Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cant find the server


  • Please log in to reply

#1
hendrysimon

hendrysimon

    New Member

  • Member
  • Pip
  • 1 posts
Hi.. im new here and i dont know about computer very much, so please help me.

i cant access avast, norton, or any antivirus website and i cant download spyware terminator. when i try to find the solution in other forum.. some said it maybe my firewall block it.. but i dont know how to change it. or maybe my computer have virus or spyware?? well... i already read the forum on geekstogo and follow the intruction, which is download combofix and scan my computer. and here's the log. so.. what should i do next? oh, btw im using firefox as my browser.

Ps: can u reply me to my email [email protected] im afraid i cant find ur answer in this forum :) thank you very much....


ComboFix 09-07-26.03 - User 07/28/2009 3:54.1.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.511.243 [GMT 7:00]
Running from: c:\documents and settings\User\My Documents\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090727-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\Installer\2cee3.msi
c:\windows\Installer\2ceea.msi
c:\windows\Installer\48be5.msi

.
((((((((((((((((((((((((( Files Created from 2009-06-27 to 2009-07-27 )))))))))))))))))))))))))))))))
.

2009-07-27 19:40 . 2009-07-27 19:55 -------- d-----w- c:\program files\Registry Easy
2009-07-27 18:21 . 2009-02-05 21:06 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-07-27 18:21 . 2009-02-05 21:06 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-07-27 18:21 . 2009-02-05 21:05 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-07-27 18:21 . 2009-02-05 21:08 93296 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-07-27 18:21 . 2009-02-05 21:08 94032 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-07-27 18:21 . 2009-02-05 21:07 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-07-27 18:21 . 2009-02-05 21:07 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-07-27 18:21 . 2009-02-05 21:04 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-07-27 18:21 . 2009-02-05 21:11 1256296 ----a-w- c:\windows\system32\aswBoot.exe
2009-07-27 17:52 . 2009-07-27 17:52 -------- d-----w- c:\program files\Jitbit
2009-07-27 17:21 . 2009-07-27 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Avg8
2009-07-27 17:11 . 2009-07-27 17:11 724992 ----a-w- c:\windows\iun6002.exe
2009-07-27 17:11 . 2009-07-27 19:42 -------- d-----w- c:\program files\SpeedItUpFree
2009-07-27 15:39 . 2009-07-27 15:39 -------- d-----w- c:\docume~1\User\APPLIC~1\AVGTOOLBAR
2009-07-27 14:02 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
2009-07-27 14:02 . 2009-07-27 14:02 -------- d-----w- c:\program files\Alwil Software
2009-07-27 14:00 . 2008-10-24 11:10 453632 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-07-27 13:49 . 2009-07-27 13:49 -------- d-----w- c:\documents and settings\All Users\Application Data\Sandlot Games
2009-07-27 13:49 . 2009-07-27 13:49 -------- d-----w- c:\docume~1\User\APPLIC~1\Sandlot Games
2009-07-27 13:49 . 2009-07-27 13:49 -------- d-sh--w- c:\windows\ftpcache
2009-07-27 13:44 . 2009-07-27 13:44 -------- d-----w- c:\docume~1\User\APPLIC~1\Ubisoft
2009-07-27 13:31 . 2009-07-27 13:31 -------- d-----w- c:\program files\Option
2009-07-27 09:27 . 2009-07-27 09:27 -------- d-----w- c:\program files\AVG
2009-07-23 11:29 . 2009-07-27 08:09 -------- d-----w- C:\Downloads
2009-07-23 11:20 . 2009-07-23 11:20 -------- d-----r- c:\docume~1\User\APPLIC~1\Brother
2009-07-23 11:10 . 2009-07-23 11:10 -------- d-----w- c:\docume~1\User\APPLIC~1\ScanSoft
2009-07-23 08:41 . 2009-07-27 08:37 57 ----a-w- c:\documents and settings\All Users\Application Data\Brother\BrLog\BrCollectDir\BR_cat.bat
2009-07-23 08:41 . 2009-07-23 08:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Brother
2009-07-22 12:55 . 2009-07-22 12:55 -------- d-----w- c:\docume~1\User\APPLIC~1\Apple Computer
2009-07-16 10:41 . 2009-07-16 10:48 -------- d-----w- c:\docume~1\User\APPLIC~1\BitCometLite
2009-07-16 08:33 . 2009-07-27 09:27 -------- d-----w- c:\program files\Destiny
2009-07-15 10:04 . 2009-07-23 09:37 -------- d-----w- c:\docume~1\User\APPLIC~1\DMCache
2009-07-09 04:55 . 2008-06-13 13:10 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-07-09 04:55 . 2008-06-13 13:10 272128 ------w- c:\windows\system32\drivers\bthport.sys
2009-07-09 01:06 . 2009-07-09 01:06 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Yahoo
2009-07-08 13:08 . 2009-07-27 15:56 -------- d--h--w- c:\windows\$hf_mig$
2009-07-08 12:52 . 2009-07-08 12:53 -------- d-----w- c:\docume~1\User\APPLIC~1\Yahoo!
2009-07-08 12:52 . 2009-07-08 12:52 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion
2009-07-08 12:48 . 2009-07-09 00:59 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo!
2009-07-08 12:48 . 2009-05-26 12:50 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-27 08:41 . 2009-07-06 08:03 -------- d-----w- c:\program files\Common Files\InstallShield
2009-07-27 08:38 . 2009-07-23 08:44 50 ----a-w- c:\windows\system32\bridf05a.dat
2009-07-27 08:37 . 2009-07-06 08:04 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-23 10:57 . 2009-07-23 10:57 -------- d-----w- c:\program files\Common Files\ScanSoft Shared
2009-07-23 10:57 . 2009-07-23 10:57 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2009-07-23 10:57 . 2009-07-23 08:42 -------- d-----w- c:\program files\ScanSoft
2009-07-23 08:42 . 2009-07-23 08:42 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-07-09 04:45 . 2009-07-06 07:48 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-08 12:53 . 2009-07-06 08:25 -------- d-----w- c:\program files\Yahoo!
2009-07-06 12:46 . 2009-07-06 09:16 -------- d-----w- c:\docume~1\User\APPLIC~1\Winamp
2009-07-06 12:09 . 2009-07-06 09:15 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-07-06 12:09 . 2009-07-06 12:08 -------- d-----w- c:\docume~1\User\APPLIC~1\ACD Systems
2009-07-06 12:05 . 2009-07-06 12:05 -------- d-----w- c:\docume~1\User\APPLIC~1\Media Player Classic
2009-07-06 10:31 . 2009-07-06 10:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Trymedia
2009-07-06 10:25 . 2009-07-06 10:25 -------- d-----w- c:\program files\ReflexiveArcade
2009-07-06 10:25 . 2009-07-06 10:25 -------- d-----w- c:\program files\Zuma
2009-07-06 10:23 . 2009-07-06 10:23 -------- d-----w- c:\program files\Luxor
2009-07-06 10:23 . 2009-07-06 10:23 -------- d-----w- c:\program files\Insaniquarium
2009-07-06 10:22 . 2009-07-06 10:21 -------- d-----w- c:\program files\FeedingFrenzy
2009-07-06 09:48 . 2009-07-06 09:48 70768 ----a-w- c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-06 09:48 . 2009-07-06 09:48 -------- d-----w- c:\docume~1\User\APPLIC~1\Ahead
2009-07-06 09:40 . 2009-07-06 09:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2009-07-06 09:39 . 2009-07-06 09:36 -------- d-----w- c:\program files\Common Files\Ahead
2009-07-06 09:36 . 2009-07-06 09:36 -------- d-----w- c:\program files\Nero
2009-07-06 09:36 . 2009-07-06 09:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2009-07-06 09:36 . 2009-07-06 09:36 0 ----a-w- c:\windows\nsreg.dat
2009-07-06 09:29 . 2009-07-06 09:29 -------- d-----w- c:\documents and settings\All Users\Application Data\CyberLink
2009-07-06 09:28 . 2009-07-06 09:28 -------- d-----w- c:\program files\CyberLink
2009-07-06 09:20 . 2009-07-06 09:20 -------- d-----w- c:\program files\OpenOffice.org 2.3
2009-07-06 09:17 . 2009-07-06 09:16 -------- d-----w- c:\program files\Winamp
2009-07-06 09:15 . 2009-07-06 09:14 -------- d-----w- c:\program files\QuickTime
2009-07-06 09:14 . 2009-07-06 09:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer
2009-07-06 09:14 . 2009-07-06 09:14 -------- d-----w- c:\program files\Apple Software Update
2009-07-06 09:12 . 2009-07-06 09:12 -------- d-----w- c:\program files\Common Files\Corel
2009-07-06 09:12 . 2009-07-06 09:12 -------- d-----w- c:\program files\Corel
2009-07-06 09:08 . 2009-07-06 09:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Macrovision
2009-07-06 09:08 . 2009-07-06 09:08 -------- d-----w- c:\program files\Common Files\Adobe Systems Shared
2009-07-06 09:05 . 2009-07-06 09:05 -------- d-----w- c:\program files\Opera
2009-07-06 09:02 . 2009-07-06 09:02 -------- d-----w- c:\program files\Microsoft.NET
2009-07-06 09:02 . 2009-07-06 09:02 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-07-06 08:32 . 2009-07-06 08:32 -------- d-----w- c:\program files\Java
2009-07-06 08:30 . 2009-07-06 08:29 -------- d-----w- c:\program files\Common Files\Adobe
2009-07-06 08:24 . 2009-07-06 08:24 -------- d-----w- c:\documents and settings\All Users\Application Data\ACD Systems
2009-07-06 08:24 . 2009-07-06 08:24 -------- d-----w- c:\program files\ACD Systems
2009-07-06 08:24 . 2009-07-06 08:24 -------- d-----w- c:\program files\Common Files\ACD Systems
2009-07-06 08:16 . 2009-07-06 08:14 -------- d-----w- c:\program files\Realtek
2009-07-06 08:16 . 2009-07-06 08:16 315392 ----a-w- c:\windows\HideWin.exe
2009-07-06 08:14 . 2009-07-06 08:14 -------- d-----w- c:\docume~1\User\APPLIC~1\InstallShield
2009-07-06 08:14 . 2009-07-06 08:14 -------- d-----w- c:\program files\BroadCom GB LAN
2009-07-06 08:13 . 2009-07-06 08:13 -------- d-----w- c:\program files\Marvell
2009-07-06 08:12 . 2009-07-06 08:04 -------- d-----w- c:\program files\ATI Technologies
2009-07-06 08:01 . 2009-07-06 08:01 -------- d-----w- c:\program files\Intel
2009-07-06 07:49 . 2009-07-06 07:49 -------- d-----w- c:\program files\microsoft frontpage
2009-07-06 07:45 . 2009-07-06 07:45 21640 ----a-w- c:\windows\system32\emptyregdb.dat
2009-06-13 18:00 . 2009-06-13 18:00 44544 ----a-w- c:\windows\system32\SystemHookCore.dll
2009-05-07 15:44 . 2004-08-03 21:56 344064 ----a-w- c:\windows\system32\localspl.dll
2009-07-19 00:31 . 2009-07-06 08:25 137208 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll
2009-03-21 14:18 . 2004-08-03 21:56 2367488 --sha-r- c:\windows\system32\kvejh.dll
.

------- Sigcheck -------

[-] 2008-11-18 08:32 1580544 32272BF10467C8ACF1F83138C61D541E c:\windows\system32\sfcfiles.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Search Protection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"YSearchProtection"="c:\program files\Yahoo!\Search Protection\SearchProtection.exe" [2009-02-23 111856]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"AGRSMMSG"="AGRSMMSG.exe" - c:\windows\AGRSMMSG.exe [2006-04-28 89542]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
GlobeTrotter Connect.lnk - c:\program files\Option\GlobeTrotter Connect\GlobeTrotter Connect.exe [2008-7-11 782336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
backup=c:\windows\pss\Adobe Gamma Loader.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\User\\Desktop\\Destiny_Online_-Power_of_Crimson_Client.exe"=
"d:\\Program Files\\BitComet\\BitComet.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5825:TCP"= 5825:TCP:*:Disabled:Unspecified
"5825:UDP"= 5825:UDP:*:Disabled:Unspecified
"7741:TCP"= 7741:TCP:BitComet 7741 TCP
"7741:UDP"= 7741:UDP:BitComet 7741 UDP
"7774:TCP"= 7774:TCP:exlulw

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [7/28/2009 1:21 AM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [7/28/2009 1:21 AM 20560]
R2 GtDetectSc;GtDetectSc;c:\program files\Option\GlobeTrotter Connect\GtDetectSc.exe [12/18/2007 12:48 PM 196704]
R3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [2/18/2008 4:14 PM 106624]
R3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [2/8/2008 12:00 PM 59648]
R3 GTPTSER;GT PT SER;c:\windows\system32\drivers\gtptser.sys [3/30/2007 12:38 PM 8064]
S2 gmdis;Microsoft Server;c:\windows\system32\svchost.exe -k netsvcs [8/4/2004 4:56 AM 14336]
S2 msmljgyq;Config Monitor;c:\windows\system32\svchost.exe -k netsvcs [8/4/2004 4:56 AM 14336]
S2 vnjwmtf;Support Task;c:\windows\system32\svchost.exe -k netsvcs [8/4/2004 4:56 AM 14336]
S2 vunkzh;Helper Update;c:\windows\system32\svchost.exe -k netsvcs [8/4/2004 4:56 AM 14336]
S4 Pl108xuspadf;Pl108xuspadf; [x]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
vunkzh
vnjwmtf
msmljgyq
gmdis
.
Contents of the 'Scheduled Tasks' folder

2009-07-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2006-08-29 07:21]

2009-07-27 c:\windows\Tasks\One-Click Tweak.job
- d:\program files\Advanced PC Tweaker\OneClick.exe [2009-07-27 05:43]

2009-07-27 c:\windows\Tasks\Schedule Task Weekly.job
- c:\program files\Registry Easy\RE.exe [2009-07-27 04:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = hxxp://www.avast.com/go.php?verb=register-home&lang=eng
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: &D&ownload &with BitComet - d:\program files\BitComet\BitComet.exe/AddLink.htm
IE: &D&ownload all video with BitComet - d:\program files\BitComet\BitComet.exe/AddVideo.htm
IE: &D&ownload all with BitComet - d:\program files\BitComet\BitComet.exe/AddAllLink.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: {B0AD4752-145A-47DE-B6AF-EEF00DBF2705} = 202.134.0.155,203.130.196.155
.

**************************************************************************

driver loading error catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-07-28 03:56
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gmdis]
"ServiceDll"="c:\windows\system32\kvejh.dll"
--

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\msmljgyq]
"ServiceDll"="c:\windows\system32\kvejh.dll"
--

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vnjwmtf]
"ServiceDll"="c:\windows\system32\kvejh.dll"
--

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vunkzh]
"ServiceDll"="c:\windows\system32\kvejh.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-839522115-1958367476-1417001333-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{C514A8CC-B057-7CE1-7486-A3625973DD2E}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
"napbfjkkohielmaniiecpadammjh"=hex:6a,61,64,6e,6f,6a,63,69,69,62,6d,6f,6f,65,
6a,66,6e,67,67,6a,00,00
"manbllcnoadjllngimbeanonme"=hex:6a,61,64,6e,6f,6a,63,69,69,62,6d,6f,6f,65,6a,
66,6e,67,67,6a,00,9b

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{39de42c8-5485-4dd0-82a6-9991b4ac9448}]
@Denied: (Full) (Everyone)
"Model"=dword:000000cb
"Therad"=dword:00000009

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):f3,38,33,3c,92,da,50,c3,12,cb,e6,6e,0f,0a,15,e7,e0,6a,6e,54,ff,
ab,31,04,ce,01,0c,18,56,ac,fe,9b,72,62,76,47,2e,99,95,e6,00,00,00,00,00,00,\
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(852)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2009-07-27 3:57
ComboFix-quarantined-files.txt 2009-07-27 20:57

Pre-Run: 23,194,083,328 bytes free
Post-Run: 23,208,632,320 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

246 --- E O F --- 2009-07-27 15:57

Attached Files


Edited by hendrysimon, 27 July 2009 - 03:21 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP