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\Dell\QuickSet\quickset.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\System32\mobsync.exe
C:\Windows\explorer.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Windows\system32\conime.exe
C:\DSS\dss.exe
C:\Users\svarog\Desktop\svarog.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Common Files\ReGet Shared\Catcher.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
O4 - HKLM\..\Run: [ALUAlert] "C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe" "/LOWDISKSPACE C"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [Mp4 Player] "C:\Program Files\Mp4 Player\Mp4Player.exe" hmw
O4 - HKCU\..\Run: [RSS] C:\RSSXploiter\SQUIRT RELEASE RSS Xploiter 2.1\RSS.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Global Startup: QuickSet.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\icqICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\icqICQ6\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - https://tango.huji.ac.il/sre/ICSScanner.cab
O16 - DPF: {B4CB50E4-0309-4906-86EA-10B6641C8392} (SlimClient Class) - https://tango.huji.ac.il/SNX/CSHELL/extender.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://livenj02.custhelp.com/8003-b3.../java/RntX.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5D6E566B-D888-4813-890A-03B6067D6885}: NameServer = 192.117.235.235,62.219.186.7
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~3.0\r3hook.dll,C:\PROGRA~1\KASPER~1\KASPER~3.0\adialhk.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Check Point SSL Network Extender (cpextender) - Check Point Software Technologies - C:\Program Files\CheckPoint\SSL Network Extender\slimsvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 12090 bytes

-- File Associations -----------------------------------------------------------

.js - JSFile - DefaultIcon - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe",2


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 dsunidrv - \??\c:\program files\dellsupport\drivers\dsunidrv.sys
R3 CLEDX (Team H2O CLEDX service) - c:\windows\system32\drivers\cledx.sys <Not Verified; Team H2O; CLEDX>
R3 DSproct - \??\c:\program files\dellsupport\gtaction\triggers\dsproct.sys

S2 Nsynas32 - c:\windows\system32\drivers\nsynas32.sys <Not Verified; Syncrosoft Hard- und Software GmbH; Internet Protection Hardware Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 cpextender (Check Point SSL Network Extender) - c:\program files\checkpoint\ssl network extender\slimsvc.exe <Not Verified; Check Point Software Technologies; slim>
R2 STacSV (SigmaTel Audio Service) - c:\program files\sigmatel\c-major audio\wdm\stacsv.exe <Not Verified; SigmaTel, Inc.; C-Major Audio>
R3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>

S2 LiveUpdate Notice Ex (LiveUpdate Notice Service Ex) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)
S2 RichVideo (Cyberlink RichVideo Service(CRVS)) - "c:\program files\cyberlink\shared files\richvideo.exe" (file missing)
S3 DSBrokerService - "c:\program files\dellsupport\brkrsvc.exe" <Not Verified; ; Gteko BrkrSvc Application>
S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-01-16 23:43:31 420 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{BCA378A9-40C4-4294-AE88-3C5D7713CF64}.job


-- Files created between 2007-12-17 and 2008-01-17 -----------------------------

2008-01-17 21:34:49 0 d-------- C:\DSS
2008-01-17 20:08:39 0 d-------- C:\PHP
2008-01-17 20:03:30 0 d-------- C:\Program Files\DSV PHP Editor
2008-01-11 22:16:47 0 d-------- C:\WC3
2008-01-11 19:57:23 0 d-------- C:\aria-ny
2008-01-07 21:31:52 0 d-------- C:\ToPhone
2008-01-07 21:20:34 0 d-------- C:\Users\All Users\NCH Swift Sound
2008-01-07 21:20:27 0 d-------- C:\Program Files\NCH Swift Sound
2008-01-07 20:33:12 57344 --a------ C:\Windows\system32\Wnaspint.dll <Not Verified; NexiTech, Inc.; NexiTech ASPI for Win32>
2008-01-07 20:33:10 0 d-------- C:\Program Files\VST
2008-01-07 20:32:49 0 d-------- C:\Users\All Users\Acoustica
2008-01-07 20:32:48 0 d-------- C:\Program Files\Acoustica Mixcraft 3
2008-01-03 23:49:12 0 d-------- C:\Lena HW
2008-01-03 21:38:24 5760 --a------ C:\Windows\system32\vnchelp.dll <Not Verified; RDV Soft; UltraVnc Kernel>
2008-01-03 21:33:04 0 d-------- C:\Program Files\Access Remote PC Temporary
2008-01-03 21:31:27 0 d-------- C:\Access Remote PC
2007-12-22 20:45:45 0 d-------- C:\HijackThis
2007-12-22 18:38:23 0 d-------- C:\Guitar Pro
2007-12-21 17:52:55 0 d-------- C:\New Folder
2007-12-20 19:43:13 462848 --a------ C:\Windows\system32\lame_enc.dll
2007-12-20 19:37:38 77824 --a------ C:\Windows\system32\SoundCapture.exe
2007-12-19 21:26:07 33792 --a------ C:\Windows\system32\drivers\cledx.sys <Not Verified; Team H2O; CLEDX>
2007-12-17 21:17:25 487936 --a------ C:\Windows\system\Rmbe3260.dll <Not Verified; RealNetworks, Inc.; RealNetworks RealProducer Build Engine (32-bit)>
2007-12-17 21:17:25 87040 --a------ C:\Windows\system\Ra32sipr.dll <Not Verified; RealNetworks, Inc.; RealMedia Shared Component (32-bit)>
2007-12-17 21:17:24 21504 --a------ C:\Windows\system\Ra32dnet.dll <Not Verified; RealNetworks, Inc.; RealAudio(tm) Shared Component (32-bit)>
2007-12-17 21:17:24 72704 --a------ C:\Windows\system\Ra3228_8.dll <Not Verified; RealNetworks, Inc.; 28.8 Audio Codec for RealAudio(tm) (32-bit) RealVideo Encoder SDK 5.0>
2007-12-17 21:17:24 81920 --a------ C:\Windows\system\Ra3214_4.dll <Not Verified; RealNetworks, Inc.; 14.4 Audio Codec for RealAudio(tm) (32-bit) RealVideo Encoder SDK 5.0>
2007-12-17 21:17:23 352768 --a------ C:\Windows\system\pngu3263.dll <Not Verified; RealNetworks, Inc.; RealPlayer (32-bit)>
2007-12-17 21:17:23 131072 --a------ C:\Windows\system\Pneng50.dll <Not Verified; RealNetworks, Inc.; RealNetworks RealVideo Encoder Engine (32-bit)>
2007-12-17 21:17:23 273408 --a------ C:\Windows\system\Pncrt.dll <Not Verified; RealNetworks, Inc.; RealPlayer>
2007-12-17 21:17:23 130560 --a------ C:\Windows\system\Pnc3250.dll <Not Verified; RealNetworks, Inc.; Low-Level API for RealAudio(tm) Encoder (32-bit)>
2007-12-17 21:17:22 85504 --a------ C:\Windows\system\Encdnet.dll <Not Verified; RealNetworks, Inc.; RealAudio(tm) Shared Component (32-bit)>
2007-12-17 21:17:22 61952 --a------ C:\Windows\system\Decdnet.dll <Not Verified; RealNetworks, Inc.; RealAudio(tm) Shared Component (32-bit)>
2007-12-17 21:16:36 0 d-------- C:\Program Files\Pinnacle
2007-12-17 21:16:35 0 d-------- C:\Program Files\Steinberg
2007-12-17 21:14:09 0 d-------- C:\Users\All Users\Pinnacle
2007-12-17 21:12:53 45056 --a------ C:\Windows\system32\Synsopos.exe <Not Verified; Syncrosoft Hard- und Software GmbH; Syncrosoft Synsopos>
2007-12-17 21:12:53 16896 --a------ C:\Windows\system32\drivers\SynasUSB.sys <Not Verified; Syncrosoft GmbH; USB protection device>
2007-12-17 21:12:47 147456 --a------ C:\Windows\system32\SynsoLChk.dll <Not Verified; Syncrosoft Hard- und Software GmbH; >
2007-12-17 21:12:46 700416 --a------ C:\Windows\system32\SYNSOACC.dll <Not Verified; Syncrosoft Hard- und Software GmbH; SYNCROSOFT SYNSOACC>
2007-12-17 21:12:46 17784 --a------ C:\Windows\system32\drivers\NSynas32.sys <Not Verified; Syncrosoft Hard- und Software GmbH; Internet Protection Hardware Driver>
2007-12-17 21:12:46 0 d-------- C:\Program Files\Syncrosoft


-- Find3M Report ---------------------------------------------------------------

2008-01-17 21:33:53 0 d-------- C:\Users\svarog\AppData\Roaming\foobar2000
2008-01-17 20:08:52 0 d-------- C:\Users\svarog\AppData\Roaming\ReGet Software
2008-01-12 15:10:07 20480 --a------ C:\Windows\system32\editor.exe <Not Verified; ; editor>
2008-01-11 16:34:26 0 d-------- C:\Users\svarog\AppData\Roaming\uTorrent
2008-01-10 03:12:46 2484 --a------ C:\Windows\bthservsdp.dat
2008-01-10 03:12:22 0 d-------- C:\Program Files\Windows Mail
2008-01-10 03:12:20 0 d-------- C:\Program Files\Windows Sidebar
2008-01-07 21:32:05 0 d-------- C:\Users\svarog\AppData\Roaming\NCH Software
2008-01-07 21:21:01 0 d-------- C:\Users\svarog\AppData\Roaming\NCH Swift Sound
2008-01-07 20:38:47 0 d-------- C:\Users\svarog\AppData\Roaming\GrabIt
2008-01-07 20:33:08 0 d-------- C:\Program Files\Acoustica Shared Effects
2007-12-19 21:38:49 0 d-------- C:\Program Files\Common Files\ReGet Shared
2007-12-19 20:26:05 0 d-------- C:\Users\svarog\AppData\Roaming\NewsBin
2007-12-19 20:22:53 0 d-------- C:\Program Files\NewsBin
2007-12-17 21:19:22 0 d-------- C:\Users\svarog\AppData\Roaming\Steinberg
2007-12-16 21:46:44 0 d-------- C:\Program Files\Sytexis Software
2007-12-16 21:45:48 0 d-------- C:\Program Files\WinPcap
2007-12-16 21:45:25 0 d-------- C:\Users\svarog\AppData\Roaming\Sytexis Software
2007-12-16 14:46:51 0 d-------- C:\Program Files\ReGet Software
2007-12-16 14:46:51 0 d-------- C:\Program Files\Common Files
2007-12-02 19:22:58 0 d-------- C:\Program Files\directx
2007-12-02 19:17:01 0 d-------- C:\Program Files\Fox
2007-11-30 16:38:04 0 d-------- C:\Program Files\TagRename
2007-11-20 19:56:18 0 d-------- C:\Program Files\uTorrent
2007-11-20 19:55:36 0 d-------- C:\Program Files\BitComet
2007-11-19 18:55:07 0 d-------- C:\Program Files\foobar2000
2007-11-19 18:46:21 0 d-------- C:\Program Files\Last.fm
2007-11-18 15:04:36 0 d-------- C:\Program Files\Keyword Expert


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [05/18/2007 08:14 AM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [11/18/2006 01:52 AM]
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [04/26/2007 06:30 PM]
"SigmatelSysTrayApp"="sttray.exe" [02/08/2007 07:11 AM C:\Windows\sttray.exe]
"Broadcom Wireless Manager UI"="C:\Windows\system32\WLTRAY.exe" [11/28/2006 01:15 AM]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [10/03/2006 12:37 PM]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [11/05/2006 12:22 PM]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [10/13/2006 12:31 PM]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [10/03/2006 12:35 PM]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [12/12/2006 09:02 AM]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [12/12/2006 09:03 AM]
"Persistence"="C:\Windows\system32\igfxpers.exe" [12/12/2006 09:02 AM]
"NWEReboot"="" []
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [10/26/2006 11:47 PM]
"WPCUMI"="C:\Windows\system32\WpcUmi.exe" [11/02/2006 02:34 PM]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [03/12/2007 05:30 PM]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [05/10/2007 09:46 PM]
"@"="" []
"NeroFilterCheck"="C:\Windows\system32\NeroCheck.exe" [07/09/2001 10:50 AM]
"Zune Launcher"="C:\Program Files\Zune\ZuneLauncher.exe" [03/14/2007 05:03 PM]
"ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe" [09/12/2007 06:27 PM]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [06/28/2007 12:51 PM]
"H2O"="C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [05/11/2005 02:46 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [01/10/2008 03:02 AM]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [11/12/2006 03:19 AM]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [04/04/2007 12:29 AM]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [03/30/2006 05:45 PM]
"Mp4 Player"="C:\Program Files\Mp4 Player\Mp4Player.exe" []
"RSS"="C:\RSSXploiter\SQUIRT RELEASE RSS Xploiter 2.1\RSS.exe" [09/06/2007 01:57 AM]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [11/02/2006 02:34 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LogonHoursAction"=2 (0x2)
"DontDisplayLogonHoursWarnings"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\KASPER~1\KASPER~3.0\r3hook.dll,C:\PROGRA~1\KASPER~1\KASPER~3.0\adialhk.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE WebClient
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc wlansvc EMDMgmt TabletInputService WPDBusEnum
LocalServiceNoNetwork PLA DPS BFE mpssvc
bthsvcs BthServ
iissvcs w3svc was


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{46955f75-bf19-11dc-870f-00197dffc270}]
AutoRun\command- H:\LaunchU3.exe -a


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI



-- End of Deckard's System Scanner: finished at 2008-01-17 21:44:20 ------------

I hope you can help me, and thanks in advance.
Attached Files
File Type: txt extra.txt (21.0 KB, 9 views)
svarog is offline  
Sponsored Links
Advertisement
 
Old 01-21-2008, 09:27 AM   #2
Guest
 
Join Date: Jan 2008
Posts: 2
OS:



bump.
svarog is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 04:53 AM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts