[ayambad]

RatHat,

Attached is a new OTScanIt log... again at work everything is fine but at home is kinda the same, what i did tonight was connect my VPN used for work access fm home and it
seems the internet problems are gone maybe because of what i mentioned before, some kinda firewall

I appreciate your time to check this trying to sort it out.

Best regards,
Jimmy

Attached Files

•  OTScanItnew.zip   50.97KB   169 downloads

[Advertisements]

Start OTScanIt.exe Copy/Paste the information in the codebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Registry - Non-Microsoft Only]
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls
YN -> wxvault.dll C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL -> 
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
[Registry - Additional Scans - Non-Microsoft Only]
< BotCheck > -> 
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\eMule\emule.exe -> C:\Program Files\eMule\emule.exe [C:\Program Files\eMule\emule.exe:*:Enabled:eMule]
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\
YN -> .bat [@ = batfile] -> 
YN -> .cmd [@ = cmdfile] -> 
YN -> .com [@ = comfile] -> 
YN -> .exe [@ = exefile] -> 
YN -> .pif [@ = piffile] -> 
YN -> .scr [@ = scrfile] -> 
[CatchMe Rootkit Scan by GMER]
NY -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 115 bytes -> 
NY -> C:\Documents and Settings\All Users\Application Data\TEMP:C980DA7D 112 bytes -> 
NY -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9 110 bytes -> 
[Empty Temp Folders]

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here along with a new DSS log.

Let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer while at home.

Regards,
RatHat

[RatHat]

Start OTScanIt.exe Copy/Paste the information in the codebox below into the pane where it says "Paste fix here" and then click the Run Fix button.

[Registry - Non-Microsoft Only]
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
*AppInit_DLLs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls
YN -> wxvault.dll C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL -> 
< AppInit_DLLs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
[Registry - Additional Scans - Non-Microsoft Only]
< BotCheck > -> 
YN -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List\\C:\Program Files\eMule\emule.exe -> C:\Program Files\eMule\emule.exe [C:\Program Files\eMule\emule.exe:*:Enabled:eMule]
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\
YN -> .bat [@ = batfile] -> 
YN -> .cmd [@ = cmdfile] -> 
YN -> .com [@ = comfile] -> 
YN -> .exe [@ = exefile] -> 
YN -> .pif [@ = piffile] -> 
YN -> .scr [@ = scrfile] -> 
[CatchMe Rootkit Scan by GMER]
NY -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34 115 bytes -> 
NY -> C:\Documents and Settings\All Users\Application Data\TEMP:C980DA7D 112 bytes -> 
NY -> C:\Documents and Settings\All Users\Application Data\TEMP:CB0AACC9 110 bytes -> 
[Empty Temp Folders]

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here along with a new DSS log.

Let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer while at home.

Regards,
RatHat

[ayambad]

RatHat,

I don't know what is going on, I was planning to run the fix last night while at home but couldn't access any internet website or msn messenger, couldn't even connect to my office VPN.

Today at the office i have intermitent internet, basically cannot access msn messenger or msn.com or windows update, google i coulg and geekstogo.com was ok.

I ran the fix with OTScanit and after a while it shows a popup screen requesting me to reboot the computer to continue or finish, last time it happen the same way that's why i couldn't post any log as you requested.

below is the log fm DSS
---------------------------------------------------------------------------------------------
Deckard's System Scanner v20071014.68
Run by loboj on 2008-04-17 15:36:11
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as loboj.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:36, on 2008-04-17
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\mnmsrvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\Program Files\Symantec AntiVirus\SavRoam.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\CNAC1RPK.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\KADxMain.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\Apoint\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Documents and Settings\loboj\notes\NLNOTES.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
C:\Documents and Settings\loboj\notes\nwrdaemn.EXE
C:\Documents and Settings\loboj\notes\nupdate.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\loboj\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\loboj.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.molam.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft....k/?LinkId=74005
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: pdfMachine - {56CF4856-ECB4-4e46-A897-A378821F97B9} - C:\DOCUME~1\loboj\LOCALS~1\Temp\{FE50708E-1BC0-439A-A956-FE54B7A82D6F}\{20A6985E-4516-4042-BCAB-FEA3BED712CD}\bgstb.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint\Apoint.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [Document Manager] "C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [KADxMain] C:\WINDOWS\system32\KADxMain.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [Synchronization Manager] "C:\WINDOWS\system32\mobsync.exe" /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Detector] C:\WINDOWS\twain_32\FlatBed\Usb\Detector.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebo...toUploader3.cab
O16 - DPF: {82FFA573-38AA-482A-99AD-91F697B91631} (Installer.InstallControl) - http://static.35mb.c...et/applet_o.cab
O16 - DPF: {9b935470-ad4a-11d5-b63e-00c04faedb18} (Oracle JInitiator 1.1.8.16) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = MOLNA.COM
O17 - HKLM\Software\..\Telephony: DomainName = MOLNA.COM
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = MOLNA.COM
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Google Desktop Manager 5.5.709.30344 (GoogleDesktopManager-093007-112848) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
O23 - Service: NTRU TSS v1.2.1.12 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 13530 bytes

-- Files created between 2008-03-17 and 2008-04-17 -----------------------------

2008-04-13 21:42:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-04-13 21:42:23 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-04-13 21:14:24 68096 --a------ C:\WINDOWS\zip.exe
2008-04-13 21:14:24 49152 --a------ C:\WINDOWS\VFind.exe
2008-04-13 21:14:24 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-04-13 21:14:24 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-04-13 21:14:24 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-04-13 21:14:24 98816 --a------ C:\WINDOWS\sed.exe
2008-04-13 21:14:24 80412 --a------ C:\WINDOWS\grep.exe
2008-04-13 21:14:24 73728 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-04-13 17:28:09 0 d-------- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-04-13 16:30:49 0 d-------- C:\Documents and Settings\loboj\Application Data\Malwarebytes
2008-04-13 16:30:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-13 16:30:43 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-13 16:01:03 0 d-------- C:\WINDOWS\ERUNT
2008-04-11 13:45:27 0 d-------- C:\WINDOWS\pss
2008-04-10 22:00:47 67272 --ah----- C:\WINDOWS\system32\mlfcache.dat
2008-04-10 19:07:15 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-10 19:05:56 0 d-------- C:\Documents and Settings\Administrator\Application Data\Adobe
2008-04-10 19:03:43 0 d-------- C:\Documents and Settings\Administrator\Application Data\Simply Super Software
2008-04-10 17:23:05 0 d-------- C:\Documents and Settings\loboj\Application Data\AVG7
2008-04-10 17:22:06 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-04-10 16:13:29 0 d-------- C:\Program Files\Trend Micro
2008-04-08 23:08:10 0 d-------- C:\Documents and Settings\loboj\.housecall6.6
2008-04-06 15:18:09 0 d-------- C:\Program Files\KONAMI
2008-04-06 10:29:07 0 d-------- C:\MDT
2008-04-06 10:28:12 0 d-------- C:\Documents and Settings\loboj\Application Data\CyberLink
2008-04-06 10:28:12 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-04-06 07:39:06 45056 --a------ C:\WINDOWS\system32\WNASPI32.DLL <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-04-06 07:39:06 16877 --a------ C:\WINDOWS\system32\drivers\ASPI32.SYS <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-04-06 07:39:06 4672 --a------ C:\WINDOWS\system\WOWPOST.EXE <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-04-06 07:39:06 5600 --a------ C:\WINDOWS\system\WINASPI.DLL <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-04-06 07:38:52 0 d-------- C:\Program Files\DeadDiskDoctor
2008-04-05 15:45:12 4608 -ra------ C:\WINDOWS\system32\W95Inf32.DLL <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>
2008-04-05 15:45:11 2272 -ra------ C:\WINDOWS\system32\W95Inf16.DLL <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>
2008-04-05 15:44:52 12400 -ra------ C:\WINDOWS\system32\drivers\usbscan.sys <Not Verified; Microsoft Corporation; Microsoft® Windows ® 2000 Operating System>
2008-04-05 15:43:31 0 d-------- C:\Documents and Settings\loboj\Application Data\Ulead Systems
2008-04-05 15:28:03 0 d-------- C:\Program Files\Common Files\LightScribe
2008-04-05 15:14:34 0 d-------- C:\Program Files\Common Files\InterVideo
2008-04-05 15:14:26 0 d-------- C:\Documents and Settings\All Users\Application Data\InterVideo
2008-04-05 13:22:54 0 d-------- C:\Program Files\Smart Projects
2008-04-05 08:18:10 0 d-------- C:\Program Files\Safari
2008-04-05 08:10:21 0 d-------- C:\Program Files\iPod
2008-04-05 08:10:15 0 d-------- C:\Program Files\iTunes
2008-04-05 08:08:32 0 d-------- C:\Program Files\QuickTime
2008-04-04 16:43:41 0 d-------- C:\Program Files\Webteh
2008-04-04 16:24:45 0 d-------- C:\Documents and Settings\loboj\Application Data\Roxio
2008-04-04 15:57:54 0 d-------- C:\SmartSound Software
2008-04-04 15:56:51 0 d-------- C:\WINDOWS\system32\Quicktime
2008-04-04 15:56:51 0 d-------- C:\Program Files\SmartSound Software
2008-04-04 15:56:51 0 d-------- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2008-04-04 15:51:25 0 d-------- C:\WINDOWS\system32\windows media
2008-04-04 15:50:38 0 d-------- C:\Program Files\Common Files\SONY Digital Images
2008-04-04 15:48:35 0 d-------- C:\Program Files\Windows Media Components
2008-04-04 15:48:19 0 d-------- C:\Program Files\Common Files\Ulead Systems
2008-04-04 15:48:17 0 d-------- C:\Program Files\Ulead Systems
2008-04-04 15:48:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-04-04 14:13:28 0 d-------- C:\Documents and Settings\loboj\Application Data\LimeWire
2008-04-04 10:39:54 0 d-------- C:\Program Files\Lavasoft
2008-04-04 10:39:53 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-04-03 07:04:07 0 d-------- C:\Documents and Settings\Administrator\Application Data\Nero
2008-04-03 07:04:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Real
2008-03-30 22:23:00 164 --a------ C:\install.dat
2008-03-30 21:55:09 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-30 00:43:33 0 d-------- C:\Documents and Settings\LocalService\Application Data\Real
2008-03-30 00:43:32 0 dr------- C:\Documents and Settings\LocalService\Favorites
2008-03-30 00:43:32 0 d-------- C:\Documents and Settings\LocalService\Application Data\MEGAUPLOADTOOLBAR
2008-03-30 00:43:32 0 d-------- C:\Documents and Settings\LocalService\Application Data\Google
2008-03-29 20:20:03 0 d-------- C:\Program Files\Common Files\NSV
2008-03-29 15:10:51 0 d-------- C:\Program Files\NeroInstall.bak
2008-03-29 14:58:05 0 d-------- C:\Program Files\Nero
2008-03-28 11:19:07 0 d-------- C:\Program Files\Navis
2008-03-25 21:52:47 0 d-------- C:\Program Files\Copy of Frets on Fire
2008-03-25 21:45:16 0 d-------- C:\Program Files\FretsOnFire
2008-03-25 19:51:05 0 d-------- C:\Documents and Settings\loboj\Application Data\fretsonfire
2008-03-25 19:50:46 0 d-------- C:\Program Files\Frets on Fire
2008-03-21 10:39:58 0 d-------- C:\Program Files\Avanquest update
2008-03-21 10:39:01 0 d-------- C:\Program Files\Common Files\Motorola Shared
2008-03-21 10:38:56 0 d-------- C:\Program Files\Motorola Phone Tools
2008-03-21 10:38:56 0 d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software
2008-03-20 10:39:02 153088 --a------ C:\WINDOWS\UNWISE.EXE
2008-03-20 10:32:07 0 d-------- C:\WINDOWS\system32\Silabs
2008-03-20 10:32:04 118784 --a------ C:\WINDOWS\system32\Co_Mux.dll <Not Verified; Thesycon GmbH; Device Installation Toolkit>
2008-03-20 10:32:04 118784 --a------ C:\WINDOWS\system32\Co_Mod.dll <Not Verified; Thesycon GmbH; Device Installation Toolkit>
2008-03-20 10:32:04 0 d-------- C:\Program Files\UsbEdgeModem
2008-03-17 21:09:07 0 d-------- C:\Program Files\MetaTrader - Inversiones


-- Find3M Report ---------------------------------------------------------------

2008-04-17 15:29:11 0 d-------- C:\Program Files\Symantec AntiVirus
2008-04-16 22:05:45 0 d-------- C:\Documents and Settings\loboj\Application Data\Wave Systems Corp
2008-04-13 20:40:12 0 d-------- C:\Program Files\eMule
2008-04-13 16:11:04 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-04-12 14:45:21 0 d-------- C:\Program Files\Picasa2
2008-04-11 14:23:15 0 d-a------ C:\Program Files\Common Files
2008-04-05 15:28:36 0 d-------- C:\Program Files\DivX
2008-04-05 15:27:08 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-05 12:48:58 0 d-------- C:\Program Files\Common Files\Nero
2008-04-05 08:38:54 0 d-------- C:\Documents and Settings\loboj\Application Data\Apple Computer
2008-04-04 13:47:40 0 d-------- C:\Documents and Settings\loboj\Application Data\Winamp
2008-04-04 13:05:48 0 d-------- C:\Program Files\Winamp
2008-04-04 11:32:50 0 d-------- C:\Program Files\Baplie
2008-03-17 08:17:28 0 d-------- C:\Program Files\Java
2008-03-08 09:57:56 0 d-------- C:\Program Files\Common Files\xing shared
2008-03-08 09:57:52 0 d-------- C:\Program Files\Common Files\Real
2008-03-03 09:42:41 0 d-------- C:\Documents and Settings\loboj\Application Data\Real
2008-02-05 12:31:37 0 --a------ C:\WINDOWS\nsreg.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint\Apoint.exe" [2007-04-15 22:49]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2007-05-18 12:45]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-05-18 12:45]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-05-18 12:45]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25]
"SigmatelSysTrayApp"="stsystra.exe" [2007-02-19 00:26 C:\WINDOWS\stsystra.exe]
"Document Manager"="C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe" [2007-01-30 16:32]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2007-03-16 04:10]
"KADxMain"="C:\WINDOWS\system32\KADxMain.exe" [2006-11-02 15:05]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 17:50]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 17:50]
"RoxioDragToDisc"="C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe" [2006-08-17 10:00]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2005-12-21 11:33]
"vptray"="C:\PROGRA~1\SYMANT~1\VPTray.exe" [2006-05-27 15:06]
"CoolSwitch"="C:\WINDOWS\system32\taskswitch.exe" [2002-03-19 17:30]
"Synchronization Manager"="C:\WINDOWS\system32\mobsync.exe" [2004-08-04 06:00]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 16:29]
"Detector"="C:\WINDOWS\twain_32\FlatBed\Usb\Detector.exe" [2000-08-06 23:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-06 17:53]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 17:07]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-01-11 21:43:46]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-12-07 12:24:12]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-01-06 17:53:49]
VPN Client.lnk - C:\WINDOWS\Installer\{00CD55D6-EE5A-4570-9875-8A306628C032}\Icon3E5562ED7.ico [2007-12-20 11:55:09]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=1 (0x1)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 wvauth

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"




-- End of Deckard's System Scanner: finished at 2008-04-17 15:36:39 ------------

[ayambad]

RatHat,

FYI, when i tried to login to msn messenger without success i ran the troubleshoot and it shows DNS and KEY PORTS failures...

Hopefully you can find out something cause it looks like is comming back!

Thanks in advance,
Jimmy

[RatHat]

Jimmy,

I think this may have something to do with your Firewall, as opposed to Malware.

Please post me an Uninstall List from HijackThis:

• Re-Open HijackThis, click Config, click Misc Tools
• Click "Open Uninstall Manager"
• Click "Save List" (generates uninstall_list.txt)
• Click Save, copy and paste the results in your next post.

Regards,
RatHat

[ayambad]

RatHat,

Please find the requested uninstall list data fm HijackThis

Ad-Aware 2007
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 8.1.2
Alt-Tab Task Switcher Powertoy for Windows XP
Apple Mobile Device Support
Apple Software Update
Aspi Installer
Avanquest update
AXIS CAPT Print Monitor 2.00
Baplie Viewer
biolsp patch
Bluetooth Stack for Windows by Toshiba
Broadcom ASF Management Applications
Broadcom Management Programs
Broadcom TPM Driver Installer
BSPlayer
Business Contact Manager for Outlook 2007 SP1
Business Contact Manager for Outlook 2007 SP1
Canon LASER SHOT LBP-2410
Cisco Systems VPN Client 4.7.00.0533
Citrix Presentation Server Client
CmdHere Powertoy For Windows XP
Conexant HDA D330 MDC V.92 Modem
Dell Embassy Trust Suite by Wave Systems
Dell Touchpad
Dell Wireless WLAN Card
Digital Line Detect
DivX Codec
DivX Content Uploader
DivX Converter
DivX Player
DivX Web Player
Document Manager Lite
EMBASSY Security Center
EMBASSY Security Setup
EMBASSY Trust Suite by Wave Systems
ESC Home Page Plugin
ETS Upgrade
FMS.Web
Frets On Fire
Google Desktop
Google Earth
Google Photos Screensaver
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Updater
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB896344)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Intel® Graphics Media Accelerator Driver
IntelliSonic Speech Enhancement
InterVideo DeviceService
IrfanView (remove only)
IsoBuster 2.3
iTunes
J2SE Runtime Environment 5.0 Update 6
Japanese Fonts Support For Adobe Reader 8
Java™ 6 Update 3
Java™ 6 Update 5
Kaspersky Online Scanner
LiveUpdate 2.6 (Symantec Corporation)
Lotus Notes
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office InfoPath 2003
Microsoft Office Professional Edition 2003
Microsoft Office Visio Viewer 2003 (English)
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Modem Diagnostic Tool
Motorola Driver Installation
Motorola Phone Tools
Mozilla Firefox (2.0.0.13)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
Navini Diagnostics
Nero 8 Trial
neroxml
NetWaiting
NOAD-InfoPath-V4.2
NTRU TCG Software Stack
O2Micro USB Smart Card Reader
Oracle JInitiator 1.1.8.16
Pdf995
PdfEdit995
Picasa 2
PowerDVD
PowerStow
Preboot Manager
Private Information Manager
Pro Evolution Soccer 6
QuickSet
QuickTime
RealPlayer
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler
Roxio Update Manager
Safari
Secure Update
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB937894)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB942615)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Wizards
Sentinel System Driver
SigmaTel Audio
Signature995
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
SmartSound Quicktracks Plugin
Sonic Activation Module
Symantec AntiVirus
tsp patch
Ulead DVD MovieFactory 6
Ulead VideoStudio 11
Ulead VideoStudio 8.0
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920342)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB925876)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB936357)
Update for Windows XP (KB942763)
Update for Windows XP (KB942840)
upekmsi
USB FlatBed Scanner
VCRedistSetup
Wave Infrastructure Installer
Wave Support Software
Winamp
Windows Driver Package - Dell Inc. PBADRV System (09/25/2006 6.0.0.0)
Windows Driver Package - O2Micro (guardian2) SmartCardReader (02/05/2007 1.1.3.7)
Windows Imaging Component
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
WinRAR archiver
WinZip
ZTE MZ16 Modem Manager

[RatHat]

OK, lets try disabling your Symantec Firewall. When you have disabled it, try to connect to MSN again and let me know if it makes any difference.

If you need to see how to disable the firewall, please see here.

[ayambad]

RatHat,

I'm sorry but i have no Symantec Firewall, all i have is symantec antivirus...

The only firewall that i'm aware of using is the windows XP one

[RatHat]

OK, I would like you to uninstall Symantec Antivirus, and install a free AV instead.

Firstly, download one of these very good Anti Virus Programs

• avast! 4 Home Edition an excellent free AV.
• AVG AntiVirus version 7.5 is free for personal use.
• Avira AntiVir PersonalEdition, yet another good free AV.

Do not install it yet.

Now go here and download the Uninstall Tool that is relevant to the version of Symantec Anti Virus that you have, then uninstall the AV.

Next install the new AV and allow it to run a full scan. When complete, go online and see if you can now access MSN.

Regards,
RatHat

[ayambad]

RatHat,

Be advised that the symantec AV is a corporate version and i don't have the password to uninstall.

last night while at home i couldn't browse the internet nor connect to the VPN through my wireless network, then i tried to connect directly to my cable modem and disconnected the wireless connection and was able to access the VPN and do some web browsing but still with some problems... messenger showed that the
key ports are not available

[RatHat]

I have googled msn messenger key ports are not available and found this solution, that may help;

Go to internet explorer!

-Tools
-Advanced
-and uncheck SSL 2.0 and SSL 3.0
- Click apply
-then try login again to msn messenger.

After you log in, you can go back to your internet explorer setting and enable SSL 2.0 and SSL 3.0 and everything carries on working fine.

Give it a try, as I don't think you have any more malware problems here. Let me know how it goes.

[ayambad]

RatHat,

I only had to uncheck SSL 3.0 since the option SSL 2.0 was already unchecked and still no luck.

It's very strange and I do think there is some kind of malware because i'm at office and the main trouble i have right now is that i cannot loggin to msn messenger or visit the www.msn.com website... i tried other websites like youtube google yahoo and all were available.

This one is making me nuts.

Sorry for all the trouble and thank you again for your assistance

[RatHat]

And this is the same with both IE and Firefox?

[RatHat]

I am pretty sure that it is not malware related, but rather something to do with the version of MSN that you have. Just have a look at all the posts regarding the same problem that you have with MSN on the google link that I gave you. It seems that a lot of people are experiencing the same thing with MSN and Key Ports.

One suggestion that I read asked if the user could uninstall MSN, then install an old version from http://www.oldversio...gram.php?n=msnm

Might be worth a try.

[ayambad]

RatHat,

I understand this key port issue maybe is common within msn messenger users but i tried to uninstall and still nothing.

i cannot go to the WWW.MSN.COM website on my laptop pc this is something that was fixed during the process and
now is back, i can't understand what is going on here.

Best regards,
Jimmy