Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Go to first new post Asus eeepc Windows XP Slow down
Go to first new post Infected with some sort of malware/Troja ...
Go to first new post application.exe bad image error
Go to first new post How do I get rid of start.sweetpacks.com ...
Go to first new post Audio has disappeared
Go to first new post Random audio files playing in the backgr ...
Go to first new post MBR PhysicalDrive0 issue
Go to first new post Malware? Redirecting, various ads, unab ...
Go to first new post Win64/Patched.A help!
Go to first new post Memory upgrade problems.
Go to first new post Annoying Moneypak
Go to first new post Volumes Unmounting during virus removal
Go to first new post Internet Explorer
Go to first new post My comp is being attacked!! HELP PLEASE! ...
Go to first new post Strange "Incorrect Password" e ...
Search Search
Search for:
Tech Support Guy Forums > > >

Solved: Can't connect to eBay from my computer! I am really hopeless


(!)

Reply
Page 1 of 2 1 2
AlonBrs1's Avatar
Computer Specs
Member with 12 posts.
THREAD STARTER
  
Join Date: Apr 2012
Experience: Beginner
29-Apr-2012, 01:30 PM #1
Can't connect to eBay from my computer! I am really hopeless
Hey
It has been very long time that the site: www.eBay.com just don't load up in
my computer!
I am really think I did everything! But nothing was help.

My Pc:
Norton
360 (ANTI VIRUS+FIREWALL)
Win 7 64 bit

*In ALL the others computers in the
network the site load up JUST FINE!*

Here is all the things I did:
1.Change
browser.
2.Change DNS to google Dns.
3.Change Mac-Adress.
4.Complete scan on
superantispyware
5.Clean with CCleaner.
6.Change the "hosts" file
7.Remove the
anti-virus+firewall.

ALL THIS THINGS DID NOT HELP TO THIS PROBLEM!

The ONLY situation that worked is getting into the site by Proxy site like this one:
http://www.proxybrowsing.com/
And with MINIXP from hirens boot CD.

I'am really don't know what to do anymore!
Please Help ME
P.S Sorry about my English...
etaf's Avatar
etaf   (Wayne) etaf is online now
Computer Specs
Moderator with 46,676 posts.
  
Join Date: Oct 2003
Location: Surrey, UK
Experience: Intermediate
29-Apr-2012, 02:48 PM #2
have a look in hosts file

http://helpdeskgeek.com/windows-7/windows-7-hosts-file/

anything listed for ebay
AlonBrs1's Avatar
Computer Specs
Member with 12 posts.
THREAD STARTER
  
Join Date: Apr 2012
Experience: Beginner
29-Apr-2012, 03:07 PM #3
Quote:
Originally Posted by etaf View Post
have a look in hosts file

http://helpdeskgeek.com/windows-7/windows-7-hosts-file/

anything listed for ebay
I already have.
Take a look at the main post.
Now, the file without any content in it
gyrgrls's Avatar
Computer Specs
Account Disabled with 1,637 posts.
  
Join Date: Nov 2004
Location: Modesto, California
Experience: Hendrix
29-Apr-2012, 08:22 PM #4
DNS cache could be corrupt on that machine, or it could be malware.

Have you tried
ipconfig /flushdns ?
AlonBrs1's Avatar
Computer Specs
Member with 12 posts.
THREAD STARTER
  
Join Date: Apr 2012
Experience: Beginner
30-Apr-2012, 12:43 PM #5
Quote:
Originally Posted by gyrgrls View Post
DNS cache could be corrupt on that machine, or it could be malware.

Have you tried
ipconfig /flushdns ?
Yes I did that.
I dont think it was help.
But I noticed something strange, sometimes even after I upload the Windows and try to surf eBay is successful.

But I can browse only the main page and after a few minutes it disconnects again.
Couriant's Avatar
Couriant   (James) Couriant is offline Couriant is a Trusted Advisor with special permissions.
Trusted Advisor with 29,114 posts.
  
Join Date: Mar 2002
Location: Chillin in AZ
30-Apr-2012, 08:20 PM #6
you're the second one that i have seen this issue, I believe this is a virus or malware related. You might want to get this thread moved to Malware forums for more assistance.

Just out of interest though, if you go to command prompt, type in nslookup www.ebay.com and paste the results here.
__________________
Marlene Porter aka. Angelize56 - July 21st 1956 to July 14th 2007 -- Rest in peace Angelcakes :*(
I just had a newborn... so please wait while I try to get a chance to get online.
DO NOT send me email, or request MSN Messenger help, they will be canceled and blocked.
AlonBrs1's Avatar
Computer Specs
Member with 12 posts.
THREAD STARTER
  
Join Date: Apr 2012
Experience: Beginner
01-May-2012, 12:49 AM #7
Quote:
Originally Posted by Couriant View Post
you're the second one that i have seen this issue, I believe this is a virus or malware related. You might want to get this thread moved to Malware forums for more assistance.

Just out of interest though, if you go to command prompt, type in nslookup www.ebay.com and paste the results here.


If you dont think someone can hekp me here, please move the thread to Malware forums.

Thank You
gyrgrls's Avatar
Computer Specs
Account Disabled with 1,637 posts.
  
Join Date: Nov 2004
Location: Modesto, California
Experience: Hendrix
01-May-2012, 04:10 AM #8
This what i want you to do:

Post to the Malware forum, here on techguy.. i am not qualified to help you, but they are.
etaf's Avatar
etaf   (Wayne) etaf is online now
Computer Specs
Moderator with 46,676 posts.
  
Join Date: Oct 2003
Location: Surrey, UK
Experience: Intermediate
01-May-2012, 04:14 AM #9
don't post to the malware forum, I will move this post -

have a read here and post all the required logs
http://forums.techguy.org/virus-othe...e-posting.html
dvk01's Avatar
dvk01   (Derek) dvk01 is offline dvk01 is authorized to help remove malware.
Moderator & Malware Removal Specialist with 42,972 posts.
  
Join Date: Dec 2002
Location: Loughton, Essex, UK
01-May-2012, 04:35 AM #10
follow advice here and post the logs those programs make

and open a command prompt again and type
tracert www.ebay.com

post the results of the tracert so we can see where it is losing the ability to find ebay
Last edited by dvk01; 01-May-2012 at 04:46 AM..
AlonBrs1's Avatar
Computer Specs
Member with 12 posts.
THREAD STARTER
  
Join Date: Apr 2012
Experience: Beginner
01-May-2012, 08:38 AM #11
Quote:
Originally Posted by dvk01 View Post
follow advice here and post the logs those programs make

and open a command prompt again and type
tracert www.ebay.com

post the results of the tracert so we can see where it is losing the ability to find ebay
Ok Thank You!

Here is the log files:
HijackThis log:
Quote:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:11:05, on 01/05/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\ccSvcHst.exe
C:\Windows\vVX1000.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Barash\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.il/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 98.201.29.211:1795
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: ???????@Mail.Ru - {8984B388-A5BB-4DF7-B274-77B879E179DB} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: eSnipBHO - {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\coIEPlg.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4213330401-98131013-2434081851-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4213330401-98131013-2434081851-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O9 - Extra button: (no name) - {64964764-1101-4bbd-8891-B56B1A53B9B3} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {3855FC6A-13C5-4C2A-A701-67D03A4E83EC} (FMail Class) - http://www.bezeqint.net/Media/friendly/FEMail.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/st...r_1.0.53.2.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://84.111.54.26/activex/AMC.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E4456C1D-ECE7-4C05-996A-3958091C6F55} (RemoteCfg Class) - http://www.bezeqint.net/Media/fwTechTool2.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - http://content.systemrequirementslab...ri_4.5.1.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{541B1819-529D-4B68-B181-93C395440867}: NameServer = 62.219.186.7
O17 - HKLM\System\CCS\Services\Tcpip\..\{C512C663-C401-4B8C-B048-EDBF44A945B4}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: שירות עוזר של מארח יישומים (AppHostSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Disk Defragmenter (DEFRAGSVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: HP CUE DeviceDiscovery Service (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TCP/IP NetBIOS Helper (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\ccSvcHst.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Peer Networking Grouping (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Windows Backup (SDRSVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Distributed Link Tracking Client (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: שירות World Wide Web Publishing Service (W3SVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30001 (WAS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Windows Search (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe
--
End of file - 24683 bytes
DDS.txt file:
Quote:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Barash at 15:16:41 on 2012-05-01
Microsoft Windows 7 Ultimate 6.1.7601.1.1255.972.1033.18.1791.661 [GMT 3:00]
.
AV: avast! antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: avast! antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\ccSvcHst.exe
C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\ccSvcHst.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\vVX1000.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uStart Page = hxxp://www.google.co.il/
uInternet Settings,ProxyOverride = *.local;<local>
uInternet Settings,ProxyServer = 98.201.29.211:1795
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: ExplorerBHO Class: {449d0d6e-2412-4e61-b68f-1cb625cd9e52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\IPS\IPSBHO.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: {8984B388-A5BB-4DF7-B274-77B879E179DB} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
BHO: {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Classic Explorer Bar: {553891b7-a0d5-4526-be18-d3ce461d6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\coIEPlg.dll
TB: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File
mRun: [<NO NAME>]
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3855FC6A-13C5-4C2A-A701-67D03A4E83EC} - hxxp://www.bezeqint.net/Media/friendly/FEMail.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} - hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://84.111.54.26/activex/AMC.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E4456C1D-ECE7-4C05-996A-3958091C6F55} - hxxp://www.bezeqint.net/Media/fwTechTool2.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{541B1819-529D-4B68-B181-93C395440867} : NameServer = 62.219.186.7
TCP: Interfaces\{C512C663-C401-4B8C-B048-EDBF44A945B4} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{C512C663-C401-4B8C-B048-EDBF44A945B4} : DhcpNameServer = 10.0.0.138
TCP: Interfaces\{ECFDAA77-0CB5-44FE-BAED-E4262609DCBB} : DhcpNameServer = 10.11.0.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\IPS\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: {8984B388-A5BB-4DF7-B274-77B879E179DB} - No File
BHO-X64: ???????@Mail.Ru - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
BHO-X64: {B530A9A4-1722-4D16-AAD6-AA85E3AD2ADE} - No File
BHO-X64: eSnipBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\coIEPlg.dll
TB-X64: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File
mRun-x64: [(Default)]
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS --> C:\Windows\system32\drivers\N360x64\0502010.003\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS --> C:\Windows\system32\drivers\N360x64\0502010.003\SYMEFA64.SYS [?]
R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20120413.001\BHDrvx64.sys [2012-4-13 1160824]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20120428.001\IDSviA64.sys [2012-4-28 488568]
R1 NetPeeker;Net-Peeker Kernel Driver;C:\Windows\system32\DRIVERS\netpeeker.sys --> C:\Windows\system32\DRIVERS\netpeeker.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-13 12368]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS --> C:\Windows\system32\drivers\N360x64\0502010.003\Ironx64.SYS [?]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\system32\Drivers\N360x64\0502010.003\SYMNETS.SYS --> C:\Windows\system32\Drivers\N360x64\0502010.003\SYMNETS.SYS [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-12 140672]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys --> C:\Windows\system32\DRIVERS\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys --> C:\Windows\system32\DRIVERS\aswMonFlt.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-4-15 654408]
R2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\5.2.1.3\ccsvchst.exe [2012-4-30 130008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-4-29 138360]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
S0 Soluto;Soluto;C:\Windows\system32\DRIVERS\Soluto.sys --> C:\Windows\system32\DRIVERS\Soluto.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 253088]
S3 BthAvrcp;Bluetooth AVRCP Profile;C:\Windows\system32\DRIVERS\BthAvrcp.sys --> C:\Windows\system32\DRIVERS\BthAvrcp.sys [?]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-4-17 1038088]
S3 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-11-12 136192]
S3 netr7364;RT73 USB Wireless LAN Card Driver for Vista;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?]
S3 PAC207;SoC PC-Camera;C:\Windows\system32\DRIVERS\PFC027.SYS --> C:\Windows\system32\DRIVERS\PFC027.SYS [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
SUnknown tsusbhub;tsusbhub; [x]
.
=============== Created Last 30 ================
.
2012-05-01 04:35:48 -------- d-----w- C:\Program Files\Soluto
2012-04-30 01:57:56 912504 ----a-w- C:\Windows\System32\drivers\N360x64\0502010.003\symefa64.sys
2012-04-30 01:57:56 386168 ----a-w- C:\Windows\System32\drivers\N360x64\0502010.003\symnets.sys
2012-04-30 01:57:55 744568 ----a-w- C:\Windows\System32\drivers\N360x64\0502010.003\srtsp64.sys
2012-04-30 01:57:55 450680 ----a-w- C:\Windows\System32\drivers\N360x64\0502010.003\symds64.sys
2012-04-30 01:57:55 40568 ----a-w- C:\Windows\System32\drivers\N360x64\0502010.003\srtspx64.sys
2012-04-30 01:57:55 171128 ----a-r- C:\Windows\System32\drivers\N360x64\0502010.003\ironx64.sys
2012-04-30 01:57:41 -------- d-----w- C:\Windows\System32\drivers\N360x64\0502010.003
2012-04-29 16:28:55 174200 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2012-04-29 16:28:55 -------- d-----w- C:\Program Files\Symantec
2012-04-29 16:28:55 -------- d-----w- C:\Program Files\Common Files\Symantec Shared
2012-04-29 16:27:56 -------- d-----w- C:\Windows\System32\drivers\N360x64
2012-04-29 16:27:51 -------- d-----w- C:\Program Files (x86)\Norton 360
2012-04-29 16:27:34 -------- d-----w- C:\Program Files (x86)\NortonInstaller
2012-04-28 18:43:06 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FE31E318-0F0F-4FD7-8C1E-D13070C2ADF1}\mpengine.dll
2012-04-28 17:10:45 -------- d-----w- C:\Users\Barash\AppData\Local\{368B9593-A1E6-41AF-ACB7-F26978D39EA7}
2012-04-28 17:10:31 -------- d-----w- C:\Users\Barash\AppData\Local\{E9832EAF-2611-482B-8957-94A84580C672}
2012-04-27 13:31:00 -------- d-----w- C:\Users\Barash\.traverso
2012-04-27 13:23:07 -------- d-----w- C:\Users\Barash\AppData\Roaming\Power Sound Editor Free
2012-04-27 13:22:42 880640 ----a-w- C:\Windows\SysWow64\NCTAudioEditor2.dll
2012-04-27 13:22:42 602112 ----a-w- C:\Windows\SysWow64\NCTAudioTransform2.dll
2012-04-27 13:22:42 479232 ----a-w- C:\Windows\SysWow64\NCTAudioVisualization2.dll
2012-04-27 13:22:42 458752 ----a-w- C:\Windows\SysWow64\NCTAudioRecord2.dll
2012-04-27 13:22:42 458752 ----a-w- C:\Windows\SysWow64\NCTAudioPlayer2.dll
2012-04-27 13:22:42 417792 ----a-w- C:\Windows\SysWow64\NCTTextToAudio2.dll
2012-04-27 13:22:42 348160 ----a-w- C:\Windows\SysWow64\NCTWMAFile2.dll
2012-04-27 13:22:42 1986560 ----a-w- C:\Windows\SysWow64\NCTAudioFile2.dll
2012-04-27 13:22:42 1212416 ----a-w- C:\Windows\SysWow64\NCTAudioInformation2.dll
2012-04-27 13:22:41 835584 ----a-w- C:\Windows\SysWow64\NCTAudioCDGrabber2.dll
2012-04-27 09:28:07 141312 ----a-w- C:\Windows\SysWow64\MSCMCFR.DLL
2012-04-27 09:28:07 119568 ----a-w- C:\Windows\SysWow64\VB6FR.DLL
2012-04-27 09:28:07 101888 ----a-w- C:\Windows\SysWow64\VB6STKIT.DLL
2012-04-27 09:28:06 32768 ----a-w- C:\Windows\SysWow64\CMDLGFR.DLL
2012-04-27 08:09:37 -------- d-----w- C:\Users\Barash\AppData\Local\{F1AD38F0-611B-4208-BFA4-CE2B57C2A037}
2012-04-27 08:09:24 -------- d-----w- C:\Users\Barash\AppData\Local\{8DF5E74C-E776-49D6-A6A9-347B17A77D73}
2012-04-26 12:21:49 -------- d-----w- C:\Users\Barash\AppData\Local\{AA117A53-6A84-48B1-B1FC-9116E6403734}
2012-04-26 12:21:36 -------- d-----w- C:\Users\Barash\AppData\Local\{944BAFA6-1634-498B-853D-8CCBC655EBE3}
2012-04-25 07:55:35 -------- d-----w- C:\Users\Barash\AppData\Local\{518BC480-61C3-4CA0-A911-3380D1364BC9}
2012-04-25 07:55:22 -------- d-----w- C:\Users\Barash\AppData\Local\{4825477D-FB08-447B-BEDE-FE64F369A8D5}
2012-04-24 15:01:17 -------- d-----w- C:\Users\Barash\AppData\Local\{77CA557B-E55F-4400-B732-3F501DB2A97D}
2012-04-24 15:01:04 -------- d-----w- C:\Users\Barash\AppData\Local\{2B293B3F-09F0-4E06-851D-24AA55B915E1}
2012-04-23 16:28:15 -------- d-----w- C:\Windows\LastGood.Tmp
2012-04-23 16:26:53 31232 ----a-w- C:\Windows\System32\drivers\tap0901.sys
2012-04-23 16:26:53 -------- d-----w- C:\Program Files\SecurityKISS Tunnel
2012-04-23 14:53:21 -------- d-----w- C:\Users\Barash\AppData\Local\{C8DFBE60-58DC-4569-9C19-AE2AF8C25324}
2012-04-23 14:53:08 -------- d-----w- C:\Users\Barash\AppData\Local\{8129C744-E3B8-4D30-90CE-9732A64DC205}
2012-04-22 16:11:23 -------- d-----w- C:\Users\Barash\AppData\Local\{7EC583EF-BBBC-4DD9-8751-3A3D5415AC69}
2012-04-22 16:11:08 -------- d-----w- C:\Users\Barash\AppData\Local\{23823EAA-E814-4700-B485-7260226E95B1}
2012-04-21 18:32:52 -------- d-----w- C:\Users\Barash\AppData\Local\{4871B4E8-7863-4362-B187-C9742BA0E3B6}
2012-04-21 18:32:39 -------- d-----w- C:\Users\Barash\AppData\Local\{65ABC298-7EDC-4DF4-89F4-3BA10F457F4B}
2012-04-20 13:57:42 -------- d-sh--w- C:\$RECYCLE.BIN
2012-04-19 15:29:36 -------- d-----w- C:\Users\Barash\AppData\Roaming\AVI ReComp
2012-04-19 15:29:10 -------- d-----w- C:\Program Files (x86)\Xvid
2012-04-19 15:28:41 -------- d-----w- C:\Program Files (x86)\AviSynth 2.5
2012-04-19 15:28:29 -------- d-----w- C:\Program Files (x86)\AVI ReComp
2012-04-19 15:17:46 -------- d-----w- C:\Program Files (x86)\K-Lite Codec Pack
2012-04-19 15:06:02 230912 ----a-w- C:\Windows\System32\xvidvfw.dll
2012-04-19 15:06:02 1373696 ----a-w- C:\Windows\System32\xvidcore.dll
2012-04-19 15:06:02 114176 ----a-w- C:\Windows\System32\xvid.ax
2012-04-19 15:06:02 -------- d-----w- C:\Program Files\XviD
2012-04-19 14:50:02 73728 ----a-w- C:\Windows\system\vdremote.dll
2012-04-19 14:50:02 65536 ----a-w- C:\Windows\system\vdsvrlnk.dll
2012-04-19 13:45:37 -------- d-----w- C:\Users\Barash\AppData\Local\{45DC1660-3EF5-4C97-8CEF-59DE3C7AC92F}
2012-04-19 13:45:24 -------- d-----w- C:\Users\Barash\AppData\Local\{95968D89-842E-4595-AA62-080B265946AD}
2012-04-18 15:45:55 -------- d-----w- C:\Users\Barash\AppData\Local\{A2165B40-1929-442A-AE54-EEC3D6F03B94}
2012-04-18 15:45:36 -------- d-----w- C:\Users\Barash\AppData\Local\{D942BAB3-0C5A-4D93-B718-EDEFD4E29731}
2012-04-17 17:49:40 -------- d-----w- C:\Users\Barash\AppData\Local\{DC3BF2EB-B49D-4D5B-BCA8-FD5BADE2DE59}
2012-04-17 17:49:18 -------- d-----w- C:\Users\Barash\AppData\Local\{FCA136D0-D5F8-4162-B50A-38D4B704F471}
2012-04-16 17:19:41 -------- d-----w- C:\Users\Barash\AppData\Local\{3A82D7B4-36CD-4C8B-84CB-24FAD80E4D56}
2012-04-16 17:19:28 -------- d-----w- C:\Users\Barash\AppData\Local\{6E95B486-AD5A-4DB6-B668-F5626F180F89}
2012-04-14 10:04:01 -------- d-----w- C:\Users\Barash\AppData\Local\{A4ECA3C4-FEE5-4C5B-9D8C-8A9AE6D1E821}
2012-04-14 10:03:46 -------- d-----w- C:\Users\Barash\AppData\Local\{80C14F7C-4BDD-4D5F-9FAB-F6A2EEC195AE}
2012-04-13 11:13:41 -------- d-----w- C:\Users\Barash\AppData\Local\{F9DC9460-ABAB-4B4D-947B-A632F077F738}
2012-04-13 11:13:28 -------- d-----w- C:\Users\Barash\AppData\Local\{4A42325F-8DE1-47F3-8AAA-EAF1C3078354}
2012-04-13 11:08:21 -------- d-----w- C:\Windows\he
2012-04-13 11:00:13 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\97d559101cd196401\DSETUP.dll
2012-04-13 11:00:13 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\97d559101cd196401\DXSETUP.exe
2012-04-13 11:00:13 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\97d559101cd196401\dsetup32.dll
2012-04-13 10:29:34 -------- d-----w- C:\Users\Barash\AppData\Local\{8B2E0A87-B48E-468B-BA73-94135DE6F480}
2012-04-12 10:17:25 -------- d-----w- C:\Users\Barash\AppData\Local\{60C18924-01EA-4C39-8888-69242B83F407}
2012-04-11 14:11:00 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-04-11 14:11:00 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-04-11 14:02:51 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2012-04-11 14:02:51 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys
2012-04-11 14:02:50 5120 ----a-w- C:\Windows\SysWow64\wmi.dll
2012-04-11 14:02:50 5120 ----a-w- C:\Windows\System32\wmi.dll
2012-04-11 14:02:50 220672 ----a-w- C:\Windows\System32\wintrust.dll
2012-04-11 14:02:50 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-04-11 14:02:50 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2012-04-11 08:34:42 -------- d-----w- C:\Users\Barash\AppData\Local\{68CB3871-45F3-42FD-9DB5-D700BECDC28D}
2012-04-10 09:00:02 -------- d-----w- C:\Users\Barash\AppData\Local\{891D11FD-5864-43B6-9066-628B252B09C8}
2012-04-09 11:05:14 -------- d-----w- C:\Users\Barash\AppData\Local\{53058FED-3EA8-4DDE-9F30-BCF2A1617042}
2012-04-08 12:36:05 -------- d-----w- C:\Users\Barash\AppData\Local\{8E659DBA-92F3-465C-9726-BC79E5FD9F79}
2012-04-07 10:45:52 -------- d-----w- C:\Users\Barash\AppData\Local\{698D44BE-035B-4CAE-BC34-267AD2C01205}
2012-04-06 22:45:25 -------- d-----w- C:\Users\Barash\AppData\Local\{DBF1E478-1AF5-4DA3-8B99-7B054DFDB9F0}
2012-04-06 09:02:43 -------- d-----w- C:\Users\Barash\AppData\Local\{17831AD4-E258-404F-BD40-27F707A862F4}
2012-04-05 19:31:35 -------- d-----w- C:\Users\Barash\AppData\Local\{C77427BA-24B1-45BC-8C06-95A61E6FFAAA}
2012-04-04 19:19:17 -------- d-----w- C:\Program Files\iTunes
2012-04-04 19:19:17 -------- d-----w- C:\Program Files\iPod
2012-04-04 19:19:17 -------- d-----w- C:\Program Files (x86)\iTunes
2012-04-04 19:11:06 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-04-04 19:11:06 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-04-04 19:11:06 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-04-04 19:11:06 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-04-04 19:11:06 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-04-04 19:11:06 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-04-04 19:11:06 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-04-04 09:58:04 -------- d-----w- C:\Users\Barash\AppData\Local\{3C3B4C26-CC0C-4FAD-A364-F5AB4DF36A2A}
2012-04-03 11:01:09 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-03 10:59:24 -------- d-----w- C:\Users\Barash\AppData\Local\{0C6937D8-EF76-4DD6-B319-7130B582092F}
2012-04-02 19:12:29 -------- d-----w- C:\Users\Barash\AppData\Local\{23E8AC85-E4CA-4A8D-8A74-0C22519E7E66}
.
==================== Find3M ====================
.
2012-04-24 15:07:35 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-04-24 14:13:24 54728 ----a-w- C:\Windows\System32\drivers\Soluto.sys
2012-04-04 12:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-22 17:37:06 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-03-08 15:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2012-03-08 15:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR
2012-03-06 06:53:37 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-06 05:59:47 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-06 05:59:41 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-02-23 07:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-02-20 16:03:17 73 ----a-w- C:\Windows\SysWow64\ssprs.dll
2012-02-20 16:03:17 205 ----a-w- C:\Windows\SysWow64\lsprst7.dll
2012-02-17 06:38:27 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll
2012-02-17 06:38:26 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2012-02-17 05:34:22 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2012-02-17 04:58:24 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-02-17 04:57:32 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2012-02-15 08:01:50 52736 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2012-02-15 08:01:50 4547944 ----a-w- C:\Windows\System32\usbaaplrc.dll
2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll
2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-02-09 08:36:02 2137600 ----a-w- C:\Maker3D.exe
2012-02-07 08:02:40 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2012-02-03 04:34:34 3145728 ----a-w- C:\Windows\System32\win32k.sys
.
============= FINISH: 15:19:06.96 ===============
I uploaded the Attach.txt file to this post.

About the CMD command:
Quote:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Barash>tracert www.ebay.com
Tracing route to www.ebay.com [66.135.200.161]
over a maximum of 30 hops:
1 1 ms <1 ms <1 ms BEZEQ [10.0.0.138]
2 16 ms 15 ms 16 ms bzq-179-37-1.static.bezeqint.net [212.179.37.1]
3 * * * Request timed out.
4 15 ms 16 ms 15 ms bzq-179-160-185.static.bezeqint.net [212.179.160
.185]
5 16 ms 16 ms 16 ms bzq-219-189-201.cablep.bezeqint.net [62.219.189.
201]
6 57 ms 16 ms 15 ms bzq-114-65-2.static.bezeqint.net [192.114.65.2]
7 16 ms 16 ms 16 ms bzq-179-124-230.static.bezeqint.net [212.179.124
.230]
8 54 ms 54 ms 54 ms 213.242.116.129
9 54 ms 54 ms 55 ms ae-0-11.bar1.Marseille1.Level3.net [4.69.143.241
]
10 65 ms 66 ms 66 ms ae-7-7.ebr1.Paris1.Level3.net [4.69.143.238]
11 72 ms 72 ms 72 ms ae-48-48.ebr1.London1.Level3.net [4.69.143.113]
12 72 ms 72 ms 73 ms ae-57-112.csw1.London1.Level3.net [4.69.153.118]
13 72 ms 72 ms 72 ms ae-11-51.car1.London1.Level3.net [4.69.139.66]
14 74 ms 74 ms 74 ms sl-crs1-lon-.sprintlink.net [213.206.131.21]
15 139 ms 139 ms 139 ms sl-crs2-nyc-0-5-3-0.sprintlink.net [144.232.9.16
4]
16 153 ms 154 ms 153 ms sl-crs2-rly-0-9-0-0.sprintlink.net [144.232.8.24
4]
17 155 ms 155 ms 154 ms sl-crs2-dc-0-9-0-0.sprintlink.net [144.232.25.12
8]
18 153 ms 153 ms 153 ms sl-st31-ash-0-2-0-0.sprintlink.net [144.232.25.1
5]
19 * * * Request timed out.
20 * * * Request timed out.
21 * * * Request timed out.
22 * * * Request timed out.
23 * * * Request timed out.
24 * * * Request timed out.
25 * * * Request timed out.
26 * * * Request timed out.
27 * * * Request timed out.
28 * * * Request timed out.
29 * * * Request timed out.
30 * * * Request timed out.
Trace complete.
C:\Users\Barash>^A
Attachment Blocked
Attachments in the HJT forum are often designed to solve a specific issue and not meant to be used without instructions specific to your computer. If you want help specific to your computer, please post a HiJackThis Log. If you started this thread, please make sure you are logged in to be able to view attachments.
dvk01's Avatar
dvk01   (Derek) dvk01 is offline dvk01 is authorized to help remove malware.
Moderator & Malware Removal Specialist with 42,972 posts.
  
Join Date: Dec 2002
Location: Loughton, Essex, UK
01-May-2012, 01:45 PM #12
You have a weird proxy set in IE


In IE: Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.

In Firefox in Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection and uncheck the proxyserver, set it to No Proxy.

see if that gets you to ebay
__________________
Derek Microsoft MVP/Windows - Security | Thespykiller
Find out all about the European Wild Hedgehog, what you can do to save it from extinction Hedgehog Rescue
AlonBrs1's Avatar
Computer Specs
Member with 12 posts.
THREAD STARTER
  
Join Date: Apr 2012
Experience: Beginner
01-May-2012, 01:56 PM #13
Quote:
Originally Posted by dvk01 View Post
You have a weird proxy set in IE


In IE: Tools Menu -> Internet Options -> Connections Tab ->Lan Settings > uncheck "use a proxy server" or reconfigure the Proxy server again in case you have set it previously.

In Firefox in Tools Menu -> Options... -> Advanced Tab -> Network Tab -> "Settings" under Connection and uncheck the proxyserver, set it to No Proxy.

see if that gets you to ebay
It is already set to "no proxy".
Also I now downloaded FireFox and it was the same. But on the first try, the home page of ebay was load up but only the main page. After a few minutes it was down again.

It looks like the problem is not in the browsers.

Thank you again
dvk01's Avatar
dvk01   (Derek) dvk01 is offline dvk01 is authorized to help remove malware.
Moderator & Malware Removal Specialist with 42,972 posts.
  
Join Date: Dec 2002
Location: Loughton, Essex, UK
01-May-2012, 03:34 PM #14
OK lets see what this does
Delete any existing version of ComboFix you have sitting on your desktop
Please read and follow all these instructions very carefully
Do not edit or remove any information or user names etc, otherwise we cannot fix the problem. If you insist on editing out anything then I will close the topic & refuse to offer any help.

Download ComboFix from Here or Hereto your Desktop.
As you download it rename it to username123.exe


**Note: It is important that it is saved directly to your desktop and run from the desktop and not any other folder on your computer**
--------------------------------------------------------------------
1. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus and anti-malware real-time protection and any script blocking components of them or your firewall before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results" or stop combofix running at all
  • Click on THIS LINK to see instructions on how to temporarily disable many security programs while running combofix. The list does not cover every program. If yours is not listed and you don't know how to disable it, please ask.
  • Remember to re enable the protection again after combofix has finished
--------------------------------------------------------------------
2. Close any open browsers and any other programs you might have running
Double click on renamed combofix.exe & follow the prompts.
If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?"
Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt" for further review


****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read HERE why we disable autoruns

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

Please tell us if it has cured the problems or if there are any outstanding issues
AlonBrs1's Avatar
Computer Specs
Member with 12 posts.
THREAD STARTER
  
Join Date: Apr 2012
Experience: Beginner
01-May-2012, 03:54 PM #15
I disable all the norton 360 options but he gave me this warning:


What I need to do now???
Email This Email  Print This Print  Tweet This Send to Facebook Send to MySpace Send to StumbleUpon Digg This | More Services More
Reply
Page 1 of 2 1 2
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join Today!

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!

« Previous Thread | Virus & Other Malware Removal | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


TECH SUPPORT GUY
WELCOME
FOLLOW US
 
You Are Using: Server ID
All times are GMT -4. The time now is 07:12 AM.
Advertisements do not imply our endorsement of that product or service.
Copyright © 1996 - 2013 TechGuy, Inc. All rights reserved. Privacy & Terms.

VigLink badge
Trusted Website Back to the Top ↑